tcell_agent 2.2.0 → 2.2.1

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 4874ce28005d00849139d7ff1620e5eb0969a6a4626a2b005936ebb429be7064
-  data.tar.gz: bb009ff4896aecb87e92ea17c57273a4b9bee02f0ef211a51f45f72ed96dbc04
+  metadata.gz: 5e056172b2170f472b95d9dc96f082b2d881e38d8b066ed82b8c4175157c0d04
+  data.tar.gz: 6e6a4fc3062d22415489aa75fad2cc15e7c8d9dcd9fc6a80aeb7ce6116dd784e
 SHA512:
-  metadata.gz: 960aa5847e382e2ef19f3d5ef615113a3c042a1f567bdc0cbf9231d5662b7bc140275177103de97b7967408329f1ac90d7702e9606adb8c19117e4dee691eb4c
-  data.tar.gz: 8ff116f37231cd8d045ecd634b01446250293520318a0aedbe10c79adcb49ae318e966e67c3576df9fa364152c06b71546a6caf35583d82e9f7e0856908a6472
+  metadata.gz: 87a540297c00aedca95f5905687e511233a960ede19aca99cdac65935828bce009413493a8c22af7a33ef59808910df69f9a169274f7f8aec13cdf84c8a361e4
+  data.tar.gz: 9ea327f2786185b027263c74d7d7428aa6c1a5cf7e54ce2bcf070eed2a15630f370984297f1a804aebbd97569379916e6973a337b42be8f2e9e211499422bae9

data/lib/tcell_agent/instrument_servers.rb

@@ -2,22 +2,20 @@
 
 tcell_server = ENV['TCELL_AGENT_SERVER']
 
-if tcell_server && tcell_server == 'mock'
-  TCellAgent.thread_agent.instrument_built_ins
-end
+TCellAgent.thread_agent.instrument_built_ins if tcell_server &&
+                                                tcell_server == 'mock'
 
-if (tcell_server && tcell_server == 'webrick') || defined?(Rails::Server)
-  require('tcell_agent/servers/rails_server')
+require('tcell_agent/servers/rails_server') if (tcell_server && tcell_server == 'webrick') ||
+                                               defined?(Rails::Server)
 
-elsif (tcell_server && tcell_server == 'thin') || defined?(Thin)
-  require('tcell_agent/servers/thin')
+require('tcell_agent/servers/thin') if (tcell_server && tcell_server == 'thin') ||
+                                       defined?(Thin)
 
-elsif (tcell_server && tcell_server == 'puma') || defined?(Puma)
-  require('tcell_agent/servers/puma')
+require('tcell_agent/servers/puma') if (tcell_server && tcell_server == 'puma') ||
+                                       defined?(Puma)
 
-elsif (tcell_server && tcell_server == 'unicorn') || defined?(Unicorn)
-  require('tcell_agent/servers/unicorn')
+require('tcell_agent/servers/unicorn') if (tcell_server && tcell_server == 'unicorn') ||
+                                          defined?(Unicorn)
 
-elsif (tcell_server && tcell_server == 'passenger') || defined?(PhusionPassenger)
-  require('tcell_agent/servers/passenger')
-end
+require('tcell_agent/servers/passenger') if (tcell_server && tcell_server == 'passenger') ||
+                                            defined?(PhusionPassenger)

data/lib/tcell_agent/rails/auth/authlogic.rb

@@ -1,3 +1,5 @@
+# frozen_string_literal: true
+
 require 'tcell_agent/configuration'
 require 'tcell_agent/instrumentation'
 
@@ -30,6 +32,12 @@ module TCellAgent
         if user_logged_in_before && user_logged_in_after
         # password changed or logged in as another user
         elsif !user_logged_in_before && !user_logged_in_after
+          TCellAgent::Instrumentation.safe_block('checking if user is valid') do
+            error_messages = errors.messages[login_field]
+
+            user_valid = error_messages.empty?
+          end
+
           login_policy.report_login_failure(
             user_id,
             password,
@@ -38,6 +46,7 @@ module TCellAgent
             tcell_data
           )
         elsif !user_logged_in_before && user_logged_in_after
+          tcell_data.user_id = user_id if user_id && tcell_data.user_id.nil?
           login_policy.report_login_success(
             user_id,
             request.env,

data/lib/tcell_agent/rails/auth/devise.rb

@@ -19,7 +19,8 @@ module TCellAgent
               password = tcell_data.password
               password ||= _get_tcell_password
 
-              user_valid = nil
+              user_valid = warden_message != :not_found_in_database if defined?(warden_message)
+
               login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
               login_policy.report_login_failure(
                 user_id,
@@ -96,11 +97,11 @@ module TCellAgent
       end
 
       TCellAgent::Instrumentation.safe_block('Devise Authenticatable Validate') do
-        if send_event && TCellAgent.configuration.enabled &&
-           TCellAgent.configuration.should_intercept_requests?
+        if send_event && TCellAgent.configuration.should_intercept_requests?
           username = nil
           (authentication_keys || []).each do |auth_key|
-            attr = authentication_hash[auth_key]
+            attr = authentication_hash[auth_key] unless authentication_hash.nil?
+
             if attr
               username ||= ''
               username += attr
@@ -110,6 +111,8 @@ module TCellAgent
           tcell_data = request.env[TCellAgent::Instrumentation::TCELL_ID]
           return is_valid unless tcell_data
 
+          tcell_data.user_id = username if username && tcell_data.user_id.nil?
+
           login_policy = TCellAgent.policy(TCellAgent::PolicyTypes::LOGINFRAUD)
           login_policy.report_login_success(
             username,

data/lib/tcell_agent/rails/auth/doorkeeper.rb

@@ -1,5 +1,4 @@
 require 'tcell_agent/agent'
-require 'tcell_agent/sensor_events/login_fraud'
 
 module TCellAgent
   module DoorkeeperInstrumentation

data/lib/tcell_agent/rails/middleware/global_middleware.rb

@@ -24,6 +24,9 @@ module TCellAgent
           def call(env)
             if TCellAgent.configuration.should_intercept_requests?
               request = Rack::Request.new(env)
+
+              request['init'] = true
+
               TCellAgent::Instrumentation.safe_block('Setting session_id & user_id') do
                 if request.session
                   env[TCellAgent::Instrumentation::TCELL_ID].session_id =

data/lib/tcell_agent/servers/puma.rb

@@ -4,21 +4,21 @@ if defined?(Puma.cli_config)
       # Puma is running in single mode, so run both the initial instrumentation and
       # start the agent
       Puma::Runner.class_eval do
-        alias_method :original_start_server, :start_server
+        alias_method :tcell_original_start_server, :start_server
         def start_server
-          TCellAgent.thread_agent.start('Puma Single Mode')
+          TCellAgent.thread_agent.start('Puma')
 
-          original_start_server
+          tcell_original_start_server
         end
       end
 
     else
       Puma::Server.class_eval do
-        alias_method :original_run, :run
+        alias_method :tcell_original_run, :run
         def run(background = true)
           TCellAgent.thread_agent.start('Puma Cluster Mode (Worker)')
 
-          original_run(background)
+          tcell_original_run(background)
         end
       end
     end
@@ -28,11 +28,11 @@ if defined?(Puma.cli_config)
     # Instrumentation will run for each worker but there's
     # nothing we can do about that (Unicorn's preload_app behaves the same way)
     Puma::Server.class_eval do
-      alias_method :original_run, :run
+      alias_method :tcell_original_run, :run
       def run(background = true)
         TCellAgent.thread_agent.start('Puma Cluster Mode (Worker)')
 
-        original_run(background)
+        tcell_original_run(background)
       end
     end
   end

data/lib/tcell_agent/servers/rack_puma_handler.rb

@@ -0,0 +1,23 @@
+# frozen_string_literal: true
+
+Rack::Handler::Puma.class_eval do
+  class << self
+    alias_method :tcell_original_config, :config
+    def config(app, options = {})
+      conf = tcell_original_config(app, options)
+
+      if defined?(Puma::Server) && !Puma::Server.instance_methods.include?(:tcell_original_run)
+        Puma::Server.class_eval do
+          alias_method :tcell_original_run, :run
+          def run(background = true)
+            TCellAgent.thread_agent.start('Puma')
+
+            tcell_original_run(background)
+          end
+        end
+      end
+
+      conf
+    end
+  end
+end

data/lib/tcell_agent/servers/rails_server.rb

@@ -5,16 +5,17 @@
 Rails::Server.class_eval do
   alias_method :tcell_build_app, :build_app
   def build_app(app)
+    require('tcell_agent/servers/rack_puma_handler') if defined?(Rack::Handler::Puma)
     require('tcell_agent/servers/unicorn') if defined?(Unicorn::HttpServer)
     require('tcell_agent/servers/webrick') if defined?(Rack::Handler::WEBrick)
     require('tcell_agent/servers/thin') if defined?(Thin::Server)
 
     if defined?(Puma::Server)
       Puma::Server.class_eval do
-        alias_method :original_run, :run
+        alias_method :tcell_original_run, :run
         def run(background = true)
-          TCellAgent.thread_agent.start('Puma Single Mode')
-          original_run(background)
+          TCellAgent.thread_agent.start('Puma')
+          tcell_original_run(background)
         end
       end
     end

data/lib/tcell_agent/tcell_context.rb

@@ -40,7 +40,7 @@ module TCellAgent
           tcell_context.request_method,
           tcell_context.remote_address,
           tcell_context.route_id,
-          tcell_context.hmac_session_id,
+          tcell_context.session_id,
           tcell_context.user_id,
           tcell_context.transaction_id,
           tcell_context.uri

data/lib/tcell_agent/version.rb

@@ -1,5 +1,5 @@
 # See the file "LICENSE" for the full license governing this code.
 
 module TCellAgent
-  VERSION = '2.2.0'.freeze
+  VERSION = '2.2.1'.freeze
 end

data/spec/lib/tcell_agent/configuration_spec.rb

@@ -16,6 +16,8 @@ module TCellAgent
           context 'with no parameters' do
             it 'should return true' do
               config = Configuration.new
+              config.enabled = true
+              config.instrument = true
 
               expect(config.should_instrument?).to be_truthy
             end
@@ -23,6 +25,9 @@ module TCellAgent
           context 'with parameters' do
             it 'should return true' do
               config = Configuration.new
+              config.enabled = true
+              config.instrument = true
+              config.disabled_instrumentation = Set.new
 
               expect(config.should_instrument?('devise')).to be_truthy
             end

data/spec/lib/tcell_agent/instrument_servers_spec.rb

@@ -0,0 +1,95 @@
+# frozen_string_literal: true
+
+def test_rails
+  expect(Rails::Server.instance_methods.include?(:tcell_build_app)).to be_truthy
+end
+
+def test_thin
+  expect(Thin::Server.instance_methods.include?(:original_start)).to be_truthy
+end
+
+def test_unicorn
+  expect(Unicorn::HttpServer::START_CTX[0]).to be_falsy
+  expect(Unicorn::HttpServer.instance_methods.include?(:tcell_init_worker_process)).to be_truthy
+  expect(Unicorn::HttpServer.instance_methods.include?(:tcell_load_config!)).to be_truthy
+end
+
+def test_passenger
+  expect(PhusionPassenger::LoaderSharedHelpers.instance_methods.include?(:tcell_before_handling_requests))
+end
+
+def test_puma
+  expect(Puma.cli_config.options[:preload_app]).to be_falsey
+  expect(Puma::Server.instance_methods.include?(:original_run)).to be_truthy
+end
+
+def test_server(filenames, funcs)
+  fork do
+    filenames.each do |file|
+      load file
+    end
+
+    load 'tcell_agent/instrument_servers.rb'
+
+    funcs.each do |func|
+      method(func).call
+    end
+  end
+end
+
+describe 'instrument_servers' do
+  context 'with single server dependency' do
+    context 'with webrick server' do
+      it 'should instrument Webrick' do
+        mocks = ['spec/support/server_mocks/rails_mock.rb']
+        tests = [:test_rails]
+        test_server(mocks, tests)
+      end
+    end
+
+    context 'with Thin server' do
+      it 'should instrument Thin' do
+        mocks = ['spec/support/server_mocks/thin_mock.rb']
+        tests = [:test_thin]
+        test_server(mocks, tests)
+      end
+    end
+
+    context 'with Puma server' do
+      it 'should instrument Puma' do
+        mocks = ['spec/support/server_mocks/puma_mock.rb']
+        tests = [:test_puma]
+        test_server(mocks, tests)
+      end
+    end
+
+    context 'with Unicorn server' do
+      it 'should instrument Unicorn' do
+        mocks = ['spec/support/server_mocks/unicorn_mock.rb']
+        tests = [:test_unicorn]
+        test_server(mocks, tests)
+      end
+    end
+
+    context 'with Passenger server' do
+      it 'should instrument Unicorn' do
+        mocks = ['spec/support/server_mocks/passenger_mock.rb']
+        tests = [:test_passenger]
+        test_server(mocks, tests)
+      end
+    end
+  end
+  context 'with multiple server dependencies' do
+    it 'should instrument all servers available' do
+      mocks = ['spec/support/server_mocks/rails_mock.rb',
+               'spec/support/server_mocks/thin_mock.rb',
+               'spec/support/server_mocks/puma_mock.rb',
+               'spec/support/server_mocks/unicorn_mock.rb',
+               'spec/support/server_mocks/passenger_mock.rb']
+
+      tests = %i[test_rails test_thin test_puma test_unicorn test_passenger]
+
+      test_server(mocks, tests)
+    end
+  end
+end

data/spec/lib/tcell_agent/policies/patches_policy_spec.rb

@@ -73,7 +73,7 @@ module TCellAgent
             TCellAgent::Rust::NativeAgent.free_agent(@native_agent.agent_ptr)
           end
 
-          context 'request has nil ip', :skip => true do
+          context 'request has nil ip' do
             it 'should not block request' do
               meta_data = TCellAgent::Tests::MetaDataBuilder.new.update_attribute(
                 'remote_address', nil
@@ -83,7 +83,7 @@ module TCellAgent
             end
           end
 
-          context 'request has empty ip', :skip => true do
+          context 'request has empty ip' do
             it 'should not block request' do
               meta_data = TCellAgent::Tests::MetaDataBuilder.new.update_attribute(
                 'remote_address', ''

data/spec/spec_helper.rb

@@ -20,3 +20,9 @@ end
 
 require 'tcell_agent/agent'
 require 'tcell_agent/rails/routes'
+
+TCellAgent.configuration.enabled = true
+TCellAgent.configuration.instrument = true
+TCellAgent.configuration.enable_intercept_requests = true
+TCellAgent.configuration.disabled_instrumentation = []
+TCellAgent.thread_agent.instrument_built_ins

data/spec/support/builders.rb

@@ -17,11 +17,12 @@ module TCellAgent
         @configuration.allow_payloads = true
         @configuration.js_agent_api_base_url = @configuration.tcell_api_url
         @configuration.js_agent_url = 'https://jsagent.tcell.io/tcellagent.min.js'
-        @configuration.cache_dir = nil
         @configuration.agent_log_dir = 'tcell/logs'
         @configuration.logging_options = { :enabled => false }
         @configuration.host_identifier = 'python-test-suite'
         @configuration.reverse_proxy_ip_address_header = 'X-Forwarded-For'
+        @configuration.enable_intercept_requests = true
+        @configuration.enabled = true
       end
 
       def update_attribute(attribute, setting)

data/spec/support/server_mocks/passenger_mock.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module PhusionPassenger
+  module LoaderSharedHelpers
+    def before_handling_requests; end
+  end
+end

data/spec/support/server_mocks/puma_mock.rb

@@ -0,0 +1,17 @@
+# frozen_string_literal: true
+
+module Puma
+  class Server
+    def run; end
+  end
+
+  class Config
+    def self.options
+      {}
+    end
+  end
+
+  def self.cli_config
+    Config
+  end
+end

data/spec/support/server_mocks/rails_mock.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Rails
+  module Server
+    def build_app; end
+  end
+end

data/spec/support/server_mocks/thin_mock.rb

@@ -0,0 +1,7 @@
+# frozen_string_literal: true
+
+module Thin
+  module Server
+    def start; end
+  end
+end

data/spec/support/server_mocks/unicorn_mock.rb

@@ -0,0 +1,11 @@
+# frozen_string_literal: true
+
+module Unicorn
+  class HttpServer
+    START_CTX = {}.freeze
+
+    def init_worker_process; end
+
+    def load_config!; end
+  end
+end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: tcell_agent
 version: !ruby/object:Gem::Version
-  version: 2.2.0
+  version: 2.2.1
 platform: ruby
 authors:
 - Rafael
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2020-06-24 00:00:00.000000000 Z
+date: 2020-08-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: ffi
@@ -181,6 +181,7 @@ files:
 - lib/tcell_agent/sensor_events/util/utils.rb
 - lib/tcell_agent/servers/passenger.rb
 - lib/tcell_agent/servers/puma.rb
+- lib/tcell_agent/servers/rack_puma_handler.rb
 - lib/tcell_agent/servers/rails_server.rb
 - lib/tcell_agent/servers/thin.rb
 - lib/tcell_agent/servers/unicorn.rb
@@ -194,6 +195,7 @@ files:
 - lib/tcell_agent/version.rb
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
+- spec/lib/tcell_agent/instrument_servers_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
@@ -238,6 +240,11 @@ files:
 - spec/support/middleware_helper.rb
 - spec/support/resources/lfi_sample_file.txt
 - spec/support/resources/normal_config.json
+- spec/support/server_mocks/passenger_mock.rb
+- spec/support/server_mocks/puma_mock.rb
+- spec/support/server_mocks/rails_mock.rb
+- spec/support/server_mocks/thin_mock.rb
+- spec/support/server_mocks/unicorn_mock.rb
 - spec/support/static_agent_overrides.rb
 - tcell_agent.gemspec
 homepage: https://www.tcell.io
@@ -268,6 +275,7 @@ summary: tCell.io Agent for Rails
 test_files:
 - spec/lib/tcell_agent/configuration_spec.rb
 - spec/lib/tcell_agent/hooks/login_fraud_spec.rb
+- spec/lib/tcell_agent/instrument_servers_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi/io_cmdi_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi/kernel_cmdi_spec.rb
 - spec/lib/tcell_agent/instrumentation/cmdi_spec.rb
@@ -312,4 +320,9 @@ test_files:
 - spec/support/middleware_helper.rb
 - spec/support/resources/lfi_sample_file.txt
 - spec/support/resources/normal_config.json
+- spec/support/server_mocks/passenger_mock.rb
+- spec/support/server_mocks/puma_mock.rb
+- spec/support/server_mocks/rails_mock.rb
+- spec/support/server_mocks/thin_mock.rb
+- spec/support/server_mocks/unicorn_mock.rb
 - spec/support/static_agent_overrides.rb