Skip to content

Commit

Permalink
Deserialization disabled by default. (helidon-io#4334)
Browse files Browse the repository at this point in the history
Added serial config where required.
MP Config uses known class for converters (to avoid lambdas and complex deserialization)
  • Loading branch information
tomas-langer authored Jun 3, 2022
1 parent ac032df commit 156b28b
Show file tree
Hide file tree
Showing 8 changed files with 104 additions and 32 deletions.
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2021 Oracle and/or its affiliates.
* Copyright (c) 2021, 2022 Oracle and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -126,7 +126,7 @@ public static Builder builder() {
* This is a one-off call to set up global filter.
*/
public static void configureRuntime() {
builder().build().configure();
builder().onNoConfig(Action.CONFIGURE).build().configure();
}

/**
Expand Down Expand Up @@ -366,8 +366,8 @@ public enum TraceOption {
* {@link SerializationConfig#configureRuntime()} directly.
*/
public static class Builder implements io.helidon.common.Builder<Builder, SerializationConfig> {
private Action onWrongConfig = configuredAction(PROP_WRONG_CONFIG_ACTION, Action.WARN);
private Action onNoConfig = configuredAction(PROP_NO_CONFIG_ACTION, Action.WARN);
private Action onWrongConfig = configuredAction(PROP_WRONG_CONFIG_ACTION, Action.FAIL);
private Action onNoConfig = configuredAction(PROP_NO_CONFIG_ACTION, Action.FAIL);
private String filterPattern = System.getProperty(PROP_PATTERN);
private TraceOption traceSerialization = configuredTrace(TraceOption.NONE);
private boolean ignoreFiles = Boolean.getBoolean(PROP_IGNORE_FILES);
Expand Down Expand Up @@ -621,6 +621,10 @@ public Status checkInput(FilterInfo filterInfo) {
}
Status result = delegate.checkInput(filterInfo);

if (clazz == null) {
return result;
}

if (!reportedClasses.add(clazz)) {
if (basic) {
return result;
Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2021 Oracle and/or its affiliates.
* Copyright (c) 2021, 2022 Oracle and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -34,10 +34,8 @@ void testDefaults() {

SerializationConfig.ConfigOptions options = serializationConfig.options();
assertThat(options.traceSerialization(), is(SerializationConfig.TraceOption.NONE));
// TODO this will change in 3.0.0
assertThat(options.onNoConfig(), is(SerializationConfig.Action.WARN));
// TODO this will change in 3.0.0
assertThat(options.onWrongConfig(), is(SerializationConfig.Action.WARN));
assertThat(options.onNoConfig(), is(SerializationConfig.Action.FAIL));
assertThat(options.onWrongConfig(), is(SerializationConfig.Action.FAIL));
assertThat(options.filterPattern(), is("!*"));
}

Expand Down
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2020, 2021 Oracle and/or its affiliates.
* Copyright (c) 2020, 2022 Oracle and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -668,11 +668,46 @@ private static class OrdinalConverter {
private OrdinalConverter(Converter<?> converter, Class<?> aClass, int ordinal) {
this.ordinal = ordinal;
this.type = aClass;
this.converter = converter;
this.converter = new NullCheckingConverter<>(aClass, converter);
}

private OrdinalConverter(Converter<?> converter) {
this(converter, getConverterType(converter.getClass()), Priorities.find(converter, 100));
}

@Override
public String toString() {
return type.getName() + "->" + converter;
}
}

private static final class NullCheckingConverter<T> implements Converter<T> {
private final Converter<T> delegate;
private final Class<?> type;

private NullCheckingConverter(Class<?> type, Converter<T> delegate) {
this.delegate = delegate;
this.type = type;
}

@Override
public T convert(String value) throws IllegalArgumentException, NullPointerException {
if (value == null) {
throw new NullPointerException("Null not allowed in MP converters. Converter for type " + type.getName());
}

try {
return delegate.convert(value);
} catch (IllegalArgumentException | NullPointerException e) {
throw e;
} catch (Exception e) {
throw new IllegalArgumentException("Cannot convert value", e);
}
}

@Override
public String toString() {
return type.getName() + "->" + delegate;
}
}
}
Original file line number Diff line number Diff line change
@@ -1,5 +1,5 @@
/*
* Copyright (c) 2020, 2021 Oracle and/or its affiliates.
* Copyright (c) 2020, 2022 Oracle and/or its affiliates.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
Expand Down Expand Up @@ -260,19 +260,6 @@ private <T> Optional<Converter<T>> findComponentConverter(Class<T> type) {
.findFirst()
.map(Map.Entry::getValue)
.map(it -> (Converter<T>) it)
.map(it -> (Converter<T>) value -> {
if (value == null) {
throw new NullPointerException("Null not allowed in MP converters. Converter for type " + forType
.getName());
}
try {
return it.convert(value);
} catch (IllegalArgumentException e) {
throw e;
} catch (Exception e) {
throw new IllegalArgumentException("Cannot convert value", e);
}
})
.or(() -> findImplicit(forType));
}

Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,19 @@
#
# Copyright (c) 2022 Oracle and/or its affiliates.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# The JBatch uses Serialization a lot, and these are all required
pattern=com.ibm.jbatch.**;jakarta.batch.runtime.BatchStatus;java.lang.Enum;\
java.util.Properties;java.util.Hashtable;java.util.Map$Entry
7 changes: 0 additions & 7 deletions examples/jbatch/src/main/resources/logging.properties
Original file line number Diff line number Diff line change
Expand Up @@ -28,10 +28,3 @@ java.util.logging.SimpleFormatter.format=%1$tY.%1$tm.%1$td %1$tH:%1$tM:%1$tS %4$

# Quiet Weld
org.jboss.level=WARNING

# Component specific log levels
#io.helidon.webserver.level=INFO
#io.helidon.config.level=INFO
#io.helidon.security.level=INFO
#io.helidon.common.level=INFO
#io.netty.level=INFO
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#
# Copyright (c) 2022 Oracle and/or its affiliates.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

pattern=org.jboss.weld.bean.proxy.util.SerializableClientProxy;org.jboss.weld.bean.StringBeanIdentifier;\
org.eclipse.microprofile.config.Config$_$$_WeldClientProxy;io.helidon.config.mp.MpConfigBuilder$NullCheckingConverter
Original file line number Diff line number Diff line change
@@ -0,0 +1,18 @@
#
# Copyright (c) 2022 Oracle and/or its affiliates.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#

# TCK converter to validate deserialization
pattern=org.eclipse.microprofile.config.tck.converters.DuckConverter;org.eclipse.microprofile.config.tck.converters.Duck

0 comments on commit 156b28b

Please sign in to comment.