[maven-release-plugin][skip ci] prepare release 17.184

[MNT-23158] Scripts limits configuration and optimization (#1519 ) (#1549 )
(cherry picked from commit f391cfa38c)
2025-09-10 14:11:58 +00:00 · 2022-11-12 18:28:38 +00:00 · 2022-11-12 16:44:43 +00:00 · 2022-10-27 12:23:36 +02:00
31 changed files with 716 additions and 31 deletions
--- a/amps/ags/pom.xml
+++ b/amps/ags/pom.xml
@@ -7,7 +7,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-community-repo-amps</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <modules>
--- a/amps/ags/rm-automation/pom.xml
+++ b/amps/ags/rm-automation/pom.xml
@@ -7,7 +7,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <modules>
--- a/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml
+++ b/amps/ags/rm-automation/rm-automation-community-rest-api/pom.xml
@@ -7,7 +7,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-governance-services-automation-community-repo</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <build>
--- a/amps/ags/rm-community/pom.xml
+++ b/amps/ags/rm-community/pom.xml
@@ -7,7 +7,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-governance-services-community-parent</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <modules>
--- a/amps/ags/rm-community/rm-community-repo/pom.xml
+++ b/amps/ags/rm-community/rm-community-repo/pom.xml
@@ -8,7 +8,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <properties>
--- a/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml
+++ b/amps/ags/rm-community/rm-community-rest-api-explorer/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-governance-services-community-repo-parent</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <build>
--- a/amps/pom.xml
+++ b/amps/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <modules>
--- a/amps/share-services/pom.xml
+++ b/amps/share-services/pom.xml
@@ -8,7 +8,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-amps</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <properties>
--- a/core/pom.xml
+++ b/core/pom.xml
@@ -7,7 +7,7 @@
   <parent>
      <groupId>org.alfresco</groupId>
      <artifactId>alfresco-community-repo</artifactId>
-      <version>17.183</version>
+      <version>17.184</version>
   </parent>

   <dependencies>
--- a/data-model/pom.xml
+++ b/data-model/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <properties>
--- a/mmt/pom.xml
+++ b/mmt/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <dependencies>
--- a/packaging/distribution/pom.xml
+++ b/packaging/distribution/pom.xml
@@ -9,6 +9,6 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>
 </project>
--- a/packaging/docker-alfresco/pom.xml
+++ b/packaging/docker-alfresco/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <properties>
--- a/packaging/pom.xml
+++ b/packaging/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <modules>
--- a/packaging/tests/pom.xml
+++ b/packaging/tests/pom.xml
@@ -6,7 +6,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <modules>
--- a/packaging/tests/tas-cmis/pom.xml
+++ b/packaging/tests/tas-cmis/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <organization>
--- a/packaging/tests/tas-email/pom.xml
+++ b/packaging/tests/tas-email/pom.xml
@@ -9,7 +9,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <developers>
--- a/packaging/tests/tas-integration/pom.xml
+++ b/packaging/tests/tas-integration/pom.xml
@@ -9,7 +9,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <developers>
--- a/packaging/tests/tas-restapi/pom.xml
+++ b/packaging/tests/tas-restapi/pom.xml
@@ -9,7 +9,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <developers>
--- a/packaging/tests/tas-webdav/pom.xml
+++ b/packaging/tests/tas-webdav/pom.xml
@@ -9,7 +9,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-tests</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <developers>
--- a/packaging/war/pom.xml
+++ b/packaging/war/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo-packaging</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <properties>
--- a/pom.xml
+++ b/pom.xml
@@ -2,7 +2,7 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
    <modelVersion>4.0.0</modelVersion>
    <artifactId>alfresco-community-repo</artifactId>
-    <version>17.183</version>
+    <version>17.184</version>
    <packaging>pom</packaging>
    <name>Alfresco Community Repo Parent</name>

@@ -149,7 +149,7 @@
        <connection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</connection>
        <developerConnection>scm:git:https://github.com/Alfresco/alfresco-community-repo.git</developerConnection>
        <url>https://github.com/Alfresco/alfresco-community-repo</url>
-        <tag>17.183</tag>
+        <tag>17.184</tag>
    </scm>

    <distributionManagement>
--- a/remote-api/pom.xml
+++ b/remote-api/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <dependencies>
--- a/repository/pom.xml
+++ b/repository/pom.xml
@@ -7,7 +7,7 @@
    <parent>
        <groupId>org.alfresco</groupId>
        <artifactId>alfresco-community-repo</artifactId>
-        <version>17.183</version>
+        <version>17.184</version>
    </parent>

    <dependencies>
--- a/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoContextFactory.java
+++ b/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoContextFactory.java
@@ -0,0 +1,201 @@
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.jscript;
+
+import org.apache.commons.logging.Log;
+import org.apache.commons.logging.LogFactory;
+import org.mozilla.javascript.Callable;
+import org.mozilla.javascript.Context;
+import org.mozilla.javascript.ContextFactory;
+import org.mozilla.javascript.Scriptable;
+
+/**
+ * Custom factory that allows to apply configured limits during script executions
+ * 
+ * @see ContextFactory
+ */
+public class AlfrescoContextFactory extends ContextFactory
+{
+    private static final Log LOGGER = LogFactory.getLog(AlfrescoContextFactory.class);
+
+    private int optimizationLevel = -1;
+    private int maxScriptExecutionSeconds = -1;
+    private int maxStackDepth = -1;
+    private long maxMemoryUsedInBytes = -1L;
+    private int observeInstructionCount = -1;
+
+    private AlfrescoScriptThreadMxBeanWrapper threadMxBeanWrapper;
+
+    private final int INTERPRETIVE_MODE = -1;
+
+    @Override
+    protected Context makeContext()
+    {
+        AlfrescoScriptContext context = new AlfrescoScriptContext();
+
+        context.setOptimizationLevel(optimizationLevel);
+
+        // Needed for both time and memory measurement
+        if (maxScriptExecutionSeconds > 0 || maxMemoryUsedInBytes > 0L)
+        {
+            if (observeInstructionCount > 0)
+            {
+                LOGGER.info("Enabling observer count...");
+                context.setGenerateObserverCount(true);
+                context.setInstructionObserverThreshold(observeInstructionCount);
+            }
+            else
+            {
+                LOGGER.info("Disabling observer count...");
+                context.setGenerateObserverCount(false);
+            }
+        }
+
+        // Memory limit
+        if (maxMemoryUsedInBytes > 0)
+        {
+            context.setThreadId(Thread.currentThread().getId());
+        }
+
+        // Max stack depth
+        if (maxStackDepth > 0)
+        {
+            if (optimizationLevel != INTERPRETIVE_MODE)
+            {
+                LOGGER.warn("Changing optimization level from " + optimizationLevel + " to " + INTERPRETIVE_MODE);
+            }
+            // stack depth can only be set when no optimizations are applied
+            context.setOptimizationLevel(INTERPRETIVE_MODE);
+            context.setMaximumInterpreterStackDepth(maxStackDepth);
+        }
+
+        return context;
+    }
+
+    @Override
+    protected void observeInstructionCount(Context cx, int instructionCount)
+    {
+        AlfrescoScriptContext acx = (AlfrescoScriptContext) cx;
+
+        if (acx.isLimitsEnabled())
+        {
+            // Time limit
+            if (maxScriptExecutionSeconds > 0)
+            {
+                long currentTime = System.currentTimeMillis();
+                if (currentTime - acx.getStartTime() > maxScriptExecutionSeconds * 1000)
+                {
+                    throw new Error("Maximum script time of " + maxScriptExecutionSeconds + " seconds exceeded");
+                }
+            }
+
+            // Memory
+            if (maxMemoryUsedInBytes > 0 && threadMxBeanWrapper != null && threadMxBeanWrapper.isThreadAllocatedMemorySupported())
+            {
+
+                if (acx.getStartMemory() <= 0)
+                {
+                    acx.setStartMemory(threadMxBeanWrapper.getThreadAllocatedBytes(acx.getThreadId()));
+                }
+                else
+                {
+                    long currentAllocatedBytes = threadMxBeanWrapper.getThreadAllocatedBytes(acx.getThreadId());
+                    if (currentAllocatedBytes - acx.getStartMemory() >= maxMemoryUsedInBytes)
+                    {
+                        throw new Error("Memory limit of " + maxMemoryUsedInBytes + " bytes reached");
+                    }
+                }
+            }
+        }
+    }
+
+    @Override
+    protected Object doTopCall(Callable callable, Context cx, Scriptable scope, Scriptable thisObj, Object[] args)
+    {
+        AlfrescoScriptContext acx = (AlfrescoScriptContext) cx;
+        acx.setStartTime(System.currentTimeMillis());
+        return super.doTopCall(callable, cx, scope, thisObj, args);
+    }
+
+    public int getOptimizationLevel()
+    {
+        return optimizationLevel;
+    }
+
+    public void setOptimizationLevel(int optimizationLevel)
+    {
+        this.optimizationLevel = optimizationLevel;
+    }
+
+    public int getMaxScriptExecutionSeconds()
+    {
+        return maxScriptExecutionSeconds;
+    }
+
+    public void setMaxScriptExecutionSeconds(int maxScriptExecutionSeconds)
+    {
+        this.maxScriptExecutionSeconds = maxScriptExecutionSeconds;
+    }
+
+    public int getMaxStackDepth()
+    {
+        return maxStackDepth;
+    }
+
+    public void setMaxStackDepth(int maxStackDepth)
+    {
+        this.maxStackDepth = maxStackDepth;
+    }
+
+    public long getMaxMemoryUsedInBytes()
+    {
+        return maxMemoryUsedInBytes;
+    }
+
+    public void setMaxMemoryUsedInBytes(long maxMemoryUsedInBytes)
+    {
+        this.maxMemoryUsedInBytes = maxMemoryUsedInBytes;
+        if (maxMemoryUsedInBytes > 0)
+        {
+            this.threadMxBeanWrapper = new AlfrescoScriptThreadMxBeanWrapper();
+            if (!threadMxBeanWrapper.isThreadAllocatedMemorySupported())
+            {
+                LOGGER.warn("com.sun.management.ThreadMXBean was not found on the classpath. "
+                        + "This means that the limiting the memory usage for a script will NOT work.");
+            }
+        }
+    }
+
+    public int getObserveInstructionCount()
+    {
+        return observeInstructionCount;
+    }
+
+    public void setObserveInstructionCount(int observeInstructionCount)
+    {
+        this.observeInstructionCount = observeInstructionCount;
+    }
+}
--- a/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptContext.java
+++ b/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptContext.java
@@ -0,0 +1,81 @@
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.jscript;
+
+import org.mozilla.javascript.Context;
+
+/**
+ * Custom Rhino context that holds data as start time and memory
+ * 
+ * @see Context
+ */
+public class AlfrescoScriptContext extends Context
+{
+    private long startTime;
+    private long threadId;
+    private long startMemory;
+    private boolean limitsEnabled = false;
+
+    public long getStartTime()
+    {
+        return startTime;
+    }
+
+    public void setStartTime(long startTime)
+    {
+        this.startTime = startTime;
+    }
+
+    public long getThreadId()
+    {
+        return threadId;
+    }
+
+    public void setThreadId(long threadId)
+    {
+        this.threadId = threadId;
+    }
+
+    public long getStartMemory()
+    {
+        return startMemory;
+    }
+
+    public void setStartMemory(long startMemory)
+    {
+        this.startMemory = startMemory;
+    }
+
+    public boolean isLimitsEnabled()
+    {
+        return limitsEnabled;
+    }
+
+    public void setLimitsEnabled(boolean limitsEnabled)
+    {
+        this.limitsEnabled = limitsEnabled;
+    }
+}
--- a/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptThreadMxBeanWrapper.java
+++ b/repository/src/main/java/org/alfresco/repo/jscript/AlfrescoScriptThreadMxBeanWrapper.java
@@ -0,0 +1,78 @@
+/*
+ * #%L
+ * Alfresco Repository
+ * %%
+ * Copyright (C) 2005 - 2022 Alfresco Software Limited
+ * %%
+ * This file is part of the Alfresco software. 
+ * If the software was purchased under a paid Alfresco license, the terms of 
+ * the paid license agreement will prevail.  Otherwise, the software is 
+ * provided under the following open source license terms:
+ * 
+ * Alfresco is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ * 
+ * Alfresco is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Lesser General Public License for more details.
+ * 
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Alfresco. If not, see <http://www.gnu.org/licenses/>.
+ * #L%
+ */
+package org.alfresco.repo.jscript;
+
+import java.lang.management.ManagementFactory;
+import java.lang.management.ThreadMXBean;
+
+/**
+ * Allows to monitor memory usage
+ */
+public class AlfrescoScriptThreadMxBeanWrapper
+{
+
+    private ThreadMXBean threadMXBean = null;
+    private boolean threadAllocatedMemorySupported = false;
+
+    private final String THREAD_MX_BEAN_SUN = "com.sun.management.ThreadMXBean";
+
+    public AlfrescoScriptThreadMxBeanWrapper()
+    {
+        checkThreadAllocatedMemory();
+    }
+
+    public long getThreadAllocatedBytes(long threadId)
+    {
+        if (threadMXBean != null && threadAllocatedMemorySupported)
+        {
+            return ((com.sun.management.ThreadMXBean) threadMXBean).getThreadAllocatedBytes(threadId);
+        }
+
+        return -1;
+    }
+
+    public void checkThreadAllocatedMemory()
+    {
+        try
+        {
+            Class<?> clazz = Class.forName(THREAD_MX_BEAN_SUN);
+            if (clazz != null)
+            {
+                this.threadAllocatedMemorySupported = true;
+                this.threadMXBean = (com.sun.management.ThreadMXBean) ManagementFactory.getThreadMXBean();
+            }
+        }
+        catch (Exception e)
+        {
+            this.threadAllocatedMemorySupported = false;
+        }
+    }
+
+    public boolean isThreadAllocatedMemorySupported()
+    {
+        return threadAllocatedMemorySupported;
+    }
+}
--- a/repository/src/main/java/org/alfresco/repo/jscript/RhinoScriptProcessor.java
+++ b/repository/src/main/java/org/alfresco/repo/jscript/RhinoScriptProcessor.java
@@ -57,10 +57,12 @@ import org.alfresco.service.namespace.QName;
 import org.apache.commons.logging.Log;
 import org.apache.commons.logging.LogFactory;
 import org.mozilla.javascript.Context;
+import org.mozilla.javascript.ContextFactory;
 import org.mozilla.javascript.ImporterTopLevel;
 import org.mozilla.javascript.Script;
 import org.mozilla.javascript.Scriptable;
-import org.mozilla.javascript.ScriptableObject;
+import org.mozilla.javascript.ScriptableObject;
+import org.mozilla.javascript.Undefined;
 import org.mozilla.javascript.WrapFactory;
 import org.mozilla.javascript.WrappedException;
 import org.springframework.beans.factory.InitializingBean;
@@ -108,7 +110,24 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
    /** Cache of runtime compiled script instances */
    private final Map<String, Script> scriptCache = new ConcurrentHashMap<String, Script>(256);
    
-    
+    /** Rhino optimization level */
+    private int optimizationLevel = -1;
+
+    /** Maximum seconds a script is allowed to run */
+    private int maxScriptExecutionSeconds = -1;
+
+    /** Maximum of call stack depth (in terms of number of call frames) */
+    private int maxStackDepth = -1;
+
+    /** Maximum memory (bytes) a script can use */
+    private long maxMemoryUsedInBytes = -1L;
+
+    /** Number of (bytecode) instructions that will trigger the observer */
+    private int observerInstructionCount = 100;
+
+    /** Custom context factory */
+    public static AlfrescoContextFactory contextFactory;
+
    /**
     * Set the default store reference
     * 
@@ -143,6 +162,51 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
    {
        this.shareSealedScopes = shareSealedScopes;
    }
+
+    /**
+     * @param optimizationLevel
+     *            -1 interpretive mode, 0 no optimizations, 1-9 optimizations performed
+     */
+    public void setOptimizationLevel(int optimizationLevel)
+    {
+        this.optimizationLevel = optimizationLevel;
+    }
+
+    /**
+     * @param maxScriptExecutionSeconds
+     *            the number of seconds a script is allowed to run
+     */
+    public void setMaxScriptExecutionSeconds(int maxScriptExecutionSeconds)
+    {
+        this.maxScriptExecutionSeconds = maxScriptExecutionSeconds;
+    }
+
+    /**
+     * @param maxStackDepth
+     *            the number of call stack depth allowed
+     */
+    public void setMaxStackDepth(int maxStackDepth)
+    {
+        this.maxStackDepth = maxStackDepth;
+    }
+
+    /**
+     * @param maxMemoryUsedInBytes
+     *            the number of memory a script can use
+     */
+    public void setMaxMemoryUsedInBytes(long maxMemoryUsedInBytes)
+    {
+        this.maxMemoryUsedInBytes = maxMemoryUsedInBytes;
+    }
+
+    /**
+     * @param observerInstructionCount
+     *            the number of instructions that will trigger {@link ContextFactory#observeInstructionCount}
+     */
+    public void setObserverInstructionCount(int observerInstructionCount)
+    {
+        this.observerInstructionCount = observerInstructionCount;
+    }

    /**
     * @see org.alfresco.service.cmr.repository.ScriptProcessor#reset()
@@ -449,6 +513,8 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
    private Object executeScriptImpl(Script script, Map<String, Object> model, boolean secure, String debugScriptName)
        throws AlfrescoRuntimeException
    {
+        Scriptable scope = null;
+
        long startTime = 0;
        if (callLogger.isDebugEnabled())
        {
@@ -465,14 +531,16 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
            // Create a thread-specific scope from one of the shared scopes.
            // See http://www.mozilla.org/rhino/scopes.html
            cx.setWrapFactory(secure ? wrapFactory : sandboxFactory);
-            Scriptable scope;
+
+            // Enables or disables execution limits based on secure flag
+            enableLimits(cx, secure);
+
            if (this.shareSealedScopes)
            {
                Scriptable sharedScope = secure ? this.nonSecureScope : this.secureScope;
                scope = cx.newObject(sharedScope);
                scope.setPrototype(sharedScope);
                scope.setParentScope(null);
-
            }
            else
            {
@@ -545,7 +613,8 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
            throw new AlfrescoRuntimeException(err.getMessage(), err);
        }
        finally
-        {
+        {
+            unsetScope(model, scope);
            Context.exit();
            
            if (callLogger.isDebugEnabled())
@@ -638,6 +707,9 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
     */
    public void afterPropertiesSet() throws Exception
    {
+        // Initialize context factory
+        initContextFactory();
+
        // Initialize the secure scope
        Context cx = Context.enter();
        try
@@ -695,4 +767,129 @@ public class RhinoScriptProcessor extends BaseProcessor implements ScriptProcess
        }
        return scope;
    }
+
+    /**
+     * Clean supplied scope and unset it from any model instance where it has been injected before
+     *
+     * @param model
+     *            Data model containing objects from where scope will be unset
+     * @param scope
+     *            The scope to clean
+     */
+    private void unsetScope(Map<String, Object> model, Scriptable scope)
+    {
+        if (scope != null)
+        {
+            Object[] ids = scope.getIds();
+            if (ids != null)
+            {
+                for (Object id : ids)
+                {
+                    try
+                    {
+                        deleteProperty(scope, id.toString());
+                    }
+                    catch (Exception e)
+                    {
+                        logger.info("Unable to delete id: " + id, e);
+                    }
+                }
+            }
+        }
+
+        if (model != null)
+        {
+            for (String key : model.keySet())
+            {
+                try
+                {
+                    deleteProperty(scope, key);
+
+                    Object obj = model.get(key);
+                    if (obj instanceof Scopeable)
+                    {
+                        ((Scopeable) obj).setScope(null);
+                    }
+                }
+                catch (Exception e)
+                {
+                    logger.info("Unable to unset model object " + key + " : ", e);
+                }
+            }
+        }
+    }
+
+    /**
+     * Deletes a property from the supplied scope, if property is not removable, then is set to null
+     *
+     * @param scope
+     *            the scope object from where property will be removed
+     * @param name
+     *            the property name to delete
+     */
+    private void deleteProperty(Scriptable scope, String name)
+    {
+        if (scope != null && name != null)
+        {
+            if (!ScriptableObject.deleteProperty(scope, name))
+            {
+                ScriptableObject.putProperty(scope, name, null);
+            }
+            scope.delete(name);
+        }
+    }
+
+    /**
+     * Initializes the context factory with limits configuration
+     */
+    private synchronized void initContextFactory()
+    {
+        if (contextFactory == null)
+        {
+            contextFactory = new AlfrescoContextFactory();
+            contextFactory.setOptimizationLevel(optimizationLevel);
+
+            if (maxScriptExecutionSeconds > 0)
+            {
+                contextFactory.setMaxScriptExecutionSeconds(maxScriptExecutionSeconds);
+            }
+
+            if (maxMemoryUsedInBytes > 0L)
+            {
+                contextFactory.setMaxMemoryUsedInBytes(maxMemoryUsedInBytes);
+            }
+
+            if (maxStackDepth > 0)
+            {
+                contextFactory.setMaxStackDepth(maxStackDepth);
+            }
+
+            if (maxScriptExecutionSeconds > 0 || maxMemoryUsedInBytes > 0L)
+            {
+                contextFactory.setObserveInstructionCount(observerInstructionCount);
+            }
+
+            ContextFactory.initGlobal(contextFactory);
+        }
+    }
+
+    /**
+     * If script is considered secure no limits will be applied, otherwise, the limits are enabled and the script can be
+     * interrupted in case a limit has been reached.
+     *
+     * @param cx
+     *            the Rhino scope
+     * @param secure
+     *            true if script execution is considered secure (e.g, deployed at classpath level)
+     */
+    private void enableLimits(Context cx, boolean secure)
+    {
+        if (cx != null)
+        {
+            if (cx instanceof AlfrescoScriptContext)
+            {
+                ((AlfrescoScriptContext) cx).setLimitsEnabled(!secure);
+            }
+        }
+    }
 }
--- a/repository/src/main/resources/alfresco/repository.properties
+++ b/repository/src/main/resources/alfresco/repository.properties
@@ -1351,3 +1351,18 @@ import.zip.compressionRatioThreshold=100
 # "zip bomb" and the import extraction process cancelled. No value (or a negative long) will be taken to mean that no
 # limit should be applied.
 import.zip.uncompressedBytesLimit=
+
+# Rhino optimization level
+scripts.execution.optimizationLevel=0
+
+# Max seconds a script is allowed to run
+scripts.execution.maxScriptExecutionSeconds=-1
+
+# Max call stack depth
+scripts.execution.maxStackDepth=-1
+
+# Max memory (bytes) a script can use
+scripts.execution.maxMemoryUsedInBytes=-1
+
+# Number of instructions that will trigger the observer
+scripts.execution.observerInstructionCount=-1
--- a/repository/src/main/resources/alfresco/script-services-context.xml
+++ b/repository/src/main/resources/alfresco/script-services-context.xml
@@ -45,6 +45,21 @@
        <property name="storePath">
            <value>${spaces.company_home.childname}</value>
        </property>
+        <property name="optimizationLevel">
+            <value>${scripts.execution.optimizationLevel}</value>
+        </property>
+        <property name="maxScriptExecutionSeconds">
+            <value>${scripts.execution.maxScriptExecutionSeconds}</value>
+        </property>
+        <property name="maxStackDepth">
+            <value>${scripts.execution.maxStackDepth}</value>
+        </property>
+        <property name="maxMemoryUsedInBytes">
+            <value>${scripts.execution.maxMemoryUsedInBytes}</value>
+        </property>
+        <property name="observerInstructionCount">
+            <value>${scripts.execution.observerInstructionCount}</value>
+        </property>
    </bean>

    <!-- base config implementation that script extension beans extend from - for auto registration
--- a/repository/src/test/java/org/alfresco/repo/jscript/RhinoScriptTest.java
+++ b/repository/src/test/java/org/alfresco/repo/jscript/RhinoScriptTest.java
@@ -44,7 +44,6 @@ import org.alfresco.service.cmr.repository.ContentService;
 import org.alfresco.service.cmr.repository.ContentWriter;
 import org.alfresco.service.cmr.repository.NodeRef;
 import org.alfresco.service.cmr.repository.NodeService;
-import org.alfresco.service.cmr.repository.ScriptProcessor;
 import org.alfresco.service.cmr.repository.ScriptService;
 import org.alfresco.service.cmr.repository.StoreRef;
 import org.alfresco.service.namespace.QName;
@@ -53,8 +52,11 @@ import org.alfresco.test_category.OwnJVMTestsCategory;
 import org.alfresco.util.ApplicationContextHelper;
 import org.junit.experimental.categories.Category;
 import org.mozilla.javascript.Context;
+import org.mozilla.javascript.ImporterTopLevel;
 import org.mozilla.javascript.Scriptable;
 import org.mozilla.javascript.ScriptableObject;
+import org.mozilla.javascript.Undefined;
+import org.mozilla.javascript.UniqueTag;
 import org.springframework.context.ApplicationContext;

 import junit.framework.TestCase;
@@ -445,6 +447,67 @@ public class RhinoScriptTest extends TestCase
        assertTrue("Script should have been executed (secure = true)", executed);
    }

+    // MNT-23158
+    public void testScopeData()
+    {
+        transactionService.getRetryingTransactionHelper().doInTransaction(
+            new RetryingTransactionCallback<Object>()
+            {
+                public Object execute() throws Exception
+                {
+                    Context cx = Context.enter();
+                    try
+                    {
+                        Scriptable sharedScope = new ImporterTopLevel(cx, true);
+                        Scriptable scope = cx.newObject(sharedScope);
+                        scope.setPrototype(sharedScope);
+                        scope.setParentScope(null);
+
+                        // Executes a first script
+                        Object result = cx.evaluateString(scope, "var a = 10; var b = 20; var sum = a+b;", "TestJS1", 1, null);
+                        assertTrue(Undefined.isUndefined(result));
+
+                        // Test sum value
+                        Object sum = scope.get("sum", scope);
+                        assertEquals(30.0, Context.toNumber(sum));
+
+                        // No 'sum' property should be found in the shared scope
+                        sum = sharedScope.get("sum", sharedScope);
+                        assertEquals(sum, UniqueTag.NOT_FOUND);
+
+                        // No 'b' property should be found in the shared scope
+                        Object b = ScriptableObject.getProperty(sharedScope, "b");
+                        assertEquals(b, UniqueTag.NOT_FOUND);
+
+                        // Cleans scope
+                        unsetScope(scope);
+
+                        // Executes a second script using the same scope
+                        result = cx.evaluateString(scope, "var test = 'test';", "TestJS2", 1, null);
+
+                        // 'sum' property should be null
+                        sum = scope.get("sum", scope);
+                        assertNull(sum);
+
+                        // New scope initialization
+                        scope = cx.newObject(sharedScope);
+                        scope.setPrototype(sharedScope);
+                        scope.setParentScope(null);
+
+                        // check 'test' property
+                        Object test = scope.get("test", scope);
+                        assertEquals(test, UniqueTag.NOT_FOUND);
+                    }
+                    finally
+                    {
+                        Context.exit();
+                    }
+
+                    return null;
+                }
+            });
+    }
+
    private boolean executeSecureScriptString(String script, Boolean secure)
    {
        return transactionService.getRetryingTransactionHelper().doInTransaction(new RetryingTransactionCallback<Boolean>()
@@ -475,6 +538,41 @@ public class RhinoScriptTest extends TestCase
            }
        });
    }
+
+    private void unsetScope(Scriptable scope)
+    {
+        if (scope != null)
+        {
+            Object[] ids = scope.getIds();
+
+            if (ids != null)
+            {
+                for (Object id : ids)
+                {
+                    try
+                    {
+                        deleteProperty(scope, id.toString());
+                    }
+                    catch (Exception e)
+                    {
+                        // Do nothing
+                    }
+                }
+            }
+        }
+    }
+
+    private void deleteProperty(Scriptable scope, String name)
+    {
+        if (scope != null && name != null)
+        {
+            if (!ScriptableObject.deleteProperty(scope, name))
+            {
+                ScriptableObject.putProperty(scope, name, null);
+            }
+            scope.delete(name);
+        }
+    }

    private static final String TESTSCRIPT_CLASSPATH1 = "org/alfresco/repo/jscript/test_script1.js";
    private static final String TESTSCRIPT_CLASSPATH2 = "org/alfresco/repo/jscript/test_script2.js";
Author	SHA1	Message	Date
Travis CI User	09baa8b80c	[maven-release-plugin][skip ci] prepare release 17.184	2022-11-12 18:28:38 +00:00
tiagosalvado10	57b60bbe0e	[MNT-23158] Scripts limits configuration and optimization (#1519 ) (#1549 ) (cherry picked from commit `f391cfa38c`)	2022-11-12 16:44:43 +00:00
Krystian Dabrowski	3c5059008a	Create HotFix branch for 7.3.0	2022-10-27 12:23:36 +02:00