@Test
public void testClassLoaderIsolation() throws Exception {
ClassLoader originalClassLoader = Thread.currentThread().getContextClassLoader();
try {
AnObject obj = new AnObjectImpl();
byte[] bytes = ObjectInputStreamWithClassLoaderTest.toBytes(obj);
// Class.isAnonymousClass() call used in ObjectInputStreamWithClassLoader
// need to access the enclosing class and its parent class of the obj
// i.e. ActiveMQTestBase and Assert.
ClassLoader testClassLoader =
ObjectInputStreamWithClassLoaderTest.newClassLoader(
obj.getClass(), ActiveMQTestBase.class, Assert.class);
Thread.currentThread().setContextClassLoader(testClassLoader);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
ObjectInputStreamWithClassLoader ois = new ObjectInputStreamWithClassLoader(bais);
Object deserializedObj = ois.readObject();
Assert.assertNotSame(obj, deserializedObj);
Assert.assertNotSame(obj.getClass(), deserializedObj.getClass());
Assert.assertNotSame(
obj.getClass().getClassLoader(), deserializedObj.getClass().getClassLoader());
Assert.assertSame(testClassLoader, deserializedObj.getClass().getClassLoader());
} finally {
Thread.currentThread().setContextClassLoader(originalClassLoader);
}
}
@Override
public void run() {
try {
Object deserializedObj = ois.readObject();
System.out.println("Deserialized Object " + deserializedObj);
myAssertNotSame(originalProxy, deserializedObj);
myAssertNotSame(originalProxy.getClass(), deserializedObj.getClass());
myAssertNotSame(
originalProxy.getClass().getClassLoader(), deserializedObj.getClass().getClassLoader());
myAssertSame(testClassLoader, deserializedObj.getClass().getClassLoader());
AnObject myInterface = (AnObject) deserializedObj;
if (myInterface.getMyInt() != 200) {
throw new RuntimeException("invalid result");
}
} catch (ClassNotFoundException e) {
throw new RuntimeException(e.getMessage(), e);
} catch (IOException e) {
throw new RuntimeException(e.getMessage(), e);
}
}
@Test
public void testClassLoaderIsolationWithProxy() throws Exception {
ClassLoader originalClassLoader = Thread.currentThread().getContextClassLoader();
try {
AnObject originalProxy =
(AnObject)
Proxy.newProxyInstance(
AnObject.class.getClassLoader(),
new Class[] {AnObject.class},
new AnObjectInvocationHandler());
originalProxy.setMyInt(100);
byte[] bytes = ObjectInputStreamWithClassLoaderTest.toBytes(originalProxy);
ClassLoader testClassLoader =
ObjectInputStreamWithClassLoaderTest.newClassLoader(
this.getClass(), ActiveMQTestBase.class, Assert.class);
Thread.currentThread().setContextClassLoader(testClassLoader);
ByteArrayInputStream bais = new ByteArrayInputStream(bytes);
ObjectInputStreamWithClassLoader ois = new ObjectInputStreamWithClassLoader(bais);
Runnable toRun =
(Runnable) testClassLoader.loadClass(ProxyReader.class.getName()).newInstance();
toRun.getClass().getField("ois").set(toRun, ois);
toRun.getClass().getField("testClassLoader").set(toRun, testClassLoader);
toRun.getClass().getField("originalProxy").set(toRun, originalProxy);
toRun.run();
} finally {
Thread.currentThread().setContextClassLoader(originalClassLoader);
}
}
@Test
public final void bindRequestToCollections() {
final HttpServletRequest request = createMock(HttpServletRequest.class);
final String choice = "AChoice";
// setup preliminary request
final HttpSessionFlashCache cache = new HttpSessionFlashCache();
cache.put("names", Arrays.asList("First", choice, "BobLee", "JasonLee", "Mowglee"));
expect(request.getParameterMap())
.andReturn(
new HashMap<String, String[]>() {
{
put(
"select",
new String[] {
RequestBinder.COLLECTION_BIND_PREFIX + "names/" + choice.hashCode()
});
}
});
replay(request);
final AnObject o = new AnObject();
final Evaluator evaluator = Guice.createInjector().getInstance(Evaluator.class);
new MvelRequestBinder(
evaluator,
new Provider<FlashCache>() {
public FlashCache get() {
return cache;
}
})
.bind(TestRequestCreator.from(request, null), o);
assert choice.equals(o.getSelect()) : "Collection selectee was not bound: " + o.getSelect();
verify(request);
}
// configuration: "illegalClassNames": List, GregorianCalendar, java.io.File, SubCalendar, ArrayList
public class InputIllegalTypeSameFileName {
GregorianCalendar cal = AnObject.getInstance(); // WARNING
java.util.Date date = null;
SubCalendar subCalendar = null; // WARNING
private static class AnObject extends GregorianCalendar {
public static GregorianCalendar getInstance() // WARNING
{
return null;
}
}
private void foo() {
List l; // WARNING
java.io.File file = null; // WARNING
}
java.util.List<Integer> list = new ArrayList<>(); // WARNING
private ArrayList<String> values;
}
@Test
public final void bindRequestToPrimitivesAndIgnoreExtras() {
final HttpServletRequest request = createMock(HttpServletRequest.class);
expect(request.getParameterMap())
.andReturn(
new HashMap<String, String[]>() {
{
put("name", new String[] {"Dhanji"});
put("age", new String[] {"27"});
put("alive", new String[] {"true"});
put("id", new String[] {"12"});
put("height", new String[] {"6.0"});
put("weight", new String[] {"6.0"});
put("hiphop", new String[] {"6.0"});
}
});
replay(request);
final AnObject o = new AnObject();
final Evaluator evaluator = Guice.createInjector().getInstance(Evaluator.class);
new MvelRequestBinder(
evaluator,
new Provider<FlashCache>() {
public FlashCache get() {
return new HttpSessionFlashCache();
}
})
.bind(TestRequestCreator.from(request, null), o);
assert "Dhanji".equals(o.getName());
assert 27 == (o.getAge());
assert 12L == (o.getId());
assert 6.0 == (o.getHeight());
assert (o.isAlive());
verify(request);
}
/**
* Set up and reset the room. This is not something that is built in to BobEngine but I encourage
* using it or something similar so you can easily set up and reset your rooms.
*/
public void set() {
// TODO Set up objects.
object.set();
}
