trigger_method.rb in contrast-agent-4.4.0

- old
+ new

@@ -99,22 +99,16 @@
             # @return [Contrast::Api::Dtm::Finding, nil] the
             #   Contrast::Api::Dtm::Finding to send to TeamServer or nil if
             #   conditions were not met
             def build_finding context, trigger_node, source, object, ret, *args
               return unless Contrast::Agent::Assess::Policy::TriggerValidation.valid?(trigger_node, object, ret, args)
+              return unless reportable?(context)
 
-              request = context.request
-              env = request.env
-              return if defined?(ActionController::Live) &&
-                  env &&
-                  env['action_controller.instance'].cs__class.included_modules.include?(ActionController::Live)
-
               finding = Contrast::Api::Dtm::Finding.new
               finding.rule_id = Contrast::Utils::StringUtils.protobuf_safe_string(trigger_node.rule_id)
               build_from_source(finding, source)
-              trigger_event = Contrast::Agent::Assess::Events::EventFactory.build(trigger_node, source, object, ret, args).to_dtm_event
-              finding.events << trigger_event
+              finding.events << Contrast::Agent::Assess::Events::EventFactory.build(trigger_node, source, object, ret, args).to_dtm_event
               build_hash(finding, source)
               finding.routes << context.route if context.route
               finding.version = determine_compliance_version(finding)
               logger.trace('Finding created',
                            node_id: trigger_node.id,
@@ -124,9 +118,20 @@
             rescue StandardError => e
               logger.error('Unable to build a finding', e, rule: trigger_node.rule_id, node_id: trigger_node.id)
             end
 
             private
+
+            # A request is reportable if it is not from ActionController::Live
+            #
+            # @param context [Contrast::Agent::RequestContext] the current request context
+            # @return [Boolean]
+            def reportable? context
+              env = context.request.env
+              !(defined?(ActionController::Live) &&
+                env &&
+                env['action_controller.instance'].cs__class.included_modules.include?(ActionController::Live))
+            end
 
             # This is our method that actually checks the taint on the object
             # our trigger_node targets.
             #
             # @param context [Contrast::Agent::RequestContext] the current