zendesk_apps_support 4.20.0 → 4.21.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: 05fdb1c1548cd1f0788f3c4f4e4acae77159f191
-  data.tar.gz: d7d7384f09edcd3973c01e9a688120e0484974f9
+  metadata.gz: c8001c4cd49eb24e7d739b0f1e88298b4daa00b8
+  data.tar.gz: b8203d5cd03a24c44272a1fa24a325b0709407a5
 SHA512:
-  metadata.gz: d1bdb5b392048f13c25fd596d6e491322d516c8c063ef6da1a4bf4c9aaa685e3ff46e9ad5f872fa6f0973fa769676fe6dfa671eac918c8ce1a7d43405677a22d
-  data.tar.gz: 9cecde83aab2cd520ba65d21235577ce1f5dc67cf2bba7ee016fe35b2a3a20f4eafc509ee916967e5bd3a4fd3c6c4cbbce02a1fcd2bad635a1a4fcff512afbb3
+  metadata.gz: bf0e15df15ab5a27bee5642e8ab1436e1d745008f99cdd3ec62e8f91f5a04e0aaf531e7f57f14db528f6daab22177ca5e29dcb85a710eb54deb8589ae6206a7e
+  data.tar.gz: 629a738932279dd2c8bcfa07ddb4050ec6adfd6c17bb23bda086437a866f7ba91b7411bd5044eedf62836871a5b9999514fa2dcfdcffa3d2f10346015c74113b

data/lib/zendesk_apps_support.rb

@@ -20,6 +20,7 @@ module ZendeskAppsSupport
   module Validations
     autoload :ValidationError,       'zendesk_apps_support/validations/validation_error'
     autoload :Manifest,              'zendesk_apps_support/validations/manifest'
+    autoload :SecureSettings,        'zendesk_apps_support/validations/secure_settings'
     autoload :Marketplace,           'zendesk_apps_support/validations/marketplace'
     autoload :Mime,                  'zendesk_apps_support/validations/mime'
     autoload :Secrets,               'zendesk_apps_support/validations/secrets'

data/lib/zendesk_apps_support/package.rb

@@ -39,6 +39,9 @@ module ZendeskAppsSupport
         errors << Validations::Requirements.call(self)
         errors << Validations::Requests.call(self)
 
+        # only adds warnings
+        Validations::SecureSettings.call(self)
+
         unless manifest.requirements_only? || manifest.marketing_only? || manifest.iframe_only?
           errors << Validations::Templates.call(self)
           errors << Validations::Stylesheets.call(self)
@@ -49,7 +52,7 @@ module ZendeskAppsSupport
       errors << Validations::Svg.call(self) if has_svgs?
       errors << Validations::Mime.call(self)
 
-      # warning only validators
+      # only adds warnings
       Validations::Secrets.call(self)
 
       errors.flatten.compact

data/lib/zendesk_apps_support/validations/secure_settings.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module ZendeskAppsSupport
+  module Validations
+    module SecureSettings
+      SECURABLE_KEYWORDS = %w[token key pwd password].freeze
+      SECURABLE_KEYWORDS_REGEXP = Regexp.new(SECURABLE_KEYWORDS.join('|'), Regexp::IGNORECASE)
+
+      class << self
+        def call(package)
+          manifest_params = package.manifest.parameters
+
+          insecure_params_found = manifest_params.any? { |param| insecure_param?(param) }
+
+          package.warnings << secure_settings_warning if insecure_params_found
+        end
+
+        private
+
+        def insecure_param?(parameter)
+          parameter.name =~ SECURABLE_KEYWORDS_REGEXP && type_password_or_text?(parameter.type) && !parameter.secure
+        end
+
+        def type_password_or_text?(parameter_type)
+          parameter_type == 'text' || parameter_type == 'password'
+        end
+
+        def secure_settings_warning
+          I18n.t(
+            'txt.apps.admin.error.app_build.translation.insecure_token_parameter_in_manifest',
+            link: 'https://developer.zendesk.com/apps/docs/developer-guide/using_sdk#using-secure-settings'
+          )
+        end
+      end
+    end
+  end
+end

data/lib/zendesk_apps_support/validations/source.rb

@@ -6,7 +6,7 @@ module ZendeskAppsSupport
       class << self
         def call(package)
           if app_doesnt_require_source?(package.manifest) && contain_source_files?(package)
-            ValidationError.new(:no_code_for_ifo_notemplate)
+            ValidationError.new(:no_source_required_apps)
           end
         end
 

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: zendesk_apps_support
 version: !ruby/object:Gem::Version
-  version: 4.20.0
+  version: 4.21.0
 platform: ruby
 authors:
 - James A. Rosen
@@ -11,7 +11,7 @@ authors:
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-07-24 00:00:00.000000000 Z
+date: 2019-07-29 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: i18n
@@ -279,6 +279,7 @@ files:
 - lib/zendesk_apps_support/validations/requests.rb
 - lib/zendesk_apps_support/validations/requirements.rb
 - lib/zendesk_apps_support/validations/secrets.rb
+- lib/zendesk_apps_support/validations/secure_settings.rb
 - lib/zendesk_apps_support/validations/source.rb
 - lib/zendesk_apps_support/validations/stylesheets.rb
 - lib/zendesk_apps_support/validations/svg.rb