EvaluationContextFactories.java

1 
package pro.verron.officestamper.preset;
2
3
4 
import org.springframework.expression.AccessException;
5 
import org.springframework.expression.EvaluationContext;
6 
import org.springframework.expression.TypeLocator;
7 
import org.springframework.expression.spel.SpelEvaluationException;
8 
import org.springframework.expression.spel.SpelMessage;
9 
import org.springframework.expression.spel.support.*;
10 
import pro.verron.officestamper.api.EvaluationContextFactory;
11 
import pro.verron.officestamper.api.OfficeStamperException;
12
13 
import java.util.ArrayList;
14 
import java.util.List;
15
16 
import static java.util.Collections.emptyList;
17
18 
/// Utility class for configuring the [EvaluationContext] used by officestamper.
19 
public class EvaluationContextFactories {
20
21 
    private EvaluationContextFactories() {
22 
        throw new OfficeStamperException("EvaluationContextConfigurers cannot be instantiated");
23 
    }
24
25 
    /// Returns an [EvaluationContextFactory] instance that does no customization.
26 
    /// This factory does nothing to the [StandardEvaluationContext] class, and therefore all the unfiltered features
27 
    /// are accessible. It should be used when there is a need to use the powerful features of the aforementioned class,
28 
    /// and there is a trust that the template won't contain any dangerous injections.
29 
    ///
30 
    /// @return an [EvaluationContextFactory] instance
31 
    public static EvaluationContextFactory noopFactory() {
32 1 1. noopFactory : replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::noopFactory → KILLED
 
        return object -> {
33 
            var standardEvaluationContext = new StandardEvaluationContext(object);
34 
            // Just add the MapAccessor to the standard list.
35 1 1. lambda$noopFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setPropertyAccessors → TIMED_OUT
 
            standardEvaluationContext.setPropertyAccessors(List.of(new ReflectivePropertyAccessor(),
36 
                    new MapAccessor()));
37 1 1. lambda$noopFactory$0 : replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::lambda$noopFactory$0 → TIMED_OUT
 
            return standardEvaluationContext;
38 
        };
39 
    }
40
41 
    /// Returns a default [EvaluationContextFactory] instance.
42 
    /// The default factory provides better default security for the [EvaluationContext] used by OfficeStamper. It
43 
    /// sets up the context with enhanced security measures, such as limited property accessors, constructor resolvers,
44 
    /// and method resolvers. It also sets a type locator, type converter, type comparator, and operator overloader.
45 
    /// This factory is recommended to be used when there is a need for improved security and protection against
46 
    /// potential dangerous injections in the template.
47 
    ///
48 
    /// @return an [EvaluationContextFactory] instance with enhanced security features
49 
    public static EvaluationContextFactory defaultFactory() {
50 1 1. defaultFactory : replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::defaultFactory → KILLED
 
        return object -> {
51 
            var standardEvaluationContext = new StandardEvaluationContext(object);
52 
            TypeLocator typeLocator = typeName -> {
53 
                throw new SpelEvaluationException(SpelMessage.TYPE_NOT_FOUND, typeName);
54 
            };
55 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setPropertyAccessors → TIMED_OUT
 
            standardEvaluationContext.setPropertyAccessors(List.of(DataBindingPropertyAccessor.forReadWriteAccess(),
56 
                    new MapAccessor()));
57 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setConstructorResolvers → TIMED_OUT
 
            standardEvaluationContext.setConstructorResolvers(emptyList());
58 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setMethodResolvers → TIMED_OUT
 
            standardEvaluationContext.setMethodResolvers(new ArrayList<>(List.of(DataBindingMethodResolver.forInstanceMethodInvocation())));
59 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setBeanResolver → TIMED_OUT
 
            standardEvaluationContext.setBeanResolver((_, _) -> {
60 
                throw new AccessException("Bean resolution not supported for security reasons.");
61 
            });
62 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeLocator → KILLED
 
            standardEvaluationContext.setTypeLocator(typeLocator);
63 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeConverter → TIMED_OUT
 
            standardEvaluationContext.setTypeConverter(new StandardTypeConverter());
64 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeComparator → TIMED_OUT
 
            standardEvaluationContext.setTypeComparator(new StandardTypeComparator());
65 1 1. lambda$defaultFactory$0 : removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setOperatorOverloader → TIMED_OUT
 
            standardEvaluationContext.setOperatorOverloader(new StandardOperatorOverloader());
66 1 1. lambda$defaultFactory$0 : replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::lambda$defaultFactory$0 → KILLED
 
            return standardEvaluationContext;
67 
        };
68 
    }
69
70 
}

Mutations

32

1.1
Location : noopFactory
Killed by : pro.verron.officestamper.test.SpelInstantiationTest.[engine:junit-jupiter]/[class:pro.verron.officestamper.test.SpelInstantiationTest]/[test-template:testDateInstantiationAndResolution(pro.verron.officestamper.test.utils.ContextFactory)]/[test-template-invocation:#2] replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::noopFactory → KILLED

35

1.1
Location : lambda$noopFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setPropertyAccessors → TIMED_OUT

37

1.1
Location : lambda$noopFactory$0
Killed by : none replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::lambda$noopFactory$0 → TIMED_OUT

50

1.1
Location : defaultFactory
Killed by : pro.verron.officestamper.test.FailOnUnresolvedPlaceholderTest.[engine:junit-jupiter]/[class:pro.verron.officestamper.test.FailOnUnresolvedPlaceholderTest]/[test-template:fails(pro.verron.officestamper.test.utils.ContextFactory)]/[test-template-invocation:#1] replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::defaultFactory → KILLED

55

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setPropertyAccessors → TIMED_OUT

57

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setConstructorResolvers → TIMED_OUT

58

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setMethodResolvers → TIMED_OUT

59

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setBeanResolver → TIMED_OUT

62

1.1
Location : lambda$defaultFactory$0
Killed by : pro.verron.officestamper.test.SpelInjectionTest.[engine:junit-jupiter]/[class:pro.verron.officestamper.test.SpelInjectionTest]/[test-template:spelInjectionTest(pro.verron.officestamper.test.utils.ContextFactory)]/[test-template-invocation:#2] removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeLocator → KILLED

63

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeConverter → TIMED_OUT

64

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setTypeComparator → TIMED_OUT

65

1.1
Location : lambda$defaultFactory$0
Killed by : none removed call to org/springframework/expression/spel/support/StandardEvaluationContext::setOperatorOverloader → TIMED_OUT

66

1.1
Location : lambda$defaultFactory$0
Killed by : pro.verron.officestamper.test.SpelInjectionTest.[engine:junit-jupiter]/[class:pro.verron.officestamper.test.SpelInjectionTest]/[test-template:spelInjectionTest(pro.verron.officestamper.test.utils.ContextFactory)]/[test-template-invocation:#2] replaced return value with null for pro/verron/officestamper/preset/EvaluationContextFactories::lambda$defaultFactory$0 → KILLED

Active mutators

Tests examined


Report generated by PIT 1.22.0