{-# LANGUAGE DeriveGeneric #-}
{-# LANGUAGE DuplicateRecordFields #-}
{-# LANGUAGE NamedFieldPuns #-}
{-# LANGUAGE OverloadedStrings #-}
{-# LANGUAGE RecordWildCards #-}
{-# LANGUAGE StrictData #-}
{-# LANGUAGE NoImplicitPrelude #-}
{-# OPTIONS_GHC -fno-warn-unused-imports #-}
{-# OPTIONS_GHC -fno-warn-unused-matches #-}

-- Derived from AWS service descriptions, licensed under Apache 2.0.

-- |
-- Module      : Amazonka.WAFV2.Types.SqliMatchStatement
-- Copyright   : (c) 2013-2023 Brendan Hay
-- License     : Mozilla Public License, v. 2.0.
-- Maintainer  : Brendan Hay
-- Stability   : auto-generated
-- Portability : non-portable (GHC extensions)
module Amazonka.WAFV2.Types.SqliMatchStatement where

import qualified Amazonka.Core as Core
import qualified Amazonka.Core.Lens.Internal as Lens
import qualified Amazonka.Data as Data
import qualified Amazonka.Prelude as Prelude
import Amazonka.WAFV2.Types.FieldToMatch
import Amazonka.WAFV2.Types.SensitivityLevel
import Amazonka.WAFV2.Types.TextTransformation

-- | A rule statement that inspects for malicious SQL code. Attackers insert
-- malicious SQL code into web requests to do things like modify your
-- database or extract data from it.
--
-- /See:/ 'newSqliMatchStatement' smart constructor.
data SqliMatchStatement = SqliMatchStatement'
  { -- | The sensitivity that you want WAF to use to inspect for SQL injection
    -- attacks.
    --
    -- @HIGH@ detects more attacks, but might generate more false positives,
    -- especially if your web requests frequently contain unusual strings. For
    -- information about identifying and mitigating false positives, see
    -- <https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html Testing and tuning>
    -- in the /WAF Developer Guide/.
    --
    -- @LOW@ is generally a better choice for resources that already have other
    -- protections against SQL injection attacks or that have a low tolerance
    -- for false positives.
    --
    -- Default: @LOW@
    SqliMatchStatement -> Maybe SensitivityLevel
sensitivityLevel :: Prelude.Maybe SensitivityLevel,
    -- | The part of the web request that you want WAF to inspect.
    SqliMatchStatement -> FieldToMatch
fieldToMatch :: FieldToMatch,
    -- | Text transformations eliminate some of the unusual formatting that
    -- attackers use in web requests in an effort to bypass detection. If you
    -- specify one or more transformations in a rule statement, WAF performs
    -- all transformations on the content of the request component identified
    -- by @FieldToMatch@, starting from the lowest priority setting, before
    -- inspecting the content for a match.
    SqliMatchStatement -> NonEmpty TextTransformation
textTransformations :: Prelude.NonEmpty TextTransformation
  }
  deriving (SqliMatchStatement -> SqliMatchStatement -> Bool
forall a. (a -> a -> Bool) -> (a -> a -> Bool) -> Eq a
/= :: SqliMatchStatement -> SqliMatchStatement -> Bool
$c/= :: SqliMatchStatement -> SqliMatchStatement -> Bool
== :: SqliMatchStatement -> SqliMatchStatement -> Bool
$c== :: SqliMatchStatement -> SqliMatchStatement -> Bool
Prelude.Eq, ReadPrec [SqliMatchStatement]
ReadPrec SqliMatchStatement
Int -> ReadS SqliMatchStatement
ReadS [SqliMatchStatement]
forall a.
(Int -> ReadS a)
-> ReadS [a] -> ReadPrec a -> ReadPrec [a] -> Read a
readListPrec :: ReadPrec [SqliMatchStatement]
$creadListPrec :: ReadPrec [SqliMatchStatement]
readPrec :: ReadPrec SqliMatchStatement
$creadPrec :: ReadPrec SqliMatchStatement
readList :: ReadS [SqliMatchStatement]
$creadList :: ReadS [SqliMatchStatement]
readsPrec :: Int -> ReadS SqliMatchStatement
$creadsPrec :: Int -> ReadS SqliMatchStatement
Prelude.Read, Int -> SqliMatchStatement -> ShowS
[SqliMatchStatement] -> ShowS
SqliMatchStatement -> String
forall a.
(Int -> a -> ShowS) -> (a -> String) -> ([a] -> ShowS) -> Show a
showList :: [SqliMatchStatement] -> ShowS
$cshowList :: [SqliMatchStatement] -> ShowS
show :: SqliMatchStatement -> String
$cshow :: SqliMatchStatement -> String
showsPrec :: Int -> SqliMatchStatement -> ShowS
$cshowsPrec :: Int -> SqliMatchStatement -> ShowS
Prelude.Show, forall x. Rep SqliMatchStatement x -> SqliMatchStatement
forall x. SqliMatchStatement -> Rep SqliMatchStatement x
forall a.
(forall x. a -> Rep a x) -> (forall x. Rep a x -> a) -> Generic a
$cto :: forall x. Rep SqliMatchStatement x -> SqliMatchStatement
$cfrom :: forall x. SqliMatchStatement -> Rep SqliMatchStatement x
Prelude.Generic)

-- |
-- Create a value of 'SqliMatchStatement' with all optional fields omitted.
--
-- Use <https://hackage.haskell.org/package/generic-lens generic-lens> or <https://hackage.haskell.org/package/optics optics> to modify other optional fields.
--
-- The following record fields are available, with the corresponding lenses provided
-- for backwards compatibility:
--
-- 'sensitivityLevel', 'sqliMatchStatement_sensitivityLevel' - The sensitivity that you want WAF to use to inspect for SQL injection
-- attacks.
--
-- @HIGH@ detects more attacks, but might generate more false positives,
-- especially if your web requests frequently contain unusual strings. For
-- information about identifying and mitigating false positives, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html Testing and tuning>
-- in the /WAF Developer Guide/.
--
-- @LOW@ is generally a better choice for resources that already have other
-- protections against SQL injection attacks or that have a low tolerance
-- for false positives.
--
-- Default: @LOW@
--
-- 'fieldToMatch', 'sqliMatchStatement_fieldToMatch' - The part of the web request that you want WAF to inspect.
--
-- 'textTransformations', 'sqliMatchStatement_textTransformations' - Text transformations eliminate some of the unusual formatting that
-- attackers use in web requests in an effort to bypass detection. If you
-- specify one or more transformations in a rule statement, WAF performs
-- all transformations on the content of the request component identified
-- by @FieldToMatch@, starting from the lowest priority setting, before
-- inspecting the content for a match.
newSqliMatchStatement ::
  -- | 'fieldToMatch'
  FieldToMatch ->
  -- | 'textTransformations'
  Prelude.NonEmpty TextTransformation ->
  SqliMatchStatement
newSqliMatchStatement :: FieldToMatch -> NonEmpty TextTransformation -> SqliMatchStatement
newSqliMatchStatement
  FieldToMatch
pFieldToMatch_
  NonEmpty TextTransformation
pTextTransformations_ =
    SqliMatchStatement'
      { $sel:sensitivityLevel:SqliMatchStatement' :: Maybe SensitivityLevel
sensitivityLevel =
          forall a. Maybe a
Prelude.Nothing,
        $sel:fieldToMatch:SqliMatchStatement' :: FieldToMatch
fieldToMatch = FieldToMatch
pFieldToMatch_,
        $sel:textTransformations:SqliMatchStatement' :: NonEmpty TextTransformation
textTransformations =
          forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced forall t b. AReview t b -> b -> t
Lens.# NonEmpty TextTransformation
pTextTransformations_
      }

-- | The sensitivity that you want WAF to use to inspect for SQL injection
-- attacks.
--
-- @HIGH@ detects more attacks, but might generate more false positives,
-- especially if your web requests frequently contain unusual strings. For
-- information about identifying and mitigating false positives, see
-- <https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html Testing and tuning>
-- in the /WAF Developer Guide/.
--
-- @LOW@ is generally a better choice for resources that already have other
-- protections against SQL injection attacks or that have a low tolerance
-- for false positives.
--
-- Default: @LOW@
sqliMatchStatement_sensitivityLevel :: Lens.Lens' SqliMatchStatement (Prelude.Maybe SensitivityLevel)
sqliMatchStatement_sensitivityLevel :: Lens' SqliMatchStatement (Maybe SensitivityLevel)
sqliMatchStatement_sensitivityLevel = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SqliMatchStatement' {Maybe SensitivityLevel
sensitivityLevel :: Maybe SensitivityLevel
$sel:sensitivityLevel:SqliMatchStatement' :: SqliMatchStatement -> Maybe SensitivityLevel
sensitivityLevel} -> Maybe SensitivityLevel
sensitivityLevel) (\s :: SqliMatchStatement
s@SqliMatchStatement' {} Maybe SensitivityLevel
a -> SqliMatchStatement
s {$sel:sensitivityLevel:SqliMatchStatement' :: Maybe SensitivityLevel
sensitivityLevel = Maybe SensitivityLevel
a} :: SqliMatchStatement)

-- | The part of the web request that you want WAF to inspect.
sqliMatchStatement_fieldToMatch :: Lens.Lens' SqliMatchStatement FieldToMatch
sqliMatchStatement_fieldToMatch :: Lens' SqliMatchStatement FieldToMatch
sqliMatchStatement_fieldToMatch = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SqliMatchStatement' {FieldToMatch
fieldToMatch :: FieldToMatch
$sel:fieldToMatch:SqliMatchStatement' :: SqliMatchStatement -> FieldToMatch
fieldToMatch} -> FieldToMatch
fieldToMatch) (\s :: SqliMatchStatement
s@SqliMatchStatement' {} FieldToMatch
a -> SqliMatchStatement
s {$sel:fieldToMatch:SqliMatchStatement' :: FieldToMatch
fieldToMatch = FieldToMatch
a} :: SqliMatchStatement)

-- | Text transformations eliminate some of the unusual formatting that
-- attackers use in web requests in an effort to bypass detection. If you
-- specify one or more transformations in a rule statement, WAF performs
-- all transformations on the content of the request component identified
-- by @FieldToMatch@, starting from the lowest priority setting, before
-- inspecting the content for a match.
sqliMatchStatement_textTransformations :: Lens.Lens' SqliMatchStatement (Prelude.NonEmpty TextTransformation)
sqliMatchStatement_textTransformations :: Lens' SqliMatchStatement (NonEmpty TextTransformation)
sqliMatchStatement_textTransformations = forall s a b t. (s -> a) -> (s -> b -> t) -> Lens s t a b
Lens.lens (\SqliMatchStatement' {NonEmpty TextTransformation
textTransformations :: NonEmpty TextTransformation
$sel:textTransformations:SqliMatchStatement' :: SqliMatchStatement -> NonEmpty TextTransformation
textTransformations} -> NonEmpty TextTransformation
textTransformations) (\s :: SqliMatchStatement
s@SqliMatchStatement' {} NonEmpty TextTransformation
a -> SqliMatchStatement
s {$sel:textTransformations:SqliMatchStatement' :: NonEmpty TextTransformation
textTransformations = NonEmpty TextTransformation
a} :: SqliMatchStatement) forall b c a. (b -> c) -> (a -> b) -> a -> c
Prelude.. forall s t a b. (Coercible s a, Coercible t b) => Iso s t a b
Lens.coerced

instance Data.FromJSON SqliMatchStatement where
  parseJSON :: Value -> Parser SqliMatchStatement
parseJSON =
    forall a. String -> (Object -> Parser a) -> Value -> Parser a
Data.withObject
      String
"SqliMatchStatement"
      ( \Object
x ->
          Maybe SensitivityLevel
-> FieldToMatch
-> NonEmpty TextTransformation
-> SqliMatchStatement
SqliMatchStatement'
            forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> (Object
x forall a. FromJSON a => Object -> Key -> Parser (Maybe a)
Data..:? Key
"SensitivityLevel")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"FieldToMatch")
            forall (f :: * -> *) a b. Applicative f => f (a -> b) -> f a -> f b
Prelude.<*> (Object
x forall a. FromJSON a => Object -> Key -> Parser a
Data..: Key
"TextTransformations")
      )

instance Prelude.Hashable SqliMatchStatement where
  hashWithSalt :: Int -> SqliMatchStatement -> Int
hashWithSalt Int
_salt SqliMatchStatement' {Maybe SensitivityLevel
NonEmpty TextTransformation
FieldToMatch
textTransformations :: NonEmpty TextTransformation
fieldToMatch :: FieldToMatch
sensitivityLevel :: Maybe SensitivityLevel
$sel:textTransformations:SqliMatchStatement' :: SqliMatchStatement -> NonEmpty TextTransformation
$sel:fieldToMatch:SqliMatchStatement' :: SqliMatchStatement -> FieldToMatch
$sel:sensitivityLevel:SqliMatchStatement' :: SqliMatchStatement -> Maybe SensitivityLevel
..} =
    Int
_salt
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` Maybe SensitivityLevel
sensitivityLevel
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` FieldToMatch
fieldToMatch
      forall a. Hashable a => Int -> a -> Int
`Prelude.hashWithSalt` NonEmpty TextTransformation
textTransformations

instance Prelude.NFData SqliMatchStatement where
  rnf :: SqliMatchStatement -> ()
rnf SqliMatchStatement' {Maybe SensitivityLevel
NonEmpty TextTransformation
FieldToMatch
textTransformations :: NonEmpty TextTransformation
fieldToMatch :: FieldToMatch
sensitivityLevel :: Maybe SensitivityLevel
$sel:textTransformations:SqliMatchStatement' :: SqliMatchStatement -> NonEmpty TextTransformation
$sel:fieldToMatch:SqliMatchStatement' :: SqliMatchStatement -> FieldToMatch
$sel:sensitivityLevel:SqliMatchStatement' :: SqliMatchStatement -> Maybe SensitivityLevel
..} =
    forall a. NFData a => a -> ()
Prelude.rnf Maybe SensitivityLevel
sensitivityLevel
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf FieldToMatch
fieldToMatch
      seq :: forall a b. a -> b -> b
`Prelude.seq` forall a. NFData a => a -> ()
Prelude.rnf NonEmpty TextTransformation
textTransformations

instance Data.ToJSON SqliMatchStatement where
  toJSON :: SqliMatchStatement -> Value
toJSON SqliMatchStatement' {Maybe SensitivityLevel
NonEmpty TextTransformation
FieldToMatch
textTransformations :: NonEmpty TextTransformation
fieldToMatch :: FieldToMatch
sensitivityLevel :: Maybe SensitivityLevel
$sel:textTransformations:SqliMatchStatement' :: SqliMatchStatement -> NonEmpty TextTransformation
$sel:fieldToMatch:SqliMatchStatement' :: SqliMatchStatement -> FieldToMatch
$sel:sensitivityLevel:SqliMatchStatement' :: SqliMatchStatement -> Maybe SensitivityLevel
..} =
    [Pair] -> Value
Data.object
      ( forall a. [Maybe a] -> [a]
Prelude.catMaybes
          [ (Key
"SensitivityLevel" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..=)
              forall (f :: * -> *) a b. Functor f => (a -> b) -> f a -> f b
Prelude.<$> Maybe SensitivityLevel
sensitivityLevel,
            forall a. a -> Maybe a
Prelude.Just (Key
"FieldToMatch" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= FieldToMatch
fieldToMatch),
            forall a. a -> Maybe a
Prelude.Just
              (Key
"TextTransformations" forall kv v. (KeyValue kv, ToJSON v) => Key -> v -> kv
Data..= NonEmpty TextTransformation
textTransformations)
          ]
      )