Class: Datadog::AppSec::Context

Inherits:

Object

• Object
• Datadog::AppSec::Context

Defined in:

lib/datadog/appsec/context.rb

Overview

This class accumulates the context over the request life-cycle and exposes interface sufficient for instrumentation to perform threat detection.

Constant Summary

ActiveContextError =

Steep: github.com/soutaro/steep/issues/1880

Class.new(StandardError)

Instance Attribute Summary

• #events ⇒ Object readonly

  TODO: add delegators for active trace span.

• #span ⇒ Object readonly

  TODO: add delegators for active trace span.

• #trace ⇒ Object readonly

  TODO: add delegators for active trace span.

Class Method Summary

• .activate(context) ⇒ Object
• .active ⇒ Object
• .deactivate ⇒ Object

Instance Method Summary

• #export_metrics ⇒ Object
• #export_request_telemetry ⇒ Object
• #extract_schema ⇒ Object
• #finalize! ⇒ Object
• #initialize(trace, span, waf_runner) ⇒ Context constructor

  A new instance of Context.

• #interrupted? ⇒ Boolean
• #mark_as_interrupted! ⇒ Object
• #run_rasp(type, persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT, phase: nil) ⇒ Object
• #run_waf(persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT) ⇒ Object
• #waf_runner_known_addresses ⇒ Object
• #waf_runner_ruleset_version ⇒ Object

Constructor Details

#initialize(trace, span, waf_runner) ⇒ Context

Returns a new instance of Context.

# File 'lib/datadog/appsec/context.rb', line 35

def initialize(trace, span, waf_runner)
  @trace = trace
  @span = span
  @events = []
  @waf_runner = waf_runner
  @metrics = Metrics::Collector.new
  @interrupted = false
end

Instance Attribute Details

#events ⇒ Object (readonly)

TODO: add delegators for active trace span

# File 'lib/datadog/appsec/context.rb', line 14

def events
  @events
end

#span ⇒ Object (readonly)

TODO: add delegators for active trace span

# File 'lib/datadog/appsec/context.rb', line 14

def span
  @span
end

#trace ⇒ Object (readonly)

TODO: add delegators for active trace span

# File 'lib/datadog/appsec/context.rb', line 14

def trace
  @trace
end

Class Method Details

.activate(context) ⇒ Object

Raises:

• (ArgumentError)

# File 'lib/datadog/appsec/context.rb', line 17

def activate(context)
  raise ArgumentError, 'not a Datadog::AppSec::Context' unless context.instance_of?(Context)
  raise ActiveContextError, 'another context is active, nested contexts are not supported' if active

  Thread.current[Ext::ACTIVE_CONTEXT_KEY] = context
end

.active ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 30

def active
  Thread.current[Ext::ACTIVE_CONTEXT_KEY]
end

.deactivate ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 24

def deactivate
  active&.finalize!
ensure
  Thread.current[Ext::ACTIVE_CONTEXT_KEY] = nil
end

Instance Method Details

#export_metrics ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 80

def export_metrics
  return if @span.nil?

  Metrics::Exporter.export_waf_metrics(@metrics.waf, @span)
  Metrics::Exporter.export_rasp_metrics(@metrics.rasp, @span)
end

#export_request_telemetry ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 87

def export_request_telemetry
  return if @trace.nil?

  Metrics::TelemetryExporter.export_waf_request_metrics(@metrics.waf, self)
end

#extract_schema ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 76

def extract_schema
  @waf_runner.run({'waf.context.processor' => {'extract-schema' => true}}, {})
end

#finalize! ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 93

def finalize!
  @waf_runner.finalize!
end

#interrupted? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/datadog/appsec/context.rb', line 64

def interrupted?
  @interrupted
end

#mark_as_interrupted! ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 60

def mark_as_interrupted!
  @interrupted = true
end

#run_rasp(type, persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT, phase: nil) ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 51

def run_rasp(type, persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT, phase: nil)
  result = @waf_runner.run(persistent_data, ephemeral_data, timeout)

  Metrics::Telemetry.report_rasp(type, result, phase: phase)
  @metrics.record_rasp(result, type: type, phase: phase)

  result
end

#run_waf(persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT) ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 44

def run_waf(persistent_data, ephemeral_data, timeout = WAF::LibDDWAF::DDWAF_RUN_TIMEOUT)
  result = @waf_runner.run(persistent_data, ephemeral_data, timeout)

  @metrics.record_waf(result)
  result
end

#waf_runner_known_addresses ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 72

def waf_runner_known_addresses
  @waf_runner.waf_addresses
end

#waf_runner_ruleset_version ⇒ Object

# File 'lib/datadog/appsec/context.rb', line 68

def waf_runner_ruleset_version
  @waf_runner.ruleset_version
end