tcell_agent 2.0.0 → 2.2.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/bin/tcell_agent +42 -146
- data/lib/tcell_agent.rb +8 -16
- data/lib/tcell_agent/agent.rb +76 -46
- data/lib/tcell_agent/config_initializer.rb +66 -0
- data/lib/tcell_agent/configuration.rb +72 -267
- data/lib/tcell_agent/instrument_servers.rb +14 -18
- data/lib/tcell_agent/instrumentation/cmdi.rb +15 -15
- data/lib/tcell_agent/instrumentation/lfi.rb +21 -10
- data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +20 -12
- data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +45 -102
- data/lib/tcell_agent/logger.rb +1 -2
- data/lib/tcell_agent/policies/command_injection_policy.rb +1 -1
- data/lib/tcell_agent/rails/auth/authlogic.rb +49 -44
- data/lib/tcell_agent/rails/auth/authlogic_helper.rb +20 -0
- data/lib/tcell_agent/rails/auth/devise.rb +103 -102
- data/lib/tcell_agent/rails/auth/devise_helper.rb +29 -0
- data/lib/tcell_agent/rails/auth/doorkeeper.rb +54 -58
- data/lib/tcell_agent/{userinfo.rb → rails/auth/userinfo.rb} +0 -0
- data/lib/tcell_agent/rails/csrf_exception.rb +0 -8
- data/lib/tcell_agent/rails/dlp.rb +10 -8
- data/lib/tcell_agent/rails/middleware/global_middleware.rb +4 -1
- data/lib/tcell_agent/rails/{on_start.rb → railties/tcell_agent_railties.rb} +9 -16
- data/lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb +8 -0
- data/lib/tcell_agent/rails/routes.rb +6 -9
- data/lib/tcell_agent/rails/routes/grape.rb +4 -12
- data/lib/tcell_agent/rails/tcell_body_proxy.rb +0 -1
- data/lib/tcell_agent/rust/agent_config.rb +43 -32
- data/lib/tcell_agent/rust/{libtcellagent-4.14.0.dylib → libtcellagent-5.0.2.dylib} +0 -0
- data/lib/tcell_agent/rust/{libtcellagent-4.14.0.so → libtcellagent-5.0.2.so} +0 -0
- data/lib/tcell_agent/rust/{libtcellagent-alpine-4.14.0.so → libtcellagent-alpine-5.0.2.so} +0 -0
- data/lib/tcell_agent/rust/models.rb +9 -0
- data/lib/tcell_agent/rust/native_agent.rb +18 -0
- data/lib/tcell_agent/rust/native_library.rb +2 -1
- data/lib/tcell_agent/rust/{tcellagent-4.14.0.dll → tcellagent-5.0.2.dll} +0 -0
- data/lib/tcell_agent/servers/puma.rb +7 -7
- data/lib/tcell_agent/servers/rack_puma_handler.rb +23 -0
- data/lib/tcell_agent/servers/rails_server.rb +4 -4
- data/lib/tcell_agent/servers/unicorn.rb +1 -1
- data/lib/tcell_agent/servers/webrick.rb +0 -1
- data/lib/tcell_agent/settings_reporter.rb +0 -79
- data/lib/tcell_agent/tcell_context.rb +1 -1
- data/lib/tcell_agent/version.rb +1 -1
- data/spec/lib/tcell_agent/configuration_spec.rb +62 -212
- data/spec/lib/tcell_agent/instrument_servers_spec.rb +95 -0
- data/spec/lib/tcell_agent/{cmdi_spec.rb → instrumentation/cmdi_spec.rb} +50 -0
- data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +6 -0
- data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +19 -4
- data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +47 -2
- data/spec/lib/tcell_agent/rust/agent_config_spec.rb +27 -0
- data/spec/lib/tcell_agent/settings_reporter_spec.rb +0 -73
- data/spec/spec_helper.rb +6 -0
- data/spec/support/builders.rb +6 -6
- data/spec/support/server_mocks/passenger_mock.rb +7 -0
- data/spec/support/server_mocks/puma_mock.rb +17 -0
- data/spec/support/server_mocks/rails_mock.rb +7 -0
- data/spec/support/server_mocks/thin_mock.rb +7 -0
- data/spec/support/server_mocks/unicorn_mock.rb +11 -0
- metadata +29 -16
- data/lib/tcell_agent/authlogic.rb +0 -23
- data/lib/tcell_agent/config/unknown_options.rb +0 -119
- data/lib/tcell_agent/devise.rb +0 -33
- data/lib/tcell_agent/rails/start_agent_after_initializers.rb +0 -12
- data/spec/lib/tcell_agent/config/unknown_options_spec.rb +0 -195
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: tcell_agent
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 2.
|
4
|
+
version: 2.2.1
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafael
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2020-
|
11
|
+
date: 2020-08-04 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: ffi
|
@@ -111,10 +111,8 @@ files:
|
|
111
111
|
- lib/tcell_agent/agent.rb
|
112
112
|
- lib/tcell_agent/agent/route_manager.rb
|
113
113
|
- lib/tcell_agent/agent/static_agent.rb
|
114
|
-
- lib/tcell_agent/
|
115
|
-
- lib/tcell_agent/config/unknown_options.rb
|
114
|
+
- lib/tcell_agent/config_initializer.rb
|
116
115
|
- lib/tcell_agent/configuration.rb
|
117
|
-
- lib/tcell_agent/devise.rb
|
118
116
|
- lib/tcell_agent/hooks/login_fraud.rb
|
119
117
|
- lib/tcell_agent/instrument_servers.rb
|
120
118
|
- lib/tcell_agent/instrumentation.rb
|
@@ -140,8 +138,11 @@ files:
|
|
140
138
|
- lib/tcell_agent/policies/policy_types.rb
|
141
139
|
- lib/tcell_agent/policies/system_enablements.rb
|
142
140
|
- lib/tcell_agent/rails/auth/authlogic.rb
|
141
|
+
- lib/tcell_agent/rails/auth/authlogic_helper.rb
|
143
142
|
- lib/tcell_agent/rails/auth/devise.rb
|
143
|
+
- lib/tcell_agent/rails/auth/devise_helper.rb
|
144
144
|
- lib/tcell_agent/rails/auth/doorkeeper.rb
|
145
|
+
- lib/tcell_agent/rails/auth/userinfo.rb
|
145
146
|
- lib/tcell_agent/rails/better_ip.rb
|
146
147
|
- lib/tcell_agent/rails/csrf_exception.rb
|
147
148
|
- lib/tcell_agent/rails/dlp.rb
|
@@ -152,24 +153,24 @@ files:
|
|
152
153
|
- lib/tcell_agent/rails/middleware/context_middleware.rb
|
153
154
|
- lib/tcell_agent/rails/middleware/global_middleware.rb
|
154
155
|
- lib/tcell_agent/rails/middleware/headers_middleware.rb
|
155
|
-
- lib/tcell_agent/rails/
|
156
|
+
- lib/tcell_agent/rails/railties/tcell_agent_railties.rb
|
157
|
+
- lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb
|
156
158
|
- lib/tcell_agent/rails/responses.rb
|
157
159
|
- lib/tcell_agent/rails/routes.rb
|
158
160
|
- lib/tcell_agent/rails/routes/grape.rb
|
159
161
|
- lib/tcell_agent/rails/routes/route_id.rb
|
160
162
|
- lib/tcell_agent/rails/settings_reporter.rb
|
161
|
-
- lib/tcell_agent/rails/start_agent_after_initializers.rb
|
162
163
|
- lib/tcell_agent/rails/tcell_body_proxy.rb
|
163
164
|
- lib/tcell_agent/routes/table.rb
|
164
165
|
- lib/tcell_agent/rust/agent_config.rb
|
165
|
-
- lib/tcell_agent/rust/libtcellagent-
|
166
|
-
- lib/tcell_agent/rust/libtcellagent-
|
167
|
-
- lib/tcell_agent/rust/libtcellagent-alpine-
|
166
|
+
- lib/tcell_agent/rust/libtcellagent-5.0.2.dylib
|
167
|
+
- lib/tcell_agent/rust/libtcellagent-5.0.2.so
|
168
|
+
- lib/tcell_agent/rust/libtcellagent-alpine-5.0.2.so
|
168
169
|
- lib/tcell_agent/rust/models.rb
|
169
170
|
- lib/tcell_agent/rust/native_agent.rb
|
170
171
|
- lib/tcell_agent/rust/native_agent_response.rb
|
171
172
|
- lib/tcell_agent/rust/native_library.rb
|
172
|
-
- lib/tcell_agent/rust/tcellagent-
|
173
|
+
- lib/tcell_agent/rust/tcellagent-5.0.2.dll
|
173
174
|
- lib/tcell_agent/sensor_events/agent_setting_event.rb
|
174
175
|
- lib/tcell_agent/sensor_events/app_config_setting_event.rb
|
175
176
|
- lib/tcell_agent/sensor_events/discovery.rb
|
@@ -180,6 +181,7 @@ files:
|
|
180
181
|
- lib/tcell_agent/sensor_events/util/utils.rb
|
181
182
|
- lib/tcell_agent/servers/passenger.rb
|
182
183
|
- lib/tcell_agent/servers/puma.rb
|
184
|
+
- lib/tcell_agent/servers/rack_puma_handler.rb
|
183
185
|
- lib/tcell_agent/servers/rails_server.rb
|
184
186
|
- lib/tcell_agent/servers/thin.rb
|
185
187
|
- lib/tcell_agent/servers/unicorn.rb
|
@@ -187,17 +189,16 @@ files:
|
|
187
189
|
- lib/tcell_agent/settings_reporter.rb
|
188
190
|
- lib/tcell_agent/sinatra.rb
|
189
191
|
- lib/tcell_agent/tcell_context.rb
|
190
|
-
- lib/tcell_agent/userinfo.rb
|
191
192
|
- lib/tcell_agent/utils/headers.rb
|
192
193
|
- lib/tcell_agent/utils/params.rb
|
193
194
|
- lib/tcell_agent/utils/strings.rb
|
194
195
|
- lib/tcell_agent/version.rb
|
195
|
-
- spec/lib/tcell_agent/cmdi_spec.rb
|
196
|
-
- spec/lib/tcell_agent/config/unknown_options_spec.rb
|
197
196
|
- spec/lib/tcell_agent/configuration_spec.rb
|
198
197
|
- spec/lib/tcell_agent/hooks/login_fraud_spec.rb
|
198
|
+
- spec/lib/tcell_agent/instrument_servers_spec.rb
|
199
199
|
- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
|
200
200
|
- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
|
201
|
+
- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
|
201
202
|
- spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
|
202
203
|
- spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
|
203
204
|
- spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
|
@@ -226,6 +227,7 @@ files:
|
|
226
227
|
- spec/lib/tcell_agent/rails/routes/route_id_spec.rb
|
227
228
|
- spec/lib/tcell_agent/rails/routes/routes_spec.rb
|
228
229
|
- spec/lib/tcell_agent/rails_spec.rb
|
230
|
+
- spec/lib/tcell_agent/rust/agent_config_spec.rb
|
229
231
|
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
230
232
|
- spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
|
231
233
|
- spec/lib/tcell_agent/settings_reporter_spec.rb
|
@@ -238,6 +240,11 @@ files:
|
|
238
240
|
- spec/support/middleware_helper.rb
|
239
241
|
- spec/support/resources/lfi_sample_file.txt
|
240
242
|
- spec/support/resources/normal_config.json
|
243
|
+
- spec/support/server_mocks/passenger_mock.rb
|
244
|
+
- spec/support/server_mocks/puma_mock.rb
|
245
|
+
- spec/support/server_mocks/rails_mock.rb
|
246
|
+
- spec/support/server_mocks/thin_mock.rb
|
247
|
+
- spec/support/server_mocks/unicorn_mock.rb
|
241
248
|
- spec/support/static_agent_overrides.rb
|
242
249
|
- tcell_agent.gemspec
|
243
250
|
homepage: https://www.tcell.io
|
@@ -266,12 +273,12 @@ signing_key:
|
|
266
273
|
specification_version: 4
|
267
274
|
summary: tCell.io Agent for Rails
|
268
275
|
test_files:
|
269
|
-
- spec/lib/tcell_agent/cmdi_spec.rb
|
270
|
-
- spec/lib/tcell_agent/config/unknown_options_spec.rb
|
271
276
|
- spec/lib/tcell_agent/configuration_spec.rb
|
272
277
|
- spec/lib/tcell_agent/hooks/login_fraud_spec.rb
|
278
|
+
- spec/lib/tcell_agent/instrument_servers_spec.rb
|
273
279
|
- spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
|
274
280
|
- spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
|
281
|
+
- spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
|
275
282
|
- spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
|
276
283
|
- spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
|
277
284
|
- spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
|
@@ -300,6 +307,7 @@ test_files:
|
|
300
307
|
- spec/lib/tcell_agent/rails/routes/route_id_spec.rb
|
301
308
|
- spec/lib/tcell_agent/rails/routes/routes_spec.rb
|
302
309
|
- spec/lib/tcell_agent/rails_spec.rb
|
310
|
+
- spec/lib/tcell_agent/rust/agent_config_spec.rb
|
303
311
|
- spec/lib/tcell_agent/sensor_events/dlp_spec.rb
|
304
312
|
- spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
|
305
313
|
- spec/lib/tcell_agent/settings_reporter_spec.rb
|
@@ -312,4 +320,9 @@ test_files:
|
|
312
320
|
- spec/support/middleware_helper.rb
|
313
321
|
- spec/support/resources/lfi_sample_file.txt
|
314
322
|
- spec/support/resources/normal_config.json
|
323
|
+
- spec/support/server_mocks/passenger_mock.rb
|
324
|
+
- spec/support/server_mocks/puma_mock.rb
|
325
|
+
- spec/support/server_mocks/rails_mock.rb
|
326
|
+
- spec/support/server_mocks/thin_mock.rb
|
327
|
+
- spec/support/server_mocks/unicorn_mock.rb
|
315
328
|
- spec/support/static_agent_overrides.rb
|
@@ -1,23 +0,0 @@
|
|
1
|
-
if TCellAgent.configuration.should_instrument_authlogic? && defined?(Authlogic)
|
2
|
-
|
3
|
-
require 'tcell_agent/userinfo'
|
4
|
-
|
5
|
-
module TCellAgent
|
6
|
-
TCellAgent::UserInformation.class_eval do
|
7
|
-
class << self
|
8
|
-
alias_method :original_get_user_from_request, :get_user_from_request
|
9
|
-
def get_user_from_request(request)
|
10
|
-
orig_user_id = original_get_user_from_request(request)
|
11
|
-
begin
|
12
|
-
if request.session && request.session.key?('user_credentials_id')
|
13
|
-
return request.session['user_credentials_id'].to_s
|
14
|
-
end
|
15
|
-
rescue StandardError
|
16
|
-
return orig_user_id
|
17
|
-
end
|
18
|
-
orig_user_id
|
19
|
-
end
|
20
|
-
end
|
21
|
-
end
|
22
|
-
end
|
23
|
-
end
|
@@ -1,119 +0,0 @@
|
|
1
|
-
require 'set'
|
2
|
-
|
3
|
-
module TCellAgent
|
4
|
-
module Config
|
5
|
-
module Validate
|
6
|
-
def self.get_unknown_options(config_json)
|
7
|
-
messages = []
|
8
|
-
|
9
|
-
known_tcell_env_vars = Set.new(
|
10
|
-
[
|
11
|
-
'TCELL_AGENT_SERVER', # this is only meant for specs
|
12
|
-
'TCELL_AGENT_APP_ID',
|
13
|
-
'TCELL_AGENT_API_KEY',
|
14
|
-
'TCELL_HMAC_KEY',
|
15
|
-
'TCELL_PASSWORD_HMAC_KEY',
|
16
|
-
'TCELL_AGENT_HOST_IDENTIFIER',
|
17
|
-
'TCELL_API_URL',
|
18
|
-
'TCELL_INPUT_URL',
|
19
|
-
'TCELL_DEMOMODE',
|
20
|
-
'TCELL_AGENT_HOME',
|
21
|
-
'TCELL_AGENT_LOG_DIR',
|
22
|
-
'TCELL_AGENT_CONFIG',
|
23
|
-
'TCELL_AGENT_ALLOW_PAYLOADS',
|
24
|
-
'TCELL_AGENT_LOG_LEVEL',
|
25
|
-
'TCELL_AGENT_LOG_FILENAME',
|
26
|
-
'TCELL_AGENT_LOG_ENABLED'
|
27
|
-
]
|
28
|
-
)
|
29
|
-
|
30
|
-
ENV.keys.each do |environment_key|
|
31
|
-
if environment_key =~ /^TCELL_/ && !known_tcell_env_vars.include?(environment_key)
|
32
|
-
messages << "Unrecognized environment parameter (TCELL_*) found: #{environment_key}"
|
33
|
-
end
|
34
|
-
end
|
35
|
-
|
36
|
-
begin
|
37
|
-
key_differences = []
|
38
|
-
|
39
|
-
if config_json
|
40
|
-
first_level_keys = %w[version applications]
|
41
|
-
|
42
|
-
key_differences = config_json.keys - first_level_keys
|
43
|
-
|
44
|
-
applications = config_json.fetch('applications', nil)
|
45
|
-
if applications
|
46
|
-
|
47
|
-
if applications.size > 1
|
48
|
-
messages << 'Multiple applications detected in config file'
|
49
|
-
|
50
|
-
elsif applications.size == 1
|
51
|
-
application = applications[0]
|
52
|
-
|
53
|
-
second_level_keys = %w[
|
54
|
-
name
|
55
|
-
app_id
|
56
|
-
api_key
|
57
|
-
fetch_policies_from_tcell
|
58
|
-
preload_policy_filename
|
59
|
-
log_dir
|
60
|
-
tcell_api_url
|
61
|
-
tcell_input_url
|
62
|
-
host_identifier
|
63
|
-
hipaaSafeMode
|
64
|
-
hmac_key
|
65
|
-
password_hmac_key
|
66
|
-
js_agent_api_base_url
|
67
|
-
js_agent_url
|
68
|
-
max_csp_header_bytes
|
69
|
-
event_batch_size_limit
|
70
|
-
allow_payloads
|
71
|
-
reverse_proxy
|
72
|
-
reverse_proxy_ip_address_header
|
73
|
-
demomode
|
74
|
-
logging_options
|
75
|
-
data_exposure
|
76
|
-
disable_all
|
77
|
-
enabled
|
78
|
-
enable_event_manager
|
79
|
-
enable_policy_polling
|
80
|
-
enable_instrumentation
|
81
|
-
enable_intercept_requests
|
82
|
-
instrument_for_events
|
83
|
-
enabled_instrumentations
|
84
|
-
stdout_logger
|
85
|
-
]
|
86
|
-
|
87
|
-
key_differences += (application.keys - second_level_keys)
|
88
|
-
|
89
|
-
if application.fetch('logging_options', nil)
|
90
|
-
logging_options = application['logging_options']
|
91
|
-
key_differences += (logging_options.keys - %w[enabled level filename])
|
92
|
-
end
|
93
|
-
|
94
|
-
if application.fetch('data_exposure', nil)
|
95
|
-
data_exposure = application['data_exposure']
|
96
|
-
key_differences += (data_exposure.keys - ['max_data_ex_db_records_per_request'])
|
97
|
-
end
|
98
|
-
|
99
|
-
if application.fetch('enabled_instrumentations', nil)
|
100
|
-
enabled_instrumentations = application['enabled_instrumentations']
|
101
|
-
key_differences += (enabled_instrumentations.keys - %w[doorkeeper devise authlogic])
|
102
|
-
end
|
103
|
-
end
|
104
|
-
end
|
105
|
-
|
106
|
-
key_differences.each do |key|
|
107
|
-
messages << "Unrecognized config setting key: #{key}"
|
108
|
-
end
|
109
|
-
|
110
|
-
end
|
111
|
-
rescue StandardError => exception
|
112
|
-
messages << "Something went wrong verifying config file: #{exception}"
|
113
|
-
end
|
114
|
-
|
115
|
-
messages
|
116
|
-
end
|
117
|
-
end
|
118
|
-
end
|
119
|
-
end
|
data/lib/tcell_agent/devise.rb
DELETED
@@ -1,33 +0,0 @@
|
|
1
|
-
if TCellAgent.configuration.should_instrument_devise? && defined?(Devise)
|
2
|
-
require 'devise'
|
3
|
-
require 'devise/rails'
|
4
|
-
require 'devise/strategies/database_authenticatable'
|
5
|
-
require 'tcell_agent/userinfo'
|
6
|
-
|
7
|
-
module TCellAgent
|
8
|
-
if defined?(Devise)
|
9
|
-
TCellAgent::UserInformation.class_eval do
|
10
|
-
class << self
|
11
|
-
alias_method :original_get_user_from_request, :get_user_from_request
|
12
|
-
def get_user_from_request(request)
|
13
|
-
orig_user_id = original_get_user_from_request(request)
|
14
|
-
begin
|
15
|
-
if request.session && request.session.key?('warden.user.user.key')
|
16
|
-
userkey = request.session['warden.user.user.key']
|
17
|
-
user_id = if userkey.length == 2
|
18
|
-
userkey[0][0]
|
19
|
-
else
|
20
|
-
userkey[1][0]
|
21
|
-
end
|
22
|
-
return user_id.to_s if user_id.is_a? Integer
|
23
|
-
end
|
24
|
-
rescue StandardError
|
25
|
-
return orig_user_id
|
26
|
-
end
|
27
|
-
orig_user_id
|
28
|
-
end
|
29
|
-
end
|
30
|
-
end
|
31
|
-
end
|
32
|
-
end
|
33
|
-
end
|
@@ -1,12 +0,0 @@
|
|
1
|
-
module TCellAgent
|
2
|
-
class TCellAgentStartupRailtie < Rails::Railtie
|
3
|
-
# TCellAgent config can be specified thru Rails initializer's
|
4
|
-
# (https://guides.rubyonrails.org/v2.3/configuring.html#using-initializers)
|
5
|
-
# so those need to run first before the agent is started
|
6
|
-
initializer :start_tcell_agent,
|
7
|
-
:after => :load_config_initializers,
|
8
|
-
:before => :tcell_instrument_auth_frameworks do |_app|
|
9
|
-
TCellAgent.thread_agent.start('Unicorn')
|
10
|
-
end
|
11
|
-
end
|
12
|
-
end
|
@@ -1,195 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
|
3
|
-
module TCellAgent
|
4
|
-
module Config
|
5
|
-
describe Validate do
|
6
|
-
describe '.get_unknown_options' do
|
7
|
-
context 'with an unknown tcell environment variable set' do
|
8
|
-
it 'should return a message about the unknown variable' do
|
9
|
-
orig_allow_ap = ENV.fetch('TCELL_AGENT_ALLOW_PAYLOADS', nil)
|
10
|
-
orig_demomode = ENV.fetch('TCELL_DEMOMODE', nil)
|
11
|
-
orig_agent_home = ENV.fetch('TCELL_AGENT_HOME', nil)
|
12
|
-
orig_agent_log_dir = ENV.fetch('TCELL_AGENT_LOG_DIR', nil)
|
13
|
-
orig_agent_config = ENV.fetch('TCELL_AGENT_CONFIG', nil)
|
14
|
-
orig_agent_app_id = ENV.fetch('TCELL_AGENT_APP_ID', nil)
|
15
|
-
orig_agent_api_key = ENV.fetch('TCELL_AGENT_API_KEY', nil)
|
16
|
-
orig_agent_host_identifier = ENV.fetch('TCELL_AGENT_HOST_IDENTIFIER', nil)
|
17
|
-
orig_input_url = ENV.fetch('TCELL_INPUT_URL', nil)
|
18
|
-
orig_hmac_key = ENV.fetch('TCELL_HMAC_KEY', nil)
|
19
|
-
orig_api_url = ENV.fetch('TCELL_API_URL', nil)
|
20
|
-
orig_password_hmac_key = ENV.fetch('TCELL_PASSWORD_HMAC_KEY', nil)
|
21
|
-
|
22
|
-
ENV['TCELL_HACK'] = 'hack the system'
|
23
|
-
ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = 'valid'
|
24
|
-
ENV['TCELL_DEMOMODE'] = 'valid'
|
25
|
-
ENV['TCELL_AGENT_HOME'] = 'valid'
|
26
|
-
ENV['TCELL_AGENT_LOG_DIR'] = 'valid'
|
27
|
-
ENV['TCELL_AGENT_CONFIG'] = 'valid'
|
28
|
-
ENV['TCELL_AGENT_APP_ID'] = 'valid'
|
29
|
-
ENV['TCELL_AGENT_API_KEY'] = 'valid'
|
30
|
-
ENV['TCELL_AGENT_HOST_IDENTIFIER'] = 'valid'
|
31
|
-
ENV['TCELL_INPUT_URL'] = 'valid'
|
32
|
-
ENV['TCELL_HMAC_KEY'] = 'valid'
|
33
|
-
ENV['TCELL_API_URL'] = 'valid'
|
34
|
-
ENV['TCELL_PASSWORD_HMAC_KEY'] = 'valid'
|
35
|
-
|
36
|
-
messages = Validate.get_unknown_options(nil)
|
37
|
-
|
38
|
-
ENV.delete 'TCELL_HACK'
|
39
|
-
|
40
|
-
if orig_allow_ap
|
41
|
-
ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = orig_allow_ap
|
42
|
-
else
|
43
|
-
ENV.delete 'TCELL_AGENT_ALLOW_PAYLOADS'
|
44
|
-
end
|
45
|
-
if orig_demomode
|
46
|
-
ENV['TCELL_DEMOMODE'] = orig_demomode
|
47
|
-
else
|
48
|
-
ENV.delete 'TCELL_DEMOMODE'
|
49
|
-
end
|
50
|
-
if orig_agent_home
|
51
|
-
ENV['TCELL_AGENT_HOME'] = orig_agent_home
|
52
|
-
else
|
53
|
-
ENV.delete 'TCELL_AGENT_HOME'
|
54
|
-
end
|
55
|
-
if orig_agent_log_dir
|
56
|
-
ENV['TCELL_AGENT_LOG_DIR'] = orig_agent_log_dir
|
57
|
-
else
|
58
|
-
ENV.delete 'TCELL_AGENT_LOG_DIR'
|
59
|
-
end
|
60
|
-
if orig_agent_config
|
61
|
-
ENV['TCELL_AGENT_CONFIG'] = orig_agent_config
|
62
|
-
else
|
63
|
-
ENV.delete 'TCELL_AGENT_CONFIG'
|
64
|
-
end
|
65
|
-
if orig_agent_app_id
|
66
|
-
ENV['TCELL_AGENT_APP_ID'] = orig_agent_app_id
|
67
|
-
else
|
68
|
-
ENV.delete 'TCELL_AGENT_APP_ID'
|
69
|
-
end
|
70
|
-
if orig_agent_api_key
|
71
|
-
ENV['TCELL_AGENT_API_KEY'] = orig_agent_api_key
|
72
|
-
else
|
73
|
-
ENV.delete 'TCELL_AGENT_API_KEY'
|
74
|
-
end
|
75
|
-
if orig_agent_host_identifier
|
76
|
-
ENV['TCELL_AGENT_HOST_IDENTIFIER'] = orig_agent_host_identifier
|
77
|
-
else
|
78
|
-
ENV.delete 'TCELL_AGENT_HOST_IDENTIFIER'
|
79
|
-
end
|
80
|
-
if orig_input_url
|
81
|
-
ENV['TCELL_INPUT_URL'] = orig_input_url
|
82
|
-
else
|
83
|
-
ENV.delete 'TCELL_INPUT_URL'
|
84
|
-
end
|
85
|
-
if orig_hmac_key
|
86
|
-
ENV['TCELL_HMAC_KEY'] = orig_hmac_key
|
87
|
-
else
|
88
|
-
ENV.delete 'TCELL_HMAC_KEY'
|
89
|
-
end
|
90
|
-
if orig_password_hmac_key
|
91
|
-
ENV['TCELL_PASSWORD_HMAC_KEY'] = orig_password_hmac_key
|
92
|
-
else
|
93
|
-
ENV.delete 'TCELL_PASSWORD_HMAC_KEY'
|
94
|
-
end
|
95
|
-
if orig_api_url
|
96
|
-
ENV['TCELL_API_URL'] = orig_api_url
|
97
|
-
else
|
98
|
-
ENV.delete 'TCELL_API_URL'
|
99
|
-
end
|
100
|
-
|
101
|
-
expect(messages.sort).to eq(
|
102
|
-
[
|
103
|
-
'Unrecognized environment parameter (TCELL_*) found: TCELL_HACK'
|
104
|
-
]
|
105
|
-
)
|
106
|
-
end
|
107
|
-
end
|
108
|
-
|
109
|
-
context 'with a config json with all options including some extra ones' do
|
110
|
-
it 'should report the extra options in messages' do
|
111
|
-
config_json = {
|
112
|
-
'first_level' => 'boo',
|
113
|
-
'version' => 1,
|
114
|
-
'applications' => [
|
115
|
-
{
|
116
|
-
'second_level' => 'boo',
|
117
|
-
'name' => 'name',
|
118
|
-
'app_id' => 'app id',
|
119
|
-
'api_key' => 'api key',
|
120
|
-
'fetch_policies_from_tcell' => true,
|
121
|
-
'preload_policy_filename' => 'preload policy filename',
|
122
|
-
'log_dir' => 'custom log dir',
|
123
|
-
'logging_options' => {
|
124
|
-
'logging_level' => 'boo',
|
125
|
-
'enabled' => true,
|
126
|
-
'level' => 'DEBUG',
|
127
|
-
'filename' => 'filename'
|
128
|
-
},
|
129
|
-
'tcell_api_url' => 'tcell api url',
|
130
|
-
'tcell_input_url' => 'tcell input url',
|
131
|
-
'host_identifier' => 'host identifier',
|
132
|
-
'hipaaSafeMode' => 'hipaa safe mode',
|
133
|
-
'hmac_key' => 'hmac key',
|
134
|
-
'password_hmac_key' => 'password_hmac_key',
|
135
|
-
'js_agent_api_base_url' => 'js agent api base url',
|
136
|
-
'js_agent_url' => 'js agent url',
|
137
|
-
'max_csp_header_bytes' => 512,
|
138
|
-
'event_batch_size_limit' => 50,
|
139
|
-
'allow_payloads' => true,
|
140
|
-
'data_exposure' => {
|
141
|
-
'data_ex_level' => 'boo',
|
142
|
-
'max_data_ex_db_records_per_request' => 10_000
|
143
|
-
},
|
144
|
-
'reverse_proxy' => true,
|
145
|
-
'reverse_proxy_ip_address_header' => 'reverse proxy ip address header',
|
146
|
-
'demomode' => true,
|
147
|
-
# Ruby only
|
148
|
-
'disable_all' => false,
|
149
|
-
'enabled' => true,
|
150
|
-
'enable_event_manager' => true,
|
151
|
-
'enable_policy_polling' => true,
|
152
|
-
'enable_instrumentation' => true,
|
153
|
-
'enable_intercept_requests' => true,
|
154
|
-
'instrument_for_events' => true,
|
155
|
-
'enabled_instrumentations' => {
|
156
|
-
'enabled_instrumentations_level' => 'blah',
|
157
|
-
'doorkeeper' => true,
|
158
|
-
'devise' => true,
|
159
|
-
'authlogic' => true
|
160
|
-
}
|
161
|
-
}
|
162
|
-
]
|
163
|
-
}
|
164
|
-
|
165
|
-
messages = Validate.get_unknown_options(config_json)
|
166
|
-
|
167
|
-
expect(messages.sort).to eq(
|
168
|
-
[
|
169
|
-
'Unrecognized config setting key: data_ex_level',
|
170
|
-
'Unrecognized config setting key: enabled_instrumentations_level',
|
171
|
-
'Unrecognized config setting key: first_level',
|
172
|
-
'Unrecognized config setting key: logging_level',
|
173
|
-
'Unrecognized config setting key: second_level'
|
174
|
-
]
|
175
|
-
)
|
176
|
-
end
|
177
|
-
end
|
178
|
-
|
179
|
-
context 'with a config json that has more than one application' do
|
180
|
-
it 'should report the misconfiguration' do
|
181
|
-
config_json = { 'version' => 1, 'applications' => [{}, {}] }
|
182
|
-
|
183
|
-
messages = Validate.get_unknown_options(config_json)
|
184
|
-
|
185
|
-
expect(messages.sort).to eq(
|
186
|
-
[
|
187
|
-
'Multiple applications detected in config file'
|
188
|
-
]
|
189
|
-
)
|
190
|
-
end
|
191
|
-
end
|
192
|
-
end
|
193
|
-
end
|
194
|
-
end
|
195
|
-
end
|