# Copyright (c) 2023 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details. # frozen_string_literal: true module Contrast module Agent module Reporting # This module will hold the methods for TS response conversion to settings objects. It is used for those # endpoints which have NG in their prefix. module NgResponseExtractor private # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_assess response_data, res assessments = response_data[:settings][:assessment] return unless assessments res.application_settings.assess.session_id = assessments[:session_id] disabled = assessments[:disabledRules] return unless disabled disabled.each do |rule_id| rule_setting = Contrast::Agent::Reporting::Settings::AssessRule.new.tap { |setting| setting.enable = false } res.application_settings.assess.rule_settings[rule_id] = rule_setting end end # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_protect response_data, res protect = response_data[:settings][:defend] return unless protect res.application_settings.protect.protection_rules = protect[:protectionRules] protect[:virtualPatches]&.each do |patch_json| res.application_settings.protect.virtual_patches << Contrast::Agent::Reporting::Settings::VirtualPatch.new(patch_json) end end # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_exclusions response_data, res exclusions = response_data[:settings][:exceptions] return unless exclusions # Pass true if the endpoint is ng. res.application_settings.exclusions.input_exclusions = [exclusions[:inputExceptions], true] res.application_settings.exclusions.url_exclusions = [exclusions[:urlExceptions], true] end # The responses we receive for feature and settings from TS have different # place to store these reactions: body.reactions vs body.settings.reactions. # # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_reactions response_data, res res.reactions = response_data[:settings][:reactions] if response_data[:settings] res.reactions = response_data[:reactions] if response_data[:features] end # This method is universal and used for both ng endpoint of feature settings and the new # Server settings endpoint. Used in both build_feature_settings and build_server_settings. # Passing the ng_ flag determines the use of the endpoint and response used because some of # the response fields are with different names or do not exist: [enabled vs enable] # # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_assess_features response_data, res assess = response_data[:features][:assessment] return unless assess res.server_features.assess.enabled = assess[:enabled] res.server_features.assess.sampling = assess[:sampling] res.server_features.assess.sanitizers = assess[:sanitizers] res.server_features.assess.validators = assess[:validators] end # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_protect_features response_data, res protect = response_data[:features][:defend] return unless protect res.server_features.protect.enabled = protect[:enabled] res.server_features.protect.bot_blocker.enable = protect[:'bot-blocker'] res.server_features.protect.bot_blocker.bots = protect[:botBlockers] ng_extract_syslog(response_data, res) end # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_syslog response_data, res return unless (syslog = response_data[:features][:defend][:syslog]) res.server_features.protect.syslog.assign_array(syslog, ng_: true) end # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_protect_lists response_data, res protect = response_data[:features][:defend] return unless protect res.server_features.protect.ip_allowlist = protect[:ipAllowlist] res.server_features.protect.ip_denylist = protect[:ipDenylist] res.server_features.protect.log_enhancers = protect[:logEnhancers] res.server_features.protect.ng_rule_definition_list(protect[:ruleDefinitionList]) end # Here we extract the rules and state for the sensitive data masking policy # received from TS. # # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_sensitive_data_policy response_data, res return unless (sensitive_data = response_data[:settings][:sensitive_data_masking_policy]) res.application_settings.sensitive_data_masking.mask_http_body = sensitive_data[:mask_http_body] res.application_settings.sensitive_data_masking.mask_attack_vector = sensitive_data[:mask_attack_vector] res.application_settings.sensitive_data_masking.build_rules_form_settings(sensitive_data[:rules]) end # Here we extract the log settings received from TS. # # @param response_data [Hash] # @param res [Contrast::Agent::Reporting::Response] def ng_extract_log_settings response_data, res # agent_startup event defines the log level under features. log_level = if response_data[:features] response_data[:features][:logLevel] else response_data[:logLevel] end return unless log_level res.server_features.log_level = log_level log_file = if response_data[:features] response_data[:features][:logFile] else response_data[:logFile] end return unless log_file res.server_features.log_file = log_file end end end end end