tcell_agent 1.1.3 → 1.1.4

data/spec/lib/tcell_agent/rails/responses_spec.rb

@@ -7,7 +7,7 @@ module TCellAgent
         context 'with nil status code' do
           context 'with empty headers' do
             it 'should return false' do
-              expect(Rails.empty_content?(nil, {})).to eq(false)
+              expect(Rails.empty_content?(nil, {})).to eq(nil)
             end
           end
 
@@ -52,7 +52,7 @@ module TCellAgent
           context 'that contains content' do
             context 'with empty headers' do
               it 'should return false' do
-                expect(Rails.empty_content?(200, {})).to eq(false)
+                expect(Rails.empty_content?(200, {})).to eq(nil)
               end
             end
 

data/spec/lib/tcell_agent/rails/routes/grape_spec.rb

@@ -197,14 +197,14 @@ module TCellAgent
     describe '.instrument_grape_api' do
       context 'with nil routes' do
         it 'should not send any events' do
-          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
           TCellAgent::Instrumentation.instrument_grape_api('/api', nil)
         end
       end
 
       context 'with empty routes' do
         it 'should not send any events' do
-          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
           TCellAgent::Instrumentation.instrument_grape_api('/api', [])
         end
       end

data/spec/lib/tcell_agent/rails/routes/route_id_spec.rb

@@ -44,7 +44,7 @@ module TCellAgent
             RouteId.update_context({ TCELL_CONTEXT_KEY => tcell_context }, { :id => 1 }, route)
 
             expect(tcell_context.route_id).to eq(
-              TCellAgent::SensorEvents::Util.calculateRouteId('GET', '/some/regular/path')
+              TCellAgent::SensorEvents::Util.calculate_route_id('GET', '/some/regular/path')
             )
             expect(tcell_context.grape_mount_endpoint).to eq(nil)
             expect(tcell_context.path_parameters).to eq({ :id => 1 })

data/spec/lib/tcell_agent/rails/routes/routes_spec.rb

@@ -21,7 +21,7 @@ module TCellAgent
 
           expect(TCellAgent).to receive(:configuration).and_return(configuration).twice
           expect(TCellAgent::Instrumentation).to_not receive(:instrument_grape_api)
-          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+          expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
 
           Rails.instrument_route(nil)
         end
@@ -69,7 +69,7 @@ module TCellAgent
 
             expect(TCellAgent).to receive(:configuration).and_return(configuration).twice
             expect(route).to receive(:verb).and_return('GET|POST')
-            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
             expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
               '/grape', ['/api/grape/route']
             )
@@ -123,7 +123,7 @@ module TCellAgent
             expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
               '/grape', ['/api/grape/route']
             )
-            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
 
             Rails.instrument_route(route)
           end
@@ -173,7 +173,7 @@ module TCellAgent
             expect(TCellAgent::Instrumentation).to receive(:instrument_grape_api).with(
               '/grape', ['/api/grape/route']
             )
-            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculateRouteId)
+            expect(TCellAgent::SensorEvents::Util).to_not receive(:calculate_route_id)
 
             Rails.instrument_route(route)
           end

data/spec/lib/tcell_agent/rust/models_spec.rb

@@ -5,7 +5,7 @@ module TCellAgent
   module Rust
     describe '.create_request_response' do
       it 'should create request response' do
-        appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new(
+        meta_data = TCellAgent::MetaData.new(
           'GET',
           '192.168.1.1',
           '12345',
@@ -14,66 +14,70 @@ module TCellAgent
           'transaction_id',
           'http://192.168.1.1/some/path?xss_param=<script>'
         )
-        appsensor_meta.response_code = 200
-        appsensor_meta.user_agent = 'Mozilla'
-        appsensor_meta.path = '/some/path'
-        appsensor_meta.request_content_bytes_len = 1024
-        appsensor_meta.response_content_bytes_len = 2048
-        appsensor_meta.get_dict = { 'user' => { 'xss_param' => '<script>' } }
-        appsensor_meta.sql_exceptions = [{ 'exception_name' => 'OperationalError', 'exception_payload' => 'Developer Error' }]
-        appsensor_meta.csrf_exception_name = 'ActionController::InvalidAuthenticityToken'
-        appsensor_meta.path_parameters = { 'xss_param' => '<script>' }
-        appsensor_meta.post_dict = TCellAgent::Utils::Params.flatten({ 'already_flattened' => { 'xss_param' => '<script>' } })
-        appsensor_meta.body_dict = TCellAgent::Utils::Params.flatten({ 'already_flattened' => { 'xss_param' => '<script>' } })
-        appsensor_meta.cookie_dict = { 'xss_param' => '<script>' }
-        appsensor_meta.set_headers_dict({ 'HTTP_XSS_PARAM' => '<script>' })
+        meta_data.response_code = 200
+        meta_data.user_agent = 'Mozilla'
+        meta_data.path = '/some/path'
+        meta_data.request_content_bytes_len = 1024
+        meta_data.response_content_bytes_len = 2048
+        meta_data.get_dict = { 'user' => { 'xss_param' => '<script>' } }
+        meta_data.sql_exceptions = [{ 'exception_name' => 'OperationalError', 'exception_payload' => 'Developer Error' }]
+        meta_data.csrf_exception_name = 'ActionController::InvalidAuthenticityToken'
+        meta_data.path_parameters = { 'xss_param' => '<script>' }
+        meta_data.post_dict = { 'xss_param' => '<script>' }
+        meta_data.cookie_dict = { 'xss_param' => '<script>' }
+        meta_data.headers_dict = { 'HTTP_XSS_PARAM' => '<script>' }
 
-        result = Models.create_request_response(appsensor_meta)
+        json_body = { 'xss_param' => '<script>' }.to_json
+        meta_data.set_body_dict(json_body.bytesize, 'application/json', json_body)
 
-        expect(result).to eq({
-                               'method' => 'GET',
-                               'status_code' => 200,
-                               'route_id' => '12345',
-                               'path' => '/some/path',
-                               'query_params' => [
-                                 { 'name' => 'xss_param', 'value' => '<script>' }
-                               ],
-                               'post_params' => [
-                                 { 'name' => 'xss_param', 'value' => '<script>' },
-                                 { 'name' => 'xss_param', 'value' => '<script>' }
-                               ],
-                               'headers' => [
-                                 { 'name' => 'xss-param', 'value' => '<script>' }
-                               ],
-                               'cookies' => [
-                                 { 'name' => 'xss_param', 'value' => '<script>' }
-                               ],
-                               'path_params' => [
-                                 { 'name' => 'xss_param', 'value' => '<script>' }
-                               ],
-                               'remote_address' => '192.168.1.1',
-                               'full_uri' => 'http://192.168.1.1/some/path?xss_param=<script>',
-                               'session_id' => 'session_id',
-                               'user_id' => 'user_id',
-                               'user_agent' => 'Mozilla',
-                               'request_bytes_length' => 1024,
-                               'response_bytes_length' => 2048,
-                               'csrf_exception' => {
-                                 'exception_name' => 'ActionController::InvalidAuthenticityToken'
-                               },
-                               'sql_exceptions' => [
-                                 {
-                                   'exception_name' => 'OperationalError',
-                                   'exception_payload' => 'Developer Error'
-                                 }
-                               ]
-                             })
+        result = Models.create_request_response(meta_data)
+
+        expect(result).to eq(
+          {
+            'method' => 'GET',
+            'status_code' => 200,
+            'route_id' => '12345',
+            'path' => '/some/path',
+            'query_params' => [
+              { 'name' => 'xss_param', 'value' => '<script>' }
+            ],
+            'post_params' => [
+              { 'name' => 'xss_param', 'value' => '<script>' },
+              { 'name' => 'xss_param', 'value' => '<script>' }
+            ],
+            'headers' => [
+              { 'name' => 'xss-param', 'value' => '<script>' }
+            ],
+            'cookies' => [
+              { 'name' => 'xss_param', 'value' => '<script>' }
+            ],
+            'path_params' => [
+              { 'name' => 'xss_param', 'value' => '<script>' }
+            ],
+            'remote_address' => '192.168.1.1',
+            'full_uri' => 'http://192.168.1.1/some/path?xss_param=<script>',
+            'session_id' => 'session_id',
+            'user_id' => 'user_id',
+            'user_agent' => 'Mozilla',
+            'request_bytes_length' => 1024,
+            'response_bytes_length' => 2048,
+            'csrf_exception' => {
+              'exception_name' => 'ActionController::InvalidAuthenticityToken'
+            },
+            'sql_exceptions' => [
+              {
+                'exception_name' => 'OperationalError',
+                'exception_payload' => 'Developer Error'
+              }
+            ]
+          }
+        )
       end
     end
 
     describe '.create_patches_request' do
       it 'should create patches request' do
-        appsensor_meta = TCellAgent::Patches::MetaData.new(
+        meta_data = TCellAgent::MetaData.new(
           'GET',
           '192.168.1.1',
           '12345',
@@ -83,29 +87,33 @@ module TCellAgent
           'http://192.168.1.1/some/path?xss_param=<script>'
         )
 
-        appsensor_meta.path = '/some/path'
-        appsensor_meta.request_content_bytes_len = 1024
-        appsensor_meta.get_dict = { 'user' => { 'xss_param' => '<script>' } }
-        appsensor_meta.post_dict = { 'user' => { 'xss_param' => '<script>' } }
-        appsensor_meta.body_dict = { 'user' => { 'xss_param' => '<script>' } }
-        appsensor_meta.cookie_dict = { 'xss_param' => '<script>' }
-        appsensor_meta.set_headers_dict({ 'HTTP_XSS_PARAM' => '<script>' })
+        meta_data.path = '/some/path'
+        meta_data.request_content_bytes_len = 1024
+        meta_data.get_dict = { 'user' => { 'xss_param' => '<script>' } }
+        meta_data.post_dict = { 'user' => { 'xss_param' => '<script>' } }
+        meta_data.cookie_dict = { 'xss_param' => '<script>' }
+        meta_data.headers_dict = { 'HTTP_XSS_PARAM' => '<script>' }
 
-        result = Models.create_patches_request(appsensor_meta)
+        json_body = { 'user' => { 'xss_param' => '<script>' } }.to_json
+        meta_data.set_body_dict(json_body.bytesize, 'application/json', json_body)
 
-        expect(result).to eq({
-                               'method' => 'GET',
-                               'path' => '/some/path',
-                               'remote_address' => '192.168.1.1',
-                               'request_bytes_length' => 1024,
-                               'query_params' => [{ 'name' => 'xss_param', 'value' => '<script>' }],
-                               'post_params' => [
-                                 { 'name' => 'xss_param', 'value' => '<script>' },
-                                 { 'name' => 'r', 'value' => { 'xss_param' => '<script>' } }
-                               ],
-                               'headers' => [{ 'name' => 'xss-param', 'value' => '<script>' }],
-                               'cookies' => [{ 'name' => 'xss_param', 'value' => '<script>' }]
-                             })
+        result = Models.create_patches_request(meta_data)
+
+        expect(result).to eq(
+          {
+            'method' => 'GET',
+            'path' => '/some/path',
+            'remote_address' => '192.168.1.1',
+            'request_bytes_length' => 1024,
+            'query_params' => [{ 'name' => 'xss_param', 'value' => '<script>' }],
+            'post_params' => [
+              { 'name' => 'xss_param', 'value' => '<script>' },
+              { 'name' => 'xss_param', 'value' => '<script>' }
+            ],
+            'headers' => [{ 'name' => 'xss-param', 'value' => '<script>' }],
+            'cookies' => [{ 'name' => 'xss_param', 'value' => '<script>' }]
+          }
+        )
       end
     end
   end

data/spec/lib/tcell_agent/rust/whisperer_spec.rb

@@ -602,7 +602,7 @@ module TCellAgent
       end
 
       it 'should return appfirewall injections' do
-        appsensor_meta = TCellAgent::SensorEvents::AppSensorMetaEvent.new(
+        meta_data = TCellAgent::MetaData.new(
           'GET',
           '192.168.1.1',
           '12345',
@@ -611,22 +611,22 @@ module TCellAgent
           'transaction_id',
           'http://192.168.1.1/some/path?xss_param=<script>'
         )
-        appsensor_meta.path = '/some/path'
-        appsensor_meta.request_content_bytes_len = 1024
-        appsensor_meta.response_content_bytes_len = 2048
-        appsensor_meta.get_dict = { 'xss_param' => '<script>' }
-        appsensor_meta.user_agent = 'Mozilla'
-        appsensor_meta.sql_exceptions = [
+        meta_data.path = '/some/path'
+        meta_data.request_content_bytes_len = 1024
+        meta_data.response_content_bytes_len = 2048
+        meta_data.get_dict = { 'xss_param' => '<script>' }
+        meta_data.user_agent = 'Mozilla'
+        meta_data.sql_exceptions = [
           {
             'exception_name' => 'OperationalError',
             'exception_payload' => 'Developer Error'
           }
         ]
-        appsensor_meta.csrf_exception_name = 'ActionController::InvalidAuthenticityToken'
+        meta_data.csrf_exception_name = 'ActionController::InvalidAuthenticityToken'
 
         whisper = Whisperer.apply_appfirewall(
           @agent_ptr,
-          appsensor_meta
+          meta_data
         )
         expect(whisper).to eq(
           {
@@ -669,7 +669,7 @@ module TCellAgent
       end
 
       it 'should return patches blocking' do
-        appsensor_meta = TCellAgent::Patches::MetaData.new(
+        meta_data = TCellAgent::MetaData.new(
           'GET',
           '192.168.1.1',
           '12345',
@@ -678,12 +678,12 @@ module TCellAgent
           'transaction_id',
           'http://192.168.1.1/some/path?xss_param=<script>'
         )
-        appsensor_meta.path = '/some/path'
-        appsensor_meta.request_content_bytes_len = 1024
-        appsensor_meta.get_dict = { 'xss_param' => '<script>' }
+        meta_data.path = '/some/path'
+        meta_data.request_content_bytes_len = 1024
+        meta_data.get_dict = { 'xss_param' => '<script>' }
         whisper = Whisperer.apply_patches(
           @agent_ptr,
-          appsensor_meta
+          meta_data
         )
         expect(whisper).to eq(
           {

data/spec/lib/tcell_agent/sensor_events/appsensor_meta_event_spec.rb

@@ -3,9 +3,9 @@ require 'spec_helper'
 module TCellAgent
   module SensorEvents
     describe AppSensorMetaEvent do
-      describe '#body_params' do
+      describe '#post_process' do
         before(:each) do
-          @appsensor_meta = AppSensorMetaEvent.new(
+          @meta_data = TCellAgent::MetaData.new(
             'get',
             'remote_address',
             'route_id',
@@ -14,80 +14,29 @@ module TCellAgent
             'transaction_id',
             'http://test.com'
           )
+          @appsensor_meta_event = AppSensorMetaEvent.new(@meta_data)
         end
 
-        context 'with text/html content type' do
-          it 'should set the body params to empty' do
-            @appsensor_meta.set_body_dict(
-              67,
-              'text/html',
-              {
-                :username => 'tester',
-                :password => 'pass'
-              }.to_json
-            )
+        context 'empty rust policies' do
+          it 'should not process anything' do
+            expect(TCellAgent).to receive(:policy).with(
+              TCellAgent::PolicyTypes::RUST
+            ).and_return(nil)
 
-            expect(@appsensor_meta.body_dict).to eq({})
+            @appsensor_meta_event.post_process
           end
         end
+        context 'rust policies available' do
+          it 'should call rust policies for processing' do
+            rust_policies = double('rust_policies')
+            expect(TCellAgent).to receive(:policy).with(
+              TCellAgent::PolicyTypes::RUST
+            ).and_return(rust_policies)
+            expect(rust_policies).to receive(:check_appfirewall_injections).with(
+              @appsensor_meta_event.meta_data
+            )
 
-        context 'with application/json content type' do
-          context 'with empty request body' do
-            it 'should set the body params to empty' do
-              @appsensor_meta.set_body_dict(
-                67,
-                'application/json',
-                nil
-              )
-
-              expect(@appsensor_meta.body_dict).to eq({})
-            end
-          end
-
-          context 'with bad json in the body' do
-            it 'should set the body params to empty' do
-              @appsensor_meta.set_body_dict(
-                67,
-                'application/json',
-                '{"username":"tester""password":"pass"}'
-              )
-
-              expect(@appsensor_meta.body_dict).to eq({})
-            end
-          end
-
-          context 'with valid json in the body' do
-            it 'should set the body params' do
-              @appsensor_meta.set_body_dict(
-                67,
-                'application/json',
-                {
-                  :username => 'tester',
-                  :password => 'pass'
-                }.to_json
-              )
-
-              expect(@appsensor_meta.body_dict).to eq(
-                {
-                  ['username'] => 'tester',
-                  ['password'] => 'pass'
-                }
-              )
-            end
-          end
-
-          context 'with a json body that is too big' do
-            it 'should set the body params to empty' do
-              @appsensor_meta.set_body_dict(
-                20_000_000,
-                'application/json',
-                {
-                  :username => 'tester',
-                  :password => 'pass'
-                }.to_json
-              )
-              expect(@appsensor_meta.body_dict).to eq({})
-            end
+            @appsensor_meta_event.post_process
           end
         end
       end

data/spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb

@@ -19,7 +19,7 @@ module TCellAgent
               sessions_metric = SessionsMetric.new
               sessions_metric.add_session_info('hmac_session_id', 'user_id', '127.0.0.1', 'user_agent')
 
-              expect(sessions_metric.has_sessions?).to eq(true)
+              expect(sessions_metric.sessions?).to eq(true)
               expect(sessions_metric).to eq(
                 {
                   'event_type' => 'metrics',