lukaszlenart opened a new pull request, #1413:
URL: https://github.com/apache/struts/pull/1413
## Summary
Implements dynamic parameter evaluation for file upload validation in
`ActionFileUploadInterceptor` by adding support for the `WithLazyParams`
interface. This enables runtime evaluation of `${...}` expressions for
validation rules, allowing file upload constraints to be determined dynamically
based on action properties, session data, or other runtime values.
**JIRA:** https://issues.apache.org/jira/browse/WW-5585
## Changes
### Core Implementation
- **ActionFileUploadInterceptor**: Added `implements WithLazyParams` to
enable lazy parameter injection
- **Comprehensive JavaDoc**: Documented both static and dynamic
configuration approaches with examples
- **No breaking changes**: Existing static configurations continue to work
unchanged
### Testing
- Added 7 new unit tests for dynamic parameter evaluation scenarios:
- Dynamic parameter evaluation with ValueStack
- Per-request parameter changes
- Dynamic file extension validation
- Dynamic file size validation
- Dynamic security validation
- Dynamic wildcard extension matching
- Interface implementation verification
- All 23 tests pass successfully (16 existing + 7 new)
### Showcase Example
- **DynamicFileUploadAction**: Demonstrates runtime configuration with two
upload modes
- Document mode: PDF/Word files, 5MB limit
- Image mode: JPEG/PNG files, 2MB limit
- **JSP pages**: Upload form and success page showing dynamic validation
rules
- **Configuration**: Uses `${uploadConfig.*}` expressions in
struts-fileupload.xml
## Technical Details
The implementation leverages Struts' existing `WithLazyParams` marker
interface and `LazyParamInjector` framework:
1. Action's `prepare()` method sets up configuration based on user input
2. Framework evaluates `${...}` expressions against ValueStack at runtime
3. Interceptor receives evaluated parameters before file processing
4. Validation rules apply dynamically per request
## Example Configuration
```xml
<action name="doDynamicUpload"
class="org.apache.struts2.showcase.fileupload.DynamicFileUploadAction"
method="upload">
<interceptor-ref name="defaultStack">
<param
name="actionFileUpload.allowedTypes">${uploadConfig.allowedMimeTypes}</param>
<param
name="actionFileUpload.allowedExtensions">${uploadConfig.allowedExtensions}</param>
<param
name="actionFileUpload.maximumSize">${uploadConfig.maxFileSize}</param>
</interceptor-ref>
<result name="input">/WEB-INF/fileupload/dynamic-upload.jsp</result>
<result>/WEB-INF/fileupload/dynamic-upload-success.jsp</result>
</action>
```
## Benefits
- Zero breaking changes for existing configurations
- Minimal code change (single interface addition)
- Maintains all existing security features
- Enables dynamic validation rules based on runtime context
- Comprehensive test coverage for new functionality
## Test Plan
- [x] All existing tests pass
- [x] New tests verify dynamic parameter evaluation
- [x] Showcase example demonstrates practical usage
- [x] No regression in static configuration behavior
🤖 Generated with [Claude Code](https://claude.com/claude-code)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
