cased-ruby 0.3.3

data/lib/cased/response.rb

@@ -0,0 +1,37 @@
+# frozen_string_literal: true
+
+module Cased
+  class Response
+    attr_reader :body
+    attr_reader :exception
+
+    def initialize(response: nil, exception: nil)
+      @response = response
+      @body = response&.body
+      @exception = exception
+    end
+
+    def error
+      @exception.presence || (body && body['error']).presence
+    end
+
+    def error?
+      # If there was an exception during the execution of the request.
+      return true if @exception.present?
+
+      # If the HTTP response was outside of 200-299
+      return true unless @response.success?
+
+      # If the HTTP response contained an error key.
+      return true if body && body['error'].present?
+
+      false
+    end
+
+    def success?
+      return false if @response.nil?
+
+      @response.success?
+    end
+  end
+end

data/lib/cased/sensitive.rb

@@ -0,0 +1,4 @@
+# frozen_string_literal: true
+
+require 'cased/sensitive/processor'
+require 'cased/sensitive/handler'

data/lib/cased/sensitive/handler.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Cased
+  module Sensitive
+    class Handler
+      def self.handlers
+        @handlers ||= []
+      end
+
+      class << self
+        attr_writer :handlers
+      end
+
+      def self.register(label, handler)
+        handlers << Handler.new(label, handler)
+      end
+
+      attr_reader :label
+
+      def initialize(label, handler)
+        @label = label.to_sym
+        @handler = prepare_handler(handler)
+      end
+
+      def call(audit_event, key, value)
+        @handler.call(audit_event, key.to_sym, value)
+      end
+
+      private
+
+      def prepare_handler(handler)
+        case handler
+        when Regexp
+          proc do |_audit_event, key, value|
+            string = Cased::Sensitive::String.new(value)
+            string.matches(handler).collect do |match|
+              begin_offset = match.begin(0)
+              end_offset = match.end(0)
+
+              Cased::Sensitive::Range.new(
+                label: label,
+                key: key,
+                begin_offset: begin_offset,
+                end_offset: end_offset,
+              )
+            end
+          end
+        else
+          raise ArgumentError, "expected #{handler} to be a Regexp or Proc"
+        end
+      end
+    end
+  end
+end

data/lib/cased/sensitive/processor.rb

@@ -0,0 +1,78 @@
+# frozen_string_literal: true
+
+require 'cased/sensitive/string'
+
+module Cased
+  module Sensitive
+    class Processor
+      def self.process(audit_event, handlers = nil)
+        handlers ||= Cased::Sensitive::Handler.handlers
+        processor = new(audit_event, handlers)
+        processor.process
+        processor
+      end
+
+      def self.process!(audit_event, handlers = nil)
+        processor = process(audit_event, handlers)
+        return unless processor.sensitive?
+
+        audit_event[:'.cased'] = {
+          pii: processor.to_h,
+        }
+      end
+
+      attr_reader :audit_event
+      attr_reader :handlers
+
+      def initialize(audit_event, handlers)
+        @audit_event = audit_event.dup.freeze
+        @ranges = []
+        @handlers = handlers
+      end
+
+      def process
+        return true if defined?(@processed)
+
+        walk(audit_event)
+        @processed = true
+      end
+
+      def ranges
+        @ranges.flatten
+      end
+
+      def sensitive?
+        process && ranges.any?
+      end
+
+      def to_h
+        results = {}
+        ranges.each do |range|
+          results[range.key] ||= []
+          results[range.key] << range.to_h
+        end
+        results
+      end
+
+      private
+
+      def walk(hash)
+        hash.each_with_json_path do |path, value|
+          case value
+          when Cased::Sensitive::String
+            @ranges << value.range(key: path)
+          when ::String
+            process_handlers(audit_event, path, value)
+          end
+        end
+      end
+
+      def process_handlers(audit_event, path, value)
+        handlers.each do |handler|
+          ranges = handler.call(audit_event, path, value)
+          @ranges << ranges unless ranges.nil? || ranges.empty?
+        end
+      end
+    end
+  end
+end

data/lib/cased/sensitive/range.rb

@@ -0,0 +1,54 @@
+# frozen_string_literal: true
+
+module Cased
+  module Sensitive
+    class Range
+      # Public: The human label describing what sensitive information was
+      # label. Username, email, date of birth, etc.
+      attr_reader :label
+
+      # Public: The JSON key.
+      attr_reader :key
+
+      # Public: This is the identifier that groups sensitive ranges together.
+      # This could be an identifier to an individual for example.
+      attr_reader :identifier
+
+      # Public: The beginning offset of the sensitive value in the original value.
+      attr_reader :begin_offset
+
+      # Public: The end offset of the sensitive value in the original value.
+      attr_reader :end_offset
+
+      def initialize(label: nil, key:, begin_offset:, end_offset:, identifier: nil)
+        raise ArgumentError, 'missing key' if key.nil?
+        raise ArgumentError, 'missing begin_offset' if begin_offset.nil?
+        raise ArgumentError, 'missing end_offset' if end_offset.nil?
+
+        @label = label
+        @key = key
+        @identifier = identifier
+        @begin_offset = begin_offset
+        @end_offset = end_offset
+      end
+
+      def ==(other)
+        @begin_offset == other.begin_offset &&
+          @end_offset == other.end_offset &&
+          @label == other.label &&
+          @key == other.key &&
+          @identifier == other.identifier
+      end
+
+      def to_h
+        {
+          begin: @begin_offset,
+          end: @end_offset,
+        }.tap do |hash|
+          hash[:label] = label if label
+          hash[:identifier] = identifier if identifier
+        end
+      end
+    end
+  end
+end

data/lib/cased/sensitive/result.rb

@@ -0,0 +1,8 @@
+# frozen_string_literal: true
+
+module Cased
+  module Sensitive
+    class Result
+    end
+  end
+end

data/lib/cased/sensitive/string.rb

@@ -0,0 +1,43 @@
+# frozen_string_literal: true
+
+require 'cased/sensitive/range'
+
+module Cased
+  module Sensitive
+    class String < String
+      attr_reader :label
+      attr_reader :string
+
+      def initialize(string, label: nil)
+        super(string)
+        @label = label
+      end
+
+      def range(key:)
+        Cased::Sensitive::Range.new(
+          label: label,
+          key: key,
+          begin_offset: 0,
+          end_offset: length,
+        )
+      end
+
+      def matches(regex)
+        offset = 0
+        matches = []
+
+        while (result = match(regex, offset))
+          matches.push(result)
+          offset = result.end(0)
+        end
+
+        matches
+      end
+
+      def ==(other)
+        super(other) &&
+          @label == other.label
+      end
+    end
+  end
+end

data/lib/cased/test_helper.rb

@@ -0,0 +1,188 @@
+# frozen_string_literal: true
+
+require 'active_support/core_ext/hash/keys'
+
+module Cased
+  module TestHelper
+    def before_setup
+      @original_cased_publishers = Cased.publishers
+      Cased.publishers = [
+        cased_test_publisher,
+      ]
+
+      clear_cased_events
+      clear_cased_context
+      super
+    end
+
+    def after_teardown
+      super
+
+      Cased.publishers = @original_cased_publishers
+    end
+
+    # Clears all published events in the test Cased publisher
+    def clear_cased_events
+      cased_events.clear
+    end
+
+    def clear_cased_context
+      Cased::Context.clear!
+    end
+
+    def cased_events
+      cased_test_publisher.events
+    end
+
+    # Assertion that helps with testing that a number of events have been published to Cased.
+    #
+    # @param expected_event_count [Integer] The number of expected Cased events to be published.
+    # @param expected_event_body [Hash] Expected event to be published to Cased.
+    #
+    # @example Expected events with a filter inside of a block
+    #   def test_creates_user_create_event
+    #     assert_cased_events 1, action: 'user.create' do
+    #       create(:user)
+    #     end
+    #   end
+    #
+    # @example Expected events without a filter inside of a block
+    #   def test_creates_user_create_event
+    #     assert_cased_events 1 do
+    #       create(:user)
+    #     end
+    #   end
+    #
+    # @example Expected events with a filter for the duration of the test
+    #   def test_creates_user_create_event
+    #     create(:user)
+    #
+    #     assert_cased_events 1, action: 'user.create'
+    #   end
+    #
+    # @example Expected events without a filter for the duration of the test
+    #   def test_creates_user_create_event
+    #     create(:user)
+    #
+    #     assert_cased_events 1
+    #   end
+    #
+    # @example Cased::Model value hash
+    #   def test_creates_user_create_event
+    #     user = create(:user)
+    #
+    #     assert_cased_events 1, action: 'user.login', user: user
+    #   end
+    #
+    # @return [void]
+    def assert_cased_events(expected_event_count, expected_event_body = nil, &block)
+      expected_event_body&.deep_symbolize_keys!
+
+      actual_event_count = if block
+        events_before_block = cased_events_with(expected_event_body)
+
+        block&.call
+
+        events_after_block = cased_events_with(expected_event_body)
+
+        events_after_block.length - events_before_block.length
+      else
+        cased_events_with(expected_event_body).length
+      end
+
+      assert_equal expected_event_count, actual_event_count, "#{expected_event_count} Cased published events expected, but #{actual_event_count} were published"
+    end
+
+    # Assertion that expects there to have been zero matching Cased events.
+    #
+    # @param expected_event_body [Hash] Expected event not to be published to Cased.
+    #
+    # @example Expected no events with a filter inside of a block
+    #   def test_creates_bot_account
+    #     assert_no_cased_events action: 'bot.create' do
+    #       create(:bot)
+    #     end
+    #   end
+    #
+    # @example Expected no events inside of a block
+    #   def test_creates_bot_account
+    #     assert_no_cased_events do
+    #       create(:bot)
+    #     end
+    #   end
+    #
+    # @example Expected no events containing a subset of the event body for the duration of the test
+    #   def test_creates_bot_account
+    #     create(:bot)
+    #
+    #     assert_no_cased_events action: 'bot.create'
+    #   end
+    #
+    # @example Expected no events for the duration of the test
+    #   def test_creates_bot_account
+    #     create(:bot)
+    #
+    #     assert_no_cased_events
+    #   end
+    #
+    # @return [void]
+    def assert_no_cased_events(expected_event_body = nil, &block)
+      assert_cased_events(0, expected_event_body, &block)
+    end
+
+    # Locates all published events matching a particular shape.
+    #
+    # @param expected_event [Hash] the shape of event expected to be published to Cased
+    #
+    # @example Simple hash
+    #   cased_events_with(action: 'user.login') # => [{ action: 'user.login', actor: 'garrett@cased.com' }, { action: 'user.login', actor: 'ted@cased.com' }]
+    #
+    # @example Nested hash
+    #   cased_events_with(issues: [{ issue_id: 1 }]) # => [{ action: 'user.login', issues: [{ issue_id: 1 }, { issue_id: 2 }]}]
+    #
+    # @example Cased::Model value hash
+    #   user = User.new
+    #   user.cased_context # => { user: 'garrett@cased.com', user_id: 'user_1234' }
+    #   cased_events_with(user: user) # => [{ user: 'garrett@cased.com', user_id: 'user_1234' }]
+    #
+    # @return [Array<Hash>] Array of matching published Cased events.
+    # @raises [ArgumentError] if expected_event is empty.
+    def cased_events_with(expected_event = {})
+      return cased_events.dup if expected_event.nil?
+
+      if expected_event.empty?
+        raise ArgumentError, 'You must call cased_events_with with a non empty Hash otherwise it will match all events'
+      end
+
+      expanded_expected_event = Cased::Context::Expander.expand(expected_event)
+      if expanded_expected_event.empty?
+        raise ArgumentError, <<~MSG.strip
+          cased_events_with would have matched any published Cased event.
+
+          cased_events_with was called with #{expected_event.inspect} but resulted into #{expanded_expected_event} after it was expanded.
+
+          This typically happens when an object that includes Cased::Model does not implement either the #cased_id or #to_s method.
+        MSG
+      end
+
+      # We need to normalize input as it could be a mix of strings and symbols.
+      expected_event.deep_symbolize_keys!
+      expanded_expected_event = expanded_expected_event.to_a
+
+      events = cased_events.dup.collect(&:deep_symbolize_keys).collect(&:to_a)
+      matching_events = events.select do |event|
+        diff = expanded_expected_event - event
+        diff.empty?
+      end
+
+      matching_events.collect(&:to_h)
+    end
+
+    # The test published used for the duration of the test.
+    #
+    # @return [Cased::Publishers::TestPublisher]
+    def cased_test_publisher
+      @cased_test_publisher ||= Cased::Publishers::TestPublisher.new
+    end
+  end
+end