Module: TCellAgent::Instrumentation::Rails::DLPHandler

Defined in:
lib/tcell_agent/rails/dlp_handler.rb

Class Method Summary collapse

Class Method Details

.get_handler_and_context(request, response_headers) ⇒ Object 



36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
 
# File 'lib/tcell_agent/rails/dlp_handler.rb', line 36

def self.get_handler_and_context(request, response_headers)
  dlp_handler = nil
  tcell_context = nil

  TCellAgent::Instrumentation.safe_block('DLP Handler get handler and context') do
    if TCellAgent.configuration.should_instrument? &&
       TCellAgent.configuration.should_intercept_requests?

      # do all this work so that dlp doesn't run at all unless it's on and there
      # are rules to run
      if TCellAgent::Utils::Rails.processable_response?(response_headers)
        dlp_policy = TCellAgent.policy(TCellAgent::PolicyTypes::DATALOSS)
        if dlp_policy && dlp_policy.get_actions_for_session_id
          tcell_context = request.env[TCellAgent::Instrumentation::TCELL_ID]
          if tcell_context && tcell_context.session_id
            dlp_handler = proc { |tc, resp|
              handle_dlp!(tc, resp)
            }
          end
        end
      end
    end
  end

  [dlp_handler, tcell_context]
end

.handle_dlp!(tcell_context, response) ⇒ Object 



28
29
30
31
32
33
34
 
# File 'lib/tcell_agent/rails/dlp_handler.rb', line 28

def self.handle_dlp!(tcell_context, response)
  TCellAgent::Instrumentation.safe_block('Running DLP Logging Filters') do
    tcell_context.filter_body!(response)
  end

  response
end

.report_and_redact_now(dlp_handler, tcell_context, rack_body, content_length) ⇒ Object 



8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
 
# File 'lib/tcell_agent/rails/dlp_handler.rb', line 8

def self.report_and_redact_now(dlp_handler, tcell_context, rack_body, content_length)
  TCellAgent::Instrumentation.safe_block('Handling DLP Report and Redact Now') do
    if dlp_handler
      new_content_length = 0
      new_body = []
      rack_body.each do |str|
        dlp_handler.call(tcell_context, str)
        new_body << str
        new_content_length += str.bytesize
      end
      rack_body.close if rack_body.respond_to?(:close)

      rack_body = new_body
      content_length = new_content_length
    end
  end

  [rack_body, content_length]
end