org.apache.commons.jexl2.introspection
Class Sandbox

java.lang.Object
  extended by org.apache.commons.jexl2.introspection.Sandbox

public final class Sandbox
extends java.lang.Object

A sandbox describes permissions on a class by explicitly allowing or forbidding access to methods and properties through "whitelists" and "blacklists".

A whitelist explicitly allows methods/properties for a class;

A blacklist explicitly forbids methods/properties for a class;

Permissions are composed of three lists, read, write, execute, each being "white" or "black":

Since:
2.1

Nested Class Summary
static class Sandbox.BlackSet
          A black set of names.
static class Sandbox.Names
          A base set of names.
static class Sandbox.Permissions
          Contains the white or black lists for properties and methods for a given class.
static class Sandbox.WhiteSet
          A white set of names.
 
Constructor Summary
  Sandbox()
          Creates a new default sandbox.
protected Sandbox(java.util.Map<java.lang.String,Sandbox.Permissions> map)
          Creates a sandbox based on an existing permissions map.
 
Method Summary
 Sandbox.Permissions black(java.lang.String clazz)
          Creates a new set of permissions based on black lists for methods and properties for a given class.
 java.lang.String execute(java.lang.Class<?> clazz, java.lang.String name)
          Gets the execute permission value for a given method of a class.
 java.lang.String execute(java.lang.String clazz, java.lang.String name)
          Gets the execute permission value for a given method of a class.
 Sandbox.Permissions get(java.lang.String clazz)
          Gets the set of permissions associated to a class.
 Sandbox.Permissions permissions(java.lang.String clazz, boolean readFlag, boolean writeFlag, boolean executeFlag)
          Creates the set of permissions for a given class.
 java.lang.String read(java.lang.Class<?> clazz, java.lang.String name)
          Gets the read permission value for a given property of a class.
 java.lang.String read(java.lang.String clazz, java.lang.String name)
          Gets the read permission value for a given property of a class.
 Sandbox.Permissions white(java.lang.String clazz)
          Creates a new set of permissions based on white lists for methods and properties for a given class.
 java.lang.String write(java.lang.Class<?> clazz, java.lang.String name)
          Gets the write permission value for a given property of a class.
 java.lang.String write(java.lang.String clazz, java.lang.String name)
          Gets the write permission value for a given property of a class.
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Constructor Detail

Sandbox

public Sandbox()
Creates a new default sandbox.


Sandbox

protected Sandbox(java.util.Map<java.lang.String,Sandbox.Permissions> map)
Creates a sandbox based on an existing permissions map.

Parameters:
map - the permissions map
Method Detail

read

public java.lang.String read(java.lang.Class<?> clazz,
                             java.lang.String name)
Gets the read permission value for a given property of a class.

Parameters:
clazz - the class
name - the property name
Returns:
null if not allowed, the name of the property to use otherwise

read

public java.lang.String read(java.lang.String clazz,
                             java.lang.String name)
Gets the read permission value for a given property of a class.

Parameters:
clazz - the class name
name - the property name
Returns:
null if not allowed, the name of the property to use otherwise

write

public java.lang.String write(java.lang.Class<?> clazz,
                              java.lang.String name)
Gets the write permission value for a given property of a class.

Parameters:
clazz - the class
name - the property name
Returns:
null if not allowed, the name of the property to use otherwise

write

public java.lang.String write(java.lang.String clazz,
                              java.lang.String name)
Gets the write permission value for a given property of a class.

Parameters:
clazz - the class name
name - the property name
Returns:
null if not allowed, the name of the property to use otherwise

execute

public java.lang.String execute(java.lang.Class<?> clazz,
                                java.lang.String name)
Gets the execute permission value for a given method of a class.

Parameters:
clazz - the class
name - the method name
Returns:
null if not allowed, the name of the method to use otherwise

execute

public java.lang.String execute(java.lang.String clazz,
                                java.lang.String name)
Gets the execute permission value for a given method of a class.

Parameters:
clazz - the class name
name - the method name
Returns:
null if not allowed, the name of the method to use otherwise

permissions

public Sandbox.Permissions permissions(java.lang.String clazz,
                                       boolean readFlag,
                                       boolean writeFlag,
                                       boolean executeFlag)
Creates the set of permissions for a given class.

Parameters:
clazz - the class for which these permissions apply
readFlag - whether the readable property list is white - true - or black - false -
writeFlag - whether the writeable property list is white - true - or black - false -
executeFlag - whether the executable method list is white white - true - or black - false -
Returns:
the set of permissions

white

public Sandbox.Permissions white(java.lang.String clazz)
Creates a new set of permissions based on white lists for methods and properties for a given class.

Parameters:
clazz - the whitened class name
Returns:
the permissions instance

black

public Sandbox.Permissions black(java.lang.String clazz)
Creates a new set of permissions based on black lists for methods and properties for a given class.

Parameters:
clazz - the blackened class name
Returns:
the permissions instance

get

public Sandbox.Permissions get(java.lang.String clazz)
Gets the set of permissions associated to a class.

Parameters:
clazz - the class name
Returns:
the defined permissions or an all-white permission instance if none were defined


Copyright © 2001-2013 The Apache Software Foundation. All Rights Reserved.