public final class JexlSandbox extends Object
A allowlist explicitly allows methods/properties for a class;
A blocklist explicitly forbids methods/properties for a class;
Permissions are composed of three lists, read, write, execute, each being "allow" or "block":
When specified, permissions - allow or block lists - can be created inheritable on interfaces or classes and thus applicable to their implementations or derived classes; the sandbox must be created with the 'inheritable' flag for this behavior to be triggered. Note that even in this configuration, it is still possible to add non-inheritable permissions. Adding inheritable lists to a non inheritable sandbox has no added effect; permissions only apply to their specified class.
Note that a JexlUberspect always uses a copy of the JexlSandbox used to built it preventing permission changes after its instantiation.
| Modifier and Type | Class and Description | 
|---|---|
| static class  | JexlSandbox.BlackSetDeprecated.  | 
| static class  | JexlSandbox.NamesA base set of names. | 
| static class  | JexlSandbox.PermissionsContains the allow or block lists for properties and methods for a given class. | 
| static class  | JexlSandbox.WhiteSetDeprecated.  | 
| Modifier and Type | Field and Description | 
|---|---|
| static String | NULLThe marker string for explicitly disallowed null properties. | 
| Constructor and Description | 
|---|
| JexlSandbox()Creates a new default sandbox. | 
| JexlSandbox(boolean ab)Creates a new default sandbox. | 
| JexlSandbox(boolean ab,
           boolean inh)Creates a sandbox. | 
| Modifier and Type | Method and Description | 
|---|---|
| JexlSandbox.Permissions | allow(String clazz)Creates a new set of permissions based on allow lists for methods and properties for a given class. | 
| JexlSandbox.Permissions | black(String clazz)Deprecated.  | 
| JexlSandbox.Permissions | block(String clazz)Creates a new set of permissions based on block lists for methods and properties for a given class. | 
| JexlSandbox | copy() | 
| String | execute(Class<?> clazz,
       String name)Gets the execute permission value for a given method of a class. | 
| String | execute(String clazz,
       String name)Deprecated.  | 
| JexlSandbox.Permissions | get(Class<?> clazz)Get the permissions associated to a class. | 
| JexlSandbox.Permissions | get(String clazz)Gets the set of permissions associated to a class. | 
| JexlSandbox.Permissions | permissions(String clazz,
           boolean readFlag,
           boolean writeFlag,
           boolean executeFlag)Creates the set of permissions for a given class. | 
| JexlSandbox.Permissions | permissions(String clazz,
           boolean inhf,
           boolean readf,
           boolean writef,
           boolean execf)Creates the set of permissions for a given class. | 
| String | read(Class<?> clazz,
    String name)Gets the read permission value for a given property of a class. | 
| String | read(String clazz,
    String name)Deprecated.  | 
| JexlSandbox.Permissions | white(String clazz)Deprecated.  | 
| String | write(Class<?> clazz,
     String name)Gets the write permission value for a given property of a class. | 
| String | write(String clazz,
     String name)Deprecated.  | 
public static final String NULL
public JexlSandbox()
In the absence of explicit permissions on a class, the sandbox is a allow-box, allow-listing that class for all permissions (read, write and execute).
public JexlSandbox(boolean ab)
A allow-box considers no permissions as "everything is allowed" when a block-box considers no permissions as "nothing is allowed".
ab - whether this sandbox is allow (true) or block (false)
 if no permission is explicitly defined for a class.public JexlSandbox(boolean ab,
                   boolean inh)
ab - whether this sandbox is allow (true) or block (false)inh - whether permissions on interfaces and classes are inherited (true) or not (false)public JexlSandbox copy()
public String read(Class<?> clazz, String name)
clazz - the classname - the property name@Deprecated public String read(String clazz, String name)
clazz - the class namename - the property namepublic String write(Class<?> clazz, String name)
clazz - the classname - the property name@Deprecated public String write(String clazz, String name)
clazz - the class namename - the property namepublic String execute(Class<?> clazz, String name)
clazz - the classname - the method name@Deprecated public String execute(String clazz, String name)
clazz - the class namename - the method namepublic JexlSandbox.Permissions permissions(String clazz, boolean readFlag, boolean writeFlag, boolean executeFlag)
The sandbox inheritance property will apply to the permissions created by this method
clazz - the class for which these permissions applyreadFlag - whether the readable property list is allow - true - or block - false -writeFlag - whether the writable property list is allow - true - or block - false -executeFlag - whether the executable method list is allow allow - true - or block - false -public JexlSandbox.Permissions permissions(String clazz, boolean inhf, boolean readf, boolean writef, boolean execf)
clazz - the class for which these permissions applyinhf - whether these permissions are inheritablereadf - whether the readable property list is allow - true - or block - false -writef - whether the writable property list is allow - true - or block - false -execf - whether the executable method list is allow allow - true - or block - false -public JexlSandbox.Permissions allow(String clazz)
The sandbox inheritance property will apply to the permissions created by this method
clazz - the allowed class name@Deprecated public JexlSandbox.Permissions white(String clazz)
clazz - the allowed class namepublic JexlSandbox.Permissions block(String clazz)
The sandbox inheritance property will apply to the permissions created by this method
clazz - the blocked class name@Deprecated public JexlSandbox.Permissions black(String clazz)
clazz - the allowed class namepublic JexlSandbox.Permissions get(String clazz)
clazz - the class namepublic JexlSandbox.Permissions get(Class<?> clazz)
clazz - the classCopyright © 2001–2021 The Apache Software Foundation. All rights reserved.