tcell_agent 1.1.12 → 2.0.0

data/spec/lib/tcell_agent/agent/static_agent_spec.rb

@@ -1,133 +0,0 @@
-require 'spec_helper'
-
-module TCellAgent
-  module SensorEvents
-    describe Agent do
-      describe '.increment_session_info' do
-        context 'when running the parent process' do
-          it 'should increment the session info' do
-            expect(TCellAgent::Agent).to receive(:parent_process?).and_return(true)
-            expect(TCellAgent).to_not receive(:queue_metric)
-            expect_any_instance_of(SessionsMetric).to receive(:add_session_info).with(
-              'hmac_session_id', 'user_id', 'ip_address', 'user_agent'
-            )
-            expect_any_instance_of(SessionsMetric).to receive(:flush).and_return(false)
-            expect(TCellAgent).to_not receive(:send_event)
-
-            TCellAgent.increment_session_info('hmac_session_id', 'user_id', 'ip_address', 'user_agent')
-          end
-
-          context 'and the session becomes full' do
-            it 'should increment the session info and send the flush dummy event' do
-              expect(TCellAgent::Agent).to receive(:parent_process?).and_return(true)
-              expect(TCellAgent).to_not receive(:queue_metric)
-              expect_any_instance_of(SessionsMetric).to receive(:add_session_info).with(
-                'hmac_session_id', 'user_id', 'ip_address', 'user_agent'
-              )
-              expect_any_instance_of(SessionsMetric).to receive(:flush).and_return(true)
-              expect(TCellAgent).to receive(:send_event).with(
-                instance_of(TCellAgent::SensorEvents::FlushDummyEvent)
-              )
-
-              TCellAgent.increment_session_info('hmac_session_id', 'user_id', 'ip_address', 'user_agent')
-            end
-          end
-        end
-
-        context 'when NOT running the parent process' do
-          it 'should queue the metric' do
-            expect(TCellAgent::Agent).to receive(:parent_process?).and_return(false)
-            expect(TCellAgent).to receive(:queue_metric).with(
-              {
-                '_type' => 'increment_session_info',
-                'hmac_session_id' => 'hmac_session_id',
-                'user_id' => 'user_id',
-                'ip_address' => 'ip_address',
-                'user_agent' => 'user_agent'
-              }
-            )
-            expect_any_instance_of(SessionsMetric).to_not receive(:add_session_info)
-            expect_any_instance_of(SessionsMetric).to_not receive(:flush)
-            expect(TCellAgent).to_not receive(:send_event)
-
-            TCellAgent.increment_session_info('hmac_session_id', 'user_id', 'ip_address', 'user_agent')
-          end
-        end
-      end
-
-      describe '.increment_route' do
-        context 'when running the parent process' do
-          before(:each) do
-            TCellAgent.thread_agent.response_time_table = {}
-          end
-          after(:each) do
-            TCellAgent.thread_agent.response_time_table = {}
-          end
-
-          context 'with a route present' do
-            it 'should increment the route info' do
-              expect(TCellAgent::Agent).to receive(:parent_process?).and_return(true)
-              expect(TCellAgent).to_not receive(:queue_metric)
-
-              TCellAgent.increment_route('/ma_route', 20)
-
-              expect(TCellAgent.thread_agent.response_time_table).to eq(
-                { '/ma_route' => { 'c' => 1, 'mx' => 20, 'mn' => 20, 't' => 20 } }
-              )
-            end
-          end
-
-          context 'with an empty route' do
-            it 'should increment the route info' do
-              expect(TCellAgent::Agent).to receive(:parent_process?).and_return(true)
-              expect(TCellAgent).to_not receive(:queue_metric)
-
-              TCellAgent.increment_route('', 20)
-
-              expect(TCellAgent.thread_agent.response_time_table).to eq(
-                { '?' => { 'c' => 1, 'mx' => 20, 'mn' => 20, 't' => 20 } }
-              )
-            end
-          end
-
-          context 'with a nil route' do
-            it 'should increment the route info' do
-              expect(TCellAgent::Agent).to receive(:parent_process?).and_return(true)
-              expect(TCellAgent).to_not receive(:queue_metric)
-
-              TCellAgent.increment_route(nil, 20)
-
-              expect(TCellAgent.thread_agent.response_time_table).to eq(
-                { '?' => { 'c' => 1, 'mx' => 20, 'mn' => 20, 't' => 20 } }
-              )
-            end
-          end
-        end
-
-        context 'when NOT running the parent process' do
-          before(:each) do
-            TCellAgent.thread_agent.response_time_table = {}
-          end
-          after(:each) do
-            TCellAgent.thread_agent.response_time_table = {}
-          end
-
-          it 'should queue the metric' do
-            expect(TCellAgent::Agent).to receive(:parent_process?).and_return(false)
-            expect(TCellAgent).to receive(:queue_metric).with(
-              {
-                '_type' => 'increment_route',
-                'route_id' => '/ma_route',
-                'response_time' => 20
-              }
-            )
-
-            TCellAgent.increment_route('/ma_route', 20)
-
-            expect(TCellAgent.thread_agent.response_time_table).to eq({})
-          end
-        end
-      end
-    end
-  end
-end

data/spec/lib/tcell_agent/api/api_spec.rb

@@ -1,39 +0,0 @@
-require 'spec_helper'
-require 'addressable/template'
-
-module TCellAgent
-  class TCellApi
-    describe 'successful POST on /user/create' do
-      it 'should redirect to dashboard' do
-        tapi = TCellApi.new
-        TCellAgent.configuration.app_id = 'test-appid'
-        TCellAgent.configuration.api_key = 'test-apikey'
-
-        def checkreq(_req)
-          '{"result":{"csp-headers":{"app_id":"testapp-Becwu","policy_id":' \
-          '"acf60560-4e76-11e5-874c-7d71d425b275","headers":[{"name":"Content-Security-Policy-Report-Only",' \
-          '"value":"font-src \'none\'; script-src \'self\'; reflected-xss block; ' \
-          'style-src \'self\'; connect-src' \
-          ' \'none\'" ,"report-uri":"http://localhost:3000/csp/cab5e750e66d614bd46fd07a7078db1e74b4f427b2a135b2c96eca684a642707"}]}}}'
-        end
-        uri_template =
-          Addressable::Template.new 'https://api.tcell.io/agents/api/v1/apps/test-appid/policies/latest?type=patches:v1'
-
-        stub_request(:any, uri_template).to_return(
-          lambda { |request|
-            {
-              :body => checkreq(request),
-              :status => 200,
-              :headers => { 'Content-Type' => 'application/json' }
-            }
-          }
-        )
-
-        result = tapi.poll_api
-        TCellAgent.configuration.app_id = nil
-        TCellAgent.configuration.api_key = nil
-        expect(result['result']['csp-headers']['app_id']).to eq('testapp-Becwu')
-      end
-    end
-  end
-end

data/spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb

@@ -1,187 +0,0 @@
-require 'spec_helper'
-
-module TCellAgent
-  module AppSensor
-    describe InjectionsReporter do
-      describe '.report_and_log' do
-        context 'with nil events' do
-          it 'should do nothing' do
-            expect(TCellAgent).to_not receive(:send_event)
-            expect(TCellAgent).to_not receive(:logger)
-
-            InjectionsReporter.report_and_log(nil)
-          end
-        end
-
-        context 'with empty events' do
-          it 'should do nothing' do
-            expect(TCellAgent).to_not receive(:send_event)
-            expect(TCellAgent).to_not receive(:logger)
-
-            InjectionsReporter.report_and_log([])
-          end
-        end
-
-        context 'with one event' do
-          it 'should send the event' do
-            events = [
-              {
-                'pattern' => '1',
-                'method' => 'request_method',
-                'uri' => 'abosolute_uri',
-                'parameter' => 'avatar',
-                'meta' => { 'l' => 'body' },
-                'session_id' => 'session_id',
-                'route_id' => 'route_id',
-                'detection_point' => 'xss',
-                'user_id' => 'user_id'
-              }
-            ]
-
-            expect(TCellAgent).to_not receive(:logger)
-
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'as',
-                'dp' => 'xss',
-                'param' => 'avatar',
-                'm' => 'request_method',
-                'pattern' => '1',
-                'meta' => { 'l' => 'body' },
-                'rid' => 'route_id',
-                'uri' => 'abosolute_uri',
-                'uid' => 'user_id',
-                'sid' => 'session_id'
-              }
-            )
-
-            InjectionsReporter.report_and_log(events)
-          end
-        end
-
-        context 'with one event with full payload' do
-          it 'should send and log the event' do
-            events = [
-              {
-                'pattern' => '1',
-                'method' => 'request_method',
-                'uri' => 'abosolute_uri',
-                'parameter' => 'avatar',
-                'meta' => { 'l' => 'body' },
-                'session_id' => 'session_id',
-                'route_id' => 'route_id',
-                'detection_point' => 'xss',
-                'user_id' => 'user_id',
-                'full_payload' => 'full_payload'
-              }
-            ]
-
-            logger = double('logger')
-
-            expect(TCellAgent).to receive(:logger).and_return(logger)
-            expect(logger).to receive(:info).with(/"payload":"full_payload"/)
-
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'as',
-                'dp' => 'xss',
-                'param' => 'avatar',
-                'm' => 'request_method',
-                'pattern' => '1',
-                'meta' => { 'l' => 'body' },
-                'rid' => 'route_id',
-                'uri' => 'abosolute_uri',
-                'uid' => 'user_id',
-                'sid' => 'session_id'
-              }
-            )
-
-            InjectionsReporter.report_and_log(events)
-          end
-        end
-
-        context 'with one event with payload' do
-          it 'should send the event' do
-            events = [
-              {
-                'pattern' => '1',
-                'method' => 'request_method',
-                'uri' => 'abosolute_uri',
-                'parameter' => 'avatar',
-                'meta' => { 'l' => 'body' },
-                'session_id' => 'session_id',
-                'route_id' => 'route_id',
-                'detection_point' => 'xss',
-                'user_id' => 'user_id',
-                'payload' => 'payload'
-              }
-            ]
-
-            expect(TCellAgent).to_not receive(:logger)
-
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'as',
-                'dp' => 'xss',
-                'param' => 'avatar',
-                'm' => 'request_method',
-                'pattern' => '1',
-                'meta' => { 'l' => 'body' },
-                'rid' => 'route_id',
-                'uri' => 'abosolute_uri',
-                'uid' => 'user_id',
-                'sid' => 'session_id',
-                'payload' => 'payload'
-              }
-            )
-
-            InjectionsReporter.report_and_log(events)
-          end
-        end
-
-        context 'with one event with payload and full payload' do
-          it 'should send and log the event' do
-            events = [
-              {
-                'pattern' => '1',
-                'method' => 'request_method',
-                'uri' => 'abosolute_uri',
-                'parameter' => 'avatar',
-                'meta' => { 'l' => 'body' },
-                'session_id' => 'session_id',
-                'route_id' => 'route_id',
-                'detection_point' => 'xss',
-                'user_id' => 'user_id',
-                'payload' => 'payload',
-                'full_payload' => 'full_payload'
-              }
-            ]
-
-            logger = double('logger')
-
-            expect(TCellAgent).to receive(:logger).and_return(logger)
-            expect(logger).to receive(:info).with(/"payload":"full_payload"/)
-
-            expect(TCellAgent).to receive(:send_event).with(
-              {
-                'event_type' => 'as',
-                'dp' => 'xss',
-                'param' => 'avatar',
-                'm' => 'request_method',
-                'pattern' => '1',
-                'meta' => { 'l' => 'body' },
-                'rid' => 'route_id',
-                'uri' => 'abosolute_uri',
-                'uid' => 'user_id',
-                'sid' => 'session_id',
-                'payload' => 'payload'
-              }
-            )
-
-            InjectionsReporter.report_and_log(events)
-          end
-        end
-      end
-    end
-  end
-end

data/spec/lib/tcell_agent/instrumentation_spec.rb

@@ -1,225 +0,0 @@
-require 'spec_helper'
-
-module TCellAgent
-  class MockAgent < Agent
-  end
-end
-
-module TCellAgent
-  module Instrumentation
-    describe Instrumentation do
-      before(:each) do
-        configuration = double(
-          'configuration',
-          {
-            'app_id' => 'app_id',
-            'api_key' => 'api_key',
-            'allow_payloads' => true,
-            'js_agent_api_base_url' => 'http://api.tcell.com/',
-            'js_agent_url' => 'https://jsagent.tcell.io/tcellagent.min.js',
-            'max_csp_header_bytes' => nil,
-            'event_time_limit_seconds' => 15,
-            'event_batch_size_limit' => 50,
-            'preload_policy_filename' => nil,
-            'cache_filename_with_app_id' => '/tcellagent_src/tcell/cache/tcell_agent.cache',
-            'agent_home_owner' => nil
-          }
-        )
-        expect(TCellAgent).to receive(:configuration).and_return(configuration).at_most(10)
-      end
-
-      context 'Body - SessionId Filters' do
-        it 'Tests Redaction and Events in Body' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_redact = true
-          action.action_id = 5
-          policy_json_two = {
-            'policy_id' => 'x1a1',
-            'data' => {
-              'session_id_protections' => { 'body' => ['redact'], 'log' => ['event'] }
-            }
-          }
-          session_id_policy = TCellAgent::Policies::DataLossPolicy.from_json(policy_json_two)
-          mock_agent = MockAgent.new(-1)
-          mock_agent.policies[TCellAgent::PolicyTypes::DATALOSS] = session_id_policy
-          TCellAgent.set_thread_agent(mock_agent)
-
-          context = TCellData.new
-          context.session_id = 'tim123123my'
-
-          body = 'this is about tim123123my 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_body!(body)
-          expect(body).to eq('this is about [redacted] 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(1)
-          TCellAgent.set_thread_agent(nil)
-        end
-        it 'Tests Events in Body' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_redact = true
-          action.action_id = 5
-          policy_json_two = {
-            'policy_id' => 'x1a1',
-            'data' => {
-              'session_id_protections' => { 'body' => ['event'], 'log' => ['redact'] }
-            }
-          }
-          session_id_policy = TCellAgent::Policies::DataLossPolicy.from_json(policy_json_two)
-          mock_agent = MockAgent.new(-1)
-          mock_agent.policies[TCellAgent::PolicyTypes::DATALOSS] = session_id_policy
-          TCellAgent.set_thread_agent(mock_agent)
-
-          context = TCellData.new
-          context.session_id = 'tim123123my'
-
-          body = 'this is about tim123123my 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_body!(body)
-          expect(body).to eq('this is about tim123123my 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(1)
-          TCellAgent.set_thread_agent(nil)
-        end
-      end
-      context 'Log - SessionId Filters' do
-        it 'Tests Redaction and Events in Body' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_redact = true
-          action.action_id = 5
-          policy_json_two = {
-            'policy_id' => 'x1a1',
-            'data' => {
-              'session_id_protections' => { 'body' => ['redact'], 'log' => ['redact'] }
-            }
-          }
-          session_id_policy = TCellAgent::Policies::DataLossPolicy.from_json(policy_json_two)
-          mock_agent = MockAgent.new(-1)
-          mock_agent.policies[TCellAgent::PolicyTypes::DATALOSS] = session_id_policy
-          TCellAgent.set_thread_agent(mock_agent)
-
-          context = TCellData.new
-          context.session_id = 'tim123123my'
-
-          body = 'this is about tim123123my 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_log(body)
-          expect(body).to eq('this is about [redacted] 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(1)
-          TCellAgent.set_thread_agent(nil)
-        end
-        it 'Tests Events Only' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_redact = true
-          action.action_id = 5
-          policy_json_two = {
-            'policy_id' => 'x1a1',
-            'data' => {
-              'session_id_protections' => { 'body' => ['redact'], 'log' => ['event'] }
-            }
-          }
-          session_id_policy = TCellAgent::Policies::DataLossPolicy.from_json(policy_json_two)
-          mock_agent = MockAgent.new(-1)
-          mock_agent.policies[TCellAgent::PolicyTypes::DATALOSS] = session_id_policy
-          TCellAgent.set_thread_agent(mock_agent)
-
-          context = TCellData.new
-          context.session_id = 'tim123123my'
-
-          body = 'this is about tim123123my 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_log(body)
-          expect(body).to eq('this is about tim123123my 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(1)
-          TCellAgent.set_thread_agent(nil)
-        end
-      end
-      context 'Body - Database Filters' do
-        it 'Tests Redaction and Events in Body' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_redact = true
-          action.action_id = 5
-          context = TCellData.new
-          context.add_response_db_filter('timmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy23', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('3123123', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy1', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti21312mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti123123mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(10_233_234, action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(true, action, 'don', 'sam', 'tim', 'fred')
-          body = 'this is about timmy1 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_body!(body)
-          expect(body).to eq('this is about [redacted] [redacted].')
-          expect(TCellAgent.event_queue.length).to eq(2)
-        end
-        it 'Tests Event Only Match in Body' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.body_event = true
-          action.action_id = 5
-          context = TCellData.new
-          context.add_response_db_filter('timmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy23', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('3123123', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy1', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti21312mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti123123mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(10_233_234, action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(true, action, 'don', 'sam', 'tim', 'fred')
-          body = 'this is about timmy1 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_body!(body)
-          expect(body).to eq('this is about timmy1 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(3) # timmy, timmy1, 3123123
-        end
-      end
-      context 'Log - Database Filters' do
-        it 'Tests Redaction and Events' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.log_redact = true
-          action.action_id = 5
-          context = TCellData.new
-          context.add_response_db_filter('timmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy23', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('3123123', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy1', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti21312mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti123123mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(10_233_234, action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(true, action, 'don', 'sam', 'tim', 'fred')
-          body = 'this is about timmy1 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_log(body)
-          expect(body).to eq('this is about [redacted] [redacted].')
-          expect(TCellAgent.event_queue.length).to eq(2)
-        end
-        it 'Tests Report-Only and Events' do
-          action = TCellAgent::Policies::DataLossPolicy::FilterActions.new
-          action.log_event = true
-          action.action_id = 5
-          context = TCellData.new
-          context.add_response_db_filter('timmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy23', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('3123123', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('timmy1', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('tim123123my', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti21312mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter('ti123123mmy', action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(10_233_234, action, 'don', 'sam', 'tim', 'fred')
-          context.add_response_db_filter(true, action, 'don', 'sam', 'tim', 'fred')
-          body = 'this is about timmy1 3123123.'
-          TCellAgent.empty_event_queue
-          context.filter_log(body)
-          expect(body).to eq('this is about timmy1 3123123.')
-          expect(TCellAgent.event_queue.length).to eq(3) # timmy, timmy1, 3123123
-        end
-      end
-    end
-  end
-end