From cc22bd3b60da92004362c0d6133e8cee3b020a3e Mon Sep 17 00:00:00 2001 From: Daniel Slapman Date: Sun, 11 Dec 2022 20:03:13 +0100 Subject: [PATCH] Replace pseudofunction mechanism with JS sandboxing --- .../tinkoff/tcb/mockingbird/Mockingbird.scala | 6 +- .../mockingbird/api/PublicApiHandler.scala | 5 +- .../mockingbird/config/Configuration.scala | 4 +- .../mockingbird/grpc/GrpcRequestHandler.scala | 7 ++- .../mockingbird/scenario/ScenarioEngine.scala | 5 +- .../utils/sandboxing/ClassAccessRule.scala | 13 ---- .../tcb/utils/sandboxing/GraalJsSandbox.scala | 56 +++++++++-------- .../transformation/json/js_eval/package.scala | 13 +++- .../utils/transformation/json/package.scala | 44 +++---------- .../tcb/utils/transformation/package.scala | 37 ----------- .../utils/sandboxing/GraalJsSandboxSpec.scala | 4 +- .../transformation/json/JsEvalSpec.scala | 10 +-- .../json/JsonTransformationsSpec.scala | 63 +++---------------- readme.md | 2 +- 14 files changed, 85 insertions(+), 184 deletions(-) delete mode 100644 backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/ClassAccessRule.scala diff --git a/backend/mockingbird-api/src/main/scala/ru/tinkoff/tcb/mockingbird/Mockingbird.scala b/backend/mockingbird-api/src/main/scala/ru/tinkoff/tcb/mockingbird/Mockingbird.scala index 3466ec55..07d80417 100644 --- a/backend/mockingbird-api/src/main/scala/ru/tinkoff/tcb/mockingbird/Mockingbird.scala +++ b/backend/mockingbird-api/src/main/scala/ru/tinkoff/tcb/mockingbird/Mockingbird.scala @@ -21,7 +21,6 @@ import sttp.client3.armeria.zio.ArmeriaZioBackend import tofu.logging.Logging import tofu.logging.impl.ZUniversalLogging import zio.managed.* - import ru.tinkoff.tcb.mockingbird.api.AdminApiHandler import ru.tinkoff.tcb.mockingbird.api.AdminHttp import ru.tinkoff.tcb.mockingbird.api.MetricsHttp @@ -51,6 +50,8 @@ import ru.tinkoff.tcb.mockingbird.stream.EphemeralCleaner import ru.tinkoff.tcb.mockingbird.stream.EventSpawner import ru.tinkoff.tcb.mockingbird.stream.SDFetcher import ru.tinkoff.tcb.utils.metrics.makeRegistry +import ru.tinkoff.tcb.utils.resource.readStr +import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox object Mockingbird extends scala.App { type FL = WLD & ServerConfig & PublicHttp & EventSpawner & ResourceManager & EphemeralCleaner & GrpcRequestHandler @@ -142,6 +143,7 @@ object Mockingbird extends scala.App { scopedBackend <- ArmeriaZioBackend.scopedUsingClient(webClient) } yield scopedBackend }, + (ZLayer.service[ServerConfig].project(_.sandbox) ++ ZLayer.fromZIO(ZIO.attempt(readStr("prelude.js")).map(Option(_)))) >>> GraalJsSandbox.live, mongoLayer, aesEncoder, collection(_.stub) >>> HttpStubDAOImpl.live, @@ -186,10 +188,12 @@ object Mockingbird extends scala.App { .exec(bytes) .provideSome[RequestContext]( Tracing.live, + MockingbirdConfiguration.server, MockingbirdConfiguration.mongo, mongoLayer, collection(_.state) >>> PersistentStateDAOImpl.live, collection(_.grpcStub) >>> GrpcStubDAOImpl.live, + (ZLayer.service[ServerConfig].project(_.sandbox) ++ ZLayer.fromZIO(ZIO.attempt(readStr("prelude.js")).map(Option(_)))) >>> GraalJsSandbox.live, GrpcStubResolverImpl.live, GrpcRequestHandlerImpl.live ) diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/api/PublicApiHandler.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/api/PublicApiHandler.scala index edb904d9..19464ea1 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/api/PublicApiHandler.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/api/PublicApiHandler.scala @@ -41,6 +41,7 @@ import ru.tinkoff.tcb.mockingbird.scenario.CallbackEngine import ru.tinkoff.tcb.mockingbird.scenario.ScenarioEngine import ru.tinkoff.tcb.utils.circe.optics.JsonOptic import ru.tinkoff.tcb.utils.regex.* +import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox import ru.tinkoff.tcb.utils.transformation.json.* import ru.tinkoff.tcb.utils.transformation.string.* import ru.tinkoff.tcb.utils.transformation.xml.* @@ -54,6 +55,7 @@ final class PublicApiHandler( stateDAO: PersistentStateDAO[Task], resolver: StubResolver, engine: CallbackEngine, + implicit val jsSandbox: GraalJsSandbox, private val httpBackend: SttpBackend[Task, ?], proxyConfig: ProxyConfig ) { @@ -304,8 +306,9 @@ object PublicApiHandler { ssd <- ZIO.service[PersistentStateDAO[Task]] resolver <- ZIO.service[StubResolver] engine <- ZIO.service[ScenarioEngine] + jsSandbox <- ZIO.service[GraalJsSandbox] sttpClient <- ZIO.service[SttpBackend[Task, Any]] proxyCfg <- ZIO.service[ProxyConfig] - } yield new PublicApiHandler(hsd, ssd, resolver, engine, sttpClient, proxyCfg) + } yield new PublicApiHandler(hsd, ssd, resolver, engine, jsSandbox, sttpClient, proxyCfg) } } diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/config/Configuration.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/config/Configuration.scala index 470351da..e45177f8 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/config/Configuration.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/config/Configuration.scala @@ -8,7 +8,9 @@ import net.ceedubs.ficus.Ficus.* import net.ceedubs.ficus.readers.ArbitraryTypeReader.* import net.ceedubs.ficus.readers.EnumerationReader.* -case class ServerConfig(interface: String, port: Int, allowedOrigins: Seq[String], healthCheckRoute: Option[String]) +case class JsSandboxConfig(allowedClasses: Set[String] = Set()) + +case class ServerConfig(interface: String, port: Int, allowedOrigins: Seq[String], healthCheckRoute: Option[String], sandbox: JsSandboxConfig) case class SecurityConfig(secret: String) diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/grpc/GrpcRequestHandler.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/grpc/GrpcRequestHandler.scala index b6b262f1..156a55a7 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/grpc/GrpcRequestHandler.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/grpc/GrpcRequestHandler.scala @@ -18,13 +18,15 @@ import ru.tinkoff.tcb.mockingbird.model.FillResponse import ru.tinkoff.tcb.mockingbird.model.GProxyResponse import ru.tinkoff.tcb.mockingbird.model.PersistentState import ru.tinkoff.tcb.mockingbird.model.Scope +import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox import ru.tinkoff.tcb.utils.transformation.json.* trait GrpcRequestHandler { def exec(bytes: Array[Byte]): RIO[WLD & RequestContext, Array[Byte]] } -class GrpcRequestHandlerImpl(stubResolver: GrpcStubResolver) extends GrpcRequestHandler { +class GrpcRequestHandlerImpl(stubResolver: GrpcStubResolver, implicit val jsSandbox: GraalJsSandbox) + extends GrpcRequestHandler { override def exec(bytes: Array[Byte]): RIO[WLD & RequestContext, Array[Byte]] = for { context <- ZIO.service[RequestContext] @@ -86,7 +88,8 @@ class GrpcRequestHandlerImpl(stubResolver: GrpcStubResolver) extends GrpcRequest } object GrpcRequestHandlerImpl { - val live: URLayer[GrpcStubResolver, GrpcRequestHandler] = ZLayer.fromFunction(new GrpcRequestHandlerImpl(_)) + val live: URLayer[GrpcStubResolver & GraalJsSandbox, GrpcRequestHandlerImpl] = + ZLayer.fromFunction(new GrpcRequestHandlerImpl(_, _)) } object GrpcRequestHandler { diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/scenario/ScenarioEngine.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/scenario/ScenarioEngine.scala index 4eb69f9b..1d3da61f 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/scenario/ScenarioEngine.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/mockingbird/scenario/ScenarioEngine.scala @@ -42,6 +42,7 @@ import ru.tinkoff.tcb.mockingbird.model.XMLCallbackRequest import ru.tinkoff.tcb.mockingbird.model.XmlOutput import ru.tinkoff.tcb.mockingbird.stream.SDFetcher import ru.tinkoff.tcb.utils.id.SID +import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox import ru.tinkoff.tcb.utils.transformation.json.* import ru.tinkoff.tcb.utils.transformation.string.* import ru.tinkoff.tcb.utils.transformation.xml.* @@ -62,6 +63,7 @@ final class ScenarioEngine( stateDAO: PersistentStateDAO[Task], resolver: ScenarioResolver, fetcher: SDFetcher, + implicit val jsSandbox: GraalJsSandbox, private val httpBackend: SttpBackend[Task, ?] ) extends CallbackEngine { private val log = MDCLogging.`for`[WLD](this) @@ -222,7 +224,8 @@ object ScenarioEngine { psd <- ZIO.service[PersistentStateDAO[Task]] resolver <- ZIO.service[ScenarioResolver] fetcher <- ZIO.service[SDFetcher] + jsSandbox <- ZIO.service[GraalJsSandbox] sttpClient <- ZIO.service[SttpBackend[Task, Any]] - } yield new ScenarioEngine(sd, psd, resolver, fetcher, sttpClient) + } yield new ScenarioEngine(sd, psd, resolver, fetcher, jsSandbox, sttpClient) } } diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/ClassAccessRule.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/ClassAccessRule.scala deleted file mode 100644 index 8cef1aa4..00000000 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/ClassAccessRule.scala +++ /dev/null @@ -1,13 +0,0 @@ -package ru.tinkoff.tcb.utils.sandboxing - -sealed trait ClassAccessRule extends (String => Boolean) - -object ClassAccessRule { - case class Exact(className: String) extends ClassAccessRule { - override def apply(arg: String): Boolean = arg == className - } - - case class StartsWith(prefix: String) extends ClassAccessRule { - override def apply(arg: String): Boolean = arg.startsWith(prefix) - } -} diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandbox.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandbox.scala index cedb9d3a..694b7ced 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandbox.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandbox.scala @@ -7,22 +7,21 @@ import scala.util.Using import org.graalvm.polyglot.* -import ru.tinkoff.tcb.utils.instances.predicate.or.* +import ru.tinkoff.tcb.mockingbird.config.JsSandboxConfig class GraalJsSandbox( - classAccessRules: List[ClassAccessRule] = GraalJsSandbox.DefaultAccess, + jsSandboxConfig: JsSandboxConfig, prelude: Option[String] = None ) { - private val accessRule = classAccessRules.asInstanceOf[List[String => Boolean]].combineAll - - private val preludeSource = prelude.map(Source.create("js", _)) + private val allowedClasses = GraalJsSandbox.DefaultAccess ++ jsSandboxConfig.allowedClasses + private val preludeSource = prelude.map(Source.create("js", _)) def eval[T: ClassTag](code: String, environment: Map[String, Any] = Map.empty): Try[T] = Using( Context .newBuilder("js") .allowHostAccess(HostAccess.ALL) - .allowHostClassLookup((t: String) => accessRule(t)) + .allowHostClassLookup((t: String) => allowedClasses(t)) .option("engine.WarnInterpreterOnly", "false") .build() ) { context => @@ -36,24 +35,31 @@ class GraalJsSandbox( } object GraalJsSandbox { - val DefaultAccess: List[ClassAccessRule] = List( - ClassAccessRule.Exact("java.lang.Byte"), - ClassAccessRule.Exact("java.lang.Boolean"), - ClassAccessRule.Exact("java.lang.Double"), - ClassAccessRule.Exact("java.lang.Float"), - ClassAccessRule.Exact("java.lang.Integer"), - ClassAccessRule.Exact("java.lang.Long"), - ClassAccessRule.Exact("java.lang.Math"), - ClassAccessRule.Exact("java.lang.Short"), - ClassAccessRule.Exact("java.lang.String"), - ClassAccessRule.Exact("java.math.BigDecimal"), - ClassAccessRule.Exact("java.math.BigInteger"), - ClassAccessRule.Exact("java.time.LocalDate"), - ClassAccessRule.Exact("java.time.LocalDateTime"), - ClassAccessRule.Exact("java.time.format.DateTimeFormatter"), - ClassAccessRule.Exact("java.util.List"), - ClassAccessRule.Exact("java.util.Map"), - ClassAccessRule.Exact("java.util.Random"), - ClassAccessRule.Exact("java.util.Set") + val live: URLayer[Option[String] & JsSandboxConfig, GraalJsSandbox] = ZLayer { + for { + sandboxConfig <- ZIO.service[JsSandboxConfig] + prelude <- ZIO.service[Option[String]] + } yield new GraalJsSandbox(sandboxConfig, prelude) + } + + val DefaultAccess: Set[String] = Set( + "java.lang.Byte", + "java.lang.Boolean", + "java.lang.Double", + "java.lang.Float", + "java.lang.Integer", + "java.lang.Long", + "java.lang.Math", + "java.lang.Short", + "java.lang.String", + "java.math.BigDecimal", + "java.math.BigInteger", + "java.time.LocalDate", + "java.time.LocalDateTime", + "java.time.format.DateTimeFormatter", + "java.util.List", + "java.util.Map", + "java.util.Random", + "java.util.Set" ) } diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/js_eval/package.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/js_eval/package.scala index 0a51c3db..ff67e71e 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/js_eval/package.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/js_eval/package.scala @@ -1,6 +1,7 @@ package ru.tinkoff.tcb.utils.transformation.json -import java.lang.Boolean as JBoolean +import java.lang as jl +import java.math as jm import scala.jdk.CollectionConverters.* import io.circe.Json @@ -11,7 +12,7 @@ package object js_eval { val circe2js: Json.Folder[AnyRef] = new Json.Folder[AnyRef] { override def onNull: AnyRef = null - override def onBoolean(value: Boolean): AnyRef = JBoolean.valueOf(value) + override def onBoolean(value: Boolean): AnyRef = jl.Boolean.valueOf(value) override def onNumber(value: JsonNumber): AnyRef = value.toBigDecimal.map(_.bigDecimal).orNull @@ -25,4 +26,12 @@ package object js_eval { .toMap .asJava } + + val fold2Json: PartialFunction[AnyRef, Json] = { + case b: jl.Boolean => Json.fromBoolean(b) + case s: String => Json.fromString(s) + case bd: jm.BigDecimal => Json.fromBigDecimal(bd) + case i: jl.Integer => Json.fromInt(i.intValue()) + case l: jl.Long => Json.fromLong(l.longValue()) + } } diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/package.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/package.scala index ce080bdc..a1314514 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/package.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/json/package.scala @@ -1,7 +1,5 @@ package ru.tinkoff.tcb.utils.transformation -import java.lang as jl -import java.math as jm import scala.util.Failure import scala.util.Success import scala.util.control.TailCalls @@ -10,13 +8,13 @@ import scala.util.control.TailCalls.TailRec import io.circe.Json import io.circe.JsonNumber as JNumber import kantan.xpath.* -import mouse.boolean.* import ru.tinkoff.tcb.utils.circe.* import ru.tinkoff.tcb.utils.circe.optics.JsonOptic import ru.tinkoff.tcb.utils.json.json2StringFolder import ru.tinkoff.tcb.utils.regex.OneOrMore import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox +import ru.tinkoff.tcb.utils.transformation.json.js_eval.fold2Json import ru.tinkoff.tcb.utils.transformation.xml.nodeTemplater package object json { @@ -91,39 +89,13 @@ package object json { }.result } - def eval: Json = - transformValues { case js @ JsonString(str) => - str - .foldTemplate( - Json.fromString, - Json.fromInt, - Json.fromLong - ) - .orElse { - FunRx - .findFirstIn(str) - .isDefined - .option( - FunRx - .replaceSomeIn(str, m => m.matched.foldTemplate(identity, _.toString(), _.toString())) - ) - .map(Json.fromString) - } - .getOrElse(js) - }.result - - def eval2(implicit sandbox: GraalJsSandbox): Json = - transformValues { - case js @ JsonString(CodeRx(code)) => - (sandbox.eval[AnyRef](code) match { - case Success(str: String) => Option(Json.fromString(str)) - case Success(bd: jm.BigDecimal) => Option(Json.fromBigDecimal(bd)) - case Success(i: jl.Integer) => Option(Json.fromInt(i.intValue())) - case Success(l: jl.Long) => Option(Json.fromLong(l.longValue())) - case Success(other) => throw new Exception(s"${other.getClass.getCanonicalName}: $other") - case Failure(exception) => throw exception - }).getOrElse(js) - case JsonString(other) => throw new Exception(other) + def eval(implicit sandbox: GraalJsSandbox): Json = + transformValues { case js @ JsonString(CodeRx(code)) => + (sandbox.eval[AnyRef](code) match { + case Success(value) if fold2Json.isDefinedAt(value) => Option(fold2Json(value)) + case Success(other) => throw new Exception(s"${other.getClass.getCanonicalName}: $other") + case Failure(exception) => throw exception + }).getOrElse(js) }.result def patch(values: Json, schema: Map[JsonOptic, String]): Json = diff --git a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/package.scala b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/package.scala index db16b13f..1ef76a13 100644 --- a/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/package.scala +++ b/backend/mockingbird/src/main/scala/ru/tinkoff/tcb/utils/transformation/package.scala @@ -1,13 +1,7 @@ package ru.tinkoff.tcb.utils -import java.time.LocalDate -import java.time.LocalDateTime -import java.util.UUID -import scala.util.Random import scala.util.matching.Regex -import ru.tinkoff.tcb.utils.time.* - package object transformation { val SubstRx: Regex = """\$\{(.*?)\}""".r val FunRx: Regex = """%\{.*?\}""".r @@ -24,35 +18,4 @@ package object transformation { val Today: Regex = """%\{today\((.*?)\)\}""".r val Now: Regex = """%\{now\((.*?)\)\}""".r - - implicit final class TemplateTransformations(private val template: String) extends AnyVal { - def foldTemplate[T](foldString: String => T, foldInt: Int => T, foldLong: Long => T): Option[T] = - template match { - case RandStr(len) => - Some(foldString(Random.alphanumeric.take(len.toInt).mkString)) - case RandAlphabetStr(alphabet, minLen, maxLen) => - Some( - foldString( - List.fill(Random.between(minLen.toInt, maxLen.toInt))(alphabet(Random.nextInt(alphabet.length))).mkString - ) - ) - case RandNumStr(len) => - Some(foldString(Seq.fill(len.toInt)(Random.nextInt(10)).mkString)) - case RandInt(max) => - Some(foldInt(Random.nextInt(max.toInt))) - case RandIntInterval(min, max) => - Some(foldInt(Random.between(min.toInt, max.toInt))) - case RandLong(max) => - Some(foldLong(Random.nextLong(max.toLong))) - case RandLongInterval(min, max) => - Some(foldLong(Random.between(min.toLong, max.toLong))) - case RandUUID() => - Some(foldString(UUID.randomUUID().toString)) - case Today(Formatter(fmt)) => - Some(foldString(LocalDate.now().format(fmt))) - case Now(Formatter(fmt)) => - Some(foldString(LocalDateTime.now().format(fmt))) - case _ => None - } - } } diff --git a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandboxSpec.scala b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandboxSpec.scala index 1314cc13..d4a0dd38 100644 --- a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandboxSpec.scala +++ b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/sandboxing/GraalJsSandboxSpec.scala @@ -5,8 +5,10 @@ import org.scalatest.TryValues import org.scalatest.funsuite.AnyFunSuite import org.scalatest.matchers.should.Matchers +import ru.tinkoff.tcb.mockingbird.config.JsSandboxConfig + class GraalJsSandboxSpec extends AnyFunSuite with Matchers with TryValues { - private val sandbox = new GraalJsSandbox + private val sandbox = new GraalJsSandbox(new JsSandboxConfig()) test("Eval simple arithmetics") { sandbox.eval[Int]("1 + 2").success.value shouldBe 3 diff --git a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsEvalSpec.scala b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsEvalSpec.scala index 55769367..a80a47dd 100644 --- a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsEvalSpec.scala +++ b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsEvalSpec.scala @@ -11,12 +11,12 @@ import org.scalatest.TryValues import org.scalatest.funsuite.AnyFunSuite import org.scalatest.matchers.should.Matchers -import ru.tinkoff.tcb.utils.sandboxing.ClassAccessRule +import ru.tinkoff.tcb.mockingbird.config.JsSandboxConfig import ru.tinkoff.tcb.utils.sandboxing.GraalJsSandbox import ru.tinkoff.tcb.utils.transformation.json.js_eval.circe2js class JsEvalSpec extends AnyFunSuite with Matchers with TryValues { - private val sandbox = new GraalJsSandbox + private val sandbox = new GraalJsSandbox(JsSandboxConfig()) test("Simple expressions") { val data = Json.obj("a" := Json.obj("b" := 42, "c" := "test", "d" := 1 :: 2 :: Nil)) @@ -39,11 +39,7 @@ class JsEvalSpec extends AnyFunSuite with Matchers with TryValues { } test("JS functions") { - val aesSandbox = new GraalJsSandbox( - classAccessRules = List( - ClassAccessRule.Exact("java.security.MessageDigest") - ) ::: GraalJsSandbox.DefaultAccess - ) + val aesSandbox = new GraalJsSandbox(JsSandboxConfig(Set("java.security.MessageDigest"))) val etalon = MessageDigest.getInstance("SHA-1").digest("abc".getBytes) diff --git a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsonTransformationsSpec.scala b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsonTransformationsSpec.scala index 0c0907aa..d4a1c8b3 100644 --- a/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsonTransformationsSpec.scala +++ b/backend/mockingbird/src/test/scala/ru/tinkoff/tcb/utils/transformation/json/JsonTransformationsSpec.scala @@ -10,6 +10,7 @@ import org.scalatest.OptionValues import org.scalatest.funsuite.AnyFunSuite import org.scalatest.matchers.should.Matchers +import ru.tinkoff.tcb.mockingbird.config.JsSandboxConfig import ru.tinkoff.tcb.utils.circe.* import ru.tinkoff.tcb.utils.circe.optics.JLens import ru.tinkoff.tcb.utils.circe.optics.JsonOptic @@ -147,59 +148,6 @@ class JsonTransformationsSpec extends AnyFunSuite with Matchers with OptionValue Json.obj().substitute(Json.obj()) } - test("Simple eval") { - val datePattern = "yyyy-MM-dd" - val dFormatter = DateTimeFormatter.ofPattern(datePattern) - val pattern = "yyyy-MM-dd'T'HH:mm:ss" - val formatter = DateTimeFormatter.ofPattern(pattern) - - val template = Json.obj( - "a" := "%{randomString(10)}", - "ai" := "%{randomString(\"ABCDEF1234567890\", 4, 6)}", - "b" := "%{randomInt(5)}", - "bi" := "%{randomInt(3, 8)}", - "c" := "%{randomLong(5)}", - "ci" := "%{randomLong(3, 8)}", - "d" := "%{UUID}", - "e" := s"%{now($pattern)}", - "f" := s"%{today($datePattern)}" - ) - - template.isTemplate shouldBe true - - val res = template.eval - - (res \\ "a").headOption.flatMap(_.asString).value should have length 10 - - info((res \\ "ai").headOption.flatMap(_.asString).value) - (res \\ "ai").headOption.flatMap(_.asString).value should fullyMatch regex """[ABCDEF1234567890]{4,5}""" - - val b = (res \\ "b").headOption.flatMap(_.asNumber).flatMap(_.toInt).value - b should be >= 0 - b should be < 5 - - val bi = (res \\ "bi").headOption.flatMap(_.asNumber).flatMap(_.toInt).value - bi should be >= 3 - bi should be < 8 - - val c = (res \\ "c").headOption.flatMap(_.asNumber).flatMap(_.toLong).value - c should be >= 0L - c should be < 5L - - val ci = (res \\ "ci").headOption.flatMap(_.asNumber).flatMap(_.toLong).value - ci should be >= 3L - ci should be < 8L - - val d = (res \\ "d").headOption.flatMap(_.asString).value - noException should be thrownBy UUID.fromString(d) - - val e = (res \\ "e").headOption.flatMap(_.asString).value - noException should be thrownBy formatter.parse(e) - - val f = (res \\ "f").headOption.flatMap(_.asString).value - noException should be thrownBy dFormatter.parse(f) - } - test("JavaScript eval") { val datePattern = "yyyy-MM-dd" val dFormatter = DateTimeFormatter.ofPattern(datePattern) @@ -207,7 +155,7 @@ class JsonTransformationsSpec extends AnyFunSuite with Matchers with OptionValue val formatter = DateTimeFormatter.ofPattern(pattern) val prelude = readStr("prelude.js") - implicit val sandbox: GraalJsSandbox = new GraalJsSandbox(prelude = Option(prelude)) + implicit val sandbox: GraalJsSandbox = new GraalJsSandbox(JsSandboxConfig(), prelude = Option(prelude)) val template = Json.obj( "a" := "%{randomString(10)}", @@ -221,7 +169,7 @@ class JsonTransformationsSpec extends AnyFunSuite with Matchers with OptionValue "f" := s"%{today('$datePattern')}" ) - val res = template.eval2 + val res = template.eval (res \\ "a").headOption.flatMap(_.asString).value should have length 10 @@ -255,8 +203,11 @@ class JsonTransformationsSpec extends AnyFunSuite with Matchers with OptionValue } test("Formatted eval") { + val prelude = readStr("prelude.js") + implicit val sandbox: GraalJsSandbox = new GraalJsSandbox(JsSandboxConfig(), prelude = Option(prelude)) + val template = Json.obj( - "fmt" := "%{randomInt(10)}: %{randomLong(10)} | %{randomString(12)}" + "fmt" := "%{randomInt(10) + ': ' + randomLong(10) + ' | ' + randomString(12)}" ) template.isTemplate shouldBe true diff --git a/readme.md b/readme.md index 3d38b62e..0cc96cc8 100644 --- a/readme.md +++ b/readme.md @@ -166,7 +166,7 @@ State аккумулятивно дописывается. Разрешено п * `%{now("yyyy-MM-dd'T'HH:mm:ss")}` - текущее время в заданном [формате](https://docs.oracle.com/javase/8/docs/api/java/time/format/DateTimeFormatter.html) * `%{today("yyyy-MM-dd")}` - текущая дата в заданном [формате](https://docs.oracle.com/javase/8/docs/api/java/time/format/DateTimeFormatter.html) -Можно определять строки со сложным форматом: `%{randomInt(10)}: %{randomLong(10)} | %{randomString(12)}`, поддерживаются все псевдофункции из списка выше +Можно определять строки со сложным форматом: `%{randomInt(10) +': ' + randomLong(10) + ' | ' + {randomString(12)}`, поддерживаются все псевдофункции из списка выше ## Резолвинг заглушек/сценариев