From b01901b04ea497608c7d6a2ca7ecd2c14c4633ea Mon Sep 17 00:00:00 2001
From: Sebastien Blot <sebastien@crowdsec.net>
Date: Mon, 4 Dec 2023 15:13:11 +0100
Subject: [PATCH] fix Remove{in,out}bandRuleBy{name,tag} for pre_eval

---
 pkg/waf/tx.go          |  5 +++++
 pkg/waf/waap.go        | 32 ++++++++++++++++++++++++++++++++
 pkg/waf/waf_helpers.go | 22 +++++++++++++---------
 3 files changed, 50 insertions(+), 9 deletions(-)

diff --git a/pkg/waf/tx.go b/pkg/waf/tx.go
index ce44aec95..1e2c83331 100644
--- a/pkg/waf/tx.go
+++ b/pkg/waf/tx.go
@@ -27,6 +27,11 @@ func (t *ExtendedTransaction) RemoveRuleByIDWithError(id int) error {
 	return nil
 }
 
+func (t *ExtendedTransaction) RemoveRuleByTagWithError(tag string) error {
+	t.Tx.RemoveRuleByTag(tag)
+	return nil
+}
+
 func (t *ExtendedTransaction) IsRuleEngineOff() bool {
 	return t.Tx.IsRuleEngineOff()
 }
diff --git a/pkg/waf/waap.go b/pkg/waf/waap.go
index 85eb4e4fd..2820bb8c4 100644
--- a/pkg/waf/waap.go
+++ b/pkg/waf/waap.go
@@ -425,6 +425,38 @@ func (w *WaapRuntimeConfig) RemoveOutbandRuleByID(params ...any) (any, error) {
 	return nil, nil
 }
 
+// func (w *WaapRuntimeConfig) RemoveInbandRuleByTag(tag string) error {
+func (w *WaapRuntimeConfig) RemoveInbandRuleByTag(params ...any) (any, error) {
+	tag := params[0].(string)
+	w.Logger.Debugf("removing inband rule with tag %s", tag)
+	_ = w.InBandTx.RemoveRuleByTagWithError(tag)
+	return nil, nil
+}
+
+// func (w *WaapRuntimeConfig) RemoveOutbandRuleByTag(tag string) error {
+func (w *WaapRuntimeConfig) RemoveOutbandRuleByTag(params ...any) (any, error) {
+	tag := params[0].(string)
+	w.Logger.Debugf("removing outband rule with tag %s", tag)
+	_ = w.OutOfBandTx.RemoveRuleByTagWithError(tag)
+	return nil, nil
+}
+
+// func (w *WaapRuntimeConfig) RemoveInbandRuleByName(name string) error {
+func (w *WaapRuntimeConfig) RemoveInbandRuleByName(params ...any) (any, error) {
+	tag := fmt.Sprintf("crowdsec-%s", params[0].(string))
+	w.Logger.Debugf("removing inband rule %s", tag)
+	_ = w.InBandTx.RemoveRuleByTagWithError(tag)
+	return nil, nil
+}
+
+// func (w *WaapRuntimeConfig) RemoveOutbandRuleByName(name string) error {
+func (w *WaapRuntimeConfig) RemoveOutbandRuleByName(params ...any) (any, error) {
+	tag := fmt.Sprintf("crowdsec-%s", params[0].(string))
+	w.Logger.Debugf("removing outband rule %s", tag)
+	_ = w.OutOfBandTx.RemoveRuleByTagWithError(tag)
+	return nil, nil
+}
+
 func (w *WaapRuntimeConfig) CancelEvent(params ...any) (any, error) {
 	w.Logger.Debugf("canceling event")
 	w.Response.SendEvent = false
diff --git a/pkg/waf/waf_helpers.go b/pkg/waf/waf_helpers.go
index bb65df851..ced1b68e7 100644
--- a/pkg/waf/waf_helpers.go
+++ b/pkg/waf/waf_helpers.go
@@ -23,9 +23,9 @@ func GetOnLoadEnv(w *WaapRuntimeConfig) map[string]interface{} {
 	//FIXME: use expr.Function instead of this
 	return map[string]interface{}{
 		"RemoveInBandRuleByID":    w.DisableInBandRuleByID,
-		"RemoveOutBandRuleByID":   w.DisableOutBandRuleByID,
-		"RemoveInBandRuleByName":  w.DisableInBandRuleByName,
 		"RemoveInBandRuleByTag":   w.DisableInBandRuleByTag,
+		"RemoveInBandRuleByName":  w.DisableInBandRuleByName,
+		"RemoveOutBandRuleByID":   w.DisableOutBandRuleByID,
 		"RemoveOutBandRuleByTag":  w.DisableOutBandRuleByTag,
 		"RemoveOutBandRuleByName": w.DisableOutBandRuleByName,
 		"SetRemediationByTag":     w.SetActionByTag,
@@ -37,13 +37,17 @@ func GetOnLoadEnv(w *WaapRuntimeConfig) map[string]interface{} {
 func GetPreEvalEnv(w *WaapRuntimeConfig, request *ParsedRequest) map[string]interface{} {
 	//FIXME: use expr.Function instead of this
 	return map[string]interface{}{
-		"IsInBand":              request.IsInBand,
-		"IsOutBand":             request.IsOutBand,
-		"RemoveInBandRuleByID":  w.RemoveInbandRuleByID,
-		"RemoveOutBandRuleByID": w.RemoveOutbandRuleByID,
-		"SetRemediationByTag":   w.SetActionByTag,
-		"SetRemediationByID":    w.SetActionByID,
-		"SetRemediationByName":  w.SetActionByName,
+		"IsInBand":                request.IsInBand,
+		"IsOutBand":               request.IsOutBand,
+		"RemoveInBandRuleByID":    w.RemoveInbandRuleByID,
+		"RemoveInBandRuleByName":  w.RemoveInbandRuleByName,
+		"RemoveInBandRuleByTag":   w.RemoveInbandRuleByTag,
+		"RemoveOutBandRuleByID":   w.RemoveOutbandRuleByID,
+		"RemoveOutBandRuleByTag":  w.RemoveOutbandRuleByTag,
+		"RemoveOutBandRuleByName": w.RemoveOutbandRuleByName,
+		"SetRemediationByTag":     w.SetActionByTag,
+		"SetRemediationByID":      w.SetActionByID,
+		"SetRemediationByName":    w.SetActionByName,
 	}
 }