How to use isAllowedClass method of org.cerberus.service.groovy.impl.RestrictiveGroovyInterceptor class

Best Cerberus-source code snippet using org.cerberus.service.groovy.impl.RestrictiveGroovyInterceptor.isAllowedClass

Source:RestrictiveGroovyInterceptor.java Github

copy

Full Screen

...188 }189 @Override190 public Object onStaticCall(Invoker invoker, @SuppressWarnings("rawtypes") Class receiver,191 String method, Object... args) throws Throwable {192 if (isAllowedClass(receiver) || isScriptClass(receiver)) {193 return super.onStaticCall(invoker, receiver, method, args);194 } else {195 throw new GroovyRestrictionException("using class " + receiver.getSimpleName()196 + " is not allowed!");197 }198 }199 @Override200 public Object onNewInstance(Invoker invoker, @SuppressWarnings("rawtypes") Class receiver,201 Object... args) throws Throwable {202 // classes defined in the script would be okay, sadly it is not possible203 // to identify those?204 if (isAllowedClass(receiver) || isScriptClass(receiver)) {205 return super.onNewInstance(invoker, receiver, args);206 } else {207 throw new GroovyRestrictionException("using class " + receiver.getSimpleName()208 + " is not allowed!");209 }210 }211 @Override212 public Object onMethodCall(Invoker invoker, Object receiver, String method, Object... args)213 throws Throwable {214 if (disallowedMethods.contains(method)) {215 throw new GroovyRestrictionException("using methods named " + method216 + " is not allowed in Groovy transformations!");217 } else if (receiver instanceof Closure && disallowedClosureMethods.contains(method)) {218 throw new GroovyRestrictionException("using the closure method " + method219 + " is not allowed in Groovy transformations!");220 }221 // Return value doesn't matter!222 // true -> allowed delegation found223 // false -> no disallowed delegation found224 checkMethodCall(receiver, method);225 return super.onMethodCall(invoker, receiver, method, args);226 }227 private boolean checkMethodCall(Object receiver, String method)228 throws GroovyRestrictionException {229 if (receiver instanceof Closure) {230 // Closure method names were tested before.231 Closure<?> closure = (Closure<?>) receiver;232 Object owner = closure.getOwner();233 Object delegate = closure.getDelegate();234 int rs = closure.getResolveStrategy();235 // Check owner first.236 if (rs == Closure.OWNER_FIRST || rs == Closure.OWNER_ONLY) {237 if (checkMethodCall(owner, method)) {238 return true;239 }240 }241 // Check delegate first/second.242 if (rs == Closure.OWNER_FIRST || rs == Closure.DELEGATE_FIRST243 || rs == Closure.DELEGATE_ONLY) {244 if (delegate != null && delegate != closure) {245 if (checkMethodCall(delegate, method)) {246 return true;247 }248 }249 }250 // Check owner second.251 if (rs == Closure.DELEGATE_FIRST) {252 if (checkMethodCall(owner, method)) {253 return true;254 }255 }256 // Cannot be 100% sure whether the call will be handled by257 // delegation to this closure.258 return false;259 } else if (isAllowedClass(receiver.getClass())) {260 checkExecute(receiver, method);261 return instanceAllAllowedClasses.contains(receiver.getClass())262 || !InvokerHelper.getMetaClass(receiver).respondsTo(receiver, method).isEmpty();263 } else if (isScriptClass(receiver.getClass()) && !disallowedScriptMethods.contains(method)) {264 return !InvokerHelper.getMetaClass(receiver).respondsTo(receiver, method).isEmpty();265 }266 throw new GroovyRestrictionException("Possible access of method " + method + " on class "267 + receiver.getClass().getSimpleName()268 + " is not allowed in Groovy transformations!");269 }270 /**271 * Checks for an execute call on List, String, String[] and GString.272 *273 * @param receiver the receiver object274 * @param method the method name275 */276 private void checkExecute(Object receiver, String method) {277 if ("execute".equals(method)) {278 if (receiver instanceof List || receiver instanceof String279 || receiver.getClass().isArray() || receiver instanceof String[]280 || receiver instanceof GString) {281 throw new GroovyRestrictionException(282 "Possible access of method execute on List, String, String[] and GString is not allowed in Groovy transformations!");283 }284 }285 }286 private boolean isScriptClass(Class<?> receiver) {287 // while-doesn't really do anything, because Groovy extracts classes288 // defined in scripts as stand-alone classes.289// while (receiver.getEnclosingClass() != null)290// receiver = receiver.getEnclosingClass();291 return Script.class.isAssignableFrom(receiver);292 }293 @Override294 public Object onGetProperty(Invoker invoker, Object receiver, String property) throws Throwable {295 if (receiver instanceof Class<?> && isAllowedClass((Class<?>) receiver)296 && !"class".equals(property)) {297 return super.onGetProperty(invoker, receiver, property);298 }299 checkPropertyAccess(receiver, property, false);300 return super.onGetProperty(invoker, receiver, property);301 }302 @Override303 public Object onSetProperty(Invoker invoker, Object receiver, String property, Object value)304 throws Throwable {305 if (disallowedWriteProperties.contains(property)) {306 throw new GroovyRestrictionException("setting the property " + property307 + " is not allowed in Groovy transformations!");308 }309 if (receiver instanceof Closure && disallowedClosureWriteProperties.contains(property)) {310 throw new GroovyRestrictionException("setting the closure property " + property311 + " is not allowed in Groovy transformations!");312 }313 checkPropertyAccess(receiver, property, true);314 return super.onSetProperty(invoker, receiver, property, value);315 }316 private boolean checkPropertyAccess(Object receiver, String property, boolean set)317 throws GroovyRestrictionException {318 if (receiver instanceof Closure) {319 // Closure properties were tested before.320 Closure<?> closure = (Closure<?>) receiver;321 Object owner = closure.getOwner();322 Object delegate = closure.getDelegate();323 int rs = closure.getResolveStrategy();324 // Check owner first.325 if (rs == Closure.OWNER_FIRST || rs == Closure.OWNER_ONLY) {326 if (checkPropertyAccess(owner, property, set)) {327 return true;328 }329 }330 // Check delegate first/second.331 if (rs == Closure.OWNER_FIRST || rs == Closure.DELEGATE_FIRST332 || rs == Closure.DELEGATE_ONLY) {333 if (delegate != null && delegate != closure) {334 if (checkPropertyAccess(delegate, property, set)) {335 return true;336 }337 }338 }339 // Check owner second.340 if (rs == Closure.DELEGATE_FIRST) {341 if (checkPropertyAccess(owner, property, set)) {342 return true;343 }344 }345 // Cannot be 100% sure whether the property will be handled by346 // delegation to this closure.347 return false;348 } else if (instanceAllAllowedClasses.contains(receiver.getClass())) {349 return true;350 } else if (isAllowedClass(receiver.getClass())) {351 return hasProperty(receiver, property);352 } else if (isScriptClass(receiver.getClass())353 && (!set || !disallowedScriptWriteProperties.contains(property))) {354 return hasProperty(receiver, property);355 }356 throw new GroovyRestrictionException("Possible " + (set ? "write " : "")357 + "access of property " + property + " on class "358 + receiver.getClass().getSimpleName()359 + " is not allowed in Groovy transformations!");360 }361 @Override362 public Object onGetAttribute(Invoker invoker, Object receiver, String attribute)363 throws Throwable {364 checkPropertyAccess(receiver, attribute, false);365 return super.onGetAttribute(invoker, receiver, attribute);366 }367 @Override368 public Object onSetAttribute(Invoker invoker, Object receiver, String attribute, Object value)369 throws Throwable {370 if (disallowedWriteProperties.contains(attribute)) {371 throw new GroovyRestrictionException("setting the property " + attribute372 + " is not allowed in Groovy transformations!");373 }374 if (receiver instanceof Closure && disallowedClosureWriteProperties.contains(attribute)) {375 throw new GroovyRestrictionException("setting the closure property " + attribute376 + " is not allowed in Groovy transformations!");377 }378 checkPropertyAccess(receiver, attribute, true);379 return super.onSetAttribute(invoker, receiver, attribute, value);380 }381 @Override382 public Object onGetArray(Invoker invoker, Object receiver, Object index) throws Throwable {383 // generally allow array access for now384 return super.onGetArray(invoker, receiver, index);385 }386 @Override387 public Object onSetArray(Invoker invoker, Object receiver, Object index, Object value)388 throws Throwable {389 // generally allow array access for now390 return super.onSetArray(invoker, receiver, index, value);391 }392 private static boolean hasProperty(Object object, String property) {393 if (InvokerHelper.getMetaClass(object).hasProperty(object, property) != null) {394 return true;395 }396 // The only way to be sure whether something is handled as a property in397 // Groovy is to actually get it and catch a MissingPropertyException.398 // But this actually accesses the property (-> side effects?)!399 // Here this is no problem, since we only disallow some write access...400 // The only allowed class with side effects should be InstanceAccessor,401 // which is in "allAllowedClasses" and thus shouldn't reach here402 try {403 InvokerHelper.getProperty(object, property);404 return true;405 } catch (MissingPropertyException e) {406 return false;407 }408 }409 private boolean isAllowedClass(Class<?> clazz) {410 // instanceAllowedClasses.add needs to be synchronized, as internal411 // state changes.412 // .contains does not need to be synchronized, worst case would be that413 // an element is added several times then, which doesn't matter.414 if (instanceAllowedClasses.contains(clazz)) {415 return true;416 }417 // allow accessing arrays in general418 // (calls like execute are disallowed by another mechanism)419 if (clazz.isArray()) {420 return true;421 }422 // allow nested classes of allowed classes423 Class<?> topLevelClass = clazz;...

Full Screen

Full Screen

isAllowedClass

Using AI Code Generation

copy

Full Screen

1if (!isAllowedClass('org.cerberus.service.groovy.impl.GroovyService')) {2 throw new RuntimeException("Class not allowed")3}4if (!isAllowedMethod('org.cerberus.service.groovy.impl.GroovyService', 'execute')) {5 throw new RuntimeException("Method not allowed")6}7if (!isAllowedField('org.cerberus.service.groovy.impl.GroovyService', 'logEventService')) {8 throw new RuntimeException("Field not allowed")9}10if (!isAllowedClass('org.cerberus.service.groovy.impl.GroovyService')) {11 throw new RuntimeException("Class not allowed")12}13if (!isAllowedMethod('org.cerberus.service.groovy.impl.GroovyService', 'execute')) {14 throw new RuntimeException("Method not allowed")15}16if (!isAllowedField('org.cerberus.service.groovy.impl.GroovyService', 'logEventService')) {17 throw new RuntimeException("Field not allowed")18}19if (!isAllowedClass('org.cerberus.service.groovy.impl.GroovyService')) {20 throw new RuntimeException("Class not allowed")21}22if (!isAllowedMethod('org.cerberus.service.groovy.impl.GroovyService', 'execute')) {23 throw new RuntimeException("Method not allowed")24}25if (!isAllowedField('org.cerberus.service.groovy.impl.GroovyService', 'logEventService')) {26 throw new RuntimeException("Field not allowed")27}28if (!is

Full Screen

Full Screen

isAllowedClass

Using AI Code Generation

copy

Full Screen

1import org.cerberus.engine.entity.MessageEvent2def isAllowedClass(obj){3}4def execute(obj){5 log.debug("Script executed with object " + obj.toString())6}7def execute(){8 log.debug("Script executed")9}

Full Screen

Full Screen

Automation Testing Tutorials

Learn to execute automation testing from scratch with LambdaTest Learning Hub. Right from setting up the prerequisites to run your first automation test, to following best practices and diving deeper into advanced test scenarios. LambdaTest Learning Hubs compile a list of step-by-step guides to help you be proficient with different test automation frameworks i.e. Selenium, Cypress, TestNG etc.

LambdaTest Learning Hubs:

YouTube

You could also refer to video tutorials over LambdaTest YouTube channel to get step by step demonstration from industry experts.

Run Cerberus-source automation tests on LambdaTest cloud grid

Perform automation testing on 3000+ real desktop and mobile devices online.

Try LambdaTest Now !!

Get 100 minutes of automation test minutes FREE!!

Next-Gen App & Browser Testing Cloud

Was this article helpful?

Helpful

NotHelpful