[
https://issues.apache.org/jira/browse/GEODE-6985?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Juan José Ramos Cassella updated GEODE-6985:
--------------------------------------------
Description:
Implement the
[RestrictedMethodAuthorizer|https://cwiki.apache.org/confluence/display/GEODE/OQL+Method+Invocation+Security#OQLMethodInvocationSecurity-RestrictedMethodAuthorizer]
class.
* Make sure the class is immutable and thread safe.
* Add two new public methods to the implementation:
** {{isAllowedGeodeMethod}}: it should return {{true}} when the {{Method}} on
the target {{Object}} is considered safe ({{Region.get}}, {{Region.entrySet}},
{{Region.keySet}}, {{Region.values}}, {{Region.getEntries}},
{{Region.getValues}}, {{Region.containsKey}}, {{Region.getKey}} and
{{Region.getValue}}), and {{false}} otherwise.
** {{isKnownDangerousMethod}}: it should return {{true}} when the {{Method}}
on the target {{Object}} is known to be a non-safe method. Including but not
limited to {{getClass}}, which allows the user to execute anything using
reflection.
* Implement unit tests for the class and all of its methods.
* Add comprehensive and clear documentation to the class and all its public
methods so customers can use it without leaving their IDE.
was:
Make sure the class is immutable and thread safe.
Add two new public methods to the implementation:
* {{isAllowedGeodeMethod}}: it should return {{true}} when the {{Method}} on
the target {{Object}} is considered safe ({{Region.get}}, {{Region.entrySet}},
{{Region.keySet}}, {{Region.values}}, {{Region.getEntries}},
{{Region.getValues}}, {{Region.containsKey}}, {{Region.getKey}} and
{{Region.getValue}}), and {{false}} otherwise.
* {{isKnownDangerousMethod}}: it should return {{true}} when the {{Method}} on
the target {{Object}} is known to be a non-safe method. Including but not
limited to {{getClass}}, which allows the user to execute anything using
reflection.
Implement unit tests for the class and all of its methods.
Add comprehensive and clear documentation to the class and all its public
methods so customers can use it without leaving their IDE.
> Implement RestrictedMethodAuthorizer
> ------------------------------------
>
> Key: GEODE-6985
> URL: https://issues.apache.org/jira/browse/GEODE-6985
> Project: Geode
> Issue Type: New Feature
> Components: querying
> Reporter: Juan José Ramos Cassella
> Priority: Major
>
> Implement the
> [RestrictedMethodAuthorizer|https://cwiki.apache.org/confluence/display/GEODE/OQL+Method+Invocation+Security#OQLMethodInvocationSecurity-RestrictedMethodAuthorizer]
> class.
> * Make sure the class is immutable and thread safe.
> * Add two new public methods to the implementation:
> ** {{isAllowedGeodeMethod}}: it should return {{true}} when the {{Method}} on
> the target {{Object}} is considered safe ({{Region.get}},
> {{Region.entrySet}}, {{Region.keySet}}, {{Region.values}},
> {{Region.getEntries}}, {{Region.getValues}}, {{Region.containsKey}},
> {{Region.getKey}} and {{Region.getValue}}), and {{false}} otherwise.
> ** {{isKnownDangerousMethod}}: it should return {{true}} when the {{Method}}
> on the target {{Object}} is known to be a non-safe method. Including but not
> limited to {{getClass}}, which allows the user to execute anything using
> reflection.
> * Implement unit tests for the class and all of its methods.
> * Add comprehensive and clear documentation to the class and all its public
> methods so customers can use it without leaving their IDE.
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
