actions: Removes Rule parameter from runtime execute

Generals organization on the Action class

src/actions/disruptive/allow.cc

@@ -13,16 +13,19 @@
  *
  */
 
+
 #include "src/actions/disruptive/allow.h"
 
-#include <iostream>
 #include <string>
 
-#include "modsecurity/rules_set.h"
 #include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
+/**
+ * FIXME: rules_set.h inclusion is here due to ms_dbg_a.
+ *        It should be removed.
+ */
+#include "modsecurity/rules_set.h"
+
 #include "src/utils/string.h"
-#include "modsecurity/modsecurity.h"
 
 
 namespace modsecurity {
@@ -31,7 +34,7 @@ namespace disruptive {
 
 
 bool Allow::init(std::string *error) {
-    std::string a = utils::string::tolower(m_parser_payload);
+    std::string a = utils::string::tolower(m_parserPayload);
 
     if (a == "phase") {
         m_allowType = PhaseAllowType;
@@ -49,7 +52,7 @@ bool Allow::init(std::string *error) {
 }
 
 
-bool Allow::execute(RuleWithActions *rule, Transaction *transaction) {
+bool Allow::execute(Transaction *transaction) noexcept {
     ms_dbg_a(transaction, 4, "Dropping the evaluation of upcoming rules " \
         "in favor of an `allow' action of type: " \
         + allowTypeToName(m_allowType));

src/actions/disruptive/allow.h

@@ -13,20 +13,20 @@
  *
  */
 
+
 #include <string>
 
 #include "modsecurity/actions/action.h"
+#include "modsecurity/transaction.h"
+
+#include "src/actions/disruptive/disruptive_action.h"
+
 
 #ifndef SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
 #define SRC_ACTIONS_DISRUPTIVE_ALLOW_H_
 
-#ifdef __cplusplus
-class Transaction;
 
 namespace modsecurity {
-class Transaction;
-class RuleWithOperator;
-
 namespace actions {
 namespace disruptive {
 
@@ -51,17 +51,18 @@ enum AllowType : int {
 };
 
 
-class Allow : public Action {
+class Allow : public ActionDisruptive {
  public:
-    explicit Allow(const std::string &action) 
-        : Action(action, RunTimeOnlyIfMatchKind),
-        m_allowType(NoneAllowType) { }
-
+    explicit Allow(const std::string &action)
+        : Action(action),
+        m_allowType(NoneAllowType)
+    { }
 
     bool init(std::string *error) override;
-    bool execute(RuleWithActions *rule, Transaction *transaction) override;
-    bool isDisruptive() override { return true; }
 
+    bool execute(Transaction *transaction) noexcept override;
+
+ private:
     AllowType m_allowType;
 
     static std::string allowTypeToName(AllowType a) {
@@ -83,6 +84,6 @@ class Allow : public Action {
 }  // namespace disruptive
 }  // namespace actions
 }  // namespace modsecurity
-#endif
+
 
 #endif  // SRC_ACTIONS_DISRUPTIVE_ALLOW_H_

src/actions/disruptive/deny.cc

@@ -13,22 +13,26 @@
  *
  */
 
+
 #include "src/actions/disruptive/deny.h"
 
-#include <string.h>
-#include <iostream>
 #include <string>
-#include <cstring>
-#include <memory>
 
 #include "modsecurity/transaction.h"
+/**
+ * FIXME: rules_set.h inclusion is here due to ms_dbg_a.
+ *        It should be removed.
+ */
+#include "modsecurity/rules_set.h"
+#include "modsecurity/rule_message.h"
+
 
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-bool Deny::execute(RuleWithActions *rule, Transaction *transaction) {
+bool Deny::execute(Transaction *transaction) noexcept {
     ms_dbg_a(transaction, 8, "Running action deny");
 
     if (transaction->m_it.status == 200) {
@@ -37,9 +41,10 @@ bool Deny::execute(RuleWithActions *rule, Transaction *transaction) {
 
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    transaction->messageGetLast()->setRule(rule);
     transaction->m_it.log = strdup(
-        transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        transaction->messageGetLast()->log(
+            RuleMessage::LogMessageInfo::ClientLogMessageInfo)
+                .c_str());
 
     return true;
 }

src/actions/disruptive/deny.h

@@ -13,28 +13,31 @@
  *
  */
 
-#include <string>
-#include <memory>
 
-#include "modsecurity/rules_set.h"
+#include <string>
+
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
-#include "modsecurity/rule_message.h"
+
+#include "src/actions/disruptive/disruptive_action.h"
+
 
 #ifndef SRC_ACTIONS_DISRUPTIVE_DENY_H_
 #define SRC_ACTIONS_DISRUPTIVE_DENY_H_
 
+
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-class Deny : public Action {
+class Deny : public ActionDisruptive {
  public:
-    explicit Deny(const std::string &action) : Action(action) { }
+    Deny()
+        : Action("deny")
+    { }
 
-    bool execute(RuleWithActions *rule, Transaction *transaction) override;
-    bool isDisruptive() override { return true; }
+    bool execute(Transaction *transaction) noexcept override;
 };
 
 
@@ -42,4 +45,5 @@ class Deny : public Action {
 }  // namespace actions
 }  // namespace modsecurity
 
+
 #endif  // SRC_ACTIONS_DISRUPTIVE_DENY_H_

src/actions/disruptive/disruptive_action.h

@@ -0,0 +1,45 @@
+/*
+ * ModSecurity, http://www.modsecurity.org/
+ * Copyright (c) 2015 - 2020 Trustwave Holdings, Inc. (http://www.trustwave.com/)
+ *
+ * You may not use this file except in compliance with
+ * the License.  You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * If any of the files related to licensing are missing or if you have any
+ * other questions related to licensing please contact Trustwave Holdings, Inc.
+ * directly using the email address security@modsecurity.org.
+ *
+ */
+
+
+#include <string>
+
+#include "modsecurity/actions/action.h"
+#include "src/actions/action_allowed_in_sec_default_action.h"
+
+
+#ifndef SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
+#define SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_
+
+
+namespace modsecurity {
+namespace actions {
+namespace disruptive {
+
+
+class ActionDisruptive : public ActionAllowedAsSecDefaultAction {
+ public:
+    bool isDisruptive() override {
+       return true;
+    }
+};
+
+
+}  // namespace disruptive
+}  // namespace actions
+}  // namespace modsecurity
+
+
+#endif  // SRC_ACTIONS_DISRUPTIVE_DISRUPTIVE_ACTION_H_

src/actions/disruptive/drop.cc

@@ -13,26 +13,26 @@
  *
  */
 
+
 #include "src/actions/disruptive/drop.h"
 
-#include <string.h>
-#include <iostream>
 #include <string>
-#include <cstring>
-#include <memory>
 
-#include "modsecurity/rules_set.h"
 #include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
-#include "src/utils/string.h"
-#include "modsecurity/modsecurity.h"
+/**
+ * FIXME: rules_set.h inclusion is here due to ms_dbg_a.
+ *        It should be removed.
+ */
+#include "modsecurity/rules_set.h"
+#include "modsecurity/rule_message.h"
+
 
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-bool Drop::execute(RuleWithActions *rule, Transaction *transaction) {
+bool Drop::execute(Transaction *transaction) noexcept {
     ms_dbg_a(transaction, 8, "Running action drop " \
         "[executing deny instead of drop.]");
 
@@ -42,9 +42,11 @@ bool Drop::execute(RuleWithActions *rule, Transaction *transaction) {
 
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    transaction->messageGetLast()->setRule(rule);
+
     transaction->m_it.log = strdup(
-        transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        transaction->messageGetLast()->log(
+            RuleMessage::LogMessageInfo::ClientLogMessageInfo)
+                .c_str());
 
     return true;
 }

src/actions/disruptive/drop.h

@@ -13,27 +13,31 @@
  *
  */
 
+
 #include <string>
-#include <memory>
 
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
-#include "modsecurity/rule_message.h"
+
+#include "src/actions/disruptive/disruptive_action.h"
+
 
 #ifndef SRC_ACTIONS_DISRUPTIVE_DROP_H_
 #define SRC_ACTIONS_DISRUPTIVE_DROP_H_
 
+
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-class Drop : public Action {
+class Drop : public ActionDisruptive {
  public:
-    explicit Drop(const std::string &action) : Action(action) { }
+    Drop()
+        : Action("drop")
+    { }
 
-    bool execute(RuleWithActions *rule, Transaction *transaction) override;
-    bool isDisruptive() override { return true; }
+    bool execute(Transaction *transaction) noexcept override;
 };
 
 

src/actions/disruptive/pass.cc

@@ -13,23 +13,25 @@
  *
  */
 
+
 #include "src/actions/disruptive/pass.h"
 
-#include <iostream>
 #include <string>
-#include <memory>
 
-#include "modsecurity/rules_set.h"
 #include "modsecurity/transaction.h"
-#include "modsecurity/rule.h"
-#include "modsecurity/rule_message.h"
+/**
+ * FIXME: rules_set.h inclusion is here due to ms_dbg_a.
+ *        It should be removed.
+ */
+#include "modsecurity/rules_set.h"
+
 
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-bool Pass::execute(RuleWithActions *rule, Transaction *transaction) {
+bool Pass::execute(Transaction *transaction) noexcept {
     intervention::free(&transaction->m_it);
     intervention::reset(&transaction->m_it);
 

src/actions/disruptive/pass.h

@@ -13,26 +13,31 @@
  *
  */
 
+
 #include <string>
-#include <memory>
 
 #include "modsecurity/actions/action.h"
 #include "modsecurity/transaction.h"
 
+#include "src/actions/disruptive/disruptive_action.h"
+
+
 #ifndef SRC_ACTIONS_DISRUPTIVE_PASS_H_
 #define SRC_ACTIONS_DISRUPTIVE_PASS_H_
 
+
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-class Pass : public Action {
+class Pass : public ActionDisruptive {
  public:
-    explicit Pass(const std::string &action) : Action(action) { }
+    Pass()
+        : Action("pass")
+    { }
 
-    bool execute(RuleWithActions *rule, Transaction *transaction) override;
-    bool isDisruptive() override { return true; }
+    bool execute(Transaction *transaction) noexcept override;
 };
 
 

src/actions/disruptive/redirect.cc

@@ -13,32 +13,31 @@
  *
  */
 
+
 #include "src/actions/disruptive/redirect.h"
 
-#include <string.h>
-#include <iostream>
 #include <string>
-#include <memory>
 
 #include "modsecurity/transaction.h"
-#include "src/utils/string.h"
+/**
+ * FIXME: rules_set.h inclusion is here due to ms_dbg_a.
+ *        It should be removed.
+ */
+#include "modsecurity/rules_set.h"
+#include "modsecurity/rule_message.h"
+
 
 namespace modsecurity {
 namespace actions {
 namespace disruptive {
 
 
-bool Redirect::init(std::string *error) {
-    m_status = 302;
-    return true;
-}
-
-
-bool Redirect::execute(RuleWithActions *rule, Transaction *transaction) {
+bool Redirect::execute(Transaction *transaction) noexcept {
     std::string m_urlExpanded(getEvaluatedRunTimeString(transaction));
     /* if it was changed before, lets keep it. */
     if (transaction->m_it.status == 200
-        || (!(transaction->m_it.status <= 307 && transaction->m_it.status >= 301))) {
+        || (!(transaction->m_it.status <= 307
+            && transaction->m_it.status >= 301))) {
         transaction->m_it.status = m_status;
     }
 
@@ -46,9 +45,11 @@ bool Redirect::execute(RuleWithActions *rule, Transaction *transaction) {
     transaction->m_it.url = strdup(m_urlExpanded.c_str());
     transaction->m_it.disruptive = true;
     intervention::freeLog(&transaction->m_it);
-    transaction->messageGetLast()->setRule(rule);
+
     transaction->m_it.log = strdup(
-        transaction->messageGetLast()->log(RuleMessage::LogMessageInfo::ClientLogMessageInfo).c_str());
+        transaction->messageGetLast()->log(
+            RuleMessage::LogMessageInfo::ClientLogMessageInfo)
+                .c_str());
 
     return true;
 }

src/actions/disruptive/redirect.h

@@ -13,49 +13,49 @@
  *
  */
 
+
 #include <string>
 #include <memory>
 #include <utility>
 
 #include "modsecurity/actions/action.h"
-#include "modsecurity/rule_message.h"
+#include "modsecurity/transaction.h"
+
 #include "src/actions/action_with_run_time_string.h"
+#include "src/actions/disruptive/disruptive_action.h"
+#include "src/run_time_string.h"
+
 
 #ifndef SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
 #define SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_
 
-#ifdef __cplusplus
-class Transaction;
 
 namespace modsecurity {
-class Transaction;
-
 namespace actions {
 namespace disruptive {
 
 
-class Redirect : public ActionWithRunTimeString {
+class Redirect : public ActionWithRunTimeString, public ActionDisruptive {
  public:
     explicit Redirect(std::unique_ptr<RunTimeString> runTimeString)
-        : ActionWithRunTimeString(
-            "redirert",
-            RunTimeOnlyIfMatchKind,
-            std::move(runTimeString)),
-        m_status(0)
-    { };
+        : ActionWithRunTimeString(std::move(runTimeString)),
+        Action("redirect"),
+        m_status(302)
+    { }
+
 
     explicit Redirect(const Redirect &action)
         : ActionWithRunTimeString(action),
+        ActionDisruptive(action),
+        Action(action),
         m_status(action.m_status)
-    { };
+    { }
 
-    bool init(std::string *error) override;
 
-    bool execute(RuleWithActions *rule, Transaction *transaction) override;
+    bool execute(Transaction *transaction) noexcept override;
 
-    bool isDisruptive() override { return true; }
 
-    virtual ActionWithRunTimeString *clone() override {
+    ActionWithRunTimeString *clone() override {
         return new Redirect(*this);
     }
 
@@ -67,6 +67,6 @@ class Redirect : public ActionWithRunTimeString {
 }  // namespace disruptive
 }  // namespace actions
 }  // namespace modsecurity
-#endif
+
 
 #endif  // SRC_ACTIONS_DISRUPTIVE_REDIRECT_H_