[APPS-7700] Add validation for scopes attribute for secure param #404
Conversation
aishkan
changed the title
There was a problem hiding this comment.
Pull Request Overview
This PR adds validation for the scopes attribute on secure parameters in app manifests. The validation ensures scopes are only used with secure parameters, cannot be empty arrays, and contain only valid scope values from a predefined list.
Key Changes:
- Added
validate_scopes_for_secure_parameterflag to control scope validation - Implemented three validation rules: scopes require secure=true, scopes cannot be empty, and scopes must be from allowed values
- Added comprehensive test coverage for all validation scenarios
Reviewed Changes
Copilot reviewed 5 out of 5 changed files in this pull request and generated 4 comments.
Show a summary per file
| File | Description |
|---|---|
lib/zendesk_apps_support/validations/manifest.rb |
Implements scope validation logic with three new error checks and adds SECURE_PARAM_SCOPES constant |
lib/zendesk_apps_support/manifest/parameter.rb |
Adds scopes to parameter attributes to support reading scope configuration |
spec/validations/manifest_spec.rb |
Adds comprehensive test coverage for scope validation scenarios including edge cases |
config/locales/translations/zendesk_apps_support.yml |
Adds translation keys for three new validation error messages |
config/locales/en.yml |
Adds English text for the three new validation error messages |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
1fc8a24 to
c5c1530
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
c5c1530 to
eaa1381
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
eaa1381 to
1a093cb
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
1a093cb to
7f2d771
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
7f2d771 to
8adf80d
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
8adf80d to
d50c805
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
d50c805 to
866fd65
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
866fd65 to
a40095b
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 5 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
a40095b to
9835af9
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
9835af9 to
acdef7c
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
acdef7c to
99670c9
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
99670c9 to
07d926b
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 3 comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
16d174a to
3878082
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
3878082 to
04bdf10
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated 1 comment.
Comments suppressed due to low confidence (1)
spec/validations/manifest_spec.rb:10
- Corrected spelling of 'default ocale' to 'default locale'.
'defaultLocale' => 'default ocale',
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
04bdf10 to
bf1777a
Compare
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
bf1777a to
afb8085
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
afb8085 to
82fe811
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 7 out of 7 changed files in this pull request and generated no new comments.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
mmassaki
left a comment
mmassaki
left a comment
There was a problem hiding this comment.
Thank you for addressing my comments.
I approve with a minor comment.
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
598e3ae to
fb211ae
Compare
There was a problem hiding this comment.
Pull Request Overview
Copilot reviewed 8 out of 8 changed files in this pull request and generated 1 comment.
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
| value: "Password parameter type can no longer be used. Use Secure settings instead. Learn more: %{link}." | ||
| - translation: | ||
| key: "txt.apps.admin.error.app_build.field_requires_secure_parameter" | ||
| title: "App builder job: scopes can be defined only on secure parameters" |
There was a problem hiding this comment.
Could you please provide context for %{field} and the other placeholders so linguists can translate them? Thank you!
There was a problem hiding this comment.
@hiroiguchi I have added the context now
aishkan
force-pushed
the
aishkan/secure-settings-scope
branch
from
b540df1 to
cef6f7a
Compare
hiroiguchi
added
g11n-approved
💐
/cc @zendesk/wattle
Description
Add validation for scopes attribute for secure param.
Validations added are as follows
nilvalidate_scopes_for_secure_parameterpassed in paramReferences
https://zendesk.atlassian.net/browse/APPS-7700
Risks