tcell_agent 1.1.3 → 1.1.4

data/spec/lib/tcell_agent/settings_reporter_spec.rb

@@ -0,0 +1,162 @@
+module TCellAgent
+  describe '.report_settings' do
+    require 'tcell_agent/settings_reporter'
+
+    context 'with send_startup_events=false' do
+      it 'should not report anything' do
+        expect(TCellAgent).to_not receive(:configuration)
+        expect(TCellAgent).to_not receive(:send_event)
+
+        TCellAgent.report_settings(false)
+      end
+    end
+
+    context 'with send_startup_events=true' do
+      context 'should_instrument?=false' do
+        it 'should not report anything' do
+          configuration = double('configuration',
+                                 :should_instrument? => false)
+
+          expect(TCellAgent).to receive(:configuration).and_return(
+            configuration
+          )
+          expect(TCellAgent).to_not receive(:send_event)
+
+          TCellAgent.report_settings(true)
+        end
+      end
+
+      context 'should_instrument?=true' do
+        it 'should not report all the settings' do
+          logger = double('logger')
+          configuration = double('configuration',
+                                 :enabled => true,
+                                 :should_instrument? => true,
+                                 :logger => logger,
+                                 :allow_payloads => true,
+                                 :reverse_proxy => true,
+                                 :reverse_proxy_ip_address_header => nil,
+                                 :log_filename => 'log-filename',
+                                 :config_filename => 'config-filename',
+                                 :agent_log_dir => 'agent-log-dir',
+                                 :agent_home_dir => 'agent-home-dir',
+                                 :agent_home_owner => nil,
+                                 :logging_options => {
+                                 },
+                                 :hmac_key => nil)
+
+          expect(TCellAgent).to receive(:configuration).and_return(
+            configuration
+          ).at_least(:once)
+          expect(TCellAgent).to receive(:logger).and_return(logger).at_least(:once)
+          expect(Thread).to receive(:new).and_yield
+          expect(logger).to receive(:debug).with('User unknown')
+          expect(logger).to receive(:debug).with('Group unknown')
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'server_agent_details',
+              'user' => 'unknown',
+              'group' => 'unknown'
+            }
+          )
+          expect(logger).to receive(:debug).with(anything).at_least(:once)
+          expect(TCellAgent).to receive(:send_event).with(
+            hash_including('event_type' => 'server_agent_packages')
+          ) # packages event
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'native_lib_loaded',
+              'value' => 'true'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'allow_payloads',
+              'value' => 'true'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'reverse_proxy',
+              'value' => 'true'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'config_filename',
+              'value' => 'config-filename'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'logging_directory',
+              'value' => 'agent-log-dir'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'agent_home_directory',
+              'value' => 'agent-home-dir'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'agent_home_owner',
+              'value' => ''
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'logging_enabled',
+              'value' => 'true'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'logging_level',
+              'value' => 'INFO'
+            }
+          )
+          expect(TCellAgent).to receive(:send_event).with(
+            {
+              'event_type' => 'app_config_setting',
+              'package' => 'tcell',
+              'section' => 'config',
+              'name' => 'reverse_proxy_ip_address_header',
+              'value' => ''
+            }
+          )
+
+          TCellAgent.report_settings(true)
+        end
+      end
+    end
+  end
+end

data/spec/lib/tcell_agent/tcell_context_spec.rb

@@ -0,0 +1,154 @@
+require 'spec_helper'
+
+module TCellAgent
+  describe MetaData do
+    describe '#set_headers_dict' do
+      it 'should set all headers that start with http and skip cookies' do
+        method = remote_address = route_id = session_id = user_id = transaction_id = location = nil
+
+        meta = MetaData.new(method, remote_address, route_id, session_id, user_id, transaction_id, location)
+        meta.headers_dict = {
+          'rack.version' => [1, 2],
+          'REQUEST_METHOD' => 'POST',
+          'SERVER_NAME' => 'www.example.com',
+          'HTTP_USER_AGENT' => 'Mozilla',
+          'HTTP_MY_CUSTOM_HTTP_HEADER' => 'my value'
+        }
+
+        expect(meta.flattened_headers_dict).to eq(
+          {
+            ['user-agent'] => 'Mozilla',
+            ['my-custom-http-header'] => 'my value'
+          }
+        )
+      end
+
+      it 'should set all headers that start with http and include content_length and content_type' do
+        method = remote_address = route_id = session_id = user_id = transaction_id = location = nil
+
+        meta = MetaData.new(method, remote_address, route_id, session_id, user_id, transaction_id, location)
+        meta.headers_dict = {
+          'REQUEST_METHOD' => 'POST',
+          'HTTP_VERSION' => 'HTTP/1.1',
+          'HTTP_CONNECTION' => 'keep-alive',
+          'CONTENT_LENGTH' => '85',
+          'HTTP_CACHE_CONTROL' => 'max-age=0',
+          'HTTP_ORIGIN' => 'http://192.168.99.100:3000',
+          'HTTP_UPGRADE_INSECURE_REQUESTS' => '1',
+          'HTTP_USER_AGENT' => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5)',
+          'CONTENT_TYPE' => 'application/x-www-form-urlencoded',
+          'HTTP_ACCEPT' => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
+          'HTTP_ACCEPT_ENCODING' => 'gzip, deflate',
+          'HTTP_ACCEPT_LANGUAGE' => 'en-US,en;q=0.8',
+          'HTTP_MY_CUSTOM_HTTP_HEADER' => 'my value'
+        }
+
+        expect(meta.flattened_headers_dict).to eq(
+          {
+            ['version'] => 'HTTP/1.1',
+            ['connection'] => 'keep-alive',
+            ['content-length'] => '85',
+            ['cache-control'] => 'max-age=0',
+            ['origin'] => 'http://192.168.99.100:3000',
+            ['upgrade-insecure-requests'] => '1',
+            ['user-agent'] => 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_5)',
+            ['content-type'] => 'application/x-www-form-urlencoded',
+            ['accept'] => 'text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8',
+            ['accept-encoding'] => 'gzip, deflate',
+            ['accept-language'] => 'en-US,en;q=0.8',
+            ['my-custom-http-header'] => 'my value'
+          }
+        )
+      end
+    end
+
+    describe '#body_params' do
+      before(:each) do
+        @meta_data = TCellAgent::MetaData.new(
+          'get',
+          'remote_address',
+          'route_id',
+          'session_id',
+          'user_id',
+          'transaction_id',
+          'http://test.com'
+        )
+      end
+
+      context 'with text/html content type' do
+        it 'should set the body params to empty' do
+          @meta_data.set_body_dict(
+            67,
+            'text/html',
+            {
+              :username => 'tester',
+              :password => 'pass'
+            }.to_json
+          )
+
+          expect(@meta_data.flattened_body_dict).to eq({})
+        end
+      end
+
+      context 'with application/json content type' do
+        context 'with empty request body' do
+          it 'should set the body params to empty' do
+            @meta_data.set_body_dict(
+              67,
+              'application/json',
+              nil
+            )
+
+            expect(@meta_data.flattened_body_dict).to eq({})
+          end
+        end
+
+        context 'with bad json in the body' do
+          it 'should set the body params to empty' do
+            @meta_data.set_body_dict(
+              67,
+              'application/json',
+              '{"username":"tester""password":"pass"}'
+            )
+
+            expect(@meta_data.flattened_body_dict).to eq({})
+          end
+        end
+
+        context 'with valid json in the body' do
+          it 'should set the body params' do
+            @meta_data.set_body_dict(
+              67,
+              'application/json',
+              {
+                :username => 'tester',
+                :password => 'pass'
+              }.to_json
+            )
+
+            expect(@meta_data.flattened_body_dict).to eq(
+              {
+                ['username'] => 'tester',
+                ['password'] => 'pass'
+              }
+            )
+          end
+        end
+
+        context 'with a json body that is too big' do
+          it 'should set the body params to empty' do
+            @meta_data.set_body_dict(
+              20_000_000,
+              'application/json',
+              {
+                :username => 'tester',
+                :password => 'pass'
+              }.to_json
+            )
+            expect(@meta_data.flattened_body_dict).to eq({})
+          end
+        end
+      end
+    end
+  end
+end

data/spec/spec_helper.rb

@@ -3,6 +3,11 @@ require 'rails'
 require 'webmock/rspec'
 require 'fork_break'
 
+if ENV['COVERAGE']
+  require 'simplecov'
+  SimpleCov.start
+end
+
 ENV['TCELL_AGENT_SERVER'] = 'mock'
 require File.join(File.dirname(__FILE__), '..', 'lib', 'tcell_agent')
 require File.join(File.dirname(__FILE__), '..', 'lib', 'tcell_agent', 'rails') if defined?(Rails)

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tcell_agent
 version: !ruby/object:Gem::Version
-  version: 1.1.3
+  version: 1.1.4
 platform: ruby
 authors:
 - Rafael
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2018-07-05 00:00:00.000000000 Z
+date: 2018-11-01 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -118,7 +118,6 @@ files:
 - lib/tcell_agent/agent/static_agent.rb
 - lib/tcell_agent/api.rb
 - lib/tcell_agent/appsensor/injections_reporter.rb
-- lib/tcell_agent/appsensor/meta_data.rb
 - lib/tcell_agent/authlogic.rb
 - lib/tcell_agent/cmdi.rb
 - lib/tcell_agent/config/unknown_options.rb
@@ -128,7 +127,6 @@ files:
 - lib/tcell_agent/instrumentation.rb
 - lib/tcell_agent/logger.rb
 - lib/tcell_agent/patches.rb
-- lib/tcell_agent/patches/meta_data.rb
 - lib/tcell_agent/policies/dataloss_policy.rb
 - lib/tcell_agent/policies/http_redirect_policy.rb
 - lib/tcell_agent/policies/http_tx_policy.rb
@@ -157,11 +155,11 @@ files:
 - lib/tcell_agent/rails/settings_reporter.rb
 - lib/tcell_agent/rails/tcell_body_proxy.rb
 - lib/tcell_agent/routes/table.rb
-- lib/tcell_agent/rust/libtcellagent-1.3.0.dylib
-- lib/tcell_agent/rust/libtcellagent-1.3.0.so
-- lib/tcell_agent/rust/libtcellagent-alpine-1.3.0.so
+- lib/tcell_agent/rust/libtcellagent-1.3.1.dylib
+- lib/tcell_agent/rust/libtcellagent-1.3.1.so
+- lib/tcell_agent/rust/libtcellagent-alpine-1.3.1.so
 - lib/tcell_agent/rust/models.rb
-- lib/tcell_agent/rust/tcellagent-1.3.0.dll
+- lib/tcell_agent/rust/tcellagent-1.3.1.dll
 - lib/tcell_agent/rust/whisperer.rb
 - lib/tcell_agent/sensor_events/app_config.rb
 - lib/tcell_agent/sensor_events/appsensor_event.rb
@@ -183,9 +181,11 @@ files:
 - lib/tcell_agent/servers/thin.rb
 - lib/tcell_agent/servers/unicorn.rb
 - lib/tcell_agent/servers/webrick.rb
+- lib/tcell_agent/settings_reporter.rb
 - lib/tcell_agent/sinatra.rb
 - lib/tcell_agent/start_background_thread.rb
 - lib/tcell_agent/system_info.rb
+- lib/tcell_agent/tcell_context.rb
 - lib/tcell_agent/userinfo.rb
 - lib/tcell_agent/utils/io.rb
 - lib/tcell_agent/utils/params.rb
@@ -198,7 +198,6 @@ files:
 - spec/lib/tcell_agent/agent/static_agent_spec.rb
 - spec/lib/tcell_agent/api/api_spec.rb
 - spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb
-- spec/lib/tcell_agent/appsensor/meta_data_spec.rb
 - spec/lib/tcell_agent/cmdi_spec.rb
 - spec/lib/tcell_agent/config/unknown_options_spec.rb
 - spec/lib/tcell_agent/configuration_spec.rb
@@ -213,6 +212,9 @@ files:
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
 - spec/lib/tcell_agent/rails/better_ip_spec.rb
+- spec/lib/tcell_agent/rails/csrf_exception_spec.rb
+- spec/lib/tcell_agent/rails/dlp_spec.rb
+- spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
 - spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
@@ -230,6 +232,8 @@ files:
 - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
 - spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
 - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
+- spec/lib/tcell_agent/settings_reporter_spec.rb
+- spec/lib/tcell_agent/tcell_context_spec.rb
 - spec/lib/tcell_agent/utils/bounded_queue_spec.rb
 - spec/lib/tcell_agent/utils/params_spec.rb
 - spec/lib/tcell_agent/utils/passwords_spec.rb
@@ -271,7 +275,6 @@ test_files:
 - spec/lib/tcell_agent/agent/static_agent_spec.rb
 - spec/lib/tcell_agent/api/api_spec.rb
 - spec/lib/tcell_agent/appsensor/injections_reporter_spec.rb
-- spec/lib/tcell_agent/appsensor/meta_data_spec.rb
 - spec/lib/tcell_agent/cmdi_spec.rb
 - spec/lib/tcell_agent/config/unknown_options_spec.rb
 - spec/lib/tcell_agent/configuration_spec.rb
@@ -286,6 +289,9 @@ test_files:
 - spec/lib/tcell_agent/policies/login_policy_spec.rb
 - spec/lib/tcell_agent/policies/patches_policy_spec.rb
 - spec/lib/tcell_agent/rails/better_ip_spec.rb
+- spec/lib/tcell_agent/rails/csrf_exception_spec.rb
+- spec/lib/tcell_agent/rails/dlp_spec.rb
+- spec/lib/tcell_agent/rails/js_agent_insert_spec.rb
 - spec/lib/tcell_agent/rails/logger_spec.rb
 - spec/lib/tcell_agent/rails/middleware/appsensor_middleware_spec.rb
 - spec/lib/tcell_agent/rails/middleware/dlp_middleware_spec.rb
@@ -303,6 +309,8 @@ test_files:
 - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
 - spec/lib/tcell_agent/sensor_events/sessions_metric_spec.rb
 - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
+- spec/lib/tcell_agent/settings_reporter_spec.rb
+- spec/lib/tcell_agent/tcell_context_spec.rb
 - spec/lib/tcell_agent/utils/bounded_queue_spec.rb
 - spec/lib/tcell_agent/utils/params_spec.rb
 - spec/lib/tcell_agent/utils/passwords_spec.rb

data/lib/tcell_agent/appsensor/meta_data.rb

@@ -1,132 +0,0 @@
-require 'tcell_agent/logger'
-require 'tcell_agent/sensor_events/sensor'
-require 'tcell_agent/utils/params'
-
-module TCellAgent
-  module AppSensor
-
-    class MetaData < TCellAgent::SensorEvents::TCellSensorEvent
-
-      attr_accessor :get_dict, :post_dict, :body_dict, :cookie_dict, :path_parameters,
-        :remote_address, :method, :route_id, :session_id, :user_id, :transaction_id, :location
-
-      attr_reader :headers_dict
-
-      def initialize(method,
-                     remote_address,
-                     route_id,
-                     session_id,
-                     user_id,
-                     transaction_id,
-                     location)
-        @send = false
-
-        @method = method
-        @remote_address = remote_address
-        @route_id = route_id
-        @session_id = session_id
-        @user_id = user_id
-        @transaction_id = transaction_id
-        @location = location
-
-        @body_dict = {}
-        @get_dict = {}
-        @post_dict = {}
-        @cookie_dict = {}
-        @path_parameters = {}
-        @headers_dict = {}
-      end
-
-      def get_dict=(value)
-        @flattened_get_dict = nil
-        @get_dict = value
-      end
-
-      def body_dict=(value)
-        @flattened_body_dict = nil
-        @body_dict = value
-      end
-
-      def post_dict=(value)
-        @flattened_post_dict = nil
-        @post_dict = value
-      end
-
-      def cookie_dict=(value)
-        @flattened_cookie_dict = nil
-        @cookie_dict = value
-      end
-
-      def path_parameters=(value)
-        @flattened_path_parameters = nil
-        @path_parameters = value
-      end
-
-      def flattened_path_parameters
-        @flattened_path_parameters ||= TCellAgent::Utils::Params.flatten(@path_parameters)
-
-        @flattened_path_parameters
-      end
-
-      def flattened_get_dict
-        @flattened_get_dict ||= TCellAgent::Utils::Params.flatten(@get_dict)
-
-        @flattened_get_dict
-      end
-
-      def flattened_post_dict
-        @flattened_post_dict ||= TCellAgent::Utils::Params.flatten(@post_dict)
-
-        @flattened_post_dict
-      end
-
-      def flattened_body_dict
-        @body_dict
-      end
-
-      def flattened_cookie_dict
-        @flattened_cookie_dict ||= TCellAgent::Utils::Params.flatten(@cookie_dict)
-
-        @flattened_cookie_dict
-      end
-
-      def flattened_headers_dict
-        @flattened_headers_dict ||= TCellAgent::Utils::Params.flatten(@headers_dict)
-
-        @flattened_headers_dict
-      end
-
-      def set_headers_dict(env)
-        @flattened_headers_dict = nil
-        @headers_dict = env.select { |k,v|
-          header_downcased = k.downcase
-          (header_downcased != "http_cookie" && header_downcased.start_with?('http_')) ||
-            ["content_type", "content_length"].include?(header_downcased)
-        }.inject({}) { |memo, (k,v)|
-          memo[k.downcase.sub(/^http_/, '').tr('_', '-')] = v
-          memo
-        }
-      end
-
-      def set_body_dict(request_content_bytes_len, request_content_type, request_body)
-        if request_content_bytes_len > 2000000
-          @body_dict = {}
-
-        else
-          if request_content_type =~ %r{application/json}i && request_body
-            begin
-              # don't enqueue parameter values of unknown type to avoid any serialization issues
-              @body_dict = TCellAgent::Utils::Params.flatten(JSON.parse(request_body))
-            rescue JSON::ParserError
-              TCellAgent.logger.debug("JSON body parameter parsing failed")
-              @body_dict = {}
-            end
-          else
-            @body_dict = {}
-          end
-        end
-      end
-    end
-
-  end
-end