Add new Help Scout integration and Beacon functionality #304
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Hackgt7 dev
ehsanmasdar
reviewed
Aug 12, 2020
Member
ehsanmasdar
left a comment
ehsanmasdar
left a comment
There was a problem hiding this comment.
Nice work, Helpscout seems cool! Was scrolling through the code and then figured I'd leave a few comments.
server/routes/api/helpscout.ts
Outdated
| } | ||
|
|
||
| function createListBlock(title: string, content: string | string[] | Express.Multer.File | null) { | ||
| return `<li class="c-sb-list-item"> |
Member
There was a problem hiding this comment.
Just happened to be scrolling through - I think this could lead to a XSS if you're not careful about the fields that are being included. You probably want to use some sort of templating library to construct this in a safe way.
Member
Author
There was a problem hiding this comment.
Hmmm I will look into this. Help Scout asks you to send them basically the string HTML to display but I'm 99% certain they automatically filter what's displayed. But never hurts to be careful on our end too
Member
Author
There was a problem hiding this comment.
This should be fixed now that this uses Handlebars
| return `<span class="badge ${type}">${text}</span>`; | ||
| } | ||
|
|
||
| async function helpScoutUserInfoHandler(request: express.Request, response: express.Response) { |
Member
There was a problem hiding this comment.
This is a scary function because if the auth checks pass it can query information about any user. For purposes of monitoring it (and also improving general data privacy posture) I'd consider logging accesses somewhere and having it notify y'all when it is used.
Member
Author
There was a problem hiding this comment.
That's a good point. Would it be worthwhile to directly validate the signature in the function vs. middleware to prevent it from accidentally being open to the world? I wonder if we could also restrict it to be called by Help Scout IP addresses 🤔
petschekr
reviewed
Aug 12, 2020
Member
petschekr
left a comment
petschekr
left a comment
There was a problem hiding this comment.
Just some minor things and questions
petschekr
reviewed
Sep 16, 2020
petschekr
reviewed
Sep 16, 2020
petschekr
reviewed
Sep 16, 2020
petschekr
reviewed
Sep 16, 2020
evan10s
added a commit
that referenced
this pull request
Sep 20, 2020
* Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com>
evan10s
added a commit
that referenced
this pull request
Sep 23, 2020
* Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> # Conflicts: # package-lock.json # server/config/questions.json
evan10s
added a commit
that referenced
this pull request
Oct 1, 2020
* Add new Help Scout integration and Beacon functionality (#304) * Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> * Add staff, partner, and confirmation branches * Fix questions * Add HackGT 7 sponsor acceptance functionality (#311) * Add sponsor branch auto-accept/reject capabilities * Add console.log to verify sponsor email domain/email email allowlist * Add HackGT 7 sponsor allowlist secrets Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> * Fix duplicate branch * Add staff/partner confirmation branches * Add additional branch descriptions for the branch selection page * Fix typo * Fix partner branch name * Clean up some more stuff * Use list of choices for address state question * Clean up sponsor data sharing agreement text * Remove t-shirt question from mentor confirmation * more fixes * Add GM to sponsor list * Fix typo * Allow other on sponsor list Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com>
evan10s
added a commit
that referenced
this pull request
Dec 29, 2020
* Add new Help Scout integration and Beacon functionality (#304) (#308) * Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> # Conflicts: # package-lock.json # server/config/questions.json * Fix compile errors * Finishing touches * clarify Co-authored-by: Evan Strat <evan10s@users.noreply.github.com>
rahulrajus
pushed a commit
that referenced
this pull request
Jul 22, 2021
* Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com>
rahulrajus
pushed a commit
that referenced
this pull request
Jul 22, 2021
* Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com>
rahulrajus
pushed a commit
that referenced
this pull request
Jul 22, 2021
* Add new Help Scout integration and Beacon functionality (#304) * Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> * Add staff, partner, and confirmation branches * Fix questions * Add HackGT 7 sponsor acceptance functionality (#311) * Add sponsor branch auto-accept/reject capabilities * Add console.log to verify sponsor email domain/email email allowlist * Add HackGT 7 sponsor allowlist secrets Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> * Fix duplicate branch * Add staff/partner confirmation branches * Add additional branch descriptions for the branch selection page * Fix typo * Fix partner branch name * Clean up some more stuff * Use list of choices for address state question * Clean up sponsor data sharing agreement text * Remove t-shirt question from mentor confirmation * more fixes * Add GM to sponsor list * Fix typo * Allow other on sponsor list Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com>
rahulrajus
pushed a commit
that referenced
this pull request
Jul 22, 2021
* Add new Help Scout integration and Beacon functionality (#304) (#308) * Added very basic initial functionality * Implemented hmac hash checking (maybe?) * Basic hello world to test signature validation in test deploy * Add Help Scout secret * Add more debugging * Updated to latest version of typescript, fixed Help Scout signature validation * Pushing some more changes to see how they look * Make time zone questions required * Testing some more * Make timezone questions required * Fix punctuation in dates * Lots of Help Scout integration UI element improvements * Finishing touches for Help Scout integration * Help Scout Beacon support improvements * Add info about Help Scout integration/Beacon to README * Apparently you can't define secrets in both deployment.yaml and a Beehive yaml * Remove package script that doesn't work * Upgraded packages, including Handlebars * Re-implemented Help Scout templates using Handlebars * Show selected application/confirmation questions in Help Scout * Cleanup Help Scout API security * Remove extra lines * A few final fixes and tweaks * Make time zone questions required * test file questions help scout view * Fix file helpscout download URL * actually fix help scout file links * Remove some console.logs * minor fixes Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> Co-authored-by: Evan Strat <evan10s@users.noreply.github.com> Co-authored-by: Stephanie A <almeidasmail@gmail.com> # Conflicts: # package-lock.json # server/config/questions.json * Fix compile errors * Finishing touches * clarify Co-authored-by: Evan Strat <evan10s@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Adds support for Help Scout dynamic custom apps as well as Beacons on the frontend
Dynamic app example:
Once we review this and get it merged, I will cherry-pick it into a new PR for master so this is a mainline registration feature.