Java Code Examples for org.apache.commons.jexl3.JexlEngine#createScript()
The following examples show how to use
org.apache.commons.jexl3.JexlEngine#createScript() .
You can vote up the ones you like or vote down the ones you don't like,
and go to the original project or source file by following the links above each example. You may check out the related API usage on the sidebar.
Example 1
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testCtorBlock() throws Exception {
String expr = "new('" + Foo.class.getName() + "', '42')";
JexlScript script = JEXL.createScript(expr);
Object result;
result = script.execute(null);
Assert.assertEquals("42", ((Foo) result).getName());
JexlSandbox sandbox = new JexlSandbox();
sandbox.block(Foo.class.getName()).execute("");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr);
try {
result = script.execute(null);
Assert.fail("ctor should not be accessible");
} catch (JexlException.Method xmethod) {
// ok, ctor should not have been accessible
LOGGER.info(xmethod.toString());
}
}
Example 2
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testMethodBlock() throws Exception {
String expr = "foo.Quux()";
JexlScript script = JEXL.createScript(expr, "foo");
Foo foo = new Foo("42");
Object result;
result = script.execute(null, foo);
Assert.assertEquals(foo.Quux(), result);
JexlSandbox sandbox = new JexlSandbox();
sandbox.block(Foo.class.getName()).execute("Quux");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr, "foo");
try {
result = script.execute(null, foo);
Assert.fail("Quux should not be accessible");
} catch (JexlException.Method xmethod) {
// ok, Quux should not have been accessible
LOGGER.info(xmethod.toString());
}
}
Example 3
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testGetBlock() throws Exception {
String expr = "foo.alias";
JexlScript script = JEXL.createScript(expr, "foo");
Foo foo = new Foo("42");
Object result;
result = script.execute(null, foo);
Assert.assertEquals(foo.alias, result);
JexlSandbox sandbox = new JexlSandbox();
sandbox.block(Foo.class.getName()).read("alias");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr, "foo");
try {
result = script.execute(null, foo);
Assert.fail("alias should not be accessible");
} catch (JexlException.Property xvar) {
// ok, alias should not have been accessible
LOGGER.info(xvar.toString());
}
}
Example 4
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testSetBlock() throws Exception {
String expr = "foo.alias = $0";
JexlScript script = JEXL.createScript(expr, "foo", "$0");
Foo foo = new Foo("42");
Object result;
result = script.execute(null, foo, "43");
Assert.assertEquals("43", result);
JexlSandbox sandbox = new JexlSandbox();
sandbox.block(Foo.class.getName()).write("alias");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr, "foo", "$0");
try {
result = script.execute(null, foo, "43");
Assert.fail("alias should not be accessible");
} catch (JexlException.Property xvar) {
// ok, alias should not have been accessible
LOGGER.info(xvar.toString());
}
}
Example 5
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testCantSeeMe() throws Exception {
JexlContext jc = new MapContext();
String expr = "foo.doIt()";
JexlScript script;
Object result = null;
JexlSandbox sandbox = new JexlSandbox(false);
sandbox.allow(Foo.class.getName());
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
jc.set("foo", new CantSeeMe());
script = sjexl.createScript(expr);
try {
result = script.execute(jc);
Assert.fail("should have failed, doIt()");
} catch (JexlException xany) {
//
}
jc.set("foo", new Foo("42"));
result = script.execute(jc);
Assert.assertEquals(42, ((Integer) result).intValue());
}
Example 6
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testMethodNoJexl() throws Exception {
Foo foo = new Foo("42");
String[] exprs = {
"foo.cantCallMe()",
"foo.tryMe()",
"foo.tryMeARiver()",
"foo.callMeNot()",
"foo.NONO",
"new('org.apache.commons.jexl3.SandboxTest$Foo', 'one', 'two')"
};
JexlScript script;
Object result;
JexlEngine sjexl = new JexlBuilder().strict(true).safe(false).create();
for (String expr : exprs) {
script = sjexl.createScript(expr, "foo");
try {
result = script.execute(null, foo);
Assert.fail("should have not been possible");
} catch (JexlException.Method | JexlException.Property xjm) {
// ok
LOGGER.info(xjm.toString());
}
}
}
Example 7
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testGetAllow() throws Exception {
Foo foo = new Foo("42");
String expr = "foo.alias";
JexlScript script;
Object result;
JexlSandbox sandbox = new JexlSandbox();
sandbox.allow(Foo.class.getName()).read("alias");
sandbox.get(Foo.class.getName()).read().alias("alias", "ALIAS");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
script = sjexl.createScript(expr, "foo");
result = script.execute(null, foo);
Assert.assertEquals(foo.alias, result);
script = sjexl.createScript("foo.ALIAS", "foo");
result = script.execute(null, foo);
Assert.assertEquals(foo.alias, result);
}
Example 8
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testSetAllow() throws Exception {
Foo foo = new Foo("42");
String expr = "foo.alias = $0";
JexlScript script;
Object result;
JexlSandbox sandbox = new JexlSandbox();
sandbox.allow(Foo.class.getName()).write("alias");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
script = sjexl.createScript(expr, "foo", "$0");
result = script.execute(null, foo, "43");
Assert.assertEquals("43", result);
Assert.assertEquals("43", foo.alias);
}
Example 9
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testSandboxInherit0() throws Exception {
Object result;
JexlContext ctxt = null;
List<String> foo = new ArrayList<String>();
JexlSandbox sandbox = new JexlSandbox(false, true);
sandbox.allow(java.util.List.class.getName());
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
JexlScript method = sjexl.createScript("foo.add(y)", "foo", "y");
JexlScript set = sjexl.createScript("foo[x] = y", "foo", "x", "y");
JexlScript get = sjexl.createScript("foo[x]", "foo", "x");
result = method.execute(ctxt, foo, "nothing");
Assert.assertEquals(true, result);
result = null;
result = get.execute(null, foo, 0);
Assert.assertEquals("nothing", result);
result = null;
result = set.execute(null, foo, 0, "42");
Assert.assertEquals("42", result);
result = null;
result = get.execute(null, foo, 0);
Assert.assertEquals("42", result);
}
Example 10
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 6 votes |
|
@Test
public void testSandboxInherit1() throws Exception {
Object result;
JexlContext ctxt = null;
Operation2 foo = new Operation2(12);
JexlSandbox sandbox = new JexlSandbox(false, true);
sandbox.allow(Operation.class.getName());
sandbox.block(Operation.class.getName()).execute("nonCallable");
//sandbox.block(Foo.class.getName()).execute();
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).safe(false).strict(true).create();
JexlScript someOp = sjexl.createScript("foo.someOp(y)", "foo", "y");
result = someOp.execute(ctxt, foo, 30);
Assert.assertEquals(42, result);
JexlScript nonCallable = sjexl.createScript("foo.nonCallable(y)", "foo", "y");
try {
result = nonCallable.execute(null, foo, 0);
Assert.fail("should not be possible");
} catch (JexlException xjm) {
// ok
LOGGER.info(xjm.toString());
}
}
Example 11
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 5 votes |
|
@Test
public void testCtorAllow() throws Exception {
String expr = "new('" + Foo.class.getName() + "', '42')";
JexlScript script;
Object result;
JexlSandbox sandbox = new JexlSandbox();
sandbox.allow(Foo.class.getName()).execute("");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr);
result = script.execute(null);
Assert.assertEquals("42", ((Foo) result).getName());
}
Example 12
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 5 votes |
|
@Test
public void testMethodAllow() throws Exception {
Foo foo = new Foo("42");
String expr = "foo.Quux()";
JexlScript script;
Object result;
JexlSandbox sandbox = new JexlSandbox();
sandbox.allow(Foo.class.getName()).execute("Quux");
JexlEngine sjexl = new JexlBuilder().sandbox(sandbox).strict(true).safe(false).create();
script = sjexl.createScript(expr, "foo");
result = script.execute(null, foo);
Assert.assertEquals(foo.Quux(), result);
}
Example 13
| Source File: SandboxTest.java From commons-jexl with Apache License 2.0 | 5 votes |
|
@Test
public void testNoJexl312() throws Exception {
JexlContext ctxt = new MapContext();
JexlEngine sjexl = new JexlBuilder().safe(false).strict(true).create();
JexlScript foo = sjexl.createScript("x.getFoo()", "x");
try {
foo.execute(ctxt, new Foo44());
Assert.fail("should have thrown");
} catch (JexlException xany) {
Assert.assertNotNull(xany);
}
}
