public class SecureASTCustomizer extends CompilationCustomizer
SecureASTCustomizer.StatementChecker interface or SecureASTCustomizer.ExpressionChecker interface then register your
handlers thanks to the addExpressionCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.ExpressionChecker...)
and addStatementCheckers(org.codehaus.groovy.control.customizers.SecureASTCustomizer.StatementChecker...)
methods.
Here is an example of usage. We will create a groovy classloader which only supports arithmetic operations and imports
the java.lang.Math classes by default.
final ImportCustomizer imports = new ImportCustomizer().addStaticStars('java.lang.Math') // add static import of java.lang.Math
final SecureASTCustomizer secure = new SecureASTCustomizer()
secure.with {
closuresAllowed = false
methodDefinitionAllowed = false
importsWhitelist = []
staticImportsWhitelist = []
staticStarImportsWhitelist = ['java.lang.Math'] // only java.lang.Math is allowed
tokensWhitelist = [
PLUS,
MINUS,
MULTIPLY,
DIVIDE,
MOD,
POWER,
PLUS_PLUS,
MINUS_MINUS,
COMPARE_EQUAL,
COMPARE_NOT_EQUAL,
COMPARE_LESS_THAN,
COMPARE_LESS_THAN_EQUAL,
COMPARE_GREATER_THAN,
COMPARE_GREATER_THAN_EQUAL,
].asImmutable()
constantTypesClassesWhiteList = [
Integer,
Float,
Long,
Double,
BigDecimal,
Integer.TYPE,
Long.TYPE,
Float.TYPE,
Double.TYPE
].asImmutable()
receiversClassesWhiteList = [
Math,
Integer,
Float,
Double,
Long,
BigDecimal
].asImmutable()
}
CompilerConfiguration config = new CompilerConfiguration()
config.addCompilationCustomizers(imports, secure)
GroovyClassLoader loader = new GroovyClassLoader(this.class.classLoader, config)
| Modifier and Type | Class and Description |
|---|---|
static interface |
SecureASTCustomizer.ExpressionChecker
This interface allows the user to plugin custom expression checkers if expression blacklist or whitelist are not
sufficient
|
static interface |
SecureASTCustomizer.StatementChecker
This interface allows the user to plugin custom statement checkers if statement blacklist or whitelist are not
sufficient
|
| Constructor and Description |
|---|
SecureASTCustomizer() |
getPhaseneedSortedInputpublic boolean isMethodDefinitionAllowed()
public void setMethodDefinitionAllowed(boolean methodDefinitionAllowed)
public boolean isPackageAllowed()
public boolean isClosuresAllowed()
public void setClosuresAllowed(boolean closuresAllowed)
public void setPackageAllowed(boolean packageAllowed)
public void setStaticImportsBlacklist(List<String> staticImportsBlacklist)
public void setStaticImportsWhitelist(List<String> staticImportsWhitelist)
public void setStaticStarImportsBlacklist(List<String> staticStarImportsBlacklist)
public void setStaticStarImportsWhitelist(List<String> staticStarImportsWhitelist)
public List<Class<? extends Expression>> getExpressionsBlacklist()
public void setExpressionsBlacklist(List<Class<? extends Expression>> expressionsBlacklist)
public List<Class<? extends Expression>> getExpressionsWhitelist()
public void setExpressionsWhitelist(List<Class<? extends Expression>> expressionsWhitelist)
public void setStatementsBlacklist(List<Class<? extends Statement>> statementsBlacklist)
public void setStatementsWhitelist(List<Class<? extends Statement>> statementsWhitelist)
public boolean isIndirectImportCheckEnabled()
public void setIndirectImportCheckEnabled(boolean indirectImportCheckEnabled)
indirectImportCheckEnabled - set to true to enable indirect checkspublic void setTokensBlacklist(List<Integer> tokensBlacklist)
tokensBlacklist - the tokens. The values of the tokens must be those of Typespublic void setTokensWhitelist(List<Integer> tokensWhitelist)
tokensWhitelist - the tokens. The values of the tokens must be those of Typespublic void addStatementCheckers(SecureASTCustomizer.StatementChecker... checkers)
public void addExpressionCheckers(SecureASTCustomizer.ExpressionChecker... checkers)
public void setConstantTypesBlackList(List<String> constantTypesBlackList)
public void setConstantTypesWhiteList(List<String> constantTypesWhiteList)
public void setConstantTypesClassesWhiteList(List<Class> constantTypesWhiteList)
constantTypesWhiteList - a list of classes.public void setConstantTypesClassesBlackList(List<Class> constantTypesBlackList)
constantTypesBlackList - a list of classes.public void setReceiversBlackList(List<String> receiversBlackList)
receiversBlackList - the list of refused classes, as fully qualified namespublic void setReceiversClassesBlackList(List<Class> receiversBlacklist)
receiver classes.receiversBlacklist - a list of classes.public void setReceiversWhiteList(List<String> receiversWhiteList)
receiversWhiteList - the list of accepted classes, as fully qualified namespublic void setReceiversClassesWhiteList(List<Class> receiversWhitelist)
receiver classes.receiversWhitelist - a list of classes.public void call(SourceUnit source, GeneratorContext context, ClassNode classNode) throws CompilationFailedException
call in class CompilationUnit.PrimaryClassNodeOperationCompilationFailedException