Package org.apache.struts2.ognl
Class SecurityMemberAccess
java.lang.Object
org.apache.struts2.ognl.SecurityMemberAccess
- All Implemented Interfaces:
ognl.MemberAccess
Allows access decisions to be made on the basis of whether a member is static or not.
Also blocks or allows access to properties.
-
Constructor Summary
ConstructorDescriptionSecurityMemberAccess
(ProviderAllowlist providerAllowlist, ThreadAllowlist threadAllowlist) -
Method Summary
Modifier and TypeMethodDescriptionprotected boolean
checkAllowlist
(Object target, Member member) protected boolean
checkDefaultPackageAccess
(Object target, Member member) protected boolean
checkExclusionList
(Object target, Member member) protected boolean
checkProxyMemberAccess
(Object target, Member member) protected boolean
checkProxyObjectAccess
(Object target) protected boolean
checkPublicMemberAccess
(Member member) Check access for public members (via modifiers)protected boolean
checkStaticFieldAccess
(Member member) Check access for static field (via modifiers).protected boolean
checkStaticMethodAccess
(Member member) Check access for static method (via modifiers).protected boolean
isAcceptableProperty
(String name) protected boolean
isAccepted
(String paramName) boolean
isAccessible
(Map context, Object target, Member member, String propertyName) protected boolean
isClassAllowlisted
(Class<?> clazz) static boolean
isClassBelongsToPackages
(Class<?> clazz, Set<String> matchingPackages) protected boolean
isClassExcluded
(Class<?> clazz) protected boolean
isExcluded
(String paramName) protected boolean
isExcludedPackageNamePatterns
(Class<?> clazz) protected boolean
isExcludedPackageNames
(Class<?> clazz) protected boolean
isPackageExcluded
(Class<?> clazz) void
static String
toPackageName
(Class<?> clazz) void
useAcceptProperties
(Set<Pattern> acceptedProperties) void
useAllowlistClasses
(String commaDelimitedClasses) void
useAllowlistPackageNames
(String commaDelimitedPackageNames) void
useAllowStaticFieldAccess
(String allowStaticFieldAccess) protected void
useDevMode
(String devMode) void
useDevModeExcludedClasses
(String commaDelimitedClasses) void
useDevModeExcludedPackageExemptClasses
(String commaDelimitedClasses) void
useDevModeExcludedPackageNamePatterns
(String commaDelimitedPackagePatterns) void
useDevModeExcludedPackageNames
(String commaDelimitedPackageNames) void
useDisallowDefaultPackageAccess
(String disallowDefaultPackageAccess) void
useDisallowProxyMemberAccess
(String disallowProxyMemberAccess) void
useDisallowProxyObjectAccess
(String disallowProxyObjectAccess) void
useEnforceAllowlistEnabled
(String enforceAllowlistEnabled) void
useExcludedClasses
(String commaDelimitedClasses) void
useExcludedPackageExemptClasses
(String commaDelimitedClasses) void
useExcludedPackageNamePatterns
(String commaDelimitedPackagePatterns) void
useExcludedPackageNames
(String commaDelimitedPackageNames) void
useExcludeProperties
(Set<Pattern> excludeProperties)
-
Constructor Details
-
SecurityMemberAccess
-
-
Method Details
-
setup
- Specified by:
setup
in interfaceognl.MemberAccess
-
restore
- Specified by:
restore
in interfaceognl.MemberAccess
-
isAccessible
- Specified by:
isAccessible
in interfaceognl.MemberAccess
-
checkAllowlist
- Returns:
true
if member access is allowed
-
isClassAllowlisted
-
checkExclusionList
- Returns:
true
if member access is allowed
-
checkDefaultPackageAccess
- Returns:
true
if member access is allowed
-
checkProxyObjectAccess
- Returns:
true
if proxy object access is allowed
-
checkProxyMemberAccess
- Returns:
true
if proxy member access is allowed
-
checkStaticMethodAccess
Check access for static method (via modifiers).Note: For non-static members, the result is always true.
- Returns:
true
if member access is allowed
-
checkStaticFieldAccess
Check access for static field (via modifiers).Note: For non-static members, the result is always true.
- Returns:
true
if member access is allowed
-
checkPublicMemberAccess
Check access for public members (via modifiers)- Returns:
true
if member access is allowed
-
isPackageExcluded
-
toPackageName
-
isExcludedPackageNamePatterns
-
isExcludedPackageNames
-
isClassBelongsToPackages
-
isClassExcluded
-
isAcceptableProperty
- Returns:
true
if member access is allowed
-
isAccepted
-
isExcluded
-
useExcludeProperties
-
useAcceptProperties
-
useAllowStaticFieldAccess
-
useExcludedClasses
-
useExcludedPackageNamePatterns
-
useExcludedPackageNames
-
useExcludedPackageExemptClasses
-
useEnforceAllowlistEnabled
-
useAllowlistClasses
-
useAllowlistPackageNames
-
useDisallowProxyObjectAccess
-
useDisallowProxyMemberAccess
-
useDisallowDefaultPackageAccess
-
useDevMode
-
useDevModeExcludedClasses
-
useDevModeExcludedPackageNamePatterns
-
useDevModeExcludedPackageNames
-
useDevModeExcludedPackageExemptClasses
-