Example 1 with MemberAccessValueStack
use of com.opensymphony.xwork2.util.MemberAccessValueStack in project struts by apache.
the class ParametersInterceptor method setParameters.
protected void setParameters(final Object action, ValueStack stack, HttpParameters parameters) {
HttpParameters params;
Map<String, Parameter> acceptableParameters;
if (ordered) {
params = HttpParameters.create().withComparator(getOrderedComparator()).withParent(parameters).build();
acceptableParameters = new TreeMap<>(getOrderedComparator());
} else {
params = HttpParameters.create().withParent(parameters).build();
acceptableParameters = new TreeMap<>();
}
for (Map.Entry<String, Parameter> entry : params.entrySet()) {
String parameterName = entry.getKey();
if (isAcceptableParameter(parameterName, action)) {
acceptableParameters.put(parameterName, entry.getValue());
}
}
ValueStack newStack = valueStackFactory.createValueStack(stack);
boolean clearableStack = newStack instanceof ClearableValueStack;
if (clearableStack) {
// if the stack's context can be cleared, do that to prevent OGNL
// from having access to objects in the stack, see XW-641
((ClearableValueStack) newStack).clearContextValues();
Map<String, Object> context = newStack.getContext();
ReflectionContextState.setCreatingNullObjects(context, true);
ReflectionContextState.setDenyMethodExecution(context, true);
ReflectionContextState.setReportingConversionErrors(context, true);
// keep locale from original context
newStack.getActionContext().withLocale(stack.getActionContext().getLocale());
}
boolean memberAccessStack = newStack instanceof MemberAccessValueStack;
if (memberAccessStack) {
// block or allow access to properties
// see WW-2761 for more details
MemberAccessValueStack accessValueStack = (MemberAccessValueStack) newStack;
accessValueStack.setAcceptProperties(acceptedPatterns.getAcceptedPatterns());
accessValueStack.setExcludeProperties(excludedPatterns.getExcludedPatterns());
}
for (Map.Entry<String, Parameter> entry : acceptableParameters.entrySet()) {
String name = entry.getKey();
Parameter value = entry.getValue();
try {
newStack.setParameter(name, value.getObject());
} catch (RuntimeException e) {
if (devMode) {
notifyDeveloperParameterException(action, name, e.getMessage());
}
}
}
if (clearableStack) {
stack.getActionContext().withConversionErrors(newStack.getActionContext().getConversionErrors());
}
addParametersToContext(ActionContext.getContext(), acceptableParameters);
}
Also used :
HttpParameters(org.apache.struts2.dispatcher.HttpParameters)
ClearableValueStack(com.opensymphony.xwork2.util.ClearableValueStack)
MemberAccessValueStack(com.opensymphony.xwork2.util.MemberAccessValueStack)
ValueStack(com.opensymphony.xwork2.util.ValueStack)
MemberAccessValueStack(com.opensymphony.xwork2.util.MemberAccessValueStack)
ClearableValueStack(com.opensymphony.xwork2.util.ClearableValueStack)
Parameter(org.apache.struts2.dispatcher.Parameter)
TreeMap(java.util.TreeMap)
Map(java.util.Map)
Aggregations
ClearableValueStack (com.opensymphony.xwork2.util.ClearableValueStack)1
MemberAccessValueStack (com.opensymphony.xwork2.util.MemberAccessValueStack)1
ValueStack (com.opensymphony.xwork2.util.ValueStack)1
Map (java.util.Map)1
TreeMap (java.util.TreeMap)1
HttpParameters (org.apache.struts2.dispatcher.HttpParameters)1
Parameter (org.apache.struts2.dispatcher.Parameter)1
