Re: Switching from mvel to groovy with java methods

2014-12-10 Thread Dunaeth 
I figured out what the actual default receiver_whitelist is through the 
GroovySandboxExpressionChecked code, and if I want to add java.lang.String 
to the whitelist, I'd just have to add its classname to the other 
classnames in the script.groovy.sandbox.receiver_whitelist setting in 
elasticsearch.yml
If I'm not wrong, it should be :

script.groovy.sandbox.receiver_whitelist: 
"java.lang.Math,java.lang.Integer,java.lang.Float,java.lang.Double,java.lang.Long,java.lang.Short,java.lang.Character,java.lang.Byte,java.lang.Boolean,java.math.BigDecimal,java.util.Arrays,java.util.Date,java.util.List,java.util.Map,java.util.Set,java.lang.Object,org.elasticsearch.common.joda.time.DateTime,org.elasticsearch.common.joda.time.DateTimeUtils,org.elasticsearch.common.joda.time.DateTimeZone,org.elasticsearch.common.joda.time.Instant,java.lang.String"

am I right ?

Le mercredi 10 décembre 2014 11:32:45 UTC+1, Dunaeth a écrit :
>
> Thanks, I'll just need to find what is the actual whitelist and how to 
> have a custom one then. If someone has any clue ?
>
> Le mercredi 10 décembre 2014 11:27:52 UTC+1, Jörg Prante a écrit :
>>
>> No. I think ES developers configured the sandbox to deny java.lang.* 
>> calls and java.lang.String is not in the whitelist.
>>
>>
>> https://github.com/elasticsearch/elasticsearch/blob/b43b56a6a85f7dd131086fd83dc9267aecbbf0a3/src/main/java/org/elasticsearch/script/groovy/GroovySandboxExpressionChecker.java#L90-L111
>>  
>> 
>>
>> You can add java.lang.String to the whitelist by defining your own 
>> whitelist including java.lang.String
>>
>>
>> http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-scripting.html#_groovy_sandboxing
>>
>> or open an issue with the request to add java.lang.String to the groovy 
>> whitelist by default.
>>
>> Jörg
>>
>>
>> On Wed, Dec 10, 2014 at 11:13 AM, Dunaeth  wrote:
>>
>>> May this exception be caused by a bad dynamic_scripting parameter ?
>>>
>>> Le mercredi 10 décembre 2014 11:10:14 UTC+1, Dunaeth a écrit :
>>>
 Here it is :

 [log-2014-02][0]: SearchParseException[[log-2014-02][0]: 
> from[-1],size[0]: Parse Failure [Failed to parse source 
> [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"
> must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}
> },{"range":{"date":{"gte":"2014-11-08T23:00:00.000+00:00"
> ,"lt":"2014-12-09T23:00:00.000+00:00"}}}]},"aggs":{"per_
> day":{"terms":{"script":"doc.date.date.setZone(org.
> elasticsearch.common.joda.time.DateTimeZone.forID('
> Europe/Paris'));doc.date.date.year+'-'+String.format('%02d',
> doc.date.date.monthOfYear)+'-'+String.format('%02d',doc.
> date.date.dayOfMonth)","size":31,"order":{"_term":"asc"}},"
> aggs":{"stats":{"terms":{"field":"type"},"aggs":{"
> unique":{"filter":{"term":{"unique":true}}}]]]; nested: 
> GroovyScriptCompilationException[MultipleCompilationErrorsException[startup
>  
> failed: General error during canonicalization: Method calls not allowed 
> on 
> [java.lang.String] java.lang.SecurityException: Method calls not allowed 
> on 
> [java.lang.String] at org.codehaus.groovy.control.customizers.
> SecureASTCustomizer$SecuringCodeVisitor.visitMethodCallExpression(SecureASTCustomizer.java:855)
>  
> at 
> org.codehaus.groovy.ast.expr.MethodCallExpression.visit(MethodCallExpression.java:64)
>  
> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:897) 
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>  
> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896) 
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>  
> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896) 
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>  
> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
> SecuringCodeVisitor.visitExpressionStatement(SecureASTCustomizer.java:777)
>  
> at 
> org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:40)
>  
> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
> SecuringCodeVisitor.visitBlockStatement(SecureASTCustomizer.java:737) 
> at 
> org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:69) 
> at 
> org.

Re: Switching from mvel to groovy with java methods

2014-12-10 Thread Dunaeth 
Thanks, I'll just need to find what is the actual whitelist and how to have 
a custom one then. If someone has any clue ?

Le mercredi 10 décembre 2014 11:27:52 UTC+1, Jörg Prante a écrit :
>
> No. I think ES developers configured the sandbox to deny java.lang.* calls 
> and java.lang.String is not in the whitelist.
>
>
> https://github.com/elasticsearch/elasticsearch/blob/b43b56a6a85f7dd131086fd83dc9267aecbbf0a3/src/main/java/org/elasticsearch/script/groovy/GroovySandboxExpressionChecker.java#L90-L111
>  
> 
>
> You can add java.lang.String to the whitelist by defining your own 
> whitelist including java.lang.String
>
>
> http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-scripting.html#_groovy_sandboxing
>
> or open an issue with the request to add java.lang.String to the groovy 
> whitelist by default.
>
> Jörg
>
>
> On Wed, Dec 10, 2014 at 11:13 AM, Dunaeth  > wrote:
>
>> May this exception be caused by a bad dynamic_scripting parameter ?
>>
>> Le mercredi 10 décembre 2014 11:10:14 UTC+1, Dunaeth a écrit :
>>
>>> Here it is :
>>>
>>> [log-2014-02][0]: SearchParseException[[log-2014-02][0]: 
 from[-1],size[0]: Parse Failure [Failed to parse source 
 [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"
 must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}
 },{"range":{"date":{"gte":"2014-11-08T23:00:00.000+00:00"
 ,"lt":"2014-12-09T23:00:00.000+00:00"}}}]},"aggs":{"per_
 day":{"terms":{"script":"doc.date.date.setZone(org.
 elasticsearch.common.joda.time.DateTimeZone.forID('
 Europe/Paris'));doc.date.date.year+'-'+String.format('%02d',
 doc.date.date.monthOfYear)+'-'+String.format('%02d',doc.
 date.date.dayOfMonth)","size":31,"order":{"_term":"asc"}},"
 aggs":{"stats":{"terms":{"field":"type"},"aggs":{"
 unique":{"filter":{"term":{"unique":true}}}]]]; nested: 
 GroovyScriptCompilationException[MultipleCompilationErrorsException[startup
  
 failed: General error during canonicalization: Method calls not allowed on 
 [java.lang.String] java.lang.SecurityException: Method calls not allowed 
 on 
 [java.lang.String] at org.codehaus.groovy.control.customizers.
 SecureASTCustomizer$SecuringCodeVisitor.visitMethodCallExpression(SecureASTCustomizer.java:855)
  
 at 
 org.codehaus.groovy.ast.expr.MethodCallExpression.visit(MethodCallExpression.java:64)
  
 at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
 SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:897) 
 at 
 org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
  
 at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
 SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896) 
 at 
 org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
  
 at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
 SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896) 
 at 
 org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
  
 at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
 SecuringCodeVisitor.visitExpressionStatement(SecureASTCustomizer.java:777) 
 at 
 org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:40)
  
 at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
 SecuringCodeVisitor.visitBlockStatement(SecureASTCustomizer.java:737) 
 at 
 org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:69) 
 at 
 org.codehaus.groovy.control.customizers.SecureASTCustomizer.call(SecureASTCustomizer.java:552)
  
 at org.codehaus.groovy.control.CompilationUnit.
 applyToPrimaryClassNodes(CompilationUnit.java:1047) at 
 org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:583)
  
 at 
 org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:561)
  
 at 
 org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:538)
  
 at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:286) 
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:259) 
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:245) 
 at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:203) 
 at org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(
 GroovyScriptEngineService.java:119) at org.elasticsearch.script.
 ScriptService.getCompiledScript(Script

Re: Switching from mvel to groovy with java methods

2014-12-10 Thread joergpra...@gmail.com 
No. I think ES developers configured the sandbox to deny java.lang.* calls
and java.lang.String is not in the whitelist.

https://github.com/elasticsearch/elasticsearch/blob/b43b56a6a85f7dd131086fd83dc9267aecbbf0a3/src/main/java/org/elasticsearch/script/groovy/GroovySandboxExpressionChecker.java#L90-L111

You can add java.lang.String to the whitelist by defining your own
whitelist including java.lang.String

http://www.elasticsearch.org/guide/en/elasticsearch/reference/current/modules-scripting.html#_groovy_sandboxing

or open an issue with the request to add java.lang.String to the groovy
whitelist by default.

Jörg


On Wed, Dec 10, 2014 at 11:13 AM, Dunaeth  wrote:

> May this exception be caused by a bad dynamic_scripting parameter ?
>
> Le mercredi 10 décembre 2014 11:10:14 UTC+1, Dunaeth a écrit :
>
>> Here it is :
>>
>> [log-2014-02][0]: SearchParseException[[log-2014-02][0]:
>>> from[-1],size[0]: Parse Failure [Failed to parse source
>>> [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"
>>> must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}
>>> },{"range":{"date":{"gte":"2014-11-08T23:00:00.000+00:00"
>>> ,"lt":"2014-12-09T23:00:00.000+00:00"}}}]},"aggs":{"per_
>>> day":{"terms":{"script":"doc.date.date.setZone(org.
>>> elasticsearch.common.joda.time.DateTimeZone.forID('
>>> Europe/Paris'));doc.date.date.year+'-'+String.format('%02d',
>>> doc.date.date.monthOfYear)+'-'+String.format('%02d',doc.
>>> date.date.dayOfMonth)","size":31,"order":{"_term":"asc"}},"
>>> aggs":{"stats":{"terms":{"field":"type"},"aggs":{"
>>> unique":{"filter":{"term":{"unique":true}}}]]]; nested:
>>> GroovyScriptCompilationException[MultipleCompilationErrorsException[startup
>>> failed: General error during canonicalization: Method calls not allowed on
>>> [java.lang.String] java.lang.SecurityException: Method calls not allowed on
>>> [java.lang.String] at org.codehaus.groovy.control.customizers.
>>> SecureASTCustomizer$SecuringCodeVisitor.visitMethodCallExpression(SecureASTCustomizer.java:855)
>>> at 
>>> org.codehaus.groovy.ast.expr.MethodCallExpression.visit(MethodCallExpression.java:64)
>>> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
>>> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:897)
>>> at 
>>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
>>> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>>> at 
>>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
>>> SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>>> at 
>>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
>>> SecuringCodeVisitor.visitExpressionStatement(SecureASTCustomizer.java:777)
>>> at 
>>> org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:40)
>>> at org.codehaus.groovy.control.customizers.SecureASTCustomizer$
>>> SecuringCodeVisitor.visitBlockStatement(SecureASTCustomizer.java:737)
>>> at org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:69)
>>> at 
>>> org.codehaus.groovy.control.customizers.SecureASTCustomizer.call(SecureASTCustomizer.java:552)
>>> at 
>>> org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1047)
>>> at 
>>> org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:583)
>>> at 
>>> org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:561)
>>> at 
>>> org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:538)
>>> at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:286)
>>> at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:259)
>>> at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:245)
>>> at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:203)
>>> at org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(
>>> GroovyScriptEngineService.java:119) at org.elasticsearch.script.
>>> ScriptService.getCompiledScript(ScriptService.java:353) at
>>> org.elasticsearch.script.ScriptService.compile(ScriptService.java:339)
>>> at org.elasticsearch.script.ScriptService.search(ScriptService.java:475)
>>> at org.elasticsearch.search.aggregations.support.ValuesSourceParser.
>>> createScript(ValuesSourceParser.java:193) at org.elasticsearch.search.
>>> aggregations.support.ValuesSourceParser.config(ValuesSourceParser.java:153)
>>> at org.elasticsearch.search.aggregations.bucket.terms.
>>> TermsParser.parse(TermsParser.java:57) at org.elasticsearch.search.
>>> aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:130)
>>> at org.elasticsearch.search.aggregations.AggregatorParsers.
>>> parseAggregato

Re: Switching from mvel to groovy with java methods

2014-12-10 Thread Dunaeth 
May this exception be caused by a bad dynamic_scripting parameter ?

Le mercredi 10 décembre 2014 11:10:14 UTC+1, Dunaeth a écrit :
>
> Here it is :
>
> [log-2014-02][0]: SearchParseException[[log-2014-02][0]: from[-1],size[0]: 
>> Parse Failure [Failed to parse source 
>> [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}},{"range":{"date":{"gte":"2014-11-08T23:00:00.000+00:00","lt":"2014-12-09T23:00:00.000+00:00"}}}]},"aggs":{"per_day":{"terms":{"script":"doc.date.date.setZone(org.elasticsearch.common.joda.time.DateTimeZone.forID('Europe/Paris'));doc.date.date.year+'-'+String.format('%02d',doc.date.date.monthOfYear)+'-'+String.format('%02d',doc.date.date.dayOfMonth)","size":31,"order":{"_term":"asc"}},"aggs":{"stats":{"terms":{"field":"type"},"aggs":{"unique":{"filter":{"term":{"unique":true}}}]]];
>>  
>> nested: 
>> GroovyScriptCompilationException[MultipleCompilationErrorsException[startup 
>> failed: General error during canonicalization: Method calls not allowed on 
>> [java.lang.String] java.lang.SecurityException: Method calls not allowed on 
>> [java.lang.String] at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitMethodCallExpression(SecureASTCustomizer.java:855)
>>  
>> at 
>> org.codehaus.groovy.ast.expr.MethodCallExpression.visit(MethodCallExpression.java:64)
>>  
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:897)
>>  
>> at 
>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>  
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>>  
>> at 
>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>  
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>>  
>> at 
>> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49)
>>  
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitExpressionStatement(SecureASTCustomizer.java:777)
>>  
>> at 
>> org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:40)
>>  
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBlockStatement(SecureASTCustomizer.java:737)
>>  
>> at 
>> org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:69) 
>> at 
>> org.codehaus.groovy.control.customizers.SecureASTCustomizer.call(SecureASTCustomizer.java:552)
>>  
>> at 
>> org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1047)
>>  
>> at 
>> org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:583)
>>  
>> at 
>> org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:561)
>>  
>> at 
>> org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:538)
>>  
>> at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:286) 
>> at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:259) at 
>> groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:245) at 
>> groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:203) at 
>> org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(GroovyScriptEngineService.java:119)
>>  
>> at 
>> org.elasticsearch.script.ScriptService.getCompiledScript(ScriptService.java:353)
>>  
>> at org.elasticsearch.script.ScriptService.compile(ScriptService.java:339) 
>> at org.elasticsearch.script.ScriptService.search(ScriptService.java:475) at 
>> org.elasticsearch.search.aggregations.support.ValuesSourceParser.createScript(ValuesSourceParser.java:193)
>>  
>> at 
>> org.elasticsearch.search.aggregations.support.ValuesSourceParser.config(ValuesSourceParser.java:153)
>>  
>> at 
>> org.elasticsearch.search.aggregations.bucket.terms.TermsParser.parse(TermsParser.java:57)
>>  
>> at 
>> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:130)
>>  
>> at 
>> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:120)
>>  
>> at 
>> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:77)
>>  
>> at 
>> org.elasticsearch.search.aggregations.AggregationParseElement.parse(AggregationParseElement.java:60)
>>  
>> at 
>> org.elasticsearch.search.SearchService.parseSource(SearchService.java:665) 
>> at 
>> org.elasticsearch.search.SearchService.createContext(SearchService.java:537) 
>> at 
>> org.elasticsearch.search.SearchService.createAndPutContext(SearchService.java:509)
>>  
>> at 
>> org.elasticsearch.search.SearchService.executeQueryPhase(SearchService.java:264)
>>  
>> at 
>> org.elasti

Re: Switching from mvel to groovy with java methods

2014-12-10 Thread Dunaeth 
Here it is :

[log-2014-02][0]: SearchParseException[[log-2014-02][0]: from[-1],size[0]: 
> Parse Failure [Failed to parse source 
> [{"size":0,"aggs":{"prefilter":{"filter":{"and":[{"bool":{"must":[{"term":{"valid":true}},{"term":{"shop_id":"1838"}}]}},{"range":{"date":{"gte":"2014-11-08T23:00:00.000+00:00","lt":"2014-12-09T23:00:00.000+00:00"}}}]},"aggs":{"per_day":{"terms":{"script":"doc.date.date.setZone(org.elasticsearch.common.joda.time.DateTimeZone.forID('Europe/Paris'));doc.date.date.year+'-'+String.format('%02d',doc.date.date.monthOfYear)+'-'+String.format('%02d',doc.date.date.dayOfMonth)","size":31,"order":{"_term":"asc"}},"aggs":{"stats":{"terms":{"field":"type"},"aggs":{"unique":{"filter":{"term":{"unique":true}}}]]];
>  
> nested: 
> GroovyScriptCompilationException[MultipleCompilationErrorsException[startup 
> failed: General error during canonicalization: Method calls not allowed on 
> [java.lang.String] java.lang.SecurityException: Method calls not allowed on 
> [java.lang.String] at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitMethodCallExpression(SecureASTCustomizer.java:855)
>  
> at 
> org.codehaus.groovy.ast.expr.MethodCallExpression.visit(MethodCallExpression.java:64)
>  
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:897)
>  
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49) 
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>  
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49) 
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBinaryExpression(SecureASTCustomizer.java:896)
>  
> at 
> org.codehaus.groovy.ast.expr.BinaryExpression.visit(BinaryExpression.java:49) 
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitExpressionStatement(SecureASTCustomizer.java:777)
>  
> at 
> org.codehaus.groovy.ast.stmt.ExpressionStatement.visit(ExpressionStatement.java:40)
>  
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer$SecuringCodeVisitor.visitBlockStatement(SecureASTCustomizer.java:737)
>  
> at 
> org.codehaus.groovy.ast.stmt.BlockStatement.visit(BlockStatement.java:69) 
> at 
> org.codehaus.groovy.control.customizers.SecureASTCustomizer.call(SecureASTCustomizer.java:552)
>  
> at 
> org.codehaus.groovy.control.CompilationUnit.applyToPrimaryClassNodes(CompilationUnit.java:1047)
>  
> at 
> org.codehaus.groovy.control.CompilationUnit.doPhaseOperation(CompilationUnit.java:583)
>  
> at 
> org.codehaus.groovy.control.CompilationUnit.processPhaseOperations(CompilationUnit.java:561)
>  
> at 
> org.codehaus.groovy.control.CompilationUnit.compile(CompilationUnit.java:538) 
> at groovy.lang.GroovyClassLoader.doParseClass(GroovyClassLoader.java:286) 
> at groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:259) at 
> groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:245) at 
> groovy.lang.GroovyClassLoader.parseClass(GroovyClassLoader.java:203) at 
> org.elasticsearch.script.groovy.GroovyScriptEngineService.compile(GroovyScriptEngineService.java:119)
>  
> at 
> org.elasticsearch.script.ScriptService.getCompiledScript(ScriptService.java:353)
>  
> at org.elasticsearch.script.ScriptService.compile(ScriptService.java:339) 
> at org.elasticsearch.script.ScriptService.search(ScriptService.java:475) at 
> org.elasticsearch.search.aggregations.support.ValuesSourceParser.createScript(ValuesSourceParser.java:193)
>  
> at 
> org.elasticsearch.search.aggregations.support.ValuesSourceParser.config(ValuesSourceParser.java:153)
>  
> at 
> org.elasticsearch.search.aggregations.bucket.terms.TermsParser.parse(TermsParser.java:57)
>  
> at 
> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:130)
>  
> at 
> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:120)
>  
> at 
> org.elasticsearch.search.aggregations.AggregatorParsers.parseAggregators(AggregatorParsers.java:77)
>  
> at 
> org.elasticsearch.search.aggregations.AggregationParseElement.parse(AggregationParseElement.java:60)
>  
> at 
> org.elasticsearch.search.SearchService.parseSource(SearchService.java:665) 
> at 
> org.elasticsearch.search.SearchService.createContext(SearchService.java:537) 
> at 
> org.elasticsearch.search.SearchService.createAndPutContext(SearchService.java:509)
>  
> at 
> org.elasticsearch.search.SearchService.executeQueryPhase(SearchService.java:264)
>  
> at 
> org.elasticsearch.search.action.SearchServiceTransportAction$5.call(SearchServiceTransportAction.java:231)
>  
> at 
> org.elasticsearch.search.action.SearchServiceTransportAction$5.call(SearchServiceTransportAction.java:228)
>  
> at 
> org.elasticsearch.searc

Re: Switching from mvel to groovy with java methods

2014-12-10 Thread joergpra...@gmail.com 
Can you post the security exception?

Jörg

On Wed, Dec 10, 2014 at 11:02 AM, Dunaeth  wrote:

> Hi,
>
> With ES 1.4, the default scripting language switched from mvel to groovy.
> We were using script fields in our queries like
> «String.format('%02d',doc.date.date.monthOfYear)», is there a way to
> achieve the same result using groovy ? ATM, we're experiencing security
> exceptions, method calls not allowed.
>
> --
> You received this message because you are subscribed to the Google Groups
> "elasticsearch" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to elasticsearch+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/elasticsearch/d9afcc9a-f4a5-411f-9fd2-0c51f44a5f2a%40googlegroups.com
> 
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"elasticsearch" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to elasticsearch+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/elasticsearch/CAKdsXoEGB4UoNOT8OKo2wC_ezgdgq9_-QMDL7Z5h3mWgq_BNgw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.