84 lines
2.7 KiB
Ruby
84 lines
2.7 KiB
Ruby
# frozen_string_literal: true
|
|
|
|
module Api
|
|
class RulesController < ApplicationController
|
|
# NOTE: This controller is now SECONDARY/UNUSED for primary agent synchronization
|
|
# Agents get rule updates via event responses (see Api::EventsController)
|
|
# These endpoints are kept for administrative/debugging purposes only
|
|
|
|
skip_before_action :verify_authenticity_token
|
|
allow_unauthenticated_access # Skip normal session auth, use DSN auth instead
|
|
before_action :authenticate_dsn!
|
|
before_action :check_dsn_enabled
|
|
|
|
# GET /api/rules/version
|
|
# Quick version check - returns latest updated_at timestamp
|
|
def version
|
|
current_sampling = HubLoad.current_sampling
|
|
response.headers['X-Sample-Rate'] = current_sampling[:allowed_requests].to_s
|
|
|
|
render json: {
|
|
version: Rule.latest_version,
|
|
count: Rule.active.count,
|
|
sampling: current_sampling
|
|
}
|
|
end
|
|
|
|
# GET /api/rules?since=1730646186
|
|
# Incremental sync - returns rules updated since timestamp (Unix timestamp in seconds)
|
|
# GET /api/rules
|
|
# Full sync - returns all active rules
|
|
def index
|
|
rules = if params[:since].present?
|
|
# Incremental sync
|
|
since_time = parse_timestamp(params[:since])
|
|
Rule.since(since_time)
|
|
else
|
|
# Full sync - only return enabled rules
|
|
Rule.active.sync_order
|
|
end
|
|
|
|
current_sampling = HubLoad.current_sampling
|
|
response.headers['X-Sample-Rate'] = current_sampling[:allowed_requests].to_s
|
|
|
|
render json: {
|
|
version: Rule.latest_version,
|
|
sampling: current_sampling,
|
|
rules: rules.map(&:to_agent_format)
|
|
}
|
|
rescue ArgumentError => e
|
|
render json: { error: "Invalid timestamp format: #{e.message}" }, status: :bad_request
|
|
end
|
|
|
|
private
|
|
|
|
def authenticate_dsn!
|
|
@dsn = DsnAuthenticationService.authenticate(request)
|
|
|
|
unless @dsn
|
|
render json: { error: "Invalid DSN key" }, status: :unauthorized
|
|
return
|
|
end
|
|
rescue DsnAuthenticationService::AuthenticationError => e
|
|
render json: { error: e.message }, status: :unauthorized
|
|
end
|
|
|
|
def check_dsn_enabled
|
|
unless @dsn.enabled?
|
|
render json: { error: "DSN is disabled" }, status: :forbidden
|
|
end
|
|
end
|
|
|
|
def parse_timestamp(timestamp_str)
|
|
# Parse Unix timestamp in seconds
|
|
unless timestamp_str.match?(/^\d+$/)
|
|
raise ArgumentError, "Invalid timestamp format. Expected Unix timestamp in seconds (e.g., 1730646186)"
|
|
end
|
|
|
|
Time.at(timestamp_str.to_i)
|
|
rescue ArgumentError => e
|
|
raise ArgumentError, "Invalid timestamp format: #{e.message}. Use Unix timestamp in seconds (e.g., 1730646186)"
|
|
end
|
|
end
|
|
end
|