[ https://issues.apache.org/jira/browse/JEXL-253?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Henri Biestro closed JEXL-253. ------------------------------ > Permissions by super type in JexlSandbox > ---------------------------------------- > > Key: JEXL-253 > URL: https://issues.apache.org/jira/browse/JEXL-253 > Project: Commons JEXL > Issue Type: New Feature > Affects Versions: 3.1 > Reporter: Woonsan Ko > Assignee: Henri Biestro > Priority: Major > Fix For: 3.2 > > > At the moment, the permissions in {{JexlSandbox}} takes the object's class > name only into the consideration. So, if someone adds {{java.util.Set}} into > the white list, but if the real object is an empty set > ({{Collections.emptySet()}}), then it cannot allow invocations on > {{#contains(Object)}} operation, for instance. > I think it would be very convenient if it optionally allows to set whites or > blacks based on super type (interfaces or base classes). > To minimize the effort, I'd suggest adding > {{JexlSandbox#permissionsByType(Class<?> type, ...)}}, where the {{type}} > means the object type or any super types. > So, if {{JexlSandbox#permissionsByType(java.util.Set.class, ...)}}, then any > invocations on any concrete {{java.util.Set}} objects will be affected by > that. > Related e-mail thread: "[JEXL] white list classes, not by interfaces?" > (10/19/17). -- This message was sent by Atlassian Jira (v8.3.4#803005)