...
 
Commits (2)
......@@ -4,7 +4,7 @@
<parent>
<artifactId>access-modifier</artifactId>
<groupId>org.kohsuke</groupId>
<version>1.14</version>
<version>1.16</version>
</parent>
<artifactId>access-modifier-annotation</artifactId>
......@@ -14,7 +14,7 @@
<dependency>
<groupId>org.jenkins-ci</groupId>
<artifactId>annotation-indexer</artifactId>
<version>1.4</version>
<version>1.12</version>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
......
......@@ -38,7 +38,7 @@ import org.kohsuke.accmod.restrictions.None;
* <p>
* Single execution of the enforcement check would create at most one instance
* of a given {@link AccessRestriction} type, so instance fields can be used to store
* heavy-weight objects or other indicies that you might need for implementing
* heavy-weight objects or other indices that you might need for implementing
* access control checks.
*
* @author Kohsuke Kawaguchi
......
......@@ -4,7 +4,7 @@
<parent>
<artifactId>access-modifier</artifactId>
<groupId>org.kohsuke</groupId>
<version>1.14</version>
<version>1.16</version>
</parent>
<artifactId>access-modifier-checker</artifactId>
<packaging>maven-plugin</packaging>
......@@ -22,6 +22,11 @@
<artifactId>access-modifier-annotation</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>access-modifier-suppressions</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.ow2.asm</groupId>
<artifactId>asm-debug-all</artifactId>
......
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>test</groupId>
<artifactId>disable-restrictions-wrong-annotation</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>api</artifactId>
<dependencies>
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-annotation</artifactId>
<version>@project.version@</version>
</dependency>
</dependencies>
</project>
\ No newline at end of file
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
public class ApiWithRestrictedMethodAndField {
@Restricted(NoExternalUse.class)
public String field;
@Restricted(NoExternalUse.class)
public static void notReallyPublic() {}
}
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
@Restricted(NoExternalUse.class)
public class RestrictedApi {
public String field;
public void doNotUse() {}
}
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
@Restricted(NoExternalUse.class)
public interface RestrictedInterface {
}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>test</groupId>
<artifactId>disable-restrictions-wrong-annotation</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>caller</artifactId>
<dependencies>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>api</artifactId>
<version>${project.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-checker</artifactId>
<version>@project.version@</version>
<executions>
<execution>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
\ No newline at end of file
package caller;
import api.ApiWithRestrictedMethodAndField;
public class Caller {
@WrongAnnotation(ApiWithRestrictedMethodAndField.class)
public Caller() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal
}
}
package caller;
import api.ApiWithRestrictedMethodAndField;
@WrongAnnotation(ApiWithRestrictedMethodAndField.class)
public class CallerDisabledAtClassLevel {
public CallerDisabledAtClassLevel() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal
}
}
\ No newline at end of file
/*
* The MIT License
*
* Copyright (c) 2018, Steve Arch
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package caller;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
@Retention(RUNTIME)
@Documented
@Target({ElementType.METHOD, ElementType.CONSTRUCTOR, ElementType.TYPE})
public @interface WrongAnnotation {
Class<?>[] value();
}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>disable-restrictions-wrong-annotation</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
</properties>
<modules>
<module>api</module>
<module>caller</module>
</modules>
</project>
\ No newline at end of file
assert new File(basedir, 'build.log').text.contains('[ERROR] caller/Caller:9 api/ApiWithRestrictedMethodAndField.notReallyPublic()V must not be used')
assert new File(basedir, 'build.log').text.contains('[ERROR] caller/CallerDisabledAtClassLevel:8 api/ApiWithRestrictedMethodAndField.notReallyPublic()V must not be used')
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>test</groupId>
<artifactId>disable-restrictions</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>api</artifactId>
<dependencies>
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-annotation</artifactId>
<version>@project.version@</version>
</dependency>
</dependencies>
</project>
\ No newline at end of file
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
public class ApiWithRestrictedMethodAndField {
@Restricted(NoExternalUse.class)
public String field;
@Restricted(NoExternalUse.class)
public static void notReallyPublic() {}
}
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
@Restricted(NoExternalUse.class)
public class RestrictedApi {
public String field;
public void doNotUse() {}
}
package api;
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.NoExternalUse;
@Restricted(NoExternalUse.class)
public interface RestrictedInterface {
}
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<groupId>test</groupId>
<artifactId>disable-restrictions</artifactId>
<version>1.0-SNAPSHOT</version>
</parent>
<artifactId>caller</artifactId>
<dependencies>
<dependency>
<groupId>${project.groupId}</groupId>
<artifactId>api</artifactId>
<version>${project.version}</version>
</dependency>
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-suppressions</artifactId>
<version>@project.version@</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-checker</artifactId>
<version>@project.version@</version>
<executions>
<execution>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
\ No newline at end of file
package caller;
import api.ApiWithRestrictedMethodAndField;
import api.RestrictedApi;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
public class Caller extends ApiWithRestrictedMethodAndField { // This is fine, ApiWithRestrictedMethodAndField itself is not restricted
private RestrictedApi restrictedApi;
@SuppressRestrictedWarnings(ApiWithRestrictedMethodAndField.class)
public Caller() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal but check disabled at the method level
}
@SuppressRestrictedWarnings({RestrictedApi.class, ApiWithRestrictedMethodAndField.class})
private void invalidFieldUse() {
restrictedApi.field = null;
super.field = null;
}
@SuppressRestrictedWarnings(ApiWithRestrictedMethodAndField.class)
public void callerMethod() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal but check disabled at the method level
}
@SuppressRestrictedWarnings(RestrictedApi.class)
public void methodWithRestrictedParameter(RestrictedApi api) {
api.doNotUse(); // illegal but check disabled at the method level
}
@SuppressRestrictedWarnings(RestrictedApi.class)
public RestrictedApi getRestrictedApi() {
return new RestrictedApi(); // illegal but check disabled at the method level
}
}
package caller;
import api.ApiWithRestrictedMethodAndField;
import api.RestrictedApi;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
@SuppressRestrictedWarnings( {ApiWithRestrictedMethodAndField.class, RestrictedApi.class})
public class CallerDisabledAtClassLevel extends RestrictedApi {
private RestrictedApi restrictedApi;
public CallerDisabledAtClassLevel() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal but check disabled at the class level
}
private void invalidFieldUse() {
restrictedApi.field = null;
super.field = null;
}
public void callerMethod() {
ApiWithRestrictedMethodAndField.notReallyPublic(); // illegal but check disabled at the class level
}
public void methodWithRestrictedParameter(RestrictedApi api) {
api.doNotUse(); // illegal but check disabled at the class level
}
public RestrictedApi getRestrictedApi() {
return new RestrictedApi(); // illegal but check disabled at the class level
}
}
\ No newline at end of file
package caller;
import api.RestrictedApi;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
@SuppressRestrictedWarnings(RestrictedApi.class)
public class RestrictedApiSubclass extends RestrictedApi {
}
package caller;
import api.RestrictedInterface;
import org.kohsuke.accmod.restrictions.suppressions.SuppressRestrictedWarnings;
@SuppressRestrictedWarnings(RestrictedInterface.class)
public class RestrictedInterfaceImplementation implements RestrictedInterface {
}
invoker.goals=clean package
invoker.buildResult = success
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>disable-restrictions</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>pom</packaging>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.7</maven.compiler.source>
<maven.compiler.target>1.7</maven.compiler.target>
</properties>
<modules>
<module>api</module>
<module>caller</module>
</modules>
</project>
\ No newline at end of file
<?xml version="1.0" encoding="UTF-8"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>test</groupId>
<artifactId>synthetics-method-impl</artifactId>
<version>1.0-SNAPSHOT</version>
<packaging>jar</packaging>
<properties>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
<maven.compiler.source>1.8</maven.compiler.source>
<maven.compiler.target>1.8</maven.compiler.target>
</properties>
<dependencies>
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-annotation</artifactId>
<version>@project.version@</version>
</dependency>
</dependencies>
<build>
<plugins>
<plugin>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-checker</artifactId>
<version>@project.version@</version>
<executions>
<execution>
<goals>
<goal>enforce</goal>
</goals>
</execution>
</executions>
</plugin>
</plugins>
</build>
</project>
abstract public class Base<T> {
abstract T doStuff();
}
import org.kohsuke.accmod.Restricted;
import org.kohsuke.accmod.restrictions.DoNotUse;
@Restricted(DoNotUse.class)
public class Subtype extends Base<Integer> {
@Override
public Integer doStuff() {
return 42;
}
}
......@@ -84,7 +84,7 @@ public class EnforcerMojo extends AbstractMojo {
public void onWarning(Throwable t, Location loc, String msg) {
getLog().warn(loc+" "+msg,t);
}
}, properties != null ? properties : new Properties());
}, properties != null ? properties : new Properties(), getLog());
{// if there's restriction list in the inspected module itself, load it as well
InputStream self = null;
......
<?xml version="1.0"?>
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<parent>
<artifactId>access-modifier</artifactId>
<groupId>org.kohsuke</groupId>
<version>1.16</version>
</parent>
<artifactId>access-modifier-suppressions</artifactId>
<name>Suppression for Access Modifier annotations</name>
<description>This module allows you to enable suppressions for turning off warnings about Restricted APIs.
!!!WARNING!!!
Classes are marked as @Restricted for a reason and this module should not be used lightly! It implies that the
author does not intend for them to be used outside their defined scope and as such they may be
changed/modified/removed at any stage without warning. A simple upgrade of the dependency may break your module. Use
at your own risk.
You should try to not use @Restricted classes in the first place, but if you _must_ use them, this is a less-brutal
approach than just disabling the access-modifier-checker entirely
</description>
<dependencies>
<dependency>
<groupId>org.kohsuke</groupId>
<artifactId>access-modifier-annotation</artifactId>
<version>${project.version}</version>
</dependency>
</dependencies>
</project>
/*
* The MIT License
*
* Copyright (c) 2018, Steve Arch
*
* Permission is hereby granted, free of charge, to any person obtaining a copy
* of this software and associated documentation files (the "Software"), to deal
* in the Software without restriction, including without limitation the rights
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
* copies of the Software, and to permit persons to whom the Software is
* furnished to do so, subject to the following conditions:
*
* The above copyright notice and this permission notice shall be included in
* all copies or substantial portions of the Software.
*
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
* AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
* THE SOFTWARE.
*/
package org.kohsuke.accmod.restrictions.suppressions;
import java.lang.annotation.Documented;
import java.lang.annotation.ElementType;
import java.lang.annotation.Retention;
import java.lang.annotation.Target;
import org.kohsuke.accmod.Restricted;
import static java.lang.annotation.RetentionPolicy.RUNTIME;
/**
* <p>Indicates that certain classes annotated with {@link Restricted} annotations should be skipped during the
* access-modifier-check.</p>
*
* <p><b>Warning!</b> Classes are markes as {@link Restricted} for a reason! Do not use these suppressions lightly.
* Use at your own risk</p>
*
* @author Steve Arch
*/
@Retention(RUNTIME)
@Documented
@Target({ElementType.METHOD, ElementType.CONSTRUCTOR, ElementType.TYPE})
public @interface SuppressRestrictedWarnings {
/**
* The classes that are marked as {@link Restricted} that should be skipped from the scan.
*/
Class<?>[] value();
}
......@@ -9,7 +9,7 @@
</parent>
<artifactId>access-modifier</artifactId>
<version>1.14</version>
<version>1.16</version>
<name>Custom access modifier for Java</name>
<packaging>pom</packaging>
......@@ -18,6 +18,7 @@
<modules>
<module>access-modifier-annotation</module>
<module>access-modifier-checker</module>
<module>access-modifier-suppressions</module>
</modules>
<distributionManagement>
......@@ -31,7 +32,7 @@
<connection>scm:git:git@github.com/kohsuke/${project.artifactId}.git</connection>
<developerConnection>scm:git:ssh://git@github.com/kohsuke/${project.artifactId}.git</developerConnection>
<url>http://${project.artifactId}.kohsuke.org/</url>
<tag>access-modifier-1.14</tag>
<tag>access-modifier-1.16</tag>
</scm>
<developers>
......