public Updater(String path, Consumer<Http1FilterConfig> setter) { this.path = path; this.setter = setter; config = new Http1DeterministicRuleEngineConfig(); unmarshaller = new ThriftUnmarshaller(); }
@Override public void process( UpdateType updateType, Http1DeterministicRuleEngineConfig.Rule http1Rule, RuleType ruleType) { if (updateType == UpdateType.Add) { if (ruleType == RuleType.blacklist) { rules.mutateHttp1Rules().blacklistRule(http1Rule); } else if (ruleType == RuleType.whitelist) { rules.mutateHttp1Rules().whitelistRule(http1Rule); } } else if (updateType == UpdateType.Remove) { rules.mutateHttp1Rules().remove(http1Rule); } } }
public void populateHttp1Rules(Map<Http1DeterministicRuleEngineConfig.Rule, RuleType> rules) { for (Http1DeterministicRuleEngineConfig.Rule rule : http1Rules.get().getBlacklistRules()) { rules.put(rule, RuleType.blacklist); } for (Http1DeterministicRuleEngineConfig.Rule rule : http1Rules.get().getWhitelistRules()) { rules.put(rule, RuleType.whitelist); } }
public void update(byte[] data) { config.clear(); unmarshaller.unmarshall(config, data); setter.accept(new Http1FilterConfig(config.getBlacklistRules())); } }
@Test public void testUpdater() throws UnknownHostException { ThriftMarshaller marshaller = new ThriftMarshaller(); Http1DeterministicRuleEngineConfig rules = new Http1DeterministicRuleEngineConfig(); HashMultimap<String, String> headers = HashMultimap.create(); headers.put("User-Agent", "Bad-actor: 1.0"); Http1DeterministicRuleEngineConfig.Rule bad = new Http1DeterministicRuleEngineConfig.Rule( HttpMethod.GET, "/path/to/failure", HttpVersion.HTTP_1_0, headers); rules.blacklistRule(bad); Http1FilterConfig.Updater updater = new Http1FilterConfig.Updater("path", this::setHttp1FilterConfig); updater.update(marshaller.marshall(rules)); Http1FilterConfig expected = new Http1FilterConfig(rules.getBlacklistRules()); assertEquals(expected, config); }
@Test public void testWriteHttp1DeterministicRuleEngineConfig() throws Exception { try (TestingServer server = new TestingServer()) { server.start(); Http1DeterministicRuleEngineConfig config = new Http1DeterministicRuleEngineConfig(); HashMultimap<String, String> headers = HashMultimap.create(); headers.put("User-Agent", "Bad-actor: 1.0"); Http1DeterministicRuleEngineConfig.Rule bad = new Http1DeterministicRuleEngineConfig.Rule( HttpMethod.GET, "/path/to/failure", HttpVersion.HTTP_1_0, headers); Http1DeterministicRuleEngineConfig.Rule good = new Http1DeterministicRuleEngineConfig.Rule(null, null, null, null); config.blacklistRule(bad); config.whitelistRule(good); ThriftMarshaller marshaller = new ThriftMarshaller(); RetryPolicy retryPolicy = new RetryOneTime(1); try (CuratorFramework client = CuratorFrameworkFactory.newClient(server.getConnectString(), retryPolicy)) { client.start(); String path = "/some/path/to/nodes/http1Rules"; ZooKeeperWriteProvider provider = new ZooKeeperWriteProvider(marshaller, client); provider.write(path, config); byte[] data = client.getData().forPath(path); ThriftUnmarshaller unmarshaller = new ThriftUnmarshaller(); Http1DeterministicRuleEngineConfig read = new Http1DeterministicRuleEngineConfig(); unmarshaller.unmarshall(read, data); assertEquals(config, read); } } }
public void unmarshall(Http1DeterministicRuleEngineConfig config, byte[] data) { Http1Ruleset message = new Http1Ruleset(); deserialize(message, data); for (Http1Rule rule : message.getBlacklistRules()) { config.blacklistRule(build(rule)); } for (Http1Rule rule : message.getWhitelistRules()) { config.whitelistRule(build(rule)); } }
public void blacklistIp(String application, Http1DeterministicRuleEngineConfig config) { blacklistConfigs.put(application, config); if (whitelistConfigs.containsKey(application) && whitelistConfigs.get(application).equals(config)) { whitelistConfigs.remove(application); } }
public long write(WriteProvider writer) { long recordsWritten = 0; if (ipRules.marked()) { writer.write(ipFilterPath, ipRules.get()); recordsWritten += ipRules.get().size(); ipRules.clearMark(); } if (http1Rules.marked()) { writer.write(http1FilterPath, http1Rules.get()); recordsWritten += http1Rules.get().size(); http1Rules.clearMark(); } return recordsWritten; }
public void whitelistIp(String application, Http1DeterministicRuleEngineConfig config) { whitelistConfigs.put(application, config); if (blacklistConfigs.containsKey(application) && blacklistConfigs.get(application).equals(config)) { blacklistConfigs.remove(application); } } }
public byte[] marshall(Http1DeterministicRuleEngineConfig config) { Http1Ruleset message = new Http1Ruleset(); message.setBlacklistRules(new HashSet<Http1Rule>()); for (Http1DeterministicRuleEngineConfig.Rule rule : config.getBlacklistRules()) { message.addToBlacklistRules(build(rule)); } message.setWhitelistRules(new HashSet<Http1Rule>()); for (Http1DeterministicRuleEngineConfig.Rule rule : config.getWhitelistRules()) { message.addToWhitelistRules(build(rule)); } return serialize(message); }
public boolean equals(Ruleset other) { return other.ipRules.get().equals(ipRules.get()) && other.http1Rules.get().equals(http1Rules.get()); } }