tcell_agent 0.4.0 → 1.0.0

data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb

@@ -8,60 +8,53 @@ module TCellAgent
   module Instrumentation
     module Rails
       module Middleware
-
-
         class MockDLPRackApp
-
           attr_reader :request_body
 
-          def initialize(body="OK", route_id=nil, session_id=nil)
+          def initialize(body = 'OK', route_id = nil, session_id = nil)
             @route_id = route_id
             @session_id = session_id
             @request_headers = {}
             @body = body
           end
 
-          def loop_params_hash(method, param_hash, prefix, &block)
+          def loop_params_hash(method, param_hash, _prefix, &block)
             param_hash.each do |param_name, param_value|
               if param_value && param_value.is_a?(Hash)
                 loop_params_hash(method, param_value, 'hash', &block)
-              elsif !param_value || !param_value.instance_of?(String) || param_value == ""
+              elsif !param_value || !param_value.instance_of?(String) || param_value == ''
                 next
               else
-                block.call(method, param_name, param_value)
+                yield(method, param_name, param_value)
               end
             end
           end
 
           def for_params(request, &block)
             get_params = request.GET
-            if get_params
-              self.loop_params_hash('get', get_params, nil, &block)
-            end
+            loop_params_hash('get', get_params, nil, &block) if get_params
             post_params = request.POST
-            if post_params
-              self.loop_params_hash('post', post_params, nil, &block)
-            end
-          end   
+            loop_params_hash('post', post_params, nil, &block) if post_params
+          end
 
           def call(env)
             @env = env
             rack_request = Rack::Request.new(env)
-            response_headers = {'Content-Type' => 'text/html'}
-            env["tcell.request_data"].transaction_id = "a-b-c-d-e-f"
-            env["tcell.request_data"].session_id = @session_id
-            env["tcell.request_data"].route_id = @route_id
-            tcell_context = env["tcell.request_data"]
+            response_headers = { 'Content-Type' => 'text/html' }
+            env['tcell.request_data'].transaction_id = 'a-b-c-d-e-f'
+            env['tcell.request_data'].session_id = @session_id
+            env['tcell.request_data'].route_id = @route_id
+            tcell_context = env['tcell.request_data']
             dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
             if dlp_policy
-              action_objs = dlp_policy.get_actions_for_table("*", "*", "tablex", "columnb", tcell_context.route_id)
+              action_objs = dlp_policy.get_actions_for_table('*', '*', 'tablex', 'columnb', tcell_context.route_id)
               if action_objs
                 action_objs.each do |action_obj|
-                  tcell_context.add_response_db_filter("secretvalue", action_obj, "databx", "*", "tablex", "columnb")
+                  tcell_context.add_response_db_filter('secretvalue', action_obj, 'databx', '*', 'tablex', 'columnb')
                 end
               end
               TCellAgent::DLP.handle_request_dlp_parameters(rack_request)
-              #if tcell_context && dlp_policy && dlp_policy.has_actions_for_form_parameter?
+              # if tcell_context && dlp_policy && dlp_policy.has_actions_for_form_parameter?
               #  for_params(rack_request) { |method, param_name, param_value|
               #    actions = dlp_policy.get_actions_for_form_parameter(param_name, tcell_context.route_id)
               #    if actions
@@ -71,7 +64,7 @@ module TCellAgent
               #      }
               #    end
               #  }
-              #end
+              # end
             end
             tcell_context.filter_body!(@body)
             [200, response_headers, [@body]]
@@ -80,92 +73,125 @@ module TCellAgent
           def [](key)
             @env[key]
           end
-
         end
 
         describe HeadersMiddleware do
-
           let(:app) { MockDLPRackApp.new }
-          let(:app2) { MockDLPRackApp.new(body="My secretvalue othervalue test", route_id="myrouteid", session_id="plainsessionid") }
+          let(:app2) { MockDLPRackApp.new('My secretvalue othervalue test', 'myrouteid', 'plainsessionid') }
 
-          subject { withTCellMiddleware( app ) }
+          subject { with_tcell_middleware(app) }
 
-          context "DLP Middleware" do
+          context 'DLP Middleware' do
             before(:each) do
               TCellAgent.configuration = TCellAgent::Configuration.new
-              TCellAgent.configuration.read_config_from_file(get_test_resource_path("normal_config.json"))
+              TCellAgent.configuration.read_config_from_file(get_test_resource_path('normal_config.json'))
             end
             let(:request) { Rack::MockRequest.new(subject) }
-            let(:request2) { Rack::MockRequest.new( withTCellMiddleware( app2 )) }
+            let(:request2) { Rack::MockRequest.new(with_tcell_middleware(app2)) }
             let(:agent) { ::TCellAgent::Agent.new }
-            context "Event" do
+            context 'Event' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson({"dlp" => {
-                    "policy_id"=>"x1a1",
-                    "data"=>{
-                      "db_protections"=>[
-                        {
-                          "scope"=>"route",
-                          "route_ids"=>["myrouteid"],
-                          "databases"=>["*"],
-                          "schemas"=>["*"],
-                          "tables"=>["tablex"],
-                          "fields"=>["columnb"],
-                          "id"=>"323213",
-                          "actions"=>{
-                            "log"=>["redact"],
-                            "body"=>["redact"]
+                TCellAgent.thread_agent.processPolicyJson(
+                  {
+                    'dlp' => {
+                      'policy_id' => 'x1a1',
+                      'data' => {
+                        'db_protections' => [
+                          {
+                            'scope' => 'route',
+                            'route_ids' => ['myrouteid'],
+                            'databases' => ['*'],
+                            'schemas' => ['*'],
+                            'tables' => ['tablex'],
+                            'fields' => ['columnb'],
+                            'id' => '323213',
+                            'actions' => {
+                              'log' => ['redact'],
+                              'body' => ['redact']
+                            }
                           }
-                        }
-                      ]
+                        ]
+                      }
                     }
-                  }}, cache=false) 
+                  },
+                  false
+                )
                 TCellAgent.empty_event_queue
               end
-              it "redacts body" do
-                response = request2.get("/some/path2?x=abc", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
-                expect(response.body).to eq("My [redacted] othervalue test")
-                #expect(response['Location']).to eq("https://www.google.com")
-                expected_as = {"event_type" => "dlp", "rid" => "myrouteid", "found_in" => "body", "rule" => "323213", "type" => "db", "db" => "databx", "schema" => "*", "table" => "tablex", "field" => "columnb", "uri" => "/some/path2?x="}
+              it 'redacts body' do
+                response = request2.get(
+                  '/some/path2?x=abc',
+                  'CONTENT_TYPE' => 'text/html',
+                  'REMOTE_ADDR' => '1.3.3.4,3.4.5.6'
+                )
+                expect(response.body).to eq('My [redacted] othervalue test')
+                # expect(response['Location']).to eq("https://www.google.com")
+                expected_as = {
+                  'event_type' => 'dlp',
+                  'rid' => 'myrouteid',
+                  'found_in' => 'body',
+                  'rule' => '323213',
+                  'type' => 'db',
+                  'db' => 'databx',
+                  'schema' => '*',
+                  'table' => 'tablex',
+                  'field' => 'columnb',
+                  'uri' => 'http://example.org/some/path2?x='
+                }
                 expect(TCellAgent.event_queue).to include(expected_as)
               end
-            end #/conext
-
+            end
 
-            context "Event for request dlp" do
+            context 'Event for request dlp' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson({"dlp" => {
-                  "policy_id"=>"x1a1",
-                  "data"=>{
-                    "request_protections"=>[
-                      {
-                        "variable_context"=>"form",
-                        "scope"=>"route",
-                        "route_ids"=>["myrouteid"],
-                        "variables"=>["test333"],
-                        "id"=>"08080808",
-                        "actions"=>{
-                          "log"=>["redact"],
-                          "body"=>["event"]
-                        }
+                TCellAgent.thread_agent.processPolicyJson(
+                  {
+                    'dlp' => {
+                      'policy_id' => 'x1a1',
+                      'data' => {
+                        'request_protections' => [
+                          {
+                            'variable_context' => 'form',
+                            'scope' => 'route',
+                            'route_ids' => ['myrouteid'],
+                            'variables' => ['test333'],
+                            'id' => '08080808',
+                            'actions' => {
+                              'log' => ['redact'],
+                              'body' => ['event']
+                            }
+                          }
+                        ]
                       }
-                    ]
-                  }
-                  }}, cache=false) 
+                    }
+                  },
+                  false
+                )
                 TCellAgent.empty_event_queue
               end
-              it "redacts body" do
-                response = request2.get("/some/path2?test333=othervalue", 'CONTENT_TYPE' => 'text/html', 'REMOTE_ADDR' => '1.3.3.4,3.4.5.6')
-                expect(response.body).to eq("My secretvalue othervalue test")
-                expected_as = {"event_type" => "dlp", "rid" => "myrouteid", "found_in" => "body", "rule" => "08080808", "type" => "req", "context" => "form", "variable" => "test333", "uri" => "/some/path2?test333="}
+
+              it 'redacts body' do
+                response = request2.get(
+                  '/some/path2?test333=othervalue',
+                  'CONTENT_TYPE' => 'text/html',
+                  'REMOTE_ADDR' => '1.3.3.4,3.4.5.6'
+                )
+                expect(response.body).to eq('My secretvalue othervalue test')
+                expected_as = {
+                  'event_type' => 'dlp',
+                  'rid' => 'myrouteid',
+                  'found_in' => 'body',
+                  'rule' => '08080808',
+                  'type' => 'req',
+                  'context' => 'form',
+                  'variable' => 'test333',
+                  'uri' => 'http://example.org/some/path2?test333='
+                }
                 expect(TCellAgent.event_queue).to include(expected_as)
               end
-            end #/conext
-            
-          end #/context
-        end #/describe
-
-
+            end
+          end
+        end
       end
     end
   end

data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb

@@ -6,9 +6,7 @@ module TCellAgent
   module Instrumentation
     module Rails
       module Middleware
-
         class MockRackApp
-
           attr_reader :request_body
 
           def initialize
@@ -19,138 +17,163 @@ module TCellAgent
             @env = env
             @request_body = env['rack.input'].read
             rack_request = Rack::Request.new(env)
-            response_headers = {'Content-Type' => 'text/html'}
-            if (rack_request.params['rv'])
-              response_headers["Location"] = rack_request.params['rv']
+            response_headers = { 'Content-Type' => 'text/html' }
+            if rack_request.params['rv']
+              response_headers['Location'] = rack_request.params['rv']
             end
-            env["tcell.request_data"].transaction_id = "a-b-c-d-e-f"
-            #env["tcell.request_data"].route_id = "x-b-c-d-e-f"
+            env['tcell.request_data'].transaction_id = 'a-b-c-d-e-f'
+            # env["tcell.request_data"].route_id = "x-b-c-d-e-f"
             [200, response_headers, ['OK']]
           end
 
           def [](key)
             @env[key]
           end
-
         end
 
         describe HeadersMiddleware do
-
           let(:app) { MockRackApp.new }
-          subject { withTCellMiddleware( app ) }
+          subject { with_tcell_middleware(app) }
 
-          context "Redirect Middleware" do
+          context 'Redirect Middleware' do
             let(:request) { Rack::MockRequest.new(subject) }
             let(:agent) { ::TCellAgent::Agent.new(Process.pid) }
             before(:each) do
               TCellAgent.configuration = TCellAgent::Configuration.new
-              TCellAgent.configuration.read_config_from_file(get_test_resource_path("normal_config.json"))
+              TCellAgent.configuration.read_config_from_file(get_test_resource_path('normal_config.json'))
 
               # avoid running start_policy_polling for these specs
-              expect(agent).to receive(:start_policy_polling).at_most(50)
+              expect(agent).to receive(:start_policy_polling_loop).at_most(50)
 
               agent.start
               TCellAgent.thread_agent = agent
             end
 
-            context "not enabled" do
-              it "passes through unchanged" do
-                agent.processPolicyJson({"http-redirect"=>{
-                  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
-                  "data"=>{
-                    "enabled"=>false,
-                    "block"=>true,
-                    "whitelist"=>[]
-                  }
-                }}, cache=false)
-                tid_len = "78e596b7-e772-4caf-92eb-645fdbdec473".length + 1
-                response = request.get("/some/path?rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html')
-                expect(response['Location']).to eq("https://www.google.com")
+            context 'not enabled' do
+              it 'passes through unchanged' do
+                agent.processPolicyJson(
+                  {
+                    'http-redirect' => {
+                      'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
+                      'data' => {
+                        'enabled' => false,
+                        'block' => true,
+                        'whitelist' => []
+                      }
+                    }
+                  },
+                  false
+                )
+                response = request.get('/some/path?rv=https://www.google.com', 'CONTENT_TYPE' => 'text/html')
+                expect(response['Location']).to eq('https://www.google.com')
               end
             end
 
             context "doesn't block simple whitelist" do
-              it "passes through unchanged" do
-                agent.processPolicyJson({"http-redirect"=>{
-                  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
-                  "data"=>{
-                    "enabled"=>true,
-                    "block"=>true,
-                    "whitelist"=>["www.google.com"]
-                  }
-                }}, cache=false)
-
-                tid_len = "78e596b7-e772-4caf-92eb-645fdbdec473".length + 1
-                response = request.get("/some/path?rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html')
-                expect(response['Location']).to eq("https://www.google.com")
+              it 'passes through unchanged' do
+                agent.processPolicyJson(
+                  {
+                    'http-redirect' => {
+                      'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
+                      'data' => {
+                        'enabled' => true,
+                        'block' => true,
+                        'whitelist' => ['www.google.com']
+                      }
+                    }
+                  },
+                  false
+                )
+
+                response = request.get('/some/path?rv=https://www.google.com', 'CONTENT_TYPE' => 'text/html')
+                expect(response['Location']).to eq('https://www.google.com')
               end
             end
 
             context "doesn't block wildcard whitelist" do
-              it "passes through unchanged" do
-                agent.processPolicyJson({"http-redirect"=>{
-                  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
-                  "data"=>{
-                    "enabled"=>true,
-                    "block"=>true,
-                    "whitelist"=>["*.google.com"]
-                  }
-                }}, cache=false)
-                response = request.get("/some/path?rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html')
-                expect(response['Location']).to eq("https://www.google.com")
+              it 'passes through unchanged' do
+                agent.processPolicyJson(
+                  {
+                    'http-redirect' => {
+                      'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
+                      'data' => {
+                        'enabled' => true,
+                        'block' => true,
+                        'whitelist' => ['*.google.com']
+                      }
+                    }
+                  },
+                  false
+                )
+                response = request.get('/some/path?rv=https://www.google.com', 'CONTENT_TYPE' => 'text/html')
+                expect(response['Location']).to eq('https://www.google.com')
               end
             end
 
-            context "DOES block wildcard whitelist" do
-              it "replaces the value with /" do
-                agent.processPolicyJson({"http-redirect"=>{
-                  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
-                  "data"=>{
-                    "enabled"=>true,
-                    "block"=>true,
-                    "whitelist"=>["*.google-test.com"]
-                  }
-                }}, cache=false)
-
-                tid_len = "78e596b7-e772-4caf-92eb-645fdbdec473".length + 1
-                response = request.get("/some/path?rv=https://www.google.com", 'CONTENT_TYPE' => 'text/html')
-                expect(response['Location']).to eq("/")
+            context 'DOES block wildcard whitelist' do
+              it 'replaces the value with /' do
+                agent.processPolicyJson(
+                  {
+                    'http-redirect' => {
+                      'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
+                      'data' => {
+                        'enabled' => true,
+                        'block' => true,
+                        'whitelist' => ['*.google-test.com']
+                      }
+                    }
+                  },
+                  false
+                )
+
+                response = request.get('/some/path?rv=https://www.google.com', 'CONTENT_TYPE' => 'text/html')
+                expect(response['Location']).to eq('/')
               end
             end
-
           end
 
-          context "CSP Middleware" do
+          context 'CSP Middleware' do
             let(:request) { Rack::MockRequest.new(subject) }
             let(:agent) { ::TCellAgent::Agent.new(Process.pid) }
 
             before(:each) do
               TCellAgent.configuration = TCellAgent::Configuration.new
-              TCellAgent.configuration.read_config_from_file(get_test_resource_path("normal_config.json"))
+              TCellAgent.configuration.read_config_from_file(get_test_resource_path('normal_config.json'))
 
               # avoid running start_policy_polling for these specs
-              expect(agent).to receive(:start_policy_polling).at_most(50)
+              expect(agent).to receive(:start_policy_polling_loop).at_most(50)
 
               agent.start
               TCellAgent.thread_agent = agent
             end
 
-            context "Standard CSP Header" do
-              it "CSP Header is Added" do
-                agent.processPolicyJson({"csp-headers"=>{
-                  "policy_id"=>"153ed270-7481-11e5-9194-95dad9b9dec3",
-                  "headers"=>[{
-                    "name"=>"Content-Security-Policy-Report-Only",
-                    "value"=>"script-src 'unsafe-inline'",
-                    "report-uri"=>"http://test.tcell.io/report"
-                  }]
-                }}, cache=false)
-                tid_len = "78e596b7-e772-4caf-92eb-645fdbdec473".length + 1
-                response = request.get("/some/path", 'CONTENT_TYPE' => 'text/plain', 'action_dispatch.request_id'=>'35281717-247e-44e6-bd42-0fb1417e80d')
-                expect(response['Content-Security-Policy-Report-Only']).to eq("script-src 'unsafe-inline'; report-uri http://test.tcell.io/report?tid=a-b-c-d-e-f&c=-654192056")
+            context 'Standard CSP Header' do
+              it 'CSP Header is Added' do
+                agent.processPolicyJson(
+                  {
+                    'csp-headers' => {
+                      'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
+                      'headers' => [
+                        {
+                          'name' => 'Content-Security-Policy-Report-Only',
+                          'value' => "script-src 'unsafe-inline'",
+                          'report-uri' => 'http://test.tcell.io/report'
+                        }
+                      ]
+                    }
+                  },
+                  false
+                )
+                response = request.get(
+                  '/some/path',
+                  'CONTENT_TYPE' => 'text/plain',
+                  'action_dispatch.request_id' => '35281717-247e-44e6-bd42-0fb1417e80d'
+                )
+                expect(response['Content-Security-Policy-Report-Only']).to eq(
+                  "script-src 'unsafe-inline'; report-uri http://test.tcell.io/report?tid=a-b-c-d-e-f&c=-654192056"
+                )
               end
             end
-
           end
 
           # context "when called with a POST request" do
@@ -172,10 +195,10 @@ module TCellAgent
           #           "value"=>"script-src 'unsafe-inline'",
           #           "report-uri"=>"http://test.tcell.io/report"
           #         }
-          #       }}) 
+          #       }})
 
           #       #noop       = Proc.new {[200, {}, ["hello"]]}
-          #       #middleware = ActionDispatch::Static.new(noop, "/my_rails_app/public")  
+          #       #middleware = ActionDispatch::Static.new(noop, "/my_rails_app/public")
           #       #request = Rack::MockRequest.new(middleware)
           #       #puts request.get("/path_i_want_to_hit")
 
@@ -188,7 +211,6 @@ module TCellAgent
           #   end
           # end
         end
-
       end
     end
   end