Added code to find out if a property is defined in the
type.properties file before returning its value as a macro. Return an error message if the property is not defined, or if the macro tried to access a private property (which currently applies only to user passwords).
This commit is contained in:
hns
parent
0dd58e56b0
commit
aec53f4425
1 changed files with 8 additions and 2 deletions
|
|
@ -1032,14 +1032,20 @@ public class RequestEvaluator implements Runnable {
|
||||||
* is a java object) with that name.
|
* is a java object) with that name.
|
||||||
*/
|
*/
|
||||||
public Object getProperty (Object obj, String propname) {
|
public Object getProperty (Object obj, String propname) {
|
||||||
if (obj == null)
|
if (obj == null || propname == null)
|
||||||
return null;
|
return null;
|
||||||
|
|
||||||
String prototypeName = app.getPrototypeName (obj);
|
String prototypeName = app.getPrototypeName (obj);
|
||||||
if ("user".equalsIgnoreCase (prototypeName) &&
|
if ("user".equalsIgnoreCase (prototypeName) &&
|
||||||
"password".equalsIgnoreCase (propname))
|
"password".equalsIgnoreCase (propname))
|
||||||
return null;
|
return "[macro access to password property not allowed]";
|
||||||
|
|
||||||
|
DbMapping dbm = app.getDbMapping (prototypeName);
|
||||||
|
if (dbm != null) {
|
||||||
|
Relation rel = dbm.propertyToRelation (propname);
|
||||||
|
if (rel == null || !rel.isPrimitive ())
|
||||||
|
return "[property \""+propname+"\" is not defined for "+prototypeName+"]";
|
||||||
|
}
|
||||||
ESObject eso = getElementWrapper (obj);
|
ESObject eso = getElementWrapper (obj);
|
||||||
try {
|
try {
|
||||||
ESValue prop = eso.getProperty (propname, propname.hashCode());
|
ESValue prop = eso.getProperty (propname, propname.hashCode());
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue