prevoty 1.1.1 → 1.3.0

Sign up to get free protection for your applications and to get access to all the features.
checksums.yaml CHANGED
@@ -1,7 +1,7 @@
1
1
  ---
2
2
  SHA1:
3
- metadata.gz: 38c4f3f352d90fec9466ae26d5ac7a30c3bb1468
4
- data.tar.gz: ff2d912f915dcc4414ba5b562bb54de4aeaace27
3
+ metadata.gz: fecf756843ccd0e613801114afe63558ecbe4340
4
+ data.tar.gz: c0b796704e01cdfc8e7494c0b57a28b7e36ebd08
5
5
  SHA512:
6
- metadata.gz: d1f19860ba74929e53bfed1a0ab28391d3a8a125e42bd88a7cc00d2a4f3a99eb58acd0c906854633d529817b2f33c210954788afda4d8572f6e24425cee15c4a
7
- data.tar.gz: 3b27b7f1f577423a49a4f771458ad4e88404a8cc4bd44a11784d86e53adb6fa198c1626f4fa7934fcbb183891282e01cf5149449c0b78ac6412a61bb4cfba7c5
6
+ metadata.gz: 1b1813d8e70e600083f6bc62a7632321796c538030d8097cb5ffec8eefe7ac416347cf67e689731bdd6a64a932bad436bfc50dcd3d10067e5e7687acb97bd236
7
+ data.tar.gz: c7453c7c9501ea5fcdf3f402e216fb1994615c9982dc72f671e7ecf80d40caee6f06ef59b9f4a21d306de233d0bcd3565865a83cfaabdcfc6144bde5b26e90e0
data/README.md CHANGED
@@ -21,13 +21,11 @@ Or install it yourself as:
21
21
 
22
22
  ## Usage
23
23
 
24
- 1) Pull a copy or .zip/.tar of this repository
25
-
26
- 2) Make sure you have an API key (located in your Prevoty Console http://prevoty.com)
27
-
28
- 3) Edit `example.rb` - you will want to put in your API and configuration keys
29
-
30
- 4) Run `ruby example.rb`
24
+ 1. Pull a copy or .zip/.tar of this repository
25
+ 2. Make sure you have a v1 API key (shown at the bottom of the API Keys page in Prevoty Manager Console)
26
+ 3. Edit `example.rb` - you will want to put in your API and policy configuration keys (from the Security
27
+ Policies page in Prevoty Manager Console, not to be confused with the keys from the Plugin Configurations page)
28
+ 4. Run `ruby example.rb`
31
29
 
32
30
  ## Contributing
33
31
 
@@ -30,4 +30,3 @@ require 'prevoty/responses/rsa_signature'
30
30
  require 'prevoty/responses/ecdsa_signature'
31
31
  require 'prevoty/responses/signature_verify'
32
32
  require 'prevoty/responses/monitor_content'
33
- require 'Prevoty/responses/monitor_query'
@@ -2,14 +2,24 @@ require 'httparty'
2
2
  require 'json'
3
3
 
4
4
  module Prevoty
5
+
6
+ # The Client is used to call specific methods that represent the various
7
+ # endpoints of the Prevoty API.
8
+
5
9
  class Client
6
10
  attr_accessor :api_key, :base
7
11
 
12
+ # Create a new Client
13
+ # @param api_key [String] the api_key
14
+ # @param base [String] the base url to request
15
+ # @return [Client] a new Client
8
16
  def initialize(api_key=nil, base=nil)
9
17
  @api_key = api_key
10
18
  @base = base ||= 'https://api.prevoty.com'
11
19
  end
12
20
 
21
+ # Verify that the supplied API key is valid
22
+ # @return [true, false]
13
23
  def verify_api_key
14
24
  params = {api_key: @api_key}
15
25
 
@@ -23,6 +33,8 @@ module Prevoty
23
33
  end
24
34
  end
25
35
 
36
+ # Get information about the current api key
37
+ # @return [APIKeyInfo] api key info
26
38
  def api_key_info
27
39
  params = {api_key: @api_key}
28
40
 
@@ -36,6 +48,9 @@ module Prevoty
36
48
  end
37
49
  end
38
50
 
51
+ # Verify that the specified content configuration key is valid
52
+ # @param configuration_key [String] content configuration key
53
+ # @return [true, false]
39
54
  def verify_content_configuration(configuration_key)
40
55
  params = {api_key: @api_key, rule_key: configuration_key}
41
56
 
@@ -49,6 +64,10 @@ module Prevoty
49
64
  end
50
65
  end
51
66
 
67
+ # Filter content through the prevoty engine
68
+ # @param input [String] content to be filtered
69
+ # @param configuration_key [String] configuration to filter the content with
70
+ # @return [FilterContent] filtered response from the api
52
71
  def filter_content(input, configuration_key)
53
72
  params = {api_key: @api_key, rule_key: configuration_key, input: input}
54
73
 
@@ -64,6 +83,10 @@ module Prevoty
64
83
  end
65
84
  end
66
85
 
86
+ # Filter a full query string from a request
87
+ # @param input [String] query string to filter
88
+ # @param configuration_key [String] configuration to filter content with
89
+ # @return [FilterContent] filtered response from the api
67
90
  def bulk_filter(input, configuration_key)
68
91
  params = {api_key: @api_key, rule_key: configuration_key, input: input}
69
92
 
@@ -79,10 +102,13 @@ module Prevoty
79
102
  end
80
103
  end
81
104
 
105
+ # Monitor content
106
+ # @param input [Array] content to perform analysis on
107
+ # @return [Array] array of content that has been analyzed
82
108
  def monitor_content(input)
83
109
  params = {api_key: @api_key, input: JSON.dump(input)}
84
110
 
85
- response = HTTParty.post("#{@base}/1/xss/monitor", query: params)
111
+ response = HTTParty.post("#{@base}/1/xss/monitor", body: params)
86
112
  case response.code
87
113
  when 200 then return JSON.parse(response.body).map {|record| MonitorContent.new(record)}
88
114
  when 400 then raise BadInputParameter
@@ -94,6 +120,11 @@ module Prevoty
94
120
  end
95
121
  end
96
122
 
123
+ # Generate a timed CSRF token
124
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
125
+ # @param action [String] action the token is being generated for
126
+ # @param ttl [Integer] time in seconds the token is valid for (min: 0, max: 86400)
127
+ # @return [GenerateToken] generated token
97
128
  def generate_timed_token(user_identifier, action, ttl)
98
129
  params = {api_key: @api_key, user_identifier: user_identifier, action: action, ttl: ttl}
99
130
 
@@ -108,6 +139,11 @@ module Prevoty
108
139
  end
109
140
  end
110
141
 
142
+ # Validate a timed CSRF token
143
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
144
+ # @param action [String] action the token is being validated for
145
+ # @param token [String] token to be validated
146
+ # @return [ValidateToken] result of validating
111
147
  def validate_timed_token(user_identifier, action, token)
112
148
  params = {api_key: @api_key, user_identifier: user_identifier, action: action, token: token}
113
149
 
@@ -122,6 +158,11 @@ module Prevoty
122
158
  end
123
159
  end
124
160
 
161
+ # Delete a timed token
162
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
163
+ # @param action [String] action the token is being deleted for
164
+ # @param token [String] token to delete
165
+ # @return [DeleteToken] result of deleting the token
125
166
  def delete_timed_token(user_identifier, action, token)
126
167
  params = {api_key: @api_key, user_identifier: user_identifier, action: action, token: token}
127
168
 
@@ -136,6 +177,10 @@ module Prevoty
136
177
  end
137
178
  end
138
179
 
180
+ # Generate a persisted token
181
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
182
+ # @param action [String] action the token is being generated for
183
+ # @return [GenerateToken] generated token
139
184
  def generate_persisted_token(user_identifier, action)
140
185
  params = {api_key: @api_key, user_identifier: user_identifier, action: action}
141
186
 
@@ -150,6 +195,11 @@ module Prevoty
150
195
  end
151
196
  end
152
197
 
198
+ # Validate a persisted token
199
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
200
+ # @param action [String] action the token is being validated for
201
+ # @param token [String] token to be validated
202
+ # @return [ValidateToken] result of validating
153
203
  def validate_persisted_token(user_identifier, action, token)
154
204
  params = {api_key: @api_key, user_identifier: user_identifier, action: action, token: token}
155
205
 
@@ -164,6 +214,11 @@ module Prevoty
164
214
  end
165
215
  end
166
216
 
217
+ # Delete a persisted
218
+ # @param user_identifier [String] unique identifier for a user (eg. session id)
219
+ # @param action [String] action the token is being deleted for
220
+ # @param token [String] token to delete
221
+ # @return [DeleteToken] result of deleting the token
167
222
  def delete_persisted_token(user_identifier, action, token)
168
223
  params = {api_key: @api_key, user_identifier: user_identifier, action: action, token: token}
169
224
 
@@ -178,6 +233,10 @@ module Prevoty
178
233
  end
179
234
  end
180
235
 
236
+ # Analyze an SQL query
237
+ # @param query [String] query to analyze
238
+ # @param config_key [String] configuration to analyze with
239
+ # @return [QueryAnalysis] analysis of the query
181
240
  def analyze_query(query, config_key)
182
241
  params = {api_key: @api_key, query: query, config_key: config_key}
183
242
 
@@ -192,10 +251,13 @@ module Prevoty
192
251
  end
193
252
  end
194
253
 
254
+ # Monitor an SQL query
255
+ # @param query [Array] array of queries to monitor
256
+ # @return [Array] array of analysis results
195
257
  def monitor_query(query)
196
258
  params = {api_key: @api_key, inputs: JSON.dump(query)}
197
259
 
198
- response = HTTParty.post("#{@base}/1/query/monitor", query: params)
260
+ response = HTTParty.post("#{@base}/1/query/monitor", body: params)
199
261
  case response.code
200
262
  when 200 then return JSON.parse(response.body).map {|record| MonitorQuery.new(record)}
201
263
  when 400 then raise BadInputParameter
@@ -207,12 +269,30 @@ module Prevoty
207
269
  end
208
270
  end
209
271
 
272
+ # Validate input with a pattern
273
+ # @param pattern [Integer, String] pattern to validate with. For built-ins constants can be found in {Prevoty::Pattern}
274
+ # @param input [String] input to validate
275
+ # @return [InputValidation] pattern validation result
210
276
  def validate_pattern(pattern, input)
211
277
  params = {api_key: @api_key, input: input}
212
278
 
213
- return call_pattern("#{@base}/1/pattern/#{pattern}", params)
279
+ response = HTTParty.get("#{@base}/1/pattern/#{pattern}", query: params)
280
+ case response.code
281
+ when 200 then return InputValidation.new(JSON.parse(response.body))
282
+ when 400 then raise BadInputParameter
283
+ when 403 then raise BadAPIKey
284
+ when 500 then raise InternalError
285
+ when 507 then raise AccountQuotaExceeded
286
+ else raise Exception
287
+ end
214
288
  end
215
289
 
290
+ # Hash input with a specified algorithm
291
+ #
292
+ # @note Constants for hash functions are specified in {Prevoty::Hash}
293
+ # @param input [String] input to hash
294
+ # @param function [Integer] hash function to use
295
+ # @return [HashResult] hashed input
216
296
  def hash(input, function)
217
297
  params = {api_key: @api_key, payload: input, function: function}
218
298
 
@@ -227,6 +307,12 @@ module Prevoty
227
307
  end
228
308
  end
229
309
 
310
+ # Encrypt input with a specified algorithm
311
+ #
312
+ # @param input [String] into to encrypt
313
+ # @param algorithm [Integer] algorithm to encrypt with. Constants are specified in {Prevoty::Crypto::Algorithms}
314
+ # @param mode [Integer] mode to use. Constants are specified in {Prevoty::Crypto::Modes}
315
+ # @return [EncryptResult] encrypted data
230
316
  def encrypt(input, algorithm, mode)
231
317
  params = {api_key: @api_key, payload: input, algorithm: algorithm, mode: mode}
232
318
 
@@ -241,6 +327,10 @@ module Prevoty
241
327
  end
242
328
  end
243
329
 
330
+ # Decrypt encrypted data
331
+ #
332
+ # @param result [EncryptResult] data to decrypt
333
+ # @return [DecryptResult] decrypted data
244
334
  def decrypt(result)
245
335
  params = {api_key: @api_key, obj: result.to_json}
246
336
 
@@ -255,6 +345,10 @@ module Prevoty
255
345
  end
256
346
  end
257
347
 
348
+ # Generate a keypair using RSA
349
+ #
350
+ # @param keysize [Integer] number of bits for the keysize
351
+ # @return [RSAPrivateKey] private key
258
352
  def generate_rsa_keypair(keysize)
259
353
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::RSA_PKCS, meta: keysize}
260
354
 
@@ -269,6 +363,10 @@ module Prevoty
269
363
  end
270
364
  end
271
365
 
366
+ # Generate a keypair using ECDSA
367
+ #
368
+ # @param curve [Integer] curve to use. Constants exist in {Prevoty::Crypto::Curves}
369
+ # @return [ECDSAPrivateKey] private key
272
370
  def generate_ecdsa_keypair(curve)
273
371
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::ECDSA, meta: curve}
274
372
 
@@ -283,49 +381,78 @@ module Prevoty
283
381
  end
284
382
  end
285
383
 
384
+ # Sign data using RSA PSS
385
+ #
386
+ # @param payload [String] the data to sign
387
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
388
+ # @param private_key [RSAPrivateKey] private key to sign with
389
+ # @param options [Integer] RSA PSS options. Constants can be found in {Prevoty::Crypto::PSSSaltOptions}
390
+ # @return [RSASignature] signature of data
286
391
  def rsa_pss_signature(payload, func, private_key, options)
287
392
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::RSA_PSS, hash: func, key: private_key.to_json, payload: payload, opt: options}
288
393
  return call_rsa_signature(params)
289
394
  end
290
395
 
396
+ # Sign data using RSA PKCS
397
+ #
398
+ # @param payload [String] the data to sign
399
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
400
+ # @param private_key [RSAPrivateKey] private key to sign with
401
+ # @return [RSASignature] signature of data
291
402
  def rsa_pkcs_signature(payload, func, private_key)
292
403
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::RSA_PKCS, hash: func, key: private_key.to_json, payload: payload}
293
404
  return call_rsa_signature(params)
294
405
  end
295
406
 
407
+ # Sign data using ECDSA
408
+ #
409
+ # @param payload [String] the data to sign
410
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
411
+ # @param private_key [ECDSAPrivateKey] private key to sign with
412
+ # @return [RSASignature] signature of data
296
413
  def ecdsa_signature(payload, func, private_key)
297
414
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::ECDSA, hash: func, key: private_key.to_json, payload: payload}
298
415
  return call_ecdsa_signature(params)
299
416
  end
300
417
 
418
+ # Verify RSA PSS signature
419
+ #
420
+ # @param payload [String] the data to verify
421
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
422
+ # @param public_key [RSAPublicKey] public key to verify signature with
423
+ # @param signature [String] signature to verify
424
+ # @param options [Integer] RSA PSS options. Constants can be found in {Prevoty::Crypto::PSSSaltOptions}
425
+ # @return [SignatureVerify] signature of data
301
426
  def verify_rsa_pss_signature(payload, func, public_key, signature, options)
302
427
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::RSA_PSS, hash: func, key: public_key.to_json, sig: signature.to_json, payload: payload, opt: options}
303
428
  return call_verify_signature(params)
304
429
  end
305
430
 
431
+ # Verify RSA PSS signature
432
+ #
433
+ # @param payload [String] the data to verify
434
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
435
+ # @param public_key [RSAPublicKey] public key to verify signature with
436
+ # @param signature [String] signature to verify
437
+ # @return [SignatureVerify] signature of data
306
438
  def verify_rsa_pkcs_signature(payload, func, public_key, signature)
307
439
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::RSA_PKCS, hash: func, key: public_key.to_json, sig: signature.to_json, payload: payload}
308
440
  return call_verify_signature(params)
309
441
  end
310
442
 
443
+ # Verify ECDSA signature
444
+ #
445
+ # @param payload [String] the data to verify
446
+ # @param func [Integer] the hash function to sign with. Constants can be found in {Prevoty::Hash}
447
+ # @param public_key [ECDSAPublicKey] public key to verify signature with
448
+ # @param signature [String] signature to verify
449
+ # @return [SignatureVerify] signature of data
311
450
  def verify_ecdsa_signature(payload, func, public_key, signature)
312
451
  params = {api_key: @api_key, algorithm: Prevoty::Crypto::KeyAlgorithms::ECDSA, hash: func, key: public_key.to_json, sig: signature.to_json, payload: payload}
313
452
  return call_verify_signature(params)
314
453
  end
315
454
 
316
455
  private
317
- def call_pattern(url, params)
318
- response = HTTParty.get(url, query: params)
319
- case response.code
320
- when 200 then return InputValidation.new(JSON.parse(response.body))
321
- when 400 then raise BadInputParameter
322
- when 403 then raise BadAPIKey
323
- when 500 then raise InternalError
324
- when 507 then raise AccountQuotaExceeded
325
- else raise Exception
326
- end
327
- end
328
-
329
456
  def call_rsa_signature(params)
330
457
  response = HTTParty.post("#{@base}/1/crypto/sign", query: params)
331
458
  case response.code
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class APIKeyInfo
3
- attr_accessor :maximum, :used, :remaining, :message
3
+ attr_reader :maximum, :used, :remaining, :message
4
4
 
5
5
  def initialize(data)
6
6
  @maximum = data["maximum"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class DecryptResult
3
- attr_accessor :plain_text
3
+ attr_reader :plain_text
4
4
 
5
5
  def initialize(data)
6
6
  @plain_text = data["plain_text"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class DeleteToken
3
- attr_accessor :deleted, :message
3
+ attr_reader :deleted, :message
4
4
 
5
5
  def initialize(data)
6
6
  @deleted = data["deleted"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class ECDSAPrivateKey < ECDSAPublicKey
3
- attr_accessor :d
3
+ attr_reader :d
4
4
 
5
5
  def initialize(data)
6
6
  super(data)
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class ECDSAPublicKey
3
- attr_accessor :x, :y, :curve_id
3
+ attr_reader :x, :y, :curve_id
4
4
 
5
5
  def initialize(data)
6
6
  @x = data["x"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class ECDSASignature
3
- attr_accessor :r, :s
3
+ attr_reader :r, :s
4
4
 
5
5
  def initialize(data)
6
6
  @r = data["r"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class EncryptResult
3
- attr_accessor :algorithm, :mode, :mac_key, :key, :mac, :cipher_text
3
+ attr_reader :algorithm, :mode, :mac_key, :key, :mac, :cipher_text
4
4
 
5
5
  def initialize(data)
6
6
  @algorithm = data["algorithm"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class FilterContent
3
- attr_accessor :message, :output, :statistics
3
+ attr_reader :message, :output, :statistics
4
4
 
5
5
  def initialize(data)
6
6
  @message = data["message"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class FilterStatistics
3
- attr_accessor :bytes,
3
+ attr_reader :bytes,
4
4
  :invalid_attributes, :invalid_protocols, :invalid_tags,
5
5
  :blacklisted_phrases, :flagged_phrases,
6
6
  :javascript_attributes, :javascript_protocols, :javascript_tags,
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class GenerateToken
3
- attr_accessor :token, :message
3
+ attr_reader :token, :message
4
4
 
5
5
  def initialize(data)
6
6
  @token = data["token"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class HashResult
3
- attr_accessor :hash
3
+ attr_reader :hash
4
4
 
5
5
  def initialize(data)
6
6
  @hash = data["hash"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class InputValidation
3
- attr_accessor :matched, :message
3
+ attr_reader :matched, :message
4
4
 
5
5
  def initialize(data)
6
6
  @matched = data["matched"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class MonitorContent
3
- attr_accessor :bytes, :javascript_attributes, :javascript_protocols, :javascript_tags
3
+ attr_reader :bytes, :javascript_attributes, :javascript_protocols, :javascript_tags
4
4
 
5
5
  def initialize(data)
6
6
  @bytes = data["bytes"]
@@ -1,32 +1,76 @@
1
1
  module Prevoty
2
2
  class QueryAnalysis
3
- attr_accessor :version, :processed, :compliant, :statements, :error
3
+ attr_reader :engine_version, :processed, :vendor, :vendor_version,
4
+ :compliant, :statements, :error
4
5
 
5
6
  def initialize(data)
6
- @version = data["version"]
7
+ @engine_version = data["engine_version"]
7
8
  @processed = data["processed"]
9
+ @vendor = data["vendor"]
10
+ @vendor_version = data["vendor_version"]
8
11
  @compliant = data["compliant"]
9
12
  @statements = data["statements"].map {|statement| Statement.new(statement)}
10
13
  @error = data["error"]
11
14
  end
15
+
16
+ def to_json(options)
17
+ return {
18
+ engine_version: @engine_version, processed: @processed,
19
+ vendor: @vendor, vendor_version: @vendor_version,
20
+ compliant: @compliant, statements: @statements, error: @error
21
+ }.to_json
22
+ end
23
+ end
24
+
25
+ class MonitorQuery
26
+ attr_reader :engine_version, :processed, :vendor, :vendor_version,
27
+ :intelligence, :error
28
+
29
+ def initialize(data)
30
+ @engine_version = data["engine_version"]
31
+ @processed = data["processed"]
32
+ @vendor = data["vendor"]
33
+ @vendor_version = data["vendor_version"]
34
+ @intelligence = data["intelligence"].map {|statement| Intelligence.new(statement)}
35
+ @error = data["error"]
36
+ end
37
+
38
+ def to_json(options)
39
+ return {
40
+ engine_version: @engine_version, processed: @processed,
41
+ vendor: @vendor, vendor_version: @vendor_version,
42
+ intelligence: @intelligence, error: @error
43
+ }.to_json
44
+ end
12
45
  end
13
46
 
14
47
  class Statement
15
- attr_accessor :intelligence, :violations
48
+ attr_reader :intelligence, :violations
16
49
 
17
50
  def initialize(data)
18
51
  @intelligence = Intelligence.new(data["intelligence"])
19
52
  @violations = Violations.new(data["violations"])
20
53
  end
54
+
55
+ def to_json(options)
56
+ return {
57
+ intelligence: @intelligence, violations: @violations
58
+ }.to_json
59
+ end
21
60
  end
22
61
 
23
62
  class Intelligence
24
- attr_accessor :statement_type, :row_creates, :column_reads, :column_updates,
25
- :row_deletes, :has_admin, :function_calls, :joins, :unions,
26
- :subqueries
63
+ attr_reader :statement_type, :sanitized_statement, :hashed_statement,
64
+ :has_comment, :comparison_types, :row_creates, :column_reads,
65
+ :column_updates, :row_deletes, :has_admin, :function_calls,
66
+ :joins, :unions, :subqueries
27
67
 
28
68
  def initialize(data)
29
69
  @statement_type = data["statement_type"]
70
+ @sanitized_statement = data["sanitized_statement"]
71
+ @hashed_statement = data["hashed_statement"]
72
+ @has_comment = data["has_comment"]
73
+ @comparison_types = ComparisonTypes.new(data["comparison_types"])
30
74
  @row_creates = data["row_creates"].map {|el| Table.new(el)}
31
75
  @column_reads = data["column_reads"].map {|el| Column.new(el)}
32
76
  @column_updates = data["column_updates"].map {|el| Column.new(el)}
@@ -37,38 +81,87 @@ module Prevoty
37
81
  @unions = data["unions"].map {|el| Table.new(el)}
38
82
  @subqueries = data["subqueries"].map {|el| Table.new(el)}
39
83
  end
84
+
85
+ def to_json(options)
86
+ return {
87
+ statement_type: @statement_type,
88
+ sanitized_statement: @sanitized_statement,
89
+ hashed_statement: @hashed_statement, has_comment: @has_comment,
90
+ comparison_types: @comparison_types, row_creates: @row_creates,
91
+ column_reads: @column_reads, column_upates: @column_updates,
92
+ row_deletes: @row_deletes, has_admin: @has_admin,
93
+ function_calls: @function_calls, joins: @joins, unions: @unions,
94
+ subqueries: @subqueries
95
+ }.to_json
96
+ end
97
+ end
98
+
99
+ class ComparisonTypes
100
+ attr_reader :contradiction, :dynamic, :static, :tautology
101
+
102
+ def initialize(data)
103
+ @contradiction = data["contradiction"]
104
+ @dynamic = data["dynamic"]
105
+ @static = data["static"]
106
+ @tautology = data["tautology"]
107
+ end
108
+
109
+ def to_json(options)
110
+ return {
111
+ contradiction: @contradiction, dynamic: @dynamic, static: @static,
112
+ tautology: @tautology
113
+ }.to_json
114
+ end
40
115
  end
41
116
 
42
117
  class Table
43
- attr_accessor :database, :table
118
+ attr_reader :database, :table
44
119
 
45
120
  def initialize(data)
46
121
  @database = data["database"]
47
122
  @table = data["table"]
48
123
  end
124
+
125
+ def to_json(options)
126
+ return {
127
+ database: @database, table: @table
128
+ }.to_json
129
+ end
49
130
  end
50
131
 
51
132
  class Column
52
- attr_accessor :database, :table, :column
133
+ attr_reader :database, :table, :column
53
134
 
54
135
  def initialize(data)
55
136
  @database = data["database"]
56
137
  @table = data["table"]
57
138
  @column = data["column"]
58
139
  end
140
+
141
+ def to_json(options)
142
+ return {
143
+ database: @database, table: @table, column: @column
144
+ }.to_json
145
+ end
59
146
  end
60
147
 
61
148
  class FunctionCall
62
- attr_accessor :name, :arguments
149
+ attr_reader :name, :arguments
63
150
 
64
151
  def initialize(data)
65
152
  @name = data["name"]
66
153
  @arguments = data["arguments"]
67
154
  end
155
+
156
+ def to_json(options)
157
+ return {
158
+ name: @name, arguments: @arguments
159
+ }.to_json
160
+ end
68
161
  end
69
162
 
70
163
  class Violations
71
- attr_accessor :row_create_violations, :column_read_violations, :column_update_violations,
164
+ attr_reader :row_create_violations, :column_read_violations, :column_update_violations,
72
165
  :row_delete_violation, :admin_violation, :union_violations, :join_violations,
73
166
  :subquery_violations, :function_violations
74
167
 
@@ -83,5 +176,17 @@ module Prevoty
83
176
  @subquery_violations = data["subquery_violations"].map {|el| Table.new(el)}
84
177
  @function_violations = data["function_violations"].map {|el| FunctionCall.new(el)}
85
178
  end
179
+
180
+ def to_json(options)
181
+ return {
182
+ row_create_violations: @row_create_violations,
183
+ column_read_violations: @column_read_violations,
184
+ column_update_violations: @column_update_violations,
185
+ row_delete_violations: @row_delete_violations,
186
+ admin_violation: @admin_violation, union_violation: @union_violation,
187
+ join_violations: @join_violations, subquery_violations: @subquery_violations,
188
+ function_violations: @function_violations
189
+ }.to_json
190
+ end
86
191
  end
87
192
  end
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class RSAPrivateKey < RSAPublicKey
3
- attr_accessor :d, :primes, :precomputed
3
+ attr_reader :d, :primes, :precomputed
4
4
 
5
5
  def initialize(data)
6
6
  super(data)
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class RSAPublicKey
3
- attr_accessor :n, :e
3
+ attr_reader :n, :e
4
4
 
5
5
  def initialize(data)
6
6
  @n = data["N"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class RSASignature
3
- attr_accessor :signature
3
+ attr_reader :signature
4
4
 
5
5
  def initialize(data)
6
6
  @signature = data["signature"]
@@ -1,6 +1,6 @@
1
1
  module Prevoty
2
2
  class ValidateToken
3
- attr_accessor :valid, :message
3
+ attr_reader :valid, :message
4
4
 
5
5
  def initialize(data)
6
6
  @valid = data["valid"]
@@ -1,3 +1,3 @@
1
1
  module Prevoty
2
- VERSION = "1.1.1"
2
+ VERSION = "1.3.0"
3
3
  end
@@ -23,4 +23,5 @@ Gem::Specification.new do |spec|
23
23
  spec.add_development_dependency "bundler", "~> 1.5"
24
24
  spec.add_development_dependency "rake", "~> 10.0"
25
25
  spec.add_development_dependency "pry", "~> 0.10"
26
+ spec.add_development_dependency "yard", "~> 0.8"
26
27
  end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: prevoty
3
3
  version: !ruby/object:Gem::Version
4
- version: 1.1.1
4
+ version: 1.3.0
5
5
  platform: ruby
6
6
  authors:
7
7
  - Joe Rozner
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2015-04-13 00:00:00.000000000 Z
11
+ date: 2016-08-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: httparty
@@ -66,6 +66,20 @@ dependencies:
66
66
  - - "~>"
67
67
  - !ruby/object:Gem::Version
68
68
  version: '0.10'
69
+ - !ruby/object:Gem::Dependency
70
+ name: yard
71
+ requirement: !ruby/object:Gem::Requirement
72
+ requirements:
73
+ - - "~>"
74
+ - !ruby/object:Gem::Version
75
+ version: '0.8'
76
+ type: :development
77
+ prerelease: false
78
+ version_requirements: !ruby/object:Gem::Requirement
79
+ requirements:
80
+ - - "~>"
81
+ - !ruby/object:Gem::Version
82
+ version: '0.8'
69
83
  description: Implementation of the Prevoty API
70
84
  email:
71
85
  - joe@prevoty.com
@@ -73,7 +87,6 @@ executables: []
73
87
  extensions: []
74
88
  extra_rdoc_files: []
75
89
  files:
76
- - ".gitignore"
77
90
  - Gemfile
78
91
  - LICENSE
79
92
  - README.md
@@ -100,7 +113,6 @@ files:
100
113
  - lib/prevoty/responses/hash_result.rb
101
114
  - lib/prevoty/responses/input_validation.rb
102
115
  - lib/prevoty/responses/monitor_content.rb
103
- - lib/prevoty/responses/monitor_query.rb
104
116
  - lib/prevoty/responses/query_analysis.rb
105
117
  - lib/prevoty/responses/rsa_private_key.rb
106
118
  - lib/prevoty/responses/rsa_public_key.rb
@@ -131,10 +143,11 @@ required_rubygems_version: !ruby/object:Gem::Requirement
131
143
  version: '0'
132
144
  requirements: []
133
145
  rubyforge_project:
134
- rubygems_version: 2.4.5
146
+ rubygems_version: 2.5.1
135
147
  signing_key:
136
148
  specification_version: 4
137
149
  summary: Pevoty API client for Ruby
138
150
  test_files:
139
151
  - test/specs/client_spec.rb
140
152
  - test/test_helper.rb
153
+ has_rdoc:
data/.gitignore DELETED
@@ -1,19 +0,0 @@
1
- *.gem
2
- *.rbc
3
- .bundle
4
- .config
5
- .yardoc
6
- Gemfile.lock
7
- InstalledFiles
8
- _yardoc
9
- coverage
10
- doc/
11
- lib/bundler/man
12
- pkg
13
- rdoc
14
- spec/reports
15
- test/tmp
16
- test/version_tmp
17
- tmp
18
- .*swp
19
- .DS_Store
@@ -1,12 +0,0 @@
1
- module Prevoty
2
- class MonitorQuery
3
- attr_accessor :version, :processed, :intelligence, :error
4
-
5
- def initialize(data)
6
- @version = data["version"]
7
- @processed = data["processed"]
8
- @intelligence = data["intel"].map {|statement| Intelligence.new(statement)}
9
- @error = data["error"]
10
- end
11
- end
12
- end