RubyGems - tcell_agent - Versions diffs - 0.2.19 → 0.2.21 - Mend

tcell_agent 0.2.19 → 0.2.21

Files changed (60) hide show

checksums.yaml +4 -4
data/LICENSE_libinjection +32 -0
data/Rakefile +14 -1
data/ext/libinjection/extconf.rb +3 -0
data/ext/libinjection/libinjection.h +65 -0
data/ext/libinjection/libinjection_html5.c +847 -0
data/ext/libinjection/libinjection_html5.h +54 -0
data/ext/libinjection/libinjection_sqli.c +2317 -0
data/ext/libinjection/libinjection_sqli.h +295 -0
data/ext/libinjection/libinjection_sqli_data.h +9004 -0
data/ext/libinjection/libinjection_wrap.c +3525 -0
data/ext/libinjection/libinjection_xss.c +531 -0
data/ext/libinjection/libinjection_xss.h +21 -0
data/lib/tcell_agent/configuration.rb +0 -48
data/lib/tcell_agent/logger.rb +1 -0
data/lib/tcell_agent/policies/appsensor/database_sensor.rb +8 -20
data/lib/tcell_agent/policies/appsensor/injection_sensor.rb +30 -46
data/lib/tcell_agent/policies/appsensor/login_sensor.rb +1 -4
data/lib/tcell_agent/policies/appsensor/misc_sensor.rb +8 -22
data/lib/tcell_agent/policies/appsensor/payloads_policy.rb +143 -0
data/lib/tcell_agent/policies/appsensor/response_codes_sensor.rb +3 -1
data/lib/tcell_agent/policies/appsensor/sensor.rb +21 -2
data/lib/tcell_agent/policies/appsensor/size_sensor.rb +3 -1
data/lib/tcell_agent/policies/appsensor/sqli_sensor.rb +9 -0
data/lib/tcell_agent/policies/appsensor/user_agent_sensor.rb +1 -5
data/lib/tcell_agent/policies/appsensor/xss_sensor.rb +9 -1
data/lib/tcell_agent/policies/appsensor_policy.rb +40 -19
data/lib/tcell_agent/policies/http_redirect_policy.rb +12 -2
data/lib/tcell_agent/rails/csrf_exception.rb +1 -1
data/lib/tcell_agent/rails/dlp.rb +98 -76
data/lib/tcell_agent/rails/middleware/global_middleware.rb +1 -2
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +2 -2
data/lib/tcell_agent/rails/on_start.rb +53 -20
data/lib/tcell_agent/sensor_events/appsensor_event.rb +12 -19
data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +7 -2
data/lib/tcell_agent/sensor_events/sensor.rb +10 -11
data/lib/tcell_agent/sensor_events/server_agent.rb +17 -12
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +148 -139
data/lib/tcell_agent/utils/params.rb +24 -21
data/lib/tcell_agent/version.rb +1 -1
data/spec/lib/tcell_agent/configuration_spec.rb +0 -179
data/spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb +6 -4
data/spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb +31 -22
data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb +466 -0
data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb +890 -0
data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb +484 -0
data/spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb +4 -3
data/spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb +4 -4
data/spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb +1 -1
data/spec/lib/tcell_agent/policies/appsensor/sqli_sensor_spec.rb +85 -0
data/spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb +36 -16
data/spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb +188 -312
data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +61 -0
data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +18 -11
data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +14 -15
data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +1 -1
data/spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb +6 -5
data/spec/lib/tcell_agent/utils/params_spec.rb +28 -108
data/tcell_agent.gemspec +21 -1
metadata +37 -4

data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb ADDED Viewed

@@ -0,0 +1,890 @@
+require 'spec_helper'
+module TCellAgent
+  module Policies
+    describe AppSensorPolicy do
+      describe ".from_json" do
+        context "with options" do
+          context "that are missing" do
+            it "should have defaults set" do
+              policy_json = nil
+              policy = PayloadsPolicy.from_json(policy_json)
+              expect(policy.send_payloads).to eq(false)
+              expect(policy.log_payloads).to eq(false)
+              expect(policy.send_blacklist).to eq({})
+              expect(policy.send_whitelist).to eq({})
+              expect(policy.use_send_whitelist).to eq(false)
+              expect(policy.log_blacklist).to eq({})
+              expect(policy.log_whitelist).to eq({})
+              expect(policy.use_log_whitelist).to eq(false)
+            end
+          end
+          context "that are present" do
+            context "with payloads" do
+              context "that are missing" do
+                it "should have defaults set" do
+                  policy_json = { }
+                  policy = PayloadsPolicy.from_json(policy_json)
+                  expect(policy.send_payloads).to eq(false)
+                  expect(policy.log_payloads).to eq(false)
+                  expect(policy.send_blacklist).to eq({})
+                  expect(policy.send_whitelist).to eq({})
+                  expect(policy.use_send_whitelist).to eq(false)
+                  expect(policy.log_blacklist).to eq({})
+                  expect(policy.log_whitelist).to eq({})
+                  expect(policy.use_log_whitelist).to eq(false)
+                end
+              end
+              context "that are present" do
+                context "but empty" do
+                  it "should have defaults set" do
+                    policy_json = {
+                      "payloads" => {}
+                    }
+                    policy = PayloadsPolicy.from_json(policy_json)
+                    expect(policy.send_payloads).to eq(false)
+                    expect(policy.log_payloads).to eq(false)
+                    expect(policy.send_blacklist).to eq({})
+                    expect(policy.send_whitelist).to eq({})
+                    expect(policy.use_send_whitelist).to eq(false)
+                    expect(policy.log_blacklist).to eq({})
+                    expect(policy.log_whitelist).to eq({})
+                    expect(policy.use_log_whitelist).to eq(false)
+                  end
+                end
+                context "with send_payloads == false" do
+                  it "should have send_payloads disabled" do
+                    policy_json = {
+                      "payloads" => {
+                        "send_payloads" => false
+                      }
+                    }
+                    policy = PayloadsPolicy.from_json(policy_json)
+                    expect(policy.send_payloads).to eq(false)
+                    expect(policy.log_payloads).to eq(false)
+                    expect(policy.send_blacklist).to eq({})
+                    expect(policy.send_whitelist).to eq({})
+                    expect(policy.use_send_whitelist).to eq(false)
+                    expect(policy.log_blacklist).to eq({})
+                    expect(policy.log_whitelist).to eq({})
+                    expect(policy.use_log_whitelist).to eq(false)
+                  end
+                  context "with send_blacklist missing" do
+                    it "should have an empty send_blacklist" do
+                      policy_json = {
+                        "payloads" => {
+                          "send_payloads" => false
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with send_blacklist present" do
+                    context "but empty" do
+                      it "should have an empty send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_blacklist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have an empty send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_blacklist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have an empty send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_blacklist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                  context "with send_whitelist missing" do
+                    it "should have an empty send_whitelist" do
+                      policy_json = {
+                        "payloads" => {
+                          "send_payloads" => false
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with send_whitelist present" do
+                    context "but empty" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_whitelist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_whitelist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => false,
+                            "send_whitelist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                end
+                context "with send_payloads == true" do
+                  it "should have send_payloads enabled" do
+                    policy_json = {
+                      "payloads" => {
+                        "send_payloads" => true
+                      }
+                    }
+                    policy = PayloadsPolicy.from_json(policy_json)
+                    expect(policy.send_payloads).to eq(true)
+                    expect(policy.log_payloads).to eq(false)
+                    expect(policy.send_blacklist).to eq({})
+                    expect(policy.send_whitelist).to eq({})
+                    expect(policy.log_blacklist).to eq({})
+                    expect(policy.log_whitelist).to eq({})
+                  end
+                  context "with send_blacklist missing" do
+                    it "should have an empty send_blacklist" do
+                      policy_json = {
+                        "payloads" => {
+                          "send_payloads" => true
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(true)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with send_blacklist present" do
+                    context "but empty" do
+                      it "should have an empty send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_blacklist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have it set in send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_blacklist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have them set in send_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_blacklist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({
+                          "username" => Set.new(["*"]),
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                  context "with send_whitelist missing" do
+                    it "should have an empty send_whitelist" do
+                      policy_json = {
+                        "payloads" => {
+                          "send_payloads" => true
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(true)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with send_whitelist present" do
+                    context "but empty" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_whitelist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(true)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_whitelist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.use_send_whitelist).to eq(true)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have an empty send_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "send_payloads" => true,
+                            "send_whitelist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(true)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({
+                          "username" => Set.new(["*"]),
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.use_send_whitelist).to eq(true)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                end
+                context "with log_payloads == false" do
+                  it "should have log_payloads disabled" do
+                    policy_json = {
+                      "payloads" => {
+                        "log_payloads" => false
+                      }
+                    }
+                    policy = PayloadsPolicy.from_json(policy_json)
+                    expect(policy.send_payloads).to eq(false)
+                    expect(policy.log_payloads).to eq(false)
+                    expect(policy.send_blacklist).to eq({})
+                    expect(policy.send_whitelist).to eq({})
+                    expect(policy.log_blacklist).to eq({})
+                    expect(policy.log_whitelist).to eq({})
+                  end
+                  context "with log_blacklist missing" do
+                    it "should have an empty log_blacklist" do
+                      policy_json = {
+                        "payloads" => {
+                          "log_payloads" => false
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with log_blacklist present" do
+                    context "but empty" do
+                      it "should have an empty log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_blacklist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have an empty log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_blacklist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have an empty log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_blacklist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                  context "with log_whitelist missing" do
+                    it "should have an empty log_whitelist" do
+                      policy_json = {
+                        "payloads" => {
+                          "log_payloads" => false
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(false)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with log_whitelist present" do
+                    context "but empty" do
+                      it "should have an empty log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_whitelist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have an empty log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_whitelist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have an empty log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => false,
+                            "log_whitelist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(false)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                end
+                context "with log_payloads == true" do
+                  it "should have log_payloads enabled" do
+                    policy_json = {
+                      "payloads" => {
+                        "log_payloads" => true
+                      }
+                    }
+                    policy = PayloadsPolicy.from_json(policy_json)
+                    expect(policy.send_payloads).to eq(false)
+                    expect(policy.log_payloads).to eq(true)
+                    expect(policy.send_blacklist).to eq({})
+                    expect(policy.send_whitelist).to eq({})
+                    expect(policy.log_blacklist).to eq({})
+                    expect(policy.log_whitelist).to eq({})
+                  end
+                  context "with log_blacklist missing" do
+                    it "should have an empty log_blacklist" do
+                      policy_json = {
+                        "payloads" => {
+                          "log_payloads" => true
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(true)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with log_blacklist present" do
+                    context "but empty" do
+                      it "should have an empty log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_blacklist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have it set in log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_blacklist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have them set in log_blacklist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_blacklist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({
+                          "username" => Set.new(["*"]),
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(false)
+                      end
+                    end
+                  end
+                  context "with log_whitelist missing" do
+                    it "should have an empty log_whitelist" do
+                      policy_json = {
+                        "payloads" => {
+                          "log_payloads" => true
+                        }
+                      }
+                      policy = PayloadsPolicy.from_json(policy_json)
+                      expect(policy.send_payloads).to eq(false)
+                      expect(policy.log_payloads).to eq(true)
+                      expect(policy.send_blacklist).to eq({})
+                      expect(policy.send_whitelist).to eq({})
+                      expect(policy.use_send_whitelist).to eq(false)
+                      expect(policy.log_blacklist).to eq({})
+                      expect(policy.log_whitelist).to eq({})
+                      expect(policy.use_log_whitelist).to eq(false)
+                    end
+                  end
+                  context "with log_whitelist present" do
+                    context "but empty" do
+                      it "should have an empty log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_whitelist" => {}
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({})
+                        expect(policy.use_log_whitelist).to eq(true)
+                      end
+                    end
+                    context "with one item present" do
+                      it "should have it set in log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_whitelist" => {
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.use_log_whitelist).to eq(true)
+                      end
+                    end
+                    context "with two items present" do
+                      it "should have them set in log_whitelist" do
+                        policy_json = {
+                          "payloads" => {
+                            "log_payloads" => true,
+                            "log_whitelist" => {
+                              "username" => ["*"],
+                              "password" => ["*"]
+                            }
+                          }
+                        }
+                        policy = PayloadsPolicy.from_json(policy_json)
+                        expect(policy.send_payloads).to eq(false)
+                        expect(policy.log_payloads).to eq(true)
+                        expect(policy.send_blacklist).to eq({})
+                        expect(policy.send_whitelist).to eq({})
+                        expect(policy.use_send_whitelist).to eq(false)
+                        expect(policy.log_blacklist).to eq({})
+                        expect(policy.log_whitelist).to eq({
+                          "username" => Set.new(["*"]),
+                          "password" => Set.new(["*"])
+                        })
+                        expect(policy.use_log_whitelist).to eq(true)
+                      end
+                    end
+                  end
+                end
+              end
+            end
+          end
+        end
+      end
+    end
+  end
+end