From 24774706079985d82c4ac7363aef1f793f1de162 Mon Sep 17 00:00:00 2001
From: Felipe Zimmerle <felipe@zimmerle.org>
Date: Fri, 24 Jun 2016 15:17:29 -0300
Subject: [PATCH] Adds support to the resource collection

---
 headers/modsecurity/collection/collections.h |  4 +-
 headers/modsecurity/modsecurity.h            |  1 +
 src/actions/init_col.cc                      |  6 ++-
 src/collection/collections.cc                | 41 +++++++++++++++++++-
 src/modsecurity.cc                           |  2 +
 src/transaction.cc                           |  3 +-
 6 files changed, 52 insertions(+), 5 deletions(-)

diff --git a/headers/modsecurity/collection/collections.h b/headers/modsecurity/collection/collections.h
index 113c959c..0cb408f7 100644
--- a/headers/modsecurity/collection/collections.h
+++ b/headers/modsecurity/collection/collections.h
@@ -46,7 +46,7 @@ class Collections :
     public std::unordered_map<std::string, Collection *> {
  public:
     Collections(Collection *global, Collection *ip, Collection *session,
-        Collection *user);
+        Collection *user, Collection *resource);
     ~Collections();
 
     void store(std::string key, std::string value);
@@ -89,11 +89,13 @@ class Collections :
     std::string m_ip_collection_key;
     std::string m_session_collection_key;
     std::string m_user_collection_key;
+    std::string m_resource_collection_key;
 
     Collection *m_global_collection;
     Collection *m_ip_collection;
     Collection *m_session_collection;
     Collection *m_user_collection;
+    Collection *m_resource_collection;
 };
 
 }  // namespace collection
diff --git a/headers/modsecurity/modsecurity.h b/headers/modsecurity/modsecurity.h
index e8de6c36..a87574de 100644
--- a/headers/modsecurity/modsecurity.h
+++ b/headers/modsecurity/modsecurity.h
@@ -223,6 +223,7 @@ class ModSecurity {
     };
 
     collection::Collection *m_global_collection;
+    collection::Collection *m_resource_collection;
     collection::Collection *m_ip_collection;
     collection::Collection *m_session_collection;
     collection::Collection *m_user_collection;
diff --git a/src/actions/init_col.cc b/src/actions/init_col.cc
index a3a0b269..d381f934 100644
--- a/src/actions/init_col.cc
+++ b/src/actions/init_col.cc
@@ -43,7 +43,9 @@ bool InitCol::init(std::string *error) {
     m_collection_key = std::string(m_parser_payload, 0,  posEquals);
     m_collection_value = std::string(m_parser_payload, posEquals + 1);
 
-    if (m_collection_key != "ip" && m_collection_key != "global") {
+    if (m_collection_key != "ip" &&
+        m_collection_key != "global" &&
+        m_collection_key != "resource") {
         error->assign("Something wrong with initcol: collection must be `ip' or `global'");
         return false;
     }
@@ -61,6 +63,8 @@ bool InitCol::evaluate(Rule *rule, Transaction *t) {
         t->m_collections.m_ip_collection_key = collectionName;
     } else if (m_collection_key == "global") {
         t->m_collections.m_global_collection_key = collectionName;
+    } else if (m_collection_key == "resource") {
+        t->m_collections.m_resource_collection_key = collectionName;
     } else {
         return false;
     }
diff --git a/src/collection/collections.cc b/src/collection/collections.cc
index 6a907114..d72c0277 100644
--- a/src/collection/collections.cc
+++ b/src/collection/collections.cc
@@ -34,10 +34,12 @@ namespace collection {
 
 
 Collections::Collections(Collection *global,
-    Collection *ip, Collection *session, Collection *user)
-    : m_global_collection_key(""),
+    Collection *ip, Collection *session, Collection *user,
+    Collection *resource) : m_global_collection_key(""),
     m_ip_collection_key(""),
+    m_resource_collection_key(""),
     m_global_collection(global),
+    m_resource_collection(resource),
     m_ip_collection(ip),
     m_session_collection(session),
     m_user_collection(user),
@@ -72,6 +74,14 @@ void Collections::storeOrUpdateFirst(const std::string& collectionName,
         return;
     }
 
+    if (tolower(collectionName) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->storeOrUpdateFirst(collectionName + ":"
+            + variableName, m_resource_collection_key, targetValue);
+        return;
+    }
+
+
     if (tolower(collectionName) == "session"
         && !m_session_collection_key.empty()) {
         m_session_collection->storeOrUpdateFirst(collectionName + ":"
@@ -147,6 +157,12 @@ std::string* Collections::resolveFirst(const std::string& collectionName,
                     + ":" + var, m_global_collection_key);
         }
 
+        if (tolower(collectionName) == "resource"
+            && !m_resource_collection_key.empty()) {
+            return m_resource_collection->resolveFirst(toupper(collectionName)
+                    + ":" + var, m_resource_collection_key);
+        }
+
         if (tolower(collectionName) == "session"
             && !m_session_collection_key.empty()) {
             return m_session_collection->resolveFirst(toupper(collectionName)
@@ -191,6 +207,13 @@ void Collections::resolveSingleMatch(const std::string& var,
         return;
     }
 
+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveSingleMatch(var,
+            m_resource_collection_key, l);
+        return;
+    }
+
     if (tolower(collection) == "session"
         && !m_session_collection_key.empty()) {
         m_session_collection->resolveSingleMatch(var,
@@ -226,6 +249,13 @@ void Collections::resolveMultiMatches(const std::string& var,
         return;
     }
 
+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveMultiMatches(var,
+            m_resource_collection_key, l);
+        return;
+    }
+
     if (tolower(collection) == "session"
         && !m_session_collection_key.empty()) {
         m_session_collection->resolveMultiMatches(var,
@@ -261,6 +291,13 @@ void Collections::resolveRegularExpression(const std::string& var,
         return;
     }
 
+    if (tolower(collection) == "resource"
+        && !m_resource_collection_key.empty()) {
+        m_resource_collection->resolveRegularExpression(toupper(collection)
+            + ":" + var, m_resource_collection_key, l);
+        return;
+    }
+
     if (tolower(collection) == "session"
         && !m_session_collection_key.empty()) {
         m_session_collection->resolveRegularExpression(toupper(collection)
diff --git a/src/modsecurity.cc b/src/modsecurity.cc
index 5b8498a1..fee58ff9 100644
--- a/src/modsecurity.cc
+++ b/src/modsecurity.cc
@@ -47,6 +47,7 @@ namespace modsecurity {
 ModSecurity::ModSecurity()
     : m_connector(""),
     m_global_collection(new collection::backend::InMemoryPerProcess()),
+    m_resource_collection(new collection::backend::InMemoryPerProcess()),
     m_ip_collection(new collection::backend::InMemoryPerProcess()),
     m_session_collection(new collection::backend::InMemoryPerProcess()),
     m_user_collection(new collection::backend::InMemoryPerProcess()),
@@ -67,6 +68,7 @@ ModSecurity::~ModSecurity() {
     Utils::GeoLookup::getInstance().cleanUp();
 #endif
     delete m_global_collection;
+    delete m_resource_collection;
     delete m_ip_collection;
     delete m_session_collection;
     delete m_user_collection;
diff --git a/src/transaction.cc b/src/transaction.cc
index f0962c5f..c0cb6b1f 100644
--- a/src/transaction.cc
+++ b/src/transaction.cc
@@ -116,7 +116,8 @@ Transaction::Transaction(ModSecurity *ms, Rules *rules, void *logCbData)
     m_logCbData(logCbData),
     m_ms(ms),
     m_collections(ms->m_global_collection, ms->m_ip_collection,
-        ms->m_session_collection, ms->m_user_collection),
+        ms->m_session_collection, ms->m_user_collection,
+        ms->m_resource_collection),
     m_xml(new RequestBodyProcessor::XML(this)) {
     m_id = std::to_string(this->m_timeStamp) + \
         std::to_string(generate_transaction_unique_id());