Class: Contrast::Agent::Reporting::RaspRuleSample

Inherits:
Object
  • Object
show all
Defined in:
lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb

Overview

This class will hold the new RaspRuleSample. It is mainly used to build samples for each protect rule, and translate data from SP IA. It is not a reporting event.

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Instance Attribute Details

#detailsContrast::Agent::Reporting::Details::ProtectRuleDetails?

Any rules specific details

Returns:



22
23
24
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 22

def details
  @details
end

Class Method Details

.build(context, ia_result) ⇒ Contrast::Agent::Reporting::RaspRuleSample

Parameters:

  • context (Contrast::Agent::RequestContext)
  • ia_result (Contrast::Agent::Reporting::Settings::InputAnalysisResult)

    the analysis of the input that was determined to be an attack

Returns:



29
30
31
32
33
34
35
36
37
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 29

def build context, ia_result
  sample = new
  sample.time_stamp = context&.timer&.start_ms || Contrast::Utils::Timer.now_ms
  sample.user_input = build_user_input_from_ia(ia_result)
  sample.user_input.document_type = if context&.request
                                      Contrast::Utils::StringUtils.force_utf8(context.request.document_type)
                                    end
  sample
end

.build_user_input_from_ia(ia_result) ⇒ Object

Parameters:

  • ia_result (Contrast::Agent::Reporting::Settings::InputAnalysisResult)

    the analysis of the input that was determined to be an attack



41
42
43
44
45
46
47
48
49
50
51
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 41

def build_user_input_from_ia ia_result
  user_input = Contrast::Agent::Reporting::UserInput.new
  return user_input unless ia_result

  user_input.input_type = ia_result.input_type
  user_input.matcher_ids = ia_result.ids
  user_input.path = ia_result.path
  user_input.key = ia_result.key if ia_result.key
  user_input.value = ia_result.value if ia_result.value
  user_input
end

Instance Method Details

#stackArray<Contrast::Agent::Reporting::ApplicationDefendAttackSampleStack>, Array

Returns:



71
72
73
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 71

def stack
  @_stack ||= []
end

#time_stampObject 



54
55
56
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 54

def time_stamp
  @_time_stamp ||= Contrast::Agent::REQUEST_TRACKER.current&.timer&.start_ms || 0
end

#time_stamp=(timestamp_ms) ⇒ Object 



58
59
60
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 58

def time_stamp= timestamp_ms
  @_time_stamp = timestamp_ms
end

#to_controlled_hashObject 



75
76
77
78
79
80
81
82
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 75

def to_controlled_hash
  {
      timeStamp: Time.at(time_stamp).iso8601,
      userInput: user_input.to_controlled_hash,
      details: details&.to_controlled_hash,
      stack: stack.map(&:to_controlled_hash)
  }
end

#user_inputObject 



62
63
64
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 62

def user_input
  @_user_input ||= Contrast::Agent::Reporting::UserInput.new
end

#user_input=(input) ⇒ Object 



66
67
68
 
# File 'lib/contrast/agent/reporting/attack_result/rasp_rule_sample.rb', line 66

def user_input= input
  @_user_input = input if input.is_a?(Contrast::Agent::Reporting::UserInput)
end