tcell_agent 2.0.0 → 2.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/bin/tcell_agent +42 -146
  3. data/lib/tcell_agent.rb +8 -16
  4. data/lib/tcell_agent/agent.rb +76 -46
  5. data/lib/tcell_agent/config_initializer.rb +66 -0
  6. data/lib/tcell_agent/configuration.rb +72 -267
  7. data/lib/tcell_agent/instrument_servers.rb +14 -18
  8. data/lib/tcell_agent/instrumentation/cmdi.rb +15 -15
  9. data/lib/tcell_agent/instrumentation/lfi.rb +21 -10
  10. data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +20 -12
  11. data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +45 -102
  12. data/lib/tcell_agent/logger.rb +1 -2
  13. data/lib/tcell_agent/policies/command_injection_policy.rb +1 -1
  14. data/lib/tcell_agent/rails/auth/authlogic.rb +49 -44
  15. data/lib/tcell_agent/rails/auth/authlogic_helper.rb +20 -0
  16. data/lib/tcell_agent/rails/auth/devise.rb +103 -102
  17. data/lib/tcell_agent/rails/auth/devise_helper.rb +29 -0
  18. data/lib/tcell_agent/rails/auth/doorkeeper.rb +54 -58
  19. data/lib/tcell_agent/{userinfo.rb → rails/auth/userinfo.rb} +0 -0
  20. data/lib/tcell_agent/rails/csrf_exception.rb +0 -8
  21. data/lib/tcell_agent/rails/dlp.rb +10 -8
  22. data/lib/tcell_agent/rails/middleware/global_middleware.rb +4 -1
  23. data/lib/tcell_agent/rails/{on_start.rb → railties/tcell_agent_railties.rb} +9 -16
  24. data/lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb +8 -0
  25. data/lib/tcell_agent/rails/routes.rb +6 -9
  26. data/lib/tcell_agent/rails/routes/grape.rb +4 -12
  27. data/lib/tcell_agent/rails/tcell_body_proxy.rb +0 -1
  28. data/lib/tcell_agent/rust/agent_config.rb +43 -32
  29. data/lib/tcell_agent/rust/{libtcellagent-4.14.0.dylib → libtcellagent-5.0.2.dylib} +0 -0
  30. data/lib/tcell_agent/rust/{libtcellagent-4.14.0.so → libtcellagent-5.0.2.so} +0 -0
  31. data/lib/tcell_agent/rust/{libtcellagent-alpine-4.14.0.so → libtcellagent-alpine-5.0.2.so} +0 -0
  32. data/lib/tcell_agent/rust/models.rb +9 -0
  33. data/lib/tcell_agent/rust/native_agent.rb +18 -0
  34. data/lib/tcell_agent/rust/native_library.rb +2 -1
  35. data/lib/tcell_agent/rust/{tcellagent-4.14.0.dll → tcellagent-5.0.2.dll} +0 -0
  36. data/lib/tcell_agent/servers/puma.rb +7 -7
  37. data/lib/tcell_agent/servers/rack_puma_handler.rb +23 -0
  38. data/lib/tcell_agent/servers/rails_server.rb +4 -4
  39. data/lib/tcell_agent/servers/unicorn.rb +1 -1
  40. data/lib/tcell_agent/servers/webrick.rb +0 -1
  41. data/lib/tcell_agent/settings_reporter.rb +0 -79
  42. data/lib/tcell_agent/tcell_context.rb +1 -1
  43. data/lib/tcell_agent/version.rb +1 -1
  44. data/spec/lib/tcell_agent/configuration_spec.rb +62 -212
  45. data/spec/lib/tcell_agent/instrument_servers_spec.rb +95 -0
  46. data/spec/lib/tcell_agent/{cmdi_spec.rb → instrumentation/cmdi_spec.rb} +50 -0
  47. data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +6 -0
  48. data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +19 -4
  49. data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +47 -2
  50. data/spec/lib/tcell_agent/rust/agent_config_spec.rb +27 -0
  51. data/spec/lib/tcell_agent/settings_reporter_spec.rb +0 -73
  52. data/spec/spec_helper.rb +6 -0
  53. data/spec/support/builders.rb +6 -6
  54. data/spec/support/server_mocks/passenger_mock.rb +7 -0
  55. data/spec/support/server_mocks/puma_mock.rb +17 -0
  56. data/spec/support/server_mocks/rails_mock.rb +7 -0
  57. data/spec/support/server_mocks/thin_mock.rb +7 -0
  58. data/spec/support/server_mocks/unicorn_mock.rb +11 -0
  59. metadata +29 -16
  60. data/lib/tcell_agent/authlogic.rb +0 -23
  61. data/lib/tcell_agent/config/unknown_options.rb +0 -119
  62. data/lib/tcell_agent/devise.rb +0 -33
  63. data/lib/tcell_agent/rails/start_agent_after_initializers.rb +0 -12
  64. data/spec/lib/tcell_agent/config/unknown_options_spec.rb +0 -195
@@ -1,25 +1,21 @@
1
+ # frozen_string_literal: true
2
+
1
3
  tcell_server = ENV['TCELL_AGENT_SERVER']
2
4
 
3
- if TCellAgent.configuration.should_instrument?
4
- unless tcell_server && tcell_server == 'mock'
5
- if (tcell_server && tcell_server == 'webrick') || defined?(Rails::Server)
6
- require('tcell_agent/servers/rails_server')
5
+ TCellAgent.thread_agent.instrument_built_ins if tcell_server &&
6
+ tcell_server == 'mock'
7
7
 
8
- elsif (tcell_server && tcell_server == 'thin') || defined?(Thin)
9
- require('tcell_agent/servers/thin')
8
+ require('tcell_agent/servers/rails_server') if (tcell_server && tcell_server == 'webrick') ||
9
+ defined?(Rails::Server)
10
10
 
11
- elsif (tcell_server && tcell_server == 'puma') || defined?(Puma)
12
- require('tcell_agent/servers/puma')
11
+ require('tcell_agent/servers/thin') if (tcell_server && tcell_server == 'thin') ||
12
+ defined?(Thin)
13
13
 
14
- elsif (tcell_server && tcell_server == 'unicorn') || defined?(Unicorn)
15
- require('tcell_agent/servers/unicorn')
14
+ require('tcell_agent/servers/puma') if (tcell_server && tcell_server == 'puma') ||
15
+ defined?(Puma)
16
16
 
17
- elsif (tcell_server && tcell_server == 'passenger') || defined?(PhusionPassenger)
18
- require('tcell_agent/servers/passenger')
19
- end
20
- end
17
+ require('tcell_agent/servers/unicorn') if (tcell_server && tcell_server == 'unicorn') ||
18
+ defined?(Unicorn)
21
19
 
22
- elsif (tcell_server && tcell_server == 'unicorn') || defined?(Unicorn)
23
- # unicorn is always instrumented to support rolling restarts
24
- require('tcell_agent/servers/unicorn')
25
- end
20
+ require('tcell_agent/servers/passenger') if (tcell_server && tcell_server == 'passenger') ||
21
+ defined?(PhusionPassenger)
@@ -25,18 +25,18 @@ module TCellAgent
25
25
  cmd = ''
26
26
 
27
27
  TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do
28
- unless args.empty?
29
- args_copy = Array.new(args)
30
- args_copy.shift if args_copy.first.is_a?(Hash)
31
- args_copy.pop if args_copy.last.is_a?(Hash)
32
-
33
- if args_copy.first.is_a?(Array)
34
- cmd_n_argv0 = args_copy.shift
35
- args_copy.unshift(cmd_n_argv0.first)
36
- end
28
+ return cmd if args.nil? || args.empty?
29
+
30
+ args_copy = Array.new(args)
31
+ args_copy.shift if args_copy.first.is_a?(Hash)
32
+ args_copy.pop if args_copy.last.is_a?(Hash)
37
33
 
38
- cmd = args_copy.join(' ')
34
+ if args_copy.first.is_a?(Array)
35
+ cmd_n_argv0 = args_copy.shift
36
+ args_copy.unshift(cmd_n_argv0.first)
39
37
  end
38
+
39
+ cmd = args_copy.join(' ')
40
40
  end
41
41
 
42
42
  cmd
@@ -46,12 +46,12 @@ module TCellAgent
46
46
  cmd = ''
47
47
 
48
48
  TCellAgent::Instrumentation.safe_block('CMDI Parsing *args') do
49
- unless args.empty?
50
- args_copy = Array.new(args)
51
- first_arg = args_copy.shift
49
+ return cmd if args.nil? || args.empty?
52
50
 
53
- cmd = first_arg[1..-1] if first_arg && first_arg[0] == '|'
54
- end
51
+ args_copy = Array.new(args)
52
+ first_arg = args_copy.shift
53
+
54
+ cmd = first_arg[1..-1] if first_arg && (first_arg.is_a? String) && first_arg[0] == '|'
55
55
  end
56
56
 
57
57
  cmd
@@ -26,18 +26,26 @@ module TCellAgent
26
26
  path = ''
27
27
  mode = ''
28
28
 
29
- return ['', ''] if args.empty?
30
-
31
29
  TCellAgent::Instrumentation.safe_block('LFI Parsing *args') do
30
+ return ['', ''] if args.nil? || args.empty?
31
+
32
32
  args_copy = Array.new(args)
33
33
  path = args_copy.shift
34
34
  mode = args_copy.shift || 'r'
35
- end
36
35
 
37
- if path && path.to_s[0] != '|'
38
- [File.expand_path(path).to_s, convert_mode(mode)]
39
- else
40
- ['', '']
36
+ if path && path.to_s[0] != '|'
37
+ path = File.expand_path(path.to_s)
38
+
39
+ mode = if mode && mode.is_a?(Hash)
40
+ convert_mode(mode[:mode])
41
+ else
42
+ convert_mode(mode)
43
+ end
44
+
45
+ [path, mode]
46
+ else
47
+ ['', '']
48
+ end
41
49
  end
42
50
  end
43
51
 
@@ -52,10 +60,13 @@ module TCellAgent
52
60
  else
53
61
  path = ARGF.filename
54
62
  end
55
- end
56
63
 
57
- path = File.expand_path(path) unless path.nil?
58
- [path.to_s, mode]
64
+ if path && path.to_s[0] != '|'
65
+ [File.expand_path(path.to_s), mode]
66
+ else
67
+ ['', '']
68
+ end
69
+ end
59
70
  end
60
71
 
61
72
  def self.convert_mode(mode)
@@ -4,12 +4,15 @@ class IO
4
4
  def binread(*args, &block)
5
5
  path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
6
6
 
7
- if path && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
7
+ if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
8
8
  raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
9
9
  end
10
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
11
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
12
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
10
+
11
+ if path.empty?
12
+ cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
13
+ if cmd && TCellAgent::Cmdi.block_command?(cmd)
14
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
15
+ end
13
16
  end
14
17
 
15
18
  tcell_original_binread(*args, &block)
@@ -69,14 +72,17 @@ class IO
69
72
  path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
70
73
  mode = 'Read'
71
74
 
72
- if path && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
75
+ if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
73
76
  raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
74
77
  end
75
78
 
76
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
77
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
78
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
79
+ if path.empty?
80
+ cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
81
+ if cmd && TCellAgent::Cmdi.block_command?(cmd)
82
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
83
+ end
79
84
  end
85
+
80
86
  tcell_original_read(*args, &block)
81
87
  end
82
88
 
@@ -85,13 +91,15 @@ class IO
85
91
  path, _mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
86
92
  mode = 'Read'
87
93
 
88
- if path && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
94
+ if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
89
95
  raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
90
96
  end
91
97
 
92
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
93
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
94
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
98
+ if path.empty?
99
+ cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
100
+ if cmd && TCellAgent::Cmdi.block_command?(cmd)
101
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
102
+ end
95
103
  end
96
104
 
97
105
  tcell_original_readlines(*args, &block)
@@ -1,101 +1,69 @@
1
1
  module Kernel
2
- class << self
3
- alias_method :tcell_original_1_open, :open
4
- def open(*args, &block)
5
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
6
-
7
- if path && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
8
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
9
- end
10
-
11
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
12
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
13
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
14
- end
15
-
16
- tcell_original_1_open(*args, &block)
17
- end
2
+ private
18
3
 
19
- alias_method :tcell_original_1_gets, :gets
20
- def gets(*args, &block)
21
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
22
-
23
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
24
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
25
- end
26
-
27
- tcell_original_1_gets(*args, &block)
28
- end
4
+ alias_method :tcell_original_backtick, :`
5
+ alias_method :tcell_original_exec, :exec
6
+ alias_method :tcell_original_open, :open
7
+ alias_method :tcell_original_gets, :gets
8
+ alias_method :tcell_original_readline, :readline
9
+ alias_method :tcell_original_spawn, :spawn
10
+ alias_method :tcell_original_system, :system
29
11
 
12
+ class << self
13
+ alias_method :tcell_original_exec, :exec
14
+ alias_method :tcell_original_open, :open
15
+ alias_method :tcell_original_gets, :gets
30
16
  alias_method :tcell_original_readline, :readline
31
- def readline(*args, &block)
32
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
33
-
34
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
35
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
36
- end
17
+ alias_method :tcell_original_spawn, :spawn
18
+ alias_method :tcell_original_system, :system
19
+ end
37
20
 
38
- tcell_original_readline(*args, &block)
21
+ def `(cmd)
22
+ if TCellAgent::Cmdi.block_command?(cmd)
23
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
39
24
  end
40
25
 
41
- alias_method :tcell_original_1_spawn, :spawn
42
- def spawn(*args)
43
- cmd = TCellAgent::Cmdi.parse_command(*args)
44
- if TCellAgent::Cmdi.block_command?(cmd)
45
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
46
- end
47
-
48
- tcell_original_1_spawn(*args)
49
- end
26
+ tcell_original_backtick(cmd)
27
+ end
50
28
 
51
- alias_method :tcell_original_1_system, :system
52
- def system(*args)
29
+ if TCellAgent.configuration.should_instrument?('kernel_exec')
30
+ def exec(*args)
53
31
  cmd = TCellAgent::Cmdi.parse_command(*args)
54
32
  if TCellAgent::Cmdi.block_command?(cmd)
55
33
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
56
34
  end
57
35
 
58
- tcell_original_1_system(*args)
36
+ tcell_original_exec(*args)
59
37
  end
60
38
  end
61
39
 
62
- alias_method :tcell_original_backtick, :`
63
- def `(cmd)
64
- if TCellAgent::Cmdi.block_command?(cmd)
65
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
40
+ def gets(*args, &block)
41
+ path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
42
+
43
+ if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
44
+ raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
66
45
  end
67
46
 
68
- tcell_original_backtick(cmd)
47
+ tcell_original_gets(*args, &block)
69
48
  end
70
49
 
71
- alias_method :tcell_original_2_open, :open
72
50
  def open(*args, &block)
73
51
  path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode(*args)
74
52
 
75
- if path && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
53
+ if !path.strip.empty? && TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
76
54
  raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
77
55
  end
78
56
 
79
- cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
80
- if cmd && TCellAgent::Cmdi.block_command?(cmd)
81
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
82
- end
83
-
84
- tcell_original_2_open(*args, &block)
85
- end
86
-
87
- alias_method :tcell_original_2_gets, :gets
88
- def gets(*args, &block)
89
- path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
90
-
91
- if TCellAgent::Instrumentation::Lfi.block_file_access?(path, mode)
92
- raise IOError, "tCell.io Agent: Attempted access to file #{path} with mode #{mode} denied"
57
+ if path.empty?
58
+ cmd = TCellAgent::Cmdi.parse_command_from_open(*args)
59
+ if cmd && TCellAgent::Cmdi.block_command?(cmd)
60
+ raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
61
+ end
93
62
  end
94
63
 
95
- tcell_original_2_gets(*args, &block)
64
+ tcell_original_open(*args, &block)
96
65
  end
97
66
 
98
- alias_method :tcell_original_readline, :readline
99
67
  def readline(*args, &block)
100
68
  path, mode = TCellAgent::Instrumentation::Lfi.extract_path_mode_argf
101
69
 
@@ -106,54 +74,29 @@ module Kernel
106
74
  tcell_original_readline(*args, &block)
107
75
  end
108
76
 
109
- alias_method :tcell_original_2_spawn, :spawn
110
77
  def spawn(*args)
111
78
  cmd = TCellAgent::Cmdi.parse_command(*args)
112
79
  if TCellAgent::Cmdi.block_command?(cmd)
113
80
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
114
81
  end
115
82
 
116
- tcell_original_2_spawn(*args)
83
+ tcell_original_spawn(*args)
117
84
  end
118
85
 
119
- alias_method :tcell_original_2_system, :system
120
86
  def system(*args)
121
87
  cmd = TCellAgent::Cmdi.parse_command(*args)
122
88
  if TCellAgent::Cmdi.block_command?(cmd)
123
89
  raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
124
90
  end
125
91
 
126
- tcell_original_2_system(*args)
92
+ tcell_original_system(*args)
127
93
  end
128
- end
129
-
130
- if TCellAgent.configuration.should_instrument_cmdi_exec?
131
- module Kernel
132
- class << self
133
- alias_method :tcell_original_exec, :exec
134
- def exec(*args)
135
- cmd = TCellAgent::Cmdi.parse_command(*args)
136
- if TCellAgent::Cmdi.block_command?(cmd)
137
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
138
- end
139
-
140
- tcell_original_exec(*args)
141
- end
142
- end
143
-
144
- alias_method :tcell_original_exec, :exec
145
-
146
- private
147
94
 
148
- def exec(*args)
149
- cmd = TCellAgent::Cmdi.parse_command(*args)
150
- if TCellAgent::Cmdi.block_command?(cmd)
151
- raise "tCell.io Agent: Command not allowed by policy: #{cmd}"
152
- end
153
-
154
- tcell_original_exec(*args)
155
- end
156
- end
157
- else
158
- TCellAgent.logger.debug('Disabling cmdi Kernel::exec instrumentation', 'TCellAgent::Cmdi')
95
+ module_function :`
96
+ module_function :exec
97
+ module_function :gets
98
+ module_function :open
99
+ module_function :readline
100
+ module_function :spawn
101
+ module_function :system
159
102
  end
@@ -14,7 +14,6 @@ module TCellAgent
14
14
  def initialize(logger, module_name)
15
15
  @logger = logger
16
16
  @module_name = module_name
17
- @module_name = "#{TCellAgent.configuration.log_tag} #{module_name}" if TCellAgent.configuration.log_tag
18
17
  end
19
18
 
20
19
  %i[exception debug info warn error].each do |method_name|
@@ -80,7 +79,7 @@ module TCellAgent
80
79
  @native_logger
81
80
  end
82
81
 
83
- def self.native_agent=(native_agent)
82
+ def self.native_logger=(native_agent)
84
83
  @native_logger = NativeLogger.new(native_agent)
85
84
  end
86
85
  end
@@ -15,7 +15,7 @@ module TCellAgent
15
15
  end
16
16
 
17
17
  def block_command?(command, tcell_context)
18
- return false unless @enabled
18
+ return false unless @enabled && tcell_context
19
19
 
20
20
  response = @native_agent.apply_cmdi(
21
21
  command, tcell_context
@@ -1,56 +1,61 @@
1
- if TCellAgent.configuration.should_instrument_authlogic? && defined?(Authlogic)
1
+ # frozen_string_literal: true
2
2
 
3
- require 'tcell_agent/configuration'
4
- require 'tcell_agent/instrumentation'
3
+ require 'tcell_agent/configuration'
4
+ require 'tcell_agent/instrumentation'
5
5
 
6
- module TCellAgent
7
- require 'tcell_agent/agent'
6
+ module TCellAgent
7
+ require 'tcell_agent/agent'
8
8
 
9
- Authlogic::Session::Base.class_eval do
10
- alias_method :tcell_save, :save
11
- def save(&block)
12
- return tcell_save(&block) unless TCellAgent.configuration.should_intercept_requests?
9
+ Authlogic::Session::Base.class_eval do
10
+ alias_method :tcell_save, :save
11
+ def save(&block)
12
+ return tcell_save(&block) unless TCellAgent.configuration.should_intercept_requests?
13
13
 
14
- user_logged_in_before = !user.nil?
15
- success = tcell_save(&block)
16
- user_logged_in_after = !user.nil?
14
+ user_logged_in_before = !user.nil?
15
+ success = tcell_save(&block)
16
+ user_logged_in_after = !user.nil?
17
17
 
18
- TCellAgent::Instrumentation.safe_block('Authlogic login info') do
19
- user_id = nil
20
- password = nil
21
- user_valid = nil
22
- TCellAgent::Instrumentation.safe_block('getting userid for login form') do
23
- user_id = send(self.class.login_field.to_sym)
24
- end
18
+ TCellAgent::Instrumentation.safe_block('Authlogic login info') do
19
+ user_id = nil
20
+ password = nil
21
+ user_valid = nil
22
+ TCellAgent::Instrumentation.safe_block('getting userid for login form') do
23
+ user_id = send(self.class.login_field.to_sym)
24
+ end
25
+
26
+ request = Authlogic::Session::Base.controller.request
27
+ tcell_data = request.env[TCellAgent::Instrumentation::TCELL_ID]
28
+
29
+ return success unless tcell_data
30
+
31
+ login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
32
+ if user_logged_in_before && user_logged_in_after
33
+ # password changed or logged in as another user
34
+ elsif !user_logged_in_before && !user_logged_in_after
35
+ TCellAgent::Instrumentation.safe_block('checking if user is valid') do
36
+ error_messages = errors.messages[login_field]
25
37
 
26
- request = Authlogic::Session::Base.controller.request
27
- tcell_data = request.env[TCellAgent::Instrumentation::TCELL_ID]
28
-
29
- return success unless tcell_data
30
-
31
- login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
32
- if user_logged_in_before && user_logged_in_after
33
- # password changed or logged in as another user
34
- elsif !user_logged_in_before && !user_logged_in_after
35
- login_policy.report_login_failure(
36
- user_id,
37
- password,
38
- request.env,
39
- user_valid,
40
- tcell_data
41
- )
42
- elsif !user_logged_in_before && user_logged_in_after
43
- login_policy.report_login_success(
44
- user_id,
45
- request.env,
46
- tcell_data
47
- )
38
+ user_valid = error_messages.empty?
48
39
  end
49
- end
50
40
 
51
- success
41
+ login_policy.report_login_failure(
42
+ user_id,
43
+ password,
44
+ request.env,
45
+ user_valid,
46
+ tcell_data
47
+ )
48
+ elsif !user_logged_in_before && user_logged_in_after
49
+ tcell_data.user_id = user_id if user_id && tcell_data.user_id.nil?
50
+ login_policy.report_login_success(
51
+ user_id,
52
+ request.env,
53
+ tcell_data
54
+ )
55
+ end
52
56
  end
57
+
58
+ success
53
59
  end
54
60
  end
55
-
56
61
  end