Skip to content

Commit

Permalink
Merge pull request cloudflare#1497 from MattDavis00/mattdavis/DLP-1479
Browse files Browse the repository at this point in the history
DLP-1479: added support for Context Awareness in DLP profiles
  • Loading branch information
jacobbednarz authored Feb 28, 2024
2 parents 056b65c + 31db1d5 commit 21ff8e1
Show file tree
Hide file tree
Showing 3 changed files with 79 additions and 15 deletions.
3 changes: 3 additions & 0 deletions .changelog/1497.txt
Original file line number Diff line number Diff line change
@@ -0,0 +1,3 @@
```release-note:enhancement
dlp: add support for Context Awareness in DLP profiles
```
25 changes: 19 additions & 6 deletions dlp_profile.go
Original file line number Diff line number Diff line change
Expand Up @@ -35,17 +35,30 @@ type DLPEntry struct {
UpdatedAt *time.Time `json:"updated_at,omitempty"`
}

// Content types to exclude from context analysis and return all matches.
type DLPContextAwarenessSkip struct {
// Return all matches, regardless of context analysis result, if the data is a file.
Files *bool `json:"files,omitempty"`
}

// Scan the context of predefined entries to only return matches surrounded by keywords.
type DLPContextAwareness struct {
Enabled *bool `json:"enabled,omitempty"`
Skip DLPContextAwarenessSkip `json:"skip"`
}

// DLPProfile represents a DLP Profile, which contains a set
// of entries.
type DLPProfile struct {
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
Description string `json:"description,omitempty"`
AllowedMatchCount int `json:"allowed_match_count"`
ID string `json:"id,omitempty"`
Name string `json:"name,omitempty"`
Type string `json:"type,omitempty"`
Description string `json:"description,omitempty"`
AllowedMatchCount int `json:"allowed_match_count"`
ContextAwareness DLPContextAwareness `json:"context_awareness,omitempty"`

// The following fields are omitted for predefined DLP
// profiles
// profiles.
Entries []DLPEntry `json:"entries,omitempty"`
CreatedAt *time.Time `json:"created_at,omitempty"`
UpdatedAt *time.Time `json:"updated_at,omitempty"`
Expand Down
66 changes: 57 additions & 9 deletions dlp_profile_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -45,7 +45,13 @@ func TestDLPProfiles(t *testing.T) {
}
],
"type": "predefined",
"allowed_match_count": 0
"allowed_match_count": 0,
"context_awareness": {
"enabled": true,
"skip": {
"files": true
}
}
},
{
"id": "29678c26-a191-428d-9f63-6e20a4a636a4",
Expand All @@ -69,7 +75,13 @@ func TestDLPProfiles(t *testing.T) {
"updated_at": "2022-10-18T08:00:57Z",
"type": "custom",
"description": "just a custom profile example",
"allowed_match_count": 1
"allowed_match_count": 1,
"context_awareness": {
"enabled": false,
"skip": {
"files": false
}
}
}
]
}
Expand All @@ -86,6 +98,12 @@ func TestDLPProfiles(t *testing.T) {
Type: "predefined",
Description: "",
AllowedMatchCount: 0,
ContextAwareness: DLPContextAwareness{
Enabled: BoolPtr(true),
Skip: DLPContextAwarenessSkip{
Files: BoolPtr(true),
},
},
Entries: []DLPEntry{
{
ID: "111b9d4b-a5c6-40f0-957d-9d53b25dd84a",
Expand All @@ -108,6 +126,12 @@ func TestDLPProfiles(t *testing.T) {
Type: "custom",
Description: "just a custom profile example",
AllowedMatchCount: 1,
ContextAwareness: DLPContextAwareness{
Enabled: BoolPtr(false),
Skip: DLPContextAwarenessSkip{
Files: BoolPtr(false),
},
},
Entries: []DLPEntry{
{
ID: "ef79b054-12d4-4067-bb30-b85f6267b91c",
Expand Down Expand Up @@ -167,7 +191,13 @@ func TestGetDLPProfile(t *testing.T) {
"updated_at": "2022-10-18T08:00:57Z",
"type": "custom",
"description": "just a custom profile example",
"allowed_match_count": 42
"allowed_match_count": 42,
"context_awareness": {
"enabled": false,
"skip": {
"files": false
}
}
}
}`)
}
Expand All @@ -181,6 +211,12 @@ func TestGetDLPProfile(t *testing.T) {
Type: "custom",
Description: "just a custom profile example",
AllowedMatchCount: 42,
ContextAwareness: DLPContextAwareness{
Enabled: BoolPtr(false),
Skip: DLPContextAwarenessSkip{
Files: BoolPtr(false),
},
},
Entries: []DLPEntry{
{
ID: "ef79b054-12d4-4067-bb30-b85f6267b91c",
Expand Down Expand Up @@ -533,16 +569,29 @@ func TestUpdateDLPPredefinedProfile(t *testing.T) {
],
"type": "predefined",
"description": "example predefined profile",
"allowed_match_count": 0
"allowed_match_count": 0,
"context_awareness": {
"enabled": true,
"skip": {
"files": true
}
}
}
}`)
}

want := DLPProfile{
ID: "29678c26-a191-428d-9f63-6e20a4a636a4",
Name: "Example predefined profile",
Type: "predefined",
Description: "example predefined profile",
ID: "29678c26-a191-428d-9f63-6e20a4a636a4",
Name: "Example predefined profile",
Type: "predefined",
Description: "example predefined profile",
AllowedMatchCount: 0,
ContextAwareness: DLPContextAwareness{
Enabled: BoolPtr(true),
Skip: DLPContextAwarenessSkip{
Files: BoolPtr(true),
},
},
Entries: []DLPEntry{
{
ID: "ef79b054-12d4-4067-bb30-b85f6267b91c",
Expand All @@ -552,7 +601,6 @@ func TestUpdateDLPPredefinedProfile(t *testing.T) {
Enabled: BoolPtr(true),
},
},
AllowedMatchCount: 0,
}

mux.HandleFunc("/accounts/"+testAccountID+"/dlp/profiles/predefined/29678c26-a191-428d-9f63-6e20a4a636a4", handler)
Expand Down

0 comments on commit 21ff8e1

Please sign in to comment.