class Console1984::Shield
The shield implements the protection mechanisms while using the console:
-
It extends different systems with console1984 extensions (including IRB itself).
-
It offers an API to the rest of the system to enable and disable protected modes and execute code on the configured mode.
Protection happens at two levels:
-
External: preventing users from accessing encrypted data or protected systems while on protected mode.
-
Internal: preventing users from tampering Console 1984 itself.
Constants
- ACTIVE_RECORD_CONNECTION_ADAPTERS
Public Instance Methods
install()
click to toggle source
Installs the shield by extending several systems and freezing classes and modules that aren't mean to be modified once the console is running.
# File lib/console1984/shield.rb, line 20 def install extend_protected_systems prevent_invoking_protected_methods refrigerator.freeze_all end
Private Instance Methods
extend_active_record()
click to toggle source
# File lib/console1984/shield.rb, line 61 def extend_active_record ACTIVE_RECORD_CONNECTION_ADAPTERS.each do |class_string| if Object.const_defined?(class_string) klass = class_string.constantize klass.prepend(Console1984::Ext::ActiveRecord::ProtectedAuditableTables) klass.include(Console1984::Freezeable) end end end
extend_core_ruby()
click to toggle source
# File lib/console1984/shield.rb, line 40 def extend_core_ruby Object.prepend Console1984::Ext::Core::Object Module.prepend Console1984::Ext::Core::Module end
extend_irb()
click to toggle source
# File lib/console1984/shield.rb, line 35 def extend_irb IRB::Context.prepend(Console1984::Ext::Irb::Context) Rails::ConsoleMethods.include(Console1984::Ext::Irb::Commands) end
extend_protected_systems()
click to toggle source
# File lib/console1984/shield.rb, line 28 def extend_protected_systems extend_irb extend_core_ruby extend_sockets extend_active_record end
extend_sockets()
click to toggle source
# File lib/console1984/shield.rb, line 45 def extend_sockets socket_classes = [TCPSocket, OpenSSL::SSL::SSLSocket] OpenSSL::SSL::SSLSocket.include(SSLSocketRemoteAddress) if defined?(Redis::Connection) socket_classes.push(*[Redis::Connection::TCPSocket, Redis::Connection::SSLSocket]) end socket_classes.compact.each do |socket_klass| socket_klass.prepend Console1984::Ext::Socket::TcpSocket socket_klass.freeze end end
prevent_invoking_protected_methods()
click to toggle source
# File lib/console1984/shield.rb, line 71 def prevent_invoking_protected_methods MethodInvocationShell.install_for(Console1984.protections_config.forbidden_methods) end
refrigerator()
click to toggle source
# File lib/console1984/shield.rb, line 75 def refrigerator @refrigerator ||= Console1984::Refrigerator.new end