Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

WW-5440 Fix OGNL allowlist compat with Convention plugin #986

Merged
merged 7 commits into from
Jul 15, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Original file line number Diff line number Diff line change
Expand Up @@ -18,30 +18,30 @@
*/
package org.demo.rest.example;

import java.util.Collection;

import com.opensymphony.xwork2.ModelDriven;
import com.opensymphony.xwork2.Validateable;
import com.opensymphony.xwork2.ValidationAwareSupport;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.apache.struts2.convention.annotation.Result;
import org.apache.struts2.convention.annotation.Results;
import org.apache.struts2.interceptor.parameter.StrutsParameter;
import org.apache.struts2.rest.DefaultHttpHeaders;
import org.apache.struts2.rest.HttpHeaders;
import org.apache.struts2.convention.annotation.Results;
import org.apache.struts2.convention.annotation.Result;

import com.opensymphony.xwork2.ModelDriven;
import com.opensymphony.xwork2.Validateable;
import com.opensymphony.xwork2.ValidationAwareSupport;
import java.util.Collection;

@Results({
@Result(name="success", type="redirectAction", params = {"actionName" , "orders"})
})
public class OrdersController extends ValidationAwareSupport implements ModelDriven<Object>, Validateable{
public class OrdersController extends ValidationAwareSupport implements ModelDriven<Object>, Validateable {

private static final Logger log = LogManager.getLogger(OrdersController.class);

private Order model = new Order();
private String id;
private Collection<Order> list;
private OrdersService ordersService = new OrdersService();
private final OrdersService ordersService = new OrdersService();

// GET /orders/1
public HttpHeaders show() {
Expand All @@ -54,7 +54,7 @@ public HttpHeaders index() {
return new DefaultHttpHeaders("index")
.disableCaching();
}

// GET /orders/1/edit
public String edit() {
return "edit";
Expand Down Expand Up @@ -101,13 +101,15 @@ public void validate() {
}
}

@StrutsParameter
public void setId(String id) {
if (id != null) {
this.model = ordersService.get(id);
}
this.id = id;
}


@Override
public Object getModel() {
return (list != null ? list : model);
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -18,11 +18,14 @@
*/
package org.demo.rest.example;

import java.util.*;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

public class OrdersService {

private static Map<String,Order> orders = new HashMap<String,Order>();
private static final Map<String,Order> orders = new HashMap<>();
private static int nextId = 6;
static {
orders.put("3", new Order("3", "Bob", 33));
Expand Down
6 changes: 6 additions & 0 deletions apps/showcase/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -137,6 +137,12 @@
<scope>test</scope>
</dependency>

<dependency>
<groupId>org.assertj</groupId>
<artifactId>assertj-core</artifactId>
<scope>test</scope>
</dependency>

<dependency>
<groupId>net.sourceforge.htmlunit</groupId>
<artifactId>htmlunit</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package org.apache.struts2.showcase;

import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.interceptor.parameter.StrutsParameter;
import org.apache.struts2.showcase.ajax.tree.Category;

//START SNIPPET: treeExampleDynamicJavaSelected
Expand All @@ -30,7 +31,7 @@ public class DynamicTreeSelectAction extends ActionSupport {
private long nodeId;
private Category currentCategory;


@StrutsParameter
public void setNodeId(long nodeId) {
this.nodeId = nodeId;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package org.apache.struts2.showcase;

import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.interceptor.parameter.StrutsParameter;

import java.util.ArrayList;
import java.util.LinkedHashMap;
Expand Down Expand Up @@ -74,6 +75,7 @@ public List getFavouriteCartoonCharacters() {
return _favouriteCartoonCharactersKeys;
}

@StrutsParameter
public void setFavouriteCartoonCharacters(List favouriteCartoonCharacters) {
_favouriteCartoonCharactersKeys = favouriteCartoonCharacters;
}
Expand All @@ -82,6 +84,7 @@ public List getNotFavouriteCartoonCharacters() {
return _notFavouriteCartoonCharactersKeys;
}

@StrutsParameter
public void setNotFavouriteCartoonCharacters(List notFavouriteCartoonCharacters) {
_notFavouriteCartoonCharactersKeys = notFavouriteCartoonCharacters;
}
Expand All @@ -108,6 +111,7 @@ public List getFavouriteCars() {
return _favouriteCarsKeys;
}

@StrutsParameter
public void setFavouriteCars(List favouriteCars) {
_favouriteCarsKeys = favouriteCars;
}
Expand All @@ -116,6 +120,7 @@ public List getNotFavouriteCars() {
return _notFavouriteCarsKeys;
}

@StrutsParameter
public void setNotFavouriteCars(List notFavouriteCars) {
_notFavouriteCarsKeys = notFavouriteCars;
}
Expand All @@ -142,6 +147,7 @@ public List getFavouriteMotorcycles() {
return _favouriteMotorcyclesKeys;
}

@StrutsParameter
public void setFavouriteMotorcycles(List favouriteMotorcycles) {
_favouriteMotorcyclesKeys = favouriteMotorcycles;
}
Expand All @@ -150,6 +156,7 @@ public List getNotFavouriteMotorcycles() {
return _notFavouriteMotorcyclesKeys;
}

@StrutsParameter
public void setNotFavouriteMotorcycles(List notFavouriteMotorcycles) {
_notFavouriteMotorcyclesKeys = notFavouriteMotorcycles;
}
Expand All @@ -176,6 +183,7 @@ public List getFavouriteCountries() {
return _favouriteCountriesKeys;
}

@StrutsParameter
public void setFavouriteCountries(List favouriteCountries) {
_favouriteCountriesKeys = favouriteCountries;
}
Expand All @@ -184,6 +192,7 @@ public List getNotFavouriteCountries() {
return _notFavouriteCountriesKeys;
}

@StrutsParameter
public void setNotFavouriteCountries(List notFavouriteCountries) {
_notFavouriteCountriesKeys = notFavouriteCountries;
}
Expand All @@ -205,6 +214,7 @@ public List getFavouriteSports() {
return _favouriteSportsKeys;
}

@StrutsParameter
public void setFavouriteSports(List favouriteSportsKeys) {
this._favouriteSportsKeys = favouriteSportsKeys;
}
Expand All @@ -213,6 +223,7 @@ public List getNonFavouriteSports() {
return _nonFavouriteSportsKeys;
}

@StrutsParameter
public void setNonFavouriteSports(List notFavouriteSportsKeys) {
this._nonFavouriteSportsKeys = notFavouriteSportsKeys;
}
Expand All @@ -222,6 +233,7 @@ public List getPrioritisedFavouriteCartoonCharacters() {
return _prioritisedFavouriteCartoonCharacters;
}

@StrutsParameter
public void setPrioritisedFavouriteCartoonCharacters(List prioritisedFavouriteCartoonCharacters) {
_prioritisedFavouriteCartoonCharacters = prioritisedFavouriteCartoonCharacters;
}
Expand All @@ -230,6 +242,7 @@ public List getPrioritisedFavouriteCars() {
return _prioritisedFavouriteCars;
}

@StrutsParameter
public void setPrioritisedFavouriteCars(List prioritisedFavouriteCars) {
_prioritisedFavouriteCars = prioritisedFavouriteCars;
}
Expand All @@ -239,6 +252,7 @@ public List getPrioritisedFavouriteCountries() {
return _prioritisedFavouriteCountries;
}

@StrutsParameter
public void setPrioritisedFavouriteCountries(List prioritisedFavouriteCountries) {
_prioritisedFavouriteCountries = prioritisedFavouriteCountries;
}
Expand All @@ -264,12 +278,13 @@ public List getFavouriteCities() {
return _favouriteCities;
}

@StrutsParameter
public void setFavouriteCities(List favouriteCities) {
this._favouriteCities = favouriteCities;
}

// actions

@Override
public String input() throws Exception {
return SUCCESS;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package org.apache.struts2.showcase;

import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.interceptor.parameter.StrutsParameter;

/**
*
Expand All @@ -36,6 +37,7 @@ public String getDescription1() {
return this.description1;
}

@StrutsParameter
public void setDescription1(String description1) {
this.description1 = description1;
}
Expand All @@ -45,6 +47,7 @@ public String getDescription2() {
return this.description2;
}

@StrutsParameter
public void setDescription2(String description2) {
this.description2 = description2;
}
Expand All @@ -54,6 +57,7 @@ public String getDescription3() {
return this.description3;
}

@StrutsParameter
public void setDescription3(String description3) {
this.description3 = description3;
}
Expand All @@ -63,11 +67,12 @@ public String getDescription4() {
return this.description4;
}

@StrutsParameter
public void setDescription4(String description4) {
this.description4 = description4;
}


@Override
public String input() throws Exception {
return SUCCESS;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package org.apache.struts2.showcase;

import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.interceptor.parameter.StrutsParameter;

import java.util.ArrayList;
import java.util.LinkedHashMap;
Expand Down Expand Up @@ -75,11 +76,11 @@ public List getDefaultFavouriteNumbers() {
return list;
}


public List getPrioritisedFavouriteCartoonCharacters() {
return _prioritisedFavouriteCartoonCharacters;
}

@StrutsParameter
public void setPrioritisedFavouriteCartoonCharacters(List prioritisedFavouriteCartoonCharacters) {
_prioritisedFavouriteCartoonCharacters = prioritisedFavouriteCartoonCharacters;
}
Expand All @@ -88,15 +89,16 @@ public List getPrioritisedFavouriteCars() {
return _prioritisedFavouriteCars;
}

@StrutsParameter
public void setPrioritisedFavouriteCars(List prioritisedFavouriteCars) {
_prioritisedFavouriteCars = prioritisedFavouriteCars;
}


public List getPrioritisedFavouriteCountries() {
return _prioritisedFavouriteCountries;
}

@StrutsParameter
public void setPrioritisedFavouriteCountries(List prioritisedFavouriteCountries) {
_prioritisedFavouriteCountries = prioritisedFavouriteCountries;
}
Expand All @@ -105,6 +107,7 @@ public List getFavouriteNumbers() {
return favouriteNumbers;
}

@StrutsParameter
public void setFavouriteNumbers(List favouriteNumbers) {
this.favouriteNumbers = favouriteNumbers;
}
Expand All @@ -129,12 +132,13 @@ public List getFavouriteCities() {
return favouriteCities;
}

@StrutsParameter
public void setFavouriteCities(List favouriteCities) {
this.favouriteCities = favouriteCities;
}

// actions

@Override
public String input() throws Exception {
return SUCCESS;
}
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
package org.apache.struts2.showcase;

import com.opensymphony.xwork2.ActionSupport;
import org.apache.struts2.interceptor.parameter.StrutsParameter;
import org.apache.struts2.showcase.ajax.tree.Category;

public class ShowAjaxDynamicTreeAction extends ActionSupport {
Expand All @@ -34,6 +35,7 @@ public int getNodeId() {
return nodeId;
}

@StrutsParameter
public void setNodeId(int nodeId) {
this.nodeId = nodeId;
}
Expand Down
Loading