Class: Contrast::Agent::Assess::Policy::PolicyNode

Inherits:

Patching::Policy::PolicyNode

• Object
• Patching::Policy::PolicyNode
• Contrast::Agent::Assess::Policy::PolicyNode

Defined in:

lib/contrast/agent/assess/policy/policy_node.rb

Overview

This class functions to translate our policy.json into an actionable Ruby object, allowing for dynamic patching over hardcoded patching.

Direct Known Subclasses

PropagationNode, SourceNode, TriggerNode

Constant Summary

ALL_TYPE =

'A'

TO_MARKER =

'2'

JSON_SOURCE =

The keys used to read from policy.json to create the individual policy nodes. These are common across node types

'source'

JSON_TARGET =

'target'

JSON_TAGS =

'tags'

JSON_DATAFLOW =

'dataflow'

Instance Attribute Summary

• #source_string ⇒ Object readonly

  Returns the value of attribute source_string.

• #sources ⇒ Object readonly

  Returns the value of attribute sources.

• #tags ⇒ Object

  Returns the value of attribute tags.

• #target_string ⇒ Object

  Returns the value of attribute target_string.

• #targets ⇒ Object readonly

  Returns the value of attribute targets.

• #type ⇒ Object

  Returns the value of attribute type.

Attributes inherited from Patching::Policy::PolicyNode

#class_name, #instance_method, #method_name, #method_scope, #method_visibility, #properties

Instance Method Summary

• #add_property(name, value) ⇒ Object

  Sometimes we need to tie information to an event.

• #build_action ⇒ Object

  Convert our action, built from our source and target, into the TS appropriate action.

• #feature ⇒ Object
• #generate_sources ⇒ Object

  Given a source in the format A,B,C, populate the sources of this node 1) Split on ‘,’ 2) If ‘O’, add the source, else it’s P (we don’t have R sources) and needs to be converted.

• #generate_targets ⇒ Object

  Given a target in the format A,B,C, populate the targets of this node 1) Split on ‘,’ 2) If ‘O’ or ‘R’, add the target, else it’s P and needs to be converted.

• #get_property(name) ⇒ Object
• #initialize(policy_hash = {}) ⇒ PolicyNode constructor

  A new instance of PolicyNode.

• #node_class ⇒ Object
• #node_type ⇒ Object
• #target ⇒ Object
• #validate ⇒ Object

  Don’t let nodes be created that will be missing things we need later on.

• #validate_tags ⇒ Object

  TeamServer is picky.

Methods inherited from Patching::Policy::PolicyNode

#id, #instance_method?

Methods included from Components::Interface

included

Constructor Details

#initialize(policy_hash = {}) ⇒ PolicyNode

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 17

def initialize policy_hash = {}
  super(policy_hash)
  @source_string = policy_hash[JSON_SOURCE]
  @target_string = policy_hash[JSON_TARGET]
  @tags = Set.new(policy_hash[JSON_TAGS])
  generate_sources
  generate_targets
end

Instance Attribute Details

#source_string ⇒ Object (readonly)

Returns the value of attribute source_string.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 15

def source_string
  @source_string
end

#sources ⇒ Object (readonly)

Returns the value of attribute sources.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 15

def sources
  @sources
end

#tags ⇒ Object

Returns the value of attribute tags.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 14

def tags
  @tags
end

#target_string ⇒ Object

Returns the value of attribute target_string.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 15

def target_string
  @target_string
end

#targets ⇒ Object (readonly)

Returns the value of attribute targets.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 15

def targets
  @targets
end

#type ⇒ Object

Returns the value of attribute type.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 14

def type
  @type
end

Instance Method Details

#add_property(name, value) ⇒ Object

Sometimes we need to tie information to an event. We’ll add a properties section to the patch node, which can pass them along to the pre-dtm event

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 56

def add_property name, value
  return unless name && value

  @properties ||= {}
  @properties[name] = value
end

#build_action ⇒ Object

Convert our action, built from our source and target, into the TS appropriate action. That’s a single source to single target marker (A,O,P,R)

Creation (source nodes) don’t have sources (they are the source) Trigger (trigger nodes) don’t have targets (they are the target) Everything else (propagation nodes) are Source2Target

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 158

def build_action
  @event_action ||= begin
    case node_class
    when Contrast::Agent::Assess::Policy::SourceNode::SOURCE
      :CREATION
    when Contrast::Agent::Assess::Policy::TriggerNode::TRIGGER
      :TRIGGER
    else
      if source_string.nil?
        :CREATION
      elsif target_string.nil?
        :TRIGGER
      else
        # TeamServer can't handle the multi-source or multi-target
        # values. Give it some help by changing them to 'A'
        source = source_string.include?(Contrast::Utils::ObjectShare::COMMA) ? ALL_TYPE : source_string
        target = target_string.include?(Contrast::Utils::ObjectShare::COMMA) ? ALL_TYPE : target_string
        str = source[0] + TO_MARKER + target[0]
        str.to_sym
      end
    end
  end
  @event_action
end

#feature ⇒ Object

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 26

def feature
  'Assess'
end

#generate_sources ⇒ Object

Given a source in the format A,B,C, populate the sources of this node 1) Split on ‘,’ 2) If ‘O’, add the source, else it’s P (we don’t have R sources) and

needs to be converted. P type will either be P:name or P# where #
is the index of the parameter. Drop the P and store the int as int
or name as symbol

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 75

def generate_sources
  if source_string
    @sources = []
    source_string.split(Contrast::Utils::ObjectShare::COMMA).each do |s|
      is_object = (s == Contrast::Utils::ObjectShare::OBJECT_KEY)
      if is_object
        @sources << s
      else
        parameter_source = s[1..-1]
        @sources << if parameter_source.start_with?(Contrast::Utils::ObjectShare::COLON)
                      parameter_source[1..-1].to_sym
                    else
                      parameter_source.to_i
                    end
      end
    end
  else
    @sources = Contrast::Utils::ObjectShare::EMPTY_ARRAY
  end
end

#generate_targets ⇒ Object

Given a target in the format A,B,C, populate the targets of this node 1) Split on ‘,’ 2) If ‘O’ or ‘R’, add the target, else it’s P and needs to be

converted. P type will either be P:name or P# where # is the index
of the paramter. Drop the P and store the int as int or name as
symbol

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 102

def generate_targets
  if target_string
    @targets = []
    target_string.split(Contrast::Utils::ObjectShare::COMMA).each do |t|
      case t
      when Contrast::Utils::ObjectShare::OBJECT_KEY
        @targets << t
      when Contrast::Utils::ObjectShare::RETURN_KEY
        @targets << t
      else
        parameter_target = t[1..-1]
        @targets << if parameter_target.start_with?(Contrast::Utils::ObjectShare::COLON)
                      parameter_target[1..-1].to_sym
                    else
                      parameter_target.to_i
                    end
      end
    end
  else
    @targets = Contrast::Utils::ObjectShare::EMPTY_ARRAY
  end
end

#get_property(name) ⇒ Object

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 63

def get_property name
  return unless @properties

  @properties[name]
end

#node_class ⇒ Object

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 30

def node_class
  'Node'
end

#node_type ⇒ Object

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 34

def node_type
  :TYPE_METHOD
end

#target ⇒ Object

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 38

def target
  @_target ||= begin
    if targets&.any?
      targets[0]
    elsif sources&.any?
      sources[0]
    end
  end
end

#validate ⇒ Object

Don’t let nodes be created that will be missing things we need later on. Really, if they don’t have these things, they couldn’t have done their jobs anyway.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 128

def validate
  super
  validate_tags
end

#validate_tags ⇒ Object

TeamServer is picky. The tags here match to ENUMs there. If there isn’t a matching ENUM in TS land, the database gets got. We really don’t want to get them, so we’re going to prevent the node from being made.

# File 'lib/contrast/agent/assess/policy/policy_node.rb', line 137

def validate_tags
  return unless tags

  tags.each do |tag|
    next if Contrast::Api::Decorators::TraceTaintRangeTags::VALID_TAGS.include?(tag) ||
        Contrast::Api::Decorators::TraceTaintRangeTags::VALID_SOURCE_TAGS.include?(tag)

    raise(ArgumentError,
          "#{ node_class } #{ id } had an invalid tag. #{ tag } is not a known value.")
  end
end