Module: Immunio
- Extended by:
- Authentication
- Defined in:
- lib/immunio/plugins/haml.rb,
lib/immunio.rb,
lib/immunio/vm.rb,
lib/immunio/cli.rb,
lib/immunio/agent.rb,
lib/immunio/rails.rb,
lib/immunio/errors.rb,
lib/immunio/logger.rb,
lib/immunio/channel.rb,
lib/immunio/context.rb,
lib/immunio/request.rb,
lib/immunio/version.rb,
lib/immunio/processor.rb,
lib/immunio/plugins/io.rb,
lib/immunio/blocked_app.rb,
lib/immunio/plugins/csrf.rb,
lib/immunio/plugins/eval.rb,
lib/immunio/authentication.rb,
lib/immunio/plugins/devise.rb,
lib/immunio/plugins/warden.rb,
lib/immunio/plugins/redirect.rb,
lib/immunio/plugins/authlogic.rb,
lib/immunio/plugins/action_view.rb,
lib/immunio/plugins/gems_tracker.rb,
lib/immunio/plugins/http_tracker.rb,
lib/immunio/plugins/active_record.rb,
lib/immunio/plugins/http_finisher.rb,
lib/immunio/plugins/action_dispatch.rb,
lib/immunio/plugins/exception_handler.rb,
lib/immunio/plugins/environment_reporter.rb,
lib/immunio/plugins/active_record_relation.rb
Overview
Wrap methods to keep track of ActiveRecord::Relation method calls and query executions.
Defined Under Namespace
Modules: ArelToSqlHooks, Authentication, Authlogic, Context, CookieHooks, CsrfHook, DeviseRecoverableHooks, ErubisHooks, FileClassHooks, FragmentCachingHooks, Haml, HamlHooks, HasManyThroughAssociationHooks, IOClassHooks, IOHooks, KernelEvalHook, KernelModuleHooks, QueryExecutionHooks, QueryingHooks, QuotingHooks, RedirectHook, RelationHooks, SanitizeHooks, SpawnHooks, StatementCacheHooks, TemplateHooks, TemplateRendererHooks
Classes: Agent, ArelNodeVisitor, BlockError, BodyWrapper, CLI, Channel, Engine, EnvironmentReporter, Error, ExceptionHandler, HTTPFinisher, HTTPTracker, InputWrapper, Logger, LuaVM, OverrideResponse, Processor, QueryTracker, Request, RequestBlocked, Template, VM, VMError, VMFactory, WardenUserCaller
Constant Summary
collapse
- DIR =
File.expand_path(File.dirname(__FILE__))
- DEFAULT_PLUGINS =
Plugins that are enabled by default. Override using the ‘plugins_enabled` and `plugins_disabled` configuration settings.
["xss", "file_io", "redirect", "sqli", "eval", "shell_command"]
- CONFIG_FILENAME =
"immunio.yml"
- AGENT_INIT_MUTEX =
Mutex.new
- AGENT_TYPE =
"agent-ruby"
- VERSION =
"0.16.0"
- VM_VERSION =
"2.2.0"
- BLOCK_EXPR =
Regexp to test for blocks (… do) in the Ruby code of templates.
ActionView::Template::Handlers::Erubis::BLOCK_EXPR
- GemsTracker =
EnvironmentReporter
Instance Attribute Summary collapse
Class Method Summary
collapse
failed_login, failed_password_reset, login, logout, password_reset, set_user
Instance Attribute Details
#logger ⇒ Object
Returns the value of attribute logger.
27
28
29
|
# File 'lib/immunio/logger.rb', line 27
def logger
@logger
end
|
Class Method Details
.activate! ⇒ Object
4
5
6
7
8
9
|
# File 'lib/immunio.rb', line 4
def self.activate!
require_relative "immunio/agent"
require_relative "immunio/authentication"
agent end
|
.activate_plugins! ⇒ Object
Load plugins (after agent is loaded)
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
|
# File 'lib/immunio.rb', line 12
def self.activate_plugins!
require_relative "immunio/plugins/action_view"
require_relative "immunio/plugins/action_dispatch"
require_relative "immunio/plugins/csrf"
require_relative "immunio/plugins/io"
require_relative "immunio/plugins/devise"
require_relative "immunio/plugins/warden"
require_relative "immunio/plugins/authlogic"
require_relative "immunio/plugins/redirect"
require_relative "immunio/plugins/eval"
require_relative "immunio/rails"
end
|
.agent ⇒ Object
230
231
232
233
234
235
236
237
238
239
|
# File 'lib/immunio/agent.rb', line 230
def self.agent
return @agent if @agent
AGENT_INIT_MUTEX.synchronize do
@agent = Agent.new
activate_plugins! if @agent.agent_enabled
end
@agent
end
|
.create_startup_logger ⇒ Object
29
30
31
32
33
34
|
# File 'lib/immunio/logger.rb', line 29
def self.create_startup_logger
@startup_messages = StringIO.new
@logger = Logger.new @startup_messages
setup_logger_formatter
end
|
.finish_request(*args) ⇒ Object
245
246
247
|
# File 'lib/immunio/agent.rb', line 245
def self.finish_request(*args)
agent.finish_request(*args)
end
|
24
25
26
27
28
29
30
31
32
33
34
35
36
|
# File 'lib/immunio/blocked_app.rb', line 24
def self.(list)
= {}
list.each do |name, value|
if .has_key?(name)
[name] += ("\n" + value)
else
[name] = value
end
end
end
|
.logger ⇒ Object
84
85
86
|
# File 'lib/immunio/logger.rb', line 84
def self.logger
@logger
end
|
.new_request(*args) ⇒ Object
241
242
243
|
# File 'lib/immunio/agent.rb', line 241
def self.new_request(*args)
agent.new_request(*args)
end
|
.run_hook(*args) ⇒ Object
249
250
251
|
# File 'lib/immunio/agent.rb', line 249
def self.run_hook(*args)
agent.run_hook(*args)
end
|
.run_hook!(*args) ⇒ Object
253
254
255
256
|
# File 'lib/immunio/agent.rb', line 253
def self.run_hook!(*args)
agent.run_hook!(*args) unless !@agent && args[0] == "io" && args[1] == "open"
end
|
36
37
38
39
40
|
# File 'lib/immunio/logger.rb', line 36
def self.setup_logger_formatter
logger.formatter = proc do |severity, datetime, _progname, msg|
"[#{datetime}] #{severity}: #{msg}\n"
end
end
|
.switch_to_real_logger(log_file, log_level) ⇒ Object
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
# File 'lib/immunio/logger.rb', line 42
def self.switch_to_real_logger(log_file, log_level)
return if !defined?(@startup_messages)
if log_file == "STDOUT"
@logger = Logger.new $stdout
elsif log_file == "STDERR"
@logger = Logger.new $stderr
else
path = Pathname.new(log_file)
begin
FileUtils.mkdir_p path.dirname unless File.exist? path.dirname
file = File.open path, 'a'
file.binmode
file.sync = true
@logger = Logger.new file
log_file = path.realpath
rescue StandardError => e
logger.warn "Failed to open #{log_file} (#{path.realdirpath}) for logging (#{e.message})"
@logger = Logger.new $stderr
log_file = "STDERR"
end
end
logger << @startup_messages.string
remove_instance_variable(:@startup_messages)
setup_logger_formatter
begin
logger.level = Logger.const_get(log_level.to_s.upcase)
rescue
logger.level = Logger::DEBUG
logger.debug "Failed to interpret log level #{log_level}, falling back to debug"
end
logger.debug "Logging to #{log_file}"
end
|