Class: Contrast::Components::Assess::Interface

Inherits:

Object

• Object
• Contrast::Components::Assess::Interface

Includes:

ComponentBase

Defined in:

lib/contrast/components/assess.rb

Overview

A wrapper build around the Common Agent Configuration project to allow for access of the values contained in its parent_configuration_spec.yaml. Specifically, this allows for querying the state of the Assess product.

Constant Summary

DEFAULT_STACKTRACES =

'ALL'

DEFAULT_MAX_SOURCE_EVENTS =

50_000

DEFAULT_MAX_PROPAGATION_EVENTS =

50_000

DEFAULT_MAX_RULE_REPORTED =

100

DEFAULT_MAX_RULE_TIME_THRESHOLD =

300_000

CANON_NAME =

'assess'

CONFIG_VALUES =

%w[
  enabled?
  tags
  enable_scan_response
  enable_original_object
  enable_dynamic_sources
  enable_response_as_source
  stacktraces
  max_context_source_events
  max_propagation_events
  max_rule_reported
  time_limit_threshold
].cs__freeze

Constants included from ComponentBase

ComponentBase::ENABLE

Constants included from Contrast::Config::Diagnostics::Tools

Contrast::Config::Diagnostics::Tools::CHECK

Constants included from Contrast::Config::Diagnostics::SingletonTools

Contrast::Config::Diagnostics::SingletonTools::API_CREDENTIALS, Contrast::Config::Diagnostics::SingletonTools::CONTRAST_MARK

Instance Attribute Summary

• #canon_name ⇒ String readonly
• #config_values ⇒ Array<String> readonly
• #enable ⇒ Boolean^?
• #enable_dynamic_sources ⇒ Boolean
• #enable_original_object ⇒ Boolean
• #enable_response_as_source ⇒ Boolean
• #enable_scan_response ⇒ Boolean
• #max_context_source_events ⇒ Object
• #max_propagation_events ⇒ Object
• #max_rule_reported ⇒ Object
• #rules ⇒ Contrast::Components::AssessRules::Interface
• #sampling ⇒ Contrast::Components::Sampling::Interface
• #stacktraces ⇒ Object
• #tags ⇒ String^?
• #time_limit_threshold ⇒ Object

Instance Method Summary

• #capture_stacktrace?(policy_node) ⇒ Boolean

  Consider capture_stacktrace_value along with the node type to determine whether stacktraces should be captured.

• #capture_stacktrace_value ⇒ Symbol

  The value of the stacktrace should be treated as an ENUM.

• #disabled_rules ⇒ Object
• #enabled? ⇒ Boolean
• #forcibly_disabled? ⇒ Boolean
• #initialize(hsh = {}) ⇒ Interface constructor

  rubocop:disable Naming/MemoizedInstanceVariableName.

• #non_request_tracking? ⇒ Boolean
• #require_dynamic_sources? ⇒ Boolean
• #require_scan? ⇒ Boolean
• #rule_disabled?(name) ⇒ Boolean
• #scan_response? ⇒ Boolean
• #session_id ⇒ Object

  The id for this process, based on the session metadata or id provided by the user, as indicated in application startup.

• #tainted_columns ⇒ Object
• #to_effective_config(effective_config) ⇒ Object

  Converts current configuration to effective config values class and appends them to EffectiveConfig class.

• #track_original_object? ⇒ Boolean
• #track_response_as_source? ⇒ Boolean

Methods included from ComponentBase

#false?, #file_exists?, #stringify_array, #true?, #valid_cert?

Methods included from Contrast::Config::Diagnostics::Tools

#add_effective_config_values, #add_single_effective_value

Methods included from Contrast::Config::Diagnostics::SingletonTools

#flatten_settings, #to_config_values, #update_config, #value_to_s

Constructor Details

#initialize(hsh = {}) ⇒ Interface

rubocop:disable Naming/MemoizedInstanceVariableName

# File 'lib/contrast/components/assess.rb', line 69

def initialize hsh = {}
  @config_values = CONFIG_VALUES
  @canon_name = CANON_NAME
  return unless hsh

  @enable = hsh[:enable]
  @tags = hsh[:tags]
  @enable_scan_response = hsh[:enable_scan_response]
  @enable_dynamic_sources = hsh[:enable_dynamic_sources]
  @enable_original_object = hsh[:enable_original_object]
  @enable_response_as_source = hsh[:enable_response_as_source]
  @sampling = Contrast::Components::Sampling::Interface.new(hsh[:sampling])
  @rules = Contrast::Components::AssessRules::Interface.new(hsh[:rules])
  @stacktraces = hsh[:stacktraces]
  assign_limits(hsh)
end

Instance Attribute Details

#canon_name ⇒ String (readonly)

Returns:

• (String)

# File 'lib/contrast/components/assess.rb', line 33

def canon_name
  @canon_name
end

#config_values ⇒ Array<String> (readonly)

Returns:

• (Array<String>)

# File 'lib/contrast/components/assess.rb', line 35

def config_values
  @config_values
end

#enable ⇒ Boolean^?

Returns:

• (Boolean, nil)

# File 'lib/contrast/components/assess.rb', line 19

def enable
  @enable
end

#enable_dynamic_sources ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 92

def enable_dynamic_sources
  @enable_dynamic_sources.nil? ? true : @enable_dynamic_sources
end

#enable_original_object ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 97

def enable_original_object
  @enable_original_object.nil? ? true : @enable_original_object
end

#enable_response_as_source ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 102

def enable_response_as_source
  @enable_response_as_source.nil? ? false : @enable_response_as_source
end

#enable_scan_response ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 87

def enable_scan_response
  @enable_scan_response.nil? ? true : @enable_scan_response
end

#max_context_source_events ⇒ Object

# File 'lib/contrast/components/assess.rb', line 132

def max_context_source_events
  @max_context_source_events ||= DEFAULT_MAX_SOURCE_EVENTS
end

#max_propagation_events ⇒ Object

# File 'lib/contrast/components/assess.rb', line 128

def max_propagation_events
  @max_propagation_events ||= DEFAULT_MAX_PROPAGATION_EVENTS
end

#max_rule_reported ⇒ Object

# File 'lib/contrast/components/assess.rb', line 120

def max_rule_reported
  @max_rule_reported ||= DEFAULT_MAX_RULE_REPORTED
end

#rules ⇒ Contrast::Components::AssessRules::Interface

Returns:

• (Contrast::Components::AssessRules::Interface)

# File 'lib/contrast/components/assess.rb', line 112

def rules
  @rules ||= Contrast::Components::AssessRules::Interface.new
end

#sampling ⇒ Contrast::Components::Sampling::Interface

Returns:

• (Contrast::Components::Sampling::Interface)

# File 'lib/contrast/components/assess.rb', line 107

def sampling
  @sampling ||= Contrast::Components::Sampling::Interface.new
end

#stacktraces ⇒ Object

# File 'lib/contrast/components/assess.rb', line 116

def stacktraces
  @stacktraces ||= DEFAULT_STACKTRACES
end

#tags ⇒ String^?

Returns:

• (String, nil)

# File 'lib/contrast/components/assess.rb', line 137

def tags
  stringify_array(@tags)
end

#time_limit_threshold ⇒ Object

# File 'lib/contrast/components/assess.rb', line 124

def time_limit_threshold
  @time_limit_threshold ||= DEFAULT_MAX_RULE_TIME_THRESHOLD
end

Instance Method Details

#capture_stacktrace?(policy_node) ⇒ Boolean

Consider capture_stacktrace_value along with the node type to determine whether stacktraces should be captured.

capture_stacktrace_value -> (:ALL, :NONE, :SOME) node types (SourceNode, PolicyNode, TriggerNode, PropagationNode)

Parameters:

• policy_node (Contrast::Agent::Assess::Policy::PolicyNode) —

  The node in question.

Returns:

• (Boolean) —

  to capture or not to capture, that is the question.

# File 'lib/contrast/components/assess.rb', line 187

def capture_stacktrace? policy_node
  return true if capture_stacktrace_value == :ALL
  return false if capture_stacktrace_value == :NONE

  # Below here capture_stacktrace_value must be :SOME.
  return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::SourceNode)
  return true if policy_node.cs__is_a?(Contrast::Agent::Assess::Policy::TriggerNode)

  false
end

#capture_stacktrace_value ⇒ Symbol

The value of the stacktrace should be treated as an ENUM. We upcase it for faster comparisons when we use it. Anything not one of the known values of ‘NONE’, ‘SOME’, or ‘ALL’ is treated as ‘ALL’

Returns:

• (Symbol) —

  the normalized value of ::Contrast::CONFIG.assess.stacktraces

# File 'lib/contrast/components/assess.rb', line 168

def capture_stacktrace_value
  @_capture_stacktrace_value ||= case stacktraces&.upcase
                                 when 'NONE'
                                   :NONE
                                 when 'SOME'
                                   :SOME
                                 else
                                   :ALL
                                 end
end

#disabled_rules ⇒ Object

# File 'lib/contrast/components/assess.rb', line 221

def disabled_rules
  rules&.disabled_rules || ::Contrast::SETTINGS.assess_state.disabled_assess_rules || []
end

#enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 141

def enabled?
  # config overrides if forcibly set
  return false if forcibly_disabled?
  return true  if forcibly_enabled?

  ::Contrast::SETTINGS.assess_state.enabled == true
end

#forcibly_disabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 153

def forcibly_disabled?
  @_forcibly_disabled = false?(enable) if @_forcibly_disabled.nil?

  @_forcibly_disabled
end

#non_request_tracking? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 215

def non_request_tracking?
  @_non_request_tracking = true?(::Contrast::CONFIG.agent.ruby.non_request_tracking) if
    @_non_request_tracking.nil?
  @_non_request_tracking
end

#require_dynamic_sources? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 209

def require_dynamic_sources?
  return @_require_dynamic_sources unless @_require_dynamic_sources.nil?

  @_require_dynamic_sources = !false?(enable_dynamic_sources)
end

#require_scan? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 204

def require_scan?
  @_require_scan = !false?(::Contrast::CONFIG.agent.ruby.require_scan) if @_require_scan.nil?
  @_require_scan
end

#rule_disabled?(name) ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 159

def rule_disabled? name
  disabled_rules.include?(name)
end

#scan_response? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 198

def scan_response?
  @_scan_response = !false?(enable_scan_response) if @_scan_response.nil?

  @_scan_response
end

#session_id ⇒ Object

The id for this process, based on the session metadata or id provided by the user, as indicated in application startup.

The ID of the current application run, as returned by the application settings endpoint or set by application.session_id. If there is no session associated with this run, this field should be omitted when reporting to TS.

# File 'lib/contrast/components/assess.rb', line 244

def session_id
  ::Contrast::SETTINGS.assess_state.session_id
end

#tainted_columns ⇒ Object

# File 'lib/contrast/components/assess.rb', line 149

def tainted_columns
  ::Contrast::SETTINGS.tainted_columns
end

#to_effective_config(effective_config) ⇒ Object

Converts current configuration to effective config values class and appends them to EffectiveConfig class.

Parameters:

• effective_config (Contrast::Config::Diagnostics::EffectiveConfig)

# File 'lib/contrast/components/assess.rb', line 252

def to_effective_config effective_config
  super
  sampling&.to_effective_config(effective_config)
  rules&.to_effective_config(effective_config)
end

#track_original_object? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 225

def track_original_object?
  @_track_original_object = !false?(enable_original_object) if @_track_original_object.nil?

  @_track_original_object
end

#track_response_as_source? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/assess.rb', line 231

def track_response_as_source?
  @track_response_as_source = !false?(enable_response_as_source) if
    @track_response_as_source.nil?

  @track_response_as_source
end