Skip to content

Commit 90f2478

Browse files
Make Execution in SecureContext configurable
1 parent 3105fec commit 90f2478

File tree

3 files changed

+17
-3
lines changed

3 files changed

+17
-3
lines changed

repository/src/main/java/org/orderofthebee/addons/support/tools/repo/jsconsole/ExecuteWebscript.java

Lines changed: 13 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -118,6 +118,8 @@ public void setDumpService(final DumpService dumpService)
118118
private String preRollScriptClasspath;
119119

120120
private String postRollScriptClasspath;
121+
122+
private boolean secureContext;
121123

122124
/**
123125
*
@@ -159,7 +161,7 @@ public void execute(final WebScriptRequest request, final WebScriptResponse resp
159161
// Note: Need to use import here so the user-supplied script may also import scripts
160162
final String script = "<import resource=\"classpath:" + this.preRollScriptClasspath + "\">\n" + jsreq.script;
161163

162-
final ScriptContent scriptContent = new StringScriptContent(script + this.postRollScript);
164+
final ScriptContent scriptContent = new StringScriptContent(script + this.postRollScript, this.secureContext);
163165

164166
final int providedScriptLength = this.countScriptLines(jsreq.script, false);
165167
final int resolvedScriptLength = this.countScriptLines(script, true);
@@ -610,15 +612,23 @@ public final void setPostRollScriptClasspath(final String postRollScriptClasspat
610612
{
611613
this.postRollScriptClasspath = postRollScriptClasspath;
612614
}
615+
616+
public void setSecureContext(boolean secureContext)
617+
{
618+
this.secureContext = secureContext;
619+
}
613620

614621
private static class StringScriptContent implements ScriptContent
615622
{
616623

617624
private final String content;
625+
626+
private final boolean secure;
618627

619-
public StringScriptContent(final String content)
628+
public StringScriptContent(final String content, boolean secure)
620629
{
621630
this.content = content;
631+
this.secure = secure;
622632
}
623633

624634
@Override
@@ -654,7 +664,7 @@ public boolean isCachable()
654664
@Override
655665
public boolean isSecure()
656666
{
657-
return true;
667+
return this.secure;
658668
}
659669
}
660670

repository/src/main/resources/alfresco/module/ootbee-support-tools-repo/alfresco-global.properties

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,9 @@ ootbee-support-tools.propertyBackedBeanPersister.processLegacyJmxKeysOnRemovePro
99
# this flag can be overridden to revert to old behaviour
1010
ootbee-support-tools.js-console.serverInfo.nodeCountsViaSOLR=true
1111

12+
# true if the scripts in the context are considered secure and may access java.* libs directly otherwise false
13+
ootbee-support-tools.js-console.scriptContext.secure=true
14+
1215
# it would be unexpected if there ever were so many property backed beans that this limit would not suffice
1316
cache.propertyBackedBeansPersisterSharedCache.tx.maxItems=1000
1417
cache.propertyBackedBeansPersisterSharedCache.tx.statsEnabled=${caches.tx.statsEnabled}

repository/src/main/resources/alfresco/module/ootbee-support-tools-repo/module-context.xml

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -105,6 +105,7 @@
105105
</property>
106106
<property name="preRollScriptClasspath" value="alfresco/module/ootbee-${project.artifactId}/scripts/jsconsole-pre-roll-script.js" />
107107
<property name="postRollScriptClasspath" value="alfresco/module/ootbee-${project.artifactId}/scripts/jsconsole-post-roll-script.js" />
108+
<property name="secureContext" value="${ootbee-support-tools.js-console.scriptContext.secure}"/>
108109
</bean>
109110

110111
<bean id="webscript.org.orderofthebee.support-tools.jsconsole.executionResult.get" class="org.orderofthebee.addons.support.tools.repo.jsconsole.ExecutionResultGet" parent="webscript">

0 commit comments

Comments
 (0)