forked from owasp-modsecurity/ModSecurity
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathaction.h
134 lines (111 loc) · 3.4 KB
/
action.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
/*
* ModSecurity, http://www.modsecurity.org/
* Copyright (c) 2015 - 2021 Trustwave Holdings, Inc. (http://www.trustwave.com/)
*
* You may not use this file except in compliance with
* the License. You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* If any of the files related to licensing are missing or if you have any
* other questions related to licensing please contact Trustwave Holdings, Inc.
* directly using the email address [email protected].
*
*/
#ifndef HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#define HEADERS_MODSECURITY_ACTIONS_ACTION_H_
#ifdef __cplusplus
#include <string>
#include <memory>
namespace modsecurity {
class Transaction;
class RuleWithOperator;
class RuleWithActions;
class RuleMessage;
namespace actions {
class Action {
public:
/**
*
* Define the action kind regarding to the execution time.
*
*
*/
enum class Kind {
/**
*
* Action that are executed while loading the configuration. For instance
* the rule ID or the rule phase.
*
*/
ConfigurationKind,
/**
*
* Those are actions that demands to be executed before call the operator.
* For instance the tranformations.
*
*
*/
RunTimeBeforeMatchAttemptKind,
/**
*
* Actions that are executed after the execution of the operator, only if
* the operator returned Match (or True). For instance the disruptive
* actions.
*
*/
RunTimeOnlyIfMatchKind,
};
explicit Action(const std::string& _action)
: m_isNone(false),
temporaryAction(false),
action_kind(Kind::RunTimeOnlyIfMatchKind),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
explicit Action(const std::string& _action, Kind kind)
: m_isNone(false),
temporaryAction(false),
action_kind(kind),
m_name(nullptr),
m_parser_payload("") {
set_name_and_payload(_action);
}
Action(const Action &a) = delete;
Action &operator=(const Action& a) = delete;
virtual ~Action() { }
virtual bool evaluate(RuleWithActions *rule, Transaction *transaction);
virtual bool evaluate(RuleWithActions *rule, Transaction *transaction,
std::shared_ptr<RuleMessage> ruleMessage) {
return evaluate(rule, transaction);
}
virtual bool init(std::string *error) { return true; }
virtual bool isDisruptive() { return false; }
void set_name_and_payload(const std::string& data) {
size_t pos = data.find(":");
const char t[] = "t:";
if (data.compare(0, std::size(t) - 1, t) == 0) {
pos = data.find(":", 2);
}
if (pos == std::string::npos) {
m_name = std::make_shared<std::string>(data);
return;
}
m_name = std::make_shared<std::string>(data, 0, pos);
m_parser_payload = std::string(data, pos + 1, data.length());
if (m_parser_payload.at(0) == '\'' && m_parser_payload.size() > 2) {
m_parser_payload.erase(0, 1);
m_parser_payload.pop_back();
}
}
bool m_isNone;
bool temporaryAction;
Kind action_kind;
std::shared_ptr<std::string> m_name;
std::string m_parser_payload;
};
} // namespace actions
} // namespace modsecurity
#endif
#endif // HEADERS_MODSECURITY_ACTIONS_ACTION_H_