tcell_agent 1.1.3 → 1.1.4

data/spec/lib/tcell_agent/rails/js_agent_insert_spec.rb

@@ -0,0 +1,271 @@
+require 'spec_helper'
+
+module TCellAgent
+  module Instrumentation
+    module Rails
+      describe '.insert_now' do
+        context 'nil js_agent_handler' do
+          it 'should do nothing' do
+            script_insert = '<script>script_insert</script>'
+
+            rack_body, content_legnth = JSAgent.insert_now(nil,
+                                                           script_insert,
+                                                           ['body'],
+                                                           4)
+
+            expect(rack_body).to eq(['body'])
+            expect(content_legnth).to eq(4)
+          end
+        end
+
+        context 'no content' do
+          it 'should do nothing' do
+            js_agent_handler = proc {
+              raise Exception, 'should not be called'
+            }
+            script_insert = '<script>script_insert</script>'
+
+            rack_body, content_legnth = JSAgent.insert_now(js_agent_handler,
+                                                           script_insert,
+                                                           [],
+                                                           0)
+
+            expect(rack_body).to eq([])
+            expect(content_legnth).to eq(0)
+          end
+        end
+
+        context 'body with 1 part' do
+          context 'that does not match insert' do
+            it 'should return orignal body and content length' do
+              js_agent_handler = proc { |si, resp|
+                resp.sub('REPLACE_ME', si)
+              }
+              script_insert = '<script>script_insert</script>'
+
+              rack_body, content_legnth = JSAgent.insert_now(js_agent_handler,
+                                                             script_insert,
+                                                             ['i am the body'],
+                                                             'i am the body'.bytesize)
+
+              expect(rack_body).to eq(['i am the body'])
+              expect(content_legnth).to eq(13)
+            end
+          end
+
+          context 'that matches insert' do
+            it 'should return modified body and new content length' do
+              js_agent_handler = proc { |si, resp|
+                resp.sub('REPLACE_ME', si)
+              }
+              script_insert = '<script>script_insert</script>'
+
+              rack_body, content_legnth = JSAgent.insert_now(js_agent_handler,
+                                                             script_insert,
+                                                             ['i am REPLACE_ME the body'],
+                                                             'i am REPLACE_ME the body'.bytesize)
+              expect(rack_body).to eq(['i am <script>script_insert</script> the body'])
+              expect(content_legnth).to eq(44)
+            end
+          end
+        end
+
+        context 'body with multiple parts' do
+          context 'that does not match insert' do
+            it 'should return orignal body and content length' do
+              js_agent_handler = proc { |si, resp|
+                resp.sub('REPLACE_ME', si)
+              }
+              script_insert = '<script>script_insert</script>'
+
+              rack_body, content_legnth = JSAgent.insert_now(js_agent_handler,
+                                                             script_insert,
+                                                             ['first body part',
+                                                              'second body part'],
+                                                             'first body partsecond body part'.bytesize)
+              expect(rack_body).to eq(['first body part', 'second body part'])
+              expect(content_legnth).to eq(31)
+            end
+          end
+
+          context 'that matches insert' do
+            it 'should return modified body and new content length' do
+              js_agent_handler = proc { |si, resp|
+                resp.sub('REPLACE_ME', si)
+              }
+              script_insert = '<script>script_insert</script>'
+
+              rack_body, content_legnth = JSAgent.insert_now(js_agent_handler,
+                                                             script_insert,
+                                                             ['first body part REPLACE_ME',
+                                                              'second body part'],
+                                                             'first body part REPLACE_MEsecond body part'.bytesize)
+
+              expect(rack_body).to eq(['first body part <script>script_insert</script>',
+                                       'second body part'])
+              expect(content_legnth).to eq(62)
+            end
+          end
+        end
+      end
+
+      describe '.handle_js_agent_insert' do
+        context 'no <head> tag' do
+          it 'should not modify response' do
+            response = JSAgent.handle_js_agent_insert('SCRIPT', 'i am the response')
+
+            expect(response).to eq('i am the response')
+          end
+        end
+
+        context 'with a <head> tag' do
+          it 'should append script after head tag' do
+            response = JSAgent.handle_js_agent_insert('SCRIPT', 'i am the <head> response')
+
+            expect(response).to eq('i am the <head>SCRIPT response')
+          end
+        end
+
+        context 'with a <HEAD> tag' do
+          it 'should not append script after <HEAD> tag' do
+            response = JSAgent.handle_js_agent_insert('SCRIPT', 'i am the <HEAD> response')
+
+            expect(response).to eq('i am the <HEAD> response')
+          end
+        end
+
+        context 'with a <header> tag' do
+          it 'should not append script after <header> tag' do
+            response = JSAgent.handle_js_agent_insert('SCRIPT', 'i am the <header> response')
+
+            expect(response).to eq('i am the <header> response')
+          end
+        end
+
+        context 'with invalid parameters' do
+          context 'with nil response' do
+            it 'should return the unmodified response' do
+              logger = double('logger')
+              expect(TCellAgent).to receive(:logger).and_return(logger)
+              expect(TCellAgent).to receive(:logger).and_return(logger)
+              expect(logger).to receive(:debug).with(
+                /Exception in safe_block Handling JSAgent insert: NoMethodError happened, message is undefined method `sub'/
+              )
+              expect(logger).to receive(:debug).with(kind_of(Array))
+
+              response = JSAgent.handle_js_agent_insert('SCRIPT', nil)
+
+              expect(response).to eq(nil)
+            end
+          end
+
+          context 'with nil script' do
+            it 'should return the unmodified response' do
+              expect(TCellAgent).to_not receive(:logger)
+
+              response = JSAgent.handle_js_agent_insert(nil, 'i am the <head> response')
+
+              expect(response).to eq('i am the <head> response')
+            end
+          end
+        end
+      end
+
+      describe '.get_handler_and_script_insert' do
+        context 'with empty content type' do
+          it 'should not set js_agent_handler or script_insert' do
+            request = double('request')
+
+            expect(TCellAgent).to_not receive(:policy)
+            result = JSAgent.get_handler_and_script_insert(request, {})
+
+            expect(result).to eq([nil, nil])
+          end
+        end
+
+        context 'with non html response' do
+          it 'should not set js_agent_handler or script_insert' do
+            request = double('request')
+
+            expect(TCellAgent).to_not receive(:policy)
+            result = JSAgent.get_handler_and_script_insert(
+              request,
+              { 'Content-Type' => 'text/plain' }
+            )
+
+            expect(result).to eq([nil, nil])
+          end
+        end
+
+        context 'with html response but no rust_policies' do
+          it 'should not set js_agent_handler or script_insert' do
+            request = double('request')
+
+            expect(TCellAgent).to receive(:policy).with(
+              TCellAgent::PolicyTypes::RUST
+            ).and_return(nil)
+            result = JSAgent.get_handler_and_script_insert(
+              request,
+              { 'Content-Type' => 'text/html' }
+            )
+
+            expect(result).to eq([nil, nil])
+          end
+        end
+
+        context 'with html response and rust_policies' do
+          context 'with nil script_insert' do
+            it 'should not set js_agent_handler or script_insert' do
+              tcell_data = TCellAgent::Instrumentation::TCellData.new
+              request = double('request',
+                               :env => {
+                                 TCellAgent::Instrumentation::TCELL_ID => tcell_data
+                               })
+              rust_policies = double('rust_policies')
+
+              expect(TCellAgent).to receive(:policy).with(
+                TCellAgent::PolicyTypes::RUST
+              ).and_return(rust_policies)
+              expect(rust_policies).to receive(:get_js_agent_script_tag).with(
+                tcell_data
+              ).and_return(nil)
+
+              result = JSAgent.get_handler_and_script_insert(
+                request,
+                { 'Content-Type' => 'text/html' }
+              )
+
+              expect(result).to eq([nil, nil])
+            end
+          end
+
+          context 'with a script_insert' do
+            it 'should set js_agent_handler and script_insert' do
+              tcell_data = TCellAgent::Instrumentation::TCellData.new
+              request = double('request',
+                               :env => {
+                                 TCellAgent::Instrumentation::TCELL_ID => tcell_data
+                               })
+              rust_policies = double('rust_policies')
+
+              expect(TCellAgent).to receive(:policy).with(
+                TCellAgent::PolicyTypes::RUST
+              ).and_return(rust_policies)
+              expect(rust_policies).to receive(:get_js_agent_script_tag).with(
+                tcell_data
+              ).and_return('SCRIPT')
+
+              js_agent_handler, script_insert = JSAgent.get_handler_and_script_insert(
+                request,
+                { 'Content-Type' => 'text/html' }
+              )
+
+              expect(js_agent_handler.class).to eq(Proc)
+              expect(script_insert).to eq('SCRIPT')
+            end
+          end
+        end
+      end
+    end
+  end
+end

data/spec/lib/tcell_agent/rails/logger_spec.rb

@@ -44,7 +44,7 @@ describe Logger do
             expect(TCellAgent::Instrumentation).to receive(:safe_block_no_log).with(
               'Handling DLP log message filtering'
             ).and_call_original
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DataLoss).and_return(
+            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(
               double('dlp_policy')
             )
             expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
@@ -63,7 +63,7 @@ describe Logger do
             expect(TCellAgent::Instrumentation).to receive(:safe_block_no_log).with(
               'Handling DLP log message filtering'
             ).and_call_original
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DataLoss).and_return(
+            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(
               nil
             )
             expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
@@ -82,7 +82,7 @@ describe Logger do
             expect(TCellAgent::Instrumentation).to receive(:safe_block_no_log).with(
               'Handling DLP log message filtering'
             ).and_call_original
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DataLoss).and_return(
+            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(
               double('dlp_policy')
             )
             expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
@@ -104,7 +104,7 @@ describe Logger do
               expect(TCellAgent::Instrumentation).to receive(:safe_block_no_log).with(
                 'Handling DLP log message filtering'
               ).and_call_original
-              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DataLoss).and_return(
+              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(
                 double('dlp_policy')
               )
               expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
@@ -127,7 +127,7 @@ describe Logger do
               expect(TCellAgent::Instrumentation).to receive(:safe_block_no_log).with(
                 'Handling DLP log message filtering'
               ).and_call_original
-              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DataLoss).and_return(
+              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(
                 double('dlp_policy')
               )
               expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(

data/spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb

@@ -96,7 +96,7 @@ module TCellAgent
                 before(:each) do
                   old_uap = TCellAgent.configuration.allow_payloads
                   TCellAgent.configuration.allow_payloads = true
-                  TCellAgent.thread_agent.processPolicyJson(
+                  TCellAgent.thread_agent.process_policy_json(
                     {
                       'regex' => regex_policy,
                       'appsensor' => {
@@ -192,7 +192,7 @@ module TCellAgent
 
             context 'SQL Injection' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson(
+                TCellAgent.thread_agent.process_policy_json(
                   {
                     'regex' => regex_policy,
                     'appsensor' => {
@@ -240,7 +240,7 @@ module TCellAgent
 
             context 'File Path Traversal' do
               it 'alerts on most obvious payload' do
-                TCellAgent.thread_agent.processPolicyJson(
+                TCellAgent.thread_agent.process_policy_json(
                   {
                     'regex' => regex_policy,
                     'appsensor' => {

data/spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb

@@ -45,7 +45,7 @@ module TCellAgent
             env['tcell.request_data'].session_id = @session_id
             env['tcell.request_data'].route_id = @route_id
             tcell_context = env['tcell.request_data']
-            dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DataLoss)
+            dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
             if dlp_policy
               action_objs = dlp_policy.get_actions_for_table('*', '*', 'tablex', 'columnb', tcell_context.route_id)
               if action_objs
@@ -54,7 +54,7 @@ module TCellAgent
                 end
               end
               TCellAgent::DLP.handle_request_dlp_parameters(rack_request)
-              # if tcell_context && dlp_policy && dlp_policy.has_actions_for_form_parameter?
+              # if tcell_context && dlp_policy && dlp_policy.actions_for_form_parameter?
               #  for_params(rack_request) { |method, param_name, param_value|
               #    actions = dlp_policy.get_actions_for_form_parameter(param_name, tcell_context.route_id)
               #    if actions
@@ -91,7 +91,7 @@ module TCellAgent
             let(:agent) { ::TCellAgent::Agent.new }
             context 'Event' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson(
+                TCellAgent.thread_agent.process_policy_json(
                   {
                     'dlp' => {
                       'policy_id' => 'x1a1',
@@ -144,7 +144,7 @@ module TCellAgent
 
             context 'Event for request dlp' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson(
+                TCellAgent.thread_agent.process_policy_json(
                   {
                     'dlp' => {
                       'policy_id' => 'x1a1',

data/spec/lib/tcell_agent/rails/middleware/global_middleware_spec.rb

@@ -49,7 +49,7 @@ module TCellAgent
 
             context 'not enabled' do
               it 'passes through unchanged' do
-                agent.processPolicyJson(
+                agent.process_policy_json(
                   {
                     'http-redirect' => {
                       'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
@@ -69,7 +69,7 @@ module TCellAgent
 
             context "doesn't block simple whitelist" do
               it 'passes through unchanged' do
-                agent.processPolicyJson(
+                agent.process_policy_json(
                   {
                     'http-redirect' => {
                       'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
@@ -90,7 +90,7 @@ module TCellAgent
 
             context "doesn't block wildcard whitelist" do
               it 'passes through unchanged' do
-                agent.processPolicyJson(
+                agent.process_policy_json(
                   {
                     'http-redirect' => {
                       'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
@@ -110,7 +110,7 @@ module TCellAgent
 
             context 'DOES block wildcard whitelist' do
               it 'replaces the value with /' do
-                agent.processPolicyJson(
+                agent.process_policy_json(
                   {
                     'http-redirect' => {
                       'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',
@@ -147,7 +147,7 @@ module TCellAgent
 
             context 'Standard CSP Header' do
               it 'CSP Header is Added' do
-                agent.processPolicyJson(
+                agent.process_policy_json(
                   {
                     'csp-headers' => {
                       'policy_id' => '153ed270-7481-11e5-9194-95dad9b9dec3',

data/spec/lib/tcell_agent/rails/middleware/redirect_middleware_spec.rb

@@ -51,7 +51,7 @@ module TCellAgent
 
             context 'Event' do
               before(:each) do
-                TCellAgent.thread_agent.processPolicyJson(
+                TCellAgent.thread_agent.process_policy_json(
                   {
                     'http-redirect' =>
                     {

data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb

@@ -6,7 +6,7 @@ module TCellAgent
       describe TCellBodyProxy do
         context '#close' do
           before(:each) do
-            @appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new(
+            @meta_data = TCellAgent::MetaData.new(
               'get',
               'remote_address',
               'route_id',
@@ -15,16 +15,19 @@ module TCellAgent
               'transaction_id',
               'http://test.com/'
             )
+            @appsensor_meta_event = TCellAgent::SensorEvents::AppSensorMetaEvent.new(
+              @meta_data
+            )
           end
 
           context 'zero content length' do
-            it 'appsensor_meta event should be enqueued for processing' do
+            it 'appsensor_meta_event should be enqueued for processing' do
               tcell_body_proxy = TCellBodyProxy.new(
                 Rack::BodyProxy.new(['body']) {},
                 true,
                 nil, nil, nil, nil
               )
-              tcell_body_proxy.appsensor_meta = @appsensor_meta
+              tcell_body_proxy.appsensor_meta_event = @appsensor_meta_event
 
               tcell_body_proxy.content_length = 0
 
@@ -32,7 +35,7 @@ module TCellAgent
                 'Running AppSensor deferred due to streaming'
               ).and_call_original
               expect(TCellAgent).to receive(:send_event).with(
-                @appsensor_meta
+                @appsensor_meta_event
               )
 
               tcell_body_proxy.close
@@ -40,13 +43,13 @@ module TCellAgent
           end
 
           context 'non zero content length' do
-            it 'appsensor_meta event should be enqueued for processing' do
+            it 'appsensor_meta_event should be enqueued for processing' do
               tcell_body_proxy = TCellBodyProxy.new(
                 Rack::BodyProxy.new(['body']) {},
                 true,
                 nil, nil, nil, nil
               )
-              tcell_body_proxy.appsensor_meta = @appsensor_meta
+              tcell_body_proxy.appsensor_meta_event = @appsensor_meta_event
 
               tcell_body_proxy.content_length = 512
 
@@ -54,12 +57,12 @@ module TCellAgent
                 'Running AppSensor deferred due to streaming'
               ).and_call_original
               expect(TCellAgent).to receive(:send_event).with(
-                @appsensor_meta
+                @appsensor_meta_event
               )
 
               tcell_body_proxy.close
 
-              expect(@appsensor_meta.response_content_bytes_len).to eq(512)
+              expect(@appsensor_meta_event.meta_data.response_content_bytes_len).to eq(512)
             end
           end
         end