Class: Aikido::Zen::RuntimeSettings::ProtectionSettings

Inherits:
Object
  • Object
show all
Defined in:
lib/aikido/zen/runtime_settings/protection_settings.rb

Overview

Models the settings for a given Route as configured in the Aikido UI.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(protected: true, allowed_ips: RuntimeSettings::IPSet.new, rate_limiting: RuntimeSettings::RateLimitSettings.disabled) ⇒ ProtectionSettings

Returns a new instance of ProtectionSettings.



48
49
50
51
52
53
54
55
56
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 48

def initialize(
  protected: true,
  allowed_ips: RuntimeSettings::IPSet.new,
  rate_limiting: RuntimeSettings::RateLimitSettings.disabled
)
  @protected = !!protected
  @rate_limiting = rate_limiting
  @allowed_ips = allowed_ips
end

Instance Attribute Details

#allowed_ipsAikido::Zen::RuntimeSettings::IPSet (readonly)

Returns list of IP addresses which are allowed to make requests on this route. If empty, all IP addresses are allowed.

Returns:



43
44
45
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 43

def allowed_ips
  @allowed_ips
end

#rate_limitingAikido::Zen::RuntimeSettings::RateLimitSettings (readonly)

Returns:



46
47
48
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 46

def rate_limiting
  @rate_limiting
end

Class Method Details

.from_json(data) ⇒ Aikido::Zen::RuntimeSettings::ProtectionSettings

Initialize settings from an API response.

Parameters:

  • data (Hash)

    the deserialized JSON data.

Options Hash (data):

  • "forceProtectionOff" (Boolean)

    whether the user has disabled attack protection for this route.

  • "allowedIPAddresses" (Array<String>)

    the list of IPs that can make requests to this endpoint.

  • "rateLimiting" (Hash)

    the rate limiting options for this endpoint. See RateLimitSettings.from_json.

Returns:

Raises:

  • (IPAddr::InvalidAddressError)

    if any of the IPs in “allowedIPAddresses” is not a valid address or family.



29
30
31
32
33
34
35
36
37
38
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 29

def self.from_json(data)
  ips = RuntimeSettings::IPSet.from_json(data["allowedIPAddresses"])
  rate_limiting = RuntimeSettings::RateLimitSettings.from_json(data["rateLimiting"])

  new(
    protected: !data["forceProtectionOff"],
    allowed_ips: ips,
    rate_limiting: rate_limiting
  )
end

.noneAikido::Zen::RuntimeSettings::ProtectionSettings

Returns singleton instance for endpoints with no configured protections on a given route, that can be used as a default value for routes.

Returns:



12
13
14
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 12

def self.none
  @no_settings ||= new
end

Instance Method Details

#protected?Boolean

Returns:

  • (Boolean) 


58
59
60
 
# File 'lib/aikido/zen/runtime_settings/protection_settings.rb', line 58

def protected?
  @protected
end