Class: Datadog::AppSec::Component

Inherits:

Object

• Object
• Datadog::AppSec::Component

Defined in:

lib/datadog/appsec/component.rb

Overview

Core-pluggable component for AppSec

Instance Attribute Summary

• #security_engine ⇒ Object readonly

  Returns the value of attribute security_engine.

• #telemetry ⇒ Object readonly

  Returns the value of attribute telemetry.

Class Method Summary

• .build_appsec_component(settings, telemetry:) ⇒ Object

Instance Method Summary

• #initialize(security_engine:, telemetry:) ⇒ Component constructor

  A new instance of Component.

• #reconfigure! ⇒ Object
• #shutdown! ⇒ Object

Constructor Details

#initialize(security_engine:, telemetry:) ⇒ Component

Returns a new instance of Component.

# File 'lib/datadog/appsec/component.rb', line 75

def initialize(security_engine:, telemetry:)
  @security_engine = security_engine
  @telemetry = telemetry
end

Instance Attribute Details

#security_engine ⇒ Object (readonly)

Returns the value of attribute security_engine.

# File 'lib/datadog/appsec/component.rb', line 73

def security_engine
  @security_engine
end

#telemetry ⇒ Object (readonly)

Returns the value of attribute telemetry.

# File 'lib/datadog/appsec/component.rb', line 73

def telemetry
  @telemetry
end

Class Method Details

.build_appsec_component(settings, telemetry:) ⇒ Object

# File 'lib/datadog/appsec/component.rb', line 14

def build_appsec_component(settings, telemetry:)
  return if !settings.respond_to?(:appsec) || !settings.appsec.enabled

  ffi_version = Gem.loaded_specs['ffi']&.version
  unless ffi_version
    Datadog.logger.warn('FFI gem is not loaded, AppSec will be disabled.')
    telemetry.error('AppSec: Component not loaded, due to missing FFI gem')

    return
  end

  if Gem::Version.new(RUBY_VERSION) >= Gem::Version.new('3.3') && ffi_version < Gem::Version.new('1.16.0')
    Datadog.logger.warn(
      'AppSec is not supported in Ruby versions above 3.3.0 when using `ffi` versions older than 1.16.0, ' \
      'and will be forcibly disabled due to a memory leak in `ffi`. ' \
      'Please upgrade your `ffi` version to 1.16.0 or higher.'
    )
    telemetry.error('AppSec: Component not loaded, ffi version is leaky with ruby > 3.3.0')

    return
  end

  require_libddwaf(telemetry: telemetry)
  Datadog::AppSec::WAF.logger = Datadog.logger if Datadog.logger.debug? && settings.appsec.waf_debug

  # We want to always instrument user events when AppSec is enabled.
  # There could be cases in which users use the DD_APPSEC_ENABLED Env variable to
  # enable AppSec, in that case, Devise is already instrumented.
  # In the case that users do not use DD_APPSEC_ENABLED, we have to instrument it,
  # hence the lines above.
  devise_integration = Datadog::AppSec::Contrib::Devise::Integration.new
  settings.appsec.instrument(:devise) unless devise_integration.patcher.patched?

  security_engine = SecurityEngine::Engine.new(appsec_settings: settings.appsec, telemetry: telemetry)
  new(security_engine: security_engine, telemetry: telemetry)
rescue
  Datadog.logger.warn('AppSec is disabled, see logged errors above')

  nil
end

Instance Method Details

#reconfigure! ⇒ Object

# File 'lib/datadog/appsec/component.rb', line 80

def reconfigure!
  security_engine.reconfigure!
end

#shutdown! ⇒ Object

# File 'lib/datadog/appsec/component.rb', line 84

def shutdown!
  # no-op
end