com.atlassian.velocity.htmlsafe.introspection

Class AllowlistSecureIntrospector

java.lang.Object

org.apache.velocity.util.introspection.IntrospectorBase

org.apache.velocity.util.introspection.Introspector

org.apache.velocity.util.introspection.SecureIntrospectorImpl

com.atlassian.velocity.htmlsafe.introspection.AllowlistSecureIntrospector

All Implemented Interfaces:

org.apache.velocity.util.introspection.SecureIntrospectorControl

public class AllowlistSecureIntrospector
extends org.apache.velocity.util.introspection.SecureIntrospectorImpl

SecureIntrospector that support allowlist for classes/packages that override restrictions.

Elements on allowlist matches exact class or package without child classes/packages.

Example: introspector.restrict.packages = com.example introspector.allow.packages = com.example

This configuration will restrict access to all packages under com.example but classes directly under com.example will be available. It mean com.example.test.Class will be blocked but com.example.Class will be available.

Since:

3.2.0

Field Summary

Fields

Modifier and Type	Field and Description
static String	INTROSPECTOR_ALLOW_CLASSES A property containing a comma separated list of classes to allow access to in the SecureIntrospector.
static String	INTROSPECTOR_ALLOW_PACKAGES A property containing a comma separated list of packages to allow access to in the SecureIntrospector.

Fields inherited from class org.apache.velocity.util.introspection.IntrospectorBase

log

Constructor Summary

Constructors

Constructor and Description
AllowlistSecureIntrospector(org.apache.velocity.runtime.log.Log log, org.apache.velocity.runtime.RuntimeServices runtimeServices) Construct new instance of AllowlistSecureIntrospector using runtimeServices to read configuration properties.
AllowlistSecureIntrospector(Optional<String[]> restrictedClasses, Optional<String[]> restrictedParentPackages, Optional<String[]> allowlistClasses, Optional<String[]> allowedClasses, Optional<String[]> allowedPackages, org.apache.velocity.runtime.log.Log log, org.apache.velocity.runtime.RuntimeServices runtimeServices) Construct new instance of AllowlistSecureIntrospector with manually specified configuration

Method Summary

Modifier and Type	Method and Description
boolean	checkObjectExecutePermission(Class classToCheck, String methodToCheck)

Methods inherited from class org.apache.velocity.util.introspection.SecureIntrospectorImpl

getMethod

Methods inherited from class org.apache.velocity.util.introspection.IntrospectorBase

getIntrospectorCache

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

INTROSPECTOR_ALLOW_PACKAGES

public static final String INTROSPECTOR_ALLOW_PACKAGES

A property containing a comma separated list of packages to allow access to in the SecureIntrospector.

See Also:

Constant Field Values

INTROSPECTOR_ALLOW_CLASSES

public static final String INTROSPECTOR_ALLOW_CLASSES

A property containing a comma separated list of classes to allow access to in the SecureIntrospector.

See Also:

Constant Field Values

Constructor Detail

AllowlistSecureIntrospector

public AllowlistSecureIntrospector(org.apache.velocity.runtime.log.Log log,
                                   org.apache.velocity.runtime.RuntimeServices runtimeServices)

Construct new instance of AllowlistSecureIntrospector using runtimeServices to read configuration properties.

Parameters:

log - A Log object to use for the introspector.

runtimeServices - RuntimeServices object used to read configuration of introspector

AllowlistSecureIntrospector

public AllowlistSecureIntrospector(Optional<String[]> restrictedClasses,
                                   Optional<String[]> restrictedParentPackages,
                                   Optional<String[]> allowlistClasses,
                                   Optional<String[]> allowedClasses,
                                   Optional<String[]> allowedPackages,
                                   org.apache.velocity.runtime.log.Log log,
                                   org.apache.velocity.runtime.RuntimeServices runtimeServices)

Construct new instance of AllowlistSecureIntrospector with manually specified configuration

Parameters:

restrictedClasses - list of classes which use is restricted in velocity templates. Classes in this list are always restricted by introspector.

restrictedParentPackages - list of packages which use is restricted in velocity templates. It includes subpackages.

allowedClasses - list of classes which are exception from restrictedParentPackages. If class is in both allowedClasses and restrictedClasses parameters then introspector will treat it as missconfiguration and assume that class should be only in restrictedClasses

allowlistClasses - list of classes which are whitelist from restrictedParentPackages. In this case it will check super classes or interface are in restrict packages.

allowedPackages - list of packages which are exception from restrictedParentPackages. It does not include subpackages. Specifying the same package in both allowedPackages and restrictedParentPackages will allow use of classes directly in specified package but restrict use of classes from subpackages. If class is in restrictedClasses then it still will be restricted even if package of class is in allowedPackages.

log - A Log object to use for the introspector.

runtimeServices - RuntimeServices object used to read configuration of introspector

Method Detail

checkObjectExecutePermission

public boolean checkObjectExecutePermission(Class classToCheck,
                                            String methodToCheck)

Specified by:

checkObjectExecutePermission in interface org.apache.velocity.util.introspection.SecureIntrospectorControl

Overrides:

checkObjectExecutePermission in class org.apache.velocity.util.introspection.SecureIntrospectorImpl