Example 11 with Contains
use of org.mvel2.ast.Contains in project drools by kiegroup.
the class SecurityPolicyTest method testUntrustedMVELSalience.
@Test
public void testUntrustedMVELSalience() throws Exception {
String drl = "package org.foo.bar\n" + "import " + MaliciousExitHelper.class.getName().replace('$', '.') + " \n" + "rule R1 dialect \"mvel\" salience( MaliciousExitHelper.exit() ) \n" + "when\n" + "then\n" + "end\n";
try {
KieServices ks = KieServices.Factory.get();
KieFileSystem kfs = ks.newKieFileSystem().write(ResourceFactory.newByteArrayResource(drl.getBytes()).setSourcePath("org/foo/bar/r1.drl"));
ks.newKieBuilder(kfs).buildAll();
ReleaseId releaseId = ks.getRepository().getDefaultReleaseId();
KieContainer kc = ks.newKieContainer(releaseId);
KieSession ksession = kc.newKieSession();
ksession.fireAllRules();
Assert.fail("The security policy for the rule should have prevented this from executing...");
} catch (PropertyAccessException e) {
// weak way of testing but couldn't find a better way
if (e.toString().contains("The security policy should have prevented")) {
Assert.fail("The security policy for the rule should have prevented this from executing...");
} else {
// test succeeded
}
}
}
Also used :
KieFileSystem(org.kie.api.builder.KieFileSystem)
PropertyAccessException(org.mvel2.PropertyAccessException)
KieServices(org.kie.api.KieServices)
KieSession(org.kie.api.runtime.KieSession)
ReleaseId(org.kie.api.builder.ReleaseId)
KieContainer(org.kie.api.runtime.KieContainer)
Test(org.junit.Test)
Example 12 with Contains
use of org.mvel2.ast.Contains in project drools by kiegroup.
the class TraitTriplePropertyWrapperClassBuilderImpl method initSoftField.
protected void initSoftField(MethodVisitor mv, String wrapperName, FieldDefinition field, ClassDefinition core, String internalWrapper) {
mv.visitVarInsn(ALOAD, 0);
mv.visitFieldInsn(GETFIELD, wrapperName, "store", Type.getDescriptor(TripleStore.class));
mv.visitVarInsn(ALOAD, 0);
mv.visitLdcInsn(field.resolveAlias());
mv.visitMethodInsn(INVOKEVIRTUAL, wrapperName, "propertyKey", "(" + Type.getDescriptor(Object.class) + ")" + Type.getDescriptor(Triple.class), false);
mv.visitMethodInsn(INVOKEVIRTUAL, Type.getInternalName(TripleStore.class), "contains", "(" + Type.getDescriptor(Triple.class) + ")Z", false);
Label l0 = new Label();
mv.visitJumpInsn(IFNE, l0);
mv.visitVarInsn(ALOAD, 0);
mv.visitFieldInsn(GETFIELD, wrapperName, "store", Type.getDescriptor(TripleStore.class));
mv.visitVarInsn(ALOAD, 0);
mv.visitLdcInsn(field.resolveAlias());
mv.visitInsn(BuildUtils.zero(field.getTypeName()));
if (BuildUtils.isPrimitive(field.getTypeName())) {
TraitFactory.valueOf(mv, field.getTypeName());
}
mv.visitMethodInsn(INVOKEVIRTUAL, wrapperName, "property", "(" + Type.getDescriptor(String.class) + Type.getDescriptor(Object.class) + ")" + Type.getDescriptor(Triple.class), false);
mv.visitInsn(ICONST_1);
mv.visitMethodInsn(INVOKEVIRTUAL, Type.getInternalName(TripleStore.class), "put", "(" + Type.getDescriptor(Triple.class) + "Z)Z", false);
if (core.isFullTraiting()) {
super.registerLogicalField(mv, internalWrapper, field, core);
}
mv.visitInsn(POP);
mv.visitLabel(l0);
}
Also used :
Triple(org.drools.core.util.Triple)
TripleStore(org.drools.core.util.TripleStore)
Label(org.mvel2.asm.Label)
Example 13 with Contains
use of org.mvel2.ast.Contains in project drools by kiegroup.
the class ConditionAnalyzer method analyzeSingleCondition.
private SingleCondition analyzeSingleCondition(ASTNode node, boolean isNegated) {
SingleCondition condition = new SingleCondition(isNegated);
if (node instanceof BinaryOperation) {
BinaryOperation binaryOperation = (BinaryOperation) node;
condition.left = analyzeNode(binaryOperation.getLeft());
condition.operation = BooleanOperator.fromMvelOpCode(binaryOperation.getOperation());
condition.right = analyzeNode(binaryOperation.getRight());
} else if (node instanceof RegExMatch) {
condition.left = analyzeNode(node);
condition.operation = BooleanOperator.MATCHES;
RegExMatch regExNode = (RegExMatch) node;
Pattern pattern = regExNode.getPattern();
if (pattern != null) {
condition.right = new FixedExpression(String.class, pattern.pattern());
} else {
condition.right = analyzeNode(((ExecutableAccessor) regExNode.getPatternStatement()).getNode());
}
} else if (node instanceof Contains) {
condition.left = analyzeNode(((Contains) node).getFirstStatement());
condition.operation = BooleanOperator.CONTAINS;
condition.right = analyzeNode(((Contains) node).getSecondStatement());
} else if (node instanceof Soundslike) {
condition.left = analyzeNode(((Soundslike) node).getStatement());
condition.operation = BooleanOperator.SOUNDSLIKE;
condition.right = analyzeNode(((Soundslike) node).getSoundslike());
} else if (node instanceof Instance) {
condition.left = analyzeNode(((Instance) node).getStatement());
condition.operation = BooleanOperator.INSTANCEOF;
condition.right = analyzeNode(((Instance) node).getClassStatement());
} else {
condition.left = analyzeNode(node);
}
return condition;
}
Also used :
Pattern(java.util.regex.Pattern)
RegExMatch(org.mvel2.ast.RegExMatch)
Soundslike(org.mvel2.ast.Soundslike)
Instance(org.mvel2.ast.Instance)
BinaryOperation(org.mvel2.ast.BinaryOperation)
Contains(org.mvel2.ast.Contains)
Aggregations
Test (org.junit.Test)5
KieServices (org.kie.api.KieServices)5
KieFileSystem (org.kie.api.builder.KieFileSystem)5
ReleaseId (org.kie.api.builder.ReleaseId)5
KieContainer (org.kie.api.runtime.KieContainer)5
KieSession (org.kie.api.runtime.KieSession)5
PropertyAccessException (org.mvel2.PropertyAccessException)5
ConsequenceException (org.kie.api.runtime.rule.ConsequenceException)3
ExpressionCompiler (org.mvel2.compiler.ExpressionCompiler)3
Pattern (java.util.regex.Pattern)1
Triple (org.drools.core.util.Triple)1
TripleStore (org.drools.core.util.TripleStore)1
CompileException (org.mvel2.CompileException)1
Label (org.mvel2.asm.Label)1
BinaryOperation (org.mvel2.ast.BinaryOperation)1
Contains (org.mvel2.ast.Contains)1
Function (org.mvel2.ast.Function)1
Instance (org.mvel2.ast.Instance)1
RegExMatch (org.mvel2.ast.RegExMatch)1
Soundslike (org.mvel2.ast.Soundslike)1
