contrast-agent 6.1.2 → 6.2.0

data/lib/contrast/agent/reporting/settings/ip_filter.rb

@@ -0,0 +1,35 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # The IP addresses for which to disable protection.
+        class IpFilter
+          ATTRIBUTES = %i[expires ip name uuid].cs__freeze
+
+          # The value in milliseconds since epoch for expiration. Value of '0' means no expiration.
+          #
+          # @return expires [Integer] The time after which the filter is no longer valid.
+          attr_accessor :expires
+          # @return  ip [String] The IP or range of IPs to which this message pertains.
+          attr_accessor :ip
+          # @return  name [String] The user defined name of the filter.
+          attr_accessor :name
+          # @return  uuid [String] The identifier of the filter as defined by TeamServer.
+          attr_accessor :uuid
+
+          def to_controlled_hash
+            {
+                expires: expires,
+                ip: ip,
+                name: name, # rubocop:disable Security/Module/Name
+                uuid: uuid
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/keyword.rb

@@ -0,0 +1,74 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/settings/helpers'
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # The words to search for in input that indicate an attack
+        class Keyword
+          ATTRIBUTES = %i[id value case_sensitive score prohibited_features mandatory_features].cs__freeze
+
+          # @return id [String]
+          attr_accessor :id
+          # @return value [string]
+          attr_accessor :value
+          # @return case_sensitive [Boolean]
+          attr_accessor :case_sensitive
+          # @return score [Integer] The impact of matching this entry;
+          # higher meaning more likely to be an attack
+          attr_accessor :score
+
+          # Disable this pattern or keyword if agent implements one of
+          # the specified features
+          #
+          # @return [Array<String>]
+          def prohibited_features
+            @_prohibited_features ||= []
+          end
+
+          # Disable this pattern or keyword if agent implements one of
+          # the specified features
+          #
+          # @return [Array<String>]
+          def mandatory_features
+            @_mandatory_features ||= []
+          end
+
+          # Set the features.
+          #
+          # @param features [Array]
+          # @return [Array<String>]
+          def prohibited_features= features
+            @_prohibited_features = features if features.is_a?(Array)
+          end
+
+          # Set the features.
+          #
+          # @param features [Array]
+          # @return [Array<String>]
+          def mandatory_features= features
+            @_mandatory_features = features if features.is_a?(Array)
+          end
+
+          def to_controlled_hash
+            {
+                id: id,
+                value: value,
+                caseSensitive: case_sensitive,
+                score: score,
+                prohibitedFeatures: prohibited_features,
+                mandatoryFeatures: mandatory_features
+            }
+          end
+        end
+
+        #  A word or pattern whose presence in an input represents an attack
+        class Pattern < Keyword
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/log_enhancer.rb

@@ -0,0 +1,65 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/utils/object_share'
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # All of the apis to add new logging calls to the application at runtime
+        class LogEnhancer
+          ATTRIBUTES = %i[id api format level name type].cs__freeze
+          LOG_LEVELS = %w[TRACE DEBUG INFO WARN ERROR].cs__freeze
+          TYPES = %w[AUDIT ERROR SECURITY].cs__freeze
+
+          # @return api [String]  The method signature to instrument, as understood by the agent.
+          attr_accessor :api
+          # @return format [String] The format of the message to log.
+          attr_accessor :format
+          # @return id [Integer] The identifier of the enhancer as defined by TeamServer.
+          attr_accessor :id
+          # @return name [String] The user defined name of the enhancer.
+          attr_accessor :name
+
+          # @return level [String] The level at which to log this message. Trace as 0 and Error as 4.
+          # [ TRACE, DEBUG, INFO, WARN, ERROR ]
+          def level
+            @_level ||= Contrast::Utils::ObjectShare::EMPTY_STRING
+          end
+
+          # @param new_level [String] new level to set.
+          # @return level [String] The level at which to log this message. Trace as 0 and Error as 4.
+          # [ TRACE, DEBUG, INFO, WARN, ERROR ]
+          def level= new_level
+            @_level = new_level if LOG_LEVELS.include?(new_level)
+          end
+
+          # @return type [String] The type of log message to generate. Audit as 0, Security as 2.
+          # [ AUDIT, ERROR, SECURITY ]
+          def type
+            @_type ||= Contrast::Utils::ObjectShare::EMPTY_STRING
+          end
+
+          # @param new_type [String] new type to set.
+          # @return type [String] The type of log message to generate. Audit as 0, Security as 2.
+          # [ AUDIT, ERROR, SECURITY ]
+          def type= new_type
+            @_type = new_type if TYPES.include?(new_type)
+          end
+
+          def to_controlled_hash
+            {
+                id: id,
+                api: api,
+                format: format,
+                name: name, # rubocop:disable Security/Module/Name
+                level: level,
+                type: type
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/protect.rb

@@ -2,6 +2,8 @@
 # frozen_string_literal: true
 
 require 'contrast/utils/object_share'
+require 'contrast/api/dtm.pb'
+require 'contrast/api/settings.pb'
 
 module Contrast
   module Agent
@@ -82,12 +84,12 @@ module Contrast
 
               api_mode = case setting_mode
                          when PROTECT_RULES_MODE[1]
-                           ::Contrast::Api::Settings::ProtectionRule::Mode::MONITORED
+                           ::Contrast::Api::Settings::ProtectionRule::Mode::MONITOR
                          when PROTECT_RULES_MODE[2]
                            if rule[:blockAtEntry]
                              ::Contrast::Api::Settings::ProtectionRule::Mode::BLOCK_AT_PERIMETER
                            else
-                             ::Contrast::Api::Settings::ProtectionRule::Mode::BLOCKED
+                             ::Contrast::Api::Settings::ProtectionRule::Mode::BLOCK
                            end
                          else
                            ::Contrast::Api::Settings::ProtectionRule::Mode::NO_ACTION

data/lib/contrast/agent/reporting/settings/protect_server_feature.rb

@@ -2,6 +2,12 @@
 # frozen_string_literal: true
 
 require 'contrast/utils/object_share'
+require 'contrast/agent/reporting/settings/bot_blocker'
+require 'contrast/agent/reporting/settings/ip_filter'
+require 'contrast/agent/reporting/settings/log_enhancer'
+require 'contrast/agent/reporting/settings/rule_definition'
+require 'contrast/agent/reporting/settings/syslog'
+require 'contrast/agent/reporting/settings/helpers'
 
 module Contrast
   module Agent
@@ -28,22 +34,14 @@ module Contrast
 
           # Indicate if the bot protection feature set is enabled for this server or not.
           #
-          # @return bot_blocker [Boolean]
+          # @return bot_blocker [Contrast::Agent::Reporting::Settings::BotBlocker]
           def bot_blocker
-            @_bot_blocker
-          end
-
-          # set bot_blocker
-          #
-          # @param bot_blocker [Boolean]
-          # @return bot_blocker [Boolean]
-          def bot_blocker= bot_blocker
-            @_bot_blocker = bot_blocker if !!bot_blocker == bot_blocker
+            @_bot_blocker ||= Contrast::Agent::Reporting::Settings::BotBlocker.new
           end
 
           # The IP addresses for which to disable protection.
           #
-          # @return ip_allowlist [Array<IpFilter>]
+          # @return ip_allowlist [Array<Contrast::Agent::Reporting::Settings::IpFilter>, []]
           #   expires [Integer] The time after which the filter is no longer valid.
           #   ip      [String] The IP or range of IPs to which this message pertains.
           #   name    [String] The user defined name of the filter.
@@ -60,18 +58,16 @@ module Contrast
           #   name    [String] The user defined name of the filter.
           #   uuid    [String] The identifier of the filter as defined by TeamServer.
           # }
-          # @return ip_allowlist [Array<IpFilter>]
-          #   expires [Integer] The time after which the filter is no longer valid.
-          #   ip      [String] The IP or range of IPs to which this message pertains.
-          #   name    [String] The user defined name of the filter.
-          #   uuid    [String] The identifier of the filter as defined by TeamServer.
+          # @return ip_allowlist [Array<Contrast::Agent::Reporting::Settings::IpFilter>]
           def ip_allowlist= allowlist
-            @_ip_allowlist = allowlist if allowlist.is_a?(Array)
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::IpFilter,
+                                                                      ip_allowlist,
+                                                                      allowlist)
           end
 
           # The IP addresses for which to disable protection.
           #
-          # @return ip_denylist [Array<IpFilter>]
+          # @return ip_denylist [Array<IpFilter>, []]
           #                     expires [Integer] The time after which the filter is no longer valid.
           #                     ip      [String] The IP or range of IPs to which this message pertains.
           #                     name    [String] The user defined name of the filter.
@@ -88,72 +84,42 @@ module Contrast
           #   name    [String] The user defined name of the filter.
           #   uuid    [String] The identifier of the filter as defined by TeamServer.
           # }
-          # @return ip_denylist [Array<IpFilter>]
-          #                     expires [Integer] The time after which the filter is no longer valid.
-          #                     ip      [String] The IP or range of IPs to which this message pertains.
-          #                     name    [String] The user defined name of the filter.
-          #                     uuid    [String] The identifier of the filter as defined by TeamServer.
+          # @return ip_denylist [Array<Contrast::Agent::Reporting::Settings::IpFilter>]
           def ip_denylist= denylist
-            @_ip_denylist = denylist if denylist.is_a?(Array)
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::IpFilter,
+                                                                      ip_denylist,
+                                                                      denylist)
           end
 
           # All of the apis to add new logging calls to the application at runtime.
           #
-          # @return log_enchancers [Array<LogEnchancers>]
-          #    api     [String]  The method signature to instrument, as understood by the agent.
-          #    format  [String]  The format of the message to log.
-          #    id      [Integer] The identifier of the enhancer as defined by TeamServer.
-          #    level   [String] The level at which to log this message. Trace as 0 and Error as 4.
-          #                     [ TRACE, DEBUG, INFO, WARN, ERROR ]
-          #    name    [String] The user defined name of the enhancer.
-          #    type    [String] The type of log message to tenerate. Audit as 0, Security as 2.
-          #                     [ AUDIT, ERROR, SECURITY ]
-          def log_enchancers
-            @_log_enchancers ||= []
+          # @return log_enhancers [Array<Contrast::Agent::Reporting::Settings::LogEnhancer>, []]
+          def log_enhancers
+            @_log_enhancers ||= []
           end
 
           # All of the apis to add new logging calls to the application at runtime.
           #
-          # @param log_enchancers [Array<LogEnchancers>] of LogEnchancers: {
+          # @param log_enhancers_array [Array<LogEnhancers>] of LogEnhancers: {
           #    api     [String]  The method signature to instrument, as understood by the agent.
           #    format  [String]  The format of the message to log.
           #    id      [Integer] The identifier of the enhancer as defined by TeamServer.
           #    level   [String] The level at which to log this message. Trace as 0 and Error as 4.
           #                     [ TRACE, DEBUG, INFO, WARN, ERROR ]
           #    name    [String] The user defined name of the enhancer.
-          #    type    [String] The type of log message to tenerate. Audit as 0, Security as 2.
+          #    type    [String] The type of log message to generate. Audit as 0, Security as 2.
           #                     [ AUDIT, ERROR, SECURITY ]
           # }
-          # @return log_enchancers [Array<LogEnchancers>]
-          #    api     [String]  The method signature to instrument, as understood by the agent.
-          #    format  [String]  The format of the message to log.
-          #    id      [Integer] The identifier of the enhancer as defined by TeamServer.
-          #    level   [String] The level at which to log this message. Trace as 0 and Error as 4.
-          #                     [ TRACE, DEBUG, INFO, WARN, ERROR ]
-          #    name    [String] The user defined name of the enhancer.
-          #    type    [String] The type of log message to tenerate. Audit as 0, Security as 2.
-          #                     [ AUDIT, ERROR, SECURITY ]
-          def log_enchancers= log_enchancers
-            @_log_enchancers = log_enchancers if log_enchancers.is_a?(Array)
+          # @return log_enhancers [Array<Contrast::Agent::Reporting::Settings::LogEnhancer>]
+          def log_enhancers= log_enhancers_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::LogEnhancer,
+                                                                      log_enhancers,
+                                                                      log_enhancers_array)
           end
 
           # The keywords and patterns required for the input analysis of each rule with that capability.
           #
-          # @return rule_defenition_list [Array<RuleDefinition>]
-          #   keywords [Array] The words to search for in input that indicate an attack.{
-          #                     caseSensitive [Boolean]
-          #                     id            [String]
-          #                     score         [Integer] The impact of matching this entry; higher meaning more
-          #                                             likely to be an attack
-          #                     value         [String] }
-          #   name   [String] 	AssessRuleID
-          #   patterns [Array] A word or pattern whose presence in an input represents an attack {
-          #                     caseSensitive [Boolean]
-          #                     id            [String]
-          #                    score          [Integer] The impact of matching this entry; higher meaning more
-          #                                            likely to be an attack
-          #                    value          [String] }
-          # }
+          # @return rule_definition_list [Array<Contrast::Agent::Reporting::Settings::RuleDefinition>]
           def rule_definition_list
             @_rule_definition_list ||= []
           end
@@ -175,66 +141,47 @@ module Contrast
           #                                            likely to be an attack
           #                    value          [String] }
           # }
-          # @return rule_defenition_list [Array<RuleDefinition>]  Array of RuleDefinition: {
-          #   keywords [Array] The words to search for in input that indicate an attack.{
-          #                     caseSensitive [Boolean]
-          #                     id            [String]
-          #                     score         [Integer] The impact of matching this entry; higher meaning more
-          #                                             likely to be an attack
-          #                     value         [String] }
-          #   name   [String] 	AssessRuleID
-          #   patterns [Array] A word or pattern whose presence in an input represents an attack {
-          #                     caseSensitive [Boolean]
-          #                     id            [String]
-          #                    score          [Integer] The impact of matching this entry; higher meaning more
-          #                                            likely to be an attack
-          #                    value          [String] }
-          # }
+          # @return rule_definition_list [Array<Contrast::Agent::Reporting::Settings::RuleDefinition>]
           def rule_definition_list= list
-            @_rule_definition_list = list if list.is_a?(Array)
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(
+                Contrast::Agent::Reporting::Settings::RuleDefinition,
+                rule_definition_list,
+                list)
           end
 
           # Controls for the syslogging feature in the agent.
           #
-          # @return syslog [Hash<logsSettings>]
-          #   syslogConnectionType    [String]
-          #   syslogEnabled           [Integer]
-          #   syslogFacilityCode      [Integer]
-          #   syslogIpAddress         [String]
-          #   syslogPortNumber        [Integer]
-          #   syslogProtocol          [String]
-          #   syslogSeverityExploited [String]
-          #   syslogSeverityProbed    [String]
-          #   syslogSeveritySuspicous [String]
+          # @return syslog [Contrast::Agent::Reporting::Settings::Syslog]
           def syslog
-            @_syslog ||= {}
+            @_syslog ||= Contrast::Agent::Reporting::Settings::Syslog.new
           end
 
-          # Controls for the syslogging feature in the agent.
-          #
-          # @param log [Hash<logsSettings>] {
-          #   syslogConnectionType    [String]
-          #   syslogEnabled           [Integer]
-          #   syslogFacilityCode      [Integer]
-          #   syslogIpAddress         [String]
-          #   syslogPortNumber        [Integer]
-          #   syslogProtocol          [String]
-          #   syslogSeverityExploited [String]
-          #   syslogSeverityProbed    [String]
-          #   syslogSeveritySuspicous [String]
-          # }
-          # @return syslog [Hash<logsSettings>]
-          #   syslogConnectionType    [String]
-          #   syslogEnabled           [Integer]
-          #   syslogFacilityCode      [Integer]
-          #   syslogIpAddress         [String]
-          #   syslogPortNumber        [Integer]
-          #   syslogProtocol          [String]
-          #   syslogSeverityExploited [String]
-          #   syslogSeverityProbed    [String]
-          #   syslogSeveritySuspicous [String]
-          def syslog= log
-            @_syslog = log if log.is_a?(Hash)
+          # The protect response should be structured like this:
+          # protect{ enable, observability, rules, log_enhancers }
+          # instead we receive all the data under the protect:
+          # the rules array is merged under protect and the ruleDefinition
+          # list is separate:
+          # "defend" : {
+          #       "botBlockers" : [],
+          #       "enabled" : true,
+          #       "logEnhancers" : [],
+          #       "ipDenylist" : [],
+          #       "ipAllowlist" : [],
+          #       "syslog" : {},
+          #       "ruleDefinitionList" : [{...}],
+          #       "bot-blocker" : false
+          #     },
+          def to_controlled_hash
+            {
+                botBlockers: bot_blocker.bots.map(&:to_controlled_hash),
+                enabled: enabled?,
+                logEnhancers: log_enhancers.map(&:to_controlled_hash),
+                ipDenylist: ip_denylist.map(&:to_controlled_hash),
+                ipAllowlist: ip_allowlist.map(&:to_controlled_hash),
+                syslog: syslog.to_controlled_hash,
+                ruleDefinitionList: rule_definition_list.map(&:to_controlled_hash),
+                'bot-blocker': bot_blocker.to_controlled_hash
+            }
           end
         end
       end

data/lib/contrast/agent/reporting/settings/reaction.rb

@@ -1,6 +1,8 @@
 # Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
 # frozen_string_literal: true
 
+require 'contrast/agent/reporting/settings/log_enhancer'
+
 module Contrast
   module Agent
     module Reporting
@@ -10,7 +12,6 @@ module Contrast
           attr_accessor :level, :operation, :message
 
           # used to check the parameters and also before reactions settings update
-          LEVELS = %w[ERROR WARN INFO DEBUG TRACE].cs__freeze
           OPERATIONS = %w[NOOP DISABLE].cs__freeze
 
           # Reaction the agent should take based on a state in TS.
@@ -19,10 +20,18 @@ module Contrast
           # @param message [String] A message to log when receiving this reaction.
           # @param operation [String] What to do in response to this reaction.[NOOP, DISABLE]
           def initialize level, operation, message
-            @level = level if LEVELS.include?(level)
+            @level = level if Contrast::Agent::Reporting::Settings::LogEnhancer::LOG_LEVELS.include?(level)
             @operation = operation if OPERATIONS.include?(operation)
             @message = message if message.is_a?(String)
           end
+
+          def to_controlled_hash
+            {
+                message: message,
+                level: level,
+                operation: operation
+            }
+          end
         end
       end
     end

data/lib/contrast/agent/reporting/settings/rule_definition.rb

@@ -0,0 +1,63 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+require 'contrast/agent/reporting/settings/helpers'
+require 'contrast/agent/reporting/settings/keyword'
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # The keywords and patterns required for the input analysis of each rule with that capability.
+        class RuleDefinition
+          ATTRIBUTES = %i[name keywords patterns].cs__freeze
+
+          # @return name [String] Name of the rule
+          attr_accessor :name
+
+          # The words to search for in input that indicate an attack
+          #
+          # @return [array<Contrast::Agent::Reporting::Settings::Keyword>]
+          def keywords
+            @_keywords ||= []
+          end
+
+          # A word or pattern whose presence in an input represents an attack
+          #
+          # @return [array<Contrast::Agent::Reporting::Settings::Pattern>]
+          def patterns
+            @_patterns ||= []
+          end
+
+          # Set keywords.
+          #
+          # @param keywords_array [Array]
+          # @return [array<Contrast::Agent::Reporting::Settings::Keyword>]
+          def keywords= keywords_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::Keyword,
+                                                                      keywords,
+                                                                      keywords_array)
+          end
+
+          # Set patterns.
+          #
+          # @param patterns_array [Array]
+          # @return [array<Contrast::Agent::Reporting::Settings::Pattern>]
+          def patterns= patterns_array
+            Contrast::Agent::Reporting::Settings::Helpers.array_to_iv(Contrast::Agent::Reporting::Settings::Pattern,
+                                                                      patterns,
+                                                                      patterns_array)
+          end
+
+          def to_controlled_hash
+            {
+                name: name, # rubocop:disable Security/Module/Name
+                keywords: keywords.map(&:to_controlled_hash),
+                patterns: patterns.map(&:to_controlled_hash)
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/sampling.rb

@@ -29,6 +29,16 @@ module Contrast
             @response_frequency = hsh[:responseFrequency]
             @window_ms = hsh[:window]
           end
+
+          def to_controlled_hash
+            {
+                baseline: baseline,
+                enabled: enabled,
+                frequency: request_frequency,
+                responseFrequency: response_frequency,
+                window: window_ms
+            }
+          end
         end
       end
     end

data/lib/contrast/agent/reporting/settings/sanitizer.rb

@@ -0,0 +1,38 @@
+# Copyright (c) 2022 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
+# frozen_string_literal: true
+
+module Contrast
+  module Agent
+    module Reporting
+      module Settings
+        # The sanitizers defined by the user for use by the agent on this server for this organization.
+        class Sanitizer
+          ATTRIBUTES = %i[uuid api tags rules].cs__freeze
+
+          # @return uuid [String]
+          attr_accessor :uuid
+          # @return api [String]
+          attr_accessor :api
+          # @return uuid [Array<String>]
+          attr_accessor :tags
+          # @return uuid [Array<String>]
+          attr_accessor :rules
+
+          def initialize
+            @tags = []
+            @rules = []
+          end
+
+          def to_controlled_hash
+            {
+                api: api,
+                rules: rules,
+                tags: tags,
+                uuid: uuid
+            }
+          end
+        end
+      end
+    end
+  end
+end

data/lib/contrast/agent/reporting/settings/sensitive_data_masking.rb

@@ -66,7 +66,7 @@ module Contrast
           # @param settings_rules [Hash] Response settings under Settings/sensitive_data_masking_policy/rules
           # @return rules [Array<Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule>, nil
           def build_rules_form_settings settings_rules
-            return unless settings_rules || settings_rules.empty?
+            return if settings_rules.nil? || settings_rules.empty?
 
             settings_rules.each do |rule|
               instance = Contrast::Agent::Reporting::Settings::SensitiveDataMaskingRule.new
@@ -77,6 +77,14 @@ module Contrast
             rules
           end
 
+          def to_controlled_hash
+            {
+                rules: rules.map(&:to_controlled_hash),
+                mask_attack_vector: mask_attack_vector?,
+                mask_http_body: mask_http_body?
+            }
+          end
+
           private
 
           # Determine if parameter is array of Rules.

data/lib/contrast/agent/reporting/settings/sensitive_data_masking_rule.rb

@@ -40,6 +40,13 @@ module Contrast
             @_keywords = words_array if string_array?(words_array)
           end
 
+          def to_controlled_hash
+            {
+                id: rule_id,
+                keywords: keywords
+            }
+          end
+
           private
 
           # Determine if a array is array of strings.

data/lib/contrast/agent/reporting/settings/server_features.rb

@@ -71,6 +71,14 @@ module Contrast
           def protect
             @_protect ||= Contrast::Agent::Reporting::Settings::ProtectServerFeature.new
           end
+
+          def to_controlled_hash
+            {
+                assessment: @_assess ? assess.to_controlled_hash : {},
+                defend: @_protect ? protect.to_controlled_hash : {},
+                telemetry: telemetry
+            }.compact
+          end
         end
       end
     end