Class: Contrast::Config::ProtectRuleConfiguration

Inherits:

Object

• Object
• Contrast::Config::ProtectRuleConfiguration

Includes:

BaseConfiguration

Defined in:

lib/contrast/config/protect_rule_configuration.rb

Overview

Common Configuration settings. Those in this section pertain to the rule mode of a single protect rule in the Agent.

Constant Summary

Constants included from BaseConfiguration

BaseConfiguration::AT_UNDERSCORE

Instance Attribute Summary

• #detect_custom_code_accessing_system_files ⇒ Boolean, true
• #disable_system_commands ⇒ Boolean^?
• #enable ⇒ Boolean^?
• #mode ⇒ String^?

Instance Method Summary

• #applicable_mode ⇒ Symbol^?

  To convert the user input mode from config to a standard format used by TS & SR, we need to convert the given String to its recognized symbol equivalent.

• #initialize(hsh = {}) ⇒ ProtectRuleConfiguration constructor

  A new instance of ProtectRuleConfiguration.

Methods included from BaseConfiguration

#to_contrast_hash

Constructor Details

#initialize(hsh = {}) ⇒ ProtectRuleConfiguration

Returns a new instance of ProtectRuleConfiguration.

# File 'lib/contrast/config/protect_rule_configuration.rb', line 21

def initialize hsh = {}
  return unless hsh

  @enable = hsh[:enable]
  @mode = hsh[:mode]
  @disable_system_commands = hsh[:disable_system_commands]
  @detect_custom_code_accessing_system_files = hsh[:detect_custom_code_accessing_system_files]
end

Instance Attribute Details

#detect_custom_code_accessing_system_files ⇒ Boolean, true

Returns:

• (Boolean, true)

# File 'lib/contrast/config/protect_rule_configuration.rb', line 31

def detect_custom_code_accessing_system_files
  @detect_custom_code_accessing_system_files.nil? ? true : @detect_custom_code_accessing_system_files
end

#disable_system_commands ⇒ Boolean^?

Returns:

• (Boolean, nil)

# File 'lib/contrast/config/protect_rule_configuration.rb', line 18

def disable_system_commands
  @disable_system_commands
end

#enable ⇒ Boolean^?

Returns:

• (Boolean, nil)

# File 'lib/contrast/config/protect_rule_configuration.rb', line 14

def enable
  @enable
end

#mode ⇒ String^?

Returns:

• (String, nil)

# File 'lib/contrast/config/protect_rule_configuration.rb', line 16

def mode
  @mode
end

Instance Method Details

#applicable_mode ⇒ Symbol^?

To convert the user input mode from config to a standard format used by TS & SR, we need to convert the given String to its recognized symbol equivalent. If a nonsense value is provided, it’ll be treated the same as disabling the rule.

Returns:

• (Symbol, nil)

# File 'lib/contrast/config/protect_rule_configuration.rb', line 40

def applicable_mode
  return unless mode

  case mode.downcase
  when 'permit'
    :PERMIT
  when 'block_at_perimeter'
    :BLOCK_AT_PERIMETER
  when 'block'
    :BLOCK
  when 'monitor'
    :MONITOR
  else
    :NO_ACTION
  end
end