2

We are using GraalVM for some scripting requirements in our product. The version of the GraalVM is 21.2.0 We are using JavaScript and Groovy. We want to forbid some methods on certain classes from using in scripts. Example :

mytest.js

var testService=Java.type('mypackage.TestService');
    new testService().forbiddenJavaMethod();  // this should not be called

TestService.java

package mypackage;
    
    public class TestService{
        
        public void forbiddenJavaMethod(){
            // business logic
        }
    
    }

Is there a way to achieve this in Graal ? I could not find a way to do "method" filtering. Any other approach to solve this?

Sushen Sable
  • 21
  • 1
  • SecurityManager? https://stackoverflow.com/questions/50825335/information-hiding-in-groovy-using-closures-naming-conventions/50853784#50853784 – daggett Aug 27 '22 at 07:11

2 Answers2

3

You can configure host access when configuring the context. Namely

public Context.Builder allowHostAccess(HostAccess config)

https://www.graalvm.org/truffle/javadoc/org/graalvm/polyglot/Context.Builder.html#allowHostAccess-org.graalvm.polyglot.HostAccess-

Where the host access can be

HostAccess.EXPLICIT - Java host methods or fields, must be public and be annotated with @Export to make them accessible to the guest language.

https://www.graalvm.org/truffle/javadoc/org/graalvm/polyglot/HostAccess.html

Or you can go into a lot more fine-grained control using the HostAccess.Builder

https://www.graalvm.org/truffle/javadoc/org/graalvm/polyglot/HostAccess.Builder.html

BoriS
  • 907
  • 5
  • 13
0

If you can't use HostAccess.EXPLICIT for some reason (eg. you want to keep access to java.util etc), then you can create custom wrapper classes that only expose the relevant methods. With allowHostClassLookup() you can limit which classes are exposed in the engine.

public class Example {
    public static void main(String[] args) {
        TestService service = new TestService();
        Context.Builder builder = Context.newBuilder("js")
            .allowHostAccess(HostAccess.ALL)
            .allowHostClassLookup(path -> path.endsWith("TestServiceScriptable"));
        GraalJSScriptEngine engine = GraalJSScriptEngine.create(null, builder);
        engine.put("service", TestServiceScriptable.newInstance(service));
    }

}


public class TestService {
    public void forbiddenJavaMethod() {
        System.out.println("forbidden!");
    }
    public void allowedMethod() {
        System.out.println("allowed");
    }
}

public class TestServiceScriptable {
    private final TestService service;

    private TestServiceScriptable(TestService service) {
        this.service = service;
    }

    public static TestServiceScriptable newInstance(TestService service) {
        return new TestServiceScriptable(service);
    }


    public void allowedMethod() {
        service.allowedMethod();
    }
}

Then:

// Should work
service.allowedMethod();

// Shouldn't work
service.forbiddenMethod();
colouredmirrorball
  • 199
  • 11
  • In above case we are hardcoding name of service as 'service'. – Sushen Sable Sep 01 '22 at 09:06
  • engine.put("service", TestServiceScriptable.newInstance(service)); – Sushen Sable Sep 01 '22 at 09:11
  • So always we have to use same name as ''service' while calling from JavaScript, Instead of that is there any way to not having fixed name for Java object? – Sushen Sable Sep 01 '22 at 09:23
  • The method engine.put(String key, Object value) is where the Java object is attached to the script. Modify the "key" parameter to your needs. Eg. if you did engine.put("aLudicrouslyNamedParameter", TestServiceScriptable.newInstance(service)); then the Javascript should be aLudicrouslyNamedParameter.allowedMethod(); – colouredmirrorball Sep 02 '22 at 14:41