SandboxInterceptor (venice 1.10.16 API)

java.lang.Object
- com.github.jlangch.venice.javainterop.Interceptor
- - com.github.jlangch.venice.javainterop.ValueFilterInterceptor
  - - com.github.jlangch.venice.javainterop.SandboxInterceptor

All Implemented Interfaces:: IInterceptor

public class SandboxInterceptor
extends ValueFilterInterceptor

Constructor Summary

Constructors
Constructor and Description

SandboxInterceptor(SandboxRules rules)

SandboxInterceptor(SandboxRules rules, ILoadPaths loadPaths)

Constructors
Constructor and Description
`SandboxInterceptor(SandboxRules rules)`
`SandboxInterceptor(SandboxRules rules, ILoadPaths loadPaths)`

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`protected java.lang.Object`	`filter(java.lang.Object obj)`
`protected java.lang.Object`	`filterAccessor(java.lang.Object o, java.lang.String accessor)`
`protected ReturnValue`	`filterReturnValue(ReturnValue returnValue)`
`java.lang.Integer`	`getMaxExecutionTimeSeconds()`
`java.lang.Integer`	`getMaxFutureThreadPoolSize()`
`SandboxRules`	`getRules()`
`ReturnValue`	`onGetBeanProperty(IInvoker invoker, java.lang.Object receiver, java.lang.String property)` Gets a Java Bean property
`ReturnValue`	`onGetInstanceField(IInvoker invoker, java.lang.Object receiver, java.lang.Class<?> receiverFormalType, java.lang.String fieldName)` Get an instance field's value
`ReturnValue`	`onGetStaticField(IInvoker invoker, java.lang.Class<?> receiver, java.lang.String fieldName)` Get a static field's value
`ReturnValue`	`onInvokeConstructor(IInvoker invoker, java.lang.Class<?> receiver, java.lang.Object... args)` Invokes a constructor
`ReturnValue`	`onInvokeInstanceMethod(IInvoker invoker, java.lang.Object receiver, java.lang.Class<?> receiverFormalType, java.lang.String method, java.lang.Object... args)` Invokes an instance method
`ReturnValue`	`onInvokeStaticMethod(IInvoker invoker, java.lang.Class<?> receiver, java.lang.String method, java.lang.Object... args)` Invokes a static method
`byte[]`	`onLoadClassPathResource(java.lang.String resourceName)` Loads a classpath resource
`java.lang.String`	`onReadSystemEnv(java.lang.String name)` Reads a Java environment variable
`java.lang.String`	`onReadSystemProperty(java.lang.String propertyName)` Reads a Java system property
`void`	`onSetBeanProperty(IInvoker invoker, java.lang.Object receiver, java.lang.String property, java.lang.Object value)` Sets a Java Bean property
`void`	`validateFileRead(java.io.File file)` Validates that the file can be read
`void`	`validateFileWrite(java.io.File file)` Validates that the file can be written
`void`	`validateLoadModule(java.lang.String moduleName)` Validates the load of a module
`void`	`validateMaxExecutionTime()` Validates the execution time
`void`	`validateVeniceFunction(java.lang.String funcName)` Validates the invocation of a Venice function.

Methods inherited from class com.github.jlangch.venice.javainterop.ValueFilterInterceptor
filterArgument

Methods inherited from class com.github.jlangch.venice.javainterop.Interceptor
getLoadPaths

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

- Constructor Detail
  - SandboxInterceptor
```
public SandboxInterceptor(SandboxRules rules)
```
  - SandboxInterceptor
```
public SandboxInterceptor(SandboxRules rules,
                          ILoadPaths loadPaths)
```
- Method Detail
  - getRules
```
public SandboxRules getRules()
```
  - onInvokeInstanceMethod
```
public ReturnValue onInvokeInstanceMethod(IInvoker invoker,
                                          java.lang.Object receiver,
                                          java.lang.Class<?> receiverFormalType,
                                          java.lang.String method,
                                          java.lang.Object... args)
                                   throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Invokes an instance method
    
    Specified by:
    
    onInvokeInstanceMethod in interface IInterceptor
    
    Overrides:
    
    onInvokeInstanceMethod in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - an object
    
    receiverFormalType - the formal type of the receiver (e.g a superclass)
    
    method - a method
    
    args - a list of arguments
    
    Returns:
    
    the return value
    
    Throws:
    
    SecurityException - if the instance method is not whitelisted
  - onInvokeStaticMethod
```
public ReturnValue onInvokeStaticMethod(IInvoker invoker,
                                        java.lang.Class<?> receiver,
                                        java.lang.String method,
                                        java.lang.Object... args)
                                 throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Invokes a static method
    
    Specified by:
    
    onInvokeStaticMethod in interface IInterceptor
    
    Overrides:
    
    onInvokeStaticMethod in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - a class
    
    method - a method
    
    args - a list of arguments
    
    Returns:
    
    the return value
    
    Throws:
    
    SecurityException - if the static method is not whitelisted
  - onInvokeConstructor
```
public ReturnValue onInvokeConstructor(IInvoker invoker,
                                       java.lang.Class<?> receiver,
                                       java.lang.Object... args)
                                throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Invokes a constructor
    
    Specified by:
    
    onInvokeConstructor in interface IInterceptor
    
    Overrides:
    
    onInvokeConstructor in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - a class
    
    args - a list of arguments
    
    Returns:
    
    the create object
    
    Throws:
    
    SecurityException - if the constructor is not whitelisted
  - onGetBeanProperty
```
public ReturnValue onGetBeanProperty(IInvoker invoker,
                                     java.lang.Object receiver,
                                     java.lang.String property)
                              throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Gets a Java Bean property
    
    Specified by:
    
    onGetBeanProperty in interface IInterceptor
    
    Overrides:
    
    onGetBeanProperty in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - an object
    
    property - a property name
    
    Returns:
    
    the property's value
    
    Throws:
    
    SecurityException - if the bean property (instance method) is not whitelisted
  - onSetBeanProperty
```
public void onSetBeanProperty(IInvoker invoker,
                              java.lang.Object receiver,
                              java.lang.String property,
                              java.lang.Object value)
                       throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Sets a Java Bean property
    
    Specified by:
    
    onSetBeanProperty in interface IInterceptor
    
    Overrides:
    
    onSetBeanProperty in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - an object
    
    property - a property name
    
    value - a property value
    
    Throws:
    
    SecurityException - if the bean property (instance method) is not whitelisted
  - onGetStaticField
```
public ReturnValue onGetStaticField(IInvoker invoker,
                                    java.lang.Class<?> receiver,
                                    java.lang.String fieldName)
                             throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Get a static field's value
    
    Specified by:
    
    onGetStaticField in interface IInterceptor
    
    Overrides:
    
    onGetStaticField in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - a class
    
    fieldName - a field name
    
    Returns:
    
    the field's value
    
    Throws:
    
    SecurityException - if the static field is not whitelisted
  - onGetInstanceField
```
public ReturnValue onGetInstanceField(IInvoker invoker,
                                      java.lang.Object receiver,
                                      java.lang.Class<?> receiverFormalType,
                                      java.lang.String fieldName)
                               throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Get an instance field's value
    
    Specified by:
    
    onGetInstanceField in interface IInterceptor
    
    Overrides:
    
    onGetInstanceField in class ValueFilterInterceptor
    
    Parameters:
    
    invoker - the invoker
    
    receiver - an object
    
    receiverFormalType - the formal type of the receiver (e.g a superclass)
    
    fieldName - a field name
    
    Returns:
    
    the field's value
    
    Throws:
    
    SecurityException - if the instance field is not whitelisted
  - onLoadClassPathResource
```
public byte[] onLoadClassPathResource(java.lang.String resourceName)
                               throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Loads a classpath resource
    
    Specified by:
    
    onLoadClassPathResource in interface IInterceptor
    
    Overrides:
    
    onLoadClassPathResource in class Interceptor
    
    Parameters:
    
    resourceName - a resource name (e.g.: /foo/org/image.png)
    
    Returns:
    
    the resource data
    
    Throws:
    
    SecurityException - if the classpath resource is not whitelisted
  - onReadSystemProperty
```
public java.lang.String onReadSystemProperty(java.lang.String propertyName)
                                      throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Reads a Java system property
    
    Specified by:
    
    onReadSystemProperty in interface IInterceptor
    
    Overrides:
    
    onReadSystemProperty in class Interceptor
    
    Parameters:
    
    propertyName - a property name (e.g: user.home)
    
    Returns:
    
    the property's value
    
    Throws:
    
    SecurityException - if the property is not whitelisted
  - onReadSystemEnv
```
public java.lang.String onReadSystemEnv(java.lang.String name)
                                 throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Reads a Java environment variable
    
    Specified by:
    
    onReadSystemEnv in interface IInterceptor
    
    Overrides:
    
    onReadSystemEnv in class Interceptor
    
    Parameters:
    
    name - a variable name (e.g: USER)
    
    Returns:
    
    the variable value
    
    Throws:
    
    SecurityException - if the variable is not whitelisted
  - validateVeniceFunction
```
public void validateVeniceFunction(java.lang.String funcName)
                            throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Validates the invocation of a Venice function.
    
    Specified by:
    
    validateVeniceFunction in interface IInterceptor
    
    Overrides:
    
    validateVeniceFunction in class Interceptor
    
    Parameters:
    
    funcName - A venice function name
    
    Throws:
    
    SecurityException - if the function is blacklisted and not allowed to be invoked.
  - validateLoadModule
```
public void validateLoadModule(java.lang.String moduleName)
                        throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Validates the load of a module
    
    Specified by:
    
    validateLoadModule in interface IInterceptor
    
    Overrides:
    
    validateLoadModule in class Interceptor
    
    Parameters:
    
    moduleName - the module name
    
    Throws:
    
    SecurityException - if the module is blacklisted
  - validateMaxExecutionTime
```
public void validateMaxExecutionTime()
                              throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Validates the execution time
    
    Specified by:
    
    validateMaxExecutionTime in interface IInterceptor
    
    Overrides:
    
    validateMaxExecutionTime in class Interceptor
    
    Throws:
    
    SecurityException - if the execution time exceeds the configured limit.
  - validateFileRead
```
public void validateFileRead(java.io.File file)
                      throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Validates that the file can be read
    
    Specified by:
    
    validateFileRead in interface IInterceptor
    
    Overrides:
    
    validateFileRead in class Interceptor
    
    Parameters:
    
    file - A file
    
    Throws:
    
    SecurityException - if the file can not be read.
  - validateFileWrite
```
public void validateFileWrite(java.io.File file)
                       throws SecurityException
```
    Description copied from interface: IInterceptor
    
    Validates that the file can be written
    
    Specified by:
    
    validateFileWrite in interface IInterceptor
    
    Overrides:
    
    validateFileWrite in class Interceptor
    
    Parameters:
    
    file - A file
    
    Throws:
    
    SecurityException - if the file can not be written.
  - getMaxExecutionTimeSeconds
```
public java.lang.Integer getMaxExecutionTimeSeconds()
```
    Specified by:
    
    getMaxExecutionTimeSeconds in interface IInterceptor
    
    Overrides:
    
    getMaxExecutionTimeSeconds in class Interceptor
    
    Returns:
    
    the max execution time in seconds a Venice script under this Sandbox is allowed to run.
  - getMaxFutureThreadPoolSize
```
public java.lang.Integer getMaxFutureThreadPoolSize()
```
    Specified by:
    
    getMaxFutureThreadPoolSize in interface IInterceptor
    
    Overrides:
    
    getMaxFutureThreadPoolSize in class Interceptor
    
    Returns:
    
    the max future thread pool size a Venice script under this Sandbox is allowed to use.
  - filterReturnValue
```
protected ReturnValue filterReturnValue(ReturnValue returnValue)
```
    Overrides:
    
    filterReturnValue in class ValueFilterInterceptor
  - filter
```
protected java.lang.Object filter(java.lang.Object obj)
```
    Overrides:
    
    filter in class ValueFilterInterceptor
  - filterAccessor
```
protected java.lang.Object filterAccessor(java.lang.Object o,
                                          java.lang.String accessor)
```
    Overrides:
    
    filterAccessor in class ValueFilterInterceptor

Class SandboxInterceptor

Constructor Summary

Method Summary

Methods inherited from class com.github.jlangch.venice.javainterop.ValueFilterInterceptor

Methods inherited from class com.github.jlangch.venice.javainterop.Interceptor

Methods inherited from class java.lang.Object

Constructor Detail

SandboxInterceptor

SandboxInterceptor

Method Detail

getRules

onInvokeInstanceMethod

onInvokeStaticMethod

onInvokeConstructor

onGetBeanProperty

onSetBeanProperty

onGetStaticField

onGetInstanceField

onLoadClassPathResource

onReadSystemProperty

onReadSystemEnv

validateVeniceFunction

validateLoadModule

validateMaxExecutionTime

validateFileRead

validateFileWrite

getMaxExecutionTimeSeconds

getMaxFutureThreadPoolSize

filterReturnValue

filter

filterAccessor