Contents

# Copyright (c) 2021 Contrast Security, Inc. See https://www.contrastsecurity.com/enduser-terms-0317a for more details.
# frozen_string_literal: true

require 'contrast/components/logger'
require 'contrast/components/scope'

module Contrast
  module Agent
    # This class is instantiated when we receive a request and the agent is enabled to process that request. It holds
    # the ruleset that we perform filtering operations on (currently prefilter and postfilter).
    class RequestHandler
      include Contrast::Components::Logger::InstanceMethods

      attr_reader :ruleset, :context

      # @param context [Contrast::Agent::RequestContext] the context of the request for which this handler applies
      def initialize context
        @context = context
        @ruleset = ::Contrast::AGENT.ruleset
      end

      # TODO: RUBY-1353
      # TODO: RUBY-1355
      # TODO: RUBY-1357
      # TODO: RUBY-1358
      def send_activity_messages
        Contrast::Agent::Inventory::DependencyUsageAnalysis.instance.generate_library_usage(context.activity)
        [context.server_activity, context.activity, context.observed_route].each do |message|
          Contrast::Agent.messaging_queue.send_event_eventually(message)
        end
      end

      # If the response is streaming, we should only perform filtering on our stream safe rules
      def stream_safe_postfilter
        stream_safe_ruleset = ruleset.select(&:stream_safe?)
        postfilter_ruleset = Contrast::Agent::RuleSet.new(stream_safe_ruleset)
        postfilter_ruleset.postfilter
      end
    end
  end
end

Version data entries

4 entries across 4 versions & 1 rubygems

Version	Path
contrast-agent-4.14.1	lib/contrast/agent/request_handler.rb
contrast-agent-4.14.0	lib/contrast/agent/request_handler.rb
contrast-agent-4.13.1	lib/contrast/agent/request_handler.rb
contrast-agent-4.13.0	lib/contrast/agent/request_handler.rb