RubyGems - tcell_agent - Versions diffs - 2.7.0 → 2.7.1 - Mend

tcell_agent 2.7.0 → 2.7.1

Files changed (33) hide show

checksums.yaml +4 -4
data/lib/tcell_agent/agent.rb +1 -2
data/lib/tcell_agent/instrumentation.rb +0 -192
data/lib/tcell_agent/policies/policies_manager.rb +1 -17
data/lib/tcell_agent/policies/policy_polling.rb +1 -2
data/lib/tcell_agent/policies/policy_types.rb +0 -1
data/lib/tcell_agent/rails/database.rb +49 -0
data/lib/tcell_agent/rails/middleware/headers_middleware.rb +1 -1
data/lib/tcell_agent/rails/railties/tcell_agent_database_railties.rb +81 -0
data/lib/tcell_agent/rails/railties/tcell_agent_railties.rb +0 -1
data/lib/tcell_agent/rails/routes.rb +0 -8
data/lib/tcell_agent/rust/libtcellagent-alpine.so +0 -0
data/lib/tcell_agent/rust/libtcellagent-x64.dll +0 -0
data/lib/tcell_agent/rust/libtcellagent.dylib +0 -0
data/lib/tcell_agent/rust/libtcellagent.so +0 -0
data/lib/tcell_agent/sensor_events/util/sanitizer_utilities.rb +0 -17
data/lib/tcell_agent/version.rb +1 -1
data/lib/tcell_agent.rb +5 -3
data/spec/lib/tcell_agent/policies/policies_manager_spec.rb +5 -16
data/spec/lib/tcell_agent/rails/database.rb +60 -0
data/spec/lib/tcell_agent/rails/middleware/tcell_body_proxy_spec.rb +2 -2
data/spec/support/force_logger_mocking.rb +0 -8
metadata +6 -16
data/lib/tcell_agent/policies/dataloss_policy.rb +0 -304
data/lib/tcell_agent/rails/dlp/process_request.rb +0 -83
data/lib/tcell_agent/rails/dlp.rb +0 -410
data/lib/tcell_agent/rails/dlp_handler.rb +0 -63
data/lib/tcell_agent/sensor_events/dlp.rb +0 -53
data/lib/tcell_agent/sinatra.rb +0 -38
data/spec/lib/tcell_agent/policies/dataloss_policy_spec.rb +0 -222
data/spec/lib/tcell_agent/rails/dlp_spec.rb +0 -1040
data/spec/lib/tcell_agent/rails/logger_spec.rb +0 -169
data/spec/lib/tcell_agent/sensor_events/dlp_spec.rb +0 -14

data/spec/lib/tcell_agent/rails/dlp_spec.rb DELETED Viewed

@@ -1,1040 +0,0 @@
-require 'spec_helper'
-module TCellAgent
-  module DLP
-    class SomeColumn
-      attr_accessor :name
-      def initialize(name = nil)
-        @name = name
-      end
-    end
-    class SomeModel
-      class << self
-        def table_name
-          'some_models'
-        end
-        def columns
-          [SomeColumn.new('id'), SomeColumn.new('name'), SomeColumn.new('email')]
-        end
-        def connection_config
-          {
-            :database => 'something/test_database'
-          }
-        end
-      end
-    end
-    describe '.instrument_pluck' do
-      context 'with empty results' do
-        it 'should skip over instrumentation' do
-          expect(TCellAgent).to_not receive(:configuration)
-          TCellAgent::DLP.instrument_pluck([], [:id], SomeModel)
-        end
-      end
-      context 'with no dlp policy' do
-        it 'should skip over instrumentation' do
-          configuration = double(
-            'configuration',
-            {
-              :enabled => true,
-              :should_instrument? => true,
-              :should_intercept_requests? => true
-            }
-          )
-          allow(TCellAgent).to receive(:configuration).and_return(configuration)
-          expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(nil)
-          TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-        end
-      end
-      context 'with dlp policy disabled' do
-        it 'should skip over instrumentation' do
-          configuration = double(
-            'configuration',
-            {
-              :enabled => true,
-              :should_instrument? => true,
-              :should_intercept_requests? => true
-            }
-          )
-          dataloss_policy = double(
-            'dataloss_policy',
-            {
-              :enabled => false
-            }
-          )
-          allow(TCellAgent).to receive(:configuration).and_return(configuration)
-          expect(TCellAgent).to receive(:policy).with(
-            TCellAgent::PolicyTypes::DATALOSS
-          ).and_return(dataloss_policy)
-          TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-        end
-      end
-      context 'with dlp policy enabled' do
-        context 'with database_discovery_enabled' do
-          it 'should send model columns to tcell service' do
-            configuration = double(
-              'configuration',
-              {
-                :enabled => true,
-                :should_instrument? => true,
-                :should_intercept_requests? => true,
-                :max_data_ex_db_records_per_request => 1
-              }
-            )
-            dataloss_policy = double(
-              'dataloss_policy',
-              {
-                :enabled => true,
-                :database_discovery_enabled => true
-              }
-            )
-            request_env = double('request_env', {})
-            tcell_context = double(
-              'tcell_context',
-              {
-                :route_id => 'ma_route_id',
-                :database_result_sizes => []
-              }
-            )
-            allow(TCellAgent).to receive(:configuration).and_return(configuration)
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-            expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-              :fetch
-            ).and_return(request_env)
-            expect(request_env).to receive(:[]).with(
-              TCellAgent::Instrumentation::TCELL_ID
-            ).and_return(tcell_context)
-            expect(dataloss_policy).to receive(:get_actions_for_table).with(
-              'test_database', '*', 'some_models', 'id', 'ma_route_id'
-            ).and_return(nil)
-            expect(TCellAgent).to receive(:discover_database_fields).with(
-              'ma_route_id', 'test_database', '*', 'some_models', ['id']
-            )
-            TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-            expect(tcell_context.database_result_sizes).to eq([1])
-          end
-        end
-        context 'with database_discovery_enabled == false' do
-          context 'with zero columns passed to pluck' do
-            context 'that doesn\'t have any rules set' do
-              it 'should not send anything to tcell' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'email', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                TCellAgent::DLP.instrument_pluck([10], [], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-            context 'that has a rule set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule])
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'email', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([[10, 'name', 'email']], [], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-            context 'that has two rules set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                id_rule_dos = double('id_rule_dos')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule, id_rule_dos])
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'email', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([[10, 'name', 'email']], [], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-          end
-          context 'with one column passed to pluck' do
-            context 'that doesn\'t have any rules set' do
-              it 'should not send anything to tcell' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-            context 'that has a rule set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule])
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-            context 'that has two rules set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                id_rule_dos = double('id_rule_dos')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule, id_rule_dos])
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([10], [:id], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-            context 'that is namespaced' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                id_rule_dos = double('id_rule_dos')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule, id_rule_dos])
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                TCellAgent::DLP.instrument_pluck([10], ['some_models.id'], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([1])
-              end
-            end
-          end
-          context 'with two columns passed to pluck' do
-            context 'that doesn\'t have any rules set' do
-              it 'should not send anything to tcell' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                TCellAgent::DLP.instrument_pluck([[10, 'dies'], [20, 'veinte']], %i[id name], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([2])
-              end
-            end
-            context 'that has a rule set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule])
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  20, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([[10, 'dies'], [20, 'veinte']], %i[id name], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([2])
-              end
-              context 'that is namespaced' do
-                it 'should not send anything to tcell' do
-                  configuration = double(
-                    'configuration',
-                    {
-                      :enabled => true,
-                      :should_instrument? => true,
-                      :should_intercept_requests? => true,
-                      :max_data_ex_db_records_per_request => 1000
-                    }
-                  )
-                  dataloss_policy = double(
-                    'dataloss_policy',
-                    {
-                      :enabled => true,
-                      :database_discovery_enabled => false
-                    }
-                  )
-                  request_env = double('request_env', {})
-                  tcell_context = double(
-                    'tcell_context',
-                    {
-                      :route_id => 'ma_route_id',
-                      :database_result_sizes => []
-                    }
-                  )
-                  allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                  expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                  expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                    :fetch
-                  ).and_return(request_env)
-                  expect(request_env).to receive(:[]).with(
-                    TCellAgent::Instrumentation::TCELL_ID
-                  ).and_return(tcell_context)
-                  expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                    'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                  ).and_return(nil)
-                  expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                  expect(TCellAgent).to_not receive(:discover_database_fields)
-                  TCellAgent::DLP.instrument_pluck([10], ['some_other_models.name', 'some_models.id'], SomeModel)
-                  expect(tcell_context.database_result_sizes).to eq([1])
-                end
-              end
-            end
-            context 'that has two rules set' do
-              it 'should add a response filter' do
-                configuration = double(
-                  'configuration',
-                  {
-                    :enabled => true,
-                    :should_instrument? => true,
-                    :should_intercept_requests? => true,
-                    :max_data_ex_db_records_per_request => 1000
-                  }
-                )
-                dataloss_policy = double(
-                  'dataloss_policy',
-                  {
-                    :enabled => true,
-                    :database_discovery_enabled => false
-                  }
-                )
-                request_env = double('request_env', {})
-                tcell_context = double(
-                  'tcell_context',
-                  {
-                    :route_id => 'ma_route_id',
-                    :database_result_sizes => []
-                  }
-                )
-                id_rule = double('id_rule')
-                id_rule_dos = double('id_rule_dos')
-                allow(TCellAgent).to receive(:configuration).and_return(configuration)
-                expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-                expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                  :fetch
-                ).and_return(request_env)
-                expect(request_env).to receive(:[]).with(
-                  TCellAgent::Instrumentation::TCELL_ID
-                ).and_return(tcell_context)
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'id', 'ma_route_id'
-                ).and_return([id_rule, id_rule_dos])
-                expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                  'test_database', '*', 'some_models', 'name', 'ma_route_id'
-                ).and_return(nil)
-                expect(dataloss_policy).to_not receive(:get_actions_for_table)
-                expect(TCellAgent).to_not receive(:discover_database_fields)
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  10, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  20, id_rule, 'test_database', '*', 'some_models', 'id'
-                )
-                expect(tcell_context).to receive(:add_response_db_filter).with(
-                  20, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-                )
-                TCellAgent::DLP.instrument_pluck([[10, 'dies'], [20, 'veinte']], %i[id name], SomeModel)
-                expect(tcell_context.database_result_sizes).to eq([2])
-              end
-            end
-          end
-        end
-      end
-    end
-    describe '.instrument_find_by_sql' do
-      context 'with empty results' do
-        it 'should skip over instrumentation' do
-          expect(TCellAgent).to_not receive(:configuration)
-          TCellAgent::DLP.instrument_find_by_sql([])
-        end
-      end
-      context 'with no dlp policy' do
-        it 'should skip over instrumentation' do
-          configuration = double(
-            'configuration',
-            {
-              :enabled => true,
-              :should_instrument? => true,
-              :should_intercept_requests? => true
-            }
-          )
-          allow(TCellAgent).to receive(:configuration).and_return(configuration)
-          expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(nil)
-          TCellAgent::DLP.instrument_find_by_sql([SomeModel.new])
-        end
-      end
-      context 'with dlp policy disabled' do
-        it 'should skip over instrumentation' do
-          configuration = double(
-            'configuration',
-            {
-              :enabled => true,
-              :should_instrument? => true,
-              :should_intercept_requests? => true
-            }
-          )
-          dataloss_policy = double(
-            'dataloss_policy',
-            {
-              :enabled => false
-            }
-          )
-          allow(TCellAgent).to receive(:configuration).and_return(configuration)
-          expect(TCellAgent).to receive(:policy).with(
-            TCellAgent::PolicyTypes::DATALOSS
-          ).and_return(dataloss_policy)
-          TCellAgent::DLP.instrument_find_by_sql([SomeModel.new])
-        end
-      end
-      context 'with dlp policy enabled' do
-        context 'with database_discovery_enabled' do
-          it 'should send model columns to tcell service' do
-            configuration = double(
-              'configuration',
-              {
-                :enabled => true,
-                :should_instrument? => true,
-                :should_intercept_requests? => true,
-                :max_data_ex_db_records_per_request => 1
-              }
-            )
-            dataloss_policy = double(
-              'dataloss_policy',
-              {
-                :enabled => true,
-                :database_discovery_enabled => true
-              }
-            )
-            request_env = double('request_env', {})
-            tcell_context = double(
-              'tcell_context',
-              {
-                :route_id => 'ma_route_id',
-                :database_result_sizes => []
-              }
-            )
-            allow(TCellAgent).to receive(:configuration).and_return(configuration)
-            expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-            expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-              :fetch
-            ).and_return(request_env)
-            expect(request_env).to receive(:[]).with(
-              TCellAgent::Instrumentation::TCELL_ID
-            ).and_return(tcell_context)
-            expect(dataloss_policy).to receive(:get_actions_for_table).with(
-              'test_database', '*', 'some_models', 'id', 'ma_route_id'
-            ).and_return(nil)
-            expect(dataloss_policy).to receive(:get_actions_for_table).with(
-              'test_database', '*', 'some_models', 'name', 'ma_route_id'
-            ).and_return(nil)
-            expect(dataloss_policy).to receive(:get_actions_for_table).with(
-              'test_database', '*', 'some_models', 'email', 'ma_route_id'
-            ).and_return(nil)
-            expect(TCellAgent).to receive(:discover_database_fields).with(
-              'ma_route_id', 'test_database', '*', 'some_models', %w[id name email]
-            )
-            TCellAgent::DLP.instrument_find_by_sql([SomeModel.new])
-            expect(tcell_context.database_result_sizes).to eq([1])
-          end
-        end
-        context 'with database_discovery_enabled == false' do
-          context 'that doesn\'t have any rules set' do
-            it 'should not send anything to tcell' do
-              configuration = double(
-                'configuration',
-                {
-                  :enabled => true,
-                  :should_instrument? => true,
-                  :should_intercept_requests? => true,
-                  :max_data_ex_db_records_per_request => 1000
-                }
-              )
-              dataloss_policy = double(
-                'dataloss_policy',
-                {
-                  :enabled => true,
-                  :database_discovery_enabled => false
-                }
-              )
-              request_env = double('request_env', {})
-              tcell_context = double(
-                'tcell_context',
-                {
-                  :route_id => 'ma_route_id',
-                  :database_result_sizes => []
-                }
-              )
-              allow(TCellAgent).to receive(:configuration).and_return(configuration)
-              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-              expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                :fetch
-              ).and_return(request_env)
-              expect(request_env).to receive(:[]).with(
-                TCellAgent::Instrumentation::TCELL_ID
-              ).and_return(tcell_context)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'id', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'name', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'email', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to_not receive(:get_actions_for_table)
-              expect(TCellAgent).to_not receive(:discover_database_fields)
-              TCellAgent::DLP.instrument_find_by_sql([SomeModel.new])
-              expect(tcell_context.database_result_sizes).to eq([1])
-            end
-          end
-          context 'that has a rule set' do
-            it 'should add a response filter' do
-              configuration = double(
-                'configuration',
-                {
-                  :enabled => true,
-                  :should_instrument? => true,
-                  :should_intercept_requests? => true,
-                  :max_data_ex_db_records_per_request => 1000
-                }
-              )
-              dataloss_policy = double(
-                'dataloss_policy',
-                {
-                  :enabled => true,
-                  :database_discovery_enabled => false
-                }
-              )
-              request_env = double('request_env', {})
-              tcell_context = double(
-                'tcell_context',
-                {
-                  :route_id => 'ma_route_id',
-                  :database_result_sizes => []
-                }
-              )
-              id_rule = double('id_rule')
-              some_model = SomeModel.new
-              allow(TCellAgent).to receive(:configuration).and_return(configuration)
-              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-              expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                :fetch
-              ).and_return(request_env)
-              expect(request_env).to receive(:[]).with(
-                TCellAgent::Instrumentation::TCELL_ID
-              ).and_return(tcell_context)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'id', 'ma_route_id'
-              ).and_return([id_rule])
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'name', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'email', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to_not receive(:get_actions_for_table)
-              expect(TCellAgent).to_not receive(:discover_database_fields)
-              expect(some_model).to receive(:[]).with(:id).and_return(10)
-              expect(tcell_context).to receive(:add_response_db_filter).with(
-                10, id_rule, 'test_database', '*', 'some_models', 'id'
-              )
-              TCellAgent::DLP.instrument_find_by_sql([some_model])
-              expect(tcell_context.database_result_sizes).to eq([1])
-            end
-          end
-          context 'that has two rules set' do
-            it 'should add a response filter' do
-              configuration = double(
-                'configuration',
-                {
-                  :enabled => true,
-                  :should_instrument? => true,
-                  :should_intercept_requests? => true,
-                  :max_data_ex_db_records_per_request => 1000
-                }
-              )
-              dataloss_policy = double(
-                'dataloss_policy',
-                {
-                  :enabled => true,
-                  :database_discovery_enabled => false
-                }
-              )
-              request_env = double('request_env', {})
-              tcell_context = double(
-                'tcell_context',
-                {
-                  :route_id => 'ma_route_id',
-                  :database_result_sizes => []
-                }
-              )
-              id_rule = double('id_rule')
-              id_rule_dos = double('id_rule_dos')
-              some_model = SomeModel.new
-              allow(TCellAgent).to receive(:configuration).and_return(configuration)
-              expect(TCellAgent).to receive(:policy).with(TCellAgent::PolicyTypes::DATALOSS).and_return(dataloss_policy)
-              expect(TCellAgent::Instrumentation::Rails::Middleware::ContextMiddleware::THREADS).to receive(
-                :fetch
-              ).and_return(request_env)
-              expect(request_env).to receive(:[]).with(
-                TCellAgent::Instrumentation::TCELL_ID
-              ).and_return(tcell_context)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'id', 'ma_route_id'
-              ).and_return([id_rule, id_rule_dos])
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'name', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to receive(:get_actions_for_table).with(
-                'test_database', '*', 'some_models', 'email', 'ma_route_id'
-              ).and_return(nil)
-              expect(dataloss_policy).to_not receive(:get_actions_for_table)
-              expect(TCellAgent).to_not receive(:discover_database_fields)
-              expect(some_model).to receive(:[]).with(:id).and_return(10)
-              expect(some_model).to receive(:[]).with(:id).and_return(10)
-              expect(tcell_context).to receive(:add_response_db_filter).with(
-                10, id_rule, 'test_database', '*', 'some_models', 'id'
-              )
-              expect(tcell_context).to receive(:add_response_db_filter).with(
-                10, id_rule_dos, 'test_database', '*', 'some_models', 'id'
-              )
-              TCellAgent::DLP.instrument_find_by_sql([some_model])
-              expect(tcell_context.database_result_sizes).to eq([1])
-            end
-          end
-        end
-      end
-    end
-  end
-end