Search in sources :

Example 1 with Whitelist

use of org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist in project workflow-cps-plugin by jenkinsci.

the class CpsWhitelist method get.

@SuppressFBWarnings(value = "RCN_REDUNDANT_NULLCHECK_OF_NONNULL_VALUE", justification = "TODO 1.653+ switch to Jenkins.getInstanceOrNull")
static synchronized Whitelist get() {
    Jenkins j = Jenkins.getInstance();
    if (j == null) {
        return new ProxyWhitelist();
    }
    Whitelist wrapped = wrappedByJenkins.get(j);
    if (wrapped == null) {
        wrapped = new ProxyWhitelist(new CpsWhitelist(), Whitelist.all());
        wrappedByJenkins.put(j, wrapped);
    }
    return wrapped;
}
Also used : Jenkins(jenkins.model.Jenkins) AbstractWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.AbstractWhitelist) ProxyWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.ProxyWhitelist) Whitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist) ProxyWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.ProxyWhitelist) SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)

Example 2 with Whitelist

use of org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist in project engine by craftercms.

the class SiteContextFactory method configureScriptSandbox.

protected void configureScriptSandbox(SiteContext siteContext, ResourceLoader resourceLoader) {
    try {
        // Enable both hardcoded & configurable blacklists
        if (enableScriptSandbox && enableSandboxBlacklist) {
            Resource sandboxBlacklist = resourceLoader.getResource(this.sandboxBlacklist);
            try (InputStream is = sandboxBlacklist.getInputStream()) {
                Blacklist blacklist = new Blacklist(new InputStreamReader(is));
                siteContext.scriptSandbox = new SandboxInterceptor(blacklist, singletonList(Dom4jExtension.class));
            }
        // Enable only the hardcoded blacklist
        } else if (enableScriptSandbox) {
            Whitelist whitelist = new PermitAllWhitelist();
            siteContext.scriptSandbox = new SandboxInterceptor(whitelist, singletonList(Dom4jExtension.class));
        }
    } catch (IOException e) {
        throw new SiteContextCreationException("Unable to load sandbox blacklist for site '" + siteContext.getSiteName() + "'", e);
    }
}
Also used : SiteContextCreationException(org.craftercms.engine.exception.SiteContextCreationException) PermitAllWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) Resource(org.springframework.core.io.Resource) PermitAllWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist) Whitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist) Blacklist(org.jenkinsci.plugins.scriptsecurity.sandbox.blacklists.Blacklist) IOException(java.io.IOException) Dom4jExtension(org.craftercms.engine.util.groovy.Dom4jExtension) SandboxInterceptor(org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor)

Aggregations

Whitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist)2 SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)1 IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 InputStreamReader (java.io.InputStreamReader)1 Jenkins (jenkins.model.Jenkins)1 SiteContextCreationException (org.craftercms.engine.exception.SiteContextCreationException)1 Dom4jExtension (org.craftercms.engine.util.groovy.Dom4jExtension)1 Blacklist (org.jenkinsci.plugins.scriptsecurity.sandbox.blacklists.Blacklist)1 SandboxInterceptor (org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor)1 AbstractWhitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.AbstractWhitelist)1 PermitAllWhitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist)1 ProxyWhitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.ProxyWhitelist)1 Resource (org.springframework.core.io.Resource)1