Merge pull request #26 from metrik-tech/feature/ENG-169

4x8Matrix · web-flow · commit 4426d9c58df3 · 2024-07-02T09:01:48.000+01:00
feature/eng 169: Implement client sided error logging security/mitigations.
diff --git a/Src/Client.luau b/Src/Client.luau
@@ -11,6 +11,8 @@ local Error = require(script.Parent.Enums.Error)
 local ErrorFormats = require(script.Parent.Data.ErrorFormats)
 
 local FlagsController = require(script.Parent.Controllers.FlagsController)
+local BreadcrumbController = require(script.Parent.Controllers.BreadcrumbController)
+local ContextController = require(script.Parent.Controllers.ContextController)
 
 local ON_INIT_LIFECYCLE_NAME = "OnInit"
 local ON_START_LIFECYCLE_NAME = "OnStart"
@@ -34,6 +36,40 @@ function MetrikSDK.Private.FromError(_: MetrikPrivateAPI, errorEnum: string, ...
 	return string.format(ErrorFormats[errorEnum], ...)
 end
 
+function MetrikSDK.Private.AwaitUntilReady(self: MetrikPrivateAPI)
+	repeat task.wait() until self.IsInitialized
+end
+
+--[=[
+	...
+
+	@method CreateBreadcrumb
+	@within MetrikSDK.Client
+
+	@return ()
+]=]
+--
+function MetrikSDK.Public.CreateBreadcrumb(self: MetrikPublicAPI, message: string)
+	self.Private:AwaitUntilReady()
+
+	BreadcrumbController:CreateBreadcrumbFor(debug.info(2, "s"), message)
+end
+
+--[=[
+	...
+
+	@method SetContext
+	@within MetrikSDK.Client
+
+	@return ()
+]=]
+--
+function MetrikSDK.Public.SetContext(self: MetrikPublicAPI, context: { [string]: any })
+	self.Private:AwaitUntilReady()
+
+	ContextController:CreateContextFor(debug.info(2, "s"), context)
+end
+
 --[=[
 	...
 
@@ -44,6 +80,8 @@ end
 ]=]
 --
 function MetrikSDK.Public.GetFlag(self: MetrikPublicAPI, flagName: string)
+	self.Private:AwaitUntilReady()
+
 	return FlagsController:EvaluateFlag(flagName)
 end
 
@@ -81,6 +119,8 @@ function MetrikSDK.Public.InitializeAsync(self: MetrikPublicAPI)
 		table.sort(metrikControllers, function(serviceA, serviceB)
 			return (serviceA.Priority or 0) > (serviceB.Priority or 0)
 		end)
+		
+		repeat task.wait() until script.Parent:GetAttribute("INIT_COMPLETE")
 
 		Runtime:CallMethodOn(metrikControllers, ON_INIT_LIFECYCLE_NAME)
 		Runtime:CallMethodOn(metrikControllers, ON_START_LIFECYCLE_NAME)
diff --git a/Src/Containers/Client.client.luau b/Src/Containers/Client.client.luau
@@ -1,5 +1,3 @@
 local Metrik = require(script.Parent.Parent)
 
-Metrik.Client:InitializeAsync():andThen(function()
-	script.Parent:Destroy()
-end)
+Metrik.Client:InitializeAsync()
diff --git a/Src/Containers/Server.server.luau b/Src/Containers/Server.server.luau
@@ -1,3 +1 @@
-require(script.Parent.Parent)
-
-return task.defer(script.Destroy, script)
+require(script.Parent.Parent)
diff --git a/Src/Controllers/BreadcrumbController.luau b/Src/Controllers/BreadcrumbController.luau
@@ -0,0 +1,31 @@
+local Console = require(script.Parent.Parent.Packages.Console)
+
+local Network = require(script.Parent.Parent.Network.Client)
+
+local MAX_MESSAGE_LENGTH = 512
+local MAX_SOURCE_LENGTH = 256
+
+local BreadcrumbController = { }
+
+BreadcrumbController.Store = { } :: { [Instance]: Breadcrumb }
+
+BreadcrumbController.Priority = 0
+BreadcrumbController.Reporter = Console.new(`{script.Name}`)
+
+function BreadcrumbController.CreateBreadcrumbFor(self: BreadcrumbController, sourcePath: string, message: string)
+    assert(#message < MAX_MESSAGE_LENGTH, `Message is too long (max length is ${MAX_MESSAGE_LENGTH})`)
+    assert(#sourcePath < MAX_SOURCE_LENGTH, `Source path is too long (max length is ${MAX_SOURCE_LENGTH})`)
+
+    Network.CreateBreadcrumb.Fire({
+        message = message,
+        sourcePath = sourcePath,
+    })
+end
+
+export type BreadcrumbController = typeof(BreadcrumbController)
+export type Breadcrumb = {
+    timestamp: string,
+    message: string
+}
+
+return BreadcrumbController
diff --git a/Src/Controllers/ContextController.luau b/Src/Controllers/ContextController.luau
@@ -0,0 +1,24 @@
+local HttpService = game:GetService("HttpService")
+
+local Console = require(script.Parent.Parent.Packages.Console)
+
+local Network = require(script.Parent.Parent.Network.Client)
+
+local ContextController = { }
+
+ContextController.Store = { } :: { [Instance]: Context }
+
+ContextController.Priority = 0
+ContextController.Reporter = Console.new(`{script.Name}`)
+
+function ContextController.CreateContextFor(self: ContextController, sourcePath: string, context: Context)
+    Network.CreateContext.Fire({
+        contextJSON = HttpService:JSONEncode(context),
+        sourcePath = sourcePath,
+    })
+end
+
+export type ContextController = typeof(ContextController)
+export type Context = { [string]: any }
+
+return ContextController
diff --git a/Src/Controllers/LogCaptureControllers.luau b/Src/Controllers/LogCaptureControllers.luau
@@ -16,19 +16,16 @@ LogCaptureControllers.MessageQueue = {}
 
 LogCaptureControllers.MessageQueueUpdated = Signal.new()
 
-function LogCaptureControllers.OnMessageError(self: LogCaptureControllers, message: string, trace: string, filePath: string)
+function LogCaptureControllers.OnMessageError(self: LogCaptureControllers, message: string, trace: string)
 	table.insert(self.MessageQueue, {
 		["message"] = message,
-		["script"] = filePath,
 		["trace"] = trace,
 	})
 end
 
 function LogCaptureControllers.OnStart(self: LogCaptureControllers)
-	ScriptContext.Error:Connect(function(message: string, trace: string, script: Instance)
-		local filePath = script and script:GetFullName() or "?"
-
-		self:OnMessageError(message, trace, filePath)
+	ScriptContext.Error:Connect(function(message: string, trace: string)
+		self:OnMessageError(message, trace)
 	end)
 
 	task.spawn(function()
diff --git a/Src/Server.luau b/Src/Server.luau
@@ -87,7 +87,7 @@ end
 ]=]
 --
 function MetrikSDK.Public.CreateBreadcrumb(self: MetrikPublicAPI, message: string)
-	BreadcrumbService:CreateBreadcrumbFor(self.Private:GetCallingScript(), message)
+	BreadcrumbService:CreateBreadcrumbFor(nil, self.Private:GetCallingScript(), message)
 end
 
 --[=[
@@ -100,7 +100,7 @@ end
 ]=]
 --
 function MetrikSDK.Public.SetContext(self: MetrikPublicAPI, context: { [string]: any })
-	ContextService:CreateContextFor(self.Private:GetCallingScript(), context)
+	ContextService:CreateContextFor(nil, self.Private:GetCallingScript(), context)
 end
 
 --[=[
@@ -188,6 +188,8 @@ function MetrikSDK.Public.InitializeAsync(self: MetrikPublicAPI, settings: {
 			return reject(response)
 		end
 
+		script.Parent:SetAttribute("INIT_COMPLETE", true)
+
 		self.Private.IsInitialized = true
 
 		self.Private.Reporter:Debug(`Loaded all MetrikSDK Services ({os.clock() - runtimeClockSnapshot}ms)`)
diff --git a/Src/Services/BreadcrumbService.luau b/Src/Services/BreadcrumbService.luau
@@ -1,30 +1,37 @@
+local Players = game:GetService("Players")
+
 local Console = require(script.Parent.Parent.Packages.Console)
 
 local GetScriptFromFullName = require(script.Parent.Parent.Util.GetScriptFromFullName)
 
+local Network = require(script.Parent.Parent.Network.Server)
+
 local BreadcrumbService = { }
 
 BreadcrumbService.Store = { } :: { [Instance]: Breadcrumb }
+BreadcrumbService.PlayerStore = { } :: { [Player]: typeof(BreadcrumbService.Store) }
 
 BreadcrumbService.Priority = 0
 BreadcrumbService.Reporter = Console.new(`{script.Name}`)
 
-function BreadcrumbService.GetBreadcrumbsFor(self: BreadcrumbService, sourcePath: string): { Breadcrumb }
+function BreadcrumbService.GetBreadcrumbsFor(self: BreadcrumbService, player: Player?, sourcePath: string): { Breadcrumb }
     local source = GetScriptFromFullName(sourcePath)
+    local store = player and self.PlayerStore[player] or self.Store
 
     if not source then
         return { }
     end
 
-	if not self.Store[source] then
+	if not store[source] then
         return { }
     end
 
-    return self.Store[source]
+    return store[source]
 end
 
-function BreadcrumbService.CreateBreadcrumbFor(self: BreadcrumbService, sourcePath: string, message: string)
+function BreadcrumbService.CreateBreadcrumbFor(self: BreadcrumbService, player: Player?, sourcePath: string, message: string)
     local source = GetScriptFromFullName(sourcePath)
+    local store = player and self.PlayerStore[player] or self.Store
     local breadcrumbObject = {
         message = message,
         timestamp = DateTime.now():ToIsoDate()
@@ -34,11 +41,25 @@ function BreadcrumbService.CreateBreadcrumbFor(self: BreadcrumbService, sourcePa
         return
     end
 
-    if not self.Store[source] then
-        self.Store[source] = { }
+    if not store[source] then
+        store[source] = { }
     end
 
-    table.insert(self.Store[source], breadcrumbObject)
+    table.insert(store[source], breadcrumbObject)
+end
+
+function BreadcrumbService.OnStart(self: BreadcrumbService)
+    Network.CreateBreadcrumb.SetCallback(function(player: Player, breadcrumb: { message: string, sourcePath: string })
+        if not self.PlayerStore[player] then
+            self.PlayerStore[player] = { }
+        end
+
+        self:CreateBreadcrumbFor(player, breadcrumb.sourcePath, breadcrumb.message)
+    end)
+
+    Players.PlayerRemoving:Connect(function(player: Player)
+        BreadcrumbService.PlayerStore[player] = nil
+    end)
 end
 
 export type BreadcrumbService = typeof(BreadcrumbService)
diff --git a/Src/Services/ContextService.luau b/Src/Services/ContextService.luau
@@ -1,17 +1,21 @@
 local HttpService = game:GetService("HttpService")
+local Players = game:GetService("Players")
 
 local Console = require(script.Parent.Parent.Packages.Console)
 
 local GetScriptFromFullName = require(script.Parent.Parent.Util.GetScriptFromFullName)
 
+local Network = require(script.Parent.Parent.Network.Server)
+
 local ContextService = { }
 
 ContextService.Store = { } :: { [Instance]: Context }
+ContextService.PlayerStore = { } :: { [Player]: typeof(ContextService.Store) }
 
 ContextService.Priority = 0
 ContextService.Reporter = Console.new(`{script.Name}`)
 
-function ContextService.GetContextFor(self: ContextService, sourcePath: string)
+function ContextService.GetContextFor(self: ContextService, player: Player?, sourcePath: string)
     local source = GetScriptFromFullName(sourcePath)
 
     if not source then
@@ -21,7 +25,7 @@ function ContextService.GetContextFor(self: ContextService, sourcePath: string)
     return self.Store[source]
 end
 
-function ContextService.CreateContextFor(self: ContextService, sourcePath: string, context: Context)
+function ContextService.CreateContextFor(self: ContextService, player: Player?, sourcePath: string, context: Context)
     local source = GetScriptFromFullName(sourcePath)
 
     if not source then
@@ -39,6 +43,20 @@ function ContextService.CreateContextFor(self: ContextService, sourcePath: strin
     self.Store[source] = context
 end
 
+function ContextService.OnStart(self: ContextService)
+    Network.CreateContext.SetCallback(function(player: Player, context: { contextJSON: string, sourcePath: string })
+        if not self.PlayerStore[player] then
+            self.PlayerStore[player] = { }
+        end
+
+        self:CreateContextFor(player, context.sourcePath, HttpService:JSONDecode(context.contextJSON))
+    end)
+
+    Players.PlayerRemoving:Connect(function(player: Player)
+        ContextService.PlayerStore[player] = nil
+    end)
+end
+
 export type ContextService = typeof(ContextService)
 export type Context = { [string]: any }
 
diff --git a/Src/Services/LogCaptureService.luau b/Src/Services/LogCaptureService.luau
diff --git a/aftman.toml b/aftman.toml
diff --git a/network.zap b/network.zap
