|
Struts example source code file (ParametersInterceptor.java)
The Struts ParametersInterceptor.java source code/* * Copyright 2002-2007,2009 The Apache Software Foundation. * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package com.opensymphony.xwork2.interceptor; import com.opensymphony.xwork2.ActionContext; import com.opensymphony.xwork2.ActionInvocation; import com.opensymphony.xwork2.ValidationAware; import com.opensymphony.xwork2.conversion.impl.InstantiatingNullHandler; import com.opensymphony.xwork2.conversion.impl.XWorkConverter; import com.opensymphony.xwork2.inject.Inject; import com.opensymphony.xwork2.util.ClearableValueStack; import com.opensymphony.xwork2.util.LocalizedTextUtil; import com.opensymphony.xwork2.util.MemberAccessValueStack; import com.opensymphony.xwork2.util.TextParseUtil; import com.opensymphony.xwork2.util.ValueStack; import com.opensymphony.xwork2.util.ValueStackFactory; import com.opensymphony.xwork2.util.logging.Logger; import com.opensymphony.xwork2.util.logging.LoggerFactory; import com.opensymphony.xwork2.util.reflection.ReflectionContextState; import java.util.Collection; import java.util.Collections; import java.util.Comparator; import java.util.HashSet; import java.util.Map; import java.util.Set; import java.util.TreeMap; import java.util.regex.Matcher; import java.util.regex.Pattern; /** * <!-- START SNIPPET: description --> * This interceptor sets all parameters on the value stack. * <p/> * This interceptor gets all parameters from {@link ActionContext#getParameters()} and sets them on the value stack by * calling {@link ValueStack#setValue(String, Object)}, typically resulting in the values submitted in a form * request being applied to an action in the value stack. Note that the parameter map must contain a String key and * often containers a String[] for the value. * <p/> * <p/> The interceptor takes one parameter named 'ordered'. When set to true action properties are guaranteed to be * set top-down which means that top action's properties are set first. Then it's subcomponents properties are set. * The reason for this order is to enable a 'factory' pattern. For example, let's assume that one has an action * that contains a property named 'modelClass' that allows to choose what is the underlying implementation of model. * By assuring that modelClass property is set before any model properties are set, it's possible to choose model * implementation during action.setModelClass() call. Similiarily it's possible to use action.setPrimaryKey() * property set call to actually load the model class from persistent storage. Without any assumption on parameter * order you have to use patterns like 'Preparable'. * <p/> * <p/> Because parameter names are effectively OGNL statements, it is important that security be taken in to account. * This interceptor will not apply any values in the parameters map if the expression contains an assignment (=), * multiple expressions (,), or references any objects in the context (#). This is all done in the {@link * #acceptableName(String)} method. In addition to this method, if the action being invoked implements the {@link * ParameterNameAware} interface, the action will be consulted to determine if the parameter should be set. * <p/> * <p/> In addition to these restrictions, a flag ({@link ReflectionContextState#DENY_METHOD_EXECUTION}) is set such that * no methods are allowed to be invoked. That means that any expression such as <i>person.doSomething() or * <i>person.getName() will be explicitely forbidden. This is needed to make sure that your application is not * exposed to attacks by malicious users. * <p/> * <p/> While this interceptor is being invoked, a flag ({@link ReflectionContextState#CREATE_NULL_OBJECTS}) is turned * on to ensure that any null reference is automatically created - if possible. See the type conversion documentation * and the {@link InstantiatingNullHandler} javadocs for more information. * <p/> * <p/> Finally, a third flag ({@link XWorkConverter#REPORT_CONVERSION_ERRORS}) is set that indicates any errors when * converting the the values to their final data type (String[] -> int) an unrecoverable error occured. With this * flag set, the type conversion errors will be reported in the action context. See the type conversion documentation * and the {@link XWorkConverter} javadocs for more information. * <p/> * <p/> If you are looking for detailed logging information about your parameters, turn on DEBUG level logging for this * interceptor. A detailed log of all the parameter keys and values will be reported. * <p/> * <p/> * <b>Note: Since XWork 2.0.2, this interceptor extends {@link MethodFilterInterceptor}, therefore being * able to deal with excludeMethods / includeMethods parameters. See [Workflow Interceptor] * (class {@link DefaultWorkflowInterceptor}) for documentation and examples on how to use this feature. * <p/> * <!-- END SNIPPET: description --> * <p/> * <p/> Interceptor parameters: * <p/> * <!-- START SNIPPET: parameters --> * <p/> * <ul> * <p/> * <li>ordered - set to true if you want the top-down property setter behaviour * <p/> * </ul> * <p/> * <!-- END SNIPPET: parameters --> * <p/> * <p/> Extending the interceptor: * <p/> * <!-- START SNIPPET: extending --> * <p/> * <p/> The best way to add behavior to this interceptor is to utilize the {@link ParameterNameAware} interface in your * actions. However, if you wish to apply a global rule that isn't implemented in your action, then you could extend * this interceptor and override the {@link #acceptableName(String)} method. * <p/> * <!-- END SNIPPET: extending --> * <p/> * <p/> Example code: * <p/> * <pre> * <!-- START SNIPPET: example --> * <action name="someAction" class="com.examples.SomeAction"> * <interceptor-ref name="params"/> * <result name="success">good_result.ftl</result> * </action> * <!-- END SNIPPET: example --> * </pre> * * @author Patrick Lightbody */ public class ParametersInterceptor extends MethodFilterInterceptor { private static final Logger LOG = LoggerFactory.getLogger(ParametersInterceptor.class); boolean ordered = false; Set<Pattern> excludeParams = Collections.emptySet(); Set<Pattern> acceptParams = Collections.emptySet(); static boolean devMode = false; // Allowed names of parameters private String acceptedParamNames = "[a-zA-Z0-9\\.\\]\\[\\(\\)_'\\s]+"; private Pattern acceptedPattern = Pattern.compile(acceptedParamNames); private ValueStackFactory valueStackFactory; @Inject public void setValueStackFactory(ValueStackFactory valueStackFactory) { this.valueStackFactory = valueStackFactory; } @Inject("devMode") public static void setDevMode(String mode) { devMode = "true".equals(mode); } public void setAcceptParamNames(String commaDelim) { Collection<String> acceptPatterns = asCollection(commaDelim); if (acceptPatterns != null) { acceptParams = new HashSet<Pattern>(); for (String pattern : acceptPatterns) { acceptParams.add(Pattern.compile(pattern)); } } } /** * Compares based on number of '.' characters (fewer is higher) */ static final Comparator<String> rbCollator = new Comparator Other Struts examples (source code examples)Here is a short list of links related to this Struts ParametersInterceptor.java source code file: |
... this post is sponsored by my books ... | |
#1 New Release! |
FP Best Seller |
Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.
A percentage of advertising revenue from
pages under the /java/jwarehouse
URI on this website is
paid back to open source projects.