Package com.xebialabs.xlrelease.script
Class Jsr223ScriptExecutor
- java.lang.Object
-
- com.xebialabs.xlrelease.script.Jsr223ScriptExecutor
-
- All Implemented Interfaces:
ScriptExecutor
- Direct Known Subclasses:
JythonScriptExecutor
public abstract class Jsr223ScriptExecutor extends java.lang.Object implements ScriptExecutor
-
-
Field Summary
Fields Modifier and Type Field Description protected org.slf4j.Loggerloggerprotected javax.script.ScriptEnginerestrictedEngineprotected ScriptPermissionsProviderscriptPermissionsProviderprotected javax.script.ScriptEngineunrestrictedEngine
-
Constructor Summary
Constructors Modifier Constructor Description protectedJsr223ScriptExecutor(Jsr223EngineFactory engineFactory, ScriptPermissionsProvider scriptPermissionsProvider, boolean sandboxEnabled, java.lang.String workDir)
-
Method Summary
All Methods Instance Methods Abstract Methods Concrete Methods Modifier and Type Method Description protected voidaddCiUtilsPermissions(java.security.Permissions permissions)protected voidaddGroovyLibrariesReadPermissions(java.security.Permissions minimalPermissions)protected voidaddInternalAccessPermissions(java.security.Permissions minimalPermissions)protected voidaddJavaHomeSecurityLibPermissions(java.security.Permissions minimalPermissions)protected voidaddJavaPrimitivesPermissions(java.security.Permissions minimalPermissions)protected voidaddJsonModule(java.security.Permissions permissions)protected voidaddJsonSmartLibraryPermissions(java.security.Permissions minimalPermissions)protected voidaddJythonLibrariesReadPermissions(java.security.Permissions minimalPermissions)protected voidaddReadPermissionOnJar(java.lang.String jarName, java.security.Permissions minimalPermissions)protected voidaddReadPermissionOnPluginsFolder(java.security.Permissions minimalPermissions)protected javax.script.ScriptEngineconfigureSandboxAndGetEngine(boolean checkPolicyPermissions)This method sets threadlocal "sandbox" property that is later used by SandboxAwarePackageManager to restrict packages (class namespaces) that are accessibleprotected java.security.PermissionscreateMinimalPermissions()protected java.lang.ObjectdoPrivileged(javax.script.ScriptEngine engine, java.lang.String script, javax.script.ScriptContext scriptContext, java.security.AccessControlContext accessControlContext)java.lang.ObjectevalScript(XlrScriptContext xlrScriptContext)protected abstract java.lang.ObjectevalScriptPrivileged(javax.script.ScriptEngine engine, java.lang.String script, javax.script.ScriptContext scriptContext, java.security.AccessControlContext accessControlContext)protected java.security.AccessControlContextgetAccessControlContext()protected java.lang.StringgetWorkDir()protected booleanisRestricted(boolean checkPolicyPermissions)protected java.lang.BooleanisScriptSandboxEnabled()protected java.security.PermissionresolvePermissionIfNecessary(java.security.Permission permission)
-
-
-
Field Detail
-
logger
protected final org.slf4j.Logger logger
-
unrestrictedEngine
protected javax.script.ScriptEngine unrestrictedEngine
-
restrictedEngine
protected javax.script.ScriptEngine restrictedEngine
-
scriptPermissionsProvider
protected ScriptPermissionsProvider scriptPermissionsProvider
-
-
Constructor Detail
-
Jsr223ScriptExecutor
protected Jsr223ScriptExecutor(Jsr223EngineFactory engineFactory, ScriptPermissionsProvider scriptPermissionsProvider, boolean sandboxEnabled, java.lang.String workDir)
-
-
Method Detail
-
evalScript
public java.lang.Object evalScript(XlrScriptContext xlrScriptContext) throws java.lang.Exception
- Specified by:
evalScriptin interfaceScriptExecutor- Throws:
java.lang.Exception
-
evalScriptPrivileged
protected abstract java.lang.Object evalScriptPrivileged(javax.script.ScriptEngine engine, java.lang.String script, javax.script.ScriptContext scriptContext, java.security.AccessControlContext accessControlContext) throws java.lang.Exception- Throws:
java.lang.Exception
-
doPrivileged
protected java.lang.Object doPrivileged(javax.script.ScriptEngine engine, java.lang.String script, javax.script.ScriptContext scriptContext, java.security.AccessControlContext accessControlContext) throws java.lang.Exception- Throws:
java.lang.Exception
-
isScriptSandboxEnabled
protected java.lang.Boolean isScriptSandboxEnabled()
-
getWorkDir
protected java.lang.String getWorkDir()
-
getAccessControlContext
protected java.security.AccessControlContext getAccessControlContext()
-
createMinimalPermissions
protected java.security.Permissions createMinimalPermissions()
-
addJavaPrimitivesPermissions
protected void addJavaPrimitivesPermissions(java.security.Permissions minimalPermissions)
-
addInternalAccessPermissions
protected void addInternalAccessPermissions(java.security.Permissions minimalPermissions)
-
addJythonLibrariesReadPermissions
protected void addJythonLibrariesReadPermissions(java.security.Permissions minimalPermissions)
-
addGroovyLibrariesReadPermissions
protected void addGroovyLibrariesReadPermissions(java.security.Permissions minimalPermissions)
-
addJsonModule
protected void addJsonModule(java.security.Permissions permissions)
-
addCiUtilsPermissions
protected void addCiUtilsPermissions(java.security.Permissions permissions)
-
addJsonSmartLibraryPermissions
protected void addJsonSmartLibraryPermissions(java.security.Permissions minimalPermissions)
-
addJavaHomeSecurityLibPermissions
protected void addJavaHomeSecurityLibPermissions(java.security.Permissions minimalPermissions)
-
addReadPermissionOnJar
protected void addReadPermissionOnJar(java.lang.String jarName, java.security.Permissions minimalPermissions)
-
addReadPermissionOnPluginsFolder
protected void addReadPermissionOnPluginsFolder(java.security.Permissions minimalPermissions)
-
resolvePermissionIfNecessary
protected java.security.Permission resolvePermissionIfNecessary(java.security.Permission permission)
-
configureSandboxAndGetEngine
protected javax.script.ScriptEngine configureSandboxAndGetEngine(boolean checkPolicyPermissions)
This method sets threadlocal "sandbox" property that is later used by SandboxAwarePackageManager to restrict packages (class namespaces) that are accessible
-
isRestricted
protected boolean isRestricted(boolean checkPolicyPermissions)
-
-