Search in sources :

Example 1 with SandboxInterceptor

use of org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor in project engine by craftercms.

the class SiteContextFactory method configureScriptSandbox.

protected void configureScriptSandbox(SiteContext siteContext, ResourceLoader resourceLoader) {
    try {
        // Enable both hardcoded & configurable blacklists
        if (enableScriptSandbox && enableSandboxBlacklist) {
            Resource sandboxBlacklist = resourceLoader.getResource(this.sandboxBlacklist);
            try (InputStream is = sandboxBlacklist.getInputStream()) {
                Blacklist blacklist = new Blacklist(new InputStreamReader(is));
                siteContext.scriptSandbox = new SandboxInterceptor(blacklist, singletonList(Dom4jExtension.class));
            }
        // Enable only the hardcoded blacklist
        } else if (enableScriptSandbox) {
            Whitelist whitelist = new PermitAllWhitelist();
            siteContext.scriptSandbox = new SandboxInterceptor(whitelist, singletonList(Dom4jExtension.class));
        }
    } catch (IOException e) {
        throw new SiteContextCreationException("Unable to load sandbox blacklist for site '" + siteContext.getSiteName() + "'", e);
    }
}
Also used : SiteContextCreationException(org.craftercms.engine.exception.SiteContextCreationException) PermitAllWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist) InputStreamReader(java.io.InputStreamReader) InputStream(java.io.InputStream) Resource(org.springframework.core.io.Resource) PermitAllWhitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist) Whitelist(org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist) Blacklist(org.jenkinsci.plugins.scriptsecurity.sandbox.blacklists.Blacklist) IOException(java.io.IOException) Dom4jExtension(org.craftercms.engine.util.groovy.Dom4jExtension) SandboxInterceptor(org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor)

Aggregations

IOException (java.io.IOException)1 InputStream (java.io.InputStream)1 InputStreamReader (java.io.InputStreamReader)1 SiteContextCreationException (org.craftercms.engine.exception.SiteContextCreationException)1 Dom4jExtension (org.craftercms.engine.util.groovy.Dom4jExtension)1 Whitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.Whitelist)1 Blacklist (org.jenkinsci.plugins.scriptsecurity.sandbox.blacklists.Blacklist)1 SandboxInterceptor (org.jenkinsci.plugins.scriptsecurity.sandbox.groovy.SandboxInterceptor)1 PermitAllWhitelist (org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.PermitAllWhitelist)1 Resource (org.springframework.core.io.Resource)1