console1984 0.1.8 → 0.1.12

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: bc64d037f2de5570292e0b09710b4543a68ba1af12759150cc68e7b7f4dd6e16
-  data.tar.gz: c5929af5061393a32c4df38022535d53c62aaaabe951727798e340322fb0d950
+  metadata.gz: a3bfdacf3954fbc30c23046c89f7951d061c419533685fb5ecc2db6a6cf41a1d
+  data.tar.gz: 0b26c9effb7ffdd1df5ca51c344c53c3d9260bef1b02c4c2d9e6c8949dceb032
 SHA512:
-  metadata.gz: b64f422bcdd421e7a874af965c9ee615f6d873e0d2a685d68667216fd1ee91d4e8e4815d4dd9e78ef7838a75763fb898be1f328c8466a137f1782a4121531da6
-  data.tar.gz: ce7e1f60bfdb666abe3c85a02ddaa1ac25344c994a1471ec64d07cd15f8aac5735bcd0608497e71d9813cf111cdb76f414a2373eb8dbef14b983757ba3876812
+  metadata.gz: b24bf1fbfc353fdd8b5ac2194f4f30588281269748ea192def291cdedc19697b1bd75bff71baec0761e45ff08ec78aca78ff41d0b78c8ca6ae1cea4bdb43512e
+  data.tar.gz: 43628c0bd4f76662b65f1c343885618a4c54e2b8b40d536720f8c3eecd696ae51c03c78329810387598e68042622b6c6c15f6b015caf3b93d6fb3779bf349f95

data/config/protections.yml

@@ -1,12 +1,14 @@
-static_validations:
+validations:
   forbidden_reopening:
     - ActiveRecord
     - Console1984
     - PG
     - Mysql2
+    - IRB
   forbidden_constant_reference:
     always:
       - Console1984
+      - IRB
     protected:
       - PG
       - Mysql2
@@ -16,15 +18,14 @@ static_validations:
     - Console1984
     - secret
     - credentials
+    - irb
 forbidden_methods:
-  always:
-  user:
-    Kernel:
-      - eval
-    Object:
-      - eval
-    BasicObject:
-      - eval
-      - instance_eval
-    Module:
-      - class_eval
+  Kernel:
+    - eval
+  Object:
+    - eval
+  BasicObject:
+    - eval
+    - instance_eval
+  Module:
+    - class_eval

data/lib/console1984/command_executor.rb

@@ -19,11 +19,15 @@ class Console1984::CommandExecutor
     run_as_system { session_logger.before_executing commands }
     validate_command commands
     execute_in_protected_mode(&block)
-  rescue Console1984::Errors::ForbiddenCommand, FrozenError => e
+  rescue Console1984::Errors::ForbiddenCommandAttempted, FrozenError
     flag_suspicious(commands)
-  rescue Console1984::Errors::SuspiciousCommand
+  rescue Console1984::Errors::SuspiciousCommandAttempted
     flag_suspicious(commands)
     execute_in_protected_mode(&block)
+  rescue Console1984::Errors::ForbiddenCommandExecuted
+    # We detected that a forbidden command was executed. We exit IRB right away.
+    flag_suspicious(commands)
+    Console1984.supervisor.exit_irb
   ensure
     run_as_system { session_logger.after_executing commands }
   end
@@ -65,13 +69,21 @@ class Console1984::CommandExecutor
     command_validator.validate(command)
   end
 
+  def from_irb?(backtrace)
+    executing_user_command? && backtrace.find do |line|
+      line_from_irb = line =~ /^[^\/]/
+      break if !(line =~ /console1984\/lib/ || line_from_irb)
+      line_from_irb
+    end
+  end
+
   private
     def command_validator
       @command_validator ||= build_command_validator
     end
 
     def build_command_validator
-      Console1984::CommandValidator.from_config(Console1984.protections_config.static_validations)
+      Console1984::CommandValidator.from_config(Console1984.protections_config.validations)
     end
 
     def flag_suspicious(commands)

data/lib/console1984/command_validator/.command_parser.rb

@@ -0,0 +1,69 @@
+# Naming class with dot so that it doesn't get loaded eagerly by Zeitwork. We want to load
+# only when a console session is started, when +parser+ is loaded.
+#
+# See +Console1984::Supervisor#require_dependencies+
+class Console1984::CommandValidator::CommandParser < ::Parser::AST::Processor
+  include AST::Processor::Mixin
+  include Console1984::Freezeable
+
+  def initialize
+    @constants = []
+    @declared_classes_or_modules = []
+    @constant_assignments = []
+  end
+
+  # We define accessors to define lists without duplicates. We are not using a +SortedSet+ because we want
+  # to mutate strings in the list while the processing is happening. And we don't use metapgroamming to define the
+  # accessors to prevent having problems with freezable and its instance_variable* protection.
+
+  def constants
+    @constants.uniq
+  end
+
+  def declared_classes_or_modules
+    @declared_classes_or_modules.uniq
+  end
+
+  def constant_assignments
+    @constant_assignments.uniq
+  end
+
+  def on_class(node)
+    super
+    const_declaration, _, _ = *node
+    constant = extract_constants(const_declaration).first
+    @declared_classes_or_modules << constant if constant.present?
+  end
+
+  alias_method :on_module, :on_class
+
+  def on_const(node)
+    super
+    name, const_name = *node
+    const_name = const_name.to_s
+    last_constant = @constants.last
+
+    if name.nil? || (name && name.type == :cbase) # cbase = leading ::
+      if last_constant&.end_with?("::")
+        last_constant << const_name
+      else
+        @constants << const_name
+      end
+    elsif last_constant
+      last_constant << "::#{const_name}"
+    end
+  end
+
+  def on_casgn(node)
+    super
+    scope_node, name, value_node = *node
+    @constant_assignments.push(*extract_constants(value_node))
+  end
+
+  private
+    def extract_constants(node)
+      self.class.new.tap do |processor|
+        processor.process(node)
+      end.constants
+    end
+end

data/lib/console1984/command_validator/forbidden_constant_reference_validation.rb

@@ -14,11 +14,11 @@ class Console1984::CommandValidator::ForbiddenConstantReferenceValidation
     @constant_names_forbidden_in_protected_mode = config[:protected] || []
   end
 
-  # Raises a Console1984::Errors::ForbiddenCommand if a banned constant is referenced.
+  # Raises a Console1984::Errors::ForbiddenCommandAttempted if a banned constant is referenced.
   def validate(parsed_command)
     if contains_invalid_const_reference?(parsed_command, @forbidden_constants_names) ||
       (@shield.protected_mode? && contains_invalid_const_reference?(parsed_command, @constant_names_forbidden_in_protected_mode))
-      raise Console1984::Errors::ForbiddenCommand
+      raise Console1984::Errors::ForbiddenCommandAttempted
     end
   end
 

data/lib/console1984/command_validator/forbidden_reopening_validation.rb

@@ -8,11 +8,11 @@ class Console1984::CommandValidator::ForbiddenReopeningValidation
     @banned_class_or_module_names = banned_classes_or_modules.collect(&:to_s)
   end
 
-  # Raises a Console1984::Errors::ForbiddenCommand if an banned class or module reopening
+  # Raises a Console1984::Errors::ForbiddenCommandAttempted if an banned class or module reopening
   # is detected.
   def validate(parsed_command)
     if contains_invalid_class_or_module_declaration?(parsed_command)
-      raise Console1984::Errors::ForbiddenCommand
+      raise Console1984::Errors::ForbiddenCommandAttempted
     end
   end
 

data/lib/console1984/command_validator/parsed_command.rb

@@ -6,85 +6,19 @@ class Console1984::CommandValidator::ParsedCommand
 
   attr_reader :raw_command
 
-  delegate :declared_classes_or_modules, :constants, :constant_assignments, to: :processed_ast
+  delegate :declared_classes_or_modules, :constants, :constant_assignments, to: :command_parser
 
   def initialize(raw_command)
     @raw_command = Array(raw_command).join("\n")
   end
 
   private
-    def processed_ast
-      @processed_ast ||= CommandProcessor.new.tap do |processor|
+    def command_parser
+      @command_parser ||= Console1984::CommandValidator::CommandParser.new.tap do |processor|
         ast = Parser::CurrentRuby.parse(raw_command)
         processor.process(ast)
       rescue Parser::SyntaxError
         # Fail open with syntax errors
       end
     end
-
-    class CommandProcessor < ::Parser::AST::Processor
-      include AST::Processor::Mixin
-      include Console1984::Freezeable
-
-      def initialize
-        @constants = []
-        @declared_classes_or_modules = []
-        @constant_assignments = []
-      end
-
-      # We define accessors to define lists without duplicates. We are not using a +SortedSet+ because we want
-      # to mutate strings in the list while the processing is happening. And we don't use metapgroamming to define the
-      # accessors to prevent having problems with freezable and its instance_variable* protection.
-
-      def constants
-        @constants.uniq
-      end
-
-      def declared_classes_or_modules
-        @declared_classes_or_modules.uniq
-      end
-
-      def constant_assignments
-        @constant_assignments.uniq
-      end
-
-      def on_class(node)
-        super
-        const_declaration, _, _ = *node
-        constant = extract_constants(const_declaration).first
-        @declared_classes_or_modules << constant if constant.present?
-      end
-
-      alias_method :on_module, :on_class
-
-      def on_const(node)
-        super
-        name, const_name = *node
-        const_name = const_name.to_s
-        last_constant = @constants.last
-
-        if name.nil? || (name && name.type == :cbase) # cbase = leading ::
-          if last_constant&.end_with?("::")
-            last_constant << const_name
-          else
-            @constants << const_name
-          end
-        elsif last_constant
-          last_constant << "::#{const_name}"
-        end
-      end
-
-      def on_casgn(node)
-        super
-        scope_node, name, value_node = *node
-        @constant_assignments.push(*extract_constants(value_node))
-      end
-
-      private
-        def extract_constants(node)
-          self.class.new.tap do |processor|
-            processor.process(node)
-          end.constants
-        end
-    end
 end

data/lib/console1984/command_validator/suspicious_terms_validation.rb

@@ -9,7 +9,7 @@ class Console1984::CommandValidator::SuspiciousTermsValidation
   # Raises a Console1984::Errors::SuspiciousCommand if the term is referenced.
   def validate(parsed_command)
     if contains_suspicious_term?(parsed_command)
-      raise Console1984::Errors::SuspiciousCommand
+      raise Console1984::Errors::SuspiciousCommandAttempted
     end
   end
 

data/lib/console1984/command_validator.rb

@@ -5,7 +5,7 @@
 #
 # The validation itself happens as a chain of validation objects. The system will invoke
 # each validation in order. Validations will raise an error if the validation fails (typically
-# a Console1984::Errors::ForbiddenCommand or Console1984::Errors::SuspiciousCommands).
+# a Console1984::Errors::ForbiddenCommandAttempted or Console1984::Errors::SuspiciousCommands).
 #
 # Internally, validations will receive a Console1984::CommandValidator::ParsedCommand object. This
 # exposes parsed constructs in addition to the raw strings so that validations can use those.

data/lib/console1984/errors.rb

@@ -10,11 +10,15 @@ module Console1984
 
     # Attempt to execute a command that is not allowed. The system won't
     # execute such commands and will flag them as sensitive.
-    class ForbiddenCommand < StandardError; end
+    class ForbiddenCommandAttempted < StandardError; end
 
     # A suspicious command was executed. The command will be flagged but the system
     # will let it run.
-    class SuspiciousCommand < StandardError; end
+    class SuspiciousCommandAttempted < StandardError; end
+
+    # A forbidden command was executed. The system will flag the command
+    # and exit.
+    class ForbiddenCommandExecuted < StandardError; end
 
     # Attempt to incinerate a session ahead of time as determined by
     # +config.console1984.incinerate_after+.

data/lib/console1984/ext/active_record/protected_auditable_tables.rb

@@ -6,7 +6,7 @@ module Console1984::Ext::ActiveRecord::ProtectedAuditableTables
     define_method method do |*args, **kwargs|
       sql = args.first
       if Console1984.command_executor.executing_user_command? && sql =~ auditable_tables_regexp
-        raise Console1984::Errors::ForbiddenCommand, "#{sql}"
+        raise Console1984::Errors::ForbiddenCommandAttempted, "#{sql}"
       else
         super(*args, **kwargs)
       end

data/lib/console1984/ext/core/module.rb

@@ -7,9 +7,26 @@ module Console1984::Ext::Core::Module
 
   def instance_eval(*)
     if Console1984.command_executor.executing_user_command?
-      raise Console1984::Errors::ForbiddenCommand
+      raise Console1984::Errors::ForbiddenCommandAttempted
     else
       super
     end
   end
+
+  def method_added(method)
+    if Console1984.command_executor.from_irb?(caller) && banned_for_reopening?
+      raise Console1984::Errors::ForbiddenCommandExecuted, "Trying to add method `#{method}` to #{self.name}"
+    end
+  end
+
+  private
+    def banned_for_reopening?
+      classes_and_modules_banned_for_reopening.find do |banned_class_or_module_name|
+        "#{self.name}::".start_with?("#{banned_class_or_module_name}::")
+      end
+    end
+
+    def classes_and_modules_banned_for_reopening
+      @classes_and_modules_banned_for_reopening ||= Console1984.protections_config.validations[:forbidden_reopening]
+    end
 end

data/lib/console1984/ext/core/object.rb

@@ -25,7 +25,7 @@ module Console1984::Ext::Core::Object
           # See the list +forbidden_reopening+ in +config/command_protections.yml+.
           Console1984.command_executor.validate_command("class #{arguments.first}; end")
           super
-        rescue Console1984::Errors::ForbiddenCommand
+        rescue Console1984::Errors::ForbiddenCommandAttempted
           raise
         rescue StandardError
           super

data/lib/console1984/freezeable.rb

@@ -39,7 +39,7 @@ module Console1984::Freezeable
     private
       def prevent_sensitive_method(method_name)
         define_method method_name do |*arguments|
-          raise Console1984::Errors::ForbiddenCommand, "You can't invoke #{method_name} on #{self}"
+          raise Console1984::Errors::ForbiddenCommandAttempted, "You can't invoke #{method_name} on #{self}"
         end
       end
   end

data/lib/console1984/protections_config.rb

@@ -1,7 +1,7 @@
 class Console1984::ProtectionsConfig
   include Console1984::Freezeable
 
-  delegate :static_validations, to: :instance
+  delegate :validations, to: :instance
 
   attr_reader :config
 
@@ -9,7 +9,7 @@ class Console1984::ProtectionsConfig
     @config = config
   end
 
-  %i[ static_validations forbidden_methods ].each do |method_name|
+  %i[ validations forbidden_methods ].each do |method_name|
     define_method method_name do
       config[method_name].symbolize_keys
     end

data/lib/console1984/refrigerator.rb

@@ -11,14 +11,17 @@ class Console1984::Refrigerator
   end
 
   private
-    EXTERNAL_MODULES_AND_CLASSES_TO_FREEZE = [Parser::CurrentRuby]
-
     def freeze_internal_instances
       Console1984.config.freeze unless Console1984.config.test_mode
     end
 
     def freeze_external_modules_and_classes
-      EXTERNAL_MODULES_AND_CLASSES_TO_FREEZE.each { |klass| klass.include(Console1984::Freezeable) }
+      external_modules_and_classes_to_freeze.each { |klass| klass.include(Console1984::Freezeable) }
+    end
+
+    def external_modules_and_classes_to_freeze
+      # Not using a constant because we want this to run lazily (console-dependant dependencies might not be loaded).
+      [Parser::CurrentRuby]
     end
 
     def eager_load_all_classes
@@ -26,7 +29,3 @@ class Console1984::Refrigerator
       Console1984.class_loader.eager_load
     end
 end
-
-class Parser::Ruby27
-  include Console1984::Freezeable
-end

data/lib/console1984/shield/method_invocation_shell.rb

@@ -3,22 +3,20 @@ class Console1984::Shield::MethodInvocationShell
   include Console1984::Freezeable
 
   class << self
-    def install_for(config)
-      Array(config[:user]).each { |invocation| self.new(invocation, only_for_user_commands: true).prevent_methods_invocation }
-      Array(config[:system]).each { |invocation| self.new(invocation, only_for_user_commands: false).prevent_methods_invocation }
+    def install_for(invocations)
+      Array(invocations).each { |invocation| self.new(invocation).prevent_methods_invocation }
     end
   end
 
   attr_reader :class_name, :methods, :only_for_user_commands
 
-  def initialize(invocation, only_for_user_commands:)
+  def initialize(invocation)
     @class_name, methods = invocation.to_a
     @methods = Array(methods)
-    @only_for_user_commands = only_for_user_commands
   end
 
   def prevent_methods_invocation
-    class_name.constantize.prepend build_protection_module
+    class_name.to_s.constantize.prepend build_protection_module
   end
 
   def build_protection_module
@@ -37,12 +35,8 @@ class Console1984::Shield::MethodInvocationShell
   def protected_method_invocation_source_for(method)
     <<~RUBY
       def #{method}(*args)
-        if (!#{only_for_user_commands} || Console1984.command_executor.executing_user_command?) && caller.find do |line|
-            line_from_irb = line =~ /^[^\\/]/
-            break if !(line =~ /console1984\\/lib/ || line_from_irb)
-            line_from_irb
-          end
-          raise Console1984::Errors::ForbiddenCommand
+        if Console1984.command_executor.from_irb?(caller)
+          raise Console1984::Errors::ForbiddenCommandAttempted
         else
           super
         end

data/lib/console1984/supervisor.rb

@@ -30,12 +30,21 @@ class Console1984::Supervisor
     stop_session
   end
 
+  def exit_irb
+    stop
+    IRB.CurrentContext.exit
+  end
+
   private
     def require_dependencies
       Kernel.silence_warnings do
         require 'parser/current'
       end
       require 'colorized_string'
+
+      # Explicit lazy loading because it depends on +parser+, which we want to only load
+      # in console sessions.
+      require_relative "./command_validator/.command_parser"
     end
 
     def start_session

data/lib/console1984/version.rb

@@ -1,3 +1,3 @@
 module Console1984
-  VERSION = '0.1.8'
+  VERSION = '0.1.12'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: console1984
 version: !ruby/object:Gem::Version
-  version: 0.1.8
+  version: 0.1.12
 platform: ruby
 authors:
 - Jorge Manrubia
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2021-09-05 00:00:00.000000000 Z
+date: 2021-09-09 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: colorize
@@ -200,6 +200,7 @@ files:
 - lib/console1984.rb
 - lib/console1984/command_executor.rb
 - lib/console1984/command_validator.rb
+- lib/console1984/command_validator/.command_parser.rb
 - lib/console1984/command_validator/forbidden_constant_reference_validation.rb
 - lib/console1984/command_validator/forbidden_reopening_validation.rb
 - lib/console1984/command_validator/parsed_command.rb