Xu Pengcheng created JEXL-451:
---------------------------------
Summary: Permission of "Object" not working.
Key: JEXL-451
URL: https://issues.apache.org/jira/browse/JEXL-451
Project: Commons JEXL
Issue Type: Bug
Reporter: Xu Pengcheng
I updated to 3.6.0 and found the permission setting of Object.class is not
working any more.
Here is my setting, I want to all classes are readable, which doesn't work as
before.
{code:java}
JexlSandbox sandbox = new JexlSandbox(false, true);
sandbox.permissions(Object.class.getName(), true, true, false, false); {code}
I checked the code in master branch:
https://github.com/apache/commons-jexl/blob/master/src/main/java/org/apache/commons/jexl3/introspection/JexlSandbox.java#L305
{code:java}
final Class<?> superClazz = clazz.getSuperclass();
if (Object.class != superClazz) {
permissions = inheritable(compute(superClazz, false));
} {code}
The reason is because the recurse finding end before checking permission of
"Object" class, change to "if (superClazz != null)" should fix it.
Thanks!
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
