tcell_agent 0.2.8 → 0.2.9
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tcell_agent/agent/event_processor.rb +14 -0
- data/lib/tcell_agent/agent/policy_manager.rb +48 -17
- data/lib/tcell_agent/configuration.rb +20 -7
- data/lib/tcell_agent/policies/http_redirect_policy.rb +2 -2
- data/lib/tcell_agent/rails.rb +0 -3
- data/lib/tcell_agent/rails/auth/authlogic.rb +46 -41
- data/lib/tcell_agent/rails/auth/devise.rb +45 -39
- data/lib/tcell_agent/rails/dlp.rb +126 -84
- data/lib/tcell_agent/rails/middleware/body_filter_middleware.rb +26 -25
- data/lib/tcell_agent/rails/middleware/context_middleware.rb +13 -9
- data/lib/tcell_agent/rails/middleware/global_middleware.rb +24 -22
- data/lib/tcell_agent/rails/middleware/headers_middleware.rb +17 -12
- data/lib/tcell_agent/rails/on_start.rb +52 -48
- data/lib/tcell_agent/rails/routes.rb +74 -75
- data/lib/tcell_agent/sensor_events/sensor.rb +4 -1
- data/lib/tcell_agent/servers/thin.rb +1 -0
- data/lib/tcell_agent/servers/unicorn.rb +82 -6
- data/lib/tcell_agent/start_background_thread.rb +24 -19
- data/lib/tcell_agent/version.rb +1 -1
- data/spec/lib/tcell_agent/agent/policy_manager_spec.rb +218 -0
- data/spec/lib/tcell_agent/policies/http_redirect_policy_spec.rb +2 -2
- data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb +89 -0
- data/spec/spec_helper.rb +9 -0
- metadata +30 -26
|
@@ -0,0 +1,89 @@
|
|
|
1
|
+
require 'spec_helper'
|
|
2
|
+
require 'rack/test'
|
|
3
|
+
require 'rack'
|
|
4
|
+
|
|
5
|
+
module TCellAgent
|
|
6
|
+
module Instrumentation
|
|
7
|
+
module Rails
|
|
8
|
+
module Middleware
|
|
9
|
+
|
|
10
|
+
|
|
11
|
+
class MockAppsensorRackApp
|
|
12
|
+
|
|
13
|
+
attr_reader :request_body
|
|
14
|
+
|
|
15
|
+
def initialize(route_id=nil, session_id=nil)
|
|
16
|
+
@route_id = route_id
|
|
17
|
+
@session_id = session_id
|
|
18
|
+
@request_headers = {}
|
|
19
|
+
end
|
|
20
|
+
|
|
21
|
+
def call(env)
|
|
22
|
+
@env = env
|
|
23
|
+
rack_request = Rack::Request.new(env)
|
|
24
|
+
response_headers = {'Content-Type' => 'text/html'}
|
|
25
|
+
env["tcell.request_data"].transaction_id = "a-b-c-d-e-f"
|
|
26
|
+
env["tcell.request_data"].session_id = @session_id
|
|
27
|
+
env["tcell.request_data"].route_id = @route_id
|
|
28
|
+
if (rack_request.params['rv'])
|
|
29
|
+
response_headers["Location"] = rack_request.params['rv']
|
|
30
|
+
end
|
|
31
|
+
[200, response_headers, ['OK']]
|
|
32
|
+
end
|
|
33
|
+
|
|
34
|
+
def [](key)
|
|
35
|
+
@env[key]
|
|
36
|
+
end
|
|
37
|
+
|
|
38
|
+
end
|
|
39
|
+
|
|
40
|
+
describe HeadersMiddleware do
|
|
41
|
+
|
|
42
|
+
let(:app) { MockAppsensorRackApp.new }
|
|
43
|
+
let(:app2) { MockAppsensorRackApp.new(route_id="myrouteid", session_id="plainsessionid") }
|
|
44
|
+
|
|
45
|
+
subject { withTCellMiddleware( app ) }
|
|
46
|
+
|
|
47
|
+
context "Redirect Middleware" do
|
|
48
|
+
before(:each) do
|
|
49
|
+
TCellAgent.configuration = TCellAgent::Configuration.new
|
|
50
|
+
TCellAgent.configuration.read_config_from_file(get_test_resource_path("normal_config.json"))
|
|
51
|
+
end
|
|
52
|
+
let(:request) { Rack::MockRequest.new(subject) }
|
|
53
|
+
let(:request2) { Rack::MockRequest.new( withTCellMiddleware( app2 )) }
|
|
54
|
+
let(:agent) { ::TCellAgent::Agent.new }
|
|
55
|
+
context "Event" do
|
|
56
|
+
before(:each) do
|
|
57
|
+
TCellAgent.thread_agent.processPolicyJson({"http-redirect"=>{
|
|
58
|
+
"policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
|
|
59
|
+
"data"=>{
|
|
60
|
+
"enabled"=>true,
|
|
61
|
+
"block"=>false,
|
|
62
|
+
"whitelist"=>[]
|
|
63
|
+
}
|
|
64
|
+
}}, cache=false)
|
|
65
|
+
TCellAgent.empty_event_queue
|
|
66
|
+
end
|
|
67
|
+
it "sends redirect" do
|
|
68
|
+
response = request.get("/some/path2?abcdef=adsfsadf&rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
|
|
69
|
+
expect(response['Location']).to eq("https://www.google.com")
|
|
70
|
+
expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com"}
|
|
71
|
+
expect(TCellAgent.event_queue).to include(expected_as)
|
|
72
|
+
end
|
|
73
|
+
it "sends redirect event with extra info" do
|
|
74
|
+
response = request2.get("/some/path2?abcdef=adsfsadf&rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
|
|
75
|
+
expect(response['Location']).to eq("https://www.google.com")
|
|
76
|
+
expected_as = {"event_type"=>"redirect", "method"=>"GET", "from_domain"=>"example.org", "status_code"=>200, "remote_addr"=>"1.3.3.4", "rid"=>"myrouteid", "from"=>"/some/path2?abcdef=&rv=", "to"=>"www.google.com", "sid"=>"cb3fab8131c0e32cb80916d0d6954729eb66ea5782016625f278e7317e35259e"}
|
|
77
|
+
expect(TCellAgent.event_queue).to include(expected_as)
|
|
78
|
+
end
|
|
79
|
+
|
|
80
|
+
end #/conext
|
|
81
|
+
|
|
82
|
+
end #/context
|
|
83
|
+
end #/describe
|
|
84
|
+
|
|
85
|
+
|
|
86
|
+
end
|
|
87
|
+
end
|
|
88
|
+
end
|
|
89
|
+
end
|
data/spec/spec_helper.rb
CHANGED
|
@@ -14,3 +14,12 @@ def get_test_resource_path(name)
|
|
|
14
14
|
end
|
|
15
15
|
|
|
16
16
|
require 'tcell_agent/agent'
|
|
17
|
+
|
|
18
|
+
if TCellAgent.configuration.raise_exceptions
|
|
19
|
+
puts "[tCell.io] ******WARNING*************WARNING**************WARNING****************"
|
|
20
|
+
puts "[tCell.io] Travis CI has TCELL_RAISE_EXCEPTIONS set to false."
|
|
21
|
+
puts "[tCell.io] Your environment TCELL_RAISE_EXCEPTIONS has it set to true"
|
|
22
|
+
puts "[tCell.io] because of this discrepancy you may observe different spec failures"
|
|
23
|
+
puts "[tCell.io] in your dev env than those observed on Travis CI"
|
|
24
|
+
puts "[tCell.io] **********************************************************************"
|
|
25
|
+
end
|
metadata
CHANGED
|
@@ -1,14 +1,14 @@
|
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
|
2
2
|
name: tcell_agent
|
|
3
3
|
version: !ruby/object:Gem::Version
|
|
4
|
-
version: 0.2.
|
|
4
|
+
version: 0.2.9
|
|
5
5
|
platform: ruby
|
|
6
6
|
authors:
|
|
7
7
|
- Garrett
|
|
8
8
|
autorequire:
|
|
9
9
|
bindir: bin
|
|
10
10
|
cert_chain: []
|
|
11
|
-
date: 2016-
|
|
11
|
+
date: 2016-03-01 00:00:00.000000000 Z
|
|
12
12
|
dependencies:
|
|
13
13
|
- !ruby/object:Gem::Dependency
|
|
14
14
|
name: rest-client
|
|
@@ -117,20 +117,24 @@ executables:
|
|
|
117
117
|
extensions: []
|
|
118
118
|
extra_rdoc_files: []
|
|
119
119
|
files:
|
|
120
|
+
- LICENSE
|
|
121
|
+
- README.md
|
|
120
122
|
- Rakefile
|
|
123
|
+
- bin/tcell_agent
|
|
124
|
+
- lib/tcell_agent.rb
|
|
125
|
+
- lib/tcell_agent/agent.rb
|
|
121
126
|
- lib/tcell_agent/agent/event_processor.rb
|
|
122
127
|
- lib/tcell_agent/agent/fork_pipe_manager.rb
|
|
123
128
|
- lib/tcell_agent/agent/policy_manager.rb
|
|
124
129
|
- lib/tcell_agent/agent/policy_types.rb
|
|
125
130
|
- lib/tcell_agent/agent/route_manager.rb
|
|
126
131
|
- lib/tcell_agent/agent/static_agent.rb
|
|
127
|
-
- lib/tcell_agent/agent.rb
|
|
128
132
|
- lib/tcell_agent/api.rb
|
|
133
|
+
- lib/tcell_agent/appsensor.rb
|
|
129
134
|
- lib/tcell_agent/appsensor/cmdi.rb
|
|
130
135
|
- lib/tcell_agent/appsensor/path_traversal.rb
|
|
131
136
|
- lib/tcell_agent/appsensor/sqli.rb
|
|
132
137
|
- lib/tcell_agent/appsensor/xss.rb
|
|
133
|
-
- lib/tcell_agent/appsensor.rb
|
|
134
138
|
- lib/tcell_agent/authlogic.rb
|
|
135
139
|
- lib/tcell_agent/configuration.rb
|
|
136
140
|
- lib/tcell_agent/devise.rb
|
|
@@ -145,6 +149,7 @@ files:
|
|
|
145
149
|
- lib/tcell_agent/policies/http_tx_policy.rb
|
|
146
150
|
- lib/tcell_agent/policies/login_fraud_policy.rb
|
|
147
151
|
- lib/tcell_agent/policies/secure_headers_policy.rb
|
|
152
|
+
- lib/tcell_agent/rails.rb
|
|
148
153
|
- lib/tcell_agent/rails/auth/authlogic.rb
|
|
149
154
|
- lib/tcell_agent/rails/auth/devise.rb
|
|
150
155
|
- lib/tcell_agent/rails/dlp.rb
|
|
@@ -155,7 +160,6 @@ files:
|
|
|
155
160
|
- lib/tcell_agent/rails/on_start.rb
|
|
156
161
|
- lib/tcell_agent/rails/routes.rb
|
|
157
162
|
- lib/tcell_agent/rails/settings_reporter.rb
|
|
158
|
-
- lib/tcell_agent/rails.rb
|
|
159
163
|
- lib/tcell_agent/routes/table.rb
|
|
160
164
|
- lib/tcell_agent/sensor_events/app_config.rb
|
|
161
165
|
- lib/tcell_agent/sensor_events/app_sensor.rb
|
|
@@ -180,7 +184,9 @@ files:
|
|
|
180
184
|
- lib/tcell_agent/userinfo.rb
|
|
181
185
|
- lib/tcell_agent/utils/queue_with_timeout.rb
|
|
182
186
|
- lib/tcell_agent/version.rb
|
|
183
|
-
-
|
|
187
|
+
- spec/apps/rails-3.2/Gemfile
|
|
188
|
+
- spec/apps/rails-3.2/Gemfile.lock
|
|
189
|
+
- spec/apps/rails-3.2/Rakefile
|
|
184
190
|
- spec/apps/rails-3.2/app/assets/images/rails.png
|
|
185
191
|
- spec/apps/rails-3.2/app/assets/javascripts/application.js
|
|
186
192
|
- spec/apps/rails-3.2/app/assets/stylesheets/application.css
|
|
@@ -189,15 +195,15 @@ files:
|
|
|
189
195
|
- spec/apps/rails-3.2/app/helpers/application_helper.rb
|
|
190
196
|
- spec/apps/rails-3.2/app/views/layouts/application.html.erb
|
|
191
197
|
- spec/apps/rails-3.2/app/views/t_cell_app/index.html.erb
|
|
198
|
+
- spec/apps/rails-3.2/config.ru
|
|
192
199
|
- spec/apps/rails-3.2/config/application.rb
|
|
193
200
|
- spec/apps/rails-3.2/config/boot.rb
|
|
194
201
|
- spec/apps/rails-3.2/config/environment.rb
|
|
195
202
|
- spec/apps/rails-3.2/config/environments/test.rb
|
|
196
203
|
- spec/apps/rails-3.2/config/routes.rb
|
|
197
|
-
- spec/apps/rails-
|
|
198
|
-
- spec/apps/rails-
|
|
199
|
-
- spec/apps/rails-
|
|
200
|
-
- spec/apps/rails-3.2/Rakefile
|
|
204
|
+
- spec/apps/rails-4.1/Gemfile
|
|
205
|
+
- spec/apps/rails-4.1/Gemfile.lock
|
|
206
|
+
- spec/apps/rails-4.1/Rakefile
|
|
201
207
|
- spec/apps/rails-4.1/app/assets/javascripts/application.js
|
|
202
208
|
- spec/apps/rails-4.1/app/assets/stylesheets/application.css
|
|
203
209
|
- spec/apps/rails-4.1/app/controllers/application_controller.rb
|
|
@@ -205,6 +211,7 @@ files:
|
|
|
205
211
|
- spec/apps/rails-4.1/app/helpers/application_helper.rb
|
|
206
212
|
- spec/apps/rails-4.1/app/views/layouts/application.html.erb
|
|
207
213
|
- spec/apps/rails-4.1/app/views/t_cell_app/index.html.erb
|
|
214
|
+
- spec/apps/rails-4.1/config.ru
|
|
208
215
|
- spec/apps/rails-4.1/config/application.rb
|
|
209
216
|
- spec/apps/rails-4.1/config/boot.rb
|
|
210
217
|
- spec/apps/rails-4.1/config/environment.rb
|
|
@@ -220,13 +227,10 @@ files:
|
|
|
220
227
|
- spec/apps/rails-4.1/config/locales/en.yml
|
|
221
228
|
- spec/apps/rails-4.1/config/routes.rb
|
|
222
229
|
- spec/apps/rails-4.1/config/secrets.yml
|
|
223
|
-
- spec/apps/rails-4.1/config.ru
|
|
224
|
-
- spec/apps/rails-4.1/Gemfile
|
|
225
|
-
- spec/apps/rails-4.1/Gemfile.lock
|
|
226
|
-
- spec/apps/rails-4.1/Rakefile
|
|
227
230
|
- spec/controllers/application_controller.rb
|
|
228
231
|
- spec/integration/puma.rb
|
|
229
232
|
- spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb
|
|
233
|
+
- spec/lib/tcell_agent/agent/policy_manager_spec.rb
|
|
230
234
|
- spec/lib/tcell_agent/agent/static_agent_spec.rb
|
|
231
235
|
- spec/lib/tcell_agent/api/api_spec.rb
|
|
232
236
|
- spec/lib/tcell_agent/appsensor_spec.rb
|
|
@@ -243,6 +247,7 @@ files:
|
|
|
243
247
|
- spec/lib/tcell_agent/rails/logger_spec.rb
|
|
244
248
|
- spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
|
|
245
249
|
- spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
|
|
250
|
+
- spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
|
|
246
251
|
- spec/lib/tcell_agent/rails_spec.rb
|
|
247
252
|
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
|
248
253
|
- spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
|
|
@@ -254,10 +259,7 @@ files:
|
|
|
254
259
|
- spec/support/middleware_helper.rb
|
|
255
260
|
- spec/support/resources/normal_config.json
|
|
256
261
|
- spec/support/static_agent_overrides.rb
|
|
257
|
-
- README.md
|
|
258
|
-
- LICENSE
|
|
259
262
|
- tcell_agent.gemspec
|
|
260
|
-
- bin/tcell_agent
|
|
261
263
|
homepage: https://www.tcell.io
|
|
262
264
|
licenses:
|
|
263
265
|
- Copyright (c) 2015 tCell.io (see LICENSE file)
|
|
@@ -280,11 +282,14 @@ required_rubygems_version: !ruby/object:Gem::Requirement
|
|
|
280
282
|
version: '0'
|
|
281
283
|
requirements: []
|
|
282
284
|
rubyforge_project:
|
|
283
|
-
rubygems_version: 2.
|
|
285
|
+
rubygems_version: 2.4.8
|
|
284
286
|
signing_key:
|
|
285
287
|
specification_version: 4
|
|
286
288
|
summary: tCell.io Agent for Rails & Sinatra
|
|
287
289
|
test_files:
|
|
290
|
+
- spec/apps/rails-3.2/Gemfile
|
|
291
|
+
- spec/apps/rails-3.2/Gemfile.lock
|
|
292
|
+
- spec/apps/rails-3.2/Rakefile
|
|
288
293
|
- spec/apps/rails-3.2/app/assets/images/rails.png
|
|
289
294
|
- spec/apps/rails-3.2/app/assets/javascripts/application.js
|
|
290
295
|
- spec/apps/rails-3.2/app/assets/stylesheets/application.css
|
|
@@ -293,15 +298,15 @@ test_files:
|
|
|
293
298
|
- spec/apps/rails-3.2/app/helpers/application_helper.rb
|
|
294
299
|
- spec/apps/rails-3.2/app/views/layouts/application.html.erb
|
|
295
300
|
- spec/apps/rails-3.2/app/views/t_cell_app/index.html.erb
|
|
301
|
+
- spec/apps/rails-3.2/config.ru
|
|
296
302
|
- spec/apps/rails-3.2/config/application.rb
|
|
297
303
|
- spec/apps/rails-3.2/config/boot.rb
|
|
298
304
|
- spec/apps/rails-3.2/config/environment.rb
|
|
299
305
|
- spec/apps/rails-3.2/config/environments/test.rb
|
|
300
306
|
- spec/apps/rails-3.2/config/routes.rb
|
|
301
|
-
- spec/apps/rails-
|
|
302
|
-
- spec/apps/rails-
|
|
303
|
-
- spec/apps/rails-
|
|
304
|
-
- spec/apps/rails-3.2/Rakefile
|
|
307
|
+
- spec/apps/rails-4.1/Gemfile
|
|
308
|
+
- spec/apps/rails-4.1/Gemfile.lock
|
|
309
|
+
- spec/apps/rails-4.1/Rakefile
|
|
305
310
|
- spec/apps/rails-4.1/app/assets/javascripts/application.js
|
|
306
311
|
- spec/apps/rails-4.1/app/assets/stylesheets/application.css
|
|
307
312
|
- spec/apps/rails-4.1/app/controllers/application_controller.rb
|
|
@@ -309,6 +314,7 @@ test_files:
|
|
|
309
314
|
- spec/apps/rails-4.1/app/helpers/application_helper.rb
|
|
310
315
|
- spec/apps/rails-4.1/app/views/layouts/application.html.erb
|
|
311
316
|
- spec/apps/rails-4.1/app/views/t_cell_app/index.html.erb
|
|
317
|
+
- spec/apps/rails-4.1/config.ru
|
|
312
318
|
- spec/apps/rails-4.1/config/application.rb
|
|
313
319
|
- spec/apps/rails-4.1/config/boot.rb
|
|
314
320
|
- spec/apps/rails-4.1/config/environment.rb
|
|
@@ -324,13 +330,10 @@ test_files:
|
|
|
324
330
|
- spec/apps/rails-4.1/config/locales/en.yml
|
|
325
331
|
- spec/apps/rails-4.1/config/routes.rb
|
|
326
332
|
- spec/apps/rails-4.1/config/secrets.yml
|
|
327
|
-
- spec/apps/rails-4.1/config.ru
|
|
328
|
-
- spec/apps/rails-4.1/Gemfile
|
|
329
|
-
- spec/apps/rails-4.1/Gemfile.lock
|
|
330
|
-
- spec/apps/rails-4.1/Rakefile
|
|
331
333
|
- spec/controllers/application_controller.rb
|
|
332
334
|
- spec/integration/puma.rb
|
|
333
335
|
- spec/lib/tcell_agent/agent/fork_pipe_manager_spec.rb
|
|
336
|
+
- spec/lib/tcell_agent/agent/policy_manager_spec.rb
|
|
334
337
|
- spec/lib/tcell_agent/agent/static_agent_spec.rb
|
|
335
338
|
- spec/lib/tcell_agent/api/api_spec.rb
|
|
336
339
|
- spec/lib/tcell_agent/appsensor_spec.rb
|
|
@@ -347,6 +350,7 @@ test_files:
|
|
|
347
350
|
- spec/lib/tcell_agent/rails/logger_spec.rb
|
|
348
351
|
- spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
|
|
349
352
|
- spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb
|
|
353
|
+
- spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb
|
|
350
354
|
- spec/lib/tcell_agent/rails_spec.rb
|
|
351
355
|
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
|
352
356
|
- spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
|