module Sqreen

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

see aws.amazon.com/blogs/developer/announcing-amazon-kinesis-subscribetoshard-api-support-in-the-aws-sdk-for-ruby/

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

see github.com/sqreen/TechDoc/blob/master/content/specs/spec000024-sampling.md

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/tracing/client-2020-04-21/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/tracing/consumer-2020-04-21/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/tracing/producer-2020-04-21/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/tracing/server-2020-04-21/schema.cue

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

TODO: see sqreen/events

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

TODO: case JS/Js?

TODO: useless?

TODO: => Sqreen::JS:MiniRacer ?

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/binning_metric/2020-01-01T00_00_00_000Z/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/attack/2020-01-01T00_00_00_000Z/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/binning_metric/2020-01-01T00_00_00_000Z/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/sdk_call/2020-01-01T00_00_00_000Z/schema.cue

reference: github.com/sqreen/SignalsSchemas/blob/master/schemas/payload/sqreen_exception/2020-01-01T00_00_00_000Z/schema.cue

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

How to override a class method:

class Cache

def self.get3
    puts "GET3"
end
def self.get
    puts "GET"
end

end

class << Cache # Change context to metaclass of Cache

def get_modified
    puts "GET MODIFI"
end
alias_method :get_not_modified, :get
alias_method :get, :get_modified

end

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

TODO: fold into Sqreen::Logger

TODO: inherit from ::Logger

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

TODO: move to Sqreen::Time

TODO: move to Sqreen::IP::Trie

TODO: move to Sqreen::IP

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Rules

Rule example:

{
    :class => 'ActionController::Metal',
    :method => 'dispatch',
    :arguments => {:type => 'position', :options => {:position => 1}}
    :callback_class => 'RackCB',
}

We instrument ActionController::Metal#dispatch. We are interested in the first argument. When this method is called, we will provide it's argument to the callback RackCB.

Another option for execution is to delegate the callback to a JS helper, rather than to a class. The JS callback will be executed with the requested arguments.

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Rules defined here can be instanciated from JSON.

Sqreen module

Sqreen Namespace

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

FIXME: we should be proxy capable FIXME: we should be multithread aware (when callbacks perform server requests?)

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Rules signature

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Rules signature

TODO: move to Sqreen::IP

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Copyright © 2015 Sqreen. All Rights Reserved. Please refer to our terms for more information: www.sqreen.com/terms.html

Constants

CONFIG_DESCRIPTION
CONFIG_FILE_BY_ENV
CONFIG_FILE_NAME
DEFAULT_PERF_LEVEL
DEFAULT_USE_SIGNALS
MAX_OBS_QUEUE_LENGTH
MAX_QUEUE_LENGTH

Event Queue that enable communication between threads and the reporter

METRICS_EVENT
Node

bit starts at 0 (most significant)

PERF_METRICS_PERIOD
Prefix
SDK_RESERVED_PREFIX
TRACK_PAYLOAD_DATA
Trie
VERSION

Attributes

features[R]
instrumentation_ready[RW]
instrumentation_ready?[RW]
logged_in[RW]
logged_in?[RW]
performance_budget[R]
whitelisted_ips[R]
whitelisted_paths[R]

Public Class Methods

auth_track(is_logged_in, authentication_keys) click to toggle source

Authentication tracking method

# File lib/sqreen/sdk.rb, line 17
def auth_track(is_logged_in, authentication_keys); end
config_get(name) click to toggle source
# File lib/sqreen/configuration.rb, line 25
def self.config_get(name)
  raise 'No configuration defined' if @config.nil?
  @config.get(name)
end
config_init(framework = nil) click to toggle source
# File lib/sqreen/configuration.rb, line 16
def self.config_init(framework = nil)
  @config = Configuration.new(framework)
  @config.load!
  if @config && config_get(:report_perf_newrelic) > 0
    Sqreen::PerformanceNotifications::NewRelic.enable(config_get(:report_perf_newrelic))
  end
  @config
end
configured?() click to toggle source
# File lib/sqreen/configuration.rb, line 30
def self.configured?
  !@config.nil?
end
escape_haml(x) click to toggle source

Escape HAML when instrumented to do it

# File lib/sqreen/rules/xss_cb.rb, line 292
def self.escape_haml(x)
  x
end
escape_temple(x) click to toggle source

Escape Temple when instrumented to do it

# File lib/sqreen/rules/xss_cb.rb, line 297
def self.escape_temple(x)
  x
end
framework() click to toggle source
# File lib/sqreen/frameworks.rb, line 20
def self::framework
  return @@framework if @@framework
  klass = case
          when defined?(::Rails) && defined?(::Rails::VERSION)
            case Rails::VERSION::MAJOR.to_i
            when 4, 5, 6
              require 'sqreen/frameworks/rails'
              Sqreen::Frameworks::RailsFramework
            when 3
              require 'sqreen/frameworks/rails3'
              Sqreen::Frameworks::Rails3Framework
            else
              Sqreen.log.warn "Detected unsupported Rails version #{Rails.version}, but continuing"
              require 'sqreen/frameworks/rails'
              Sqreen::Frameworks::RailsFramework
            end
          when defined?(::Sinatra)
            require 'sqreen/frameworks/sinatra'
            Sqreen::Frameworks::SinatraFramework
          when defined?(::SqreenTest)
            require 'sqreen/frameworks/sqreen_test'
            Sqreen::Frameworks::SqreenTestFramework
          else
            Sqreen.log.error "Error: cannot find any framework\n"
            require 'sqreen/frameworks/generic'
            Sqreen::Frameworks::GenericFramework
          end
  fwk = klass.new
  Sqreen.set_framework(fwk)
end
identify(authentication_keys, traits = {}) click to toggle source
# File lib/sqreen/sdk.rb, line 21
def identify(authentication_keys, traits = {})
  return unless Sqreen.framework
  Sqreen.framework.observe(
    :sdk,
    [:identify, Time.now, authentication_keys, traits],
    [], false
  )
end
internal_track(event_name, options = {}) click to toggle source

For internal usage. Users are to call track() instead.

# File lib/sqreen/sdk.rb, line 47
def internal_track(event_name, options = {})
  properties = options[:properties]
  user_identifiers = options[:user_identifiers]
  timestamp = options[:timestamp] || Time.now.utc
  # Not in SDK v0
  # request = options[:request]

  args = {}
  args[:user_identifiers] = user_identifiers if user_identifiers
  args[:properties] = properties if properties

  Sqreen.framework.observe(
    :sdk,
    [:track, timestamp, event_name, :args => args],
    TRACK_PAYLOAD_DATA, true
  )
  true
end
log() click to toggle source
# File lib/sqreen/log.rb, line 27
def self::log
  @logger ||= Sqreen::DeferredLogger.new
end
log_init() click to toggle source
# File lib/sqreen/log.rb, line 16
def self.log_init
  deferred_logger = @logger
  @logger = Sqreen::Logger.new(
    Sqreen.config_get(:log_level).to_s.upcase,
    Sqreen.config_get(:log_location)
  )
  deferred_logger.flush_to(@logger.instance_eval { @logger })
rescue => e
  warn "Sqreen logger exception: #{e}"
end
observations_queue() click to toggle source
# File lib/sqreen/runner.rb, line 58
def observations_queue
  @observations_queue ||= CappedQueue.new(MAX_OBS_QUEUE_LENGTH)
end
queue() click to toggle source
# File lib/sqreen/runner.rb, line 54
def queue
  @queue ||= CappedQueue.new(MAX_QUEUE_LENGTH)
end
set_framework(fwk) click to toggle source
# File lib/sqreen/frameworks.rb, line 16
def self::set_framework(fwk)
  @@framework = fwk
end
signup_track(authentication_keys) click to toggle source
# File lib/sqreen/sdk.rb, line 19
def signup_track(authentication_keys); end
thread_cpu_time() click to toggle source
# File lib/sqreen/mono_time.rb, line 40
def self.thread_cpu_time
  Process.clock_gettime Process::CLOCK_THREAD_CPUTIME_ID
end
thread_cpu_time?() click to toggle source
# File lib/sqreen/mono_time.rb, line 24
def thread_cpu_time?
  @has_thread_cpu_time
end
time() click to toggle source
# File lib/sqreen/mono_time.rb, line 30
def self.time
  Process.clock_gettime Process::CLOCK_MONOTONIC
end
to_bool(value) click to toggle source
# File lib/sqreen/configuration.rb, line 90
def self.to_bool(value)
  %w[1 true].include?(value.to_s.downcase.strip)
end
to_int(value) click to toggle source
# File lib/sqreen/configuration.rb, line 94
def self.to_int(value)
  str = value.to_s.downcase.strip
  str = 1 if str == 'true'
  str.to_i
end
to_sym(value) click to toggle source
# File lib/sqreen/configuration.rb, line 100
def self.to_sym(value)
  value.to_sym
end
track(event_name, options = {}) click to toggle source
# File lib/sqreen/sdk.rb, line 30
def track(event_name, options = {})
  unless Sqreen.framework
    Sqreen.log.warn("Ignored track call (event #{event_name}) due to framework absence")
    return
  end

  Sqreen.log.debug { "Sqreen.track() call (event #{event_name}, options #{options})" }

  if event_name.start_with? SDK_RESERVED_PREFIX
    Sqreen.log.warn("Event names starting with '#{SDK_RESERVED_PREFIX}' " \
                    'are reserved. Event ignored.')
    return false
  end
  internal_track(event_name, options)
end
update_features(features) click to toggle source
# File lib/sqreen/runner.rb, line 50
def update_features(features)
  @features = features
end
update_performance_budget(value) click to toggle source
# File lib/sqreen/runner.rb, line 79
def update_performance_budget(value)
  return @performance_budget = nil if value.nil?
  @performance_budget = value.to_f / 1000
end
update_whitelisted_ips(paths) click to toggle source
# File lib/sqreen/runner.rb, line 74
def update_whitelisted_ips(paths)
  @whitelisted_ips = Hash[paths.map { |v| [v, IPAddr.new(v)] }].freeze
end
update_whitelisted_paths(paths) click to toggle source
# File lib/sqreen/runner.rb, line 69
def update_whitelisted_paths(paths)
  @whitelisted_paths = paths.freeze
end