contrast-agent 6.0.0 → 6.1.2

data/lib/contrast/utils/class_util.rb

@@ -33,7 +33,7 @@ module Contrast
         #   need to check
         # @return [Boolean] if this method specifically was prepended
         def prepended_method? mod, method_policy
-          target_module = determine_target_class mod, method_policy.instance_method
+          target_module = determine_target_class(mod, method_policy.instance_method)
           ancestors = target_module.ancestors
           return false unless prepended?(target_module, ancestors)
 
@@ -60,13 +60,13 @@ module Contrast
           # Only treat object like a string if it actually is a string+ some subclasses of String override string
           # methods we depend on
           if object.cs__class == String
-            return @string_cache[object] if @string_cache.key? object
+            return @string_cache[object] if @string_cache.key?(object)
 
             @string_cache[object] = to_cached_string(object) || object.dup
           else
-            return @lru_cache[object.__id__] if @lru_cache.key? object.__id__
+            return @lru_cache[object.__id__] if @lru_cache.key?(object.__id__)
 
-            @lru_cache[object.__id__] = convert_object object
+            @lru_cache[object.__id__] = convert_object(object)
           end
         end
 
@@ -86,13 +86,9 @@ module Contrast
           end
         end
 
-        # The method const_defined? can cause autoload, which is bad for us. The method autoload? doesn't traverse
-        # namespaces. This method lets us provide a constant, as a String, and parse it to determine if it has been
-        # truly truly defined, meaning it existed before this method was invoked, not as a result of it.
+        # The method Module.const_defined? can raise an exception if the constant is poorly named. As such, we need to
+        # handle the case where that exception is raised.
         #
-        # TODO: RUBY-1326
-        # This is required to handle a bug in Ruby prior to 2.7.0. When we drop support for 2.6.X, we should remove
-        # this code. https://bugs.ruby-lang.org/issues/10741
         # @param name [String] the name of the constant to look up
         # @return [Boolean]
         def truly_defined? name

data/lib/contrast/utils/findings.rb

@@ -34,7 +34,7 @@ module Contrast
       # @param ret [Object] the Return of the invoked method
       # @param args [Array<Object>] the Arguments with which the method was invoked
       def collect_finding trigger_node, source, object, ret, *args
-        push trigger_node, source, object, ret, args
+        push(trigger_node, source, object, ret, args)
         logger.trace('Finding collected', node_id: trigger_node.id,
                                           source_id: source.__id__,
                                           rule: trigger_node.rule_id)
@@ -52,11 +52,11 @@ module Contrast
 
         while @_collection.any?
           finding = @_collection.pop
-          Contrast::Agent::Assess::Policy::TriggerMethod.build_finding finding[:trigger_node],
+          Contrast::Agent::Assess::Policy::TriggerMethod.build_finding(finding[:trigger_node],
                                                                        finding[:source],
                                                                        finding[:object],
                                                                        finding[:ret],
-                                                                       finding[:args]
+                                                                       finding[:args])
         end
         true
       end

data/lib/contrast/utils/hash_digest.rb

@@ -15,8 +15,8 @@ module Contrast
     class HashDigest < Digest::Class
       include Digest::Instance
       extend Contrast::Utils::HashDigestExtend
-
       CONTENT_LENGTH_HEADER = 'Content-Length'
+      CHARS = %w[a b c d e f g].cs__freeze
       CRYPTO_RULES = %w[crypto-bad-ciphers crypto-bad-mac].cs__freeze
       CONFIG_PATH_KEY = 'path'
       CONFIG_SESSION_ID_KEY = 'sessionId'
@@ -24,6 +24,11 @@ module Contrast
       CLASS_CONSTANT_NAME_KEY = 'name'
       CLASS_LINE_NO_KEY = 'lineNo'
 
+      def initialize
+        super
+        @crc32 = 0
+      end
+
       # Update to CRC checksum the finding route and verb if finding route
       # [Contrast::Api::Dtm::RouteCoverage] is available else update the passed
       # request or Contrast::REQUEST_TRACKER.current.request uri and used request
@@ -77,7 +82,6 @@ module Contrast
         end
       end
 
-      CHARS = %w[a b c d e f g].cs__freeze
       # This method converts and integer value for length into a string value
       # that we can hash on, based on the logarithmic value of the length, and
       # updates the current hash with that value.
@@ -86,11 +90,6 @@ module Contrast
         update(CHARS[Math.log10(chr.to_s.length).to_i] || CHARS[-1])
       end
 
-      def initialize
-        super
-        @crc32 = 0
-      end
-
       # Converts  given string to CRC checksum. CRC32 checksum ensures that If error
       # of a single bit occurs, the CRC checksum will fail, regardless of any other
       # property of the transmitted data, including its length. Called several times

data/lib/contrast/utils/head_dump_utils_extend.rb

@@ -13,7 +13,7 @@ module Contrast
         delay  = control[:delay]
         clean  = control[:clean]
 
-        logger.info <<~WARNING
+        logger.info(<<~WARNING)
           *****************************************************
           ********      HEAP DUMP HAS BEEN ENABLED     ********
           *** APPLICATION PROCESS WILL EXIT UPON COMPLETION ***

data/lib/contrast/utils/invalid_configuration_util.rb

@@ -50,10 +50,10 @@ module Contrast
         new_preflight_message.data = "#{ rule_id },#{ hash_code }"
         new_preflight.messages << new_preflight_message
 
-        ruby_finding = Contrast::Agent::Reporting::Finding.new rule_id
+        ruby_finding = Contrast::Agent::Reporting::Finding.new(rule_id)
         ruby_finding.hash_code = hash_code
         set_new_finding_properties(ruby_finding, user_provided_options, call_location)
-        Contrast::Agent.reporter&.send_event_immediately(new_preflight)
+        Contrast::Agent.reporter&.send_event(new_preflight)
         Contrast::Agent::Reporting::ReportingStorage[hash_code] = ruby_finding
       end
 

data/lib/contrast/utils/log_utils.rb

@@ -3,6 +3,7 @@
 
 require 'socket'
 require 'contrast/agent/version'
+require 'contrast/logger/aliased_logging'
 
 module Contrast
   module Utils
@@ -37,6 +38,7 @@ module Contrast
         logger.extend(Contrast::Logger::Application)
         logger.extend(Contrast::Logger::Request)
         logger.extend(Contrast::Logger::Time)
+        logger.extend(Contrast::Logger::AliasedLogging) if Contrast::Utils::Telemetry.exceptions_enabled?
       end
 
       # Determine the valid path to which to log, given the precedence of config > settings > default.
@@ -62,13 +64,13 @@ module Contrast
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
           if previous_path != DEFAULT_NAME
-            $stdout.puts "[!] Unable to write to '#{ path }'. Writing to default log '#{ DEFAULT_NAME }' instead."
+            $stdout.puts("[!] Unable to write to '#{ path }'. Writing to default log '#{ DEFAULT_NAME }' instead.")
           end
           DEFAULT_NAME
         else
           # Log once when the path is invalid. We'll change to this path, so no
           # need to log again.
-          $stdout.puts "[!] Unable to write to '#{ path }'. Writing to standard out instead."
+          $stdout.puts("[!] Unable to write to '#{ path }'. Writing to standard out instead.")
           STDOUT_STR
         end
       end
@@ -139,7 +141,7 @@ module Contrast
                  end
         logger.progname = PROGNAME
         logger.level = level_const
-        change_logger_formatter logger
+        change_logger_formatter(logger)
         logger
       end
 
@@ -181,7 +183,7 @@ module Contrast
                            DEFAULT_METADATA
                          end
         app_name = ::Contrast::APP_CONTEXT.app_name
-        attach_request_and_sender_info message, sender_info
+        attach_request_and_sender_info(message, sender_info)
         message << "request=#{ context.request.url } "
         message << "requestMethod=#{ request_method } "
         message << "app=#{ app_name } "

data/lib/contrast/utils/lru_cache.rb

@@ -6,7 +6,7 @@ module Contrast
     # A LRU(Least Recently Used) Cache store.
     class LRUCache
       def initialize capacity = 500
-        raise StandardError 'Capacity must be bigger than 0' if capacity <= 0
+        raise(StandardError('Capacity must be bigger than 0')) if capacity <= 0
 
         @capacity = capacity
         @cache = {}

data/lib/contrast/utils/metrics_hash.rb

@@ -29,7 +29,7 @@ module Contrast
         value_val = value.dup
         key_val.strip! if key_val.cs__is_a?(String)
         value_val.strip! if value_val.cs__is_a?(String)
-        return unless valid_pair? key_val, value_val
+        return unless valid_pair?(key_val, value_val)
 
         key_val.downcase!
         key_val.strip!

data/lib/contrast/utils/middleware_utils.rb

@@ -37,12 +37,12 @@ module Contrast
       def handle_exception exception
         if security_exception?(exception)
           exception_control = ::Contrast::AGENT.exception_control
-          raise exception unless exception_control[:enable]
+          raise(exception) unless exception_control[:enable]
 
           [exception_control[:status], {}, [exception_control[:message]]]
         else
           logger.debug('Re-throwing original error', exception)
-          raise exception
+          raise(exception)
         end
       end
 
@@ -66,11 +66,11 @@ module Contrast
       # if .telemetry file doesn't exist we create one and then show the disclaimer.
       # if the file already exists we do nothing.
       def telemetry_disclaimer
-        return unless Contrast::Agent::Telemetry.enabled?
+        return unless Contrast::Agent::Telemetry::Base.enabled?
         return unless Contrast::Utils::Telemetry.create_telemetry_file
 
-        logger.info Contrast::Utils::Telemetry.disclaimer
-        $stdout.print Contrast::Utils::Telemetry.disclaimer
+        logger.info(Contrast::Utils::Telemetry.disclaimer)
+        $stdout.print(Contrast::Utils::Telemetry.disclaimer)
         true
       end
 
@@ -80,7 +80,7 @@ module Contrast
         end
       rescue Contrast::SecurityException => e
         logger.trace('Security Exception raised during application lifecycle to prevent an attack', e)
-        raise e
+        raise(e)
       end
     end
   end

data/lib/contrast/utils/net_http_base.rb

@@ -31,14 +31,14 @@ module Contrast
         return if addr.scheme != 'https' && !addr.host.to_s.include?('localhost') # TODO: RUBY-99999 allow http w/ localhost # rubocop:disable Layout/LineLength
 
         proxy_addr = URI(Contrast::API.proxy_url) if proxy_enabled?
-        net_http_client = initialize_client addr, proxy_addr, use_proxy, use_custom_cert
+        net_http_client = initialize_client(addr, proxy_addr, use_proxy, use_custom_cert)
         return if net_http_client.nil?
 
         net_http_client.start
         return unless net_http_client.started?
 
         logger.debug("Starting #{ service_name } connection test")
-        return unless connection_verified? net_http_client
+        return unless connection_verified?(net_http_client)
 
         logger.debug('Client verified', service: service_name, url: url)
         net_http_client
@@ -63,7 +63,7 @@ module Contrast
         response = client.request(Net::HTTP::Get.new(client.address))
         verify_cert = client.address.to_s.include?('localhost') ||
             OpenSSL::SSL.verify_certificate_identity(client.peer_cert, client.address)
-        resolved = resolved? client.address, ipaddr
+        resolved = resolved?(client.address, ipaddr)
         @_connection_verified = if resolved && response && verify_cert
                                   true
                                 else
@@ -91,7 +91,7 @@ module Contrast
       def resolved? address, ipaddr
         return @_resolved unless @_resolved.nil?
 
-        @_resolved = if (addresses = Resolv.getaddresses address)
+        @_resolved = if (addresses = Resolv.getaddresses(address))
                        addresses.any? { |addr| addr.include?(ipaddr) }
                      else
                        false

data/lib/contrast/utils/object_share.rb

@@ -10,7 +10,6 @@ module Contrast
     module ObjectShare
       # Strings
       ASTERISK =      '*'
-      AMPERSAND =     '&'
       BACK_SLASH =    '\\'
       EMPTY_STRING =  ''
       COLON =         ':'
@@ -24,6 +23,7 @@ module Contrast
       HTTPS_START =   'https:'
       NEW_LINE =      "\n"
       NIL_STRING =    'nil'
+      NIL_64_STRING = 'bmls'
       PERIOD =        '.'
       POUND_SIGN =    '#'
       QUESTION_MARK = '?'

data/lib/contrast/utils/os.rb

@@ -42,7 +42,7 @@ module Contrast
         end
 
         def mac?
-          @_mac = RUBY_PLATFORM.include? 'darwin' if @_mac.nil?
+          @_mac = RUBY_PLATFORM.include?('darwin') if @_mac.nil?
           @_mac
         end
 

data/lib/contrast/utils/patching/policy/patch_utils.rb

@@ -58,7 +58,7 @@ module Contrast
         rescue Contrast::SecurityException => e
           # We were told to block something, so we gotta. Don't catch this one, let it get back to our Middleware or
           # even all the way out to the framework
-          raise e
+          raise(e)
         rescue StandardError => e
           # Anything else was our bad and we gotta catch that to allow for normal application flow
           logger.error('Unable to apply pre patch to method.', e)
@@ -155,7 +155,7 @@ module Contrast
         rescue Exception => e # rubocop:disable Lint/RescueException
           logger.error('Unable to assess method call.', e)
           handle_return(propagated_ret, source_ret, ret)
-          raise e
+          raise(e)
         end
 
         # Generic invocation of the Inventory or Protect patch which apply to the given method.

data/lib/contrast/utils/request_utils.rb

@@ -31,7 +31,7 @@ module Contrast
             k = Contrast::Utils::StringUtils.force_utf8(k)
             nested_prefix = prefix.nil? ? k : "#{ prefix }[#{ k }]"
             hash[k] = Contrast::Utils::ObjectShare::EMPTY_STRING
-            hash.merge! normalize_params(v, prefix: nested_prefix)
+            hash.merge!(normalize_params(v, prefix: nested_prefix))
           end
           res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix
           res
@@ -39,7 +39,7 @@ module Contrast
           idx = 0
           res = {}
           while idx < val.length
-            res.merge! normalize_params(val[idx], prefix: "#{ prefix }[#{ idx }]")
+            res.merge!(normalize_params(val[idx], prefix: "#{ prefix }[#{ idx }]"))
             idx += 1
           end
           res[prefix] = Contrast::Utils::ObjectShare::EMPTY_STRING if prefix

data/lib/contrast/utils/sha256_builder.rb

@@ -9,16 +9,16 @@ module Contrast
     # Utility methods for building and caching hashes from strings
     class Sha256Builder
       include Singleton
+      # Return a list of "source" files. Ignore metadata files as well as files
+      # in the spec, test or exe directories. Could potentially miss important
+      # files but good enough for the time being.
+      PATHS = '{lib,bin,ext}/**/*.{rb,c,h,c++,cpp,java,rs}'
 
       def initialize
         @sha256_cache = {}
         @gem_hash_cache = {}
       end
 
-      # Return a list of "source" files. Ignore metadata files as well as files
-      # in the spec, test or exe directories. Could potentially miss important
-      # files but good enough for the time being.
-      PATHS = '{lib,bin,ext}/**/*.{rb,c,h,c++,cpp,java,rs}'
       def files path
         if Dir.exist?(path)
           Dir.glob(File.join(path, PATHS))

data/lib/contrast/utils/stack_trace_utils.rb

@@ -2,6 +2,7 @@
 # frozen_string_literal: true
 
 require 'contrast/utils/object_share'
+require 'contrast/agent/reporting/reporting_events/application_defend_attack_sample_stack'
 require 'contrast/api'
 
 module Contrast
@@ -35,21 +36,18 @@ module Contrast
         # StackTraceElement for TeamServer to display, excluding any Contrast
         # code found.
         #
-        # @return [Array<Contrast::Api::Dtm::StackTraceElement]
+        # @return [Array<Contrast::Api::Dtm::StackTraceElement>]
         def build_protect_stack_array
-          stack = caller(2, 20)
-          return [] unless stack
+          build_protect_stack(Contrast::Api::Dtm::StackTraceElement)
+        end
 
-          stack = reject_caller_entries(stack)
-          i = 0
-          stack.map! do |entry|
-            element = Contrast::Api::Dtm::StackTraceElement.new
-            element = fill_protect_element(element, entry, i)
-            i += 1
-            element
-          end
-          stack.compact!
-          stack
+        # Call and translate a caller_locations array to an array of
+        # StackTraceElement for TeamServer to display, excluding any Contrast
+        # code found.
+        #
+        # @return [Array<Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack>]
+        def build_protect_report_stack_array
+          build_protect_stack(Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack)
         end
 
         # Translate a caller array to an array of TraceStacks for TeamServer to
@@ -86,6 +84,26 @@ module Contrast
           end
         end
 
+        # @param clazz [Class] Contrast::Api::Dtm::StackTraceElement or
+        #   Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack
+        # @return [Array<Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack|
+        #   Contrast::Api::Dtm::StackTraceElement>]
+        def build_protect_stack clazz
+          stack = caller(3, 21)
+          return [] unless stack
+
+          stack = reject_caller_entries(stack)
+          i = 0
+          stack.map! do |entry|
+            element = clazz.new
+            element = fill_protect_element(element, entry, i)
+            i += 1
+            element
+          end
+          stack.compact!
+          stack
+        end
+
         # In Contrast UI - there are many ways to render the stacktraces. For
         # Protect, there are two ways we're concerned about, one for the first
         # element and then all others.

data/lib/contrast/utils/telemetry.rb

@@ -1,8 +1,9 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
-require 'contrast/agent/telemetry/telemetry'
+require 'contrast/agent/telemetry/base'
 require 'contrast/utils/telemetry_identifier'
+require 'contrast/config/env_variables'
 
 module Contrast
   module Utils
@@ -30,14 +31,21 @@ module Contrast
       # @return[Boolean, nil] true if file is created, false if file already exist
       # and nil if Telemetry is disabled or on unsupported OS.
       def self.create_telemetry_file
-        write_mark_file DIR, FILE, CONFIG_DIR
+        write_mark_file(DIR, FILE, CONFIG_DIR)
       end
 
       def self.disclaimer
         @_disclaimer = MESSAGE[:disclaimer]
       end
 
+      def self.exceptions_enabled?
+        @_exceptions_enabled = telemetry_exceptions_enabled? if @_exceptions_enabled.nil?
+        @_exceptions_enabled
+      end
+
       class << self
+        include Contrast::Config::EnvVariables
+
         private
 
         # Create the mark file
@@ -48,7 +56,7 @@ module Contrast
         # @return[Boolean, nil] true if file is created, false if file already exist
         # and nil if Telemetry is disabled or on unsupported OS.
         def write_mark_file dir, file, config_dir
-          return unless Contrast::Agent::Telemetry.enabled?
+          return unless Contrast::Agent::Telemetry::Base.enabled?
           return if Contrast::Utils::OS.windows?
 
           @dir = dir
@@ -56,7 +64,7 @@ module Contrast
           # nor can we write to the "root" directory ( / ). This results in Errno::EROFS exception.
           # So for the MacOS we would use the config directory of the instrumented application.
           @dir = config_dir if Contrast::Utils::OS.mac?
-          return false if File.file? @dir + file
+          return false if File.file?(@dir + file)
           return true if touch_marker(@dir, file)
 
           # If we don't have permission to write to root directory use config instead
@@ -67,12 +75,19 @@ module Contrast
         #
         # @return[Boolean] true if success, false if fails
         def touch_marker dir, file
-          FileUtils.mkdir_p dir unless Dir.exist? dir
-          FileUtils.touch dir + file
-          File.file? dir + file
+          FileUtils.mkdir_p(dir) unless Dir.exist?(dir)
+          FileUtils.touch(dir + file)
+          File.file?(dir + file)
         rescue StandardError => _e
           false
         end
+
+        def telemetry_exceptions_enabled?
+          opts_out_telemetry = return_value(:telemetry_opt_outs).to_s
+          return false if opts_out_telemetry.casecmp?('true') || opts_out_telemetry == '1'
+
+          true
+        end
       end
     end
   end

data/lib/contrast/utils/telemetry_client.rb

@@ -12,9 +12,10 @@ module Contrast
   module Utils
     # This module creates a Net::HTTP client and initiates a connection to the provided result
     class TelemetryClient < NetHttpBase
+      include Contrast::Components::Logger::InstanceMethods
       ENDPOINT = 'api/v1/telemetry/metrics' # /TelemetryEvent.path
+      EXCEPTIONS = 'api/v1/telemetry/exceptions' # /TelemetryExceptions::Event.path
       SERVICE_NAME = 'Telemetry'
-      include Contrast::Components::Logger::InstanceMethods
       # This method initializes the Net::HTTP client we'll need. it will validate
       # the connection and make the first request. If connection is valid and response
       # is available then the open connection is returned.
@@ -28,30 +29,35 @@ module Contrast
       # This method will be responsible for building the request. Because the telemetry collector expects to receive
       # multiple events in a single request, we must always wrap the event in an array, even if there is only one.
       #
-      # @param event [Contrast::Agent::TelemetryEvent,Contrast::Agent::StartupMetricsTelemetryEvent]
+      # @param event [Contrast::Agent::Telemetry::Event, Array<Contrast::Agent::Telemetry::TelemetryException::Event>]
       # @return [Net::HTTP::Post]
       def build_request event
-        return unless valid_event? event
+        return unless valid_event?(event)
+
+        string_body = if Array(event).all?(Contrast::Agent::Telemetry::TelemetryException::Event)
+                        event.map(&:to_controlled_hash).flatten!
+                      else
+                        [event.to_hash]
+                      end
 
-        string_body = [event.to_hash].to_json
         header = {
             'User-Agent' => "<#{ Contrast::Utils::ObjectShare::RUBY }>-<#{ Contrast::Agent::VERSION }>",
             'Content-Type' => 'application/json'
         }
-        request = Net::HTTP::Post.new(build_path(event.path), header)
-        request.body = string_body
+        request = Net::HTTP::Post.new(build_path(event), header)
+        request.body = string_body.to_json
         request
       end
 
       # This method will create the actual request and send it
-      # @param event[Contrast::Agent::TelemetryEvent]
+      # @param event[Contrast::Agent::Telemetry::Event]
       # @param connection[Net::HTTP]
       def send_request event, connection
         return if connection.nil? || event.nil?
-        return unless valid_event? event
+        return unless valid_event?(event)
 
-        req = build_request event
-        connection.request req
+        req = build_request(event)
+        connection.request(req)
       end
 
       # This method will handle the response from the tenant
@@ -68,10 +74,13 @@ module Contrast
       end
 
       # This method will be responsible for validating the event
-      # @param event[Contrast::Agent::TelemetryEvent,Contrast::Agent::StartupMetricsTelemetryEvent]
+      # @param event[Contrast::Agent::Telemetry::Event,Contrast::Agent::Telemetry::StartupMetricsEvent,
+      # array<Contrast::Agent::Telemetry::TelemetryException::Event>]
       def valid_event? event
-        return true if event.cs__is_a?(Contrast::Agent::TelemetryEvent)
-        return true if event.cs__is_a?(Contrast::Agent::StartupMetricsTelemetryEvent)
+        return true if event.cs__is_a?(Contrast::Agent::Telemetry::Event)
+        return true if event.cs__is_a?(Contrast::Agent::Telemetry::StartupMetricsEvent)
+        # Batch
+        return true if Array(event).all?(Contrast::Agent::Telemetry::TelemetryException::Event)
 
         false
       end
@@ -81,9 +90,12 @@ module Contrast
       # The telemetry instance accepts any path to #{ Contrast::Agent::Telemetry::URL }#{ ENDPOINT }, using the
       # remainder of the path to segregate messages.
       #
+      # @param event [Contrast::Agent::Telemetry::Event, Contrast::Agent::Telemetry::TelemetryException::Event]
       # @return [String] the fully qualified path to send the request
-      def build_path event_path
-        "#{ Contrast::Agent::Telemetry::URL }#{ ENDPOINT }#{ event_path }"
+      def build_path event
+        endpoint = Array(event).all?(Contrast::Agent::Telemetry::TelemetryException::Event) ? EXCEPTIONS : ENDPOINT
+        path = endpoint == EXCEPTIONS ? Contrast::Agent::Telemetry::TelemetryException::Event.path : event.path
+        "#{ Contrast::Agent::Telemetry::Base::URL }#{ endpoint }#{ path }"
       end
     end
   end

data/lib/contrast/utils/telemetry_hash.rb

@@ -0,0 +1,41 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/components/logger'
+
+module Contrast
+  module Utils
+    # This is the TelemetryHash, which will take data type, so we can push freely, without worrying about
+    # validating the event before that
+    class TelemetryHash < Hash
+      include Contrast::Components::Logger::InstanceMethods
+
+      attr_reader :data_type
+
+      def initialize data_type, *_several_variants
+        super()
+        @data_type = data_type
+      end
+
+      def []= key, value
+        return unless valid_value?(value)
+
+        super(key, value)
+      end
+
+      def increment key
+        self[key].exceptions[0].increment_occurrences
+        :incremented!
+      end
+
+      def valid_value? value
+        unless value.cs__is_a?(data_type)
+          logger.debug('The following key will be omitted', value: value)
+          return false
+        end
+
+        true
+      end
+    end
+  end
+end