tcell_agent 0.2.29 → 0.4.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (100) hide show
  1. checksums.yaml +4 -4
  2. data/Readme.txt +7 -0
  3. data/bin/tcell_agent +9 -0
  4. data/lib/tcell_agent/agent/policy_manager.rb +3 -0
  5. data/lib/tcell_agent/agent/policy_types.rb +4 -1
  6. data/lib/tcell_agent/appsensor/injections_matcher.rb +20 -0
  7. data/lib/tcell_agent/appsensor/injections_reporter.rb +15 -56
  8. data/lib/tcell_agent/appsensor/meta_data.rb +56 -2
  9. data/lib/tcell_agent/appsensor/rules/baserules.json +371 -138
  10. data/lib/tcell_agent/cmdi.rb +113 -0
  11. data/lib/tcell_agent/config/unknown_options.rb +2 -0
  12. data/lib/tcell_agent/configuration.rb +30 -16
  13. data/lib/tcell_agent/hooks/login_fraud.rb +79 -0
  14. data/lib/tcell_agent/instrumentation.rb +6 -11
  15. data/lib/tcell_agent/patches/meta_data.rb +14 -11
  16. data/lib/tcell_agent/policies/appsensor/injection_sensor.rb +5 -9
  17. data/lib/tcell_agent/policies/appsensor_policy.rb +22 -206
  18. data/lib/tcell_agent/policies/clickjacking_policy.rb +4 -2
  19. data/lib/tcell_agent/policies/command_injection_policy.rb +196 -0
  20. data/lib/tcell_agent/policies/content_security_policy.rb +3 -2
  21. data/lib/tcell_agent/policies/dataloss_policy.rb +3 -1
  22. data/lib/tcell_agent/policies/honeytokens_policy.rb +3 -1
  23. data/lib/tcell_agent/policies/http_redirect_policy.rb +51 -37
  24. data/lib/tcell_agent/policies/http_tx_policy.rb +5 -1
  25. data/lib/tcell_agent/policies/login_fraud_policy.rb +6 -1
  26. data/lib/tcell_agent/policies/patches_policy.rb +3 -1
  27. data/lib/tcell_agent/policies/policy.rb +10 -0
  28. data/lib/tcell_agent/policies/secure_headers_policy.rb +5 -2
  29. data/lib/tcell_agent/rails/auth/devise.rb +12 -23
  30. data/lib/tcell_agent/rails/csrf_exception.rb +1 -1
  31. data/lib/tcell_agent/rails/dlp.rb +50 -54
  32. data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +0 -1
  33. data/lib/tcell_agent/rails/middleware/context_middleware.rb +0 -1
  34. data/lib/tcell_agent/rails/middleware/global_middleware.rb +0 -1
  35. data/lib/tcell_agent/rails/middleware/headers_middleware.rb +7 -10
  36. data/lib/tcell_agent/rails/on_start.rb +0 -1
  37. data/lib/tcell_agent/rails/tcell_body_proxy.rb +4 -4
  38. data/lib/tcell_agent/rails.rb +0 -2
  39. data/lib/tcell_agent/rust/libtcellagent-0.6.1.dylib +0 -0
  40. data/lib/tcell_agent/rust/libtcellagent-0.6.1.so +0 -0
  41. data/lib/tcell_agent/rust/models.rb +61 -0
  42. data/lib/tcell_agent/rust/tcellagent-0.6.1.dll +0 -0
  43. data/lib/tcell_agent/rust/whisperer.rb +112 -0
  44. data/lib/tcell_agent/sensor_events/appsensor_event.rb +25 -21
  45. data/lib/tcell_agent/sensor_events/appsensor_meta_event.rb +31 -24
  46. data/lib/tcell_agent/sensor_events/command_injection.rb +58 -0
  47. data/lib/tcell_agent/sensor_events/discovery.rb +1 -1
  48. data/lib/tcell_agent/sensor_events/login_fraud.rb +3 -13
  49. data/lib/tcell_agent/sensor_events/sensor.rb +81 -77
  50. data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +8 -0
  51. data/lib/tcell_agent/start_background_thread.rb +12 -3
  52. data/lib/tcell_agent/utils/io.rb +4 -1
  53. data/lib/tcell_agent/utils/params.rb +1 -0
  54. data/lib/tcell_agent/version.rb +1 -1
  55. data/lib/tcell_agent.rb +0 -1
  56. data/spec/lib/tcell_agent/appsensor/injections_matcher_spec.rb +27 -9
  57. data/spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb +143 -193
  58. data/spec/lib/tcell_agent/appsensor/meta_data_spec.rb +67 -0
  59. data/spec/lib/tcell_agent/appsensor/rules/appsensor_rule_manager_spec.rb +0 -10
  60. data/spec/lib/tcell_agent/cmdi_spec.rb +748 -0
  61. data/spec/lib/tcell_agent/config/unknown_options_spec.rb +8 -0
  62. data/spec/lib/tcell_agent/configuration_spec.rb +138 -6
  63. data/spec/lib/tcell_agent/hooks/login_fraud_spec.rb +357 -0
  64. data/spec/lib/tcell_agent/patches/block_rule_spec.rb +70 -87
  65. data/spec/lib/tcell_agent/patches_spec.rb +9 -4
  66. data/spec/lib/tcell_agent/policies/appsensor/xss_sensor_spec.rb +186 -9
  67. data/spec/lib/tcell_agent/policies/appsensor_policy_spec.rb +309 -484
  68. data/spec/lib/tcell_agent/policies/command_injection_policy_spec.rb +736 -0
  69. data/spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb +222 -41
  70. data/spec/lib/tcell_agent/policies/patches_policy_spec.rb +56 -32
  71. data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb +161 -85
  72. data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +40 -72
  73. data/spec/lib/tcell_agent/rust/whisperer_spec.rb +267 -0
  74. data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb +20 -15
  75. data/spec/spec_helper.rb +0 -9
  76. data/tcell_agent.gemspec +8 -3
  77. metadata +40 -39
  78. data/lib/tcell_agent/appsensor/sensor.rb +0 -52
  79. data/lib/tcell_agent/policies/appsensor/database_sensor.rb +0 -56
  80. data/lib/tcell_agent/policies/appsensor/misc_sensor.rb +0 -59
  81. data/lib/tcell_agent/policies/appsensor/payloads_policy.rb +0 -150
  82. data/lib/tcell_agent/policies/appsensor/request_size_sensor.rb +0 -25
  83. data/lib/tcell_agent/policies/appsensor/response_codes_sensor.rb +0 -73
  84. data/lib/tcell_agent/policies/appsensor/response_size_sensor.rb +0 -25
  85. data/lib/tcell_agent/policies/appsensor/size_sensor.rb +0 -71
  86. data/lib/tcell_agent/policies/appsensor/user_agent_sensor.rb +0 -47
  87. data/lib/tcell_agent/rails/auth/hooks.rb +0 -79
  88. data/lib/tcell_agent/sensor_events/util/redirect_utils.rb +0 -22
  89. data/spec/lib/tcell_agent/policies/appsensor/database_sensor_spec.rb +0 -165
  90. data/spec/lib/tcell_agent/policies/appsensor/misc_sensor_spec.rb +0 -429
  91. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_apply_spec.rb +0 -466
  92. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_from_json_spec.rb +0 -890
  93. data/spec/lib/tcell_agent/policies/appsensor/payloads_policy_log_spec.rb +0 -417
  94. data/spec/lib/tcell_agent/policies/appsensor/request_size_sensor_spec.rb +0 -236
  95. data/spec/lib/tcell_agent/policies/appsensor/response_codes_sensor_spec.rb +0 -297
  96. data/spec/lib/tcell_agent/policies/appsensor/response_size_sensor_spec.rb +0 -241
  97. data/spec/lib/tcell_agent/policies/appsensor/user_agent_sensor_spec.rb +0 -172
  98. data/spec/lib/tcell_agent/rails/auth/hooks_spec.rb +0 -246
  99. data/spec/lib/tcell_agent/sensor_events/util/redirect_utils_spec.rb +0 -25
  100. data/spec/support/resources/baserules.json +0 -155
data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb CHANGED
@@ -54,94 +54,145 @@ module TCellAgent
54
54
  let(:request2) { Rack::MockRequest.new( withTCellMiddleware( app2 )) }
55
55
  let(:agent) { ::TCellAgent::Agent.new }
56
56
  context "XSS" do
57
- before(:each) do
58
- TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
59
- "policy_id"=>"153ed270",
60
- "data"=>{
61
- "options"=>{
62
- "xss"=>true,
63
- "sqli"=>true,
64
- "cmdi"=>true,
57
+ context "with allow_payloads = false" do
58
+ before(:each) do
59
+ old_uap = TCellAgent.configuration.allow_payloads
60
+ TCellAgent.configuration.allow_payloads = false
61
+ TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
62
+ "policy_id" => "153ed270",
63
+ "version" => 2,
64
+ "data" => {
65
+ "options" => {
66
+ "payloads" => {
67
+ "send_payloads" => true,
68
+ "log_payloads" => false
69
+ }
70
+ },
71
+ "sensors" => {
72
+ "xss" => {
73
+ "patterns" => ["1", "2", "8"]
74
+ }
75
+ }
65
76
  }
66
- }
67
- }}, cache=false)
68
- TCellAgent.empty_event_queue
69
- end
70
- it "alerts on get xss payload" do
71
- response = request.get("/foo?xyz=%3CSCRIPT%3Ealert(1)%3C%2Fscript%3E", 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
72
- expected_as = {
73
- "event_type"=>"as",
74
- "dp"=>"xss",
75
- "param"=>"xyz",
76
- "remote_addr"=>"1.3.3.4",
77
- "m"=>"GET",
78
- "pattern"=>"1",
79
- "uri"=>"http://example.org/foo?xyz=",
80
- "meta"=>{"l" => "query"}}
81
- expect(TCellAgent.event_queue).to include(expected_as)
82
- end
83
- it "alerts on post xss payload" do
84
- response = request.post("/foo", :input => "x=<SCRIPT>alert(1)</SCRIPT>", 'REMOTE_ADDR' => '1.2.3.4,3.4.5.6')
85
- expected_as = {
86
- "event_type"=>"as",
87
- "dp"=>"xss",
88
- "param"=>"x",
89
- "remote_addr"=>"1.2.3.4",
90
- "m"=>"POST",
91
- "pattern"=>"1",
92
- "uri"=>"http://example.org/foo",
93
- "meta"=>{"l" => "body"}}
94
- expect(TCellAgent.event_queue).to include(expected_as)
95
- end #/it
96
- it "alerts on get xss payload with route_id" do
97
- response = request2.get("/foo?xyz=%3Cscript%3Ealert(1)%3C%2Fscript%3E")
98
- expected_as = {
99
- "event_type"=>"as",
100
- "dp"=>"xss",
101
- "param"=>"xyz",
102
- "rid"=>"myrouteid",
103
- "m"=>"GET",
104
- "pattern"=>"1",
105
- "uri"=>"http://example.org/foo?xyz=",
106
- "meta"=>{"l" => "query"}}
107
- expect(TCellAgent.event_queue).to include(expected_as)
77
+ }}, cache=false)
78
+ TCellAgent.empty_event_queue
79
+ TCellAgent.configuration.allow_payloads = old_uap
80
+ end
81
+ it "alerts on get xss payload" do
82
+ response = request.get("/foo?xyz=%3CSCRIPT%3Ealert(1)%3C%2Fscript%3E", 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
83
+ expected_as = {
84
+ "event_type"=>"as",
85
+ "dp"=>"xss",
86
+ "param"=>"xyz",
87
+ "remote_addr"=>"1.3.3.4",
88
+ "m"=>"GET",
89
+ "pattern"=>"1",
90
+ "uri"=>"http://example.org/foo?xyz=",
91
+ "meta"=>{"l" => "query"}}
92
+ expect(TCellAgent.event_queue).to include(expected_as)
93
+ end
94
+
95
+ it "alerts on post xss payload" do
96
+ response = request.post("/foo", :input => "x=<SCRIPT>alert(1)</SCRIPT>", 'REMOTE_ADDR' => '1.2.3.4,3.4.5.6')
97
+ expected_as = {
98
+ "event_type"=>"as",
99
+ "dp"=>"xss",
100
+ "param"=>"x",
101
+ "remote_addr"=>"1.2.3.4",
102
+ "m"=>"POST",
103
+ "pattern"=>"1",
104
+ "uri"=>"http://example.org/foo",
105
+ "meta"=>{"l" => "body"}}
106
+ expect(TCellAgent.event_queue).to include(expected_as)
107
+ end #/it
108
+
109
+ it "alerts on get xss payload with route_id" do
110
+ response = request2.get("/foo?xyz=%3Cscript%3Ealert(1)%3C%2Fscript%3E")
111
+ expected_as = {
112
+ "event_type"=>"as",
113
+ "dp"=>"xss",
114
+ "param"=>"xyz",
115
+ "rid"=>"myrouteid",
116
+ "m"=>"GET",
117
+ "pattern"=>"1",
118
+ "uri"=>"http://example.org/foo?xyz=",
119
+ "meta"=>{"l" => "query"}}
120
+ expect(TCellAgent.event_queue).to include(expected_as)
121
+ end
108
122
  end
109
- it "checks that payload is sent in xss with route_id" do
110
- old_uap = TCellAgent.configuration.allow_unencrypted_appfirewall_payloads
111
- TCellAgent.configuration.allow_unencrypted_appfirewall_payloads = true
112
- response = request2.get("/foo?xyz=%3Cscript%3Ealert(1)%3C%2Fscript%3E")
113
- expected_as = {
114
- "event_type"=>"as",
115
- "dp"=>"xss",
116
- "param"=>"xyz",
117
- "rid"=>"myrouteid",
118
- "m"=>"GET",
119
- "pattern"=>"1",
120
- "uri"=>"http://example.org/foo?xyz=",
121
- "payload"=>"<script>alert(1)</script>",
122
- "meta"=>{"l" => "query"}}
123
- TCellAgent.configuration.allow_unencrypted_appfirewall_payloads= old_uap
124
- expect(TCellAgent.event_queue).to include(expected_as)
123
+
124
+ context "with allow_payloads = true" do
125
+ before(:each) do
126
+ old_uap = TCellAgent.configuration.allow_payloads
127
+ TCellAgent.configuration.allow_payloads = true
128
+ TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
129
+ "policy_id" => "153ed270",
130
+ "version" => 2,
131
+ "data" => {
132
+ "options" => {
133
+ "payloads" => {
134
+ "send_payloads" => true,
135
+ "log_payloads" => false
136
+ }
137
+ },
138
+ "sensors" => {
139
+ "xss" => {
140
+ "patterns" => ["1", "2", "8"]
141
+ }
142
+ }
143
+ }
144
+ }}, cache=false)
145
+ TCellAgent.empty_event_queue
146
+ TCellAgent.configuration.allow_payloads = old_uap
147
+ end
148
+
149
+ it "checks that payload is sent in xss with route_id" do
150
+ response = request2.get("/foo?xyz=%3Cscript%3Ealert(1)%3C%2Fscript%3E")
151
+ expected_as = {
152
+ "event_type"=>"as",
153
+ "dp"=>"xss",
154
+ "param"=>"xyz",
155
+ "rid"=>"myrouteid",
156
+ "m"=>"GET",
157
+ "pattern"=>"1",
158
+ "uri"=>"http://example.org/foo?xyz=",
159
+ "payload"=>"<script>alert(1)</script>",
160
+ "meta"=>{"l" => "query"}}
161
+
162
+ expect(TCellAgent.event_queue).to include(expected_as)
163
+ end
125
164
  end
126
165
 
127
- end #/conext
166
+ end
167
+
128
168
  context "SQL Injection" do
129
169
  before(:each) do
130
170
  TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
131
171
  "policy_id"=>"153ed270",
172
+ "version" => 2,
132
173
  "data"=>{
133
- "options"=>{
134
- "xss"=>true,
135
- "sqli"=>true,
136
- "cmdi"=>true,
174
+ "sensors" => {
175
+ "xss" => {
176
+ "patterns" => ["1"]
177
+ },
178
+ "sqli" => {
179
+ "patterns" => ["1"]
180
+ },
181
+ "cmdi" => {
182
+ "patterns" => ["1"]
183
+ }
137
184
  }
138
185
  }
139
186
  }}, cache=false)
140
187
  TCellAgent.empty_event_queue
141
188
  end
189
+
142
190
  it "alerts on get sqli payload" do
191
+ old_uap = TCellAgent.configuration.allow_payloads
192
+ TCellAgent.configuration.allow_payloads = false
143
193
  # ' OR '3'='3
144
194
  response = request.get("/foo?xyz=abds&def=%27%20OR%20%273%27%3D%273", 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
195
+ TCellAgent.configuration.allow_payloads = old_uap
145
196
  expected_as = {
146
197
  "event_type"=>"as",
147
198
  "dp"=>"sqli",
@@ -153,22 +204,29 @@ module TCellAgent
153
204
  "meta"=>{"l" => "query"}}
154
205
  expect(TCellAgent.event_queue).to include(expected_as)
155
206
  end
156
- end #/conext
207
+ end
208
+
157
209
  context "File Path Traversal" do
158
- before(:each) do
210
+ it "alerts on most obvious payload" do
159
211
  TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
160
212
  "policy_id"=>"153ed270",
213
+ "version" => 2,
161
214
  "data"=>{
162
- "options"=>{
163
- "xss"=>true,
164
- "fpt"=>true,
165
- "cmdi"=>true,
215
+ "options" => {
216
+ "payloads" => {
217
+ "send_payloads" => false,
218
+ "log_payloads" => false
219
+ }
220
+ },
221
+ "sensors" => {
222
+ "fpt" => {
223
+ "patterns" => ["1", "2", "3"]
224
+ }
166
225
  }
167
226
  }
168
227
  }}, cache=false)
169
228
  TCellAgent.empty_event_queue
170
- end
171
- it "alerts on most obvious payload" do
229
+
172
230
  response = request.get("/foo?xyz=/ETC/PASSWD", 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
173
231
  expected_as = {
174
232
  "event_type"=>"as",
@@ -181,9 +239,27 @@ module TCellAgent
181
239
  "meta"=>{"l" => "query"}}
182
240
  expect(TCellAgent.event_queue).to include(expected_as)
183
241
  end
242
+
184
243
  it "checks that payload is sent" do
185
- old_uap = TCellAgent.configuration.allow_unencrypted_appfirewall_payloads
186
- TCellAgent.configuration.allow_unencrypted_appfirewall_payloads = true
244
+ TCellAgent.thread_agent.processPolicyJson({"appsensor"=>{
245
+ "policy_id"=>"153ed270",
246
+ "version" => 2,
247
+ "data"=>{
248
+ "options" => {
249
+ "payloads" => {
250
+ "send_payloads" => true,
251
+ "log_payloads" => false
252
+ }
253
+ },
254
+ "sensors" => {
255
+ "fpt" => {
256
+ "patterns" => ["1", "2", "3"]
257
+ }
258
+ }
259
+ }
260
+ }}, cache=false)
261
+ TCellAgent.empty_event_queue
262
+
187
263
  response = request.get("/foo?xyz=/etc/passwd", 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
188
264
  expected_as = {
189
265
  "event_type"=>"as",
@@ -195,12 +271,12 @@ module TCellAgent
195
271
  "uri"=>"http://example.org/foo?xyz=",
196
272
  "payload"=>"/etc/passwd",
197
273
  "meta"=>{"l" => "query"}}
198
- TCellAgent.configuration.allow_unencrypted_appfirewall_payloads = old_uap
199
274
  expect(TCellAgent.event_queue).to include(expected_as)
200
275
  end
201
- end #/conext
202
- end #/context
203
- end #/describe
276
+ end
277
+ end
278
+
279
+ end
204
280
 
205
281
 
206
282
  end
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb CHANGED
@@ -7,89 +7,57 @@ module TCellAgent
7
7
  describe TCellBodyProxy do
8
8
 
9
9
  context "#close" do
10
- context "missing appsensor policy" do
11
- context "zero content length" do
12
- it "should not call appsensor policy" do
13
- tcell_body_proxy = TCellBodyProxy.new(
14
- Rack::BodyProxy.new(["body"]) { },
15
- true,
16
- nil, nil, nil, nil)
17
-
18
- tcell_body_proxy.content_length = 0
19
-
20
- expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
21
- "Handling Response Size Length"
22
- ).and_call_original
23
-
24
- tcell_body_proxy.close
25
- end
26
- end
27
-
28
- context "non zerno content length" do
29
- it "should not call appsensor policy" do
30
- tcell_body_proxy = TCellBodyProxy.new(
31
- Rack::BodyProxy.new(["body"]) { },
32
- true,
33
- nil, nil, nil, nil)
34
-
35
- tcell_body_proxy.content_length = 512
36
-
37
- expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
38
- "Handling Response Size Length"
39
- ).and_call_original
40
-
41
- tcell_body_proxy.close
42
- end
43
- end
10
+ before(:each) do
11
+ @appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new(
12
+ "get",
13
+ "remote_address",
14
+ "route_id",
15
+ "session_id",
16
+ "user_id",
17
+ "transaction_id")
44
18
  end
45
19
 
46
- context "with appsensor policy" do
47
- context "zero content length" do
48
- it "should not call appsensor policy" do
49
- appsensor_policy = double("appsensor_policy")
50
- appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
51
-
52
- tcell_body_proxy = TCellBodyProxy.new(
53
- Rack::BodyProxy.new(["body"]) { },
54
- true,
55
- nil, nil, nil, nil)
56
- tcell_body_proxy.appsensor_policy = appsensor_policy
57
- tcell_body_proxy.appsensor_meta = appsensor_meta
20
+ context "zero content length" do
21
+ it "appsensor_meta event should be enqueued for processing" do
22
+ tcell_body_proxy = TCellBodyProxy.new(
23
+ Rack::BodyProxy.new(["body"]) { },
24
+ true,
25
+ nil, nil, nil, nil)
26
+ tcell_body_proxy.appsensor_meta = @appsensor_meta
58
27
 
59
- tcell_body_proxy.content_length = 0
28
+ tcell_body_proxy.content_length = 0
60
29
 
61
- expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
62
- "Handling Response Size Length"
63
- ).and_call_original
64
- expect(appsensor_policy).to_not receive(:check_response_size)
30
+ expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
31
+ "Running AppSensor deferred due to streaming"
32
+ ).and_call_original
33
+ expect(TCellAgent).to receive(:send_event).with(
34
+ @appsensor_meta
35
+ )
65
36
 
66
- tcell_body_proxy.close
67
- end
37
+ tcell_body_proxy.close
68
38
  end
39
+ end
69
40
 
70
- context "non zerno content length" do
71
- it "should not call appsensor policy" do
72
- appsensor_policy = double("appsensor_policy")
73
- appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new
74
-
75
- tcell_body_proxy = TCellBodyProxy.new(
76
- Rack::BodyProxy.new(["body"]) { },
77
- true,
78
- nil, nil, nil, nil)
79
- tcell_body_proxy.appsensor_policy = appsensor_policy
80
- tcell_body_proxy.appsensor_meta = appsensor_meta
41
+ context "non zero content length" do
42
+ it "appsensor_meta event should be enqueued for processing" do
43
+ tcell_body_proxy = TCellBodyProxy.new(
44
+ Rack::BodyProxy.new(["body"]) { },
45
+ true,
46
+ nil, nil, nil, nil)
47
+ tcell_body_proxy.appsensor_meta = @appsensor_meta
81
48
 
82
- tcell_body_proxy.content_length = 512
49
+ tcell_body_proxy.content_length = 512
83
50
 
84
- expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
85
- "Handling Response Size Length"
86
- ).and_call_original
87
- expect(appsensor_policy).to receive(:check_response_size).with(appsensor_meta)
51
+ expect(TCellAgent::Instrumentation).to receive(:safe_block).with(
52
+ "Running AppSensor deferred due to streaming"
53
+ ).and_call_original
54
+ expect(TCellAgent).to receive(:send_event).with(
55
+ @appsensor_meta
56
+ )
88
57
 
89
- tcell_body_proxy.close
58
+ tcell_body_proxy.close
90
59
 
91
- expect(appsensor_meta.response_content_bytes_len).to eq(512)
92
- end
60
+ expect(@appsensor_meta.response_content_bytes_len).to eq(512)
93
61
  end
94
62
  end
95
63
  end