hubot-openassets - npm Package Compare versions

Comparing version 0.8.1 to 0.8.2

package.json

 {
   "name": "hubot-openassets",
-  "version": "0.8.1",
+  "version": "0.8.2",
   "description": "Hubot script for managing and sending assets based on the Open Assets protocol",
@@ -5,0 +5,0 @@ "main": "index.js",

src/openassets.js

@@ -21,2 +21,3 @@ // Description:
 //   OA_MAX_QUANTITY (optional): Maximum quantity of assets that can be transferred
+//   OA_PLUSPLUS_ROOMS (optional): in which room the ++ should be enabled
 //
@@ -101,3 +102,3 @@ // Authors:
 
-  robot.hear(new RegExp(`${robotKeyword} address (add|remove|list)\\s*([a-zA-Z0-9_\-]*)\\s*([a-zA-Z0-9_\-]*)`, 'i'), function(res) {
+  robot.hear(new RegExp(`^${robotKeyword} address (add|remove|list)\\s*([a-zA-Z0-9_\-]*)\\s*([a-zA-Z0-9_\-]*)`, 'i'), function(res) {
     let command = res.match[1];
@@ -174,3 +175,3 @@ let nick    = res.match[2];
 
-  robot.hear(new RegExp(`${robotKeyword} show (.+)`, 'i'), function(hearResponse) {
+  robot.hear(new RegExp(`^${robotKeyword} show (\\S+)`, 'i'), function(hearResponse) {
     balanceOf(hearResponse.match[1], function(assetDetails) {
@@ -186,3 +187,3 @@ if (assetDetails) {
 
-  robot.hear(new RegExp(`${robotKeyword} list`, 'i'), function(hearResponse) {
+  robot.hear(new RegExp(`^${robotKeyword} list`, 'i'), function(hearResponse) {
     let assetUrl = 'https://api.coinprism.com/v1/assets/' + process.env.OA_ASSET_ID + '/owners';
@@ -231,12 +232,10 @@
     let user = hearResponse.message.user;
+    if (!robot.auth.isAdmin(user) || !isPlusPlusEnabledFor(hearResponse.message.room) ) { return; }
 
-    if (!robot.auth.isAdmin(user)) { return; }
-
     let recipient = hearResponse.match[1];
     let destination = addressBook.lookupAddress(recipient);
+    let quantity = process.env.OA_DEFAULT_QUANTITY;
 
     if (!destination) { return false; }
 
-    let quantity = process.env.OA_DEFAULT_QUANTITY;
-
     sendKredits(destination, quantity, function(err, res, body) {
@@ -251,3 +250,3 @@ if (err || res.statusCode !== 200) {
 
-  robot.hear(new RegExp(`${robotKeyword} send (\\d*)\\s?to (.+)\\s?`, 'i'), function(hearResponse) {
+  robot.hear(new RegExp(`^${robotKeyword} send (\\d*)\\s?to (\\S+)`, 'i'), function(hearResponse) {
     let user = hearResponse.message.user;
@@ -292,2 +291,10 @@
 
+  function isPlusPlusEnabledFor(room) {
+    if( typeof process.env.OA_PLUSPLUS_ROOMS === 'undefined') {
+      return false;
+    }
+    // true if room name is in the comma seperated list of the OA_PLUSPLUS_ROOMS env variable
+    return process.env.OA_PLUSPLUS_ROOMS.split(',').map(e => e.trim()).indexOf(room) !== -1;
+  }
+
   function sendKredits(destination, quantity, cb) {
@@ -294,0 +301,0 @@ console.log("sending " + quantity + " to: " + destination);

New alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Environment variable access

Supply chain risk

Package accesses environment variables, which may be a sign of credential stuffing or data theft.

Found 1 instance in 1 package

Fixed alerts

License Policy Violation

License

This package is not allowed per your license policy. Review the package's license to ensure compliance.

Found 1 instance in 1 package

Improved metrics

Total package byte prevSize

14145

increased by5.03%

Lines of code

264

increased by3.13%

Number of lines in readme file

42

increased by2.44%

Worsened metrics

Number of low supply chain risk alerts

16

increased by14.29%

No dependency changes