zendesk_apps_support 4.20.0 → 4.21.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 05fdb1c1548cd1f0788f3c4f4e4acae77159f191
4
- data.tar.gz: d7d7384f09edcd3973c01e9a688120e0484974f9
3
+ metadata.gz: c8001c4cd49eb24e7d739b0f1e88298b4daa00b8
4
+ data.tar.gz: b8203d5cd03a24c44272a1fa24a325b0709407a5
5
5
  SHA512:
6
- metadata.gz: d1bdb5b392048f13c25fd596d6e491322d516c8c063ef6da1a4bf4c9aaa685e3ff46e9ad5f872fa6f0973fa769676fe6dfa671eac918c8ce1a7d43405677a22d
7
- data.tar.gz: 9cecde83aab2cd520ba65d21235577ce1f5dc67cf2bba7ee016fe35b2a3a20f4eafc509ee916967e5bd3a4fd3c6c4cbbce02a1fcd2bad635a1a4fcff512afbb3
6
+ metadata.gz: bf0e15df15ab5a27bee5642e8ab1436e1d745008f99cdd3ec62e8f91f5a04e0aaf531e7f57f14db528f6daab22177ca5e29dcb85a710eb54deb8589ae6206a7e
7
+ data.tar.gz: 629a738932279dd2c8bcfa07ddb4050ec6adfd6c17bb23bda086437a866f7ba91b7411bd5044eedf62836871a5b9999514fa2dcfdcffa3d2f10346015c74113b
@@ -20,6 +20,7 @@ module ZendeskAppsSupport
20
20
  module Validations
21
21
  autoload :ValidationError, 'zendesk_apps_support/validations/validation_error'
22
22
  autoload :Manifest, 'zendesk_apps_support/validations/manifest'
23
+ autoload :SecureSettings, 'zendesk_apps_support/validations/secure_settings'
23
24
  autoload :Marketplace, 'zendesk_apps_support/validations/marketplace'
24
25
  autoload :Mime, 'zendesk_apps_support/validations/mime'
25
26
  autoload :Secrets, 'zendesk_apps_support/validations/secrets'
@@ -39,6 +39,9 @@ module ZendeskAppsSupport
39
39
  errors << Validations::Requirements.call(self)
40
40
  errors << Validations::Requests.call(self)
41
41
 
42
+ # only adds warnings
43
+ Validations::SecureSettings.call(self)
44
+
42
45
  unless manifest.requirements_only? || manifest.marketing_only? || manifest.iframe_only?
43
46
  errors << Validations::Templates.call(self)
44
47
  errors << Validations::Stylesheets.call(self)
@@ -49,7 +52,7 @@ module ZendeskAppsSupport
49
52
  errors << Validations::Svg.call(self) if has_svgs?
50
53
  errors << Validations::Mime.call(self)
51
54
 
52
- # warning only validators
55
+ # only adds warnings
53
56
  Validations::Secrets.call(self)
54
57
 
55
58
  errors.flatten.compact
@@ -0,0 +1,37 @@
1
+ # frozen_string_literal: true
2
+
3
+ module ZendeskAppsSupport
4
+ module Validations
5
+ module SecureSettings
6
+ SECURABLE_KEYWORDS = %w[token key pwd password].freeze
7
+ SECURABLE_KEYWORDS_REGEXP = Regexp.new(SECURABLE_KEYWORDS.join('|'), Regexp::IGNORECASE)
8
+
9
+ class << self
10
+ def call(package)
11
+ manifest_params = package.manifest.parameters
12
+
13
+ insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
14
+
15
+ package.warnings << secure_settings_warning if insecure_params_found
16
+ end
17
+
18
+ private
19
+
20
+ def insecure_param?(parameter)
21
+ parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
22
+ end
23
+
24
+ def type_password_or_text?(parameter_type)
25
+ parameter_type == 'text' || parameter_type == 'password'
26
+ end
27
+
28
+ def secure_settings_warning
29
+ I18n.t(
30
+ 'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
31
+ link: 'https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings'
32
+ )
33
+ end
34
+ end
35
+ end
36
+ end
37
+ end
@@ -6,7 +6,7 @@ module ZendeskAppsSupport
6
6
  class << self
7
7
  def call(package)
8
8
  if app_doesnt_require_source?(package.manifest) && contain_source_files?(package)
9
- ValidationError.new(:no_code_for_ifo_notemplate)
9
+ ValidationError.new(:no_source_required_apps)
10
10
  end
11
11
  end
12
12
 
metadata CHANGED
@@ -1,7 +1,7 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: zendesk_apps_support
3
3
  version: !ruby/object:Gem::Version
4
- version: 4.20.0
4
+ version: 4.21.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - James A. Rosen
@@ -11,7 +11,7 @@ authors:
11
11
  autorequire:
12
12
  bindir: bin
13
13
  cert_chain: []
14
- date: 2019-07-24 00:00:00.000000000 Z
14
+ date: 2019-07-29 00:00:00.000000000 Z
15
15
  dependencies:
16
16
  - !ruby/object:Gem::Dependency
17
17
  name: i18n
@@ -279,6 +279,7 @@ files:
279
279
  - lib/zendesk_apps_support/validations/requests.rb
280
280
  - lib/zendesk_apps_support/validations/requirements.rb
281
281
  - lib/zendesk_apps_support/validations/secrets.rb
282
+ - lib/zendesk_apps_support/validations/secure_settings.rb
282
283
  - lib/zendesk_apps_support/validations/source.rb
283
284
  - lib/zendesk_apps_support/validations/stylesheets.rb
284
285
  - lib/zendesk_apps_support/validations/svg.rb