-
Notifications
You must be signed in to change notification settings - Fork 417
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
chore: move some functions to a new appsec/_capabilities.py file to a…
…void cyclic imports (#6700) Fixes a potencial cyclic import when importing `appsec.utils._appsec_rc_capabilities`. ## Checklist - [X] Change(s) are motivated and described in the PR description. - [X] Testing strategy is described if automated tests are not included in the PR. - [X] Risk is outlined (performance impact, potential for breakage, maintainability, etc). - [X] Change is maintainable (easy to change, telemetry, documentation). - [X] [Library release note guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html) are followed. If no release note is required, add label `changelog/no-changelog`. - [X] Documentation is included (in-code, generated user docs, [public corp docs](https://github.com/DataDog/documentation/)). - [X] Backport labels are set (if [applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)) ## Reviewer Checklist - [ ] Title is accurate. - [ ] No unnecessary changes are introduced. - [ ] Description motivates each change. - [ ] Avoids breaking [API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces) changes unless absolutely necessary. - [ ] Testing strategy adequately addresses listed risk(s). - [ ] Change is maintainable (easy to change, telemetry, documentation). - [ ] Release note makes sense to a user of the library. - [ ] Reviewer has explicitly acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment. - [ ] Backport labels are set in a manner that is consistent with the [release branch maintenance policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting) --------- Signed-off-by: Juanjo Alvarez <[email protected]>
- Loading branch information
Showing
6 changed files
with
71 additions
and
67 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| import base64 | ||
| import os | ||
| import sys | ||
| from typing import Optional | ||
|
|
||
| from ddtrace import Tracer | ||
| from ddtrace.appsec.utils import _appsec_rc_features_is_enabled | ||
| from ddtrace.internal.compat import to_bytes_py2 | ||
| from ddtrace.internal.utils.formats import asbool | ||
|
|
||
|
|
||
| def _appsec_rc_file_is_not_static(): | ||
| return "DD_APPSEC_RULES" not in os.environ | ||
|
|
||
|
|
||
| def _appsec_rc_capabilities(test_tracer=None): | ||
| # type: (Optional[Tracer]) -> str | ||
| r"""return the bit representation of the composed capabilities in base64 | ||
| bit 0: Reserved | ||
| bit 1: ASM 1-click Activation | ||
| bit 2: ASM Ip blocking | ||
| Int Number -> binary number -> bytes representation -> base64 representation | ||
| ASM Activation: | ||
| 2 -> 10 -> b'\x02' -> "Ag==" | ||
| ASM Ip blocking: | ||
| 4 -> 100 -> b'\x04' -> "BA==" | ||
| ASM Activation and ASM Ip blocking: | ||
| 6 -> 110 -> b'\x06' -> "Bg==" | ||
| ... | ||
| 256 -> 100000000 -> b'\x01\x00' -> b'AQA=' | ||
| """ | ||
| if test_tracer is None: | ||
| from ddtrace import tracer | ||
| else: | ||
| tracer = test_tracer | ||
|
|
||
| value = 0b0 | ||
| result = "" | ||
| if asbool(os.environ.get("DD_REMOTE_CONFIGURATION_ENABLED", "true")): | ||
| if _appsec_rc_features_is_enabled(): | ||
| value |= 1 << 1 # Enable ASM_ACTIVATION | ||
| if tracer._appsec_processor and _appsec_rc_file_is_not_static(): | ||
| value |= 1 << 2 # Enable ASM_IP_BLOCKING | ||
| value |= 1 << 3 # Enable ASM_DD_RULES | ||
| value |= 1 << 4 # Enable ASM_EXCLUSIONS | ||
| value |= 1 << 5 # Enable ASM_REQUEST_BLOCKING | ||
| value |= 1 << 6 # Enable ASM_ASM_RESPONSE_BLOCKING | ||
| value |= 1 << 7 # Enable ASM_USER_BLOCKING | ||
| value |= 1 << 8 # Enable ASM_CUSTOM_RULES | ||
| value |= 1 << 9 # Enable ASM_CUSTOM_BLOCKING_RESPONSE | ||
|
|
||
| if sys.version_info.major < 3: | ||
| bytes_res = to_bytes_py2(value, (value.bit_length() + 7) // 8, "big") | ||
| # "type: ignore" because mypy does not notice this is for Python2 b64encode | ||
| result = str(base64.b64encode(bytes_res)) # type: ignore | ||
| else: | ||
| result = str(base64.b64encode(value.to_bytes((value.bit_length() + 7) // 8, "big")), encoding="utf-8") | ||
|
|
||
| return result |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters