tcell_agent 2.0.0 → 2.2.1

Sign up to get free protection for your applications and to get access to all the features.
Files changed (64) hide show
  1. checksums.yaml +4 -4
  2. data/bin/tcell_agent +42 -146
  3. data/lib/tcell_agent.rb +8 -16
  4. data/lib/tcell_agent/agent.rb +76 -46
  5. data/lib/tcell_agent/config_initializer.rb +66 -0
  6. data/lib/tcell_agent/configuration.rb +72 -267
  7. data/lib/tcell_agent/instrument_servers.rb +14 -18
  8. data/lib/tcell_agent/instrumentation/cmdi.rb +15 -15
  9. data/lib/tcell_agent/instrumentation/lfi.rb +21 -10
  10. data/lib/tcell_agent/instrumentation/monkey_patches/io.rb +20 -12
  11. data/lib/tcell_agent/instrumentation/monkey_patches/kernel.rb +45 -102
  12. data/lib/tcell_agent/logger.rb +1 -2
  13. data/lib/tcell_agent/policies/command_injection_policy.rb +1 -1
  14. data/lib/tcell_agent/rails/auth/authlogic.rb +49 -44
  15. data/lib/tcell_agent/rails/auth/authlogic_helper.rb +20 -0
  16. data/lib/tcell_agent/rails/auth/devise.rb +103 -102
  17. data/lib/tcell_agent/rails/auth/devise_helper.rb +29 -0
  18. data/lib/tcell_agent/rails/auth/doorkeeper.rb +54 -58
  19. data/lib/tcell_agent/{userinfo.rb → rails/auth/userinfo.rb} +0 -0
  20. data/lib/tcell_agent/rails/csrf_exception.rb +0 -8
  21. data/lib/tcell_agent/rails/dlp.rb +10 -8
  22. data/lib/tcell_agent/rails/middleware/global_middleware.rb +4 -1
  23. data/lib/tcell_agent/rails/{on_start.rb → railties/tcell_agent_railties.rb} +9 -16
  24. data/lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb +8 -0
  25. data/lib/tcell_agent/rails/routes.rb +6 -9
  26. data/lib/tcell_agent/rails/routes/grape.rb +4 -12
  27. data/lib/tcell_agent/rails/tcell_body_proxy.rb +0 -1
  28. data/lib/tcell_agent/rust/agent_config.rb +43 -32
  29. data/lib/tcell_agent/rust/{libtcellagent-4.14.0.dylib → libtcellagent-5.0.2.dylib} +0 -0
  30. data/lib/tcell_agent/rust/{libtcellagent-4.14.0.so → libtcellagent-5.0.2.so} +0 -0
  31. data/lib/tcell_agent/rust/{libtcellagent-alpine-4.14.0.so → libtcellagent-alpine-5.0.2.so} +0 -0
  32. data/lib/tcell_agent/rust/models.rb +9 -0
  33. data/lib/tcell_agent/rust/native_agent.rb +18 -0
  34. data/lib/tcell_agent/rust/native_library.rb +2 -1
  35. data/lib/tcell_agent/rust/{tcellagent-4.14.0.dll → tcellagent-5.0.2.dll} +0 -0
  36. data/lib/tcell_agent/servers/puma.rb +7 -7
  37. data/lib/tcell_agent/servers/rack_puma_handler.rb +23 -0
  38. data/lib/tcell_agent/servers/rails_server.rb +4 -4
  39. data/lib/tcell_agent/servers/unicorn.rb +1 -1
  40. data/lib/tcell_agent/servers/webrick.rb +0 -1
  41. data/lib/tcell_agent/settings_reporter.rb +0 -79
  42. data/lib/tcell_agent/tcell_context.rb +1 -1
  43. data/lib/tcell_agent/version.rb +1 -1
  44. data/spec/lib/tcell_agent/configuration_spec.rb +62 -212
  45. data/spec/lib/tcell_agent/instrument_servers_spec.rb +95 -0
  46. data/spec/lib/tcell_agent/{cmdi_spec.rb → instrumentation/cmdi_spec.rb} +50 -0
  47. data/spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb +6 -0
  48. data/spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb +19 -4
  49. data/spec/lib/tcell_agent/instrumentation/lfi_spec.rb +47 -2
  50. data/spec/lib/tcell_agent/rust/agent_config_spec.rb +27 -0
  51. data/spec/lib/tcell_agent/settings_reporter_spec.rb +0 -73
  52. data/spec/spec_helper.rb +6 -0
  53. data/spec/support/builders.rb +6 -6
  54. data/spec/support/server_mocks/passenger_mock.rb +7 -0
  55. data/spec/support/server_mocks/puma_mock.rb +17 -0
  56. data/spec/support/server_mocks/rails_mock.rb +7 -0
  57. data/spec/support/server_mocks/thin_mock.rb +7 -0
  58. data/spec/support/server_mocks/unicorn_mock.rb +11 -0
  59. metadata +29 -16
  60. data/lib/tcell_agent/authlogic.rb +0 -23
  61. data/lib/tcell_agent/config/unknown_options.rb +0 -119
  62. data/lib/tcell_agent/devise.rb +0 -33
  63. data/lib/tcell_agent/rails/start_agent_after_initializers.rb +0 -12
  64. data/spec/lib/tcell_agent/config/unknown_options_spec.rb +0 -195
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module PhusionPassenger
4
+ module LoaderSharedHelpers
5
+ def before_handling_requests; end
6
+ end
7
+ end
@@ -0,0 +1,17 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Puma
4
+ class Server
5
+ def run; end
6
+ end
7
+
8
+ class Config
9
+ def self.options
10
+ {}
11
+ end
12
+ end
13
+
14
+ def self.cli_config
15
+ Config
16
+ end
17
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Rails
4
+ module Server
5
+ def build_app; end
6
+ end
7
+ end
@@ -0,0 +1,7 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Thin
4
+ module Server
5
+ def start; end
6
+ end
7
+ end
@@ -0,0 +1,11 @@
1
+ # frozen_string_literal: true
2
+
3
+ module Unicorn
4
+ class HttpServer
5
+ START_CTX = {}.freeze
6
+
7
+ def init_worker_process; end
8
+
9
+ def load_config!; end
10
+ end
11
+ end
metadata CHANGED
@@ -1,14 +1,14 @@
1
1
  --- !ruby/object:Gem::Specification
2
2
  name: tcell_agent
3
3
  version: !ruby/object:Gem::Version
4
- version: 2.0.0
4
+ version: 2.2.1
5
5
  platform: ruby
6
6
  authors:
7
7
  - Rafael
8
8
  autorequire:
9
9
  bindir: bin
10
10
  cert_chain: []
11
- date: 2020-02-04 00:00:00.000000000 Z
11
+ date: 2020-08-04 00:00:00.000000000 Z
12
12
  dependencies:
13
13
  - !ruby/object:Gem::Dependency
14
14
  name: ffi
@@ -111,10 +111,8 @@ files:
111
111
  - lib/tcell_agent/agent.rb
112
112
  - lib/tcell_agent/agent/route_manager.rb
113
113
  - lib/tcell_agent/agent/static_agent.rb
114
- - lib/tcell_agent/authlogic.rb
115
- - lib/tcell_agent/config/unknown_options.rb
114
+ - lib/tcell_agent/config_initializer.rb
116
115
  - lib/tcell_agent/configuration.rb
117
- - lib/tcell_agent/devise.rb
118
116
  - lib/tcell_agent/hooks/login_fraud.rb
119
117
  - lib/tcell_agent/instrument_servers.rb
120
118
  - lib/tcell_agent/instrumentation.rb
@@ -140,8 +138,11 @@ files:
140
138
  - lib/tcell_agent/policies/policy_types.rb
141
139
  - lib/tcell_agent/policies/system_enablements.rb
142
140
  - lib/tcell_agent/rails/auth/authlogic.rb
141
+ - lib/tcell_agent/rails/auth/authlogic_helper.rb
143
142
  - lib/tcell_agent/rails/auth/devise.rb
143
+ - lib/tcell_agent/rails/auth/devise_helper.rb
144
144
  - lib/tcell_agent/rails/auth/doorkeeper.rb
145
+ - lib/tcell_agent/rails/auth/userinfo.rb
145
146
  - lib/tcell_agent/rails/better_ip.rb
146
147
  - lib/tcell_agent/rails/csrf_exception.rb
147
148
  - lib/tcell_agent/rails/dlp.rb
@@ -152,24 +153,24 @@ files:
152
153
  - lib/tcell_agent/rails/middleware/context_middleware.rb
153
154
  - lib/tcell_agent/rails/middleware/global_middleware.rb
154
155
  - lib/tcell_agent/rails/middleware/headers_middleware.rb
155
- - lib/tcell_agent/rails/on_start.rb
156
+ - lib/tcell_agent/rails/railties/tcell_agent_railties.rb
157
+ - lib/tcell_agent/rails/railties/tcell_agent_unicorn_railties.rb
156
158
  - lib/tcell_agent/rails/responses.rb
157
159
  - lib/tcell_agent/rails/routes.rb
158
160
  - lib/tcell_agent/rails/routes/grape.rb
159
161
  - lib/tcell_agent/rails/routes/route_id.rb
160
162
  - lib/tcell_agent/rails/settings_reporter.rb
161
- - lib/tcell_agent/rails/start_agent_after_initializers.rb
162
163
  - lib/tcell_agent/rails/tcell_body_proxy.rb
163
164
  - lib/tcell_agent/routes/table.rb
164
165
  - lib/tcell_agent/rust/agent_config.rb
165
- - lib/tcell_agent/rust/libtcellagent-4.14.0.dylib
166
- - lib/tcell_agent/rust/libtcellagent-4.14.0.so
167
- - lib/tcell_agent/rust/libtcellagent-alpine-4.14.0.so
166
+ - lib/tcell_agent/rust/libtcellagent-5.0.2.dylib
167
+ - lib/tcell_agent/rust/libtcellagent-5.0.2.so
168
+ - lib/tcell_agent/rust/libtcellagent-alpine-5.0.2.so
168
169
  - lib/tcell_agent/rust/models.rb
169
170
  - lib/tcell_agent/rust/native_agent.rb
170
171
  - lib/tcell_agent/rust/native_agent_response.rb
171
172
  - lib/tcell_agent/rust/native_library.rb
172
- - lib/tcell_agent/rust/tcellagent-4.14.0.dll
173
+ - lib/tcell_agent/rust/tcellagent-5.0.2.dll
173
174
  - lib/tcell_agent/sensor_events/agent_setting_event.rb
174
175
  - lib/tcell_agent/sensor_events/app_config_setting_event.rb
175
176
  - lib/tcell_agent/sensor_events/discovery.rb
@@ -180,6 +181,7 @@ files:
180
181
  - lib/tcell_agent/sensor_events/util/utils.rb
181
182
  - lib/tcell_agent/servers/passenger.rb
182
183
  - lib/tcell_agent/servers/puma.rb
184
+ - lib/tcell_agent/servers/rack_puma_handler.rb
183
185
  - lib/tcell_agent/servers/rails_server.rb
184
186
  - lib/tcell_agent/servers/thin.rb
185
187
  - lib/tcell_agent/servers/unicorn.rb
@@ -187,17 +189,16 @@ files:
187
189
  - lib/tcell_agent/settings_reporter.rb
188
190
  - lib/tcell_agent/sinatra.rb
189
191
  - lib/tcell_agent/tcell_context.rb
190
- - lib/tcell_agent/userinfo.rb
191
192
  - lib/tcell_agent/utils/headers.rb
192
193
  - lib/tcell_agent/utils/params.rb
193
194
  - lib/tcell_agent/utils/strings.rb
194
195
  - lib/tcell_agent/version.rb
195
- - spec/lib/tcell_agent/cmdi_spec.rb
196
- - spec/lib/tcell_agent/config/unknown_options_spec.rb
197
196
  - spec/lib/tcell_agent/configuration_spec.rb
198
197
  - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
198
+ - spec/lib/tcell_agent/instrument_servers_spec.rb
199
199
  - spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
200
200
  - spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
201
+ - spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
201
202
  - spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
202
203
  - spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
203
204
  - spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
@@ -226,6 +227,7 @@ files:
226
227
  - spec/lib/tcell_agent/rails/routes/route_id_spec.rb
227
228
  - spec/lib/tcell_agent/rails/routes/routes_spec.rb
228
229
  - spec/lib/tcell_agent/rails_spec.rb
230
+ - spec/lib/tcell_agent/rust/agent_config_spec.rb
229
231
  - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
230
232
  - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
231
233
  - spec/lib/tcell_agent/settings_reporter_spec.rb
@@ -238,6 +240,11 @@ files:
238
240
  - spec/support/middleware_helper.rb
239
241
  - spec/support/resources/lfi_sample_file.txt
240
242
  - spec/support/resources/normal_config.json
243
+ - spec/support/server_mocks/passenger_mock.rb
244
+ - spec/support/server_mocks/puma_mock.rb
245
+ - spec/support/server_mocks/rails_mock.rb
246
+ - spec/support/server_mocks/thin_mock.rb
247
+ - spec/support/server_mocks/unicorn_mock.rb
241
248
  - spec/support/static_agent_overrides.rb
242
249
  - tcell_agent.gemspec
243
250
  homepage: https://www.tcell.io
@@ -266,12 +273,12 @@ signing_key:
266
273
  specification_version: 4
267
274
  summary: tCell.io Agent for Rails
268
275
  test_files:
269
- - spec/lib/tcell_agent/cmdi_spec.rb
270
- - spec/lib/tcell_agent/config/unknown_options_spec.rb
271
276
  - spec/lib/tcell_agent/configuration_spec.rb
272
277
  - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
278
+ - spec/lib/tcell_agent/instrument_servers_spec.rb
273
279
  - spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
274
280
  - spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
281
+ - spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
275
282
  - spec/lib/tcell_agent/instrumentation/lfi/file_lfi_spec.rb
276
283
  - spec/lib/tcell_agent/instrumentation/lfi/io_lfi_spec.rb
277
284
  - spec/lib/tcell_agent/instrumentation/lfi/kernel_lfi_spec.rb
@@ -300,6 +307,7 @@ test_files:
300
307
  - spec/lib/tcell_agent/rails/routes/route_id_spec.rb
301
308
  - spec/lib/tcell_agent/rails/routes/routes_spec.rb
302
309
  - spec/lib/tcell_agent/rails_spec.rb
310
+ - spec/lib/tcell_agent/rust/agent_config_spec.rb
303
311
  - spec/lib/tcell_agent/sensor_events/dlp_spec.rb
304
312
  - spec/lib/tcell_agent/sensor_events/util/sanitizer_utilities_spec.rb
305
313
  - spec/lib/tcell_agent/settings_reporter_spec.rb
@@ -312,4 +320,9 @@ test_files:
312
320
  - spec/support/middleware_helper.rb
313
321
  - spec/support/resources/lfi_sample_file.txt
314
322
  - spec/support/resources/normal_config.json
323
+ - spec/support/server_mocks/passenger_mock.rb
324
+ - spec/support/server_mocks/puma_mock.rb
325
+ - spec/support/server_mocks/rails_mock.rb
326
+ - spec/support/server_mocks/thin_mock.rb
327
+ - spec/support/server_mocks/unicorn_mock.rb
315
328
  - spec/support/static_agent_overrides.rb
@@ -1,23 +0,0 @@
1
- if TCellAgent.configuration.should_instrument_authlogic? && defined?(Authlogic)
2
-
3
- require 'tcell_agent/userinfo'
4
-
5
- module TCellAgent
6
- TCellAgent::UserInformation.class_eval do
7
- class << self
8
- alias_method :original_get_user_from_request, :get_user_from_request
9
- def get_user_from_request(request)
10
- orig_user_id = original_get_user_from_request(request)
11
- begin
12
- if request.session && request.session.key?('user_credentials_id')
13
- return request.session['user_credentials_id'].to_s
14
- end
15
- rescue StandardError
16
- return orig_user_id
17
- end
18
- orig_user_id
19
- end
20
- end
21
- end
22
- end
23
- end
@@ -1,119 +0,0 @@
1
- require 'set'
2
-
3
- module TCellAgent
4
- module Config
5
- module Validate
6
- def self.get_unknown_options(config_json)
7
- messages = []
8
-
9
- known_tcell_env_vars = Set.new(
10
- [
11
- 'TCELL_AGENT_SERVER', # this is only meant for specs
12
- 'TCELL_AGENT_APP_ID',
13
- 'TCELL_AGENT_API_KEY',
14
- 'TCELL_HMAC_KEY',
15
- 'TCELL_PASSWORD_HMAC_KEY',
16
- 'TCELL_AGENT_HOST_IDENTIFIER',
17
- 'TCELL_API_URL',
18
- 'TCELL_INPUT_URL',
19
- 'TCELL_DEMOMODE',
20
- 'TCELL_AGENT_HOME',
21
- 'TCELL_AGENT_LOG_DIR',
22
- 'TCELL_AGENT_CONFIG',
23
- 'TCELL_AGENT_ALLOW_PAYLOADS',
24
- 'TCELL_AGENT_LOG_LEVEL',
25
- 'TCELL_AGENT_LOG_FILENAME',
26
- 'TCELL_AGENT_LOG_ENABLED'
27
- ]
28
- )
29
-
30
- ENV.keys.each do |environment_key|
31
- if environment_key =~ /^TCELL_/ && !known_tcell_env_vars.include?(environment_key)
32
- messages << "Unrecognized environment parameter (TCELL_*) found: #{environment_key}"
33
- end
34
- end
35
-
36
- begin
37
- key_differences = []
38
-
39
- if config_json
40
- first_level_keys = %w[version applications]
41
-
42
- key_differences = config_json.keys - first_level_keys
43
-
44
- applications = config_json.fetch('applications', nil)
45
- if applications
46
-
47
- if applications.size > 1
48
- messages << 'Multiple applications detected in config file'
49
-
50
- elsif applications.size == 1
51
- application = applications[0]
52
-
53
- second_level_keys = %w[
54
- name
55
- app_id
56
- api_key
57
- fetch_policies_from_tcell
58
- preload_policy_filename
59
- log_dir
60
- tcell_api_url
61
- tcell_input_url
62
- host_identifier
63
- hipaaSafeMode
64
- hmac_key
65
- password_hmac_key
66
- js_agent_api_base_url
67
- js_agent_url
68
- max_csp_header_bytes
69
- event_batch_size_limit
70
- allow_payloads
71
- reverse_proxy
72
- reverse_proxy_ip_address_header
73
- demomode
74
- logging_options
75
- data_exposure
76
- disable_all
77
- enabled
78
- enable_event_manager
79
- enable_policy_polling
80
- enable_instrumentation
81
- enable_intercept_requests
82
- instrument_for_events
83
- enabled_instrumentations
84
- stdout_logger
85
- ]
86
-
87
- key_differences += (application.keys - second_level_keys)
88
-
89
- if application.fetch('logging_options', nil)
90
- logging_options = application['logging_options']
91
- key_differences += (logging_options.keys - %w[enabled level filename])
92
- end
93
-
94
- if application.fetch('data_exposure', nil)
95
- data_exposure = application['data_exposure']
96
- key_differences += (data_exposure.keys - ['max_data_ex_db_records_per_request'])
97
- end
98
-
99
- if application.fetch('enabled_instrumentations', nil)
100
- enabled_instrumentations = application['enabled_instrumentations']
101
- key_differences += (enabled_instrumentations.keys - %w[doorkeeper devise authlogic])
102
- end
103
- end
104
- end
105
-
106
- key_differences.each do |key|
107
- messages << "Unrecognized config setting key: #{key}"
108
- end
109
-
110
- end
111
- rescue StandardError => exception
112
- messages << "Something went wrong verifying config file: #{exception}"
113
- end
114
-
115
- messages
116
- end
117
- end
118
- end
119
- end
@@ -1,33 +0,0 @@
1
- if TCellAgent.configuration.should_instrument_devise? && defined?(Devise)
2
- require 'devise'
3
- require 'devise/rails'
4
- require 'devise/strategies/database_authenticatable'
5
- require 'tcell_agent/userinfo'
6
-
7
- module TCellAgent
8
- if defined?(Devise)
9
- TCellAgent::UserInformation.class_eval do
10
- class << self
11
- alias_method :original_get_user_from_request, :get_user_from_request
12
- def get_user_from_request(request)
13
- orig_user_id = original_get_user_from_request(request)
14
- begin
15
- if request.session && request.session.key?('warden.user.user.key')
16
- userkey = request.session['warden.user.user.key']
17
- user_id = if userkey.length == 2
18
- userkey[0][0]
19
- else
20
- userkey[1][0]
21
- end
22
- return user_id.to_s if user_id.is_a? Integer
23
- end
24
- rescue StandardError
25
- return orig_user_id
26
- end
27
- orig_user_id
28
- end
29
- end
30
- end
31
- end
32
- end
33
- end
@@ -1,12 +0,0 @@
1
- module TCellAgent
2
- class TCellAgentStartupRailtie < Rails::Railtie
3
- # TCellAgent config can be specified thru Rails initializer's
4
- # (https://guides.rubyonrails.org/v2.3/configuring.html#using-initializers)
5
- # so those need to run first before the agent is started
6
- initializer :start_tcell_agent,
7
- :after => :load_config_initializers,
8
- :before => :tcell_instrument_auth_frameworks do |_app|
9
- TCellAgent.thread_agent.start('Unicorn')
10
- end
11
- end
12
- end
@@ -1,195 +0,0 @@
1
- require 'spec_helper'
2
-
3
- module TCellAgent
4
- module Config
5
- describe Validate do
6
- describe '.get_unknown_options' do
7
- context 'with an unknown tcell environment variable set' do
8
- it 'should return a message about the unknown variable' do
9
- orig_allow_ap = ENV.fetch('TCELL_AGENT_ALLOW_PAYLOADS', nil)
10
- orig_demomode = ENV.fetch('TCELL_DEMOMODE', nil)
11
- orig_agent_home = ENV.fetch('TCELL_AGENT_HOME', nil)
12
- orig_agent_log_dir = ENV.fetch('TCELL_AGENT_LOG_DIR', nil)
13
- orig_agent_config = ENV.fetch('TCELL_AGENT_CONFIG', nil)
14
- orig_agent_app_id = ENV.fetch('TCELL_AGENT_APP_ID', nil)
15
- orig_agent_api_key = ENV.fetch('TCELL_AGENT_API_KEY', nil)
16
- orig_agent_host_identifier = ENV.fetch('TCELL_AGENT_HOST_IDENTIFIER', nil)
17
- orig_input_url = ENV.fetch('TCELL_INPUT_URL', nil)
18
- orig_hmac_key = ENV.fetch('TCELL_HMAC_KEY', nil)
19
- orig_api_url = ENV.fetch('TCELL_API_URL', nil)
20
- orig_password_hmac_key = ENV.fetch('TCELL_PASSWORD_HMAC_KEY', nil)
21
-
22
- ENV['TCELL_HACK'] = 'hack the system'
23
- ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = 'valid'
24
- ENV['TCELL_DEMOMODE'] = 'valid'
25
- ENV['TCELL_AGENT_HOME'] = 'valid'
26
- ENV['TCELL_AGENT_LOG_DIR'] = 'valid'
27
- ENV['TCELL_AGENT_CONFIG'] = 'valid'
28
- ENV['TCELL_AGENT_APP_ID'] = 'valid'
29
- ENV['TCELL_AGENT_API_KEY'] = 'valid'
30
- ENV['TCELL_AGENT_HOST_IDENTIFIER'] = 'valid'
31
- ENV['TCELL_INPUT_URL'] = 'valid'
32
- ENV['TCELL_HMAC_KEY'] = 'valid'
33
- ENV['TCELL_API_URL'] = 'valid'
34
- ENV['TCELL_PASSWORD_HMAC_KEY'] = 'valid'
35
-
36
- messages = Validate.get_unknown_options(nil)
37
-
38
- ENV.delete 'TCELL_HACK'
39
-
40
- if orig_allow_ap
41
- ENV['TCELL_AGENT_ALLOW_PAYLOADS'] = orig_allow_ap
42
- else
43
- ENV.delete 'TCELL_AGENT_ALLOW_PAYLOADS'
44
- end
45
- if orig_demomode
46
- ENV['TCELL_DEMOMODE'] = orig_demomode
47
- else
48
- ENV.delete 'TCELL_DEMOMODE'
49
- end
50
- if orig_agent_home
51
- ENV['TCELL_AGENT_HOME'] = orig_agent_home
52
- else
53
- ENV.delete 'TCELL_AGENT_HOME'
54
- end
55
- if orig_agent_log_dir
56
- ENV['TCELL_AGENT_LOG_DIR'] = orig_agent_log_dir
57
- else
58
- ENV.delete 'TCELL_AGENT_LOG_DIR'
59
- end
60
- if orig_agent_config
61
- ENV['TCELL_AGENT_CONFIG'] = orig_agent_config
62
- else
63
- ENV.delete 'TCELL_AGENT_CONFIG'
64
- end
65
- if orig_agent_app_id
66
- ENV['TCELL_AGENT_APP_ID'] = orig_agent_app_id
67
- else
68
- ENV.delete 'TCELL_AGENT_APP_ID'
69
- end
70
- if orig_agent_api_key
71
- ENV['TCELL_AGENT_API_KEY'] = orig_agent_api_key
72
- else
73
- ENV.delete 'TCELL_AGENT_API_KEY'
74
- end
75
- if orig_agent_host_identifier
76
- ENV['TCELL_AGENT_HOST_IDENTIFIER'] = orig_agent_host_identifier
77
- else
78
- ENV.delete 'TCELL_AGENT_HOST_IDENTIFIER'
79
- end
80
- if orig_input_url
81
- ENV['TCELL_INPUT_URL'] = orig_input_url
82
- else
83
- ENV.delete 'TCELL_INPUT_URL'
84
- end
85
- if orig_hmac_key
86
- ENV['TCELL_HMAC_KEY'] = orig_hmac_key
87
- else
88
- ENV.delete 'TCELL_HMAC_KEY'
89
- end
90
- if orig_password_hmac_key
91
- ENV['TCELL_PASSWORD_HMAC_KEY'] = orig_password_hmac_key
92
- else
93
- ENV.delete 'TCELL_PASSWORD_HMAC_KEY'
94
- end
95
- if orig_api_url
96
- ENV['TCELL_API_URL'] = orig_api_url
97
- else
98
- ENV.delete 'TCELL_API_URL'
99
- end
100
-
101
- expect(messages.sort).to eq(
102
- [
103
- 'Unrecognized environment parameter (TCELL_*) found: TCELL_HACK'
104
- ]
105
- )
106
- end
107
- end
108
-
109
- context 'with a config json with all options including some extra ones' do
110
- it 'should report the extra options in messages' do
111
- config_json = {
112
- 'first_level' => 'boo',
113
- 'version' => 1,
114
- 'applications' => [
115
- {
116
- 'second_level' => 'boo',
117
- 'name' => 'name',
118
- 'app_id' => 'app id',
119
- 'api_key' => 'api key',
120
- 'fetch_policies_from_tcell' => true,
121
- 'preload_policy_filename' => 'preload policy filename',
122
- 'log_dir' => 'custom log dir',
123
- 'logging_options' => {
124
- 'logging_level' => 'boo',
125
- 'enabled' => true,
126
- 'level' => 'DEBUG',
127
- 'filename' => 'filename'
128
- },
129
- 'tcell_api_url' => 'tcell api url',
130
- 'tcell_input_url' => 'tcell input url',
131
- 'host_identifier' => 'host identifier',
132
- 'hipaaSafeMode' => 'hipaa safe mode',
133
- 'hmac_key' => 'hmac key',
134
- 'password_hmac_key' => 'password_hmac_key',
135
- 'js_agent_api_base_url' => 'js agent api base url',
136
- 'js_agent_url' => 'js agent url',
137
- 'max_csp_header_bytes' => 512,
138
- 'event_batch_size_limit' => 50,
139
- 'allow_payloads' => true,
140
- 'data_exposure' => {
141
- 'data_ex_level' => 'boo',
142
- 'max_data_ex_db_records_per_request' => 10_000
143
- },
144
- 'reverse_proxy' => true,
145
- 'reverse_proxy_ip_address_header' => 'reverse proxy ip address header',
146
- 'demomode' => true,
147
- # Ruby only
148
- 'disable_all' => false,
149
- 'enabled' => true,
150
- 'enable_event_manager' => true,
151
- 'enable_policy_polling' => true,
152
- 'enable_instrumentation' => true,
153
- 'enable_intercept_requests' => true,
154
- 'instrument_for_events' => true,
155
- 'enabled_instrumentations' => {
156
- 'enabled_instrumentations_level' => 'blah',
157
- 'doorkeeper' => true,
158
- 'devise' => true,
159
- 'authlogic' => true
160
- }
161
- }
162
- ]
163
- }
164
-
165
- messages = Validate.get_unknown_options(config_json)
166
-
167
- expect(messages.sort).to eq(
168
- [
169
- 'Unrecognized config setting key: data_ex_level',
170
- 'Unrecognized config setting key: enabled_instrumentations_level',
171
- 'Unrecognized config setting key: first_level',
172
- 'Unrecognized config setting key: logging_level',
173
- 'Unrecognized config setting key: second_level'
174
- ]
175
- )
176
- end
177
- end
178
-
179
- context 'with a config json that has more than one application' do
180
- it 'should report the misconfiguration' do
181
- config_json = { 'version' => 1, 'applications' => [{}, {}] }
182
-
183
- messages = Validate.get_unknown_options(config_json)
184
-
185
- expect(messages.sort).to eq(
186
- [
187
- 'Multiple applications detected in config file'
188
- ]
189
- )
190
- end
191
- end
192
- end
193
- end
194
- end
195
- end