Author: stefanegli
Date: Mon May 27 12:05:55 2013
New Revision: 1486587
URL: http://svn.apache.org/r1486587
Log:
SLING-2883 : filter valid property names
Modified:
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/DiscoveryServiceImpl.java
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/DefaultInstanceDescriptionImpl.java
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/resource/ResourceHelper.java
sling/trunk/bundles/extensions/discovery/impl/src/test/java/org/apache/sling/discovery/impl/cluster/SingleInstanceTest.java
Modified:
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/DiscoveryServiceImpl.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/DiscoveryServiceImpl.java?rev=1486587&r1=1486586&r2=1486587&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/DiscoveryServiceImpl.java
(original)
+++
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/DiscoveryServiceImpl.java
Mon May 27 12:05:55 2013
@@ -580,19 +580,26 @@ public class DiscoveryServiceImpl implem
if (this.propertyProperties instanceof String) {
final String val = provider.getProperty((String)
this.propertyProperties);
if (val != null) {
- this.properties.put((String) this.propertyProperties, val);
+ putPropertyIfValid((String) this.propertyProperties,
val);
}
} else if (this.propertyProperties instanceof String[]) {
for (final String name : (String[]) this.propertyProperties) {
final String val = provider.getProperty(name);
if (val != null) {
- this.properties.put(name, val);
+ putPropertyIfValid(name, val);
}
}
}
}
- /**
+ /** SLING-2883 : put property only if valid **/
+ private void putPropertyIfValid(final String name, final String
val) {
+ if (ResourceHelper.isValidPropertyName(name)) {
+ this.properties.put(name, val);
+ }
+ }
+
+ /**
* @see java.lang.Comparable#compareTo(java.lang.Object)
*/
public int compareTo(final ProviderInfo o) {
Modified:
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/DefaultInstanceDescriptionImpl.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/DefaultInstanceDescriptionImpl.java?rev=1486587&r1=1486586&r2=1486587&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/DefaultInstanceDescriptionImpl.java
(original)
+++
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/DefaultInstanceDescriptionImpl.java
Mon May 27 12:05:55 2013
@@ -19,10 +19,17 @@
package org.apache.sling.discovery.impl.common;
import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
import java.util.Map;
+import java.util.Map.Entry;
+import java.util.Set;
import org.apache.sling.discovery.ClusterView;
import org.apache.sling.discovery.InstanceDescription;
+import org.apache.sling.discovery.impl.common.resource.ResourceHelper;
+
+import aQute.bnd.service.ResourceHandle;
/**
* Base implementation for the InstanceDescription interface.
@@ -58,7 +65,7 @@ public class DefaultInstanceDescriptionI
this.isLeader = isLeader;
this.isLocal = isOwn;
this.slingId = slingId;
- this.properties = properties;
+ this.properties = filterValidProperties(properties);
if (clusterView != null) {
clusterView.addInstanceDescription(this);
if (this.clusterView == null) {
@@ -162,6 +169,25 @@ public class DefaultInstanceDescriptionI
if (properties == null) {
throw new IllegalArgumentException("properties must not be null");
}
- this.properties = properties;
+ this.properties = filterValidProperties(properties);
}
+
+ /** SLING-2883 : filter (pass-through) valid properties only **/
+ private Map<String, String> filterValidProperties(
+ Map<String, String> rawProps) {
+ if (rawProps==null) {
+ return null;
+ }
+
+ final HashMap<String, String> filteredProps = new
HashMap<String, String>();
+ final Set<Entry<String, String>> entries = rawProps.entrySet();
+ final Iterator<Entry<String, String>> it = entries.iterator();
+ while(it.hasNext()) {
+ final Entry<String, String> anEntry = it.next();
+ if
(ResourceHelper.isValidPropertyName(anEntry.getKey())) {
+ filteredProps.put(anEntry.getKey(),
anEntry.getValue());
+ }
+ }
+ return filteredProps;
+ }
}
Modified:
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/resource/ResourceHelper.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/resource/ResourceHelper.java?rev=1486587&r1=1486586&r2=1486587&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/resource/ResourceHelper.java
(original)
+++
sling/trunk/bundles/extensions/discovery/impl/src/main/java/org/apache/sling/discovery/impl/common/resource/ResourceHelper.java
Mon May 27 12:05:55 2013
@@ -85,4 +85,12 @@ public class ResourceHelper {
}
}
+ /** SLING-2883 : properly test for valid property names **/
+ public static boolean isValidPropertyName(String name) {
+ if (name==null || name.length()==0) {
+ return false;
+ }
+ return name.matches("[a-zA-Z0-9._-]+");
+ }
+
}
Modified:
sling/trunk/bundles/extensions/discovery/impl/src/test/java/org/apache/sling/discovery/impl/cluster/SingleInstanceTest.java
URL:
http://svn.apache.org/viewvc/sling/trunk/bundles/extensions/discovery/impl/src/test/java/org/apache/sling/discovery/impl/cluster/SingleInstanceTest.java?rev=1486587&r1=1486586&r2=1486587&view=diff
==============================================================================
---
sling/trunk/bundles/extensions/discovery/impl/src/test/java/org/apache/sling/discovery/impl/cluster/SingleInstanceTest.java
(original)
+++
sling/trunk/bundles/extensions/discovery/impl/src/test/java/org/apache/sling/discovery/impl/cluster/SingleInstanceTest.java
Mon May 27 12:05:55 2013
@@ -115,7 +115,32 @@ public class SingleInstanceTest {
.getInstances().get(0)
.getProperty(UUID.randomUUID().toString()));
}
+
+ @Test
+ public void testInvalidProperties() throws Throwable {
+ final String propertyValue = UUID.randomUUID().toString();
+ doTestProperty(UUID.randomUUID().toString(), propertyValue,
propertyValue);
+
+ doTestProperty("", propertyValue, null);
+ doTestProperty("-", propertyValue, propertyValue);
+ doTestProperty("_", propertyValue, propertyValue);
+ doTestProperty("jcr:" + UUID.randomUUID().toString(), propertyValue,
null);
+ doTestProperty("var/" + UUID.randomUUID().toString(), propertyValue,
null);
+ doTestProperty(UUID.randomUUID().toString() + "@test", propertyValue,
null);
+ doTestProperty(UUID.randomUUID().toString() + "!test", propertyValue,
null);
+ }
+ private void doTestProperty(final String propertyName,
+ final String propertyValue,
+ final String expectedPropertyValue) throws Throwable {
+ PropertyProviderImpl pp = new PropertyProviderImpl();
+ pp.setProperty(propertyName, propertyValue);
+ instance.bindPropertyProvider(pp, propertyName);
+ assertEquals(expectedPropertyValue,
+ instance.getClusterViewService().getClusterView()
+ .getInstances().get(0).getProperty(propertyName));
+ }
+
@Test
public void testTopologyEventListeners() throws Throwable {
instance.runHeartbeatOnce();
