contrast-agent 6.1.1 → 6.3.0

data/lib/contrast/agent/reporting/reporting_utilities/response_extractor.rb

@@ -24,7 +24,6 @@ module Contrast
           protect = response_data[:settings][:defend]
           return unless protect
 
-          # TODO: RUBY-1636 should this be `:rules` or `:protectionRules`
           res.application_settings.protect.protection_rules = protect[:protectionRules]
           res.application_settings.protect.virtual_patches = protect[:virtualPatches]
         end
@@ -40,10 +39,14 @@ module Contrast
           res.application_settings.exclusions.url_exclusions = exclusions[:urlExceptions]
         end
 
+        # The responses we receive for feature and settings from TS have different
+        # place to store these reactions: body.reactions vs body.settings.reactions.
+        #
         # @param response_data [Hash]
         # @param res [Contrast::Agent::Reporting::Response]
         def extract_reactions response_data, res
-          res.application_settings.reactions = response_data[:settings][:reactions]
+          res.reactions = response_data[:settings][:reactions] if response_data[:settings]
+          res.reactions = response_data[:reactions] if response_data[:features]
         end
 
         # @param response_data [Hash]
@@ -65,10 +68,17 @@ module Contrast
           return unless protect
 
           res.server_features.protect.enabled = protect[:enabled]
-          res.server_features.protect.bot_blocker = protect[:'bot-blocker']
-          # TODO: RUBY-1636 should this be `:rules` or `:protectionRules`
-          # process the botBlockers field
-          res.server_features.protect.syslog = protect[:syslog]
+          res.server_features.protect.bot_blocker.enable = protect[:'bot-blocker']
+          res.server_features.protect.bot_blocker.bots = protect[:botBlockers]
+          extract_syslog(response_data, res)
+        end
+
+        # @param response_data [Hash]
+        # @param res [Contrast::Agent::Reporting::Response]
+        def extract_syslog response_data, res
+          return unless (syslog = response_data[:features][:defend][:syslog])
+
+          res.server_features.protect.syslog.assign_array(syslog)
         end
 
         # @param response_data [Hash]
@@ -78,22 +88,34 @@ module Contrast
           return unless protect
 
           res.server_features.protect.ip_allowlist = protect[:ipAllowlist]
-          res.server_features.protect.ip_denylist = protect[:ipDenyList]
-          res.server_features.protect.log_enchancers = protect[:logEnhancers]
+          res.server_features.protect.ip_denylist = protect[:ipDenylist]
+          res.server_features.protect.log_enhancers = protect[:logEnhancers]
           res.server_features.protect.rule_definition_list = protect[:ruleDefinitionList]
         end
 
         # Here we extract the rules and state for the sensitive data masking policy
-        # Received from TS.
+        # received from TS.
         #
         # @param response_data [Hash]
         # @param res [Contrast::Agent::Reporting::Response]
         def extract_sensitive_data_policy response_data, res
-          sensitive_data = response_data[:settings][:sensitive_data_masking_policy]
+          return unless (sensitive_data = response_data[:settings][:sensitive_data_masking_policy])
+
           res.application_settings.sensitive_data_masking.mask_http_body = sensitive_data[:mask_http_body]
           res.application_settings.sensitive_data_masking.mask_attack_vector = sensitive_data[:mask_attack_vector]
           res.application_settings.sensitive_data_masking.build_rules_form_settings(sensitive_data[:rules])
         end
+
+        # Here we extract the log settings received from TS.
+        #
+        # @param response_data [Hash]
+        # @param res [Contrast::Agent::Reporting::Response]
+        def extract_log_settings response_data, res
+          return unless (log_level = response_data[:logLevel])
+
+          res.server_features.log_level = log_level
+          res.server_features.log_file = response_data[:logFile] if response_data[:logFile]
+        end
       end
     end
   end

data/lib/contrast/agent/reporting/reporting_utilities/response_handler.rb

@@ -90,7 +90,7 @@ module Contrast
           when ERROR_CODES[:too_many_requests]
             handle_response_errors(response, RETRY_AFTER_MSG, mode.resending)
           else
-            logger.debug('Response Error code could not be processed')
+            logger.error('Response Error code could not be processed')
           end
         end
 

data/lib/contrast/agent/reporting/reporting_utilities/response_handler_utils.rb

@@ -152,9 +152,9 @@ module Contrast
         #
         # @param response [Contrast::Agent::Reporting::Response]
         def update_reaction response
-          return unless response.application_settings&.reactions&.any?
+          return unless response&.reactions&.any?
 
-          response.application_settings.reactions.each do |reaction|
+          response.reactions.each do |reaction|
             # The enums are all uppercase, we need to downcase them before attempting to log.
             level = reaction.level.nil? ? :error : reaction.level.downcase
             logger.with_level(level, reaction.message) if reaction.message
@@ -198,50 +198,82 @@ module Contrast
           response_body = response&.body
           return unless response_body
 
-          response_data = JSON.parse(response_body)
+          response_data = JSON.parse(response_body, symbolize_names: true)
           return unless response_data.cs__is_a?(Hash)
 
-          response_data = response_data.deep_symbolize_keys
+          populate_response(response_data)
+        rescue StandardError => e
+          logger.error('Unable to convert response', e)
+          nil
+        end
+
+        # Extracts the data from the response and coverts it to
+        # Contrast::Agent::Reporting::Response.
+        #
+        # @param response_data[Hash]
+        # @return response [Contrast::Agent::Reporting::Response]
+        def populate_response response_data
+          return unless (success, messages = extract_success(response_data))
+
           # check if response contains application settings or Feature settings
           if response_data[:settings]
             # the response contains ApplicationSettings
-            app_settings = build_application_settings(response_data)
+            response = Contrast::Agent::Reporting::Response.build_application_response
+            response.success = success
+            response.messages = messages
+            app_settings = build_application_settings(response_data, response)
             logger.trace('Agent: Received updated application settings', raw: response_data, processed: app_settings)
             app_settings
           else
             # the response contains FeatureSettings
-            server_features = build_feature_settings(response_data)
+            response = Contrast::Agent::Reporting::Response.build_server_response
+            response.success = success
+            response.messages = messages
+            server_features = build_feature_settings(response_data, response)
             logger.trace('Agent: Received updated application settings', raw: response_data, processed: server_features)
             server_features
           end
-        rescue StandardError => e
-          logger.error('Unable to convert response', e)
-          nil
+          response
         end
 
         # @param response_data [Hash]
         # @return res [Contrast::Agent::Reporting::Response]
-        def build_application_settings response_data
-          res = Contrast::Agent::Reporting::Response.application_response
-          extract_assess(response_data, res)
-          extract_protect(response_data, res)
-          extract_exclusions(response_data, res)
-          extract_reactions(response_data, res)
-          extract_sensitive_data_policy(response_data, res)
-          res
+        def build_application_settings response_data, response
+          extract_assess(response_data, response)
+          extract_protect(response_data, response)
+          extract_exclusions(response_data, response)
+          extract_reactions(response_data, response)
+          extract_sensitive_data_policy(response_data, response)
+          response
         end
 
         # @param response_data [Hash]
         # @return res [Contrast::Agent::Reporting::Response]
-        def build_feature_settings response_data
-          res = Contrast::Agent::Reporting::Response.server_response
-          extract_assess_server_features(response_data, res)
-          extract_protect_server_features(response_data, res)
-          extract_protect_lists(response_data, res)
-          res.server_features.log_level = response_data[:logLevel]
-          res.server_features.log_file = response_data[:logFile]
-          res.server_features.telemetry = response_data[:telemetry]
-          res
+        def build_feature_settings response_data, response
+          extract_reactions(response_data, response)
+          extract_assess_server_features(response_data, response)
+          extract_protect_server_features(response_data, response)
+          extract_protect_lists(response_data, response)
+          extract_log_settings(response_data, response)
+          response.server_features.telemetry = response_data[:telemetry]
+          response
+        end
+
+        # This method with check the success and messages field of the response.
+        # If the success is false, then it will return nil and log the error.
+        #
+        # @param response_data [Hash]
+        # @return [Array, nil] Returns the success status or nil if request
+        # was not processed by TS.
+        def extract_success response_data
+          success = response_data[:success]
+          messages = response_data[:messages]
+          return [success, messages] if success
+
+          logger.error('Unable to connect to Contrast UI') if messages.nil?
+          logger.error('Failure on Contrast UI processing request', reasons: messages.join(', ')) if messages
+
+          nil
         end
       end
     end

data/lib/contrast/agent/reporting/settings/application_settings.rb

@@ -37,13 +37,6 @@ module Contrast
             @_exclusions ||= Contrast::Agent::Reporting::Settings::Exclusions.new
           end
 
-          # Reaction the agent should take based on a state in TS.
-          #
-          # @return [Array<Contrast::Agent::Reporting::Settings::Reaction>, nil]
-          def reactions
-            @_reactions
-          end
-
           # This object will hold the masking rules send from TS.
           #
           # @return sensitive_data_masking [Contrast::Agent::Reporting::Settings::SensitiveDataMasking] this object
@@ -52,22 +45,14 @@ module Contrast
             @_sensitive_data_masking ||= Contrast::Agent::Reporting::Settings::SensitiveDataMasking.new
           end
 
-          # Set the reaction
-          #
-          # @param reactions [Array<Reaction>] {
-          #   level     [String] The level at which the agent should log this reaction.
-          #                      [ERROR, WARN, INFO, DEBUG, TRACE]
-          #   message   [String] A message to log when receiving this reaction.
-          #   operation [String] What to do in response to this reaction.[NOOP, DISABLE] }
-          # @return [Array<Contrast::Agent::Reporting::Settings::Reaction>]
-          def reactions= reactions
-            return unless reactions.is_a?(Array)
-
-            @_reactions = []
-            reactions.each do |r|
-              reaction = Contrast::Agent::Reporting::Settings::Reaction.new(r[:level], r[:operation], r[:message])
-              @_reactions << reaction
-            end
+          # Currently protect and assess are not covered with to_controlled_hash methods
+          def to_controlled_hash
+            {
+                defend: {},
+                exceptions: exclusions.to_controlled_hash,
+                assessment: {},
+                sensitive_data_masking_policy: sensitive_data_masking.to_controlled_hash
+            }
           end
         end
       end

data/lib/contrast/agent/reporting/settings/assess_server_feature.rb

@@ -3,6 +3,9 @@
 
 require 'contrast/utils/object_share'
 require 'contrast/agent/reporting/settings/sampling'
+require 'contrast/agent/reporting/settings/sanitizer'
+require 'contrast/agent/reporting/settings/validator'
+require 'contrast/agent/reporting/settings/helpers'
 
 module Contrast
   module Agent
@@ -52,54 +55,45 @@ module Contrast
 
           # The sanitizers defined by the user for use by the agent on this server for this organization.
           #
-          # @return sanitizers [Array<AssessCustomRules>] AssessCustomRules
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
+          # @return sanitizers [Array<Contrast::Agent::Reporting::Settings::Sanitizer>]
           def sanitizers
             @_sanitizers ||= []
           end
 
           # set sanitizer
           #
-          # @param sanitizers [Array<AssessCustomRules>] of AssessCustomRule: {
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
-          # }
-          # @return sanitizers [Array<AssessCustomRules>] AssessCustomRules
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
-          def sanitizers= sanitizers
-            @_sanitizers = sanitizers if sanitizers.is_a?(Array)
+          # @param sanitizers_array [Array<Contrast::Agent::Reporting::Settings::Sanitizer>]
+          # @return sanitizers [Array<Contrast::Agent::Reporting::Settings::Sanitizer>]
+          def sanitizers= sanitizers_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::Sanitizer,
+                                                                      sanitizers,
+                                                                      sanitizers_array)
           end
 
           # The validators defined by the user for use by the agent on this server for this organization.
           #
-          # @return validators [Array<AssessCustomRules>] of AssessCustomRule: {
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
-          # }
+          # @return sanitizers [Array<Contrast::Agent::Reporting::Settings::Validator>]
           def validators
             @_validators ||= []
           end
 
-          # The validators defined by the user for use by the agent on this server for this organization.
+          # set validators
           #
-          # @param validators [Array<AssessCustomRules>] of AssessCustomRule: {
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
-          # }
-          # @return validators [Array<AssessCustomRules>] of AssessCustomRule: {
-          #   Api   [String], Rules [Array[RulesID]]
-          #   tags  [Array[String]]
-          #   uuid  [String]
-          # }
-          def validators= validators
-            @_validators = validators if validators.is_a?(Array)
+          # @param validators_array [Array<Contrast::Agent::Reporting::Settings::Validator>]
+          # @return sanitizers [Array<Contrast::Agent::Reporting::Settings::Validator>]
+          def validators= validators_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::Validator,
+                                                                      validators,
+                                                                      validators_array)
+          end
+
+          def to_controlled_hash
+            {
+                enabled: enabled?,
+                sampling: sampling.to_controlled_hash,
+                sanitizers: sanitizers.map(&:to_controlled_hash),
+                validators: validators.map(&:to_controlled_hash)
+            }
           end
         end
       end

data/lib/contrast/agent/reporting/settings/bot_blocker.rb

@@ -0,0 +1,68 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/settings/helpers'
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # Indicate if the bot protection feature set is enabled for this server or not.
+        class BotBlocker
+          # @return [Boolean]
+          attr_accessor :enable
+
+          def initialize
+            @enable = true
+          end
+
+          # @return bots [Hash<Contrast::Agent::Reporting::Settings::Bot>, []]
+          def bots
+            @_bots ||= []
+          end
+
+          def bots= bots_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::Bot,
+                                                                      bots,
+                                                                      bots_array)
+          end
+
+          # We should be receiving:
+          # bot_blockers { enable, bots[{bot, case_sensitive, start_anchor}]}
+          # Instead in the response there is bot_blockers[], and the enable
+          # which can be retrieved from bot-blocker.
+          def to_controlled_hash
+            @enable
+          end
+        end
+
+        # This class is used to represent a Bot entity inside the bots array.
+        class Bot
+          ATTRIBUTES = %i[bot case_sensitive start_anchor].cs__freeze
+
+          # @return bot [String]
+          attr_accessor :bot
+          # @return case_sensitive [Boolean] Whether the name is case-sensitive
+          # or not.
+          attr_accessor :case_sensitive
+          # @return start_anchor [Boolean]
+          attr_accessor :start_anchor
+
+          def initialize
+            # default values of properties:
+            @start_anchor = false
+            @case_sensitive = false
+          end
+
+          def to_controlled_hash
+            {
+                bot: bot,
+                caseSensitive: case_sensitive,
+                startAnchor: start_anchor
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/code_exclusion.rb

@@ -0,0 +1,27 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/settings/exclusion_base'
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # CodeExclusions class
+        class CodeExclusion < ExclusionBase
+          ATTRIBUTES = BASE_ATTRIBUTES.dup << :denylist
+          ATTRIBUTES.cs__freeze
+
+          # @return denylist [Array<String>] #rubocop:disable [Naming/InclusiveLanguage]
+          attr_accessor :denylist
+
+          def to_controlled_hash
+            hash = super
+            hash[:denylist] = denylist
+            hash
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/exclusion_base.rb

@@ -0,0 +1,33 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # Base class to represent common exclusions fields.
+        class ExclusionBase
+          BASE_ATTRIBUTES = %i[name modes assess_rules protect_rules].cs__freeze
+
+          # @return name [String]
+          attr_accessor :name
+          # @return modes [Array<String>]
+          attr_accessor :modes
+          # @return assess_rules [Array<String>]
+          attr_accessor :assess_rules
+          # @return protect_rules [Array<String>]
+          attr_accessor :protect_rules
+
+          def to_controlled_hash
+            {
+                name: name, # rubocop:disable Security/Module/Name
+                modes: modes,
+                assessRules: assess_rules,
+                protectRules: protect_rules
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/exclusions.rb

@@ -1,6 +1,11 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/agent/reporting/settings/code_exclusion'
+require 'contrast/agent/reporting/settings/input_exclusion'
+require 'contrast/agent/reporting/settings/url_exclusion'
+require 'contrast/agent/reporting/settings/helpers'
+
 module Contrast
   module Agent
     module Reporting
@@ -11,52 +16,38 @@ module Contrast
         class Exclusions
           # Cases where rules should be excluded if violated in a method call
           #
-          # @return code_exclusions [Array<CodeExclusion>] Array of CodeExclusion: {
-          #   name         [String] The name of the exclusion as defined by the user in TS.
-          #   modes        [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   denylist     [String] The call, if in the stack, should result in the agent not taking action.
-          # }
+          # @return code_exclusions [Array<Contrast::Agent::Reporting::Settings::CodeExclusion>] Array of CodeExclusion
           def code_exclusions
             @_code_exclusions ||= []
           end
 
           # set the CodeExclusions array
           #
-          # @param code_exclusions [Array<CodeExclusion>] Array of CodeExclusion: {
+          # @param new_code_exclusions [Array<CodeExclusion>] Array of CodeExclusion: {
           #   name         [String] The name of the exclusion as defined by the user in TS.
           #   modes        [String] If this exclusion applies to assess or protect. [assess, defend]
           #   assess_rules [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
           #   denylist     [String] The call, if in the stack, should result in the agent not taking action.
           # }
-          # @return code_exclusions [Array<CodeExclusion>] Array of CodeExclusion: {
-          #   name         [String] The name of the exclusion as defined by the user in TS.
-          #   modes        [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   denylist     [String] The call, if in the stack, should result in the agent not taking action.
-          # }
-          def code_exclusions= code_exclusions
-            @_code_exclusions = code_exclusions if code_exclusions.is_a?(Array)
+          # @return code_exclusions [Array<Contrast::Agent::Reporting::Settings::CodeExclusion>] Array of CodeExclusion
+          def code_exclusions= new_code_exclusions
+            @_code_exclusions = Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(
+                Contrast::Agent::Reporting::Settings::CodeExclusion,
+                code_exclusions,
+                new_code_exclusions)
           end
 
           # Cases where rules should be excluded if violated from a given input.
           #
-          # @return input_exclusions [Array<InputExclusions>] Array of InputExclusions: {
-          #   name           [String] The name of the input.
-          #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   protect_rules  [Array] Array of ProtectRuleID [String] The protect rules to which this exclusion applies.
-          #   urls           [Array] Array of URLs to which the exclusions apply. URL [String]
-          #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
-          #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
-          # }
+          # @return input_exclusions [Array<Contrast::Agent::Reporting::Settings::InputExclusions>]
+          # Array of InputExclusions
           def input_exclusions
             @_input_exclusions ||= []
           end
 
           # set the InputExclusions array
           #
-          # @param input_exclusions [Array<InputExclusions>] Array of InputExclusions: {
+          # @param new_input_exclusions [Array<InputExclusions>] Array of InputExclusions: {
           #   name           [String] The name of the input.
           #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
           #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
@@ -65,37 +56,25 @@ module Contrast
           #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
           #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
           # }
-          # @return input_exclusions [Array<InputExclusions>] Array of InputExclusions: {
-          #   name           [String] The name of the input.
-          #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   protect_rules  [Array] Array of ProtectRuleID [String] The protect rules to which this exclusion applies.
-          #   urls           [Array] Array of URLs to which the exclusions apply. URL [String]
-          #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
-          #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
-          # }
-          def input_exclusions= input_exclusions
-            @_input_exclusions = input_exclusions if input_exclusions.is_a?(Array)
+          # @return input_exclusions [Array<Contrast::Agent::Reporting::Settings::InputExclusions>]
+          # Array of InputExclusions
+          def input_exclusions= new_input_exclusions
+            @_input_exclusions = Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(
+                Contrast::Agent::Reporting::Settings::InputExclusion,
+                input_exclusions,
+                new_input_exclusions)
           end
 
           # A case where rules should be excluded if violated during a call to a given URL.
           #
-          # @return url_exclusions [Array<UrlExclusions>] Array of UrlExclusions: {
-          #   name           [String] The name of the input.
-          #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   protect_rules  [Array] Array of ProtectRuleID [String] The protect rules to which this exclusion applies.
-          #   urls           [Array] Array of URLs to which the exclusions apply. URL [String]
-          #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
-          #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
-          # }
+          # @return url_exclusions [Array<Contrast::Agent::Reporting::Settings::UrlExclusion>] Array of UrlExclusions
           def url_exclusions
             @_url_exclusions ||= []
           end
 
           # set the UrlExclusions array
           #
-          # @param url_exclusions [Array] Array of UrlExclusions: {
+          # @param new_url_exclusions [Array] Array of UrlExclusions: {
           #   name           [String] The name of the input.
           #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
           #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
@@ -104,17 +83,20 @@ module Contrast
           #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
           #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
           # }
-          # @return url_exclusions [Array<UrlExclusions>] Array of UrlExclusions: {
-          #   name           [String] The name of the input.
-          #   modes          [String] If this exclusion applies to assess or protect. [assess, defend]
-          #   assess_rules   [Array] Array of assess rules to which this exclusion applies. AssessRuleID [String]
-          #   protect_rules  [Array] Array of ProtectRuleID [String] The protect rules to which this exclusion applies.
-          #   urls           [Array] Array of URLs to which the exclusions apply. URL [String]
-          #   match_strategy [String] If this exclusion applies to all URLs or only those specified. [ALL, ONLY]
-          #   type           [String] The type of the input [COOKIE, PARAMETER, HEADER, BODY, QUERYSTRING]
-          # }
-          def url_exclusions= url_exclusions
-            @_url_exclusions = url_exclusions if url_exclusions.is_a?(Array)
+          # @return url_exclusions [Array<Contrast::Agent::Reporting::Settings::UrlExclusion>] Array of UrlExclusions
+          def url_exclusions= new_url_exclusions
+            @_url_exclusions = Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(
+                Contrast::Agent::Reporting::Settings::UrlExclusion,
+                url_exclusions,
+                new_url_exclusions)
+          end
+
+          def to_controlled_hash
+            {
+                codeExceptions: code_exclusions.map(&:to_controlled_hash),
+                inputExceptions: input_exclusions.map(&:to_controlled_hash),
+                urlExceptions: url_exclusions.map(&:to_controlled_hash)
+            }
           end
         end
       end