Class: Gitrob::Observers::SensitiveFiles

Inherits:

Object

• Object
• Gitrob::Observers::SensitiveFiles

Defined in:

lib/gitrob/observers/sensitive_files.rb

Defined Under Namespace

Classes: InvalidPatternError, InvalidPatternFileError

Constant Summary

VALID_KEYS =

%w(part type pattern caption description)

VALID_PARTS =

%w(path filename extension)

VALID_TYPES =

%w(match regex)

Class Method Summary

• .check_blob(blob, pattern) ⇒ Object
• .load_patterns! ⇒ Object
• .observe(blob) ⇒ Object
• .patterns ⇒ Object
• .read_pattern_file! ⇒ Object
• .validate_pattern!(pattern) ⇒ Object
• .validate_patterns!(patterns) ⇒ Object

Class Method Details

.check_blob(blob, pattern) ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 61

def self.check_blob(blob, pattern)
  haystack = blob.send(pattern['part'].to_sym)
  if pattern['type'] == 'match'
    if haystack == pattern['pattern']
      blob.findings.new(
        :caption     => pattern['caption'],
        :description => pattern['description']
      )
    end
  else
    regex = Regexp.new(pattern['pattern'], Regexp::IGNORECASE)
    if !regex.match(haystack).nil?
      blob.findings.new(
        :caption     => pattern['caption'],
        :description => pattern['description']
      )
    end
  end
end

.load_patterns! ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 18

def self.load_patterns!
  patterns = read_pattern_file!
  validate_patterns!(patterns)
  @patterns = patterns
end

.observe(blob) ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 12

def self.observe(blob)
  patterns.each do |pattern|
    check_blob(blob, pattern)
  end
end

.patterns ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 24

def self.patterns
  @patterns
end

.read_pattern_file! ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 30

def self.read_pattern_file!
  JSON.parse(File.read("#{File.dirname(__FILE__)}/../../../patterns.json"))
rescue JSON::ParserError => e
  raise InvalidPatternFileError.new("Cannot parse pattern file: #{e.message}")
end

.validate_pattern!(pattern) ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 45

def self.validate_pattern!(pattern)
  pattern.keys.each do |key|
    if !VALID_KEYS.include?(key)
      raise InvalidPatternError.new("Pattern contains unknown key: #{key}")
    end
  end

  if !VALID_PARTS.include?(pattern['part'])
    raise InvalidPatternError.new("Pattern has unknown part: #{pattern['part']}")
  end

  if !VALID_TYPES.include?(pattern['type'])
    raise InvalidPatternError.new("Pattern has unknown type: #{pattern['type']}")
  end
end

.validate_patterns!(patterns) ⇒ Object

# File 'lib/gitrob/observers/sensitive_files.rb', line 36

def self.validate_patterns!(patterns)
  if !patterns.is_a?(Array) || patterns.empty?
    raise InvalidPatternFileError.new("Pattern file contains no patterns")
  end
  patterns.each do |pattern|
    validate_pattern!(pattern)
  end
end