sqreen 0.7.01461158029-java

data/lib/sqreen/callback_tree.rb

@@ -0,0 +1,78 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/log'
+
+module Sqreen
+  class CBTree
+    include Enumerable
+    # Callbacks tree:
+    # class
+    # methods
+    # position
+
+    def initialize
+      @by_class = {}
+    end
+
+    def add(cb)
+      @by_class[cb.klass] = {} unless @by_class[cb.klass]
+
+      cb_klass = @by_class[cb.klass]
+      unless cb_klass[cb.method]
+        cb_klass[cb.method] = { :pre => [], :post => [], :failing => [] }
+      end
+
+      methods = cb_klass[cb.method]
+
+      methods[:pre] << cb if cb.pre?
+      methods[:post] << cb if cb.post?
+      methods[:failing] << cb if cb.failing?
+    end
+
+    def remove(cb)
+      types = @by_class[cb.klass][cb.method]
+
+      types[:pre].delete cb  if cb.pre?
+      types[:post].delete cb if cb.post?
+      types[:failing].delete cb if cb.failing?
+    end
+
+    def get(klass, method, type = nil)
+      k = @by_class[klass]
+      unless k
+        log(format('Error: no cb registered for class %s (%s)', klass.inspect, klass.class))
+        log(inspect)
+        return []
+      end
+      cbs = k[method]
+      unless cbs
+        log(format('Error: no cbs registered for method %s.%s', klass, method))
+        log(inspect)
+        return []
+      end
+
+      if type.nil?
+        res = Set.new
+        cbs.values.each do |v|
+          res += v
+        end
+        return res.to_a
+      else
+        return cbs[type]
+      end
+    end
+
+    def each
+      @by_class.each do |_klass, values|
+        values.each do |_method, cbs|
+          cbs.values.each do |cb_ary|
+            cb_ary.each do |cb|
+              yield cb
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/lib/sqreen/callbacks.rb

@@ -0,0 +1,120 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'set'
+
+module Sqreen
+  module SharedStorage
+    @@shared = {}
+
+    def self::get(key, default = nil)
+      h = @@shared[Thread.current]
+      return h.fetch(key, default) if h
+      default
+    end
+
+    def self::set(key, obj)
+      main_key = Thread.current
+      @@shared[main_key] = {} unless @@shared.key? main_key
+      @@shared[main_key][key] = obj
+    end
+
+    def self.clear
+      @@shared.delete(Thread.current)
+    end
+
+    def self.inc(value)
+      set(value, get(value, 0) + 1)
+    end
+
+    def self.dec(value)
+      set(value, get(value, 0) - 1)
+    end
+  end
+
+  class CB
+    # Callback class.
+    #
+    # Three methods can be defined:
+    # - pre(*args, &block)
+    #   To be called prior to the hooked method.
+    # - post(return_value, *args, &block)
+    #   To be called after the hooked method. The return_value argument is
+    #   the value returned by the hooked method.
+    # - failing(exception, ...)
+    #   To be called when the method raise
+    # The method pre, post and exception may return nil or a Hash.
+    #  - nil: the original method is called and the callback has no further
+    #    effect
+    #  - { :status => :skip }: we skip the original method call
+    #  - { :status => :raise}:
+    #
+    #  - nil: the original return value is returned, as if coallback had no
+    #    effect
+    #  - { :status => :raise}:
+    #  - { :status => :override }:
+    #
+    #  - nil: reraise
+    #  - { :status => :reraise }: reraise
+    #  - { :status => :override }: eat exception
+    #  - { :retry => :retry }: try the block again
+
+    attr_reader :klass, :method
+
+    def initialize(klass, method)
+      @method = method
+      @klass = klass
+
+      @has_pre  = respond_to? :pre
+      @has_post = respond_to? :post
+      @has_failing = respond_to? :failing
+
+      raise(Sqreen::Exception, 'No callback provided') unless @has_pre || @has_post || @has_failing
+    end
+
+    def pre?
+      @has_pre
+    end
+
+    def post?
+      @has_post
+    end
+
+    def failing?
+      @has_failing
+    end
+
+    def to_s
+      format('#<%s: %s.%s>', self.class, @klass, @method)
+    end
+  end
+  # target_method, position, callback, callback class
+
+  class DefaultCB < CB
+    def pre(_inst, *args, &_block)
+      Sqreen.log.debug "<< #{@klass} #{@method} #{Thread.current}"
+      Sqreen.log.debug args.join ' '
+      # log params
+    end
+
+    def post(_rv, _inst, *_args, &_block)
+      # log "#{rv}"
+      Sqreen.log.debug ">> #{@klass} #{@method} #{Thread.current}"
+    end
+  end
+
+  class RunWhenCalledCB < CB
+    def initialize(klass, method, &block)
+      super(klass, method)
+
+      raise 'missing block' unless block_given?
+      @block = block
+    end
+
+    def pre(_inst, *_args, &_block)
+      # FIXME: implement this removal
+      @remove_me = true
+      @block.call
+    end
+  end
+end

data/lib/sqreen/capped_queue.rb

@@ -0,0 +1,23 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+module Sqreen
+  # A simple size limited queue.
+  # When trying to enqueue more than the capacity
+  # the older elements will get thrown
+  class CappedQueue < Queue
+    attr_reader :capacity
+
+    def initialize(capacity)
+      @capacity = capacity
+      super()
+    end
+
+    alias original_push push
+
+    def push(value)
+      pop until size < @capacity
+      original_push(value)
+    end
+  end
+end

data/lib/sqreen/condition_evaluator.rb

@@ -0,0 +1,169 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/binding_accessor'
+require 'sqreen/exception'
+
+# Evaluate a condition, resolving literals using BindingAccessor.
+#
+#  { "%and" => ["true", "true"] } -> true
+#  { "%or"  => ["true", "false"] } -> true
+#  { "%and" => ["false", "true"] } -> false
+#
+#  { "%equal" => ["coucou", "#.args[0]"] } -> "coucou" == args[0]
+#  { "%hash_val_include" => ["toto is a small guy", "#.request_params"] } ->
+#       true if one value of request params in included
+#       in the sentence 'toto is a small guy'.
+#
+# Combine expressions:
+#  { "%or" =>
+#    [
+#      { "%hash_val_include" => ["AAA", "#.request_params"] },
+#      { "%hash_val_include" => ["BBB", "#.request_params"] },
+#    ]
+#  }
+# will return true if one of the request_params include either AAA or BBB.
+#
+class ConditionEvaluator
+  # Predicate: Is value deeply included in hash
+  # @params value [Object] object to find
+  # @params hash [Hash] Hash to search into
+  # @params min_value_size [Fixnum] to compare against
+  def self.hash_val_include?(value, hash, min_value_size, rem = 10)
+    return false if rem <= 0
+    hash.any? do |_k, hval|
+      case hval
+      when Hash
+        ConditionEvaluator.hash_val_include?(value, hval, min_value_size, rem - 1)
+      when NilClass
+        false
+      else
+        return false if hval.respond_to?(:empty?) && hval.empty?
+        v = hval.to_s
+        return false if v.size < min_value_size
+        value.to_s.include?(v)
+      end
+    end
+  end
+
+  # Initialize evaluator
+  # @param cond [Hash] condition Hash
+  def initialize(cond)
+    unless cond == true || cond == false
+      unless cond.respond_to? :each
+        raise(Sqreen::Exception, "cond should be a Hash (was #{cond.class})")
+      end
+    end
+    @raw = cond
+    @compiled = compile_expr(cond, 10)
+  end
+
+  # Evaluate the condition
+  # @params *args: BindingAccessor evaluate arguments
+  def evaluate(*args)
+    evaluate_expr(@compiled, 10, *args)
+  end
+
+  protected
+
+  def compile_expr(exp, rem)
+    return exp if exp == true || exp == false
+    raise(Sqreen::Exception, 'too deep call detected') if rem <= 0
+    h = {}
+    exp.each do |op, values|
+      unless op.is_a? String
+        raise Sqreen::Exception, "op should be a String (was #{op.class})"
+      end
+      unless values.is_a?(Array)
+        raise Sqreen::Exception, "values should be an Array (was #{values.class})"
+      end
+      h[op] = values.map do |v|
+        case v
+        when Hash
+          compile_expr(v, rem - 1)
+        when 'true'
+          true
+        when 'false'
+          false
+        else
+          BindingAccessor.new(v.to_s)
+        end
+      end
+    end
+    h
+  end
+
+  EQ_OPERATOR       = '%equal'.freeze
+  NEQ_OPERATOR      = '%not_equal'.freeze
+  GTE_OPERATOR      = '%gte'.freeze
+  LTE_OPERATOR      = '%lte'.freeze
+  GT_OPERATOR       = '%gt'.freeze
+  LT_OPERATOR       = '%lt'.freeze
+  HASH_INC_OPERATOR = '%hash_val_include'.freeze
+  INC_OPERATOR      = '%include'.freeze
+  OR_OPERATOR       = '%or'.freeze
+  AND_OPERATOR      = '%and'.freeze
+
+  OPERATORS_ARITY = {
+    HASH_INC_OPERATOR => 3,
+    EQ_OPERATOR       => 2,
+    NEQ_OPERATOR      => 2,
+    INC_OPERATOR      => 2,
+    GTE_OPERATOR      => 2,
+    LTE_OPERATOR      => 2,
+    GT_OPERATOR       => 2,
+    LT_OPERATOR       => 2,
+  }.freeze
+
+  def evaluate_expr(exp, rem, *args)
+    return exp if exp == true || exp == false
+    raise(Sqreen::Exception, 'too deep call detected') if rem <= 0
+    bool = nil
+    exp.each do |op, values|
+      res = values.map do |v|
+        case v
+        when Hash
+          evaluate_expr(v, rem - 1, *args)
+        when true, false
+          v
+        else
+          v.resolve(*args)
+        end
+      end
+
+      arity = OPERATORS_ARITY[op]
+      if !arity.nil? && res.size != arity
+        raise(Sqreen::Exception, "bad res #{res} (op #{op} wanted #{arity})")
+      end
+      bool = case op
+             when OR_OPERATOR
+               res.any?
+             when AND_OPERATOR
+               res.all?
+             when EQ_OPERATOR
+               res[0] == res[1]
+             when NEQ_OPERATOR
+               res[0] != res[1]
+             when GT_OPERATOR
+               res[0] > res[1]
+             when GTE_OPERATOR
+               res[0] >= res[1]
+             when LT_OPERATOR
+               res[0] < res[1]
+             when LTE_OPERATOR
+               res[0] <= res[1]
+             when INC_OPERATOR
+               unless res[0].respond_to?(:include?)
+                 raise(Sqreen::Exception, "no include on res #{res[0].inspect}")
+               end
+               res[0].include?(res[1])
+             when HASH_INC_OPERATOR
+               ConditionEvaluator.hash_val_include?(res[0], res[1], res[2])
+             else
+               # FIXME: this should be check in compile
+               raise(Sqreen::Exception, "unknown op #{op})")
+             end
+    end
+    bool
+  end
+end

data/lib/sqreen/conditionable.rb

@@ -0,0 +1,50 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'sqreen/condition_evaluator'
+
+module Sqreen
+  # A module that will dynamically had preconditions to the pre/post/failing
+  # callbacks
+  module Conditionable
+    # Hook the necessary callback function
+    #
+    # @param conditions [Hash] hash of callback names => conditions
+    def condition_callbacks(conditions)
+      base = self.class
+      %w(pre post failing).each do |cb|
+        next unless conditions.key?(cb)
+        conds = conditions[cb]
+        next if conds.respond_to?(:empty?) && conds.empty?
+        next unless base.method_defined?(cb)
+        send("#{cb}_conditions=", ConditionEvaluator.new(conds))
+        next if base.instance_variable_get("@conditional_hooked_#{cb}")
+        base.send(:alias_method, "#{cb}_without_conditions", cb)
+        base.send(:alias_method, cb, "#{cb}_with_conditions")
+        base.instance_variable_set("@conditional_hooked_#{cb}", true)
+      end
+    end
+
+    def pre_with_conditions(inst, *args, &block)
+      eargs = [binding, framework, inst, args, @data, nil]
+      return nil if !pre_conditions.nil? && !pre_conditions.evaluate(*eargs)
+      pre_without_conditions(inst, *args, &block)
+    end
+
+    def post_with_conditions(rv, inst, *args, &block)
+      eargs = [binding, framework, inst, args, @data, rv]
+      return nil if !post_conditions.nil? && !post_conditions.evaluate(*eargs)
+      post_without_conditions(rv, inst, *args, &block)
+    end
+
+    def failing_with_conditions(rv, inst, *args, &block)
+      eargs = [binding, framework, inst, args, @data, rv]
+      return nil if !failing_conditions.nil? && !failing_conditions.evaluate(*eargs)
+      failing_without_conditions(rv, inst, *args, &block)
+    end
+
+    protected
+
+    attr_accessor :pre_conditions, :post_conditions, :failing_conditions
+  end
+end

data/lib/sqreen/configuration.rb

@@ -0,0 +1,151 @@
+# Copyright (c) 2015 Sqreen. All Rights Reserved.
+# Please refer to our terms for more information: https://www.sqreen.io/terms.html
+
+require 'yaml'
+require 'sqreen/performance_notifications/newrelic'
+
+module Sqreen
+  @config = nil
+
+  def self::config_init(framework = nil)
+    @config = Configuration.new(framework)
+    @config.load!
+    if @config && config_get(:report_perf_newrelic)
+      Sqreen::PerformanceNotifications::NewRelic.enable
+    end
+    @config
+  end
+
+  def self::config_get(name)
+    raise 'No configuration defined' if @config.nil?
+    @config.get(name)
+  end
+
+  CONFIG_FILE_BY_ENV = 'SQREEN_CONFIG_FILE'.freeze
+
+  CONFIG_DESCRIPTION = [
+    { :env => :SQREEN_URL,       :name => :url,
+      :default => 'https://back.sqreen.io' },
+    { :env => :SQREEN_TOKEN,     :name => :token,
+      :default => nil },
+    { :env => :SQREEN_RULES,     :name => :local_rules,
+      :default => nil },
+    { :env => :SQREEN_RULES_SIGNATURE, :name => :rules_verify_signature,
+      :default => true },
+    { :env => :SQREEN_LOG_LEVEL, :name => :log_level,
+      :default => 'WARN', :choice => %w(UNKNOWN FATAL ERROR WARN INFO DEBUG) },
+    { :env => :SQREEN_LOG_LOCATION, :name => :log_location,
+      :default => 'log/sqreen.log' },
+    { :env => :SQREEN_RUN_IN_TEST, :name => :run_in_test,
+      :default => false },
+    { :env => :SQREEN_BLOCK_ALL_RULES, :name => :block_all_rules,
+      :default => nil },
+    { :env => :SQREEN_REPORT_PERF_NR, :name => :report_perf_newrelic,
+      :default => false },
+
+  ].freeze
+
+  CONFIG_FILE_NAME = 'sqreen.yml'.freeze
+
+  # Class to access configurations variables
+  # This try to load environment by different ways.
+  # 1. By file:
+  #   a. From path in environment variable SQREEN_CONFIG_FILE
+  #   b. From path in #{Rails.root}/config/sqreen.yml
+  #   c. From home in ~/.sqreen.yml
+  # 2. From the environment, which overrides whatever result we found in 1.
+  class Configuration
+    def initialize(framework = nil)
+      @framework = framework
+      @config = default_values
+    end
+
+    def load!
+      path = find_configuration_file
+      if path
+        file_config = parse_configuration_file(path)
+        @config.merge!(file_config)
+      end
+
+      env_config = from_environment
+      @config.merge!(env_config)
+    end
+
+    def get(name)
+      @config[name.to_sym]
+    end
+
+    def default_values
+      res = {}
+      Sqreen::CONFIG_DESCRIPTION.each do |param|
+        name      = param[:name]
+        value     = param[:default]
+        choices   = param[:choices]
+        if choices && !choices.include?(value)
+          msg = format("Invalid value '%s' for env '%s' (allowed: %s)", value, name, choices)
+          raise Sqreen::Exception, msg
+        end
+        res[name] = value
+      end
+      res
+    end
+
+    def from_environment
+      res = {}
+      Sqreen::CONFIG_DESCRIPTION.each do |param|
+        name      = param[:name]
+        value     = ENV[param[:env].to_s]
+        next unless value
+        res[name] = value
+      end
+      res
+    end
+
+    def parse_configuration_file(path)
+      res = YAML.load_file path
+      return {} unless res.is_a?(Hash)
+      if @framework
+        env = @framework.framework_infos[:environment]
+        res = res[env] if env && res[env].is_a?(Hash)
+      end
+      # hash keys loaded by YAML are strings instead of symbols
+      res.keys.each do |key|
+        res[key.to_sym] = res.delete(key)
+      end
+      res
+    end
+
+    def find_user_home
+      homes = %w(HOME HOMEPATH)
+      homes.detect { |h| !ENV[h].nil? }
+    end
+
+    def find_configuration_file
+      config_file_from_env || local_config_file || config_file_from_home
+    end
+
+    protected
+
+    def config_file_from_env
+      path = ENV[Sqreen::CONFIG_FILE_BY_ENV]
+      return path if path && File.exist?(path)
+    end
+
+    def local_config_file
+      if @framework && @framework.root
+        path = File.join(@framework.root.to_s, 'config', CONFIG_FILE_NAME)
+        return path if File.exist?(path)
+      else
+        path = File.expand_path(File.join('config', 'sqreen.yml'))
+        return path if File.exist?(path)
+      end
+    end
+
+    def config_file_from_home
+      home = find_user_home
+      return unless home
+      path = File.join(ENV[home], '.' + CONFIG_FILE_NAME)
+      return path if File.exist?(path)
+    end
+  end
+end