11# frozen_string_literal: true
22
33require_relative '../../instrumentation/gateway'
4- require_relative '../../reactive/engine'
5- require_relative '../reactive/set_user'
64
75module Datadog
86 module AppSec
@@ -19,31 +17,27 @@ def watch
1917
2018 def watch_user_id ( gateway = Instrumentation . gateway )
2119 gateway . watch ( 'identity.set_user' , :appsec ) do |stack , user |
22- event = nil
2320 context = Datadog ::AppSec . active_context
24- engine = AppSec ::Reactive ::Engine . new
25-
26- Monitor ::Reactive ::SetUser . subscribe ( engine , context ) do |result |
27- if result . match?
28- # TODO: should this hash be an Event instance instead?
29- event = {
30- waf_result : result ,
31- trace : context . trace ,
32- span : context . span ,
33- user : user ,
34- actions : result . actions
35- }
36-
37- # We want to keep the trace in case of security event
38- context . trace . keep! if context . trace
39- Datadog ::AppSec ::Event . tag_and_keep! ( context , result )
40- context . events << event
41-
42- Datadog ::AppSec ::ActionsHandler . handle ( result . actions )
43- end
44- end
4521
46- Monitor ::Reactive ::SetUser . publish ( engine , user )
22+ persistent_data = {
23+ 'usr.id' => user . id
24+ }
25+
26+ result = context . run_waf ( persistent_data , { } , Datadog . configuration . appsec . waf_timeout )
27+
28+ if result . match?
29+ Datadog ::AppSec ::Event . tag_and_keep! ( context , result )
30+
31+ context . events << {
32+ waf_result : result ,
33+ trace : context . trace ,
34+ span : context . span ,
35+ user : user ,
36+ actions : result . actions
37+ }
38+
39+ Datadog ::AppSec ::ActionsHandler . handle ( result . actions )
40+ end
4741
4842 stack . call ( user )
4943 end
0 commit comments