Adds full support to UpdateActionById.

Issue #1800

Author: Felipe Zimmerle

Diff for: CHANGES

@@ -1,6 +1,8 @@
 v3.0.3 - YYYY-MMM-DD (to be released)
 -------------------------------------
 
+ - Adds support to UpdateActionById.
+   [Issue #1800 - @zimmerle, @victorhora, @NisariAIT]
  - Add correct C function prototypes for msc_init and msc_create_rule_set
    [Issue #1922 - @steven-j-wojcik]
  - Allow LuaJIT 2.1 to be used

Diff for: Makefile.am

@@ -183,6 +183,7 @@ TESTS+=test/test-cases/regression/variable-RESPONSE_BODY.json
 TESTS+=test/test-cases/regression/config-calling_phases_by_name.json
 TESTS+=test/test-cases/regression/variable-FILES_COMBINED_SIZE.json
 TESTS+=test/test-cases/regression/variable-FULL_REQUEST_LENGTH.json
+TESTS+=test/test-cases/regression/config-update-action-by-id.json
 TESTS+=test/test-cases/regression/config-update-target-by-id.json
 TESTS+=test/test-cases/regression/variable-REQUEST_HEADERS.json
 TESTS+=test/test-cases/regression/misc.json

Diff for: headers/modsecurity/rule.h

@@ -124,36 +124,29 @@ class Rule {
         std::shared_ptr<std::string> transStr,
         int nth);
 
-    std::vector<actions::Action *> m_actionsRuntimePos;
-    std::vector<actions::Action *> m_actionsRuntimePre;
+    actions::Action *m_theDisruptiveAction;
+    actions::LogData *m_logData;
+    actions::Msg *m_msg;
+    actions::Severity *m_severity;
     bool m_chained;
-    Rule *m_chainedRule;
-    std::string m_fileName;
-    int m_lineNumber;
-    std::string m_marker;
-    operators::Operator *m_op;
+    bool m_containsCaptureAction;
+    bool m_containsMultiMatchAction;
+    bool m_containsStaticBlockAction;
     bool m_secMarker;
-    modsecurity::Variables::Variables *m_variables;
-
-
     int64_t m_ruleId;
-    std::string m_rev;
-    // msg ?
-    std::string m_ver;
-    //std::string m_logData;
-
-    //if (child->severity != NOT_SET) merged->severity = child->severity;
     int m_accuracy;
+    int m_lineNumber;
     int m_maturity;
     int m_phase;
-
-    bool m_containsStaticDisruptiveAction;
-    bool m_containsCaptureAction;
-    bool m_containsMultiMatchAction;
-    bool m_containsStaticBlockAction;
-    actions::Severity *m_severity;
-    actions::LogData *m_logData;
-    actions::Msg *m_msg;
+    modsecurity::Variables::Variables *m_variables;
+    operators::Operator *m_op;
+    Rule *m_chainedRule;
+    std::string m_fileName;
+    std::string m_marker;
+    std::string m_rev;
+    std::string m_ver;
+    std::vector<actions::Action *> m_actionsRuntimePos;
+    std::vector<actions::Action *> m_actionsRuntimePre;
     std::vector<actions::SetVar *> m_actionsSetVar;
     std::vector<actions::Tag *> m_actionsTag;
  private:

Diff for: src/Makefile.am

@@ -106,6 +106,7 @@ ACTIONS = \
 	actions/accuracy.cc \
 	actions/action.cc \
 	actions/audit_log.cc \
+	actions/block.cc \
 	actions/capture.cc \
 	actions/chain.cc \
 	actions/ctl/audit_log_parts.cc \
@@ -119,7 +120,6 @@ ACTIONS = \
 	actions/ctl/rule_remove_by_tag.cc \
 	actions/ctl/request_body_access.cc\
 	actions/disruptive/allow.cc \
-	actions/disruptive/block.cc \
 	actions/disruptive/deny.cc \
 	actions/disruptive/redirect.cc \
 	actions/disruptive/pass.cc \

Diff for: src/actions/action.cc

@@ -22,7 +22,7 @@
 #include "modsecurity/rule.h"
 #include "src/utils/string.h"
 
-#include "src/actions/disruptive/block.h"
+#include "src/actions/block.h"
 #include "src/actions/chain.h"
 #include "src/actions/disruptive/deny.h"
 #include "src/actions/disruptive/redirect.h"

Diff for: src/actions/disruptive/block.cc renamed to src/actions/block.cc

@@ -13,7 +13,7 @@
  *
  */
 
-#include "src/actions/disruptive/block.h"
+#include "src/actions/block.h"
 
 #include <iostream>
 #include <string>
@@ -27,7 +27,6 @@
 
 namespace modsecurity {
 namespace actions {
-namespace disruptive {
 
 
 bool Block::evaluate(Rule *rule, Transaction *transaction,
@@ -37,8 +36,7 @@ bool Block::evaluate(Rule *rule, Transaction *transaction,
 #endif
 
     for (Action *a : transaction->m_rules->m_defaultActions[rule->m_phase]) {
-        if (a->isDisruptive() == false
-            || dynamic_cast<actions::disruptive::Block *>(a) != NULL) {
+        if (a->isDisruptive() == false) {
             continue;
         }
         a->evaluate(rule, transaction, rm);
@@ -48,6 +46,5 @@ bool Block::evaluate(Rule *rule, Transaction *transaction,
 }
 
 
-}  // namespace disruptive
 }  // namespace actions
 }  // namespace modsecurity

Diff for: src/actions/disruptive/block.h renamed to src/actions/block.h

@@ -29,7 +29,6 @@ namespace modsecurity {
 class Transaction;
 
 namespace actions {
-namespace disruptive {
 
 
 class Block : public Action {
@@ -38,11 +37,9 @@ class Block : public Action {
 
     bool evaluate(Rule *rule, Transaction *transaction,
         std::shared_ptr<RuleMessage> rm) override;
-    bool isDisruptive() override { return true; }
 };
 
 
-}  // namespace disruptive
 }  // namespace actions
 }  // namespace modsecurity
 #endif

Diff for: src/parser/driver.cc

@@ -81,7 +81,7 @@ int Driver::addSecRule(Rule *rule) {
         if (lastRule->m_chainedRule == NULL) {
             rule->m_phase = lastRule->m_phase;
             lastRule->m_chainedRule = rule;
-            if (rule->m_containsStaticDisruptiveAction) {
+            if (rule->m_theDisruptiveAction) {
                 m_parserError << "Disruptive actions can only be specified by";
                 m_parserError << " chain starter rules.";
                 return false;
@@ -94,7 +94,7 @@ int Driver::addSecRule(Rule *rule) {
             }
             if (a->m_chained && a->m_chainedRule == NULL) {
                 a->m_chainedRule = rule;
-                if (a->m_containsStaticDisruptiveAction) {
+                if (a->m_theDisruptiveAction) {
                     m_parserError << "Disruptive actions can only be ";
                     m_parserError << "specified by chain starter rules.";
                     return false;