You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@camel.apache.org by ja...@apache.org on 2020/09/30 11:55:54 UTC
[camel-quarkus] branch master updated: Document allowContextMapAll
native mode limitations
This is an automated email from the ASF dual-hosted git repository.
jamesnetherton pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/camel-quarkus.git
The following commit(s) were added to refs/heads/master by this push:
new fa37a04 Document allowContextMapAll native mode limitations
fa37a04 is described below
commit fa37a0423c7c3948b98bb33b06bfdb16ad76b0b5
Author: James Netherton <ja...@gmail.com>
AuthorDate: Wed Sep 30 10:23:10 2020 +0100
Document allowContextMapAll native mode limitations
Fixes #1807
---
.../ROOT/pages/reference/extensions/jolt.adoc | 5 +++++
.../pages/reference/extensions/json-validator.adoc | 5 +++++
.../ROOT/pages/reference/extensions/mustache.adoc | 5 +++++
.../ROOT/pages/reference/extensions/qute.adoc | 9 ++++++++
.../pages/reference/extensions/stringtemplate.adoc | 11 +++-------
.../ROOT/pages/reference/extensions/velocity.adoc | 11 +++-------
.../qute/runtime/src/main/doc/limitations.adoc | 5 +++++
.../runtime/src/main/doc/limitations.adoc | 6 ------
.../velocity/runtime/src/main/doc/limitations.adoc | 6 ------
.../quarkus/maven/UpdateExtensionDocPageMojo.java | 25 ++++++++++++++++++++++
.../doc-templates/extension-doc-page.adoc | 7 ++++++
11 files changed, 67 insertions(+), 28 deletions(-)
diff --git a/docs/modules/ROOT/pages/reference/extensions/jolt.adoc b/docs/modules/ROOT/pages/reference/extensions/jolt.adoc
index d58cd93..3149a19 100644
--- a/docs/modules/ROOT/pages/reference/extensions/jolt.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/jolt.adoc
@@ -33,6 +33,11 @@ Please refer to the above link for usage and configuration details.
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+
== Additional Camel Quarkus configuration
Beyond standard usages described above, a trick is needed when using jolt specs from classpath resources in native mode. In such a situation, one needs to explicitly embed the resources in the native executable by specifying the `include-patterns` option.
diff --git a/docs/modules/ROOT/pages/reference/extensions/json-validator.adoc b/docs/modules/ROOT/pages/reference/extensions/json-validator.adoc
index 727a11a..1389acd 100644
--- a/docs/modules/ROOT/pages/reference/extensions/json-validator.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/json-validator.adoc
@@ -33,6 +33,11 @@ Please refer to the above link for usage and configuration details.
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+
== Additional Camel Quarkus configuration
Beyond standard usages described above, a trick is needed when using json-validator templates from classpath resources in native mode. In such a situation, one needs to explicitly embed the resources in the native executable by specifying the `include-patterns` option.
diff --git a/docs/modules/ROOT/pages/reference/extensions/mustache.adoc b/docs/modules/ROOT/pages/reference/extensions/mustache.adoc
index 7e30fed..4890167 100644
--- a/docs/modules/ROOT/pages/reference/extensions/mustache.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/mustache.adoc
@@ -33,6 +33,11 @@ Please refer to the above link for usage and configuration details.
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+
== Additional Camel Quarkus configuration
Beyond standard usages described above, a trick is needed when using mustache templates from classpath resources in native mode. In such a situation, one needs to explicitly embed the resources in the native executable by specifying the `include-patterns` option.
diff --git a/docs/modules/ROOT/pages/reference/extensions/qute.adoc b/docs/modules/ROOT/pages/reference/extensions/qute.adoc
index 0dcd7c2..33d01c0 100644
--- a/docs/modules/ROOT/pages/reference/extensions/qute.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/qute.adoc
@@ -32,6 +32,15 @@ Check the xref:user-guide/index.adoc[User guide] for more information about writ
Please refer to the https://quarkus.io/guides/qute[Quarkus Qute].
+== Camel Quarkus limitations
+
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+
+
+
== Additional Camel Quarkus configuration
By default, all files located in the src/main/resources/templates directory and its subdirectories
diff --git a/docs/modules/ROOT/pages/reference/extensions/stringtemplate.adoc b/docs/modules/ROOT/pages/reference/extensions/stringtemplate.adoc
index 87c1b0e..202ad19 100644
--- a/docs/modules/ROOT/pages/reference/extensions/stringtemplate.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/stringtemplate.adoc
@@ -32,12 +32,7 @@ Please refer to the above link for usage and configuration details.
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
-== Camel Quarkus limitations
-
-If property `allowContextMapAll` is set to `true` there is a limitation in native mode. Reflective calls to methods
-of several classes in camel are not allowed (for example `org.apache.camel.support.DefaultExchange`). Therefore
-some expressions won't work (for example `<exchange.properties.*>).
-
-You can allow reflective calls to such classes (for example by using application.properties), but keep in mind that it brings
-some security risks.
+== allowContextMapAll option in native mode
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
diff --git a/docs/modules/ROOT/pages/reference/extensions/velocity.adoc b/docs/modules/ROOT/pages/reference/extensions/velocity.adoc
index 9432f7c..8254503 100644
--- a/docs/modules/ROOT/pages/reference/extensions/velocity.adoc
+++ b/docs/modules/ROOT/pages/reference/extensions/velocity.adoc
@@ -32,15 +32,10 @@ Please refer to the above link for usage and configuration details.
Check the xref:user-guide/index.adoc[User guide] for more information about writing Camel Quarkus applications.
-== Camel Quarkus limitations
-
-If property `allowContextMapAll` is set to `true` there is a limitation in native mode. Reflective calls to methods
-of several classes in camel are not allowed (for example `org.apache.camel.support.DefaultExchange`). Therefore
-some expressions won't work (for example `${exchange.properties.*}).
-
-You can allow reflective calls to such classes (for example by using application.properties), but keep in mind that it brings
-some security risks.
+== allowContextMapAll option in native mode
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
== Additional Camel Quarkus configuration
diff --git a/extensions/qute/runtime/src/main/doc/limitations.adoc b/extensions/qute/runtime/src/main/doc/limitations.adoc
new file mode 100644
index 0000000..654ee1c
--- /dev/null
+++ b/extensions/qute/runtime/src/main/doc/limitations.adoc
@@ -0,0 +1,5 @@
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+
diff --git a/extensions/stringtemplate/runtime/src/main/doc/limitations.adoc b/extensions/stringtemplate/runtime/src/main/doc/limitations.adoc
deleted file mode 100644
index af16d9e..0000000
--- a/extensions/stringtemplate/runtime/src/main/doc/limitations.adoc
+++ /dev/null
@@ -1,6 +0,0 @@
-If property `allowContextMapAll` is set to `true` there is a limitation in native mode. Reflective calls to methods
-of several classes in camel are not allowed (for example `org.apache.camel.support.DefaultExchange`). Therefore
-some expressions won't work (for example `<exchange.properties.*>).
-
-You can allow reflective calls to such classes (for example by using application.properties), but keep in mind that it brings
-some security risks.
\ No newline at end of file
diff --git a/extensions/velocity/runtime/src/main/doc/limitations.adoc b/extensions/velocity/runtime/src/main/doc/limitations.adoc
deleted file mode 100644
index 5e543e9..0000000
--- a/extensions/velocity/runtime/src/main/doc/limitations.adoc
+++ /dev/null
@@ -1,6 +0,0 @@
-If property `allowContextMapAll` is set to `true` there is a limitation in native mode. Reflective calls to methods
-of several classes in camel are not allowed (for example `org.apache.camel.support.DefaultExchange`). Therefore
-some expressions won't work (for example `${exchange.properties.*}).
-
-You can allow reflective calls to such classes (for example by using application.properties), but keep in mind that it brings
-some security risks.
diff --git a/tooling/maven-plugin/src/main/java/org/apache/camel/quarkus/maven/UpdateExtensionDocPageMojo.java b/tooling/maven-plugin/src/main/java/org/apache/camel/quarkus/maven/UpdateExtensionDocPageMojo.java
index ad42b10..ded4c14 100644
--- a/tooling/maven-plugin/src/main/java/org/apache/camel/quarkus/maven/UpdateExtensionDocPageMojo.java
+++ b/tooling/maven-plugin/src/main/java/org/apache/camel/quarkus/maven/UpdateExtensionDocPageMojo.java
@@ -46,6 +46,7 @@ import io.quarkus.annotation.processor.generate_doc.FsMap;
import org.apache.camel.catalog.Kind;
import org.apache.camel.tooling.model.ArtifactModel;
import org.apache.camel.tooling.model.BaseModel;
+import org.apache.camel.tooling.model.ComponentModel;
import org.apache.maven.model.Dependency;
import org.apache.maven.plugin.MojoExecutionException;
import org.apache.maven.plugin.MojoFailureException;
@@ -120,6 +121,8 @@ public class UpdateExtensionDocPageMojo extends AbstractDocGeneratorMojo {
model.put("limitations", loadSection(basePath, "limitations.adoc", charset, null));
model.put("activatesNativeSsl", ext.isNativeSupported() && detectNativeSsl(multiModuleProjectDirectory.toPath(),
basePath, ext.getRuntimeArtifactId(), ext.getDependencies(), nativeSslActivators));
+ model.put("activatesContextMapAll",
+ ext.isNativeSupported() && detectAllowContextMapAll(catalog, ext.getRuntimeArtifactIdBase()));
model.put("configOptions", listConfigOptions(basePath, multiModuleProjectDirectory.toPath()));
model.put("humanReadableKind", new TemplateMethodModelEx() {
@Override
@@ -316,6 +319,28 @@ public class UpdateExtensionDocPageMojo extends AbstractDocGeneratorMojo {
}
}
+ static boolean detectAllowContextMapAll(CqCatalog catalog, String artifactId) {
+ final String allowContextMapAll = "allowContextMapAll";
+ return catalog.filterModels(artifactId)
+ .filter(m -> m instanceof ComponentModel)
+ .map(m -> (ComponentModel) m)
+ .anyMatch(componentModel -> {
+ for (ComponentModel.ComponentOptionModel model : componentModel.getOptions()) {
+ if (model.getName().equals(allowContextMapAll)) {
+ return true;
+ }
+ }
+
+ for (ComponentModel.EndpointOptionModel model : componentModel.getEndpointOptions()) {
+ if (model.getName().equals(allowContextMapAll)) {
+ return true;
+ }
+ }
+
+ return false;
+ });
+ }
+
private static String loadSection(Path basePath, String fileName, Charset charset, String default_) {
Path p = basePath.resolve("src/main/doc/" + fileName);
if (Files.exists(p)) {
diff --git a/tooling/maven-plugin/src/main/resources/doc-templates/extension-doc-page.adoc b/tooling/maven-plugin/src/main/resources/doc-templates/extension-doc-page.adoc
index 9097d76..28e8bf4 100644
--- a/tooling/maven-plugin/src/main/resources/doc-templates/extension-doc-page.adoc
+++ b/tooling/maven-plugin/src/main/resources/doc-templates/extension-doc-page.adoc
@@ -55,6 +55,13 @@ This extension auto-enables SSL support in native mode. Hence you do not need to
`quarkus.ssl.native=true` to your `application.properties` yourself. See also
https://quarkus.io/guides/native-and-ssl[Quarkus SSL guide].
[/#if]
+[#if activatesContextMapAll ]
+
+== allowContextMapAll option in native mode
+
+The `allowContextMapAll` option is not supported in native mode as it requires reflective access to security sensitive camel core classes such as
+`CamelContext` & `Exchange`. This is considered a security risk and thus access to the feature is not provided by default.
+[/#if]
[#if configuration?? || configOptions?size != 0 ]
== Additional Camel Quarkus configuration