Package org.codehaus.groovy.control.customizers

Examples of org.codehaus.groovy.control.customizers.SecureASTCustomizer


    public boolean isHandlesNodeChildren() {
        return true;
    }

    public Object newInstance(final FactoryBuilderSupport builder, final Object name, final Object value, final Map attributes) throws InstantiationException, IllegalAccessException {
        return new SecureASTCustomizer();
    }
View Full Code Here


    /**
     * Returns a customized ASTCustomizer that includes the whitelists and
     * expression checker.
     */
    public static SecureASTCustomizer getSecureASTCustomizer(Settings settings) {
        SecureASTCustomizer scz = new SecureASTCustomizer();
        // Closures are allowed
        scz.setClosuresAllowed(true);
        // But defining methods is not
        scz.setMethodDefinitionAllowed(false);
        // Only allow the imports that we explicitly call out
        List<String> importWhitelist = new ArrayList<>();
        importWhitelist.addAll(ImmutableSet.copyOf(GroovySandboxExpressionChecker.defaultClassConstructionWhitelist));
        scz.setImportsWhitelist(importWhitelist);
        // Package definitions are not allowed
        scz.setPackageAllowed(false);
        // White-listed receivers of method calls
        String[] receiverWhitelist = settings.getAsArray(GROOVY_SCRIPT_SANDBOX_RECEIVER_WHITELIST, defaultReceiverWhitelist, true);
        scz.setReceiversWhiteList(newArrayList(receiverWhitelist));
        // Add the customized expression checker for finer-grained checking
        scz.addExpressionCheckers(new GroovySandboxExpressionChecker(settings));
        return scz;
    }
View Full Code Here

TOP

Related Classes of org.codehaus.groovy.control.customizers.SecureASTCustomizer

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.