Examples with ProtectedBindings org.apache.sling.scripting.core.impl.helper.ProtectedBindings used on opensource projects

Example 1 with ProtectedBindings

use of org.apache.sling.scripting.core.impl.helper.ProtectedBindings in project sling by apache.

the class ExportServlet method addScriptBindings.

private void addScriptBindings(SlingScriptHelper scriptHelper, SlingHttpServletRequest request, SlingHttpServletResponse response) throws IOException {
    SimpleBindings bindings = new SimpleBindings();
    bindings.put(SLING, scriptHelper);
    bindings.put(RESOURCE, request.getResource());
    bindings.put(RESOLVER, request.getResource().getResourceResolver());
    bindings.put(REQUEST, request);
    bindings.put(RESPONSE, response);
    bindings.put(READER, request.getReader());
    bindings.put(OUT, response.getWriter());
    bindings.put(LOG, logger);
    final Collection<BindingsValuesProvider> bindingsValuesProviders = bindingsValuesProvidersByContext.getBindingsValuesProviders(scriptEngineFactory, BINDINGS_CONTEXT);
    if (!bindingsValuesProviders.isEmpty()) {
        Set<String> protectedKeys = new HashSet<String>();
        protectedKeys.addAll(PROTECTED_KEYS);
        ProtectedBindings protectedBindings = new ProtectedBindings(bindings, protectedKeys);
        for (BindingsValuesProvider provider : bindingsValuesProviders) {
            provider.addBindings(protectedBindings);
        }
    }
    SlingBindings slingBindings = new SlingBindings();
    slingBindings.putAll(bindings);
    request.setAttribute(SlingBindings.class.getName(), slingBindings);
}

Example 2 with ProtectedBindings

use of org.apache.sling.scripting.core.impl.helper.ProtectedBindings in project sling by apache.

the class DefaultSlingScript method verifySlingBindings.

Bindings verifySlingBindings(final SlingBindings slingBindings) throws IOException {
    final Bindings bindings = new SimpleBindings();
    final SlingHttpServletRequest request = slingBindings.getRequest();
    // check sling object
    Object slingObject = slingBindings.get(SLING);
    if (slingObject == null) {
        if (request != null) {
            slingObject = new InternalScriptHelper(this.bundleContext, this, request, slingBindings.getResponse(), this.cache);
        } else {
            slingObject = new InternalScriptHelper(this.bundleContext, this, this.cache);
        }
    } else if (!(slingObject instanceof SlingScriptHelper)) {
        throw fail(SLING, "Wrong type");
    }
    final SlingScriptHelper sling = (SlingScriptHelper) slingObject;
    bindings.put(SLING, sling);
    if (request != null) {
        final SlingHttpServletResponse response = slingBindings.getResponse();
        if (response == null) {
            throw fail(RESPONSE, "Missing or wrong type");
        }
        Object resourceObject = slingBindings.get(RESOURCE);
        if (resourceObject != null && !(resourceObject instanceof Resource)) {
            throw fail(RESOURCE, "Wrong type");
        }
        Object resolverObject = slingBindings.get(RESOLVER);
        if (resolverObject != null && !(resolverObject instanceof ResourceResolver)) {
            throw fail(RESOLVER, "Wrong type");
        }
        Object writerObject = slingBindings.get(OUT);
        if (writerObject != null && !(writerObject instanceof PrintWriter)) {
            throw fail(OUT, "Wrong type");
        }
        // if there is a provided sling script helper, check arguments
        if (slingBindings.get(SLING) != null) {
            if (sling.getRequest() != request) {
                throw fail(REQUEST, "Not the same as request field of SlingScriptHelper");
            }
            if (sling.getResponse() != response) {
                throw fail(RESPONSE, "Not the same as response field of SlingScriptHelper");
            }
            if (resourceObject != null && sling.getRequest().getResource() != resourceObject) {
                throw fail(RESOURCE, "Not the same as resource of the SlingScriptHelper request");
            }
            if (resolverObject != null && sling.getRequest().getResourceResolver() != resolverObject) {
                throw fail(RESOLVER, "Not the same as the resource resolver of the SlingScriptHelper request's resolver");
            }
            if (writerObject != null && sling.getResponse().getWriter() != writerObject) {
                throw fail(OUT, "Not the same as writer of the SlingScriptHelper response");
            }
        }
        // set base variables when executing inside a request
        bindings.put(REQUEST, sling.getRequest());
        bindings.put(READER, sling.getRequest().getReader());
        bindings.put(RESPONSE, sling.getResponse());
        bindings.put(RESOURCE, sling.getRequest().getResource());
        bindings.put(RESOLVER, sling.getRequest().getResourceResolver());
        bindings.put(OUT, sling.getResponse().getWriter());
    }
    Object logObject = slingBindings.get(LOG);
    if (logObject == null) {
        logObject = LoggerFactory.getLogger(getLoggerName());
    } else if (!(logObject instanceof Logger)) {
        throw fail(LOG, "Wrong type");
    }
    bindings.put(LOG, logObject);
    // copy non-base variables
    for (Map.Entry<String, Object> entry : slingBindings.entrySet()) {
        if (!bindings.containsKey(entry.getKey())) {
            bindings.put(entry.getKey(), entry.getValue());
        }
    }
    if (!bindingsValuesProviders.isEmpty()) {
        Set<String> protectedKeys = new HashSet<String>();
        protectedKeys.addAll(PROTECTED_KEYS);
        ProtectedBindings protectedBindings = new ProtectedBindings(bindings, protectedKeys);
        for (BindingsValuesProvider provider : bindingsValuesProviders) {
            provider.addBindings(protectedBindings);
        }
    }
    return bindings;
}