# Copyright (c) 2020 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/components/interface'
require 'contrast/utils/object_share'

module Contrast
  module Agent
    module Assess
      module Policy
        # This is how we scan our customer's code. It provides a way to analyze
        # the classes we need to observe to find vulnerabilities in the context
        # of a file vs data flow, such as the detection of Hardcoded Passwords
        # or Keys.
        module PolicyScanner
          include Contrast::Components::Interface
          access_component :analysis

          class << self
            def scan trace_point
              return unless ASSESS.enabled?
              return unless ASSESS.require_scan?

              return unless trace_point.path
              return if trace_point.path.start_with?(Gem.dir)

              mod = trace_point.self
              return if mod.cs__frozen? || mod.singleton_class?

              policy.providers.each_value do |provider|
                provider.analyze mod
              end
            end

            def policy
              Contrast::Agent::Assess::Policy::Policy.instance
            end
          end
        end
      end
    end
  end
end