Class Sandbox
java.lang.Object
org.apache.commons.jexl2.introspection.Sandbox
A sandbox describes permissions on a class by explicitly allowing or forbidding access to methods and properties
through "whitelists" and "blacklists".
A whitelist explicitly allows methods/properties for a class;
- If a whitelist is empty and thus does not contain any names, all properties/methods are allowed for its class.
- If it is not empty, the only allowed properties/methods are the ones contained.
A blacklist explicitly forbids methods/properties for a class;
- If a blacklist is empty and thus does not contain any names, all properties/methods are forbidden for its class.
- If it is not empty, the only forbidden properties/methods are the ones contained.
Permissions are composed of three lists, read, write, execute, each being "white" or "black":
- read controls readable properties
- write controls writeable properties
- execute controls executable methods and constructor
- Since:
- 2.1
-
Nested Class Summary
Nested ClassesModifier and TypeClassDescriptionstatic final classA black set of names.static classA base set of names.static final classContains the white or black lists for properties and methods for a given class.static final classA white set of names. -
Constructor Summary
ConstructorsModifierConstructorDescriptionSandbox()Creates a new default sandbox.protectedSandbox(Map<String, Sandbox.Permissions> map) Creates a sandbox based on an existing permissions map. -
Method Summary
Modifier and TypeMethodDescriptionCreates a new set of permissions based on black lists for methods and properties for a given class.Gets the execute permission value for a given method of a class.Gets the execute permission value for a given method of a class.Gets the set of permissions associated to a class.permissions(String clazz, boolean readFlag, boolean writeFlag, boolean executeFlag) Creates the set of permissions for a given class.Gets the read permission value for a given property of a class.Gets the read permission value for a given property of a class.Creates a new set of permissions based on white lists for methods and properties for a given class.Gets the write permission value for a given property of a class.Gets the write permission value for a given property of a class.
-
Constructor Details
-
Sandbox
public Sandbox()Creates a new default sandbox. -
Sandbox
Creates a sandbox based on an existing permissions map.- Parameters:
map- the permissions map
-
-
Method Details
-
read
-
read
-
write
-
write
-
execute
-
execute
-
permissions
public Sandbox.Permissions permissions(String clazz, boolean readFlag, boolean writeFlag, boolean executeFlag) Creates the set of permissions for a given class.- Parameters:
clazz- the class for which these permissions applyreadFlag- whether the readable property list is white - true - or black - false -writeFlag- whether the writeable property list is white - true - or black - false -executeFlag- whether the executable method list is white white - true - or black - false -- Returns:
- the set of permissions
-
white
Creates a new set of permissions based on white lists for methods and properties for a given class.- Parameters:
clazz- the whitened class name- Returns:
- the permissions instance
-
black
Creates a new set of permissions based on black lists for methods and properties for a given class.- Parameters:
clazz- the blackened class name- Returns:
- the permissions instance
-
get
Gets the set of permissions associated to a class.- Parameters:
clazz- the class name- Returns:
- the defined permissions or an all-white permission instance if none were defined
-