Module: Console1984::Shield::Modes

Includes:

Freezeable, InputOutput, Messages

Included in:

Console1984::Shield

Defined in:

lib/console1984/shield/modes.rb

Overview

Console 1984 operates in two modes:

• Protected: it won’t reveal encrypted information, attempt to connect to protected urls will be prevented.

• Unprotected: it will reveal encrypted information and let all connections go through.

Tampering attempts (such as deleting audit trails) is prevented in both modes.

Defined Under Namespace

Classes: Protected, Unprotected

Constant Summary

PROTECTED_MODE =

Protected.new

UNPROTECTED_MODE =

Unprotected.new

Constants included from Messages

Messages::COMMANDS, Messages::DEFAULT_ENTER_PROTECTED_MODE_WARNING, Messages::DEFAULT_ENTER_UNPROTECTED_ENCRYPTION_MODE_WARNING, Messages::DEFAULT_PRODUCTION_DATA_WARNING

Instance Method Summary

• #enable_protected_mode(silent: false) ⇒ Object

  Switch to unprotected mode.

• #enable_unprotected_mode(silent: false) ⇒ Object

  Switch to protected mode.

• #protected_mode? ⇒ Boolean
• #unprotected_mode? ⇒ Boolean
• #with_protected_mode(&block) ⇒ Object

  Executes the passed block in the configured mode (protected or unprotected).

Methods included from Freezeable

freeze_all, included

Instance Method Details

#enable_protected_mode(silent: false) ⇒ Object

Switch to unprotected mode

Pass silent: true to hide an informative message when switching to this mode.

# File 'lib/console1984/shield/modes.rb', line 32

def enable_protected_mode(silent: false)
  command_executor.run_as_system do
    show_warning Console1984.enter_protected_mode_warning if !silent && unprotected_mode?
    session_logger.end_sensitive_access
    nil
  end
ensure
  @mode = PROTECTED_MODE
  nil
end

#enable_unprotected_mode(silent: false) ⇒ Object

Switch to protected mode

Pass silent: true to hide an informative message when switching to this mode.

# File 'lib/console1984/shield/modes.rb', line 17

def enable_unprotected_mode(silent: false)
  command_executor.run_as_system do
    show_warning Console1984.enter_unprotected_encryption_mode_warning if !silent && protected_mode?
    justification = ask_for_value "\nBefore you can access personal information, you need to ask for and get explicit consent from the user(s). #{current_username}, where can we find this consent (a URL would be great)?"
    session_logger.start_sensitive_access justification
    nil
  end
ensure
  @mode = UNPROTECTED_MODE
  nil
end

#protected_mode? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/console1984/shield/modes.rb', line 52

def protected_mode?
  !unprotected_mode?
end

#unprotected_mode? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/console1984/shield/modes.rb', line 48

def unprotected_mode?
  @mode.is_a?(Unprotected)
end

#with_protected_mode(&block) ⇒ Object

Executes the passed block in the configured mode (protected or unprotected).

# File 'lib/console1984/shield/modes.rb', line 44

def with_protected_mode(&block)
  @mode.execute(&block)
end