Author: henrib Date: Fri Aug 12 13:27:18 2011 New Revision: 1157096 URL: http://svn.apache.org/viewvc?rev=1157096&view=rev Log: Added aliasing to white-list (ie a way to expose a different name for properties and methods to users)
Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java commons/proper/jexl/trunk/src/test/java/org/apache/commons/jexl2/SandboxTest.java Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java URL: http://svn.apache.org/viewvc/commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java?rev=1157096&r1=1157095&r2=1157096&view=diff ============================================================================== --- commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java (original) +++ commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java Fri Aug 12 13:27:18 2011 @@ -81,36 +81,62 @@ public class Sandbox { * A base set of names. */ public abstract static class Names { - /** The set of controlled names. */ - protected Set<String> names = null; - /** * Adds a name to this set. * @param name the name to add * @return true if the name was really added, false if it was already present */ - private boolean add(String name) { - if (names == null) { - names = new HashSet<String>(); - } - return names.add(name); + public abstract boolean add(String name); + + /** + * Adds an alias to a name to this set. + * <p>This only has an effect on white lists.</p> + * @param name the name to alias + * @param alias the alias + * @return true if the alias was added, false if it was already present + */ + public boolean alias(String name, String alias) { + return false; } /** * Whether a given name is allowed or not. * @param name the method/property name to check - * @return true if allowed, false if forbidden + * @return null if not allowed, the actual name to use otherwise */ - public abstract boolean allows(String name); + public abstract String get(String name); } /** * A white set of names. */ public static class WhiteSet extends Names { + /** The set of controlled names. */ + protected Map<String,String> names = null; + + @Override + public boolean add(String name) { + if (names == null) { + names = new HashMap<String,String>(); + } + return names.put(name,name) == null; + } + @Override - public boolean allows(String name) { - return names == null || names.contains(name); + public boolean alias(String name, String alias) { + if (names == null) { + names = new HashMap<String,String>(); + } + return names.put(alias,name) == null; + } + + @Override + public String get(String name) { + if (names == null) { + return name; + } else { + return names.get(name); + } } } @@ -118,9 +144,20 @@ public class Sandbox { * A black set of names. */ public static class BlackSet extends Names { + /** The set of controlled names. */ + protected Set<String> names = null; + @Override - public boolean allows(String name) { - return names != null && !names.contains(name); + public boolean add(String name) { + if (names == null) { + names = new HashSet<String>(); + } + return names.add(name); + } + + @Override + public String get(String name) { + return names != null && !names.contains(name)? name : null; } } @@ -158,6 +195,7 @@ public class Sandbox { } return this; } + /** * Adds a list of writeable property names to these permissions. * @param pnames the property names @@ -224,7 +262,7 @@ public class Sandbox { } /** - * Creates the set of permissions based on white lists for methods and properties for a given class. + * Creates a new set of permissions based on white lists for methods and properties for a given class. * @param clazz the whitened class name * @return the permissions instance */ @@ -233,7 +271,7 @@ public class Sandbox { } /** - * Creates the set of permissions based on black lists for methods and properties for a given class. + * Creates a new set of permissions based on black lists for methods and properties for a given class. * @param clazz the blackened class name * @return the permissions instance */ Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java URL: http://svn.apache.org/viewvc/commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java?rev=1157096&r1=1157095&r2=1157096&view=diff ============================================================================== --- commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java (original) +++ commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java Fri Aug 12 13:27:18 2011 @@ -65,7 +65,7 @@ public class SandboxUberspectImpl extend return null; } Sandbox.Permissions box = sandbox.get(className); - if (box == null || box.execute().allows("")) { + if (box == null || box.execute().get("") != null) { return getConstructor(className, args); } return null; @@ -76,12 +76,15 @@ public class SandboxUberspectImpl extend */ @Override public JexlMethod getMethod(Object obj, String method, Object[] args, JexlInfo info) { - if (obj != null) { + if (obj != null && method != null) { Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - if (box == null || box.execute().allows(method)) { - return getMethodExecutor(obj, method, args); + String actual = method; + if (box != null) { + actual = box.execute().get(actual); + } + if (actual != null) { + return getMethodExecutor(obj, actual, args); } - } return null; } @@ -91,10 +94,14 @@ public class SandboxUberspectImpl extend */ @Override public JexlPropertyGet getPropertyGet(Object obj, Object identifier, JexlInfo info) { - if (obj != null) { + if (obj != null && identifier != null) { Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - if (box == null || box.read().allows(identifier.toString())) { - return super.getPropertyGet(obj, identifier, info); + String actual = identifier.toString(); + if (box != null) { + actual = box.read().get(actual); + } + if (actual != null) { + return super.getPropertyGet(obj, actual, info); } } return null; @@ -105,10 +112,14 @@ public class SandboxUberspectImpl extend */ @Override public JexlPropertySet getPropertySet(final Object obj, final Object identifier, Object arg, JexlInfo info) { - if (obj != null) { + if (obj != null && identifier != null) { Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - if (box == null || box.write().allows(identifier.toString())) { - return super.getPropertySet(obj, identifier, arg, info); + String actual = identifier.toString(); + if (box != null) { + actual = box.write().get(actual); + } + if (actual != null) { + return super.getPropertySet(obj, actual, arg, info); } } return null; Modified: commons/proper/jexl/trunk/src/test/java/org/apache/commons/jexl2/SandboxTest.java URL: http://svn.apache.org/viewvc/commons/proper/jexl/trunk/src/test/java/org/apache/commons/jexl2/SandboxTest.java?rev=1157096&r1=1157095&r2=1157096&view=diff ============================================================================== --- commons/proper/jexl/trunk/src/test/java/org/apache/commons/jexl2/SandboxTest.java (original) +++ commons/proper/jexl/trunk/src/test/java/org/apache/commons/jexl2/SandboxTest.java Fri Aug 12 13:27:18 2011 @@ -185,6 +185,7 @@ public class SandboxTest extends JexlTes Sandbox sandbox = new Sandbox(); sandbox.white(Foo.class.getName()).read("alias"); + sandbox.get(Foo.class.getName()).read().alias("alias", "ALIAS"); Uberspect uber = new SandboxUberspectImpl(null, sandbox); JexlEngine sjexl = new JexlEngine(uber, null, null, null); sjexl.setStrict(true); @@ -192,6 +193,10 @@ public class SandboxTest extends JexlTes script = sjexl.createScript(expr, "foo"); result = script.execute(null, foo); assertEquals(foo.alias, result); + + script = sjexl.createScript("foo.ALIAS", "foo"); + result = script.execute(null, foo); + assertEquals(foo.alias, result); } public void testSetWhite() throws Exception {