class NewRelic::Agent::Configuration::SecurityPolicySource
The Language Security Policy Source gives customers the ability to configure high security mode settings.
Constants
- COLON_COLON
- ENABLED
- SECURITY_SETTINGS_MAP
-
The keys of the security settings map are the names of security policies received from the server. They map to multiple configuration options in the local config. There is a hash of metadata that corresponds to each configuration option with the following keys:
option: the configuration option name supported: true if the agent has one or more corresponding
configuration options
enabled_fn: a callable that takes the configuration option and returns
true if the option is enabled, false otherwise
disabled_value: the value of the configuration option when it is
disabled
permitted_fn: a callable, that will be executed if an option is
permitted by the security policy and is also enabled by the config
Public Class Methods
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 28 def change_setting(policies, option, new_value) current_value = Agent.config[option] unless current_value == new_value NewRelic::Agent.logger.info( \ "Setting changed: {#{option}: from #{current_value} " \ "to #{new_value}}. Source: SecurityPolicySource" ) end policies[option] = new_value end
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 14 def enabled?(option) Agent.config[option] end
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 208 def initialize(security_policies) super(build_overrides(security_policies)) end
Calls superclass method
NewRelic::Agent::Configuration::DottedHash::new
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 24 def not_empty?(option) !Agent.config[option].empty? end
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 18 def record_sql_enabled?(option) Agent.config[option] == 'obfuscated' || Agent.config[option] == 'raw' || false end
Public Instance Methods
Source
# File lib/new_relic/agent/configuration/security_policy_source.rb, line 215 def build_overrides(security_policies) security_policies.inject({}) do |settings, (policy_name, policy_settings)| SECURITY_SETTINGS_MAP[policy_name].each do |policy| next unless policy[:supported] if policy_settings[ENABLED] if policy[:enabled_fn].call(policy[:option]) if permitted_fn = policy[:permitted_fn] permitted_fn.call(settings) end else config_source = Agent.config.source(policy[:option]).class.name.split(COLON_COLON).last NewRelic::Agent.logger.info( \ "Setting applied: {#{policy[:option]}: #{policy[:disabled_value]}}. " \ "Source: #{config_source}" ) end else settings[policy[:option]] = policy[:disabled_value] NewRelic::Agent.logger.info( \ "Setting applied: {#{policy[:option]}: #{policy[:disabled_value]}}. " \ 'Source: SecurityPolicySource' ) end end settings end end