Examples with ParametersInterceptor - com.opensymphony.xwork2.interceptor.ParametersInterceptor

Example 11 with ParametersInterceptor

use of com.opensymphony.xwork2.interceptor.ParametersInterceptor in project struts by apache.

the class ValidateAction method testNoOrdered.

public void testNoOrdered() throws Exception {
    ParametersInterceptor pi = createParametersInterceptor();
    final Map<String, Object> actual = new LinkedHashMap<>();
    pi.setValueStackFactory(createValueStackFactory(actual));
    ValueStack stack = createStubValueStack(actual);
    Map<String, Object> parameters = new HashMap<>();
    parameters.put("user.address.city", "London");
    parameters.put("user.name", "Superman");
    Action action = new SimpleAction();
    pi.setParameters(action, stack, HttpParameters.create(parameters).build());
    assertEquals("ordered should be false by default", false, pi.isOrdered());
    assertEquals(2, actual.size());
    assertEquals("London", actual.get("user.address.city"));
    assertEquals("Superman", actual.get("user.name"));
    // is not ordered
    List<Object> values = new ArrayList<Object>(actual.values());
    assertEquals("London", values.get(0));
    assertEquals("Superman", values.get(1));
}

Also used : SimpleAction(com.opensymphony.xwork2.SimpleAction) ModelDrivenAction(com.opensymphony.xwork2.ModelDrivenAction) Action(com.opensymphony.xwork2.Action) OgnlValueStack(com.opensymphony.xwork2.ognl.OgnlValueStack) ValueStack(com.opensymphony.xwork2.util.ValueStack) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) ArrayList(java.util.ArrayList) SimpleAction(com.opensymphony.xwork2.SimpleAction) LinkedHashMap(java.util.LinkedHashMap)

Example 12 with ParametersInterceptor

use of com.opensymphony.xwork2.interceptor.ParametersInterceptor in project struts by apache.

the class ValidateAction method testInternalParametersAreIgnored.

public void testInternalParametersAreIgnored() throws Exception {
    // given
    ParametersInterceptor interceptor = createParametersInterceptor();
    final Map<String, Object> actual = injectValueStackFactory(interceptor);
    ValueStack stack = injectValueStack(actual);
    final Map<String, Object> expected = new HashMap<String, Object>() {

        {
            put("ordinary.bean", "value");
        }
    };
    Map<String, Object> parameters = new HashMap<String, Object>() {

        {
            put("ordinary.bean", "value");
            put("#some.internal.object", "true");
            put("(bla)#some.internal.object", "true");
            put("#some.internal.object(bla)#some.internal.object", "true");
            put("#_some.internal.object", "true");
            put("\u0023_some.internal.object", "true");
            put("\u0023_some.internal.object,[dfd],bla(\u0023_some.internal.object)", "true");
            put("\\u0023_some.internal.object", "true");
        }
    };
    // when
    interceptor.setParameters(new NoParametersAction(), stack, HttpParameters.create(parameters).build());
    // then
    assertEquals(expected, actual);
}

Also used : OgnlValueStack(com.opensymphony.xwork2.ognl.OgnlValueStack) ValueStack(com.opensymphony.xwork2.util.ValueStack) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap)

Example 13 with ParametersInterceptor

use of com.opensymphony.xwork2.interceptor.ParametersInterceptor in project struts by apache.

the class ValidateAction method testExcludedTrickyParameters.

public void testExcludedTrickyParameters() throws Exception {
    Map<String, Object> params = new HashMap<String, Object>() {

        {
            put("blah", "This is blah");
            put("name", "try_1");
            put("(name)", "try_2");
            put("['name']", "try_3");
            put("['na' + 'me']", "try_4");
            put("{name}[0]", "try_5");
            put("(new string{'name'})[0]", "try_6");
            put("#{key: 'name'}.key", "try_7");
        }
    };
    HashMap<String, Object> extraContext = new HashMap<>();
    extraContext.put(ActionContext.PARAMETERS, HttpParameters.create(params).build());
    ActionProxy proxy = actionProxyFactory.createActionProxy("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME, null, extraContext);
    ActionConfig config = configuration.getRuntimeConfiguration().getActionConfig("", MockConfigurationProvider.PARAM_INTERCEPTOR_ACTION_NAME);
    ParametersInterceptor pi = (ParametersInterceptor) config.getInterceptors().get(0).getInterceptor();
    pi.setExcludeParams("name");
    proxy.execute();
    SimpleAction action = (SimpleAction) proxy.getAction();
    assertNull(action.getName());
    assertEquals("This is blah", (action).getBlah());
}

Also used : ActionConfig(com.opensymphony.xwork2.config.entities.ActionConfig) ActionProxy(com.opensymphony.xwork2.ActionProxy) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) SimpleAction(com.opensymphony.xwork2.SimpleAction)

Example 14 with ParametersInterceptor

use of com.opensymphony.xwork2.interceptor.ParametersInterceptor in project struts by apache.

the class ValidateAction method testArrayClassPollutionBlockedByPattern.

public void testArrayClassPollutionBlockedByPattern() throws Exception {
    // given
    final String pollution1 = "model.class.classLoader.jarPath";
    final String pollution2 = "model['class']['classLoader']['jarPath']";
    final String pollution3 = "model[\"class\"]['classLoader']['jarPath']";
    final String pollution4 = "class.classLoader.jarPath";
    final String pollution5 = "class['classLoader']['jarPath']";
    final String pollution6 = "class[\"classLoader\"]['jarPath']";
    loadConfigurationProviders(new StrutsDefaultConfigurationProvider(), new StrutsXmlConfigurationProvider("xwork-param-test.xml"));
    final Map<String, Object> params = new HashMap<String, Object>() {

        {
            put(pollution1, "bad");
            put(pollution2, "bad");
            put(pollution3, "bad");
            put(pollution4, "bad");
            put(pollution5, "bad");
            put(pollution6, "bad");
        }
    };
    final Map<String, Boolean> excluded = new HashMap<String, Boolean>();
    ParametersInterceptor pi = new ParametersInterceptor() {

        @Override
        protected boolean isExcluded(String paramName) {
            boolean result = super.isExcluded(paramName);
            excluded.put(paramName, result);
            return result;
        }
    };
    container.inject(pi);
    ValueStack vs = ActionContext.getContext().getValueStack();
    // when
    ValidateAction action = new ValidateAction();
    pi.setParameters(action, vs, HttpParameters.create(params).build());
    // then
    assertEquals(0, action.getActionMessages().size());
    assertTrue(excluded.get(pollution1));
    assertTrue(excluded.get(pollution2));
    assertTrue(excluded.get(pollution3));
    assertTrue(excluded.get(pollution4));
    assertTrue(excluded.get(pollution5));
    assertTrue(excluded.get(pollution6));
}

Also used : StrutsXmlConfigurationProvider(org.apache.struts2.config.StrutsXmlConfigurationProvider) OgnlValueStack(com.opensymphony.xwork2.ognl.OgnlValueStack) ValueStack(com.opensymphony.xwork2.util.ValueStack) HashMap(java.util.HashMap) LinkedHashMap(java.util.LinkedHashMap) StrutsDefaultConfigurationProvider(com.opensymphony.xwork2.config.providers.StrutsDefaultConfigurationProvider)

Example 15 with ParametersInterceptor

use of com.opensymphony.xwork2.interceptor.ParametersInterceptor in project struts by apache.

the class ValidateAction method testClassPollutionBlockedByPattern.

public void testClassPollutionBlockedByPattern() throws Exception {
    // given
    final String pollution1 = "class.classLoader.jarPath";
    final String pollution2 = "model.class.classLoader.jarPath";
    loadConfigurationProviders(new StrutsDefaultConfigurationProvider(), new StrutsXmlConfigurationProvider("xwork-param-test.xml"));
    final Map<String, Object> params = new HashMap<String, Object>() {

        {
            put(pollution1, "bad");
            put(pollution2, "very bad");
        }
    };
    final Map<String, Boolean> excluded = new HashMap<>();
    ParametersInterceptor pi = new ParametersInterceptor() {

        @Override
        protected boolean isExcluded(String paramName) {
            boolean result = super.isExcluded(paramName);
            excluded.put(paramName, result);
            return result;
        }
    };
    container.inject(pi);
    ValueStack vs = ActionContext.getContext().getValueStack();
    // when
    ValidateAction action = new ValidateAction();
    pi.setParameters(action, vs, HttpParameters.create(params).build());
    // then
    assertEquals(0, action.getActionMessages().size());
    assertTrue(excluded.get(pollution1));
    assertTrue(excluded.get(pollution2));
}

Aggregations

HashMap (java.util.HashMap)14 LinkedHashMap (java.util.LinkedHashMap)13 OgnlValueStack (com.opensymphony.xwork2.ognl.OgnlValueStack)11 ValueStack (com.opensymphony.xwork2.util.ValueStack)11 SimpleAction (com.opensymphony.xwork2.SimpleAction)6 Action (com.opensymphony.xwork2.Action)4 ModelDrivenAction (com.opensymphony.xwork2.ModelDrivenAction)4 StrutsDefaultConfigurationProvider (com.opensymphony.xwork2.config.providers.StrutsDefaultConfigurationProvider)4 StrutsXmlConfigurationProvider (org.apache.struts2.config.StrutsXmlConfigurationProvider)4 ActionConfig (com.opensymphony.xwork2.config.entities.ActionConfig)3 ActionProxy (com.opensymphony.xwork2.ActionProxy)2 ArrayList (java.util.ArrayList)2 InterceptorMapping (com.opensymphony.xwork2.config.entities.InterceptorMapping)1 PackageConfig (com.opensymphony.xwork2.config.entities.PackageConfig)1 ResultConfig (com.opensymphony.xwork2.config.entities.ResultConfig)1 ContainerBuilder (com.opensymphony.xwork2.inject.ContainerBuilder)1 ParametersInterceptor (com.opensymphony.xwork2.interceptor.ParametersInterceptor)1 MockActionInvocation (com.opensymphony.xwork2.mock.MockActionInvocation)1 MockResult (com.opensymphony.xwork2.mock.MockResult)1 ValidationInterceptor (com.opensymphony.xwork2.validator.ValidationInterceptor)1