Merge branch 'OWASP:main' into main

Raghavg18 · Jan 30, 2025 · 5580afa · 5580afa
2 parents 077f7a8 + 9bbc43e
commit 5580afa
Show file tree

Hide file tree

Showing 17 changed files with 271 additions and 64 deletions.
diff --git a/.github/labeler.yml b/.github/labeler.yml
@@ -5,6 +5,7 @@ backend:
               - 'backend/**'
           - all-globs-to-all-files:
               - '!backend/apps/slack/**'
+              - '!backend/tests/slack/**'
 
 backend-tests:
   - all:

diff --git a/.github/workflows/run-ci-cd.yaml b/.github/workflows/run-ci-cd.yaml
@@ -32,7 +32,7 @@ env:
 
 jobs:
   pre-commit:
-    name: Run pre-commit
+    name: Check code quality
     runs-on: ubuntu-latest
     steps:
       - name: Check out repository

diff --git a/backend/apps/slack/MANIFEST.yaml b/backend/apps/slack/MANIFEST.yaml
@@ -74,6 +74,22 @@ features:
       url: https://nest.owasp.dev/integrations/slack/commands/
       description: Browse OWASP events
       should_escape: false
+    - command: /news
+      url: https://nest.owasp.dev/integrations/slack/commands/
+      description: OWASP news
+      should_escape: false
+    - command: /contact
+      url: https://nest.owasp.dev/integrations/slack/commands/
+      description: Contact OWASP
+      should_escape: false
+    - command: /community
+      url: https://nest.owasp.dev/integrations/slack/commands/
+      description: Explore OWASP community
+      should_escape: false
+    - command: /users
+      url: https://nest.owasp.dev/integrations/slack/commands/
+      description: OWASP users list
+      should_escape: false
 oauth_config:
   scopes:
     user:

diff --git a/backend/apps/slack/commands/__init__.py b/backend/apps/slack/commands/__init__.py
@@ -2,6 +2,7 @@
     board,
     chapters,
     committees,
+    community,
     contact,
     contribute,
     donate,
@@ -15,4 +16,5 @@
     projects,
     sponsors,
     staff,
+    users,
 )
diff --git a/backend/apps/slack/commands/community.py b/backend/apps/slack/commands/community.py
@@ -0,0 +1,30 @@
+"""Slack bot community command."""
+
+from django.conf import settings
+
+from apps.common.constants import NL
+from apps.slack.apps import SlackConfig
+from apps.slack.blocks import markdown
+
+COMMAND = "/community"
+
+
+def community_handler(ack, command, client):
+    """Slack /community command handler."""
+    ack()
+
+    if not settings.SLACK_COMMANDS_ENABLED:
+        return
+
+    blocks = [
+        markdown(
+            f"Please visit <https://nest.owasp.dev/community/users/|OWASP community> page{NL}"
+        ),
+    ]
+
+    conversation = client.conversations_open(users=command["user_id"])
+    client.chat_postMessage(channel=conversation["channel"]["id"], blocks=blocks)
+
+
+if SlackConfig.app:
+    community_handler = SlackConfig.app.command(COMMAND)(community_handler)
diff --git a/backend/apps/slack/commands/donate.py b/backend/apps/slack/commands/donate.py
@@ -2,7 +2,7 @@
 
 from django.conf import settings
 
-from apps.common.constants import NL
+from apps.common.constants import NL, OWASP_WEBSITE_URL
 from apps.slack.apps import SlackConfig
 from apps.slack.blocks import markdown
 
@@ -18,8 +18,24 @@ def donate_handler(ack, command, client):
 
     blocks = [
         markdown(
-            f"Please visit <https://owasp.org/donate/|donate to the OWASP Foundation> page{NL}"
+            "The OWASP Foundation, a U.S. 501(c)(3) nonprofit organization, accepts donations to "
+            "support its mission of improving software security. Donations can be made through "
+            "the official OWASP website or via postal mail. Online donations are processed "
+            "through a form that attributes contributions to specific chapters or projects "
+            "based on the referring page title. The form supports multiple currencies: "
+            f"USD, GBP, and EUR.{NL}"
+            "Donations can be unrestricted, allowing OWASP to allocate funds where needed, or "
+            "restricted, where contributions of $1,000 or more can be designated for a specific "
+            "project or chapter with a 10% administrative fee. Donors may be publicly "
+            "acknowledged, though OWASP remains vendor-neutral and does not endorse any "
+            "supporters. For substantial contributions, OWASP welcomes major foundation and "
+            "corporate grants, and interested parties are encouraged to reach out. For detailed "
+            "information on donation policies and procedures, please refer to the "
+            f"<https://{OWASP_WEBSITE_URL}/www-policy/operational/donations|OWASP Donations "
+            "Policy>."
         ),
+        {"type": "divider"},
+        markdown(f"Please Visit <{OWASP_WEBSITE_URL}/donate/| OWASP Foundation> page to donate."),
     ]
 
     conversation = client.conversations_open(users=command["user_id"])

diff --git a/backend/apps/slack/commands/jobs.py b/backend/apps/slack/commands/jobs.py
@@ -5,7 +5,7 @@
 from apps.common.constants import NL
 from apps.slack.apps import SlackConfig
 from apps.slack.blocks import markdown
-from apps.slack.constants import OWASP_JOBS_CHANNEL_ID
+from apps.slack.constants import FEEDBACK_CHANNEL_MESSAGE, OWASP_JOBS_CHANNEL_ID
 
 COMMAND = "/jobs"
 
@@ -18,7 +18,16 @@ def jobs_handler(ack, command, client):
         return
 
     blocks = [
-        markdown(f"Please join <{OWASP_JOBS_CHANNEL_ID}> channel{NL}"),
+        markdown(
+            f"Please join <{OWASP_JOBS_CHANNEL_ID}> channel{NL}"
+            "This Slack channel shares community-driven job opportunities, networking, "
+            "and career advice in cybersecurity and related fields."
+        ),
+        markdown(
+            "⚠️ *Disclaimer: This is not an official OWASP channel and its content is "
+            "not endorsed, reviewed, or approved by OWASP*."
+        ),
+        markdown(f"{FEEDBACK_CHANNEL_MESSAGE}"),
     ]
 
     conversation = client.conversations_open(users=command["user_id"])

diff --git a/backend/apps/slack/commands/owasp.py b/backend/apps/slack/commands/owasp.py
@@ -17,6 +17,7 @@ def owasp_handler(ack, command, client):
         board,
         chapters,
         committees,
+        community,
         contact,
         contribute,
         donate,
@@ -28,6 +29,7 @@ def owasp_handler(ack, command, client):
         projects,
         sponsors,
         staff,
+        users,
     )
 
     ack()
@@ -41,6 +43,7 @@ def owasp_handler(ack, command, client):
                 f"• `{COMMAND} board` -- OWASP Global Board information{NL}"
                 f"• `{COMMAND} chapters` -- Explore OWASP chapters{NL}"
                 f"• `{COMMAND} committees` -- Explore OWASP committees{NL}"
+                f"• `{COMMAND} community` -- Explore OWASP community{NL}"
                 f"• `{COMMAND} contact` -- Contact OWASP{NL}"
                 f"• `{COMMAND} contribute` -- OWASP projects contribution opportunities{NL}"
                 f"• `{COMMAND} donate` -- Support OWASP with a donation{NL}"
@@ -52,6 +55,7 @@ def owasp_handler(ack, command, client):
                 f"• `{COMMAND} projects` -- Explore OWASP projects{NL}"
                 f"• `{COMMAND} sponsors` -- Get a list of OWASP sponsors{NL}"
                 f"• `{COMMAND} staff` -- OWASP corporate structure{NL}"
+                f"• `{COMMAND} users` -- OWASP contributors{NL}"
             ),
         ]
         conversation = client.conversations_open(users=command["user_id"])
@@ -66,6 +70,8 @@ def owasp_handler(ack, command, client):
                 chapters.chapters_handler(ack, command, client)
             case "committees":
                 committees.committees_handler(ack, command, client)
+            case "community":
+                community.community_handler(ack, command, client)
             case "contact":
                 contact.contact_handler(ack, command, client)
             case "contribute":
@@ -88,6 +94,8 @@ def owasp_handler(ack, command, client):
                 sponsors.sponsors_handler(ack, command, client)
             case "staff":
                 staff.staff_handler(ack, command, client)
+            case "users":
+                users.users_handler(ack, command, client)
             case _:
                 blocks = [
                     markdown(f"*`{COMMAND} {escape(handler)}` is not supported*{NL}"),

diff --git a/backend/apps/slack/commands/users.py b/backend/apps/slack/commands/users.py
@@ -0,0 +1,28 @@
+"""Slack bot users command."""
+
+from django.conf import settings
+
+from apps.common.constants import NL
+from apps.slack.apps import SlackConfig
+from apps.slack.blocks import markdown
+
+COMMAND = "/users"
+
+
+def users_handler(ack, command, client):
+    """Slack /users command handler."""
+    ack()
+
+    if not settings.SLACK_COMMANDS_ENABLED:
+        return
+
+    blocks = [
+        markdown(f"Please visit <https://nest.owasp.dev/users/users/|OWASP users> page{NL}"),
+    ]
+
+    conversation = client.conversations_open(users=command["user_id"])
+    client.chat_postMessage(channel=conversation["channel"]["id"], blocks=blocks)
+
+
+if SlackConfig.app:
+    users_handler = SlackConfig.app.command(COMMAND)(users_handler)
diff --git a/backend/apps/slack/events/app_home_opened.py b/backend/apps/slack/events/app_home_opened.py
@@ -36,6 +36,7 @@ def app_home_opened_handler(event, client, ack):
                     f"{TAB}• /board{NL}"
                     f"{TAB}• /chapters{NL}"
                     f"{TAB}• /committees{NL}"
+                    f"{TAB}• /community{NL}"
                     f"{TAB}• /contact{NL}"
                     f"{TAB}• /contribute{NL}"
                     f"{TAB}• /donate{NL}"
@@ -48,6 +49,7 @@ def app_home_opened_handler(event, client, ack):
                     f"{TAB}• /projects{NL}"
                     f"{TAB}• /sponsors{NL}"
                     f"{TAB}• /staff{NL}"
+                    f"{TAB}• /users{NL}"
                 ),
             ],
         }