tcell_agent 2.7.0 → 2.7.1
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/tcell_agent/agent.rb +1 -2
- data/lib/tcell_agent/instrumentation.rb +0 -192
- data/lib/tcell_agent/policies/policies_manager.rb +1 -17
- data/lib/tcell_agent/policies/policy_polling.rb +1 -2
- data/lib/tcell_agent/policies/policy_types.rb +0 -1
- data/lib/tcell_agent/rails/database.rb +49 -0
- data/lib/tcell_agent/rails/middleware/headers_middleware.rb +1 -1
- data/lib/tcell_agent/rails/railties/tcell_agent_database_railties.rb +81 -0
- data/lib/tcell_agent/rails/railties/tcell_agent_railties.rb +0 -1
- data/lib/tcell_agent/rails/routes.rb +0 -8
- data/lib/tcell_agent/rust/libtcellagent-alpine.so +0 -0
- data/lib/tcell_agent/rust/libtcellagent-x64.dll +0 -0
- data/lib/tcell_agent/rust/libtcellagent.dylib +0 -0
- data/lib/tcell_agent/rust/libtcellagent.so +0 -0
- data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +0 -17
- data/lib/tcell_agent/version.rb +1 -1
- data/lib/tcell_agent.rb +5 -3
- data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +5 -16
- data/spec/lib/tcell_agent/rails/database.rb +60 -0
- data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +2 -2
- data/spec/support/force_logger_mocking.rb +0 -8
- metadata +6 -16
- data/lib/tcell_agent/policies/dataloss_policy.rb +0 -304
- data/lib/tcell_agent/rails/dlp/process_request.rb +0 -83
- data/lib/tcell_agent/rails/dlp.rb +0 -410
- data/lib/tcell_agent/rails/dlp_handler.rb +0 -63
- data/lib/tcell_agent/sensor_events/dlp.rb +0 -53
- data/lib/tcell_agent/sinatra.rb +0 -38
- data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +0 -222
- data/spec/lib/tcell_agent/rails/dlp_spec.rb +0 -1040
- data/spec/lib/tcell_agent/rails/logger_spec.rb +0 -169
- data/spec/lib/tcell_agent/sensor_events/dlp_spec.rb +0 -14
@@ -1,222 +0,0 @@
|
|
1
|
-
require 'spec_helper'
|
2
|
-
require 'set'
|
3
|
-
|
4
|
-
module TCellAgent
|
5
|
-
module Policies
|
6
|
-
describe DataLossPolicy do
|
7
|
-
policy_json_two = {
|
8
|
-
'policy_id' => 'x1a1',
|
9
|
-
'data' => {
|
10
|
-
'session_id_protections' => { 'body' => ['redact'], 'log' => ['event'] }
|
11
|
-
}
|
12
|
-
}
|
13
|
-
policy_two = DataLossPolicy.new(policy_json_two)
|
14
|
-
context 'check session_id_protections' do
|
15
|
-
it 'gives the right actions' do
|
16
|
-
expect(policy_two.get_actions_for_session_id.body_redact).to eq(true)
|
17
|
-
expect(policy_two.get_actions_for_session_id.log_redact).to eq(nil)
|
18
|
-
expect(policy_two.get_actions_for_session_id.log_event).to eq(true)
|
19
|
-
end
|
20
|
-
end
|
21
|
-
context 'Database Options' do
|
22
|
-
it 'Ignores bad table' do
|
23
|
-
policy_json_requests = {
|
24
|
-
'policy_id' => 'x1a1',
|
25
|
-
'data' => {
|
26
|
-
'db_protections' => [
|
27
|
-
{
|
28
|
-
'databases' => ['dave'],
|
29
|
-
'schemas' => ['sam'],
|
30
|
-
'tables' => ['trevor'],
|
31
|
-
'fields' => ['fred'],
|
32
|
-
'actions' => {
|
33
|
-
'log' => ['redact'],
|
34
|
-
'body' => ['event']
|
35
|
-
}
|
36
|
-
}
|
37
|
-
]
|
38
|
-
}
|
39
|
-
}
|
40
|
-
db_one_policy = DataLossPolicy.new(policy_json_requests)
|
41
|
-
expect(db_one_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred')).to eq(nil)
|
42
|
-
end
|
43
|
-
it 'Partial Policy' do
|
44
|
-
# Assume if databases, schemas that are missing are "*"
|
45
|
-
policy_json_requests = {
|
46
|
-
'policy_id' => 'x1a1',
|
47
|
-
'data' => {
|
48
|
-
'db_protections' => [
|
49
|
-
{
|
50
|
-
'fields' => ['fred'],
|
51
|
-
'actions' => {
|
52
|
-
'log' => ['redact'],
|
53
|
-
'body' => ['event']
|
54
|
-
}
|
55
|
-
}
|
56
|
-
]
|
57
|
-
}
|
58
|
-
}
|
59
|
-
db_one_policy = DataLossPolicy.new(policy_json_requests)
|
60
|
-
expect(db_one_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred').to_a[0].log_redact).to eq(true)
|
61
|
-
expect(db_one_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'abcd').to_a[0].log_redact).to eq(true)
|
62
|
-
end
|
63
|
-
it 'Scopes by reoute_id' do
|
64
|
-
policy_json_request_ids = {
|
65
|
-
'policy_id' => 'x1a1',
|
66
|
-
'data' => {
|
67
|
-
'db_protections' => [
|
68
|
-
{
|
69
|
-
'scope' => 'route',
|
70
|
-
'route_ids' => ['abcd'],
|
71
|
-
'databases' => ['dave'],
|
72
|
-
'schemas' => ['sam'],
|
73
|
-
'tables' => ['tommy'],
|
74
|
-
'fields' => ['fred'],
|
75
|
-
'actions' => {
|
76
|
-
'log' => ['redact'],
|
77
|
-
'body' => ['event']
|
78
|
-
}
|
79
|
-
}
|
80
|
-
]
|
81
|
-
}
|
82
|
-
}
|
83
|
-
db_two_policy = DataLossPolicy.new(policy_json_request_ids)
|
84
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred').to_a.size).to eq(0)
|
85
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'other_route').to_a.size).to eq(0)
|
86
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'abcd').to_a.size).to eq(1)
|
87
|
-
|
88
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'abcd').to_a[0].log_redact).to eq(true)
|
89
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'abcd').to_a[0].body_redact).to eq(nil)
|
90
|
-
expect(db_two_policy.get_actions_for_table('dave', 'sam', 'tommy', 'fred', 'abcd').to_a[0].body_event).to eq(true)
|
91
|
-
end
|
92
|
-
end
|
93
|
-
context 'Request Options' do
|
94
|
-
it 'Ignores non-global scoped policy' do
|
95
|
-
policy_json_requests = {
|
96
|
-
'policy_id' => 'x1a1',
|
97
|
-
'data' => {
|
98
|
-
'request_protections' => [
|
99
|
-
{
|
100
|
-
'variable_context' => 'form',
|
101
|
-
'variables' => ['test123'],
|
102
|
-
'actions' => {
|
103
|
-
'log' => ['redact'],
|
104
|
-
'body' => ['event']
|
105
|
-
}
|
106
|
-
}
|
107
|
-
]
|
108
|
-
}
|
109
|
-
}
|
110
|
-
policy_three = DataLossPolicy.new(policy_json_requests)
|
111
|
-
expect(policy_three.get_actions_for_request('form', 'test123').to_a[0].body_event).to eq(true)
|
112
|
-
expect(policy_three.get_actions_for_request('form', 'test123').to_a[0].log_event).to eq(nil)
|
113
|
-
end
|
114
|
-
it 'Reads in the policy' do
|
115
|
-
policy_json_requests = {
|
116
|
-
'policy_id' => 'x1a1',
|
117
|
-
'data' => {
|
118
|
-
'request_protections' => [
|
119
|
-
{
|
120
|
-
'variable_context' => 'form',
|
121
|
-
'scope' => 'route',
|
122
|
-
'route_ids' => ['routex'],
|
123
|
-
'variables' => ['test123'],
|
124
|
-
'actions' => {
|
125
|
-
'log' => ['redact'],
|
126
|
-
'body' => ['event']
|
127
|
-
}
|
128
|
-
}
|
129
|
-
]
|
130
|
-
}
|
131
|
-
}
|
132
|
-
policy_three = DataLossPolicy.new(policy_json_requests)
|
133
|
-
entry_wildcard_route = policy_three.get_actions_for_request('form', 'TeSt123')
|
134
|
-
entry_given_route = policy_three.get_actions_for_request('form', 'TeSt123', 'routex')
|
135
|
-
expect(entry_wildcard_route).to eq(nil)
|
136
|
-
expect(entry_given_route.size).to eq(1)
|
137
|
-
expect(entry_given_route.to_a[0].body_redact).to eq(nil)
|
138
|
-
expect(entry_given_route.to_a[0].log_redact).to eq(true)
|
139
|
-
end
|
140
|
-
|
141
|
-
it 'Reads in the policy with cookie (redact/event)' do
|
142
|
-
policy_json_requests = {
|
143
|
-
'policy_id' => 'x1a1',
|
144
|
-
'data' => {
|
145
|
-
'request_protections' => [
|
146
|
-
{
|
147
|
-
'variable_context' => 'cookie',
|
148
|
-
'scope' => 'route',
|
149
|
-
'route_ids' => ['routex'],
|
150
|
-
'variables' => ['test123'],
|
151
|
-
'actions' => {
|
152
|
-
'log' => ['redact'],
|
153
|
-
'body' => ['event']
|
154
|
-
}
|
155
|
-
}
|
156
|
-
]
|
157
|
-
}
|
158
|
-
}
|
159
|
-
policy_three = DataLossPolicy.new(policy_json_requests)
|
160
|
-
entry_wildcard_route = policy_three.get_actions_for_request('cookie', 'test123')
|
161
|
-
entry_given_route = policy_three.get_actions_for_request('cookie', 'test123', 'routex')
|
162
|
-
expect(entry_wildcard_route).to eq(nil)
|
163
|
-
expect(entry_given_route.size).to eq(1)
|
164
|
-
expect(entry_given_route.to_a[0].body_redact).to eq(nil)
|
165
|
-
expect(entry_given_route.to_a[0].log_redact).to eq(true)
|
166
|
-
end
|
167
|
-
|
168
|
-
it 'Reads in the policy with mixed-case cookie (redact/event)' do
|
169
|
-
policy_json_requests = {
|
170
|
-
'policy_id' => 'x1a1',
|
171
|
-
'data' => {
|
172
|
-
'request_protections' => [
|
173
|
-
{
|
174
|
-
'variable_context' => 'cookie',
|
175
|
-
'scope' => 'route',
|
176
|
-
'route_ids' => ['routex'],
|
177
|
-
'variables' => ['teST123'],
|
178
|
-
'actions' => {
|
179
|
-
'log' => ['redact'],
|
180
|
-
'body' => ['event']
|
181
|
-
}
|
182
|
-
}
|
183
|
-
]
|
184
|
-
}
|
185
|
-
}
|
186
|
-
policy_three = DataLossPolicy.new(policy_json_requests)
|
187
|
-
entry_wildcard_route = policy_three.get_actions_for_request('cookie', 'test123')
|
188
|
-
entry_given_route = policy_three.get_actions_for_request('cookie', 'test123', 'routex')
|
189
|
-
expect(entry_wildcard_route).to eq(nil)
|
190
|
-
expect(entry_given_route).to eq(nil)
|
191
|
-
end
|
192
|
-
|
193
|
-
it 'Reads in the policy with header (redact/event)' do
|
194
|
-
policy_json_requests = {
|
195
|
-
'policy_id' => 'x1a1',
|
196
|
-
'data' => {
|
197
|
-
'request_protections' => [
|
198
|
-
{
|
199
|
-
'variable_context' => 'header',
|
200
|
-
'scope' => 'route',
|
201
|
-
'route_ids' => ['routex'],
|
202
|
-
'variables' => ['test123'],
|
203
|
-
'actions' => {
|
204
|
-
'log' => ['redact'],
|
205
|
-
'body' => ['event']
|
206
|
-
}
|
207
|
-
}
|
208
|
-
]
|
209
|
-
}
|
210
|
-
}
|
211
|
-
policy_three = DataLossPolicy.new(policy_json_requests)
|
212
|
-
entry_wildcard_route = policy_three.get_actions_for_request('header', 'TeSt123')
|
213
|
-
entry_given_route = policy_three.get_actions_for_request('header', 'TeSt123', 'routex')
|
214
|
-
expect(entry_wildcard_route).to eq(nil)
|
215
|
-
expect(entry_given_route.size).to eq(1)
|
216
|
-
expect(entry_given_route.to_a[0].body_redact).to eq(nil)
|
217
|
-
expect(entry_given_route.to_a[0].log_redact).to eq(true)
|
218
|
-
end
|
219
|
-
end
|
220
|
-
end
|
221
|
-
end
|
222
|
-
end
|