Class: Console1984::CommandExecutor
- Inherits:
-
Object
- Object
- Console1984::CommandExecutor
- Includes:
- Freezeable
- Defined in:
- lib/console1984/command_executor.rb
Overview
Supervise execution of console commands:
-
It will validate commands before running them.
-
It will execute the commands in protected mode if needed.
-
It will log the command execution, and flag suspicious attempts and forbidden commands appropriately.
Instance Attribute Summary collapse
-
#last_suspicious_command_error ⇒ Object
readonly
Returns the value of attribute last_suspicious_command_error.
Instance Method Summary collapse
-
#execute(commands, &block) ⇒ Object
Logs and validates
commands
, and executes the passed block in a protected environment. -
#execute_in_protected_mode(&block) ⇒ Object
Executes the passed block in protected mode.
-
#executing_user_command? ⇒ Boolean
Returns whether the system is currently executing a user command.
- #from_irb?(backtrace) ⇒ Boolean
-
#run_as_system(&block) ⇒ Object
Executes the passed block as the system.
-
#run_as_user(&block) ⇒ Object
Executes the passed block as a user.
-
#validate_command(command) ⇒ Object
Validates the command.
Methods included from Freezeable
Instance Attribute Details
#last_suspicious_command_error ⇒ Object (readonly)
Returns the value of attribute last_suspicious_command_error.
13 14 15 |
# File 'lib/console1984/command_executor.rb', line 13 def last_suspicious_command_error @last_suspicious_command_error end |
Instance Method Details
#execute(commands, &block) ⇒ Object
Logs and validates commands
, and executes the passed block in a protected environment.
Suspicious commands will be executed but flagged as suspicious. Forbidden commands will be prevented and flagged too.
19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 |
# File 'lib/console1984/command_executor.rb', line 19 def execute(commands, &block) run_as_system { session_logger.before_executing commands } validate_command commands execute_in_protected_mode(&block) rescue Console1984::Errors::ForbiddenCommandAttempted, FrozenError => error flag_suspicious(commands, error: error) rescue Console1984::Errors::SuspiciousCommandAttempted => error flag_suspicious(commands, error: error) execute_in_protected_mode(&block) rescue Console1984::Errors::ForbiddenCommandExecuted => error # We detected that a forbidden command was executed. We exit IRB right away. flag_suspicious(commands, error: error) Console1984.supervisor.exit_irb rescue => error raise encrypting_error(error) ensure run_as_system { session_logger.after_executing commands } end |
#execute_in_protected_mode(&block) ⇒ Object
Executes the passed block in protected mode.
See Console1984::Shield::Modes.
41 42 43 44 45 |
# File 'lib/console1984/command_executor.rb', line 41 def execute_in_protected_mode(&block) run_as_user do shield.with_protected_mode(&block) end end |
#executing_user_command? ⇒ Boolean
Returns whether the system is currently executing a user command.
64 65 66 |
# File 'lib/console1984/command_executor.rb', line 64 def executing_user_command? @executing_user_command end |
#from_irb?(backtrace) ⇒ Boolean
75 76 77 |
# File 'lib/console1984/command_executor.rb', line 75 def from_irb?(backtrace) executing_user_command? && backtrace.first.to_s =~ /^[^\/]/ end |
#run_as_system(&block) ⇒ Object
Executes the passed block as the system.
While the block is being executed, #executing_user_command? will return false.
59 60 61 |
# File 'lib/console1984/command_executor.rb', line 59 def run_as_system(&block) run_command false, &block end |
#run_as_user(&block) ⇒ Object
Executes the passed block as a user.
While the block is being executed, #executing_user_command? will return true. This method helps implementing certain protection mechanisms that should only act with user commands.
52 53 54 |
# File 'lib/console1984/command_executor.rb', line 52 def run_as_user(&block) run_command true, &block end |
#validate_command(command) ⇒ Object
Validates the command.
See Console1984::CommandValidator.
71 72 73 |
# File 'lib/console1984/command_executor.rb', line 71 def validate_command(command) command_validator.validate(command) end |