tcell_agent 0.2.8 → 0.2.9

data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb

@@ -1,7 +1,6 @@
 # See the file "LICENSE" for the full license governing this code.
 
 require 'rails'
-require 'rails/all'
 require 'uri'
 require 'tcell_agent/logger'
 require 'tcell_agent/agent'
@@ -29,31 +28,33 @@ module TCellAgent
 
             response = @app.call(env)
 
-            response_time = (Time.now.to_f * 1000).to_i - orig
-            TCellAgent::Instrumentation.safe_block("Handling Route Time") {
-              route_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].route_id
-              if route_id
-                TCellAgent.increment_route(route_id, response_time)
-              else
-                TCellAgent.increment_route("", response_time)
-              end
-            }
-            TCellAgent::Instrumentation.safe_block("Handling Sessions Info") {
-              login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LoginFraud)
-              if (login_fraud_policy && login_fraud_policy.session_hijacking_metrics)
-                hmac_session_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].hmac_session_id
-                user_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_id
-                if user_id && hmac_session_id
-                  TCellAgent.increment_session_info(
-                    hmac_session_id,
-                    user_id,
-                    env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].ip_address,
-                    env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_agent,
-                  )
+            if TCellAgent.configuration.should_intercept_requests?
+              response_time = (Time.now.to_f * 1000).to_i - orig
+              TCellAgent::Instrumentation.safe_block("Handling Route Time") {
+                route_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].route_id
+                if route_id
+                  TCellAgent.increment_route(route_id, response_time)
+                else
+                  TCellAgent.increment_route("", response_time)
                 end
-              end
-            }
-            response = self._handle_js_agent_add(request, response)
+              }
+              TCellAgent::Instrumentation.safe_block("Handling Sessions Info") {
+                login_fraud_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LoginFraud)
+                if (login_fraud_policy && login_fraud_policy.session_hijacking_metrics)
+                  hmac_session_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].hmac_session_id
+                  user_id = env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_id
+                  if user_id && hmac_session_id
+                    TCellAgent.increment_session_info(
+                      hmac_session_id,
+                      user_id,
+                      env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].ip_address,
+                      env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_agent,
+                    )
+                  end
+                end
+              }
+              response = self._handle_js_agent_add(request, response)
+            end
 
             response
           end

data/lib/tcell_agent/rails/middleware/context_middleware.rb

@@ -30,18 +30,22 @@ module TCellAgent
           end
 
           def call(env)
-            env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID] = TCellAgent::Instrumentation::TCellData.new
-            TCellAgent::Instrumentation.safe_block("Setting transaction_id") {
-              env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].transaction_id = SecureRandom.uuid
-              request = Rack::Request.new(env)
-              env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].uri = request.fullpath
-            }
-            env["filter_body_set"] = Set.new
-            ContextMiddleware::THREADS[Thread.current.object_id] = env
+            if TCellAgent.configuration.should_intercept_requests?
+              env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID] = TCellAgent::Instrumentation::TCellData.new
+              TCellAgent::Instrumentation.safe_block("Setting transaction_id") {
+                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].transaction_id = SecureRandom.uuid
+                request = Rack::Request.new(env)
+                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].uri = request.fullpath
+              }
+              env["filter_body_set"] = Set.new
+              ContextMiddleware::THREADS[Thread.current.object_id] = env
+            end
 
             response = @app.call(env)
 
-            ContextMiddleware::THREADS.delete(Thread.current.object_id)
+            if TCellAgent.configuration.should_intercept_requests?
+              ContextMiddleware::THREADS.delete(Thread.current.object_id)
+            end
 
             response
           end

data/lib/tcell_agent/rails/middleware/global_middleware.rb

@@ -27,28 +27,30 @@ module TCellAgent
           end
 
           def call(env)
-            request = Rack::Request.new(env)
-            TCellAgent::Instrumentation.safe_block("Setting session_id & user_id") {
-              if request.session
-                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].session_id =
-                  request.session["session_id"]
-                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_id =
-                  TCellAgent::UserInformation.getUserFromRequest(request)
-              end
-            }
-
-            TCellAgent::Instrumentation.safe_block("Setting hmac_session_id") {
-              hmac_key = TCellAgent::SensorEvents::Util.getHmacKey()
-              if request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].session_id
-                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].hmac_session_id =
-                  TCellAgent::SensorEvents::Util.hmac(request.env["tcell.request_data"].session_id, hmac_key)
-              end
-            }
-
-            TCellAgent::Instrumentation.safe_block("Setting and ip address user agent") {
-              env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].ip_address = request.ip
-              env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_agent = request.user_agent
-            }
+            if TCellAgent.configuration.should_intercept_requests?
+              request = Rack::Request.new(env)
+              TCellAgent::Instrumentation.safe_block("Setting session_id & user_id") {
+                if request.session
+                  env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].session_id =
+                    request.session["session_id"]
+                  env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_id =
+                    TCellAgent::UserInformation.getUserFromRequest(request)
+                end
+              }
+
+              TCellAgent::Instrumentation.safe_block("Setting hmac_session_id") {
+                hmac_key = TCellAgent::SensorEvents::Util.getHmacKey()
+                if request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].session_id
+                  env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].hmac_session_id =
+                    TCellAgent::SensorEvents::Util.hmac(request.env["tcell.request_data"].session_id, hmac_key)
+                end
+              }
+
+              TCellAgent::Instrumentation.safe_block("Setting and ip address user agent") {
+                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].ip_address = request.ip
+                env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID].user_agent = request.user_agent
+              }
+            end
 
             response = @app.call(env)
 

data/lib/tcell_agent/rails/middleware/headers_middleware.rb

@@ -31,16 +31,18 @@ module TCellAgent
 
             response = @app.call(env)
 
-            status, headers, active_response = response
-            TCellAgent::Instrumentation.safe_block("Handling Request") {
-              tcell_response = response
-              tcell_response = self._handle_appsensor(request, tcell_response)
-              tcell_response = self._handle_redirect(request, tcell_response)
-              tcell_response = self._set_csp_header(request, tcell_response)
-              tcell_response = self._set_clickjacking_header(request, tcell_response)
-              tcell_response = self._set_secure_headers(request, tcell_response)
-              response = tcell_response
-            }
+            if TCellAgent.configuration.should_intercept_requests?
+              status, headers, active_response = response
+              TCellAgent::Instrumentation.safe_block("Handling Request") {
+                tcell_response = response
+                tcell_response = self._handle_appsensor(request, tcell_response)
+                tcell_response = self._handle_redirect(request, tcell_response)
+                tcell_response = self._set_csp_header(request, tcell_response)
+                tcell_response = self._set_clickjacking_header(request, tcell_response)
+                tcell_response = self._set_secure_headers(request, tcell_response)
+                response = tcell_response
+              }
+            end
 
             response
           end
@@ -108,17 +110,20 @@ module TCellAgent
           def _handle_redirect(request, response)
             TCellAgent::Instrumentation.safe_block("Handling Redirect Headers") {
               status, headers, active_response = response
-
               http_redirect_policy = TCellAgent.policy(TCellAgent::PolicyTypes::HttpRedirect)
               if http_redirect_policy && headers.has_key?("Location")
                 local_uri = URI.parse(request.url)
+                route_id = request.env["tcell.request_data"].route_id
+                session_id = request.env["tcell.request_data"].session_id
                 new_location = http_redirect_policy.enforce(
                   headers["Location"], 
                   local_uri.host, 
                   request.fullpath, 
                   request.request_method,
+                  route_id,
                   status, 
-                  request.ip)
+                  request.ip,
+                  session_id)
                 # Enforcement
                 if (new_location)
                   headers["Location"] = new_location

data/lib/tcell_agent/rails/on_start.rb

@@ -3,19 +3,19 @@
 #require 'tcell_agent/authlogic' if defined?(Authlogic)
 require 'tcell_agent/configuration'
 
-require 'rails/all'
 require 'rails'
 
 TCellAgent::Instrumentation::Rails.send_language_info
-TCellAgent::Instrumentation::Rails.send_framework_info 
-if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument? 
-  module TCellAgent
-    module Instrumentation
-      module Rails
-        METHODS = ['GET','POST','PUT','DELETE','HEAD',
-                   'PATCH','TRACE','CONNECT','OPTIONS']
+TCellAgent::Instrumentation::Rails.send_framework_info
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+      METHODS = ['GET','POST','PUT','DELETE','HEAD',
+                 'PATCH','TRACE','CONNECT','OPTIONS']
 
-        def self.instrument_route(route)
+      def self.instrument_route(route)
+        if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument?
           if (route.constraints.has_key? :request_method)
             route_path = "#{route.path.spec}"
             if (route_path.end_with?("(.:format)"))
@@ -35,65 +35,69 @@ if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrumen
             }
           end
         end
+      end
 
-        def self.instrument_routes
-          if ::Rails.application
-            ::Rails.application.routes.routes.each do |route|
-              self.instrument_route(route)
-            end
-          end
-        end
-
-        if (::Rails::VERSION::MAJOR == 3)
-          ActionDispatch::Routing::RouteSet.class_eval do
-              alias_method :original_add_route, :add_route
-              def add_route(app, conditions = {}, requirements = {}, defaults = {}, name = nil, anchor = true)
-                route = original_add_route(app, conditions, requirements, defaults, name, anchor)
-
-                TCellAgent::Instrumentation::Rails.instrument_route(route)
-
-                route
-              end
+      def self.instrument_routes
+        if ::Rails.application
+          ::Rails.application.routes.routes.each do |route|
+            self.instrument_route(route)
           end
         end
+      end
 
-        if (::Rails::VERSION::MAJOR == 4)
-          ActionDispatch::Journey::Routes.class_eval do
+      if (::Rails::VERSION::MAJOR == 3)
+        ActionDispatch::Routing::RouteSet.class_eval do
             alias_method :original_add_route, :add_route
-            def add_route(app, path, conditions, defaults, name = nil)
-              route = original_add_route(app, path, conditions, defaults, name)
+            def add_route(app, conditions = {}, requirements = {}, defaults = {}, name = nil, anchor = true)
+              route = original_add_route(app, conditions, requirements, defaults, name, anchor)
 
               TCellAgent::Instrumentation::Rails.instrument_route(route)
 
               route
             end
-          end
         end
+      end
 
+      if (::Rails::VERSION::MAJOR == 4)
+        ActionDispatch::Journey::Routes.class_eval do
+          alias_method :original_add_route, :add_route
+          def add_route(app, path, conditions, defaults, name = nil)
+            route = original_add_route(app, path, conditions, defaults, name)
+
+            TCellAgent::Instrumentation::Rails.instrument_route(route)
+
+            route
+          end
+        end
       end
+
     end
   end
+end
 
-  if (Rails.application)
+if (Rails.application)
+  if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument?
     TCellAgent::Instrumentation::Rails.send_settings(Rails.application)
-  else
-    module TCellAgent
-      class MyRailtie < Rails::Railtie
-        initializer 'activeservice.autoload', :after => :set_autoload_paths do |app|
-          if (TCellAgent.configuration.enabled)
-            Rails.application.config.to_prepare do
-              require 'tcell_agent/devise' if defined?(Devise)
-              require 'tcell_agent/rails/auth/devise' if defined?(Devise)
-              require 'tcell_agent/authlogic' if defined?(Authlogic)
-              require 'tcell_agent/rails/auth/authlogic'  if defined?(Authlogic)
-            end
+  end
 
-            Rails.application.config.after_initialize do
-              TCellAgent::Instrumentation::Rails.send_settings(Rails.application)
-            end
+else
+  module TCellAgent
+    class MyRailtie < Rails::Railtie
+      initializer 'activeservice.autoload', :after => :set_autoload_paths do |app|
+        Rails.application.config.to_prepare do
+          require 'tcell_agent/devise' if defined?(Devise)
+          require 'tcell_agent/rails/auth/devise' if defined?(Devise)
+          require 'tcell_agent/authlogic' if defined?(Authlogic)
+          require 'tcell_agent/rails/auth/authlogic'  if defined?(Authlogic)
+        end
+
+        # TODO: will this get run ever?
+        if (TCellAgent.configuration.enabled)
+          Rails.application.config.after_initialize do
+            TCellAgent::Instrumentation::Rails.send_settings(Rails.application)
           end
         end
       end
     end
   end
-end
+end

data/lib/tcell_agent/rails/routes.rb

@@ -1,14 +1,14 @@
 require 'tcell_agent/configuration'
 
-if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument? && TCellAgent.configuration.should_intercept_requests?
+module TCellAgent
+  ActiveSupport.on_load(:action_controller) do
+    ActionController::Base.class_eval do
 
-  module TCellAgent
-    ActiveSupport.on_load(:action_controller) do
-      ActionController::Base.class_eval do
+      prepend_around_filter :tell_around_filter_routes
+      def tell_around_filter_routes
+        begin
 
-        prepend_around_filter :tell_around_filter_routes
-        def tell_around_filter_routes
-          begin
+          if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrument? && TCellAgent.configuration.should_intercept_requests?
             TCellAgent::Instrumentation.safe_block("Determining Rails Route ID") {
               route = Rails.application.routes.router.recognize(request) { |r, _| r }.first
               if route
@@ -19,86 +19,85 @@ if TCellAgent.configuration.enabled && TCellAgent.configuration.should_instrumen
                 end
               end
             }
-                def loop_params_hash(method, param_hash, prefix, &block)
-                    param_hash.each do |param_name, param_value|
-                        if param_value && param_value.is_a?(Hash)
-                            loop_params_hash(method, param_value, 'hash', &block)
-                        elsif !param_value || !param_value.instance_of?(String) || param_value == ""
-                            next
-                        else
-                            block.call(method, param_name, param_value)
-                        end
-                    end
+            def loop_params_hash(method, param_hash, prefix, &block)
+              param_hash.each do |param_name, param_value|
+                if param_value && param_value.is_a?(Hash)
+                  loop_params_hash(method, param_value, 'hash', &block)
+                elsif !param_value || !param_value.instance_of?(String) || param_value == ""
+                  next
+                else
+                  block.call(method, param_name, param_value)
                 end
-                def for_params(request, &block)
-                    get_params = request.GET
-                    if get_params
-                      self.loop_params_hash('get', get_params, nil, &block)
-                    end
-                    post_params = request.POST
-                    if post_params
-                      self.loop_params_hash('post', post_params, nil, &block)
-                    end
-                end
-                def _handle_dataexpsure_forms(request)
-                  dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
-                  tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]
-                  if tcell_context && dataex_policy && dataex_policy.has_actions_for_form_parameter?
-                    for_params(request) { |method, param_name, param_value|
-                      actions = dataex_policy.get_actions_for_request("form",param_name)
-                      if actions
-                        actions.each { |action|
-                          tcell_context.add_filter_for_request_parameter(param_value, action, param_name)
-                        }
-                      end
+              end
+            end
+            def for_params(request, &block)
+              get_params = request.GET
+              if get_params
+                self.loop_params_hash('get', get_params, nil, &block)
+              end
+              post_params = request.POST
+              if post_params
+                self.loop_params_hash('post', post_params, nil, &block)
+              end
+            end
+            def _handle_dataexpsure_forms(request)
+              dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+              tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]
+              if tcell_context && dataex_policy && dataex_policy.has_actions_for_form_parameter?
+                for_params(request) { |method, param_name, param_value|
+                  actions = dataex_policy.get_actions_for_request("form",param_name)
+                  if actions
+                    actions.each { |action|
+                      tcell_context.add_filter_for_request_parameter(param_value, action, param_name)
                     }
                   end
-                end
-                TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request forms)") {
-                  _handle_dataexpsure_forms(request)
                 }
-
-                def _handle_dataexpsure_headers(request)
-                  dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
-                  tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]
-                  if tcell_context && dataex_policy && dataex_policy.has_actions_for_headers?
-                    headers = request.env.select {|k,v| k.start_with? 'HTTP_'}
-                    headers.each { |header_name, header_value|
-                      header_name = header_name.sub(/^HTTP_/, '').gsub('_','-')
-                      actions = dataex_policy.get_actions_for_header(header_name)
-                      if actions
-                        actions.each { |action|
-                          tcell_context.add_filter_for_header_value(header_value, action, header_name)
-                        }
-                      end
+              end
+            end
+            TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request forms)") {
+              _handle_dataexpsure_forms(request)
+            }
+            def _handle_dataexpsure_headers(request)
+              dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+              tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]
+              if tcell_context && dataex_policy && dataex_policy.has_actions_for_headers?
+                headers = request.env.select {|k,v| k.start_with? 'HTTP_'}
+                headers.each { |header_name, header_value|
+                  header_name = header_name.sub(/^HTTP_/, '').gsub('_','-')
+                  actions = dataex_policy.get_actions_for_header(header_name)
+                  if actions
+                    actions.each { |action|
+                      tcell_context.add_filter_for_header_value(header_value, action, header_name)
                     }
                   end
-                end
-                TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request headers)") {
-                  _handle_dataexpsure_headers(request)
                 }
-
-                def _handler_dataexposure_cookies(request)
-                  dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
-                  tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]               
-                  if tcell_context && dataex_policy && dataex_policy.has_actions_for_cookie?
-                    request.cookies.each { |cookie_name, cookie_value|
-                      actions = dataex_policy.get_actions_for_cookie(cookie_name)
-                      if actions
-                        actions.each { |action|
-                          tcell_context.add_filter_for_cookie_value(cookie_value, action, cookie_name)
-                        }
-                      end
+              end
+            end
+            TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request headers)") {
+              _handle_dataexpsure_headers(request)
+            }
+            def _handler_dataexposure_cookies(request)
+              dataex_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+              tcell_context = request.env[TCellAgent::Instrumentation::Rails::Middleware::TCELL_ID]               
+              if tcell_context && dataex_policy && dataex_policy.has_actions_for_cookie?
+                request.cookies.each { |cookie_name, cookie_value|
+                  actions = dataex_policy.get_actions_for_cookie(cookie_name)
+                  if actions
+                    actions.each { |action|
+                      tcell_context.add_filter_for_cookie_value(cookie_value, action, cookie_name)
                     }
                   end
-                end
-                TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request cookies)") {
-                  _handler_dataexposure_cookies(request)
                 }
-            yield
+              end
+            end
+            TCellAgent::Instrumentation.safe_block("Handling Dataexposure (request cookies)") {
+              _handler_dataexposure_cookies(request)
+            }
           end
+
+          yield
         end
       end
     end
   end
-end
+end