github_mirrors/openappsec
3
0
Fork 1
mirror of https://github.com/openappsec/openappsec.git synced 2025-09-29 11:16:30 +03:00
Code Issues Packages Projects Releases Wiki Activity

Jun 16th update

Browse Source
This commit is contained in:
noam
2023-01-17 11:34:09 +02:00
parent 90bcc544a2
commit ad04b8d063
168 changed files with 64034 additions and 932 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
core/include/attachments/attachment_types.h
View File

@@ -23,6 +23,7 @@ enum AttachmentType
{
NGINX_ATT_ID,
PRELOAD_ATT_ID,
SQUID_ATT_ID,
#ifdef __cplusplus
COUNT
#endif

15
core/include/general/c_common/networking_headers.h
View File

@@ -53,6 +53,10 @@ enum DccpPacketType {
DCCP_PKT_INVALID,
};
struct net_device {
int ifindex;
};
struct sk_buff {
uint16_t protocol;
union {
@@ -67,10 +71,13 @@ struct sk_buff {
struct sctphdr *sctp_header;
struct dccphdr *dccp_header;
} transport_header;
unsigned char *tail;
unsigned char *data;
unsigned char *head;
unsigned int len;
unsigned char *tail;
unsigned char *data;
unsigned char *head;
unsigned int len;
struct sock *sk;
void (*destructor)(struct sk_buff *);
struct net_device *dev;
};
struct geneve_opt {

7
core/include/general/debug.h
View File

@@ -32,13 +32,6 @@ class I_Encryptor;
class I_AgentDetails;
class I_SignalHandler;
namespace Config
{
enum class Errors;
}
std::ostream & operator<<(std::ostream &os, const Config::Errors &err);
class Debug
:
Singleton::Consume<I_TimeGet>,

103
core/include/general/tenant_profile_pair.h Normal file
View File

@@ -0,0 +1,103 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __TENANT_PROFILE_PAIR_H__
#define __TENANT_PROFILE_PAIR_H__
#include <string>
#include "hash_combine.h"
class TenantProfilePair
{
public:
TenantProfilePair(const std::string &_tenant_id, const std::string &_profile_id)
:
tenant_id(_tenant_id),
profile_id(_profile_id)
{
}
size_t
hash() const
{
size_t seed = 0;
hashCombine(seed, tenant_id);
hashCombine(seed, profile_id);
return seed;
}
bool
operator==(const TenantProfilePair &other) const
{
return (tenant_id == other.tenant_id && profile_id == other.profile_id);
}
bool
operator>(const TenantProfilePair &other) const
{
if (tenant_id > other.tenant_id) {
return true;
} else if (tenant_id == other.tenant_id && profile_id > other.profile_id) {
return true;
}
return false;
}
bool
operator<(const TenantProfilePair &other) const
{
return !(*this >= other);
}
bool
operator>=(const TenantProfilePair &other) const
{
return (*this > other) || (*this == other);
}
bool
operator<=(const TenantProfilePair &other) const
{
return !(*this > other);
}
std::string
getTenantId() const
{
return tenant_id;
}
std::string
getPfofileId() const
{
return profile_id;
}
private:
std::string tenant_id;
std::string profile_id;
};
namespace std
{
template <>
struct hash<TenantProfilePair>
{
size_t operator()(const TenantProfilePair &tenant_profile) const { return tenant_profile.hash(); }
};
}
#endif // __TENANT_PROFILE_PAIR_H__

1
core/include/services_sdk/interfaces/i_encryptor.h
View File

@@ -37,6 +37,7 @@ public:
virtual std::string obfuscateXor(const std::string &input) = 0;
virtual std::string obfuscateXorBase64(const std::string &input) = 0;
protected:
virtual ~I_Encryptor() {}
};

4
core/include/services_sdk/interfaces/i_environment.h
View File

@@ -74,8 +74,8 @@ public:
template <typename ... Attr>
std::map<std::string, bool> getAllBools(Attr ... attr) const { return getAllBools(Param(attr ...)); }
virtual void setActiveTenant(const std::string &tenant_id) = 0;
virtual void unsetActiveTenant() = 0;
virtual void setActiveTenantAndProfile(const std::string &tenant_id, const std::string &profile_id = "") = 0;
virtual void unsetActiveTenantAndProfile() = 0;
virtual std::string getCurrentTrace() const = 0;
virtual std::string getCurrentSpan() const = 0;

40
core/include/services_sdk/interfaces/i_intelligence_is_v2.h
View File

@@ -69,6 +69,44 @@ public:
return intelligence_query.getData();
}
template<typename Data>
Maybe<std::vector<Maybe<std::vector<AssetReply<Data>>>>>
queryIntelligence(std::vector<QueryRequest> &query_requests)
{
static const uint upper_assets_limit = 50;
static const uint upper_confidence_limit = 1000;
for (QueryRequest &query_request : query_requests) {
uint assets_limit = query_request.getAssetsLimit();
if (assets_limit == 0 || assets_limit > upper_assets_limit) {
dbgTrace(D_INTELLIGENCE)
<< "Assets limit for request is "
<< upper_assets_limit
<< ", requests assets: "
<< assets_limit;
return genError("Assets limit valid range is of [1, " + std::to_string(upper_assets_limit) + "]");
}
bool min_conf_res = query_request.checkMinConfidence(upper_confidence_limit);
if (!min_conf_res) {
dbgTrace(D_INTELLIGENCE) << "Illegal confidence value";
return genError(
"Minimum confidence value valid range is of [1, " + std::to_string(upper_confidence_limit) + "]"
);
}
}
IntelligenceQuery<Data> intelligence_query(query_requests);
static const std::string query_uri = "/api/v2/intelligence/assets/queries";
dbgTrace(D_INTELLIGENCE) << "Sending intelligence bulk request with " << query_requests.size() << " items";
bool res = getIsOfflineOnly() ? false : sendQueryObject(intelligence_query, query_uri, upper_assets_limit);
if (!res) {
dbgTrace(D_INTELLIGENCE) << "Could not message fog, bulk request failed.";
return genError("Could not query intelligence");
}
return intelligence_query.getBulkData();
}
private:
template<typename Data>
bool
@@ -138,7 +176,7 @@ private:
std::chrono::seconds seconds_since_start = std::chrono::seconds(0);
std::chrono::seconds seconds_since_last_lap = std::chrono::seconds(0);
bool res= true;
bool res = true;
while (res &&
intelligence_query.getResponseStatus() == ResponseStatus::IN_PROGRESS &&
seconds_since_start < request_overall_timeout &&

3
core/include/services_sdk/interfaces/i_messaging.h
View File

@@ -92,8 +92,9 @@ public:
auto res_json = obj.loadJson(res.unpack());
if (!res_json) {
dbgWarning(D_COMMUNICATION) << "Failed to parse response body. Content: " << res.unpack();
} else {
dbgTrace(D_COMMUNICATION) << "Successfully parsed response body";
}
dbgTrace(D_COMMUNICATION) << "Successfully parsed response body";
return res_json;
}

22
core/include/services_sdk/interfaces/i_tenant_manager.h
View File

@@ -25,22 +25,30 @@ public:
using newTenantCB = std::function<void(const std::vector<std::string> &)>;
virtual void uponNewTenants(const newTenantCB &cb) = 0;
virtual bool isTenantActive(const std::string &tenant_id) const = 0;
virtual bool areTenantAndProfileActive(const std::string &tenant_id, const std::string &profile_id) const = 0;
virtual std::vector<std::string> fetchActiveTenants() const = 0;
virtual std::vector<std::string> getInstances(const std::string &tenant_id) const = 0;
virtual std::vector<std::string> fetchAllActiveTenants() const = 0;
virtual std::vector<std::string> getInstances(
const std::string &tenant_id,
const std::string &profile_id
) const = 0;
virtual std::vector<std::string> fetchProfileIds(const std::string &tenant_id) const = 0;
virtual void addActiveTenant(const std::string &tenant_id) = 0;
virtual void addActiveTenants(const std::vector<std::string> &tenants_id) = 0;
virtual void deactivateTenant(const std::string &tenant_id, const std::string &profile_id) = 0;
virtual void deactivateTenant(const std::string &tenant_id) = 0;
virtual void deactivateTenants(const std::vector<std::string> &tenants_id) = 0;
virtual void addActiveTenantAndProfile(const std::string &tenant_id, const std::string &profile_id) = 0;
virtual std::chrono::microseconds getTimeoutVal() const = 0;
private:
friend class LoadNewTenants;
virtual void addInstance(const std::string &tenant_id, const std::string &instace_id) = 0;
friend class LoadNewTenantsAndProfiles;
virtual void addInstance(
const std::string &tenant_id,
const std::string &profile_id,
const std::string &instace_id
) = 0;
protected:
virtual ~I_TenantManager() {}

4
core/include/services_sdk/interfaces/intelligence_is_v2/asset_source_v2_impl.h
View File

@@ -38,8 +38,10 @@ SerializableAssetSource<UserSerializableReplyAttr>::load(cereal::JSONInputArchiv
UserSerializableReplyAttr raw_attribute;
try {
ar(cereal::make_nvp("attributes", raw_attribute));
attributes.clear();
attributes.push_back(raw_attribute);
} catch(const std::exception &e) {}
attributes.push_back(raw_attribute);
}
#endif //__ASSET_SOURCE_V2_IMPL_H__

94
core/include/services_sdk/interfaces/intelligence_is_v2/bulk_query_response_v2.h Normal file
View File

@@ -0,0 +1,94 @@
// Copyright (C) 2022 Check Point Software Technologies Ltd. All rights reserved.
// Licensed under the Apache License, Version 2.0 (the "License");
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef __BULK_QUERY_RESPONSE_V2_H__
#define __BULK_QUERY_RESPONSE_V2_H__
#include <sstream>
#include <vector>
#include <string>
#include "cereal/archives/json.hpp"
#include "cereal/types/vector.hpp"
#include "debug.h"
#include "intelligence_types_v2.h"
USE_DEBUG_FLAG(D_INTELLIGENCE);
class BulkResponseError
{
public:
void
serialize(cereal::JSONInputArchive &ar)
{
ar(
cereal::make_nvp("index", index),
cereal::make_nvp("statusCode", status_code),
cereal::make_nvp("message", message)
);
}
unsigned int getIndex() const { return index; }
int getStatusCode() const { return status_code; }
const std::string & getMessage() const { return message; }
private:
unsigned int index;
int status_code;
std::string message;
};
template <typename UserSerializableReplyAttr>
class ValidBulkQueryResponse
{
public:
void
serialize(cereal::JSONInputArchive &ar)
{
ar(
cereal::make_nvp("index", index),
cereal::make_nvp("response", response)
);
}
unsigned int getIndex() const { return index; }
const IntelligenceQueryResponse<UserSerializableReplyAttr> & getResponse() const { return response; }
private:
unsigned int index;
IntelligenceQueryResponse<UserSerializableReplyAttr> response;
};
template <typename UserSerializableReplyAttr>
class IntelligenceQueryBulkResponse
{
public:
void
serialize(cereal::JSONInputArchive &ar)
{
ar(cereal::make_nvp("queriesResponse", valid_responses));
try {
ar(cereal::make_nvp("errors", errors));
} catch(...) {}
}
const std::vector<ValidBulkQueryResponse<UserSerializableReplyAttr>> & getValid() { return valid_responses; }
const std::vector<BulkResponseError> & getErrors() { return errors; }
private:
std::vector<ValidBulkQueryResponse<UserSerializableReplyAttr>> valid_responses;
std::vector<BulkResponseError> errors;
};
#endif // __BULK_QUERY_RESPONSE_V2_H__

25
core/include/services_sdk/interfaces/intelligence_is_v2/intelligence_query_v2.h
View File

@@ -14,10 +14,13 @@
#ifndef __INTELLIGENCE_QUERY_V2_H__
#define __INTELLIGENCE_QUERY_V2_H__
#include<vector>
#include "cereal/archives/json.hpp"
#include "intelligence_types_v2.h"
#include "query_request_v2.h"
#include "query_response_v2.h"
#include "bulk_query_response_v2.h"
#include "rest.h"
template <typename UserSerializableReplyAttr>
@@ -27,7 +30,17 @@ public:
IntelligenceQuery(QueryRequest &filter)
:
request(filter),
response()
response(),
responses(),
is_bulk(false)
{}
IntelligenceQuery(std::vector<QueryRequest> &filters)
:
requests(filters),
response(),
responses(),
is_bulk(true)
{}
Maybe<std::string> genJson() const;
@@ -37,7 +50,8 @@ public:
void save(cereal::JSONOutputArchive &ar) const;
std::vector<AssetReply<UserSerializableReplyAttr>> getData();
ResponseStatus getResponseStatus() { return response.getResponseStatus(); }
std::vector<Maybe<std::vector<AssetReply<UserSerializableReplyAttr>>>> getBulkData();
ResponseStatus getResponseStatus();
int getResponseAssetCollectionsSize() const { return response.getAssetCollectionsSize(); }
const std::string & getResponseCursorVal() const { return response.getCursor(); }
@@ -46,8 +60,13 @@ public:
void setRequestCursor(CursorState state, const std::string &value);
private:
QueryRequest &request;
static QueryRequest dummy_query_request;
static std::vector<QueryRequest> dummy_query_requests;
std::vector<QueryRequest> &requests = dummy_query_requests;
QueryRequest &request = dummy_query_request;
IntelligenceQueryResponse<UserSerializableReplyAttr> response;
std::vector<IntelligenceQueryResponse<UserSerializableReplyAttr>> responses;
bool is_bulk;
};
#include "intelligence_query_v2_impl.h"

91
core/include/services_sdk/interfaces/intelligence_is_v2/intelligence_query_v2_impl.h
View File

@@ -20,6 +20,13 @@
USE_DEBUG_FLAG(D_INTELLIGENCE);
template <typename UserSerializableReplyAttr>
QueryRequest IntelligenceQuery<UserSerializableReplyAttr>::dummy_query_request = QueryRequest();
template <typename UserSerializableReplyAttr>
std::vector<QueryRequest> IntelligenceQuery<UserSerializableReplyAttr>::dummy_query_requests =
std::vector<QueryRequest>();
template <typename UserSerializableReplyAttr>
Maybe<std::string>
IntelligenceQuery<UserSerializableReplyAttr>::genJson() const
@@ -28,7 +35,16 @@ IntelligenceQuery<UserSerializableReplyAttr>::genJson() const
std::stringstream out;
{
cereal::JSONOutputArchive out_ar(out);
request.saveToJson(out_ar);
if (is_bulk) {
std::vector<BulkQueryRequest> bulk_requests;
int index = 0;
for (QueryRequest &request : requests) {
bulk_requests.push_back(BulkQueryRequest(request, index++));
}
out_ar(cereal::make_nvp("queries", bulk_requests));
} else {
request.saveToJson(out_ar);
}
}
return out.str();
}
@@ -58,14 +74,45 @@ template <typename UserSerializableReplyAttr>
void
IntelligenceQuery<UserSerializableReplyAttr>::load(cereal::JSONInputArchive &ar)
{
response.loadFromJson(ar);
if (is_bulk) {
IntelligenceQueryBulkResponse<UserSerializableReplyAttr> bulk_response;
bulk_response.serialize(ar);
unsigned int error_idx = 0;
unsigned int valid_idx = 0;
const auto &valid_response = bulk_response.getValid();
const auto &errors = bulk_response.getErrors();
responses.reserve(requests.size());
dbgTrace(D_INTELLIGENCE) << "Received response for bulk request with " << requests.size() << " items";
for (unsigned int query_idx = 0; query_idx < requests.size(); query_idx++) {
if (valid_response[valid_idx].getIndex() == query_idx) {
responses.push_back(valid_response[valid_idx].getResponse());
dbgTrace(D_INTELLIGENCE) << "Item #" << query_idx << " is valid";
valid_idx++;
} else if (error_idx < errors.size() && errors[error_idx].getIndex() == query_idx) {
responses.emplace_back();
responses[query_idx].setFailInBulk();
dbgTrace(D_INTELLIGENCE) << "Item #" << query_idx << " is invalid";
error_idx++;
} else {
dbgWarning(D_INTELLIGENCE)
<< "Query index was not found neither in valid nor error responses, assuming error";
responses[query_idx].setFailInBulk();
}
}
} else {
response.loadFromJson(ar);
}
}
template <typename UserSerializableReplyAttr>
void
IntelligenceQuery<UserSerializableReplyAttr>::save(cereal::JSONOutputArchive &ar) const
{
request.saveToJson(ar);
if (!is_bulk) {
request.saveToJson(ar);
} else {
ar(cereal::make_nvp("queries", requests));
}
}
template <typename UserSerializableReplyAttr>
@@ -75,6 +122,27 @@ IntelligenceQuery<UserSerializableReplyAttr>::getData()
return response.getData();
}
template <typename UserSerializableReplyAttr>
std::vector<Maybe<std::vector<AssetReply<UserSerializableReplyAttr>>>>
IntelligenceQuery<UserSerializableReplyAttr>::getBulkData()
{
std::vector<Maybe<std::vector<AssetReply<UserSerializableReplyAttr>>>> bulk_data;
bulk_data.reserve(responses.size());
int index = 0;
for (const auto &res: responses) {
if (!res.isValidInBulk()) {
dbgTrace(D_INTELLIGENCE) << "Request #" << index << " in bulk failed";
bulk_data.push_back(genError("Received error for request in bulk"));
index++;
} else {
dbgTrace(D_INTELLIGENCE) << "Request #" << index << " in bulk received valid response";
bulk_data.push_back(res.getData());
index++;
}
}
return bulk_data;
}
template <typename UserSerializableReplyAttr>
void
IntelligenceQuery<UserSerializableReplyAttr>::activatePaging()
@@ -86,10 +154,27 @@ template <typename UserSerializableReplyAttr>
Maybe<Intelligence_IS_V2::CursorState>
IntelligenceQuery<UserSerializableReplyAttr>::getPagingStatus()
{
if (is_bulk) return genError("Paging not activated in bulk mode");
if (!request.isPagingActivated()) return genError("Paging not activated");
return request.getCursorState();
}
template <typename UserSerializableReplyAttr>
ResponseStatus
IntelligenceQuery<UserSerializableReplyAttr>::getResponseStatus()
{
if (!is_bulk) return response.getResponseStatus();
if (responses.size() == 0) return ResponseStatus::IN_PROGRESS;
for (const auto &response_itr : responses) {
if (response_itr.isValidInBulk() && response_itr.getResponseStatus() == ResponseStatus::IN_PROGRESS) {
return ResponseStatus::IN_PROGRESS;
}
}
return ResponseStatus::DONE;
}
template <typename UserSerializableReplyAttr>
void
IntelligenceQuery<UserSerializableReplyAttr>::setRequestCursor(CursorState state, const std::string &value)

18
core/include/services_sdk/interfaces/intelligence_is_v2/query_request_v2.h
View File

@@ -38,6 +38,7 @@ public:
);
void saveToJson(cereal::JSONOutputArchive &ar) const;
void save(cereal::JSONOutputArchive &ar) const;
uint getAssetsLimit() const;
const SerializableQueryFilter & getQuery() const;
@@ -89,4 +90,21 @@ private:
QueryRequest calcQueryRequestOperator(const QueryRequest &other_query, const Operator &operator_type);
};
class BulkQueryRequest
{
public:
BulkQueryRequest() {}
BulkQueryRequest(QueryRequest &request, int index);
void saveToJson(cereal::JSONOutputArchive &ar) const;
void save(cereal::JSONOutputArchive &ar) const;
QueryRequest getQueryRequest() const;
private:
QueryRequest request;
int index;
};
#endif // __QUERY_REQUEST_V2_H__

6
core/include/services_sdk/interfaces/intelligence_is_v2/query_response_v2.h
View File

@@ -102,17 +102,23 @@ public:
void loadFromJson(cereal::JSONInputArchive &ar);
template<class Archive>
void serialize(Archive &ar);
Intelligence_IS_V2::ResponseStatus getResponseStatus() const;
uint getAmountOfAssets() const;
const std::string & getCursor() const;
int getAssetCollectionsSize() const;
const std::vector<AssetReply<UserSerializableReplyAttr>> & getData() const;
bool isValidInBulk() const;
void setFailInBulk();
private:
Intelligence_IS_V2::ResponseStatus status = Intelligence_IS_V2::ResponseStatus::IN_PROGRESS;
uint total_num_assets = 0;
std::string cursor = "";
std::vector<AssetReply<UserSerializableReplyAttr>> asset_collections;
bool partial_fail_in_bulk = false;
};
#include "query_response_v2_impl.h"

32
core/include/services_sdk/interfaces/intelligence_is_v2/query_response_v2_impl.h
View File

@@ -100,6 +100,24 @@ IntelligenceQueryResponse<UserSerializableReplyAttr>::loadFromJson(cereal::JSONI
} catch(...) {}
}
template<typename UserSerializableReplyAttr>
template<class Archive>
void
IntelligenceQueryResponse<UserSerializableReplyAttr>::serialize(Archive &ar)
{
std::string raw_data;
ar(
cereal::make_nvp("status", raw_data),
cereal::make_nvp("totalNumAssets", total_num_assets),
cereal::make_nvp("assetCollections", asset_collections)
);
status = Intelligence_IS_V2::convertStringToResponseStatus(raw_data);
try {
ar(cereal::make_nvp("cursor", cursor));
} catch(...) {}
}
template <typename UserSerializableReplyAttr>
Intelligence_IS_V2::ResponseStatus
IntelligenceQueryResponse<UserSerializableReplyAttr>::getResponseStatus() const
@@ -135,4 +153,18 @@ IntelligenceQueryResponse<UserSerializableReplyAttr>::getData() const
return asset_collections;
}
template <typename UserSerializableReplyAttr>
bool
IntelligenceQueryResponse<UserSerializableReplyAttr>::isValidInBulk() const
{
return !partial_fail_in_bulk;
}
template <typename UserSerializableReplyAttr>
void
IntelligenceQueryResponse<UserSerializableReplyAttr>::setFailInBulk()
{
partial_fail_in_bulk = true;
}
#endif // __QUERY_RESPONSE_V2_IMPL_H_

5
core/include/services_sdk/interfaces/mock/mock_encryptor.h
View File

@@ -15,11 +15,6 @@ public:
MOCK_METHOD1(obfuscateXor, std::string(const std::string &));
MOCK_METHOD1(obfuscateXorBase64, std::string(const std::string &));
// AES256
MOCK_METHOD1(decryptAES256obfuscateXorBase64, Maybe<std::string>(const std::string &));
MOCK_METHOD1(encryptAES256obfuscateXorBase64, std::string(const std::string &));
MOCK_METHOD1(aes256EncryptWithSizePad, std::string(const std::string &));
MOCK_METHOD1(aes256DecryptWithSizePad, Maybe<std::string>(const std::string &));
};

39
core/include/services_sdk/interfaces/mock/mock_environment.h
View File

@@ -14,36 +14,37 @@ operator<<(std::ostream &os, const Maybe<std::string, Context::Error> &)
class MockEnvironment : public Singleton::Provide<I_Environment>::From<MockProvider<I_Environment>>
{
public:
MOCK_METHOD0 (getConfigurationContext, Context &());
MOCK_CONST_METHOD0(getActiveContexts, const ActiveContexts &());
MOCK_METHOD0 (getConfigurationContext, Context &());
MOCK_CONST_METHOD0(getActiveContexts, const ActiveContexts &());
MOCK_METHOD1 (setActiveTenant, void(const std::string &));
MOCK_METHOD0 (unsetActiveTenant, void());
MOCK_METHOD2 (setActiveTenantAndProfile, void(const std::string &, const std::string &));
MOCK_METHOD0 (unsetActiveTenantAndProfile, void());
MOCK_METHOD1 (registerContext, void(Context *));
MOCK_METHOD1 (unregisterContext, void(Context *));
MOCK_METHOD1 (registerContext, void(Context *));
MOCK_METHOD1 (unregisterContext, void(Context *));
MOCK_METHOD0 (createEnvironment, ActiveContexts());
MOCK_METHOD0 (saveEnvironment, ActiveContexts());
MOCK_METHOD0 (createEnvironment, ActiveContexts());
MOCK_METHOD0 (saveEnvironment, ActiveContexts());
MOCK_CONST_METHOD0(getCurrentTrace, std::string());
MOCK_CONST_METHOD0(getCurrentSpan, std::string());
MOCK_METHOD0(getCurrentHeaders, std::string());
MOCK_METHOD2(startNewTrace, void(bool, const std::string &));
MOCK_METHOD3(startNewSpan, void(Span::ContextType, const std::string &, const std::string &));
MOCK_CONST_METHOD0(getCurrentTrace, std::string());
MOCK_CONST_METHOD0(getCurrentSpan, std::string());
MOCK_METHOD0(getCurrentHeaders, std::string());
MOCK_METHOD2(startNewTrace, void(bool, const std::string &));
MOCK_METHOD3(startNewSpan, void(Span::ContextType, const std::string &, const std::string &));
using on_exit = std::scope_exit<std::function<void(void)>>;
MOCK_METHOD3(startNewSpanScope, on_exit(Span::ContextType, const std::string &, const std::string &));
MOCK_METHOD1(finishTrace, void(const std::string &));
MOCK_METHOD1(finishSpan, void(const std::string &));
MOCK_METHOD3(startNewSpanScope, on_exit(Span::ContextType,
const std::string &, const std::string &));
MOCK_METHOD1(finishTrace, void(const std::string &));
MOCK_METHOD1(finishSpan, void(const std::string &));
// You can't mock a function with an R-value reference. So mock a slightly different one
void loadEnvironment(ActiveContexts &&env) { mockLoadEnvironment(env); }
MOCK_METHOD1 (mockLoadEnvironment, void(const ActiveContexts &));
MOCK_CONST_METHOD1(getAllStrings, std::map<std::string, std::string>(const EnvKeyAttr::ParamAttr &));
MOCK_CONST_METHOD1(getAllUints, std::map<std::string, uint64_t>(const EnvKeyAttr::ParamAttr &));
MOCK_CONST_METHOD1(getAllBools, std::map<std::string, bool>(const EnvKeyAttr::ParamAttr &));
MOCK_CONST_METHOD1(getAllStrings, std::map<std::string, std::string>(const EnvKeyAttr::ParamAttr &));
MOCK_CONST_METHOD1(getAllUints, std::map<std::string, uint64_t>(const EnvKeyAttr::ParamAttr &));
MOCK_CONST_METHOD1(getAllBools, std::map<std::string, bool>(const EnvKeyAttr::ParamAttr &));
};
#endif // __MOCK_ENVIRONMENT_H__

28
core/include/services_sdk/interfaces/mock/mock_tenant_manager.h
View File

@@ -13,22 +13,26 @@
class MockTenantManager : public Singleton::Provide<I_TenantManager>::From<MockProvider<I_TenantManager>>
{
public:
MOCK_METHOD1(uponNewTenants, void(const I_TenantManager::newTenantCB &cb));
MOCK_CONST_METHOD1(isTenantActive, bool(const std::string &));
MOCK_METHOD1(uponNewTenants, void(const I_TenantManager::newTenantCB &cb));
MOCK_CONST_METHOD0(fetchActiveTenants, std::vector<std::string>());
MOCK_CONST_METHOD1(getInstances, std::vector<std::string>(const std::string &));
MOCK_CONST_METHOD0(fetchActiveTenants, std::vector<std::string>());
MOCK_CONST_METHOD0(fetchAllActiveTenants, std::vector<std::string>());
MOCK_CONST_METHOD1(fetchProfileIds, std::vector<std::string>(const std::string &));
MOCK_CONST_METHOD2(
getInstances,
std::vector<std::string>(const std::string &, const std::string &)
);
MOCK_CONST_METHOD2(areTenantAndProfileActive, bool(const std::string &, const std::string &));
MOCK_METHOD2(addActiveTenantAndProfile, void(const std::string &, const std::string &));
MOCK_METHOD2(deactivateTenant, void(const std::string &, const std::string &));
MOCK_METHOD1(addActiveTenant, void(const std::string &));
MOCK_METHOD1(addActiveTenants, void(const std::vector<std::string> &));
MOCK_METHOD1(deactivateTenant, void(const std::string &));
MOCK_METHOD1(deactivateTenants, void(const std::vector<std::string> &));
MOCK_CONST_METHOD0(getTimeoutVal, std::chrono::microseconds());
MOCK_CONST_METHOD0(getTimeoutVal, std::chrono::microseconds());
private:
MOCK_METHOD2(addInstance, void(const std::string &, const std::string &));
MOCK_METHOD3(
addInstance,
void(const std::string &, const std::string &, const std::string &)
);
};
#endif // __MOCK_TENANT_MANAGER_H__

6
core/include/services_sdk/resources/config.h
View File

@@ -91,7 +91,11 @@ std::string getConfigurationFlagWithDefault(const std::string &default_val, cons
const std::string & getFilesystemPathConfig();
const std::string & getLogFilesPathConfig();
std::string getPolicyConfigPath(const std::string &name, Config::ConfigFileType type, const std::string &tenant = "");
std::string getPolicyConfigPath(
const std::string &name,
Config::ConfigFileType type,
const std::string &tenant = "",
const std::string &profile = "");
void registerExpectedConfigFile(const std::string &config_name, Config::ConfigFileType type);

6
core/include/services_sdk/resources/config/i_config.h
View File

@@ -50,7 +50,11 @@ public:
virtual const string & getFilesystemPathConfig() const = 0;
virtual const string & getLogFilesPathConfig() const = 0;
virtual string getPolicyConfigPath(const string &policy, ConfigFileType type, const string &tenant) const = 0;
virtual string getPolicyConfigPath(
const string &policy,
ConfigFileType type,
const string &tenant,
const string &profile) const = 0;
virtual bool setConfiguration(TypeWrapper &&value, const std::vector<std::string> &paths) = 0;
virtual bool setResource(TypeWrapper &&value, const std::vector<std::string> &paths) = 0;

25
core/include/services_sdk/resources/debug_flags.h
View File

@@ -32,6 +32,7 @@ DEFINE_FLAG(D_INFRA, D_ALL)
DEFINE_FLAG(D_METRICS_ACCESS_CONTROL, D_METRICS)
DEFINE_FLAG(D_MAINLOOP, D_INFRA)
DEFINE_FLAG(D_SIGNAL_HANDLER, D_INFRA)
DEFINE_FLAG(D_TENANT_MANAGER, D_INFRA)
DEFINE_FLAG(D_MONITORING, D_INFRA)
DEFINE_FLAG(D_HEALTH_CHECK_MANAGER, D_INFRA)
DEFINE_FLAG(D_REPORT, D_INFRA)
@@ -82,6 +83,7 @@ DEFINE_FLAG(D_COMPONENT, D_ALL)
DEFINE_FLAG(D_WAAP_PARSER_DELIMITER, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_HDRVALUE, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_JSON, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_GQL, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_MULTIPART_FORM, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_RAW, D_WAAP_PARSER)
DEFINE_FLAG(D_WAAP_PARSER_URLENCODE, D_WAAP_PARSER)
@@ -132,21 +134,27 @@ DEFINE_FLAG(D_COMPONENT, D_ALL)
DEFINE_FLAG(D_ERROR_REPORTER, D_REVERSE_PROXY)
DEFINE_FLAG(D_UPSTREAM_KEEPALIVE, D_REVERSE_PROXY)
DEFINE_FLAG(D_IDA, D_COMPONENT)
DEFINE_FLAG(D_IOT_NEXT, D_COMPONENT)
DEFINE_FLAG(D_IOT_AUXILIARY, D_IOT_NEXT)
DEFINE_FLAG(D_IOT_REPORT_STATUS, D_IOT_AUXILIARY)
DEFINE_FLAG(D_IOT_COLLECT_METADATA, D_IOT_AUXILIARY)
DEFINE_FLAG(D_IOT_ENFORCE, D_IOT_NEXT)
DEFINE_FLAG(D_IOT_ENFORCE_POLICY, D_IOT_ENFORCE)
DEFINE_FLAG(D_IOT_ENFORCE_ASSETS, D_IOT_ENFORCE)
DEFINE_FLAG(D_IOT_DOCTOR, D_IOT_NEXT)
DEFINE_FLAG(D_IOT_DISCOVERY, D_IOT_NEXT)
DEFINE_FLAG(D_UTILS, D_IOT_DISCOVERY)
DEFINE_FLAG(D_IOT_INTEGRATION_STATUS, D_UTILS)
DEFINE_FLAG(D_ASSETS_DATA_COLLECTOR, D_UTILS)
DEFINE_FLAG(D_ASSETS_DATA_REPORTER, D_UTILS)
DEFINE_FLAG(D_ASSETS_DATA_PARSER, D_UTILS)
DEFINE_FLAG(D_IOT_INTEGRATION_SETTINGS, D_UTILS)
DEFINE_FLAG(D_IOT_INTEGRATION_MANAGER, D_UTILS)
DEFINE_FLAG(D_ASSETS_PROBE, D_UTILS)
DEFINE_FLAG(D_IOT_DISCOVERY_UTILS, D_IOT_DISCOVERY)
DEFINE_FLAG(D_IOT_PROBE, D_IOT_DISCOVERY_UTILS)
DEFINE_FLAG(D_IOT_ASSETS_DATA, D_IOT_DISCOVERY_UTILS)
DEFINE_FLAG(D_IOT_INTEGRATIONS, D_IOT_DISCOVERY_UTILS)
DEFINE_FLAG(D_HTTP_EVENT_RECORD, D_COMPONENT)
DEFINE_FLAG(D_GEO_DB, D_COMPONENT)
DEFINE_FLAG(D_CPVIEW_METRIC_PROVIDER, D_COMPONENT)
DEFINE_FLAG(D_GEO_FILTER, D_COMPONENT)
DEFINE_FLAG(D_URL_FILTERING, D_COMPONENT)
DEFINE_FLAG(D_IOT_ACCESS_CONTROL, D_COMPONENT)
DEFINE_FLAG(D_FLOW, D_ALL)
DEFINE_FLAG(D_DROP, D_FLOW)
@@ -154,6 +162,7 @@ DEFINE_FLAG(D_FLOW, D_ALL)
DEFINE_FLAG(D_ATTACHMENT_REGISTRATION, D_ATTACHMENT)
DEFINE_FLAG(D_NGINX_ATTACHMENT, D_ATTACHMENT)
DEFINE_FLAG(D_NGINX_ATTACHMENT_PARSER, D_NGINX_ATTACHMENT)
DEFINE_FLAG(D_SQUID_ATTACHMENT, D_ATTACHMENT)
DEFINE_FLAG(D_WLP_ATTACHMENT, D_ATTACHMENT)
#endif // DEFINE_FLAG

9
core/include/services_sdk/resources/log_generator.h
View File

@@ -80,11 +80,7 @@ public:
_severity,
_priority,
std::chrono::seconds(0),
LogField(
"agentId",
(Report::isPlaygroundEnv() ? "playground-" : "") +
Singleton::Consume<I_AgentDetails>::by<LogGen>()->getAgentId()
),
LogField("agentId", Singleton::Consume<I_AgentDetails>::by<LogGen>()->getAgentId()),
std::forward<Args>(args)...
)
{
@@ -104,11 +100,14 @@ public:
ReportIS::AudienceTeam getAudienceTeam() const;
std::string getLogInsteadOfSending();
private:
std::chrono::microseconds getCurrentTime() const;
void loadBaseLogFields();
Report log;
bool send_log = true;
};
#endif // __LOG_GENERATOR_H__

24
core/include/services_sdk/resources/report/report.h
View File

@@ -16,10 +16,6 @@
#include <set>
#include <chrono>
#include <stdlib.h>
#include <algorithm>
#include <cctype>
#include <iostream>
#include "report/base_field.h"
#include "report/report_enums.h"
@@ -75,26 +71,6 @@ public:
setInstanceAwareness();
}
static bool
isPlaygroundEnv()
{
std::string playground_variable = "PLAYGROUND";
const char *env_string = getenv(playground_variable.c_str());
if (env_string) {
std::string env_value = env_string;
std::transform(
env_value.begin(),
env_value.end(),
env_value.begin(),
[](unsigned char c){ return std::tolower(c); }
);
return env_value == "true";
}
return false;
}
void serialize(cereal::JSONOutputArchive &ar) const;
std::string getSyslog() const;
std::string getCef() const;

6
core/include/services_sdk/resources/report/report_enums.h
View File

@@ -54,6 +54,7 @@ enum class Tags {
REVERSE_PROXY,
HTTP_GEO_FILTER,
FILE_UPLOAD,
IDENTITY_AWARENESS,
COUNT
};
@@ -66,6 +67,7 @@ enum class AudienceTeam
AGENT_INTELLIGENCE,
CPVIEW_MONITORING,
SIGNATURE_DEVELOPERS,
IDENTITY_AWARENESS,
NONE,
COUNT
@@ -125,7 +127,6 @@ enum class Notification {
POLICY_UPDATE,
FIRST_REQUEST_FOR_ASSET,
UPSTREAM_STATUS,
IOT_POLICY_UPDATE,
SYNC_LEARNING,
SDWAN_POLICY_UPDATE,
SDWAN_POLICY_UPDATE_ERROR,
@@ -136,7 +137,8 @@ enum class Notification {
enum class IssuingEngine {
AGENT_CORE,
IOT_NEXT,
SDWAN
SDWAN,
IDA_NEXT
};
} // namespace ReportIS