inteligr8/alfresco-community-repo
1
0
Fork 0
mirror of https://github.com/Alfresco/alfresco-community-repo.git synced 2025-10-01 14:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

[MNT-23158] Scripts limits configuration and optimization (#1519) (#1555)

Browse Source 
* [MNT-23158] Scripts limits configuration and optimization (#1519)

(cherry picked from commit f391cfa38c)

* mySQL version 5.7.28
This commit is contained in:
tiagosalvado10
2022-11-14 18:10:00 +00:00
committed by GitHub
parent 3a87e96154
commit 2e34830fe0
8 changed files with 805 additions and 119 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
.travis.yml
View File

@@ -116,7 +116,7 @@ jobs:
- name: "Repository - MySQL tests"
if: commit_message !~ /\[skip db\]/
before_script:
- docker run -d -p 3307:3306 -e MYSQL_ROOT_PASSWORD=alfresco -e MYSQL_USER=alfresco -e MYSQL_DATABASE=alfresco -e MYSQL_PASSWORD=alfresco mysql:5.7.23 --transaction-isolation='READ-COMMITTED'
- docker run -d -p 3307:3306 -e MYSQL_ROOT_PASSWORD=alfresco -e MYSQL_USER=alfresco -e MYSQL_DATABASE=alfresco -e MYSQL_PASSWORD=alfresco mysql:5.7.28 --transaction-isolation='READ-COMMITTED'
- docker run -d -p 61616:61616 -p 5672:5672 alfresco/alfresco-activemq:5.15.8
script: travis_wait 20 mvn -B test -pl repository -Dtest=AllDBTestsTestSuite -Ddb.driver=com.mysql.jdbc.Driver -Ddb.name=alfresco -Ddb.url=jdbc:mysql://localhost:3307/alfresco -Ddb.username=alfresco -Ddb.password=alfresco

201
repository/src/main/java/org/alfresco/repo/jscript/AlfrescoContextFactory.java Normal file
View File

@@ -0,0 +1,201 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2022 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.jscript;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mozilla.javascript.Callable;
import org.mozilla.javascript.Context;
import org.mozilla.javascript.ContextFactory;
import org.mozilla.javascript.Scriptable;
/**
* Custom factory that allows to apply configured limits during script executions
*
* @see ContextFactory
*/
public class AlfrescoContextFactory extends ContextFactory
{
private static final Log LOGGER = LogFactory.getLog(AlfrescoContextFactory.class);
private int optimizationLevel = -1;
private int maxScriptExecutionSeconds = -1;
private int maxStackDepth = -1;
private long maxMemoryUsedInBytes = -1L;
private int observeInstructionCount = -1;
private AlfrescoScriptThreadMxBeanWrapper threadMxBeanWrapper;
private final int INTERPRETIVE_MODE = -1;
@Override
protected Context makeContext()
{
AlfrescoScriptContext context = new AlfrescoScriptContext();
context.setOptimizationLevel(optimizationLevel);
// Needed for both time and memory measurement
if (maxScriptExecutionSeconds > 0 || maxMemoryUsedInBytes > 0L)
{
if (observeInstructionCount > 0)
{
LOGGER.info("Enabling observer count...");
context.setGenerateObserverCount(true);
context.setInstructionObserverThreshold(observeInstructionCount);
}
else
{
LOGGER.info("Disabling observer count...");
context.setGenerateObserverCount(false);
}
}
// Memory limit
if (maxMemoryUsedInBytes > 0)
{
context.setThreadId(Thread.currentThread().getId());
}
// Max stack depth
if (maxStackDepth > 0)
{
if (optimizationLevel != INTERPRETIVE_MODE)
{
LOGGER.warn("Changing optimization level from " + optimizationLevel + " to " + INTERPRETIVE_MODE);
}
// stack depth can only be set when no optimizations are applied
context.setOptimizationLevel(INTERPRETIVE_MODE);
context.setMaximumInterpreterStackDepth(maxStackDepth);
}
return context;
}
@Override
protected void observeInstructionCount(Context cx, int instructionCount)
{
AlfrescoScriptContext acx = (AlfrescoScriptContext) cx;
if (acx.isLimitsEnabled())
{
// Time limit
if (maxScriptExecutionSeconds > 0)
{
long currentTime = System.currentTimeMillis();
if (currentTime - acx.getStartTime() > maxScriptExecutionSeconds * 1000)
{
throw new Error("Maximum script time of " + maxScriptExecutionSeconds + " seconds exceeded");
}
}
// Memory
if (maxMemoryUsedInBytes > 0 && threadMxBeanWrapper != null && threadMxBeanWrapper.isThreadAllocatedMemorySupported())
{
if (acx.getStartMemory() <= 0)
{
acx.setStartMemory(threadMxBeanWrapper.getThreadAllocatedBytes(acx.getThreadId()));
}
else
{
long currentAllocatedBytes = threadMxBeanWrapper.getThreadAllocatedBytes(acx.getThreadId());
if (currentAllocatedBytes - acx.getStartMemory() >= maxMemoryUsedInBytes)
{
throw new Error("Memory limit of " + maxMemoryUsedInBytes + " bytes reached");
}
}
}
}
}
@Override
protected Object doTopCall(Callable callable, Context cx, Scriptable scope, Scriptable thisObj, Object[] args)
{
AlfrescoScriptContext acx = (AlfrescoScriptContext) cx;
acx.setStartTime(System.currentTimeMillis());
return super.doTopCall(callable, cx, scope, thisObj, args);
}
public int getOptimizationLevel()
{
return optimizationLevel;
}
public void setOptimizationLevel(int optimizationLevel)
{
this.optimizationLevel = optimizationLevel;
}
public int getMaxScriptExecutionSeconds()
{
return maxScriptExecutionSeconds;
}
public void setMaxScriptExecutionSeconds(int maxScriptExecutionSeconds)
{
this.maxScriptExecutionSeconds = maxScriptExecutionSeconds;
}
public int getMaxStackDepth()
{
return maxStackDepth;
}
public void setMaxStackDepth(int maxStackDepth)
{
this.maxStackDepth = maxStackDepth;
}
public long getMaxMemoryUsedInBytes()
{
return maxMemoryUsedInBytes;
}
public void setMaxMemoryUsedInBytes(long maxMemoryUsedInBytes)
{
this.maxMemoryUsedInBytes = maxMemoryUsedInBytes;
if (maxMemoryUsedInBytes > 0)
{
this.threadMxBeanWrapper = new AlfrescoScriptThreadMxBeanWrapper();
if (!threadMxBeanWrapper.isThreadAllocatedMemorySupported())
{
LOGGER.warn("com.sun.management.ThreadMXBean was not found on the classpath. "
+ "This means that the limiting the memory usage for a script will NOT work.");
}
}
}
public int getObserveInstructionCount()
{
return observeInstructionCount;
}
public void setObserveInstructionCount(int observeInstructionCount)
{
this.observeInstructionCount = observeInstructionCount;
}
}

81
repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptContext.java Normal file
View File

@@ -0,0 +1,81 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2022 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.jscript;
import org.mozilla.javascript.Context;
/**
* Custom Rhino context that holds data as start time and memory
*
* @see Context
*/
public class AlfrescoScriptContext extends Context
{
private long startTime;
private long threadId;
private long startMemory;
private boolean limitsEnabled = false;
public long getStartTime()
{
return startTime;
}
public void setStartTime(long startTime)
{
this.startTime = startTime;
}
public long getThreadId()
{
return threadId;
}
public void setThreadId(long threadId)
{
this.threadId = threadId;
}
public long getStartMemory()
{
return startMemory;
}
public void setStartMemory(long startMemory)
{
this.startMemory = startMemory;
}
public boolean isLimitsEnabled()
{
return limitsEnabled;
}
public void setLimitsEnabled(boolean limitsEnabled)
{
this.limitsEnabled = limitsEnabled;
}
}

78
repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptThreadMxBeanWrapper.java Normal file
View File

@@ -0,0 +1,78 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2022 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.jscript;
import java.lang.management.ManagementFactory;
import java.lang.management.ThreadMXBean;
/**
* Allows to monitor memory usage
*/
public class AlfrescoScriptThreadMxBeanWrapper
{
private ThreadMXBean threadMXBean = null;
private boolean threadAllocatedMemorySupported = false;
private final String THREAD_MX_BEAN_SUN = "com.sun.management.ThreadMXBean";
public AlfrescoScriptThreadMxBeanWrapper()
{
checkThreadAllocatedMemory();
}
public long getThreadAllocatedBytes(long threadId)
{
if (threadMXBean != null && threadAllocatedMemorySupported)
{
return ((com.sun.management.ThreadMXBean) threadMXBean).getThreadAllocatedBytes(threadId);
}
return -1;
}
public void checkThreadAllocatedMemory()
{
try
{
Class<?> clazz = Class.forName(THREAD_MX_BEAN_SUN);
if (clazz != null)
{
this.threadAllocatedMemorySupported = true;
this.threadMXBean = (com.sun.management.ThreadMXBean) ManagementFactory.getThreadMXBean();
}
}
catch (Exception e)
{
this.threadAllocatedMemorySupported = false;
}
}
public boolean isThreadAllocatedMemorySupported()
{
return threadAllocatedMemorySupported;
}
}

201
repository/src/main/java/org/alfresco/repo/jscript/RhinoScriptProcessor.java
View File

@@ -57,10 +57,12 @@ import org.alfresco.service.namespace.QName;
import org.apache.commons.logging.Log;
import org.apache.commons.logging.LogFactory;
import org.mozilla.javascript.Context;
import org.mozilla.javascript.ContextFactory;
import org.mozilla.javascript.ImporterTopLevel;
import org.mozilla.javascript.Script;
import org.mozilla.javascript.Scriptable;
import org.mozilla.javascript.ScriptableObject;
import org.mozilla.javascript.Undefined;
import org.mozilla.javascript.WrapFactory;
import org.mozilla.javascript.WrappedException;
import org.springframework.beans.factory.InitializingBean;
@@ -108,6 +110,23 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
/** Cache of runtime compiled script instances */
private final Map<String, Script> scriptCache = new ConcurrentHashMap<String, Script>(256);
/** Rhino optimization level */
private int optimizationLevel = -1;
/** Maximum seconds a script is allowed to run */
private int maxScriptExecutionSeconds = -1;
/** Maximum of call stack depth (in terms of number of call frames) */
private int maxStackDepth = -1;
/** Maximum memory (bytes) a script can use */
private long maxMemoryUsedInBytes = -1L;
/** Number of (bytecode) instructions that will trigger the observer */
private int observerInstructionCount = 100;
/** Custom context factory */
public static AlfrescoContextFactory contextFactory;
/**
* Set the default store reference
@@ -144,6 +163,51 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
this.shareSealedScopes = shareSealedScopes;
}
/**
* @param optimizationLevel
* -1 interpretive mode, 0 no optimizations, 1-9 optimizations performed
*/
public void setOptimizationLevel(int optimizationLevel)
{
this.optimizationLevel = optimizationLevel;
}
/**
* @param maxScriptExecutionSeconds
* the number of seconds a script is allowed to run
*/
public void setMaxScriptExecutionSeconds(int maxScriptExecutionSeconds)
{
this.maxScriptExecutionSeconds = maxScriptExecutionSeconds;
}
/**
* @param maxStackDepth
* the number of call stack depth allowed
*/
public void setMaxStackDepth(int maxStackDepth)
{
this.maxStackDepth = maxStackDepth;
}
/**
* @param maxMemoryUsedInBytes
* the number of memory a script can use
*/
public void setMaxMemoryUsedInBytes(long maxMemoryUsedInBytes)
{
this.maxMemoryUsedInBytes = maxMemoryUsedInBytes;
}
/**
* @param observerInstructionCount
* the number of instructions that will trigger {@link ContextFactory#observeInstructionCount}
*/
public void setObserverInstructionCount(int observerInstructionCount)
{
this.observerInstructionCount = observerInstructionCount;
}
/**
* @see org.alfresco.service.cmr.repository.ScriptProcessor#reset()
*/
@@ -441,6 +505,8 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
private Object executeScriptImpl(Script script, Map<String, Object> model, boolean secure, String debugScriptName)
throws AlfrescoRuntimeException
{
Scriptable scope = null;
long startTime = 0;
if (callLogger.isDebugEnabled())
{
@@ -457,14 +523,16 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
// Create a thread-specific scope from one of the shared scopes.
// See http://www.mozilla.org/rhino/scopes.html
cx.setWrapFactory(secure ? wrapFactory : sandboxFactory);
Scriptable scope;
// Enables or disables execution limits based on secure flag
enableLimits(cx, secure);
if (this.shareSealedScopes)
{
Scriptable sharedScope = secure ? this.nonSecureScope : this.secureScope;
scope = cx.newObject(sharedScope);
scope.setPrototype(sharedScope);
scope.setParentScope(null);
}
else
{
@@ -538,6 +606,7 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
}
finally
{
unsetScope(model, scope);
Context.exit();
if (callLogger.isDebugEnabled())
@@ -630,6 +699,9 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
*/
public void afterPropertiesSet() throws Exception
{
// Initialize context factory
initContextFactory();
// Initialize the secure scope
Context cx = Context.enter();
try
@@ -687,4 +759,129 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
}
return scope;
}
/**
* Clean supplied scope and unset it from any model instance where it has been injected before
*
* @param model
* Data model containing objects from where scope will be unset
* @param scope
* The scope to clean
*/
private void unsetScope(Map<String, Object> model, Scriptable scope)
{
if (scope != null)
{
Object[] ids = scope.getIds();
if (ids != null)
{
for (Object id : ids)
{
try
{
deleteProperty(scope, id.toString());
}
catch (Exception e)
{
logger.info("Unable to delete id: " + id, e);
}
}
}
}
if (model != null)
{
for (String key : model.keySet())
{
try
{
deleteProperty(scope, key);
Object obj = model.get(key);
if (obj instanceof Scopeable)
{
((Scopeable) obj).setScope(null);
}
}
catch (Exception e)
{
logger.info("Unable to unset model object " + key + " : ", e);
}
}
}
}
/**
* Deletes a property from the supplied scope, if property is not removable, then is set to null
*
* @param scope
* the scope object from where property will be removed
* @param name
* the property name to delete
*/
private void deleteProperty(Scriptable scope, String name)
{
if (scope != null && name != null)
{
if (!ScriptableObject.deleteProperty(scope, name))
{
ScriptableObject.putProperty(scope, name, null);
}
scope.delete(name);
}
}
/**
* Initializes the context factory with limits configuration
*/
private synchronized void initContextFactory()
{
if (contextFactory == null)
{
contextFactory = new AlfrescoContextFactory();
contextFactory.setOptimizationLevel(optimizationLevel);
if (maxScriptExecutionSeconds > 0)
{
contextFactory.setMaxScriptExecutionSeconds(maxScriptExecutionSeconds);
}
if (maxMemoryUsedInBytes > 0L)
{
contextFactory.setMaxMemoryUsedInBytes(maxMemoryUsedInBytes);
}
if (maxStackDepth > 0)
{
contextFactory.setMaxStackDepth(maxStackDepth);
}
if (maxScriptExecutionSeconds > 0 || maxMemoryUsedInBytes > 0L)
{
contextFactory.setObserveInstructionCount(observerInstructionCount);
}
ContextFactory.initGlobal(contextFactory);
}
}
/**
* If script is considered secure no limits will be applied, otherwise, the limits are enabled and the script can be
* interrupted in case a limit has been reached.
*
* @param cx
* the Rhino scope
* @param secure
* true if script execution is considered secure (e.g, deployed at classpath level)
*/
private void enableLimits(Context cx, boolean secure)
{
if (cx != null)
{
if (cx instanceof AlfrescoScriptContext)
{
((AlfrescoScriptContext) cx).setLimitsEnabled(!secure);
}
}
}
}

17
repository/src/main/resources/alfresco/repository.properties
View File

@@ -1317,4 +1317,19 @@ system.delete_not_exists.timeout_seconds=-1
system.prop_table_cleaner.algorithm=V2
# Creates additional indexes on alf_node and alf_transaction. Recommended for large repositories.
system.new-node-transaction-indexes.ignored=true
system.new-node-transaction-indexes.ignored=true
# Rhino optimization level
scripts.execution.optimizationLevel=0
# Max seconds a script is allowed to run
scripts.execution.maxScriptExecutionSeconds=-1
# Max call stack depth
scripts.execution.maxStackDepth=-1
# Max memory (bytes) a script can use
scripts.execution.maxMemoryUsedInBytes=-1
# Number of instructions that will trigger the observer
scripts.execution.observerInstructionCount=-1

15
repository/src/main/resources/alfresco/script-services-context.xml
View File

@@ -45,6 +45,21 @@
<property name="storePath">
<value>${spaces.company_home.childname}</value>
</property>
<property name="optimizationLevel">
<value>${scripts.execution.optimizationLevel}</value>
</property>
<property name="maxScriptExecutionSeconds">
<value>${scripts.execution.maxScriptExecutionSeconds}</value>
</property>
<property name="maxStackDepth">
<value>${scripts.execution.maxStackDepth}</value>
</property>
<property name="maxMemoryUsedInBytes">
<value>${scripts.execution.maxMemoryUsedInBytes}</value>
</property>
<property name="observerInstructionCount">
<value>${scripts.execution.observerInstructionCount}</value>
</property>
</bean>
<!-- base config implementation that script extension beans extend from - for auto registration

329
repository/src/test/java/org/alfresco/repo/jscript/RhinoScriptTest.java
View File

@@ -1,48 +1,48 @@
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
/*
* #%L
* Alfresco Repository
* %%
* Copyright (C) 2005 - 2016 Alfresco Software Limited
* %%
* This file is part of the Alfresco software.
* If the software was purchased under a paid Alfresco license, the terms of
* the paid license agreement will prevail. Otherwise, the software is
* provided under the following open source license terms:
*
* Alfresco is free software: you can redistribute it and/or modify
* it under the terms of the GNU Lesser General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* Alfresco is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public License
* along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
* #L%
*/
package org.alfresco.repo.jscript;
import static org.junit.Assert.fail;
import java.io.IOException;
import static org.junit.Assert.fail;
import java.io.IOException;
import java.io.InputStream;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import junit.framework.TestCase;
import org.alfresco.error.AlfrescoRuntimeException;
import junit.framework.TestCase;
import org.alfresco.error.AlfrescoRuntimeException;
import org.alfresco.model.ContentModel;
import org.alfresco.repo.dictionary.DictionaryComponent;
import org.alfresco.repo.dictionary.DictionaryDAO;
import org.alfresco.repo.dictionary.M2Model;
import org.alfresco.repo.node.BaseNodeServiceTest;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.repo.node.BaseNodeServiceTest;
import org.alfresco.repo.security.authentication.AuthenticationComponent;
import org.alfresco.repo.security.permissions.AccessDeniedException;
import org.alfresco.repo.transaction.RetryingTransactionHelper.RetryingTransactionCallback;
import org.alfresco.service.ServiceRegistry;
import org.alfresco.service.cmr.repository.ChildAssociationRef;
@@ -54,13 +54,16 @@ import org.alfresco.service.cmr.repository.ScriptService;
import org.alfresco.service.cmr.repository.StoreRef;
import org.alfresco.service.namespace.QName;
import org.alfresco.service.transaction.TransactionService;
import org.alfresco.test_category.OwnJVMTestsCategory;
import org.alfresco.util.ApplicationContextHelper;
import org.alfresco.test_category.OwnJVMTestsCategory;
import org.alfresco.util.ApplicationContextHelper;
import org.junit.experimental.categories.Category;
import org.mozilla.javascript.Context;
import org.mozilla.javascript.ImporterTopLevel;
import org.mozilla.javascript.Scriptable;
import org.mozilla.javascript.ScriptableObject;
import org.springframework.context.ApplicationContext;
import org.mozilla.javascript.Undefined;
import org.mozilla.javascript.UniqueTag;
import org.springframework.context.ApplicationContext;
/**
@@ -364,77 +367,173 @@ public class RhinoScriptTest extends TestCase
return null;
}
});
}
// MNT-21009
public void testUnsecureScriptAddedOnRepoNode()
{
transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Exception
{
StoreRef store = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "rhino_" + System.currentTimeMillis());
NodeRef root = nodeService.getRootNode(store);
BaseNodeServiceTest.buildNodeGraph(nodeService, root);
try
{
Map<String, Object> model = new HashMap<String, Object>();
model.put("out", System.out);
// create an Alfresco scriptable Node object
// the Node object is a wrapper similar to the TemplateNode
// concept
ScriptNode rootNode = new ScriptNode(root, serviceRegistry, null);
model.put("root", rootNode);
// test executing a script embedded inside Node content
ChildAssociationRef childRef = nodeService.createNode(root, BaseNodeServiceTest.ASSOC_TYPE_QNAME_TEST_CHILDREN,
QName.createQName(BaseNodeServiceTest.NAMESPACE, "script_content"), BaseNodeServiceTest.TYPE_QNAME_TEST_CONTENT, null);
NodeRef contentNodeRef = childRef.getChildRef();
ContentWriter writer = contentService.getWriter(contentNodeRef, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, true);
writer.setMimetype("application/x-javascript");
writer.putContent(BASIC_JAVA);
try
{
scriptService.executeScript(contentNodeRef, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, model);
fail("execution of nonsecure script on nodeRef is not allowed.");
}
catch (AlfrescoRuntimeException ex)
{
// expected
}
ChildAssociationRef childRef1 = nodeService.createNode(root, BaseNodeServiceTest.ASSOC_TYPE_QNAME_TEST_CHILDREN,
QName.createQName(BaseNodeServiceTest.NAMESPACE, "script_content"), BaseNodeServiceTest.TYPE_QNAME_TEST_CONTENT, null);
NodeRef contentNodeRef1 = childRef1.getChildRef();
ContentWriter writer1 = contentService.getWriter(contentNodeRef1, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, true);
writer1.setMimetype("application/x-javascript");
writer1.putContent(REFLECTION_GET_CLASS);
try
{
scriptService.executeScript(contentNodeRef1, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, model);
fail("execution of nonsecure script on nodeRef is not allowed.");
}
catch (AlfrescoRuntimeException ex)
{
// expected
}
}
finally
{
}
return null;
}
});
}
// MNT-21009
public void testUnsecureScriptAddedOnRepoNode()
{
transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Object>()
{
public Object execute() throws Exception
{
StoreRef store = nodeService.createStore(StoreRef.PROTOCOL_WORKSPACE, "rhino_" + System.currentTimeMillis());
NodeRef root = nodeService.getRootNode(store);
BaseNodeServiceTest.buildNodeGraph(nodeService, root);
try
{
Map<String, Object> model = new HashMap<String, Object>();
model.put("out", System.out);
// create an Alfresco scriptable Node object
// the Node object is a wrapper similar to the TemplateNode
// concept
ScriptNode rootNode = new ScriptNode(root, serviceRegistry, null);
model.put("root", rootNode);
// test executing a script embedded inside Node content
ChildAssociationRef childRef = nodeService.createNode(root, BaseNodeServiceTest.ASSOC_TYPE_QNAME_TEST_CHILDREN,
QName.createQName(BaseNodeServiceTest.NAMESPACE, "script_content"), BaseNodeServiceTest.TYPE_QNAME_TEST_CONTENT, null);
NodeRef contentNodeRef = childRef.getChildRef();
ContentWriter writer = contentService.getWriter(contentNodeRef, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, true);
writer.setMimetype("application/x-javascript");
writer.putContent(BASIC_JAVA);
try
{
scriptService.executeScript(contentNodeRef, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, model);
fail("execution of nonsecure script on nodeRef is not allowed.");
}
catch (AlfrescoRuntimeException ex)
{
// expected
}
ChildAssociationRef childRef1 = nodeService.createNode(root, BaseNodeServiceTest.ASSOC_TYPE_QNAME_TEST_CHILDREN,
QName.createQName(BaseNodeServiceTest.NAMESPACE, "script_content"), BaseNodeServiceTest.TYPE_QNAME_TEST_CONTENT, null);
NodeRef contentNodeRef1 = childRef1.getChildRef();
ContentWriter writer1 = contentService.getWriter(contentNodeRef1, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, true);
writer1.setMimetype("application/x-javascript");
writer1.putContent(REFLECTION_GET_CLASS);
try
{
scriptService.executeScript(contentNodeRef1, BaseNodeServiceTest.PROP_QNAME_TEST_CONTENT, model);
fail("execution of nonsecure script on nodeRef is not allowed.");
}
catch (AlfrescoRuntimeException ex)
{
// expected
}
}
finally
{
}
return null;
}
});
}
// MNT-23158
public void testScopeData()
{
transactionService.getRetryingTransactionHelper().doInTransaction(
new RetryingTransactionCallback<Object>()
{
public Object execute() throws Exception
{
Context cx = Context.enter();
try
{
Scriptable sharedScope = new ImporterTopLevel(cx, true);
Scriptable scope = cx.newObject(sharedScope);
scope.setPrototype(sharedScope);
scope.setParentScope(null);
// Executes a first script
Object result = cx.evaluateString(scope, "var a = 10; var b = 20; var sum = a+b;", "TestJS1", 1, null);
assertTrue(Undefined.isUndefined(result));
// Test sum value
Object sum = scope.get("sum", scope);
assertEquals(30.0, Context.toNumber(sum));
// No 'sum' property should be found in the shared scope
sum = sharedScope.get("sum", sharedScope);
assertEquals(sum, UniqueTag.NOT_FOUND);
// No 'b' property should be found in the shared scope
Object b = ScriptableObject.getProperty(sharedScope, "b");
assertEquals(b, UniqueTag.NOT_FOUND);
// Cleans scope
unsetScope(scope);
// Executes a second script using the same scope
result = cx.evaluateString(scope, "var test = 'test';", "TestJS2", 1, null);
// 'sum' property should be null
sum = scope.get("sum", scope);
assertNull(sum);
// New scope initialization
scope = cx.newObject(sharedScope);
scope.setPrototype(sharedScope);
scope.setParentScope(null);
// check 'test' property
Object test = scope.get("test", scope);
assertEquals(test, UniqueTag.NOT_FOUND);
}
finally
{
Context.exit();
}
return null;
}
});
}
private void unsetScope(Scriptable scope)
{
if (scope != null)
{
Object[] ids = scope.getIds();
if (ids != null)
{
for (Object id : ids)
{
try
{
deleteProperty(scope, id.toString());
}
catch (Exception e)
{
// Do nothing
}
}
}
}
}
private void deleteProperty(Scriptable scope, String name)
{
if (scope != null && name != null)
{
if (!ScriptableObject.deleteProperty(scope, name))
{
ScriptableObject.putProperty(scope, name, null);
}
scope.delete(name);
}
}
private static final String TESTSCRIPT_CLASSPATH1 = "org/alfresco/repo/jscript/test_script1.js";
private static final String TESTSCRIPT_CLASSPATH2 = "org/alfresco/repo/jscript/test_script2.js";
private static final String TESTSCRIPT_CLASSPATH3 = "org/alfresco/repo/jscript/test_script3.js";
@@ -452,14 +551,14 @@ public class RhinoScriptTest extends TestCase
"var childByNameNode = root.childByNamePath(\"/\" + childList[0].name);\r\n" +
"logger.log(\"child by name path: \" + childByNameNode.name);\r\n" +
"var xpathResults = root.childrenByXPath(\"/*\");\r\n" +
"logger.log(\"children of root from xpath: \" + xpathResults.length);\r\n";
private static final String BASIC_JAVA =
"var list = com.google.common.collect.Lists.newArrayList();\n" +
"root.nodeRef.getClass().forName(\"java.lang.ProcessBuilder\")";
private static final String REFLECTION_GET_CLASS =
"root.nodeRef.getClass().forName(\"java.lang.ProcessBuilder\")";
"logger.log(\"children of root from xpath: \" + xpathResults.length);\r\n";
private static final String BASIC_JAVA =
"var list = com.google.common.collect.Lists.newArrayList();\n" +
"root.nodeRef.getClass().forName(\"java.lang.ProcessBuilder\")";
private static final String REFLECTION_GET_CLASS =
"root.nodeRef.getClass().forName(\"java.lang.ProcessBuilder\")";
}