sqreen 1.18.2-java → 1.19.0-java

data/lib/{sqreen-alt.rb → sqreen/legacy.rb}

@@ -1,4 +1,8 @@
+# typed: strong
+
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
-require "sqreen"
+module Sqreen
+  module Legacy; end
+end

data/lib/sqreen/{instrumentation.rb → legacy/instrumentation.rb}

@@ -1,17 +1,20 @@
+# typed: ignore
+
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
-require 'sqreen/callback_tree'
+require 'sqreen/legacy'
+require 'sqreen/cb_tree'
 require 'sqreen/log'
 require 'sqreen/exception'
 require 'sqreen/performance_notifications'
 require 'sqreen/call_countable'
 require 'sqreen/events/remote_exception'
-require 'sqreen/rules_signature'
+require 'sqreen/sqreen_signed_verifier'
 require 'sqreen/shared_storage'
-require 'sqreen/rules_callbacks/record_request_context'
-require 'sqreen/rules_callbacks/run_req_start_actions'
-require 'sqreen/rules_callbacks/run_user_actions'
+require 'sqreen/rules/record_request_context'
+require 'sqreen/rules/run_req_start_actions'
+require 'sqreen/rules/run_user_actions'
 require 'sqreen/mono_time'
 require 'set'
 
@@ -36,6 +39,8 @@ require 'set'
 # end
 
 module Sqreen
+
+module Legacy
   class Instrumentation
     OVERTIME_METRIC = 'request_overtime'.freeze
 
@@ -84,6 +89,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.pre(instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran pre cb #{cb} => #{res.inspect}" }
             # The first few pre callbacks could not have a request & hence a budget just yet so we try harder to find it
             budget = framework.remaining_perf_budget if framework && !budget && Sqreen.performance_budget
             if budget
@@ -139,6 +145,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.post(return_val, instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran post cb #{cb} => #{res.inspect}" }
             if budget
               budget -= (stop - start)
               cb.overtime! if budget <= 0.0
@@ -193,6 +200,7 @@ module Sqreen
             start = Sqreen.time
             res = cb.failing(exception, instance, args, budget, &block)
             stop = Sqreen.time
+            Sqreen.log.debug { "ran failing cb #{cb} => #{res.inspect}" }
             if budget
               budget -= (stop - start)
               cb.overtime! if budget <= 0.0
@@ -237,7 +245,7 @@ module Sqreen
       key = [method]
       args.each { |e| key.push(e.object_id) }
       if key && @sqreen_multi_instr && @sqreen_multi_instr[instance.object_id].member?(key)
-        return instance.send(original_method, *args, &block)
+        return instance.__send__(original_method, *args, &block)
       end
       @sqreen_multi_instr ||= Hash.new { |h, k| h[k] = Set.new } # TODO: this should probably be a thread local
       @sqreen_multi_instr[instance.object_id].add(key)
@@ -273,7 +281,7 @@ module Sqreen
           skip_call = true
         end
         # If we are already overbudget let's not work at all
-        return send(original_meth, *args, &block) if skip_call
+        return __send__(original_meth, *args, &block) if skip_call
         Instrumentation.guard_multi_call(self, meth, original_meth, args, block) do
           precbs, postcbs, failcbs = Instrumentation.callbacks.get(klass_name, meth)
           Thread.current[:sqreen_in_use] = true
@@ -328,7 +336,7 @@ module Sqreen
           Thread.current[:sqreen_in_use] = false
           return result if skip
           begin
-            result = send(original_meth, *args, &block)
+            result = __send__(original_meth, *args, &block)
           rescue StandardError => e
             Thread.current[:sqreen_in_use] = true
             budget = Sqreen.performance_budget && framework && framework.remaining_perf_budget
@@ -401,7 +409,7 @@ module Sqreen
         Sqreen::PerformanceNotifications::BinnedMetrics.start_request if has_notifications
 
         begin
-          send(original_meth, *args, &block)
+          __send__(original_meth, *args, &block)
         ensure
           if has_notifications
             Sqreen::PerformanceNotifications.instrument('next_req_notifs', PRE_CB) do
@@ -437,7 +445,7 @@ module Sqreen
         end
 
         alias_method original, new_method
-        send(method_kind, original)
+        __send__(method_kind, original)
         private saved_meth_name
       end
     end
@@ -456,7 +464,7 @@ module Sqreen
           method_kind = :private
         end
         alias_method meth, saved_meth_name
-        send(method_kind, meth)
+        __send__(method_kind, meth)
 
         remove_method saved_meth_name
       end
@@ -503,11 +511,12 @@ module Sqreen
         alias_method meth, new_method
         private saved_meth_name
         private new_method
-        send(method_kind, meth)
+        __send__(method_kind, meth)
       end
       saved_meth_name
     end
 
+    ### bad idea anyway
     # WARNING We do not actually remove `meth`
     def unoverride_class_method(klass, meth)
       saved_meth_name = get_saved_method_name(meth)
@@ -522,10 +531,11 @@ module Sqreen
           method_kind = :private
         end
         alias_method meth.to_sym, saved_meth_name.to_sym
-        send(method_kind, meth.to_sym)
+        __send__(method_kind, meth.to_sym)
       end
     end
 
+    ### useless now
     if RUBY_VERSION < '1.9'
       def adjust_method_name(method)
         method.to_s
@@ -554,6 +564,8 @@ module Sqreen
       is_instance_method?(obj, method)
     end
 
+    ### is that actually used?
+    ### if so, do not attempt to alter frozen instances
     # Override a singleton method on an instance
     def override_singleton_method(instance, klass_name, meth)
       @@overriden_singleton_methods = true
@@ -647,8 +659,7 @@ module Sqreen
 
       already_overriden = @@overriden_methods.include? key
       unless already_overriden
-        Sqreen.log.debug "#{key} not overriden, returning"
-        return
+        Sqreen.log.debug "#{key} apparently not overridden"
       end
 
       defined_cbs = @@registered_callbacks.get(klass, method).flatten
@@ -674,6 +685,7 @@ module Sqreen
       elsif is_instance_method?(klass, method)
         unoverride_instance_method(klass, method)
       else
+        ### Module#prepend will take care of that
         # FIXME: Override define_method and other dynamic ways to
         # The following should be monitored to make sure we
         # don't forget dynamically added methods:
@@ -701,8 +713,13 @@ module Sqreen
     # @return [Array<Sqreen::CB>]
     def hardcoded_callbacks(framework)
       [
+        ### callback for performing sec responses based on ip
+        ### init redefined to implement smartass way to hook it upon the
+        ### framework's middleware #call
         Sqreen::Rules::RunReqStartActions.new(framework),
+        ### callback for performing sec responses based on user
         Sqreen::Rules::RunUserActions.new(Sqreen, :identify, 0),
+        ### callback for performing sec responses based on user
         Sqreen::Rules::RunUserActions.new(Sqreen, :auth_track, 1),
       ]
     end
@@ -711,6 +728,7 @@ module Sqreen
     # @param rules [Array<Hash>] Rules to instrument
     # @param framework [Sqreen::Frameworks::GenericFramework]
     def instrument!(rules, framework)
+      ### set up rule signature verifier
       verifier = nil
       if Sqreen.features['rules_signature'] &&
          Sqreen.config_get(:rules_verify_signature) == true &&
@@ -720,33 +738,44 @@ module Sqreen
         Sqreen.log.debug('Rules signature is not enabled')
       end
 
+      ### force clean instrumentation callback list
       remove_all_callbacks # Force cb tree to be empty before instrumenting
 
+      ### for each rule description, transform into format for adding callback
       rules.each do |rule|
         rcb = Sqreen::Rules.cb_from_rule(rule, self, metrics_engine, verifier)
         next unless rcb
+        ### attach framework to callback
         rcb.framework = framework
+        ### add callback
         add_callback(rcb)
       end
 
       # add hardcoded callbacks, observing priority
       hardcoded_callbacks(framework).each { |cb| add_callback(cb) }
 
+      ### globally declare instrumentation ready
+      ### from within instance method? not even thread local?
       Sqreen.instrumentation_ready = true
     end
 
     def initialize(metrics_engine = nil)
       self.metrics_engine = metrics_engine
       return if metrics_engine.nil?
+      ### init metric to count calls to sqreen
       metrics_engine.create_metric('name' => CallCountable::COUNT_CALLS,
                                    'period' => 60,
                                    'kind' => 'Sum')
+      ### init metric to count request whitelist matches (ip or path whitelist)
       metrics_engine.create_metric('name' => Sqreen::Rules::RecordRequestContext::WHITELISTED_METRIC,
                                    'period' => 60,
                                    'kind' => 'Sum')
+      ### init metric to count over budget hits
       metrics_engine.create_metric('name' => OVERTIME_METRIC,
                                    'period' => 60,
                                    'kind' => 'Sum')
     end
   end
 end
+
+end

data/lib/sqreen/log.rb

@@ -1,207 +1,29 @@
+# typed: ignore
+
 # Copyright (c) 2015 Sqreen. All Rights Reserved.
 # Please refer to our terms for more information: https://www.sqreen.com/terms.html
 
-require 'logger'
-require 'singleton'
-
 require 'sqreen/performance_notifications/log'
 require 'sqreen/performance_notifications/log_performance'
 require 'sqreen/configuration'
 
+require 'sqreen/logger'
+require 'sqreen/deferred_logger'
+
+# TODO: fold into Sqreen::Logger
+
 module Sqreen
   def self.log_init
-    @logger = Logger.new(
+    @logger = Sqreen::Logger.new(
       Sqreen.config_get(:log_level).to_s.upcase,
       Sqreen.config_get(:log_location)
     )
-    DeferredLogger.instance.flush_to(@logger.instance_eval { @logger })
+    Sqreen::DeferredLogger.instance.flush_to(@logger.instance_eval { @logger })
   rescue => e
     warn "Sqreen logger exception: #{e}"
   end
 
   def self::log
-    @logger || DeferredLogger.instance
-  end
-
-  # Ruby default formatter modified to display current thread_id
-  class FormatterWithTid
-    Format = "%s, [%s#%d.%s] %5s -- %s: %s\n".freeze
-    DatetimeFormat = '%Y-%m-%dT%H:%M:%S.%6N '.freeze
-
-    attr_accessor :datetime_format
-
-    def initialize
-      @datetime_format = nil
-    end
-
-    def call(severity, time, progname, msg)
-      format(Format,
-             severity[0..0], format_datetime(time), $$,
-             Thread.current.object_id.to_s(36),
-             severity, progname, msg2str(msg)
-            )
-    end
-
-    private
-
-    def format_datetime(time)
-      time.strftime(DatetimeFormat)
-    end
-
-    def msg2str(msg)
-      case msg
-      when ::String
-        msg
-      when ::Exception
-        "#{msg.message} (#{msg.class})\n" << (msg.backtrace || []).join("\n")
-      else
-        msg.inspect
-      end
-    end
-  end
-
-  # Wrapper class for sqreen logging
-  class Logger
-    SEVERITY_TO_METHOD = ::Logger::Severity.constants.each_with_object({}) do |s, h|
-      h[::Logger::Severity.const_get(s)] = s.downcase
-    end
-
-    def initialize(desired_level, log_location, force_logger = nil)
-      if force_logger
-        @logger = force_logger
-      else
-        init_logger_output(log_location)
-      end
-      init_log_level(desired_level)
-      enforce_log_format(@logger)
-      create_error_logger
-    end
-
-    def debug(msg = nil, &block)
-      @logger.debug(msg, &block)
-    end
-
-    def info(msg = nil, &block)
-      @logger.info(msg, &block)
-    end
-
-    def warn(msg = nil, &block)
-      @logger.warn(msg, &block)
-    end
-
-    def error(msg = nil, &block)
-      @error_logger.error(msg, &block)
-      @logger.error(msg, &block)
-    end
-
-    def add(severity, msg = nil, &block)
-      send(SEVERITY_TO_METHOD[severity], msg, &block)
-    end
-
-    protected
-
-    def init_logger_output(path)
-      path = File.expand_path(path)
-      if File.writable?(path) || File.writable?(File.dirname(path))
-        @logger = ::Logger.new(path)
-      else
-        @logger = ::Logger.new(STDOUT)
-        @logger.info("Cannot access #{path} for writing. Defaulting to stdout")
-      end
-    rescue => e
-      @logger = ::Logger.new(STDOUT)
-      @logger.error('Got error while trying to setting logger up, '\
-                    "falling back to stdout #{e.inspect}")
-    end
-
-    def init_log_level(level)
-      log_level = ::Logger.const_get(level)
-      @logger.level = log_level
-      Sqreen::PerformanceNotifications::Log.enable if level == 'DEBUG'
-      return if level != 'DEBUG' && !Sqreen.config_get(:report_perf)
-      Sqreen::PerformanceNotifications::LogPerformance.enable
-    end
-
-    def create_error_logger
-      @error_logger = Kernel.const_defined?('MiniTest') ? NullLogger.instance : ::Logger.new(STDERR)
-      enforce_log_format(@error_logger)
-    end
-
-    def enforce_log_format(logger)
-      logger.formatter = FormatterWithTid.new
-    end
-  end
-
-  class NullLogger
-    include Singleton
-
-    def debug(_msg = nil); end
-
-    def info(_msg = nil); end
-
-    def warn(_msg = nil); end
-
-    def error(_msg = nil); end
-
-    def fatal(_msg = nil); end
-
-    def add(_severity, _msg = nil); end
-
-    def formatter=(_); end
-  end
-
-  class DeferredLogger
-    include Singleton
-
-    def initialize
-      @buffer = StringIO.new
-      @logger = ::Logger.new(@buffer)
-    end
-
-    def debug(msg = nil, &block)
-      @logger.debug(msg, &block)
-    end
-
-    def info(msg = nil, &block)
-      @logger.info(msg, &block)
-    end
-
-    def warn(msg = nil, &block)
-      @logger.warn(msg, &block)
-    end
-
-    def error(msg = nil, &block)
-      @logger.error(msg, &block)
-    end
-
-    def fatal(msg = nil, &block)
-      @logger.error(msg, &block)
-    end
-
-    def add(severity, msg = nil, &block)
-      send(Sqreen::Logger::SEVERITY_TO_METHOD[severity], msg, &block)
-    end
-
-    def formatter=(value)
-      @logger.formatter = value
-    end
-
-    def flush_to(logger)
-      logger.instance_eval { @logdev }.write(read).tap { reset }
-    end
-
-    private
-
-    def read
-      @buffer.rewind
-      @buffer.read
-    end
-
-    def reset
-      buffer = StringIO.new
-      logger = ::Logger.new(buffer)
-      logger.formatter = @logger.formatter
-      @buffer, @logger = buffer, logger
-    end
+    @logger || Sqreen::DeferredLogger.instance
   end
 end