appmap 0.34.5 → 0.37.0

data/lib/appmap/hook/method.rb

@@ -1,7 +1,9 @@
+# frozen_string_literal: true
+
 module AppMap
   class Hook
     class Method
-      attr_reader :hook_class, :hook_method
+      attr_reader :hook_package, :hook_class, :hook_method
 
       # +method_display_name+ may be nil if name resolution gets
       # deferred until runtime (e.g. for a singleton method on an
@@ -15,8 +17,9 @@ module AppMap
       # with the method we're hooking.
       TIME_NOW = Time.method(:now)
       private_constant :TIME_NOW
-      
-      def initialize(hook_class, hook_method)
+
+      def initialize(hook_package, hook_class, hook_method)
+        @hook_package = hook_package
         @hook_class = hook_class
         @hook_method = hook_method
 
@@ -67,23 +70,24 @@ module AppMap
               raise
             ensure
               with_disabled_hook.() do
-                after_hook.(call_event, start_time, return_value, exception)
+                after_hook.(self, call_event, start_time, return_value, exception)
               end
             end
           end
         end
         hook_class.define_method_with_arity(hook_method.name, hook_method.arity, hook_method_def)
       end
+
       protected
 
       def before_hook(receiver, defined_class, args)
         require 'appmap/event'
         call_event = AppMap::Event::MethodCall.build_from_invocation(defined_class, hook_method, receiver, args)
-        AppMap.tracing.record_event call_event, defined_class: defined_class, method: hook_method
+        AppMap.tracing.record_event call_event, package: hook_package, defined_class: defined_class, method: hook_method
         [ call_event, TIME_NOW.call ]
       end
 
-      def after_hook(call_event, start_time, return_value, exception)
+      def after_hook(receiver, call_event, start_time, return_value, exception)
         require 'appmap/event'
         elapsed = TIME_NOW.call - start_time
         return_event = \

data/lib/appmap/rails/request_handler.rb

@@ -0,0 +1,88 @@
+# frozen_string_literal: true
+
+require 'appmap/event'
+require 'appmap/hook'
+
+module AppMap
+  module Rails
+    module RequestHandler
+      class HTTPServerRequest < AppMap::Event::MethodEvent
+        attr_accessor :request_method, :path_info, :params
+
+        def initialize(request)
+          super AppMap::Event.next_id_counter, :call, Thread.current.object_id
+
+          @request_method = request.request_method
+          @path_info = request.path_info.split('?')[0]
+          @params = ActionDispatch::Http::ParameterFilter.new(::Rails.application.config.filter_parameters).filter(request.params)
+        end
+
+        def to_h
+          super.tap do |h|
+            h[:http_server_request] = {
+              request_method: request_method,
+              path_info: path_info
+            }
+
+            h[:message] = params.keys.map do |key|
+              val = params[key]
+              {
+                name: key,
+                class: val.class.name,
+                value: self.class.display_string(val),
+                object_id: val.__id__
+              }
+            end
+          end
+        end
+      end
+
+      class HTTPServerResponse < AppMap::Event::MethodReturnIgnoreValue
+        attr_accessor :status, :mime_type
+
+        def initialize(response, parent_id, elapsed)
+          super AppMap::Event.next_id_counter, :return, Thread.current.object_id
+
+          self.status = response.status
+          self.mime_type = response.headers['Content-Type']
+          self.parent_id = parent_id
+          self.elapsed = elapsed
+        end
+
+        def to_h
+          super.tap do |h|
+            h[:http_server_response] = {
+              status: status,
+              mime_type: mime_type
+            }.compact
+          end
+        end
+      end
+
+      class HookMethod < AppMap::Hook::Method
+        def initialize
+          # ActionController::Instrumentation has issued start_processing.action_controller and
+          # process_action.action_controller since Rails 3. Therefore it's a stable place to hook
+          # the request. Rails controller notifications can't be used directly because they don't
+          # provide response headers, and we want the Content-Type.
+          super(nil, ActionController::Instrumentation, ActionController::Instrumentation.instance_method(:process_action))
+        end
+
+        protected
+
+        def before_hook(receiver, defined_class, _) # args
+          call_event = HTTPServerRequest.new(receiver.request)
+          # http_server_request events are i/o and do not require a package name.
+          AppMap.tracing.record_event call_event, defined_class: defined_class, method: hook_method
+          [ call_event, TIME_NOW.call ]
+        end
+
+        def after_hook(receiver, call_event, start_time, _, _) # return_value, exception
+          elapsed = TIME_NOW.call - start_time
+          return_event = HTTPServerResponse.new receiver.response, call_event.id, elapsed
+          AppMap.tracing.record_event return_event
+        end
+      end
+    end
+  end
+end

data/lib/appmap/rails/sql_handler.rb

@@ -72,9 +72,17 @@ module AppMap
         end
 
         class ActiveRecordExaminer
+          @@db_version_warning_issued = {}
+          
+          def issue_warning
+            db_type = database_type
+            return if @@db_version_warning_issued[db_type]
+            warn("AppMap: Unable to determine database version for #{db_type.inspect}") 
+            @@db_version_warning_issued[db_type] = true
+          end
+          
           def server_version
-            ActiveRecord::Base.connection.try(:database_version) ||\
-              warn("Unable to determine database version for #{database_type.inspect}")
+            ActiveRecord::Base.connection.try(:database_version) || issue_warning
           end
 
           def database_type

data/lib/appmap/railtie.rb

@@ -13,13 +13,11 @@ module AppMap
     # AppMap events.
     initializer 'appmap.subscribe', after: 'appmap.init' do |_| # params: app
       require 'appmap/rails/sql_handler'
-      require 'appmap/rails/action_handler'
+      require 'appmap/rails/request_handler'
       ActiveSupport::Notifications.subscribe 'sql.sequel', AppMap::Rails::SQLHandler.new
       ActiveSupport::Notifications.subscribe 'sql.active_record', AppMap::Rails::SQLHandler.new
-      ActiveSupport::Notifications.subscribe \
-        'start_processing.action_controller', AppMap::Rails::ActionHandler::HTTPServerRequest.new
-      ActiveSupport::Notifications.subscribe \
-        'process_action.action_controller', AppMap::Rails::ActionHandler::HTTPServerResponse.new
+
+      AppMap::Rails::RequestHandler::HookMethod.new.activate
     end
 
     # appmap.trace begins recording an AppMap trace and writes it to appmap.json.
@@ -42,4 +40,4 @@ module AppMap
       end.call
     end
   end
-end
+end unless ENV['APPMAP_INITIALIZE'] == 'false'

data/lib/appmap/rspec.rb

@@ -124,8 +124,18 @@ module AppMap
       def initialize(example)
         super
 
+        webdriver_port = lambda do
+          return unless defined?(page) && page&.driver
+
+          # This is the ugliest thing ever but I don't want to lose it.
+          # All the WebDriver calls are getting app-mapped and it's really unclear
+          # what they are.
+          page.driver.options[:http_client].instance_variable_get('@server_url').port
+        end
+
         warn "Starting recording of example #{example}" if AppMap::RSpec::LOG
         @trace = AppMap.tracing.trace
+        @webdriver_port = webdriver_port.()
       end
 
       def finish
@@ -138,7 +148,7 @@ module AppMap
 
         AppMap::RSpec.add_event_methods @trace.event_methods
 
-        class_map = AppMap.class_map(@trace.event_methods)
+        class_map = AppMap.class_map(@trace.event_methods, include_source: false)
 
         description = []
         scope = ScopeExample.new(example)

data/lib/appmap/trace.rb

@@ -3,9 +3,10 @@
 module AppMap
   module Trace
     class ScopedMethod < SimpleDelegator
-      attr_reader :defined_class, :static
-      
-      def initialize(defined_class, method, static)
+      attr_reader :package, :defined_class, :static
+
+      def initialize(package, defined_class, method, static)
+        @package = package
         @defined_class = defined_class
         @static = static
         super(method)
@@ -32,9 +33,9 @@ module AppMap
         @tracing.any?(&:enabled?)
       end
 
-      def record_event(event, defined_class: nil, method: nil)
+      def record_event(event, package: nil, defined_class: nil, method: nil)
         @tracing.each do |tracer|
-          tracer.record_event(event, defined_class: defined_class, method: method)
+          tracer.record_event(event, package: package, defined_class: defined_class, method: method)
         end
       end
 
@@ -71,11 +72,12 @@ module AppMap
     # Record a program execution event.
     #
     # The event should be one of the MethodEvent subclasses.
-    def record_event(event, defined_class: nil, method: nil)
+    def record_event(event, package: nil, defined_class: nil, method: nil)
       return unless @enabled
 
       @events << event
-      @methods << Trace::ScopedMethod.new(defined_class, method, event.static) if (defined_class && method && event.event == :call)
+      @methods << Trace::ScopedMethod.new(package, defined_class, method, event.static) \
+        if package && defined_class && method && (event.event == :call)
     end
 
     # Gets a unique list of the methods that were invoked by the program.

data/lib/appmap/version.rb

@@ -3,7 +3,7 @@
 module AppMap
   URL = 'https://github.com/applandinc/appmap-ruby'
 
-  VERSION = '0.34.5'
+  VERSION = '0.37.0'
 
-  APPMAP_FORMAT_VERSION = '1.2'
+  APPMAP_FORMAT_VERSION = '1.3'
 end

data/spec/abstract_controller4_base_spec.rb

@@ -39,7 +39,7 @@ describe 'AbstractControllerBase' do
       expect(appmap).to include(<<-SERVER_REQUEST.strip)
   http_server_request:
     request_method: POST
-    path_info: "/api/users?login=alice&password=foobar
+    path_info: "/api/users"
       SERVER_REQUEST
     end
     it 'Properly captures method parameters in the appmap' do

data/spec/abstract_controller_base_spec.rb

@@ -45,6 +45,12 @@ describe 'AbstractControllerBase' do
     request_method: POST
     path_info: "/api/users"
       SERVER_REQUEST
+
+      expect(appmap).to include(<<-SERVER_RESPONSE.strip)
+  http_server_response:
+    status: 201
+    mime_type: application/json; charset=utf-8
+      SERVER_RESPONSE
     end
 
     it 'properly captures method parameters in the appmap' do

data/spec/class_map_spec.rb

@@ -0,0 +1,36 @@
+# frozen_string_literal: true
+
+require 'spec_helper'
+
+describe 'AppMap::ClassMap' do
+  describe '.build_from_methods' do
+    it 'includes source code if available' do
+      map = AppMap.class_map([scoped_method(method(:test_method))])
+      function = dig_map(map, 5)[0]
+      expect(function[:source]).to include 'test method body'
+      expect(function[:comment]).to include 'test method comment'
+    end
+
+    it 'can omit source code even if available' do
+      map = AppMap.class_map([scoped_method((method :test_method))], include_source: false)
+      function = dig_map(map, 5)[0]
+      expect(function).to_not include(:source)
+      expect(function).to_not include(:comment)
+    end
+
+    # test method comment
+    def test_method
+      'test method body'
+    end
+
+    def scoped_method(method)
+      AppMap::Trace::ScopedMethod.new AppMap::Config::Package.new, method.receiver.class.name, method, false
+    end
+
+    def dig_map(map, depth)
+      return map if depth == 0
+
+      dig_map map[0][:children], depth - 1
+    end
+  end
+end

data/spec/fixtures/hook/exception_method.rb

@@ -9,3 +9,47 @@ class ExceptionMethod
     raise 'Exception occurred in raise_exception'
   end
 end
+
+# subclass from BasicObject so we don't get #to_s. Requires some
+# hackery to implement the other methods normally provided by Object.
+class NoToSMethod < BasicObject
+  def is_a?(*args)
+    return false
+  end
+
+  def class
+    return ::Class
+  end
+
+  def respond_to?(*args)
+    return false
+  end
+
+  def inspect
+    "NoToSMethod"
+  end
+
+  def say_hello
+    "hello"
+  end
+end
+
+class InspectRaises < NoToSMethod
+  def inspect
+    ::Kernel.raise "#to_s missing, #inspect raises"
+  end
+
+  def say_hello
+    "hello"
+  end
+end
+
+class ToSRaises
+  def to_s
+    raise "#to_s raises"
+  end
+
+  def say_hello
+    "hello"
+  end
+end

data/spec/hook_spec.rb

@@ -27,7 +27,7 @@ describe 'AppMap class Hooking', docker: false do
 
   def invoke_test_file(file, setup: nil, &block)
     AppMap.configuration = nil
-    package = AppMap::Config::Package.new(file)
+    package = AppMap::Config::Package.build_from_path(file)
     config = AppMap::Config.new('hook_spec', [ package ])
     AppMap.configuration = config
     tracer = nil
@@ -112,6 +112,10 @@ describe 'AppMap class Hooking', docker: false do
           :type: function
           :location: spec/fixtures/hook/instance_method.rb:8
           :static: false
+          :source: |2
+              def say_default
+                'default'
+              end
     YAML
   end
 
@@ -465,6 +469,132 @@ describe 'AppMap class Hooking', docker: false do
     end
   end
 
+  context 'string conversions works for the receiver when' do
+
+    it 'is missing #to_s' do
+      events_yaml = <<~YAML
+      ---
+      - :id: 1
+        :event: :call
+        :defined_class: NoToSMethod
+        :method_id: respond_to?
+        :path: spec/fixtures/hook/exception_method.rb
+        :lineno: 24
+        :static: false
+        :parameters:
+        - :name: :args
+          :class: Symbol
+          :value: to_s
+          :kind: :rest
+        :receiver:
+          :class: Class
+          :value: NoToSMethod
+      - :id: 2
+        :event: :return
+        :parent_id: 1
+      - :id: 3
+        :event: :call
+        :defined_class: NoToSMethod
+        :method_id: say_hello
+        :path: spec/fixtures/hook/exception_method.rb
+        :lineno: 32
+        :static: false
+        :parameters: []
+        :receiver:
+          :class: Class
+          :value: NoToSMethod
+      - :id: 4
+        :event: :return
+        :parent_id: 3
+        :return_value:
+          :class: String
+          :value: hello
+      YAML
+
+      test_hook_behavior 'spec/fixtures/hook/exception_method.rb', events_yaml do
+        inst = NoToSMethod.new
+        # sanity check
+        expect(inst).not_to respond_to(:to_s)
+        inst.say_hello
+      end
+    end
+
+    it 'it is missing #to_s and it raises an exception in #inspect' do
+      events_yaml = <<~YAML
+      ---
+      - :id: 1
+        :event: :call
+        :defined_class: NoToSMethod
+        :method_id: respond_to?
+        :path: spec/fixtures/hook/exception_method.rb
+        :lineno: 24
+        :static: false
+        :parameters:
+        - :name: :args
+          :class: Symbol
+          :value: to_s
+          :kind: :rest
+        :receiver:
+          :class: Class
+          :value: "*Error inspecting variable*"
+      - :id: 2
+        :event: :return
+        :parent_id: 1
+      - :id: 3
+        :event: :call
+        :defined_class: InspectRaises
+        :method_id: say_hello
+        :path: spec/fixtures/hook/exception_method.rb
+        :lineno: 42
+        :static: false
+        :parameters: []
+        :receiver:
+          :class: Class
+          :value: "*Error inspecting variable*"
+      - :id: 4
+        :event: :return
+        :parent_id: 3
+        :return_value:
+          :class: String
+          :value: hello
+      YAML
+
+      test_hook_behavior 'spec/fixtures/hook/exception_method.rb', events_yaml do
+        inst = InspectRaises.new
+        # sanity check
+        expect(inst).not_to respond_to(:to_s)
+        inst.say_hello
+      end
+    end
+
+    it 'it raises an exception in #to_s' do
+      events_yaml = <<~YAML
+      ---
+      - :id: 1
+        :event: :call
+        :defined_class: ToSRaises
+        :method_id: say_hello
+        :path: spec/fixtures/hook/exception_method.rb
+        :lineno: 52
+        :static: false
+        :parameters: []
+        :receiver:
+          :class: ToSRaises
+          :value: "*Error inspecting variable*"
+      - :id: 2
+        :event: :return
+        :parent_id: 1
+        :return_value:
+          :class: String
+          :value: hello
+      YAML
+
+      test_hook_behavior 'spec/fixtures/hook/exception_method.rb', events_yaml do
+        ToSRaises.new.say_hello
+      end
+    end
+  end
+
   it 're-raises exceptions' do
     RSpec::Expectations.configuration.on_potential_false_positives = :nothing
 
@@ -587,6 +717,10 @@ describe 'AppMap class Hooking', docker: false do
             :type: function
             :location: spec/fixtures/hook/compare.rb:4
             :static: true
+            :source: |2
+                def self.compare(s1, s2)
+                  ActiveSupport::SecurityUtils.secure_compare(s1, s2)
+                end
       - :name: active_support
         :type: package
         :children:
@@ -603,6 +737,15 @@ describe 'AppMap class Hooking', docker: false do
               :labels:
               - security
               - crypto
+              :comment: |
+                # Constant time string comparison, for variable length strings.
+                #
+                # The values are first processed by SHA256, so that we don't leak length info
+                # via timing attacks.
+              :source: |2
+                    def secure_compare(a, b)
+                      fixed_length_secure_compare(::Digest::SHA256.digest(a), ::Digest::SHA256.digest(b)) && a == b
+                    end
       - :name: openssl
         :type: package
         :children:
@@ -624,7 +767,7 @@ describe 'AppMap class Hooking', docker: false do
       config, tracer = invoke_test_file 'spec/fixtures/hook/compare.rb' do
         expect(Compare.compare('string', 'string')).to be_truthy
       end
-      cm = AppMap::Util.sanitize_paths(AppMap::ClassMap.build_from_methods(config, tracer.event_methods))
+      cm = AppMap::Util.sanitize_paths(AppMap::ClassMap.build_from_methods(tracer.event_methods))
       entry = cm[1][:children][0][:children][0][:children][0]
       # Sanity check, make sure we got the right one
       expect(entry[:name]).to eq('secure_compare')