Class: Datadog::AppSec::Processor

Inherits:
Object
  • Object
show all
Defined in:
lib/datadog/appsec/processor.rb,
lib/datadog/appsec/processor/rule_loader.rb,
lib/datadog/appsec/processor/rule_merger.rb

Overview

Processor integrates libddwaf into datadog/appsec

Defined Under Namespace

Modules: RuleLoader, RuleMerger Classes: AlreadyActiveContextError, Context, NoActiveContextError

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(ruleset:) ⇒ Processor

Returns a new instance of Processor.



72
73
74
75
76
77
78
79
80
 
# File 'lib/datadog/appsec/processor.rb', line 72

def initialize(ruleset:)
  @ruleset_info = nil
  @addresses = []
  settings = Datadog::AppSec.settings

  unless load_libddwaf && create_waf_handle(settings, ruleset)
    Datadog.logger.warn { 'AppSec is disabled, see logged errors above' }
  end
end

Instance Attribute Details

#addressesObject (readonly)

Returns the value of attribute addresses.



70
71
72
 
# File 'lib/datadog/appsec/processor.rb', line 70

def addresses
  @addresses
end

#ruleset_infoObject (readonly)

Returns the value of attribute ruleset_info.



70
71
72
 
# File 'lib/datadog/appsec/processor.rb', line 70

def ruleset_info
  @ruleset_info
end

Class Method Details

.active_contextObject 



47
48
49
 
# File 'lib/datadog/appsec/processor.rb', line 47

def active_context
  Thread.current[:datadog_current_waf_context]
end

.libddwaf_platformObject 



178
179
180
 
# File 'lib/datadog/appsec/processor.rb', line 178

def libddwaf_platform
  libddwaf_spec ? libddwaf_spec.platform.to_s : 'unknown'
end

.libddwaf_provides_waf?Boolean

check whether libddwaf is required and able to provide the needed feature

Returns:

  • (Boolean) 


153
154
155
 
# File 'lib/datadog/appsec/processor.rb', line 153

def libddwaf_provides_waf?
  defined?(Datadog::AppSec::WAF) ? true : false
end

.libddwaf_specObject 



174
175
176
 
# File 'lib/datadog/appsec/processor.rb', line 174

def libddwaf_spec
  Gem.loaded_specs['libddwaf']
end

.require_libddwafObject

libddwaf raises a LoadError on unsupported platforms; it may at some point succeed in being required yet not provide a specific needed feature.



159
160
161
162
163
164
165
166
167
168
169
170
171
172
 
# File 'lib/datadog/appsec/processor.rb', line 159

def require_libddwaf
  Datadog.logger.debug { "libddwaf platform: #{libddwaf_platform}" }

  require 'libddwaf'

  true
rescue LoadError => e
  Datadog.logger.error do
    'libddwaf failed to load,' \
      "installed platform: #{libddwaf_platform} ruby platforms: #{ruby_platforms} error: #{e.inspect}"
  end

  false
end

.ruby_platformsObject 



182
183
184
 
# File 'lib/datadog/appsec/processor.rb', line 182

def ruby_platforms
  Gem.platforms.map(&:to_s)
end

Instance Method Details

#activate_contextObject

Raises:



90
91
92
93
94
95
96
97
 
# File 'lib/datadog/appsec/processor.rb', line 90

def activate_context
  existing_active_context = Processor.active_context
  raise AlreadyActiveContextError if existing_active_context

  context = new_context
  Processor.send(:active_context=, context)
  context
end

#deactivate_contextObject

Raises:



99
100
101
102
103
104
105
 
# File 'lib/datadog/appsec/processor.rb', line 99

def deactivate_context
  context = Processor.active_context
  raise NoActiveContextError unless context

  Processor.send(:reset_active_context)
  context.finalize
end

#finalizeObject 



107
108
109
 
# File 'lib/datadog/appsec/processor.rb', line 107

def finalize
  @handle.finalize
end

#new_contextObject 



86
87
88
 
# File 'lib/datadog/appsec/processor.rb', line 86

def new_context
  Context.new(self)
end

#ready?Boolean

Returns:

  • (Boolean) 


82
83
84
 
# File 'lib/datadog/appsec/processor.rb', line 82

def ready?
  !@handle.nil?
end