[struts] branch WW-5285-max-files updated: WW-5285 Uses Long and null to check if option has been defined
This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch WW-5285-max-files
in repository https://gitbox.apache.org/repos/asf/struts.git
The following commit(s) were added to refs/heads/WW-5285-max-files by this push:
new 253cd9f53 WW-5285 Uses Long and null to check if option has been
defined
253cd9f53 is described below
commit 253cd9f5301c8a4920ccca28e8f8c318b3102352
Author: Lukasz Lenart
AuthorDate: Tue Feb 28 07:26:05 2023 +0100
WW-5285 Uses Long and null to check if option has been defined
---
.../multipart/AbstractMultiPartRequest.java| 12 +++
.../multipart/JakartaMultiPartRequest.java | 8 +++--
.../multipart/JakartaStreamMultiPartRequest.java | 37 +++---
.../dispatcher/multipart/PellMultiPartRequest.java | 4 +--
4 files changed, 31 insertions(+), 30 deletions(-)
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
index b3410e578..e46cecc00 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
@@ -51,14 +51,12 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
/**
* Specifies the maximum size of the entire request.
*/
-protected long maxSize;
-protected boolean maxSizeProvided;
+protected Long maxSize;
/**
* Specifies the maximum number of files in one request.
*/
-protected long maxFiles;
-protected boolean maxFilesProvided;
+protected Long maxFiles;
/**
* Specifies the buffer size to use during streaming.
@@ -90,13 +88,11 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
*/
@Inject(StrutsConstants.STRUTS_MULTIPART_MAXSIZE)
public void setMaxSize(String maxSize) {
-this.maxSizeProvided = true;
this.maxSize = Long.parseLong(maxSize);
}
@Inject(StrutsConstants.STRUTS_MULTIPART_MAXFILES)
public void setMaxFiles(String maxFiles) {
-this.maxFilesProvided = true;
this.maxFiles = Long.parseLong(maxFiles);
}
@@ -146,9 +142,9 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
int forwardSlash = fileName.lastIndexOf('/');
int backwardSlash = fileName.lastIndexOf('\\');
if (forwardSlash != -1 && forwardSlash > backwardSlash) {
-fileName = fileName.substring(forwardSlash + 1, fileName.length());
+fileName = fileName.substring(forwardSlash + 1);
} else {
-fileName = fileName.substring(backwardSlash + 1,
fileName.length());
+fileName = fileName.substring(backwardSlash + 1);
}
return fileName;
}
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
index c20b1de19..00d922401 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
@@ -160,8 +160,12 @@ public class JakartaMultiPartRequest extends
AbstractMultiPartRequest {
protected ServletFileUpload createServletFileUpload(DiskFileItemFactory
fac) {
ServletFileUpload upload = new ServletFileUpload(fac);
-upload.setSizeMax(maxSize);
-upload.setFileCountMax(maxFiles);
+if (maxSize != null) {
+upload.setSizeMax(maxSize);
+}
+if (maxFiles != null) {
+upload.setFileCountMax(maxFiles);
+}
return upload;
}
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
index f709b3416..c7311ab0a 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
@@ -30,15 +30,15 @@ import org.apache.struts2.dispatcher.LocalizedMessage;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
+import java.nio.file.Files;
import java.util.*;
/**
* Multi-part form data request adapter for Jakarta Commons FileUpload package
that
* leverages the streaming API rather than the traditional non-streaming API.
- *
+ *
* For more details see WW-3025
*
- * @author Chris Cranford
* @since 2.3.18
*/
public class JakartaStreamMultiPartRequest extends AbstractMultiPartRequest {
@@ -85,7 +85,7 @@ public class JakartaStreamMultiPartRequest extends
AbstractMultiPartReques
[struts] 01/01: WW-5285 Uses Long and null to check if option has been defined
This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch WW-5285-max-files
in repository https://gitbox.apache.org/repos/asf/struts.git
commit 13c93aaa75bea84ee8f597af02975bbcc655cd03
Author: Lukasz Lenart
AuthorDate: Tue Feb 28 07:26:05 2023 +0100
WW-5285 Uses Long and null to check if option has been defined
---
.../multipart/AbstractMultiPartRequest.java| 12 +++
.../multipart/JakartaMultiPartRequest.java | 8 +++--
.../multipart/JakartaStreamMultiPartRequest.java | 37 +++---
.../dispatcher/multipart/PellMultiPartRequest.java | 6 ++--
4 files changed, 32 insertions(+), 31 deletions(-)
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
index b3410e578..e46cecc00 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/AbstractMultiPartRequest.java
@@ -51,14 +51,12 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
/**
* Specifies the maximum size of the entire request.
*/
-protected long maxSize;
-protected boolean maxSizeProvided;
+protected Long maxSize;
/**
* Specifies the maximum number of files in one request.
*/
-protected long maxFiles;
-protected boolean maxFilesProvided;
+protected Long maxFiles;
/**
* Specifies the buffer size to use during streaming.
@@ -90,13 +88,11 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
*/
@Inject(StrutsConstants.STRUTS_MULTIPART_MAXSIZE)
public void setMaxSize(String maxSize) {
-this.maxSizeProvided = true;
this.maxSize = Long.parseLong(maxSize);
}
@Inject(StrutsConstants.STRUTS_MULTIPART_MAXFILES)
public void setMaxFiles(String maxFiles) {
-this.maxFilesProvided = true;
this.maxFiles = Long.parseLong(maxFiles);
}
@@ -146,9 +142,9 @@ public abstract class AbstractMultiPartRequest implements
MultiPartRequest {
int forwardSlash = fileName.lastIndexOf('/');
int backwardSlash = fileName.lastIndexOf('\\');
if (forwardSlash != -1 && forwardSlash > backwardSlash) {
-fileName = fileName.substring(forwardSlash + 1, fileName.length());
+fileName = fileName.substring(forwardSlash + 1);
} else {
-fileName = fileName.substring(backwardSlash + 1,
fileName.length());
+fileName = fileName.substring(backwardSlash + 1);
}
return fileName;
}
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
index c20b1de19..00d922401 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaMultiPartRequest.java
@@ -160,8 +160,12 @@ public class JakartaMultiPartRequest extends
AbstractMultiPartRequest {
protected ServletFileUpload createServletFileUpload(DiskFileItemFactory
fac) {
ServletFileUpload upload = new ServletFileUpload(fac);
-upload.setSizeMax(maxSize);
-upload.setFileCountMax(maxFiles);
+if (maxSize != null) {
+upload.setSizeMax(maxSize);
+}
+if (maxFiles != null) {
+upload.setFileCountMax(maxFiles);
+}
return upload;
}
diff --git
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
index f709b3416..c7311ab0a 100644
---
a/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
+++
b/core/src/main/java/org/apache/struts2/dispatcher/multipart/JakartaStreamMultiPartRequest.java
@@ -30,15 +30,15 @@ import org.apache.struts2.dispatcher.LocalizedMessage;
import javax.servlet.http.HttpServletRequest;
import java.io.*;
+import java.nio.file.Files;
import java.util.*;
/**
* Multi-part form data request adapter for Jakarta Commons FileUpload package
that
* leverages the streaming API rather than the traditional non-streaming API.
- *
+ *
* For more details see WW-3025
*
- * @author Chris Cranford
* @since 2.3.18
*/
public class JakartaStreamMultiPartRequest extends AbstractMultiPartRequest {
@@ -85,7 +85,7 @@ public class JakartaStreamMultiPartRequest extends
AbstractMultiPartRequest {
types.add(fileInfo.getContentType());
}
-return types.toArray(new String[types.size()]);
+return types.toArray(new String[0]);
}
/* (non-J
[struts] branch WW-5285-max-files updated (253cd9f53 -> 13c93aaa7)
This is an automated email from the ASF dual-hosted git repository. lukaszlenart pushed a change to branch WW-5285-max-files in repository https://gitbox.apache.org/repos/asf/struts.git discard 253cd9f53 WW-5285 Uses Long and null to check if option has been defined new 13c93aaa7 WW-5285 Uses Long and null to check if option has been defined This update added new revisions after undoing existing revisions. That is to say, some revisions that were in the old version of the branch are not in the new version. This situation occurs when a user --force pushes a change and generates a repository containing something like this: * -- * -- B -- O -- O -- O (253cd9f53) \ N -- N -- N refs/heads/WW-5285-max-files (13c93aaa7) You should already have received notification emails for all of the O revisions, and so the following emails describe only the N revisions from the common base, B. Any revisions marked "omit" are not gone; other references still refer to them. Any revisions marked "discard" are gone forever. The 1 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../org/apache/struts2/dispatcher/multipart/PellMultiPartRequest.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)
[struts] branch master updated: WW-5268 Implement ability to specify exempt classes for package exclusions
This is an automated email from the ASF dual-hosted git repository.
lukaszlenart pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/struts.git
The following commit(s) were added to refs/heads/master by this push:
new 5fcee890d WW-5268 Implement ability to specify exempt classes for
package exclusions
new 6a27f460c Merge pull request #660 from
atlassian/WW-5268-excluded-package-exemptions
5fcee890d is described below
commit 5fcee890d593d6eb5034e836bb3cf9e565d7061d
Author: Kusal Kithul-Godage
AuthorDate: Wed Feb 15 00:34:42 2023 +1100
WW-5268 Implement ability to specify exempt classes for package exclusions
---
.../com/opensymphony/xwork2/ognl/OgnlUtil.java | 49 --
.../opensymphony/xwork2/ognl/OgnlValueStack.java | 8 +-
.../xwork2/ognl/SecurityMemberAccess.java | 30 --
.../java/org/apache/struts2/StrutsConstants.java | 3 +
.../xwork2/ognl/SecurityMemberAccessTest.java | 107 +++--
5 files changed, 174 insertions(+), 23 deletions(-)
diff --git a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
index c5430491b..827cda11a 100644
--- a/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
+++ b/core/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java
@@ -26,7 +26,13 @@ import
com.opensymphony.xwork2.ognl.accessor.CompoundRootAccessor;
import com.opensymphony.xwork2.util.CompoundRoot;
import com.opensymphony.xwork2.util.TextParseUtil;
import com.opensymphony.xwork2.util.reflection.ReflectionException;
-import ognl.*;
+import ognl.ClassResolver;
+import ognl.Ognl;
+import ognl.OgnlContext;
+import ognl.OgnlException;
+import ognl.OgnlRuntime;
+import ognl.SimpleNode;
+import ognl.TypeConverter;
import org.apache.commons.lang3.BooleanUtils;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
@@ -37,7 +43,12 @@ import java.beans.IntrospectionException;
import java.beans.Introspector;
import java.beans.PropertyDescriptor;
import java.lang.reflect.Method;
-import java.util.*;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.regex.Pattern;
@@ -66,10 +77,12 @@ public class OgnlUtil {
private Set> excludedClasses;
private Set excludedPackageNamePatterns;
private Set excludedPackageNames;
+private Set> excludedPackageExemptClasses;
private Set> devModeExcludedClasses;
private Set devModeExcludedPackageNamePatterns;
private Set devModeExcludedPackageNames;
+private Set> devModeExcludedPackageExemptClasses;
private Container container;
private boolean allowStaticFieldAccess = true;
@@ -112,10 +125,12 @@ public class OgnlUtil {
excludedClasses = Collections.unmodifiableSet(new HashSet<>());
excludedPackageNamePatterns = Collections.unmodifiableSet(new
HashSet<>());
excludedPackageNames = Collections.unmodifiableSet(new HashSet<>());
+excludedPackageExemptClasses = Collections.unmodifiableSet(new
HashSet<>());
devModeExcludedClasses = Collections.unmodifiableSet(new HashSet<>());
devModeExcludedPackageNamePatterns = Collections.unmodifiableSet(new
HashSet<>());
devModeExcludedPackageNames = Collections.unmodifiableSet(new
HashSet<>());
+devModeExcludedPackageExemptClasses = Collections.unmodifiableSet(new
HashSet<>());
this.expressionCache = ognlExpressionCacheFactory.buildOgnlCache();
this.beanInfoCache = ognlBeanInfoCacheFactory.buildOgnlCache();
@@ -159,7 +174,7 @@ public class OgnlUtil {
protected void setExcludedClasses(String commaDelimitedClasses) {
Set> excludedClasses = new HashSet<>();
excludedClasses.addAll(this.excludedClasses);
-excludedClasses.addAll(parseExcludedClasses(commaDelimitedClasses));
+excludedClasses.addAll(parseClasses(commaDelimitedClasses));
this.excludedClasses = Collections.unmodifiableSet(excludedClasses);
}
@@ -167,11 +182,11 @@ public class OgnlUtil {
protected void setDevModeExcludedClasses(String commaDelimitedClasses) {
Set> excludedClasses = new HashSet<>();
excludedClasses.addAll(this.devModeExcludedClasses);
-excludedClasses.addAll(parseExcludedClasses(commaDelimitedClasses));
+excludedClasses.addAll(parseClasses(commaDelimitedClasses));
this.devModeExcludedClasses =
Collections.unmodifiableSet(excludedClasses);
}
-private Set> parseExcludedClasses(String commaDelimitedClasses) {
+private Set> parseClasses(String commaDelimitedClasses) {
Set classNames =
TextParseUtil.commaDelimitedStringToSet(commaDelimitedClasses);
Set> classes = new HashSet<>();
@@ -179,7 +194,7 @@ public cla
