Class: Contrast::Agent::Assess::Events::SourceEvent

Inherits:

ContrastEvent

Object
ContrastEvent
Contrast::Agent::Assess::Events::SourceEvent

show all

Defined in:: lib/contrast/agent/assess/events/source_event.rb

Overview

This class holds the data about an event in the application We’ll use it to build an event that TeamServer can consume if the object to which this event belongs ends in a trigger.

Instance Attribute Summary collapse

#request ⇒ Object readonly

Returns the value of attribute request.
#source_name ⇒ Object readonly

Returns the value of attribute source_name.
#source_type ⇒ Object readonly

Returns the value of attribute source_type.

Attributes inherited from ContrastEvent

#args, #event_id, #object, #policy_node, #ret, #stack_trace, #thread, #time

Instance Method Summary collapse

#build_event_source_dtm ⇒ Object

Probably only for source events, but we’ll go with source_type instead.
#determine_taint_target(event_dtm) ⇒ Object

We have to do a little work to figure out what our TS appropriate target is.
#forced_source_name ⇒ Object
#forced_source_type ⇒ Object
#initialize(policy_node, tagged, object, ret, args, source_type = nil, source_name = nil) ⇒ SourceEvent constructor

A new instance of SourceEvent.
#parent_events ⇒ Object
#to_dtm_event ⇒ Object

Convert this event into a DTM that TeamServer can consume.

Constructor Details

#initialize(policy_node, tagged, object, ret, args, source_type = nil, source_name = nil) ⇒ `SourceEvent`

Returns a new instance of SourceEvent.

# File 'lib/contrast/agent/assess/events/source_event.rb', line 17

def initialize policy_node, tagged, object, ret, args, source_type = nil, source_name = nil
  super(policy_node, tagged, object, ret, args)
  @source_type = source_type
  @source_name = source_name
  @request = Contrast::Agent::REQUEST_TRACKER.current&.request
end

Instance Attribute Details

#request ⇒ `Object` (readonly)

Returns the value of attribute request.



15
16
17

# File 'lib/contrast/agent/assess/events/source_event.rb', line 15

def request
  @request
end

#source_name ⇒ `Object` (readonly)

Returns the value of attribute source_name.



15
16
17

# File 'lib/contrast/agent/assess/events/source_event.rb', line 15

def source_name
  @source_name
end

#source_type ⇒ `Object` (readonly)

Returns the value of attribute source_type.



15
16
17

# File 'lib/contrast/agent/assess/events/source_event.rb', line 15

def source_type
  @source_type
end

Instance Method Details

#build_event_source_dtm ⇒ `Object`

Probably only for source events, but we’ll go with source_type instead. java & .net support source_type in propagation events, so we’ll future proof this

# File 'lib/contrast/agent/assess/events/source_event.rb', line 49

def build_event_source_dtm
  # You can have a source w/o a name, but not w/o a type
  return unless source_type

  dtm = Contrast::Api::Dtm::TraceEventSource.new
  dtm.type = forced_source_type
  dtm.name = forced_source_name
  dtm
end

#determine_taint_target(event_dtm) ⇒ `Object`

We have to do a little work to figure out what our TS appropriate target is. To break this down, the logic is as follows: 1) If I have a highlight, it means that I have a P target that is

not in integer form (it was a named / keyword type for which I had
to find the index). I need to address this so that TS can process
it.

2) I’ll set the event’s source and target to TS values. 3) Return the highlight or the first source/target as the taint

target.

# File 'lib/contrast/agent/assess/events/source_event.rb', line 68

def determine_taint_target event_dtm
  return unless @policy_node&.targets&.any?

  event_dtm.source = @policy_node.source_string if @policy_node.source_string
  event_dtm.target = @highlight ? "P#{ @highlight }" : @policy_node.target_string
  @highlight || @policy_node.targets[0]
end

#forced_source_name ⇒ `Object`



42
43
44

# File 'lib/contrast/agent/assess/events/source_event.rb', line 42

def forced_source_name
  @_forced_source_name ||= Contrast::Utils::StringUtils.force_utf8(source_name)
end

#forced_source_type ⇒ `Object`



38
39
40

# File 'lib/contrast/agent/assess/events/source_event.rb', line 38

def forced_source_type
  @_forced_source_type ||= Contrast::Utils::StringUtils.force_utf8(source_type)
end

#parent_events ⇒ `Object`



24
25
26

# File 'lib/contrast/agent/assess/events/source_event.rb', line 24

def parent_events
  nil
end

#to_dtm_event ⇒ `Object`

Convert this event into a DTM that TeamServer can consume

# File 'lib/contrast/agent/assess/events/source_event.rb', line 29

def to_dtm_event
  event = super
  event.field_name = Contrast::Utils::StringUtils.force_utf8(source_name)
  event_source_dtm = build_event_source_dtm
  event.event_sources << event_source_dtm if event_source_dtm
  event.object_id = event_id.to_i
  event
end

Class: Contrast::Agent::Assess::Events::SourceEvent

Overview

Instance Attribute Summary collapse

Attributes inherited from ContrastEvent

Instance Method Summary collapse

Methods inherited from ContrastEvent

Methods included from Utils::PreventPsychSerialization

Methods included from Utils::PreventMarshalSerialization

Constructor Details

#initialize(policy_node, tagged, object, ret, args, source_type = nil, source_name = nil) ⇒ SourceEvent

Instance Attribute Details

#request ⇒ Object (readonly)

#source_name ⇒ Object (readonly)

#source_type ⇒ Object (readonly)

Instance Method Details

#build_event_source_dtm ⇒ Object

#determine_taint_target(event_dtm) ⇒ Object

#forced_source_name ⇒ Object

#forced_source_type ⇒ Object

#parent_events ⇒ Object

#to_dtm_event ⇒ Object