prevoty 1.0.1 → 1.1.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: e2f1c570217f3b21f6f836011447c9987480658d
-  data.tar.gz: 5514c8210fbd6936c447554d592902fbb64c6e28
+  metadata.gz: ad5b5a54c536fe5f3fb549c378397945327ea326
+  data.tar.gz: e155ae00f346da84b53aee63f4b951e90220b176
 SHA512:
-  metadata.gz: 862c68168adc6ab55830efefa966e7a442d1fc2823f5ff35ce343f10d86fc6aff824a1d54ed052bb25ccbd39b0c77d4b821e63757c6bdc55975b1ac243cdd920
-  data.tar.gz: eff1028ca5fafe112ebb0ab3d81734e65abe2aef4ae91c4ae040f9c0baa7c8d56a92755dfb6bf42f27b48f44844b33a8e8b3ba7c58c072dd38be1cb73b2e1d7d
+  metadata.gz: 2aedb6bee19a97421af036868eec01180450eb9b263085babdd831d9151331399938d508cbe848db2d1aac3d0117a2b5619213b68956234752c6384ecc6d0ad6
+  data.tar.gz: c67de2fa8357b5d16567a37974f9bf9d60e4cba2d48c0b9b3baa6ab2f14544a192aaaeff75f49592a824c0b6e91fc74ec4818da4d30625f9ae90abb415c90215

data/lib/prevoty.rb

@@ -29,3 +29,5 @@ require 'prevoty/responses/ecdsa_private_key'
 require 'prevoty/responses/rsa_signature'
 require 'prevoty/responses/ecdsa_signature'
 require 'prevoty/responses/signature_verify'
+require 'prevoty/responses/monitor_content'
+require 'Prevoty/responses/monitor_query'

data/lib/prevoty/client.rb

@@ -79,6 +79,21 @@ module Prevoty
       end
     end
 
+    def monitor_content(input)
+      params = {api_key: @api_key, input: JSON.dump(input)}
+
+      response = HTTParty.post("#{@base}/1/xss/monitor", query: params)
+      case response.code
+      when 200 then return JSON.parse(response.body).map {|record| MonitorContent.new(record)}
+      when 400 then raise BadInputParameter
+      when 403 then raise BadAPIKey
+      when 413 then raise RequestTooLarge
+      when 500 then raise InternalError
+      when 507 then raise AccountQuotaExceeded
+      else raise Exception
+      end
+    end
+
     def generate_timed_token(user_identifier, action, ttl)
       params = {api_key: @api_key, user_identifier: user_identifier, action: action, ttl: ttl}
 
@@ -177,16 +192,25 @@ module Prevoty
       end
     end
 
-    def validate_pattern(pattern, input)
-      params = {api_key: @api_key, input: input}
+    def monitor_query(query)
+      params = {api_key: @api_key, inputs: JSON.dump(query)}
 
-      return call_pattern("#{@base}/1/pattern/#{pattern}", params)
+      response = HTTParty.post("#{@base}/1/query/monitor", query: params)
+      case response.code
+      when 200 then return JSON.parse(response.body).map {|record| MonitorQuery.new(record)}
+      when 400 then raise BadInputParameter
+      when 403 then raise BadAPIKey
+      when 413 then raise RequestTooLarge
+      when 500 then raise InternalError
+      when 507 then raise AccountQuotaExceeded
+      else raise Exception
+      end
     end
 
-    def validate_string(input, min, max, length)
-      params = {api_key: @api_key, input: input, min: min, max: max, length: length}
+    def validate_pattern(pattern, input)
+      params = {api_key: @api_key, input: input}
 
-      return call_pattern("#{@base}/1/pattern/string", params)
+      return call_pattern("#{@base}/1/pattern/#{pattern}", params)
     end
 
     def hash(input, function)

data/lib/prevoty/responses/filter_statistics.rb

@@ -5,7 +5,6 @@ module Prevoty
                   :blacklisted_phrases, :flagged_phrases,
                   :javascript_attributes, :javascript_protocols, :javascript_tags,
                   :prevoty_profanity_features, :prevoty_spam_features,
-                  :prevoty_link_metadata, :prevoty_link_density,
                   :tags_balanced, :transformations
     def initialize(data)
       @bytes = data["bytes"]
@@ -19,8 +18,6 @@ module Prevoty
       @javascript_tags = data["javascript_tags"]
       @prevoty_profanity_features = data["prevoty_profanity_features"]
       @prevoty_spam_features = data["prevoty_spam_features"]
-      @prevoty_link_metadata = data["prevoty_link_metadata"]
-      @prevoty_link_density = data["prevoty_link_density"]
       @tags_balanced = data["tags_balanced"]
       @transformations = data["transformations"]
     end

data/lib/prevoty/responses/monitor_content.rb

@@ -0,0 +1,12 @@
+module Prevoty
+  class MonitorContent
+    attr_accessor :bytes, :javascript_attributes, :javascript_protocols, :javascript_tags
+
+    def initialize(data)
+      @bytes = data["bytes"]
+      @javascript_attributes = data["javascript_attributes"]
+      @javascript_protocols = data["javascript_protocols"]
+      @javascript_tags = data["javascript_tags"]
+    end
+  end
+end

data/lib/prevoty/responses/monitor_query.rb

@@ -0,0 +1,12 @@
+module Prevoty
+  class MonitorQuery
+    attr_accessor :version, :processed, :intelligence, :error
+
+    def initialize(data)
+      @version = data["version"]
+      @processed = data["processed"]
+      @intelligence = data["intel"].map {|statement| Intelligence.new(statement)}
+      @error = data["error"]
+    end
+  end
+end

data/lib/prevoty/version.rb

@@ -1,3 +1,3 @@
 module Prevoty
-  VERSION = "1.0.1"
+  VERSION = "1.1.0"
 end

data/prevoty.gemspec

@@ -22,4 +22,5 @@ Gem::Specification.new do |spec|
 
   spec.add_development_dependency "bundler", "~> 1.5"
   spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "pry", "~> 0.10"
 end

data/test/specs/client_spec.rb

@@ -124,6 +124,26 @@ describe Prevoty::Client do
     response.statistics.class.must_equal Prevoty::FilterStatistics
   end
 
+  it 'should throw BadInputParameter for monitor_content without an api key' do
+    client = Prevoty::Client.new('')
+    assert_raises Prevoty::BadInputParameter do
+      client.monitor_content(CONTENT_PAYLOAD)
+    end
+  end
+
+  it 'should throw BadAPIKey for monitor_content with an invalid api key' do
+    client = Prevoty::Client.new('badapikey')
+    assert_raises Prevoty::BadAPIKey do
+      client.monitor_content(CONTENT_PAYLOAD)
+    end
+  end
+
+  it 'should return a valid response for monitor with a valid api key' do
+    client = Prevoty::Client.new(API_KEY)
+    response = client.monitor_content(["stuff=lol", "things=<script>alert()</script>"])
+    response.class.must_equal Array
+  end
+
   it 'should throw BadInputParameter for generate_timed_token without an api key' do
     client = Prevoty::Client.new('')
     assert_raises Prevoty::BadInputParameter do
@@ -245,21 +265,21 @@ describe Prevoty::Client do
   it 'should throw BadInputParameter for analyze_query without an api key' do
     client = Prevoty::Client.new('')
     assert_raises Prevoty::BadInputParameter do
-      client.analyze_query(CONTENT_PAYLOAD, '')
+      client.analyze_query(QUERY_PAYLOAD, '')
     end
   end
 
   it 'should throw BadAPIKey for analyze_query with an invalid api key' do
     client = Prevoty::Client.new('badapikey')
     assert_raises Prevoty::BadAPIKey do
-      client.analyze_query(CONTENT_PAYLOAD, '')
+      client.analyze_query(QUERY_PAYLOAD, '')
     end
   end
 
   it 'should throw BadInputParameter for analyze_query with an invalid query key' do
     client = Prevoty::Client.new(API_KEY)
     assert_raises Prevoty::BadInputParameter do
-      client.analyze_query(CONTENT_PAYLOAD, 'badkey')
+      client.analyze_query(QUERY_PAYLOAD, 'badkey')
     end
   end
 
@@ -269,51 +289,49 @@ describe Prevoty::Client do
     response.class.must_equal Prevoty::QueryAnalysis
   end
 
-
-  it 'should throw BadInputParameter for validate_pattern without an api key' do
+  it 'should throw BadInputParameter for monitor_query without an api key' do
     client = Prevoty::Client.new('')
     assert_raises Prevoty::BadInputParameter do
-      client.validate_pattern(Prevoty::Pattern::NUMERIC, '')
+      client.monitor_query(MONITOR_QUERY_PAYLOAD)
     end
   end
 
-  it 'should throw BadAPIKey for validate_pattern with an invalid api key' do
+  it 'should throw BadAPIKey for monitor_query with an invalid api key' do
     client = Prevoty::Client.new('badapikey')
     assert_raises Prevoty::BadAPIKey do
-      client.validate_pattern(Prevoty::Pattern::NUMERIC, '')
+      client.monitor_query(MONITOR_QUERY_PAYLOAD)
     end
   end
 
-  it 'should throw BadInputParameter for validate_pattern with an invalid pattern' do
-    client = Prevoty::Client.new(API_KEY)
-    response = client.validate_pattern('badpattern', '12345')
-    response.matched.must_equal false
-  end
-
-  it 'should return a valid response for validate_pattern' do
+  it 'should return a valid response for monitor with a valid api key' do
     client = Prevoty::Client.new(API_KEY)
-    response = client.validate_pattern(Prevoty::Pattern::NUMERIC, '12345')
-    response.class.must_equal Prevoty::InputValidation
-    response.matched.must_equal true
+    response = client.monitor_query(MONITOR_QUERY_PAYLOAD)
+    response.class.must_equal Array
   end
 
-  it 'should throw BadInputParameter for validate_string without an api key' do
+  it 'should throw BadInputParameter for validate_pattern without an api key' do
     client = Prevoty::Client.new('')
     assert_raises Prevoty::BadInputParameter do
-      client.validate_string('test', 0, 5, 4)
+      client.validate_pattern(Prevoty::Pattern::NUMERIC, '')
     end
   end
 
-  it 'should throw BadAPIKey for validate_string with an invalid api key' do
+  it 'should throw BadAPIKey for validate_pattern with an invalid api key' do
     client = Prevoty::Client.new('badapikey')
     assert_raises Prevoty::BadAPIKey do
-      client.validate_string('test', 0, 5, 4)
+      client.validate_pattern(Prevoty::Pattern::NUMERIC, '')
     end
   end
 
-  it 'should return a valid response for validate_string' do
+  it 'should throw BadInputParameter for validate_pattern with an invalid pattern' do
+    client = Prevoty::Client.new(API_KEY)
+    response = client.validate_pattern('badpattern', '12345')
+    response.matched.must_equal false
+  end
+
+  it 'should return a valid response for validate_pattern' do
     client = Prevoty::Client.new(API_KEY)
-    response = client.validate_string('test', 0, 5, 4)
+    response = client.validate_pattern(Prevoty::Pattern::NUMERIC, '12345')
     response.class.must_equal Prevoty::InputValidation
     response.matched.must_equal true
   end

data/test/test_helper.rb

@@ -8,3 +8,4 @@ CONTENT_KEY = ''
 CONTENT_PAYLOAD = "the <script>alert('quick brown fox');</script> jumps over the lazy dog & mouse"
 QUERY_KEY = ''
 QUERY_PAYLOAD = 'select * from users'
+MONITOR_QUERY_PAYLOAD = [{vendor: 'mysql', query: QUERY_PAYLOAD, database: 'ruby_test'}]

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: prevoty
 version: !ruby/object:Gem::Version
-  version: 1.0.1
+  version: 1.1.0
 platform: ruby
 authors:
 - Joe Rozner
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2015-02-13 00:00:00.000000000 Z
+date: 2015-03-23 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: httparty
@@ -52,6 +52,20 @@ dependencies:
     - - "~>"
       - !ruby/object:Gem::Version
         version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: pry
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '0.10'
 description: Implementation of the Prevoty API
 email:
 - joe@prevoty.com
@@ -85,6 +99,8 @@ files:
 - lib/prevoty/responses/generate_token.rb
 - lib/prevoty/responses/hash_result.rb
 - lib/prevoty/responses/input_validation.rb
+- lib/prevoty/responses/monitor_content.rb
+- lib/prevoty/responses/monitor_query.rb
 - lib/prevoty/responses/query_analysis.rb
 - lib/prevoty/responses/rsa_private_key.rb
 - lib/prevoty/responses/rsa_public_key.rb