Class SecureASTCustomizer.SecuringCodeVisitor

java.lang.Object
org.codehaus.groovy.control.customizers.SecureASTCustomizer.SecuringCodeVisitor
All Implemented Interfaces:
GroovyCodeVisitor
Enclosing class:
SecureASTCustomizer

protected class SecureASTCustomizer.SecuringCodeVisitor extends Object implements GroovyCodeVisitor
This visitor directly implements the GroovyCodeVisitor interface instead of using the CodeVisitorSupport class to make sure that future features of the language gets managed by this visitor. Thus, adding a new feature would result in a compilation error if this visitor is not updated.
  • Constructor Details

    • SecuringCodeVisitor

      protected SecuringCodeVisitor()
  • Method Details

    • assertStatementAuthorized

      protected void assertStatementAuthorized(Statement statement) throws SecurityException
      Checks that a given statement is either in the allowed list or not in the disallowed list.
      Parameters:
      statement - the statement to be checked
      Throws:
      SecurityException - if usage of this statement class is forbidden
    • assertExpressionAuthorized

      protected void assertExpressionAuthorized(Expression expression) throws SecurityException
      Checks that a given expression is either in the allowed list or not in the disallowed list.
      Parameters:
      expression - the expression to be checked
      Throws:
      SecurityException - if usage of this expression class is forbidden
    • getExpressionType

      protected ClassNode getExpressionType(ClassNode objectExpressionType)
      Returns the effective receiver type for nested array expressions.
      Parameters:
      objectExpressionType - the candidate receiver type
      Returns:
      the component type for arrays, otherwise the original type
    • assertTokenAuthorized

      protected void assertTokenAuthorized(Token token) throws SecurityException
      Checks that a given token is either in the allowed list or not in the disallowed list.
      Parameters:
      token - the token to be checked
      Throws:
      SecurityException - if usage of this token is forbidden
    • visitBlockStatement

      public void visitBlockStatement(BlockStatement block)
      Validates a block statement and then visits each nested statement.
      Specified by:
      visitBlockStatement in interface GroovyCodeVisitor
      Parameters:
      block - the block statement to visit
    • visitForLoop

      public void visitForLoop(ForStatement forLoop)
      Validates a for loop and then visits its collection and body.
      Specified by:
      visitForLoop in interface GroovyCodeVisitor
      Parameters:
      forLoop - the loop to visit
    • visitWhileLoop

      public void visitWhileLoop(WhileStatement loop)
      Validates a while loop and then visits its condition and body.
      Specified by:
      visitWhileLoop in interface GroovyCodeVisitor
      Parameters:
      loop - the loop to visit
    • visitDoWhileLoop

      public void visitDoWhileLoop(DoWhileStatement loop)
      Validates a do/while loop and then visits its body and condition.
      Specified by:
      visitDoWhileLoop in interface GroovyCodeVisitor
      Parameters:
      loop - the loop to visit
    • visitIfElse

      public void visitIfElse(IfStatement ifElse)
      Validates an if-else statement and then visits its condition and branches.
      Specified by:
      visitIfElse in interface GroovyCodeVisitor
      Parameters:
      ifElse - the conditional statement to visit
    • visitExpressionStatement

      public void visitExpressionStatement(ExpressionStatement statement)
      Validates an expression statement and then visits its expression.
      Specified by:
      visitExpressionStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitReturnStatement

      public void visitReturnStatement(ReturnStatement statement)
      Validates a return statement and then visits its return value.
      Specified by:
      visitReturnStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitAssertStatement

      public void visitAssertStatement(AssertStatement statement)
      Validates an assert statement and then visits its condition and message.
      Specified by:
      visitAssertStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitTryCatchFinally

      public void visitTryCatchFinally(TryCatchStatement statement)
      Validates a try-catch-finally statement and then visits all nested blocks.
      Specified by:
      visitTryCatchFinally in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitEmptyStatement

      public void visitEmptyStatement(EmptyStatement statement)
      Ignores empty statements.
      Specified by:
      visitEmptyStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the empty statement
    • visitSwitch

      public void visitSwitch(SwitchStatement statement)
      Validates a switch statement and then visits its selector and branches.
      Specified by:
      visitSwitch in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitCaseStatement

      public void visitCaseStatement(CaseStatement statement)
      Validates a case statement and then visits its condition and body.
      Specified by:
      visitCaseStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitBreakStatement

      public void visitBreakStatement(BreakStatement statement)
      Validates a break statement.
      Specified by:
      visitBreakStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitContinueStatement

      public void visitContinueStatement(ContinueStatement statement)
      Validates a continue statement.
      Specified by:
      visitContinueStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitThrowStatement

      public void visitThrowStatement(ThrowStatement statement)
      Validates a throw statement and then visits the thrown expression.
      Specified by:
      visitThrowStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitSynchronizedStatement

      public void visitSynchronizedStatement(SynchronizedStatement statement)
      Validates a synchronized statement and then visits its expression and body.
      Specified by:
      visitSynchronizedStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitCatchStatement

      public void visitCatchStatement(CatchStatement statement)
      Validates a catch block and then visits its body.
      Specified by:
      visitCatchStatement in interface GroovyCodeVisitor
      Parameters:
      statement - the statement to visit
    • visitMethodCallExpression

      public void visitMethodCallExpression(MethodCallExpression call)
      Validates a method call and then visits its receiver, name, and arguments.
      Specified by:
      visitMethodCallExpression in interface GroovyCodeVisitor
      Parameters:
      call - the method call expression to visit
    • visitStaticMethodCallExpression

      public void visitStaticMethodCallExpression(StaticMethodCallExpression call)
      Validates a static method call and then visits its arguments.
      Specified by:
      visitStaticMethodCallExpression in interface GroovyCodeVisitor
      Parameters:
      call - the static method call to visit
    • visitConstructorCallExpression

      public void visitConstructorCallExpression(ConstructorCallExpression call)
      Validates a constructor call and then visits its arguments.
      Specified by:
      visitConstructorCallExpression in interface GroovyCodeVisitor
      Parameters:
      call - the constructor call to visit
    • visitTernaryExpression

      public void visitTernaryExpression(TernaryExpression expression)
      Validates a ternary expression and then visits all branches.
      Specified by:
      visitTernaryExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the ternary expression to visit
    • visitShortTernaryExpression

      public void visitShortTernaryExpression(ElvisOperatorExpression expression)
      Validates an Elvis expression and then delegates to ternary-expression handling.
      Specified by:
      visitShortTernaryExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the Elvis expression to visit
    • visitBinaryExpression

      public void visitBinaryExpression(BinaryExpression expression)
      Validates a binary expression, its operator token, and both operands.
      Specified by:
      visitBinaryExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the binary expression to visit
    • visitPrefixExpression

      public void visitPrefixExpression(PrefixExpression expression)
      Validates a prefix expression and then visits its operand.
      Specified by:
      visitPrefixExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the prefix expression to visit
    • visitPostfixExpression

      public void visitPostfixExpression(PostfixExpression expression)
      Validates a postfix expression and then visits its operand.
      Specified by:
      visitPostfixExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the postfix expression to visit
    • visitBooleanExpression

      public void visitBooleanExpression(BooleanExpression expression)
      Validates a boolean expression and then visits its wrapped expression.
      Specified by:
      visitBooleanExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the boolean expression to visit
    • visitClosureExpression

      public void visitClosureExpression(ClosureExpression expression)
      Validates a closure expression and then visits its body when closures are allowed.
      Specified by:
      visitClosureExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the closure expression to visit
    • visitLambdaExpression

      public void visitLambdaExpression(LambdaExpression expression)
      Delegates lambda-expression validation to closure-expression handling.
      Specified by:
      visitLambdaExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the lambda expression to visit
    • visitTupleExpression

      public void visitTupleExpression(TupleExpression expression)
      Validates a tuple expression and then visits its elements.
      Specified by:
      visitTupleExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the tuple expression to visit
    • visitMapExpression

      public void visitMapExpression(MapExpression expression)
      Validates a map expression and then visits its entries.
      Specified by:
      visitMapExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the map expression to visit
    • visitMapEntryExpression

      public void visitMapEntryExpression(MapEntryExpression expression)
      Validates a map entry expression and then visits its key and value.
      Specified by:
      visitMapEntryExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the map entry expression to visit
    • visitListExpression

      public void visitListExpression(ListExpression expression)
      Validates a list expression and then visits its elements.
      Specified by:
      visitListExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the list expression to visit
    • visitRangeExpression

      public void visitRangeExpression(RangeExpression expression)
      Validates a range expression and then visits both endpoints.
      Specified by:
      visitRangeExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the range expression to visit
    • visitPropertyExpression

      public void visitPropertyExpression(PropertyExpression expression)
      Validates a property expression and then visits its receiver and property.
      Specified by:
      visitPropertyExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the property expression to visit
    • visitAttributeExpression

      public void visitAttributeExpression(AttributeExpression expression)
      Validates an attribute expression and then visits its receiver and attribute.
      Specified by:
      visitAttributeExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the attribute expression to visit
    • visitFieldExpression

      public void visitFieldExpression(FieldExpression expression)
      Validates a field expression.
      Specified by:
      visitFieldExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the field expression to visit
    • visitMethodPointerExpression

      public void visitMethodPointerExpression(MethodPointerExpression expression)
      Validates a method-pointer expression and then visits its target and method name.
      Specified by:
      visitMethodPointerExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the method-pointer expression to visit
    • visitMethodReferenceExpression

      public void visitMethodReferenceExpression(MethodReferenceExpression expression)
      Delegates method-reference validation to method-pointer handling.
      Specified by:
      visitMethodReferenceExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the method-reference expression to visit
    • visitConstantExpression

      public void visitConstantExpression(ConstantExpression expression)
      Validates a constant expression and its constant type.
      Specified by:
      visitConstantExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the constant expression to visit
    • visitClassExpression

      public void visitClassExpression(ClassExpression expression)
      Validates a class expression.
      Specified by:
      visitClassExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the class expression to visit
    • visitVariableExpression

      public void visitVariableExpression(VariableExpression expression)
      Validates a variable expression and its inferred type.
      Specified by:
      visitVariableExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the variable expression to visit
    • visitDeclarationExpression

      public void visitDeclarationExpression(DeclarationExpression expression)
      Validates a declaration expression via binary-expression handling.
      Specified by:
      visitDeclarationExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the declaration expression to visit
    • visitGStringExpression

      public void visitGStringExpression(GStringExpression expression)
      Validates a GString expression and then visits its string and value parts.
      Specified by:
      visitGStringExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the GString expression to visit
    • visitArrayExpression

      public void visitArrayExpression(ArrayExpression expression)
      Validates an array expression and then visits its elements and size expressions.
      Specified by:
      visitArrayExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the array expression to visit
    • visitSpreadExpression

      public void visitSpreadExpression(SpreadExpression expression)
      Validates a spread expression and then visits its nested expression.
      Specified by:
      visitSpreadExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the spread expression to visit
    • visitSpreadMapExpression

      public void visitSpreadMapExpression(SpreadMapExpression expression)
      Validates a spread-map expression and then visits its nested expression.
      Specified by:
      visitSpreadMapExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the spread-map expression to visit
    • visitNotExpression

      public void visitNotExpression(NotExpression expression)
      Validates a logical-not expression and then visits its operand.
      Specified by:
      visitNotExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the not expression to visit
    • visitUnaryMinusExpression

      public void visitUnaryMinusExpression(UnaryMinusExpression expression)
      Validates a unary-minus expression and then visits its operand.
      Specified by:
      visitUnaryMinusExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the unary-minus expression to visit
    • visitUnaryPlusExpression

      public void visitUnaryPlusExpression(UnaryPlusExpression expression)
      Validates a unary-plus expression and then visits its operand.
      Specified by:
      visitUnaryPlusExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the unary-plus expression to visit
    • visitBitwiseNegationExpression

      public void visitBitwiseNegationExpression(BitwiseNegationExpression expression)
      Validates a bitwise-negation expression and then visits its operand.
      Specified by:
      visitBitwiseNegationExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the bitwise-negation expression to visit
    • visitCastExpression

      public void visitCastExpression(CastExpression expression)
      Validates a cast expression and then visits its operand.
      Specified by:
      visitCastExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the cast expression to visit
    • visitArgumentlistExpression

      public void visitArgumentlistExpression(ArgumentListExpression expression)
      Validates an argument-list expression and then visits its elements.
      Specified by:
      visitArgumentlistExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the argument-list expression to visit
    • visitClosureListExpression

      public void visitClosureListExpression(ClosureListExpression closureListExpression)
      Validates a closure-list expression and then visits its nested expressions.
      Specified by:
      visitClosureListExpression in interface GroovyCodeVisitor
      Parameters:
      closureListExpression - the closure-list expression to visit
    • visitBytecodeExpression

      public void visitBytecodeExpression(BytecodeExpression expression)
      Validates a bytecode expression.
      Specified by:
      visitBytecodeExpression in interface GroovyCodeVisitor
      Parameters:
      expression - the bytecode expression to visit