Skip to content

Commit

Permalink
apply feedback
Browse files Browse the repository at this point in the history
  • Loading branch information
@GustavoCaso
GustavoCaso committed Apr 28, 2023
1 parent 70a4a7a commit e95cee0
Show file tree
Hide file tree
Showing 3 changed files with 59 additions and 91 deletions.
12 changes: 5 additions & 7 deletions lib/datadog/appsec/remote.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,8 +48,6 @@ def products
remote_features_enabled? ? ASM_PRODUCTS : []
end

ASM_DATA_CONFIG_TYPES = ['blocked_ips', 'blocked_users'].freeze

# rubocop:disable Metrics/MethodLength
def receivers
return [] unless remote_features_enabled?
Expand All @@ -66,17 +64,17 @@ def receivers
exclusions = []

repository.contents.each do |content|
parsed_content = parse_content(content)

case content.path.product
when 'ASM_DD'
rules << parse_content(content)
rules << parsed_content
when 'ASM_DATA'
data << parse_content(content) if ASM_DATA_CONFIG_TYPES.include?(content.path.config_id)
data << parsed_content if parsed_content['rules_data']
when 'ASM'
parsed_content = parse_content(content)

if parsed_content['rules_override']
overrides << parsed_content
else
elsif parsed_content['exclusions']
exclusions << parsed_content
end
end
Expand Down
2 changes: 0 additions & 2 deletions sig/datadog/appsec/remote.rbs
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,6 @@ module Datadog

ASM_PRODUCTS: ::Array[String]

ASM_DATA_CONFIG_TYPES: ::Array[String]

def self.capabilities: () -> ::Array[Integer]

def self.products: () -> ::Array[String]
Expand Down
136 changes: 54 additions & 82 deletions spec/datadog/appsec/remote_spec.rb
View file
Original file line number Diff line number Diff line change
Expand Up @@ -178,50 +178,44 @@
[Datadog::AppSec::Processor::RuleLoader.load_rules(ruleset: Datadog.configuration.appsec.ruleset)]
end

context 'ASM' do
let(:overrides) do
let(:target) do
Datadog::Core::Remote::Configuration::Target.parse(
{
'rules_override' => {

}
'custom' => {
'v' => 1,
},
'hashes' => { 'sha256' => Digest::SHA256.hexdigest(data.to_json) },
'length' => data.to_s.length
}
end
)
end

let(:exclusions) do
let(:content) do
Datadog::Core::Remote::Configuration::Content.parse(
{
'exclusions' => {

}
path: path,
content: StringIO.new(data.to_json)
}
end
)
end

context 'ASM' do
let(:path) { 'datadog/603646/ASM/whatevername/config' }

context 'overrides' do
let(:target) do
Datadog::Core::Remote::Configuration::Target.parse(
{
'custom' => {
'v' => 1,
},
'hashes' => { 'sha256' => Digest::SHA256.hexdigest(overrides.to_json) },
'length' => overrides.to_s.length
}
)
end
let(:data) do
{
'rules_override' => {

let(:content) do
Datadog::Core::Remote::Configuration::Content.parse(
{
path: 'datadog/603646/ASM/whatevername/config',
content: StringIO.new(overrides.to_json)
}
)
}
end

it 'pass the right values to RuleMerger' do
expect(Datadog::AppSec::Processor::RuleMerger).to receive(:merge).with(
rules: default_ruleset,
data: [],
overrides: [overrides],
overrides: [data],
exclusions: [],
)

Expand All @@ -231,78 +225,40 @@
end

context 'exclusions' do
let(:target) do
Datadog::Core::Remote::Configuration::Target.parse(
{
'custom' => {
'v' => 1,
},
'hashes' => { 'sha256' => Digest::SHA256.hexdigest(exclusions.to_json) },
'length' => exclusions.to_s.length
}
)
end
let(:data) do
{
'exclusions' => {

let(:content) do
Datadog::Core::Remote::Configuration::Content.parse(
{
path: 'datadog/603646/ASM/whatevername/config',
content: StringIO.new(exclusions.to_json)
}
)
}
end

it 'pass the right values to RuleMerger' do
expect(Datadog::AppSec::Processor::RuleMerger).to receive(:merge).with(
rules: default_ruleset,
data: [],
overrides: [],
exclusions: [exclusions],
exclusions: [data],
)

changes = transaction
receiver.call(repository, changes)
end
end
end

context 'ASM_DATA' do
let(:data) do
{
'rules_data' => {

}
}
end

let(:target) do
Datadog::Core::Remote::Configuration::Target.parse(
context 'unsupported key' do
let(:data) do
{
'custom' => {
'v' => 1,
},
'hashes' => { 'sha256' => Digest::SHA256.hexdigest(data.to_json) },
'length' => data.to_s.length
}
)
end
'unsupported' => {

let(:content) do
Datadog::Core::Remote::Configuration::Content.parse(
{
path: path,
content: StringIO.new(data.to_json)
}
}
)
end

context 'blocking ips' do
let(:path) { 'datadog/603646/ASM_DATA/blocked_ips/config' }
end

it 'pass the right values to RuleMerger' do
expect(Datadog::AppSec::Processor::RuleMerger).to receive(:merge).with(
rules: default_ruleset,
data: [data],
data: [],
overrides: [],
exclusions: [],
)
Expand All @@ -311,9 +267,19 @@
receiver.call(repository, changes)
end
end
end

context 'ASM_DATA' do
let(:path) { 'datadog/603646/ASM_DATA/whatevername/config' }

context 'blocking users' do
let(:path) { 'datadog/603646/ASM_DATA/blocked_users/config' }
context 'with rules_data information' do
let(:data) do
{
'rules_data' => {

}
}
end

it 'pass the right values to RuleMerger' do
expect(Datadog::AppSec::Processor::RuleMerger).to receive(:merge).with(
Expand All @@ -328,8 +294,14 @@
end
end

context 'non blocking users or blocking ips' do
let(:path) { 'datadog/603646/ASM_DATA/something_else/config' }
context 'without rules_data information' do
let(:data) do
{
'other_key' => {

}
}
end

it 'pass the right values to RuleMerger' do
expect(Datadog::AppSec::Processor::RuleMerger).to receive(:merge).with(
Expand Down

0 comments on commit e95cee0

Please sign in to comment.