Author: henrib Date: Wed Aug 24 15:13:39 2011 New Revision: 1161146 URL: http://svn.apache.org/viewvc?rev=1161146&view=rev Log: Improved usability
Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java URL: http://svn.apache.org/viewvc/commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java?rev=1161146&r1=1161145&r2=1161146&view=diff ============================================================================== --- commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java (original) +++ commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/Sandbox.java Wed Aug 24 15:13:39 2011 @@ -56,38 +56,113 @@ import java.util.Set; * * @since 2.1 */ -public class Sandbox { +public final class Sandbox { /** * The map from class names to permissions. */ private final Map<String, Permissions> sandbox; - + /** * Creates a new default sandbox. */ public Sandbox() { - sandbox = new HashMap<String, Permissions>(); + this(new HashMap<String, Permissions>()); } /** * Creates a sandbox based on an existing permissions map. * @param map the permissions map */ - private Sandbox(Map<String, Permissions> map) { + protected Sandbox(Map<String, Permissions> map) { sandbox = map; } /** + * Gets the read permission value for a given property of a class. + * @param clazz the class + * @param name the property name + * @return null if not allowed, the name of the property to use otherwise + */ + public String read(Class<?> clazz, String name) { + return read(clazz.getName(), name); + } + + /** + * Gets the read permission value for a given property of a class. + * @param clazz the class name + * @param name the property name + * @return null if not allowed, the name of the property to use otherwise + */ + public String read(String clazz, String name) { + Permissions permissions = sandbox.get(clazz); + if (permissions == null) { + return name; + } else { + return permissions.read().get(name); + } + } + + /** + * Gets the write permission value for a given property of a class. + * @param clazz the class + * @param name the property name + * @return null if not allowed, the name of the property to use otherwise + */ + public String write(Class<?> clazz, String name) { + return write(clazz.getName(), name); + } + + /** + * Gets the write permission value for a given property of a class. + * @param clazz the class name + * @param name the property name + * @return null if not allowed, the name of the property to use otherwise + */ + public String write(String clazz, String name) { + Permissions permissions = sandbox.get(clazz); + if (permissions == null) { + return name; + } else { + return permissions.write().get(name); + } + } + + /** + * Gets the execute permission value for a given method of a class. + * @param clazz the class + * @param name the method name + * @return null if not allowed, the name of the method to use otherwise + */ + public String execute(Class<?> clazz, String name) { + return execute(clazz.getName(), name); + } + + /** + * Gets the execute permission value for a given method of a class. + * @param clazz the class name + * @param name the method name + * @return null if not allowed, the name of the method to use otherwise + */ + public String execute(String clazz, String name) { + Permissions permissions = sandbox.get(clazz); + if (permissions == null) { + return name; + } else { + return permissions.execute().get(name); + } + } + + /** * A base set of names. */ public abstract static class Names { /** * Adds a name to this set. * @param name the name to add - * @return true if the name was really added, false if it was already present + * @return true if the name was really added, false if not */ public abstract boolean add(String name); - + /** * Adds an alias to a name to this set. * <p>This only has an effect on white lists.</p> @@ -104,32 +179,43 @@ public class Sandbox { * @param name the method/property name to check * @return null if not allowed, the actual name to use otherwise */ - public abstract String get(String name); + public String get(String name) { + return name; + } } + /** + * The pass-thru name set. + */ + private static final Names WHITE_NAMES = new Names() { + @Override + public boolean add(String name) { + return false; + } + }; /** * A white set of names. */ - public static class WhiteSet extends Names { - /** The set of controlled names. */ - protected Map<String,String> names = null; - + public static final class WhiteSet extends Names { + /** The map of controlled names and aliases. */ + protected Map<String, String> names = null; + @Override public boolean add(String name) { if (names == null) { - names = new HashMap<String,String>(); + names = new HashMap<String, String>(); } - return names.put(name,name) == null; + return names.put(name, name) == null; } - + @Override public boolean alias(String name, String alias) { if (names == null) { - names = new HashMap<String,String>(); + names = new HashMap<String, String>(); } - return names.put(alias,name) == null; + return names.put(alias, name) == null; } - + @Override public String get(String name) { if (names == null) { @@ -143,10 +229,10 @@ public class Sandbox { /** * A black set of names. */ - public static class BlackSet extends Names { + public static final class BlackSet extends Names { /** The set of controlled names. */ protected Set<String> names = null; - + @Override public boolean add(String name) { if (names == null) { @@ -157,14 +243,14 @@ public class Sandbox { @Override public String get(String name) { - return names != null && !names.contains(name)? name : null; + return names != null && !names.contains(name) ? name : null; } } /** * Contains the white or black lists for properties and methods for a given class. */ - public static class Permissions { + public static final class Permissions { /** The controlled readable properties. */ private final Names read; /** The controlled writeable properties. */ @@ -179,9 +265,21 @@ public class Sandbox { * @param executeFlag whether the method list is white of black */ Permissions(boolean readFlag, boolean writeFlag, boolean executeFlag) { - this.read = readFlag ? new WhiteSet() : new BlackSet(); - this.write = writeFlag ? new WhiteSet() : new BlackSet(); - this.execute = executeFlag ? new WhiteSet() : new BlackSet(); + this(readFlag ? new WhiteSet() : new BlackSet(), + writeFlag ? new WhiteSet() : new BlackSet(), + executeFlag ? new WhiteSet() : new BlackSet()); + } + + /** + * Creates a new permissions instance. + * @param nread the read set + * @param nwrite the write set + * @param nexecute the method set + */ + Permissions(Names nread, Names nwrite, Names nexecute) { + this.read = nread != null ? nread : WHITE_NAMES; + this.write = nwrite != null ? nwrite : WHITE_NAMES; + this.execute = nexecute != null ? nexecute : WHITE_NAMES; } /** @@ -195,7 +293,7 @@ public class Sandbox { } return this; } - + /** * Adds a list of writeable property names to these permissions. * @param pnames the property names @@ -228,7 +326,7 @@ public class Sandbox { public Names read() { return read; } - + /** * Gets the set of writeable property names in these permissions. * @return the set of property names @@ -236,7 +334,7 @@ public class Sandbox { public Names write() { return write; } - + /** * Gets the set of method names in these permissions. * @return the set of method names @@ -244,16 +342,20 @@ public class Sandbox { public Names execute() { return execute; } - } + + /** + * The pass-thru permissions. + */ + private static final Permissions ALL_WHITE = new Permissions(WHITE_NAMES, WHITE_NAMES, WHITE_NAMES); /** * Creates the set of permissions for a given class. * @param clazz the class for which these permissions apply - * @param readFlag whether the readable property list is white or black - * @param writeFlag whether the writeable property list is white or black - * @param executeFlag whether the executable method list is white or black - * @return the + * @param readFlag whether the readable property list is white - true - or black - false - + * @param writeFlag whether the writeable property list is white - true - or black - false - + * @param executeFlag whether the executable method list is white white - true - or black - false - + * @return the set of permissions */ public Permissions permissions(String clazz, boolean readFlag, boolean writeFlag, boolean executeFlag) { Permissions box = new Permissions(readFlag, writeFlag, executeFlag); @@ -282,9 +384,14 @@ public class Sandbox { /** * Gets the set of permissions associated to a class. * @param clazz the class name - * @return the permissions or null if none were defined + * @return the defined permissions or an all-white permission instance if none were defined */ public Permissions get(String clazz) { - return sandbox.get(clazz); + Permissions permissions = sandbox.get(clazz); + if (permissions == null) { + return ALL_WHITE; + } else { + return permissions; + } } } Modified: commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java URL: http://svn.apache.org/viewvc/commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java?rev=1161146&r1=1161145&r2=1161146&view=diff ============================================================================== --- commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java (original) +++ commons/proper/jexl/trunk/src/main/java/org/apache/commons/jexl2/introspection/SandboxUberspectImpl.java Wed Aug 24 15:13:39 2011 @@ -16,7 +16,6 @@ */ package org.apache.commons.jexl2.introspection; -import java.lang.reflect.Constructor; import org.apache.commons.jexl2.JexlInfo; import org.apache.commons.logging.Log; @@ -53,20 +52,18 @@ public class SandboxUberspectImpl extend * {@inheritDoc} */ @Override - public Constructor<?> getConstructor(Object ctorHandle, Object[] args, JexlInfo info) { + public JexlMethod getConstructor(Object ctorHandle, Object[] args, JexlInfo info) { String className = null; - Class<?> clazz = null; if (ctorHandle instanceof Class<?>) { - clazz = (Class<?>) ctorHandle; + Class<?> clazz = (Class<?>) ctorHandle; className = clazz.getName(); } else if (ctorHandle != null) { className = ctorHandle.toString(); } else { return null; } - Sandbox.Permissions box = sandbox.get(className); - if (box == null || box.execute().get("") != null) { - return getConstructor(className, args); + if (sandbox.execute(className, "") != null) { + return super.getConstructor(className, args, info); } return null; } @@ -77,11 +74,7 @@ public class SandboxUberspectImpl extend @Override public JexlMethod getMethod(Object obj, String method, Object[] args, JexlInfo info) { if (obj != null && method != null) { - Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - String actual = method; - if (box != null) { - actual = box.execute().get(actual); - } + String actual = sandbox.execute(obj.getClass().getName(), method); if (actual != null) { return getMethodExecutor(obj, actual, args); } @@ -95,11 +88,7 @@ public class SandboxUberspectImpl extend @Override public JexlPropertyGet getPropertyGet(Object obj, Object identifier, JexlInfo info) { if (obj != null && identifier != null) { - Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - String actual = identifier.toString(); - if (box != null) { - actual = box.read().get(actual); - } + String actual = sandbox.read(obj.getClass().getName(), identifier.toString()); if (actual != null) { return super.getPropertyGet(obj, actual, info); } @@ -113,11 +102,7 @@ public class SandboxUberspectImpl extend @Override public JexlPropertySet getPropertySet(final Object obj, final Object identifier, Object arg, JexlInfo info) { if (obj != null && identifier != null) { - Sandbox.Permissions box = sandbox.get(obj.getClass().getName()); - String actual = identifier.toString(); - if (box != null) { - actual = box.write().get(actual); - } + String actual = sandbox.write(obj.getClass().getName(), identifier.toString()); if (actual != null) { return super.getPropertySet(obj, actual, arg, info); }