(struts) branch WW-5343-sec-extend updated (05a99733f -> eba79a784)
This is an automated email from the ASF dual-hosted git repository. kusal pushed a change to branch WW-5343-sec-extend in repository https://gitbox.apache.org/repos/asf/struts.git from 05a99733f Merge branch 'master' into WW-5343-sec-extend new 9640f5bde WW-5343 Migrate tests to SecurityMemberAccessTest new eba79a784 WW-5343 Fix final test The 2 revisions listed above as "new" are entirely new to this repository and will be described in separate emails. The revisions listed as "add" were already present in the repository and have only been added to this reference. Summary of changes: .../xwork2/ognl/OgnlUtilStrutsTest.java| 27 --- .../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 270 + .../xwork2/ognl/SecurityMemberAccessTest.java | 84 +++ 3 files changed, 94 insertions(+), 287 deletions(-)
(struts) 02/02: WW-5343 Fix final test
This is an automated email from the ASF dual-hosted git repository.
kusal pushed a commit to branch WW-5343-sec-extend
in repository https://gitbox.apache.org/repos/asf/struts.git
commit eba79a784436912ab3e57cb9cafba64f6eaee6d5
Author: Kusal Kithul-Godage
AuthorDate: Thu Nov 23 01:09:49 2023 +1100
WW-5343 Fix final test
---
.../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 27 ++
1 file changed, 12 insertions(+), 15 deletions(-)
diff --git a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
index 16f1c3850..5df410e2b 100644
--- a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
+++ b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
@@ -61,6 +61,9 @@ import java.util.List;
import java.util.Locale;
import java.util.Map;
+import static org.assertj.core.api.Assertions.assertThat;
+import static org.junit.Assert.assertThrows;
+
public class OgnlUtilTest extends XWorkTestCase {
// Fields for static field access test
@@ -1174,22 +1177,16 @@ public class OgnlUtilTest extends XWorkTestCase {
assertNull(expected);
}
-public void testAllowCallingMethodsOnObjectClassInDevModeFalse() {
-Exception expected = null;
-try {
-ognlUtil.setExcludedClasses(Foo.class.getName());
-ognlUtil.setDevModeExcludedClasses("");
-ognlUtil.setDevMode(Boolean.FALSE.toString());
+public void testExclusionListDevModeOnOff() throws Exception {
+ognlUtil.setDevModeExcludedClasses(Foo.class.getName());
+Foo foo = new Foo();
-Foo foo = new Foo();
-String result = (String) ognlUtil.getValue("toString",
ognlUtil.createDefaultContext(foo), foo, String.class);
-assertEquals("Foo", result);
-} catch (OgnlException e) {
-expected = e;
-}
-assertNotNull(expected);
-assertSame(NoSuchPropertyException.class, expected.getClass());
-assertEquals("com.opensymphony.xwork2.util.Foo.toString",
expected.getMessage());
+ognlUtil.setDevMode(Boolean.TRUE.toString());
+OgnlException e = assertThrows(OgnlException.class, () ->
ognlUtil.getValue("toString", ognlUtil.createDefaultContext(foo), foo,
String.class));
+
assertThat(e).hasMessageContaining("com.opensymphony.xwork2.util.Foo.toString");
+
+ognlUtil.setDevMode(Boolean.FALSE.toString());
+assertEquals("Foo", (String) ognlUtil.getValue("toString",
ognlUtil.createDefaultContext(foo), foo, String.class));
}
public void testAvoidCallingMethodsOnObjectClassUpperCased() {
(struts) 01/02: WW-5343 Migrate tests to SecurityMemberAccessTest
This is an automated email from the ASF dual-hosted git repository.
kusal pushed a commit to branch WW-5343-sec-extend
in repository https://gitbox.apache.org/repos/asf/struts.git
commit 9640f5bde09d07076b82c6204ac26a6a2e80e897
Author: Kusal Kithul-Godage
AuthorDate: Thu Nov 23 00:56:28 2023 +1100
WW-5343 Migrate tests to SecurityMemberAccessTest
---
.../xwork2/ognl/OgnlUtilStrutsTest.java| 27 ---
.../com/opensymphony/xwork2/ognl/OgnlUtilTest.java | 247 -
.../xwork2/ognl/SecurityMemberAccessTest.java | 84 +++
3 files changed, 84 insertions(+), 274 deletions(-)
diff --git
a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilStrutsTest.java
b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilStrutsTest.java
index 0eaf517a4..abaa86144 100644
--- a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilStrutsTest.java
+++ b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilStrutsTest.java
@@ -31,33 +31,6 @@ public class OgnlUtilStrutsTest extends
StrutsInternalTestCase {
ognlUtil = container.getInstance(OgnlUtil.class);
}
-public void testDefaultExcludes() {
-ognlUtil.setExcludedClasses("");
-ognlUtil.setExcludedPackageNames("");
-ognlUtil.setExcludedPackageNamePatterns("");
-assertFalse(ognlUtil.getExcludedClasses().isEmpty());
-assertFalse(ognlUtil.getExcludedPackageNames().isEmpty());
-
-try {
-ognlUtil.getExcludedClasses().clear();
-fail("Missing the expected Exception");
-} catch (Exception ex) {
-assertTrue(ex instanceof UnsupportedOperationException);
-}
-try {
-ognlUtil.getExcludedPackageNames().clear();
-fail("Missing the expected Exception");
-} catch (Exception ex) {
-assertTrue(ex instanceof UnsupportedOperationException);
-}
-try {
-ognlUtil.getExcludedPackageNamePatterns().clear();
-fail("Missing the expected Exception");
-} catch (Exception ex) {
-assertTrue(ex instanceof UnsupportedOperationException);
-}
-}
-
public void testAccessToSizeMethod() throws Exception {
// given
TestArrayBean bean = new TestArrayBean();
diff --git a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
index b1ed266a0..16f1c3850 100644
--- a/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
+++ b/core/src/test/java/com/opensymphony/xwork2/ognl/OgnlUtilTest.java
@@ -57,15 +57,9 @@ import java.util.Calendar;
import java.util.Collection;
import java.util.Date;
import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
-import java.util.Set;
-import java.util.regex.Pattern;
-
-import static org.junit.Assert.assertThrows;
public class OgnlUtilTest extends XWorkTestCase {
@@ -1337,18 +1331,6 @@ public class OgnlUtilTest extends XWorkTestCase {
assertEquals(expected.getMessage(), "It isn't a simple method which
can be called!");
}
-public void testXworkTestCaseOgnlUtilExclusions() {
-internalTestInitialEmptyOgnlUtilExclusions(ognlUtil);
-internalTestOgnlUtilExclusionsImmutable(ognlUtil);
-}
-
-public void testDefaultOgnlUtilExclusions() {
-OgnlUtil basicOgnlUtil = new OgnlUtil();
-
-internalTestInitialEmptyOgnlUtilExclusions(basicOgnlUtil);
-internalTestOgnlUtilExclusionsImmutable(basicOgnlUtil);
-}
-
public void testDefaultOgnlUtilAlternateConstructorArguments() {
// Code coverage test for the OgnlUtil alternate constructor method,
and verify expected behaviour.
try {
@@ -1365,85 +1347,6 @@ public class OgnlUtilTest extends XWorkTestCase {
}
}
-public void testDefaultOgnlUtilExclusionsAlternateConstructorPopulated() {
-OgnlUtil basicOgnlUtil = new OgnlUtil(new
DefaultOgnlExpressionCacheFactory<>(),
-new DefaultOgnlBeanInfoCacheFactory<>(),
-new StrutsOgnlGuard());
-
-internalTestInitialEmptyOgnlUtilExclusions(basicOgnlUtil);
-internalTestOgnlUtilExclusionsImmutable(basicOgnlUtil);
-}
-
-public void testOgnlUtilExcludedAdditivity() {
-Set excludedClasses;
-Set excludedPackageNamePatterns;
-Iterator excludedPackageNamePatternsIterator;
-Set excludedPackageNames;
-
-ognlUtil.setExcludedClasses("java.lang.String,java.lang.Integer");
-internalTestOgnlUtilExclusionsImmutable(ognlUtil);
-excludedClasses = ognlUtil.getExcludedClasses();
-assertNotNull("initial excluded classes null?", excludedClasses);
-assertEquals("initial excluded classes size not 2 after adds?", 2,
excludedClasses.size());
-assertTrue("String not in exclusions?",
exc
