/** * Checks, if Java serialization will be used and if it is allowed to be used. * @param variableName * @param value */ protected void checkJavaSerialization(String variableName, TypedValue value) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); if (value instanceof SerializableValue && !processEngineConfiguration.isJavaSerializationFormatEnabled()) { SerializableValue serializableValue = (SerializableValue) value; // if Java serialization is prohibited if (!serializableValue.isDeserialized()) { String javaSerializationDataFormat = Variables.SerializationDataFormats.JAVA.getName(); String requestedDataFormat = serializableValue.getSerializationDataFormat(); if (requestedDataFormat == null) { // check if Java serializer will be used final TypedValueSerializer serializerForValue = TypedValueField.getSerializers() .findSerializerForValue(serializableValue, processEngineConfiguration.getFallbackSerializerFactory()); if (serializerForValue != null) { requestedDataFormat = serializerForValue.getSerializationDataformat(); } } if (javaSerializationDataFormat.equals(requestedDataFormat)) { throw ProcessEngineLogger.CORE_LOGGER.javaSerializationProhibitedException(variableName); } } } }
/** * Checks, if Java serialization will be used and if it is allowed to be used. * @param variableName * @param value */ protected void checkJavaSerialization(String variableName, TypedValue value) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); if (value instanceof SerializableValue && !processEngineConfiguration.isJavaSerializationFormatEnabled()) { SerializableValue serializableValue = (SerializableValue) value; // if Java serialization is prohibited if (!serializableValue.isDeserialized()) { String javaSerializationDataFormat = Variables.SerializationDataFormats.JAVA.getName(); String requestedDataFormat = serializableValue.getSerializationDataFormat(); if (requestedDataFormat == null) { // check if Java serializer will be used final TypedValueSerializer serializerForValue = TypedValueField.getSerializers() .findSerializerForValue(serializableValue, processEngineConfiguration.getFallbackSerializerFactory()); if (serializerForValue != null) { requestedDataFormat = serializerForValue.getSerializationDataformat(); } } if (javaSerializationDataFormat.equals(requestedDataFormat)) { throw ProcessEngineLogger.CORE_LOGGER.javaSerializationProhibitedException(variableName); } } } }
protected TypedValueSerializer determineSerializer(VariableSerializers serializers, TypedValue value) { TypedValueSerializer serializer = serializers.findSerializerForValue(value); if(serializer.getType() == ValueType.BYTES){ throw new ProcessEngineException("Variables of type ByteArray cannot be used to query"); } else if(serializer.getType() == ValueType.FILE){ throw new ProcessEngineException("Variables of type File cannot be used to query"); } else if(serializer instanceof JPAVariableSerializer) { if(wrappedQueryValue.getOperator() != QueryOperator.EQUALS) { throw new ProcessEngineException("JPA entity variables can only be used in 'variableValueEquals'"); } } else { if(!serializer.getType().isPrimitiveValueType()) { throw new ProcessEngineException("Object values cannot be used to query"); } } return serializer; }
public TypedValue setValue(TypedValue value) { // determine serializer to use serializer = getSerializers().findSerializerForValue(value, Context.getProcessEngineConfiguration().getFallbackSerializerFactory()); serializerName = serializer.getName(); if(value instanceof UntypedValueImpl) { // type has been detected value = serializer.convertToTypedValue((UntypedValueImpl) value); } // set new value writeValue(value, valueFields); // cache the value cachedValue = value; // ensure that we serialize the object on command context flush // if it can be implicitly changed if (notifyOnImplicitUpdates && isMutableValue(cachedValue)) { Context.getCommandContext().registerCommandContextListener(this); } return value; }
protected TypedValueSerializer determineSerializer(VariableSerializers serializers, TypedValue value) { TypedValueSerializer serializer = serializers.findSerializerForValue(value); if(serializer.getType() == ValueType.BYTES){ throw new ProcessEngineException("Variables of type ByteArray cannot be used to query"); } else if(serializer.getType() == ValueType.FILE){ throw new ProcessEngineException("Variables of type File cannot be used to query"); } else if(serializer instanceof JPAVariableSerializer) { if(wrappedQueryValue.getOperator() != QueryOperator.EQUALS) { throw new ProcessEngineException("JPA entity variables can only be used in 'variableValueEquals'"); } } else { if(!serializer.getType().isPrimitiveValueType()) { throw new ProcessEngineException("Object values cannot be used to query"); } } return serializer; }
public TypedValue setValue(TypedValue value) { // determine serializer to use serializer = getSerializers().findSerializerForValue(value, Context.getProcessEngineConfiguration().getFallbackSerializerFactory()); serializerName = serializer.getName(); if(value instanceof UntypedValueImpl) { // type has been detected value = serializer.convertToTypedValue((UntypedValueImpl) value); } // set new value writeValue(value, valueFields); // cache the value cachedValue = value; // ensure that we serialize the object on command context flush // if it can be implicitly changed if (notifyOnImplicitUpdates && isMutableValue(cachedValue)) { Context.getCommandContext().registerCommandContextListener(this); } return value; }
/** * Checks, if Java serialization will be used and if it is allowed to be used. * @param variableName * @param value */ protected void checkJavaSerialization(String variableName, TypedValue value) { ProcessEngineConfigurationImpl processEngineConfiguration = Context.getProcessEngineConfiguration(); if (value instanceof SerializableValue && !processEngineConfiguration.isJavaSerializationFormatEnabled()) { SerializableValue serializableValue = (SerializableValue) value; // if Java serialization is prohibited if (!serializableValue.isDeserialized()) { String javaSerializationDataFormat = Variables.SerializationDataFormats.JAVA.getName(); String requestedDataFormat = serializableValue.getSerializationDataFormat(); if (requestedDataFormat == null) { // check if Java serializer will be used final TypedValueSerializer serializerForValue = TypedValueField.getSerializers() .findSerializerForValue(serializableValue, processEngineConfiguration.getFallbackSerializerFactory()); if (serializerForValue != null) { requestedDataFormat = serializerForValue.getSerializationDataformat(); } } if (javaSerializationDataFormat.equals(requestedDataFormat)) { throw ProcessEngineLogger.CORE_LOGGER.javaSerializationProhibitedException(variableName); } } } }
protected TypedValueSerializer determineSerializer(VariableSerializers serializers, TypedValue value) { TypedValueSerializer serializer = serializers.findSerializerForValue(value); if(serializer.getType() == ValueType.BYTES){ throw new ProcessEngineException("Variables of type ByteArray cannot be used to query"); } else if(serializer.getType() == ValueType.FILE){ throw new ProcessEngineException("Variables of type File cannot be used to query"); } else if(serializer instanceof JPAVariableSerializer) { if(wrappedQueryValue.getOperator() != QueryOperator.EQUALS) { throw new ProcessEngineException("JPA entity variables can only be used in 'variableValueEquals'"); } } else { if(!serializer.getType().isPrimitiveValueType()) { throw new ProcessEngineException("Object values cannot be used to query"); } } return serializer; }
public TypedValue setValue(TypedValue value) { // determine serializer to use serializer = getSerializers().findSerializerForValue(value, Context.getProcessEngineConfiguration().getFallbackSerializerFactory()); serializerName = serializer.getName(); if(value instanceof UntypedValueImpl) { // type has been detected value = serializer.convertToTypedValue((UntypedValueImpl) value); } // set new value writeValue(value, valueFields); // cache the value cachedValue = value; // ensure that we serialize the object on command context flush // if it can be implicitly changed if (notifyOnImplicitUpdates && isMutableValue(cachedValue)) { Context.getCommandContext().registerCommandContextListener(this); } return value; }