Example 1 with PropertyAccessException
use of org.mvel2.PropertyAccessException in project drools by kiegroup.
the class SecurityPolicyTest method testAccumulateFunctionMVEL.
@Test
public void testAccumulateFunctionMVEL() throws Exception {
String drl = "package org.foo.bar\n" + "import " + MaliciousExitHelper.class.getName().replace('$', '.') + " \n" + "rule testRule dialect \"mvel\" \n" + " when\n" + " Number() from accumulate(Object(), " + " sum(MaliciousExitHelper.exit()))\n" + " then\n" + "end";
try {
KieServices ks = KieServices.Factory.get();
KieFileSystem kfs = ks.newKieFileSystem().write(ResourceFactory.newByteArrayResource(drl.getBytes()).setSourcePath("org/foo/bar/r1.drl"));
ks.newKieBuilder(kfs).buildAll();
ReleaseId releaseId = ks.getRepository().getDefaultReleaseId();
KieContainer kc = ks.newKieContainer(releaseId);
KieSession ksession = kc.newKieSession();
ksession.insert("foo");
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
} catch (Exception e) {
if (e.toString().contains("access denied (\"java.lang.RuntimePermission\" \"exitVM.0\")")) {
// test succeeded
} else {
throw e;
}
}
}
Also used :
KieFileSystem(org.kie.api.builder.KieFileSystem)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieServices(org.kie.api.KieServices)
KieSession(org.kie.api.runtime.KieSession)
ReleaseId(org.kie.api.builder.ReleaseId)
ConsequenceException(org.kie.api.runtime.rule.ConsequenceException)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieContainer(org.kie.api.runtime.KieContainer)
Test(org.junit.Test)
Example 2 with PropertyAccessException
use of org.mvel2.PropertyAccessException in project drools by kiegroup.
the class SecurityPolicyTest method testCustomAccumulateMVEL.
@Test
public void testCustomAccumulateMVEL() throws Exception {
String drl = "package org.foo.bar\n" + "rule testRule dialect \"mvel\" \n" + " when\n" + " Number() from accumulate(Object(), " + " init(System.exit(-1);), " + " action(System.exit(-1);), " + " reverse(System.exit(-1);), " + " result(0))\n" + " then\n" + "end";
try {
KieServices ks = KieServices.Factory.get();
KieFileSystem kfs = ks.newKieFileSystem().write(ResourceFactory.newByteArrayResource(drl.getBytes()).setSourcePath("org/foo/bar/r1.drl"));
ks.newKieBuilder(kfs).buildAll();
ReleaseId releaseId = ks.getRepository().getDefaultReleaseId();
KieContainer kc = ks.newKieContainer(releaseId);
KieSession ksession = kc.newKieSession();
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
} catch (Exception e) {
if (e.toString().contains("access denied (\"java.lang.RuntimePermission\" \"exitVM.-1\")")) {
// test succeeded
} else {
throw e;
}
}
}
Also used :
KieFileSystem(org.kie.api.builder.KieFileSystem)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieServices(org.kie.api.KieServices)
KieSession(org.kie.api.runtime.KieSession)
ReleaseId(org.kie.api.builder.ReleaseId)
ConsequenceException(org.kie.api.runtime.rule.ConsequenceException)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieContainer(org.kie.api.runtime.KieContainer)
Test(org.junit.Test)
Example 3 with PropertyAccessException
use of org.mvel2.PropertyAccessException in project drools by kiegroup.
the class SecurityPolicyTest method testAccumulateFunctionJava.
@Test
public void testAccumulateFunctionJava() throws Exception {
String drl = "package org.foo.bar\n" + "import " + MaliciousExitHelper.class.getName().replace('$', '.') + " \n" + "rule testRule dialect \"java\" \n" + " when\n" + " Number() from accumulate(Object(), " + " sum(MaliciousExitHelper.exit()))\n" + " then\n" + "end";
try {
KieServices ks = KieServices.Factory.get();
KieFileSystem kfs = ks.newKieFileSystem().write(ResourceFactory.newByteArrayResource(drl.getBytes()).setSourcePath("org/foo/bar/r1.drl"));
ks.newKieBuilder(kfs).buildAll();
ReleaseId releaseId = ks.getRepository().getDefaultReleaseId();
KieContainer kc = ks.newKieContainer(releaseId);
KieSession ksession = kc.newKieSession();
ksession.insert("foo");
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
} catch (Exception e) {
if (e.toString().contains("access denied (\"java.lang.RuntimePermission\" \"exitVM.0\")")) {
// test succeeded
} else {
throw e;
}
}
}
Also used :
KieFileSystem(org.kie.api.builder.KieFileSystem)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieServices(org.kie.api.KieServices)
KieSession(org.kie.api.runtime.KieSession)
ReleaseId(org.kie.api.builder.ReleaseId)
ConsequenceException(org.kie.api.runtime.rule.ConsequenceException)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieContainer(org.kie.api.runtime.KieContainer)
Test(org.junit.Test)
Example 4 with PropertyAccessException
use of org.mvel2.PropertyAccessException in project drools by kiegroup.
the class SecurityPolicyTest method testCustomAccumulateMVEL.
@Test
public void testCustomAccumulateMVEL() {
String drl = "package org.foo.bar\n" + "rule testRule dialect \"mvel\" \n" + " when\n" + " Number() from accumulate(Object(), " + " init(System.exit(-1);), " + " action(System.exit(-1);), " + " reverse(System.exit(-1);), " + " result(0))\n" + " then\n" + "end";
try {
KieBase kbase = KieBaseUtil.getKieBaseFromKieModuleFromDrl("test", kieBaseTestConfiguration, drl);
KieSession ksession = kbase.newKieSession();
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
} catch (Exception e) {
if (e.toString().contains("access denied (\"java.lang.RuntimePermission\" \"exitVM.-1\")")) {
// test succeeded
} else {
throw e;
}
}
}
Also used :
KieBase(org.kie.api.KieBase)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieSession(org.kie.api.runtime.KieSession)
ConsequenceException(org.kie.api.runtime.rule.ConsequenceException)
PropertyAccessException(org.mvel2.PropertyAccessException)
Test(org.junit.Test)
Example 5 with PropertyAccessException
use of org.mvel2.PropertyAccessException in project drools by kiegroup.
the class SecurityPolicyTest method testAccumulateFunctionJava.
@Test
public void testAccumulateFunctionJava() {
String drl = "package org.foo.bar\n" + "import " + MaliciousExitHelper.class.getName().replace('$', '.') + " \n" + "rule testRule dialect \"java\" \n" + " when\n" + " Number() from accumulate(Object(), " + " sum(MaliciousExitHelper.exit()))\n" + " then\n" + "end";
try {
KieBase kbase = KieBaseUtil.getKieBaseFromKieModuleFromDrl("test", kieBaseTestConfiguration, drl);
KieSession ksession = kbase.newKieSession();
ksession.insert("foo");
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
} catch (Exception e) {
if (e.toString().contains("access denied (\"java.lang.RuntimePermission\" \"exitVM.0\")")) {
// test succeeded
} else {
throw e;
}
}
}
Also used :
KieBase(org.kie.api.KieBase)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieSession(org.kie.api.runtime.KieSession)
ConsequenceException(org.kie.api.runtime.rule.ConsequenceException)
PropertyAccessException(org.mvel2.PropertyAccessException)
Test(org.junit.Test)
Aggregations
PropertyAccessException (org.mvel2.PropertyAccessException)19
Test (org.junit.Test)10
KieSession (org.kie.api.runtime.KieSession)10
Map (java.util.Map)7
IOException (java.io.IOException)6
ConsequenceException (org.kie.api.runtime.rule.ConsequenceException)6
CompileException (org.mvel2.CompileException)6
InvocationTargetException (java.lang.reflect.InvocationTargetException)5
Method (java.lang.reflect.Method)5
KieBase (org.kie.api.KieBase)5
KieServices (org.kie.api.KieServices)5
KieFileSystem (org.kie.api.builder.KieFileSystem)5
ReleaseId (org.kie.api.builder.ReleaseId)5
KieContainer (org.kie.api.runtime.KieContainer)5
Field (java.lang.reflect.Field)4
Member (java.lang.reflect.Member)4
List (java.util.List)4
Label (org.mvel2.asm.Label)4
ExecutableStatement (org.mvel2.compiler.ExecutableStatement)4
PropertyVerifier (org.mvel2.compiler.PropertyVerifier)3
