Class: Contrast::Components::Settings::Interface

Inherits:

Object

• Object
• Contrast::Components::Settings::Interface

Includes:

ComponentBase, Interface

Defined in:

lib/contrast/components/settings.rb

Overview

This is a class.

Constant Summary

PROTECT_STATE_ATTRS =

These are settings that we receive & store. Rules are settings too, but they’re more involved. So, between this block and rules, that’s setting state.

%i[].cs__freeze

ASSESS_STATE_ATTRS =

%i[sampling_features].cs__freeze

APPLICATION_STATE_ATTRS =

%i[modes_by_id exclusion_matchers disabled_assess_rules].cs__freeze

Instance Attribute Summary

• #assess_rules ⇒ Object readonly

  Returns the value of attribute assess_rules.

• #protect_rules ⇒ Object readonly

  Returns the value of attribute protect_rules.

• #tainted_columns ⇒ Object readonly

  tainted_columns are database columns that receive unsanitized input.

Instance Method Summary

• #application_state ⇒ Object
• #assess_enabled? ⇒ Boolean
• #assess_state ⇒ Object

  These three ‘state’ variables represent atomic config/setting state, outside of things like rule defs.

• #build_assess_rules ⇒ Object
• #build_protect_rules ⇒ Object
• #code_exclusions ⇒ Object
• #initialize ⇒ Interface constructor

  A new instance of Interface.

• #protect_enabled? ⇒ Boolean
• #protect_state ⇒ Object
• #reset_state ⇒ Object

  Wipe state to zero.

• #update_from_application_settings(application_settings) ⇒ Object
• #update_from_server_features(server_features) ⇒ Object

Methods included from Interface

included

Methods included from ComponentBase

included

Constructor Details

#initialize ⇒ Interface

Returns a new instance of Interface.

# File 'lib/contrast/components/settings.rb', line 80

def initialize
  reset_state
end

Instance Attribute Details

#assess_rules ⇒ Object (readonly)

Returns the value of attribute assess_rules.

# File 'lib/contrast/components/settings.rb', line 17

def assess_rules
  @assess_rules
end

#protect_rules ⇒ Object (readonly)

Returns the value of attribute protect_rules.

# File 'lib/contrast/components/settings.rb', line 17

def protect_rules
  @protect_rules
end

#tainted_columns ⇒ Object (readonly)

tainted_columns are database columns that receive unsanitized input. this statefulness

# File 'lib/contrast/components/settings.rb', line 24

def tainted_columns
  @tainted_columns
end

Instance Method Details

#application_state ⇒ Object

# File 'lib/contrast/components/settings.rb', line 42

def application_state
  @application_state ||= { # rubocop:disable Naming/MemoizedInstanceVariableName
      modes_by_id: Hash.new(:NO_ACTION),
      exclusion_matchers: [],
      disabled_assess_rules: []
  }
end

#assess_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/settings.rb', line 89

def assess_enabled?
  @_assess_enabled = !!assess_state[:enabled] if @_assess_enabled.nil?
  @_assess_enabled
end

#assess_state ⇒ Object

These three ‘state’ variables represent atomic config/setting state, outside of things like rule defs.

# File 'lib/contrast/components/settings.rb', line 29

def assess_state
  @assess_state ||= { # rubocop:disable Naming/MemoizedInstanceVariableName
      enabled: false,
      sampling_features: nil
  }
end

#build_assess_rules ⇒ Object

# File 'lib/contrast/components/settings.rb', line 128

def build_assess_rules
  @assess_rules = {}

  Contrast::Agent::Assess::Rule::Redos.new
end

#build_protect_rules ⇒ Object

# File 'lib/contrast/components/settings.rb', line 134

def build_protect_rules
  @protect_rules = {}

  # rules
  Contrast::Agent::Protect::Rule::CmdInjection.new
  Contrast::Agent::Protect::Rule::Deserialization.new
  Contrast::Agent::Protect::Rule::HttpMethodTampering.new
  Contrast::Agent::Protect::Rule::NoSqli.new
  Contrast::Agent::Protect::Rule::PathTraversal.new
  Contrast::Agent::Protect::Rule::Sqli.new
  Contrast::Agent::Protect::Rule::UnsafeFileUpload.new
  Contrast::Agent::Protect::Rule::Xss.new
  Contrast::Agent::Protect::Rule::Xxe.new
end

#code_exclusions ⇒ Object

# File 'lib/contrast/components/settings.rb', line 94

def code_exclusions
  exclusion_matchers.select(&:code?)
end

#protect_enabled? ⇒ Boolean

Returns:

• (Boolean)

# File 'lib/contrast/components/settings.rb', line 84

def protect_enabled?
  @_protect_enabled = !!protect_state[:enabled] if @_protect_enabled.nil?
  @_protect_enabled
end

#protect_state ⇒ Object

# File 'lib/contrast/components/settings.rb', line 36

def protect_state
  @protect_state ||= { # rubocop:disable Naming/MemoizedInstanceVariableName
      enabled: false
  }
end

#reset_state ⇒ Object

Wipe state to zero.

# File 'lib/contrast/components/settings.rb', line 117

def reset_state
  @assess_rules = {}
  @protect_rules = {}

  @tainted_columns = {}

  @assess_state = nil
  @protect_state = nil
  @application_state = nil
end

#update_from_application_settings(application_settings) ⇒ Object

# File 'lib/contrast/components/settings.rb', line 112

def update_from_application_settings application_settings
  application_state.merge!(application_settings.application_state_translation)
end

#update_from_server_features(server_features) ⇒ Object

# File 'lib/contrast/components/settings.rb', line 98

def update_from_server_features server_features
  # protect

  @_protect_enabled = nil
  protect_state[:enabled] = server_features.protect_enabled?

  # assess

  @_assess_enabled = nil
  assess_state[:enabled] = server_features.assess_enabled?
  assess_state[:sampling_settings] = server_features.assess.sampling
  Contrast::Utils::Assess::SamplingUtil.instance.update
end