Java RejectedAccessException Examples

Programming Language: Java

Namespace/Package Name: org.jenkinsci.plugins.scriptsecurity.sandbox

Examples at hotexamples.com: 5

Java RejectedAccessException - 5 examples found. These are the top rated real world Java examples of org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException extracted from open source projects. You can rate examples to help us improve the quality of examples.

Frequently Used Methods

Show Hide

getSignature(5)

getMessage(3)

toString(1)

Example #1

Show file

File: SandboxInterceptorTest.java Project: zencodeuk/script-security-plugin

 private static void assertRejected(Whitelist whitelist, String expectedSignature, String script) {
   try {
     assertEvaluate(whitelist, "should be rejected", script);
   } catch (RejectedAccessException x) {
     assertEquals(x.getMessage(), expectedSignature, x.getSignature());
   }
 }

Example #2

Show file

File: SandboxInterceptorTest.java Project: zencodeuk/script-security-plugin

 @Issue("JENKINS-25118")
 @Test
 public void primitiveTypes() throws Exception {
   try {
     assertEvaluate(new ProxyWhitelist(), "should fail", "'123'.charAt(1);");
   } catch (RejectedAccessException x) {
     assertNotNull(x.toString(), x.getSignature());
   }
   assertEvaluate(
       new StaticWhitelist("method java.lang.CharSequence charAt int"), '2', "'123'.charAt(1);");
 }

Example #3

Show file

File: MatrixTest.java Project: aheubusch/matrix-project-plugin

 private static void expectRejection(
     MatrixProject project, String combinationFilter, String signature) throws IOException {
   ScriptApproval scriptApproval = ScriptApproval.get();
   assertEquals(Collections.emptySet(), scriptApproval.getPendingSignatures());
   try {
     project.setCombinationFilter(combinationFilter);
   } catch (RejectedAccessException x) {
     assertEquals(Functions.printThrowable(x), signature, x.getSignature());
   }
   Set<ScriptApproval.PendingSignature> pendingSignatures = scriptApproval.getPendingSignatures();
   assertEquals(1, pendingSignatures.size());
   assertEquals(signature, pendingSignatures.iterator().next().signature);
   scriptApproval.approveSignature(signature);
   assertEquals(Collections.emptySet(), scriptApproval.getPendingSignatures());
 }

Example #4

Show file

File: SandboxInterceptorTest.java Project: zencodeuk/script-security-plugin

 /** Tests the proper interception of builder-like method. */
 @Test
 public void invokeMethod() throws Exception {
   String script =
       "def builder = new groovy.json.JsonBuilder(); builder.point { x 5; y 3; }; builder.toString()";
   String expected = "{\"point\":{\"x\":5,\"y\":3}}";
   assertEvaluate(new BlanketWhitelist(), expected, script);
   // this whitelisting strategy isn't ideal
   // see https://issues.jenkins-ci.org/browse/JENKINS-24982
   assertEvaluate(
       new ProxyWhitelist(
           new AbstractWhitelist() {
             @Override
             public boolean permitsMethod(Method method, Object receiver, Object[] args) {
               if (method.getName().equals("invokeMethod") && receiver instanceof JsonBuilder)
                 return true;
               if (method.getName().equals("invokeMethod") && receiver instanceof Closure) {
                 Object d = ((Closure) receiver).getDelegate();
                 return d.getClass().getName().equals("groovy.json.JsonDelegate");
               }
               if (method.getName().equals("toString") && receiver instanceof JsonBuilder)
                 return true;
               return false;
             }
           },
           new StaticWhitelist(
               "new groovy.json.JsonBuilder"
               //                "method groovy.json.JsonBuilder toString",
               //                "method groovy.json.JsonBuilder invokeMethod java.lang.String
               // java.lang.Object"
               )),
       expected,
       script);
   try {
     assertEvaluate(
         new ProxyWhitelist(),
         "should be rejected",
         "class Real {}; def real = new Real(); real.nonexistent(42)");
   } catch (RejectedAccessException x) {
     String message = x.getMessage();
     assertEquals(
         message,
         "method groovy.lang.GroovyObject invokeMethod java.lang.String java.lang.Object",
         x.getSignature());
     assertTrue(message, message.contains("Real nonexistent java.lang.Integer"));
   }
 }

Example #5

Show file

File: SandboxInterceptorTest.java Project: zencodeuk/script-security-plugin

 @Test
 public void propertiesAndGettersAndSetters() throws Exception {
   String clazz = Clazz.class.getName();
   assertEvaluate(
       new StaticWhitelist("new " + clazz, "field " + clazz + " prop"),
       "default",
       "new " + clazz + "().prop");
   assertEvaluate(
       new StaticWhitelist("new " + clazz, "method " + clazz + " getProp"),
       "default",
       "new " + clazz + "().prop");
   assertEvaluate(
       new StaticWhitelist(
           "new " + clazz, "field " + clazz + " prop", "method " + clazz + " getProp"),
       "default",
       "new " + clazz + "().prop");
   assertRejected(
       new StaticWhitelist("new " + clazz),
       "field " + clazz + " prop",
       "new " + clazz + "().prop");
   assertEvaluate(
       new StaticWhitelist(
           "new " + clazz, "method " + clazz + " getProp", "field " + clazz + " prop"),
       "edited",
       "def c = new " + clazz + "(); c.prop = 'edited'; c.getProp()");
   assertEvaluate(
       new StaticWhitelist(
           "new " + clazz,
           "method " + clazz + " getProp",
           "method " + clazz + " setProp java.lang.String"),
       "edited",
       "def c = new " + clazz + "(); c.prop = 'edited'; c.getProp()");
   assertEvaluate(
       new StaticWhitelist(
           "new " + clazz,
           "method " + clazz + " getProp",
           "field " + clazz + " prop",
           "method " + clazz + " setProp java.lang.String"),
       "edited",
       "def c = new " + clazz + "(); c.prop = 'edited'; c.getProp()");
   assertRejected(
       new StaticWhitelist("new " + clazz, "method " + clazz + " getProp"),
       "field " + clazz + " prop",
       "def c = new " + clazz + "(); c.prop = 'edited'; c.getProp()");
   assertEvaluate(
       new StaticWhitelist("new " + clazz, "method " + clazz + " getProp2"),
       "default",
       "new " + clazz + "().prop2");
   assertRejected(
       new StaticWhitelist("new " + clazz),
       "method " + clazz + " getProp2",
       "new " + clazz + "().prop2");
   assertEvaluate(
       new StaticWhitelist(
           "new " + clazz,
           "method " + clazz + " getProp2",
           "method " + clazz + " setProp2 java.lang.String"),
       "edited",
       "def c = new " + clazz + "(); c.prop2 = 'edited'; c.getProp2()");
   assertRejected(
       new StaticWhitelist("new " + clazz, "method " + clazz + " getProp2"),
       "method " + clazz + " setProp2 java.lang.String",
       "def c = new " + clazz + "(); c.prop2 = 'edited'; c.getProp2()");
   try {
     assertEvaluate(
         new StaticWhitelist("new " + clazz),
         "should be rejected",
         "new " + clazz + "().nonexistent");
   } catch (RejectedAccessException x) {
     assertEquals(null, x.getSignature());
     assertEquals("unclassified field " + clazz + " nonexistent", x.getMessage());
   }
   try {
     assertEvaluate(
         new StaticWhitelist("new " + clazz),
         "should be rejected",
         "new " + clazz + "().nonexistent = 'edited'");
   } catch (RejectedAccessException x) {
     assertEquals(null, x.getSignature());
     assertEquals("unclassified field " + clazz + " nonexistent", x.getMessage());
   }
 }