net.sourceforge.plantuml.security.SecurityProfile Maven / Gradle / Ivy
Show all versions of plantuml-mit Show documentation
// THIS FILE HAS BEEN GENERATED BY A PREPROCESSOR.
package net.sourceforge.plantuml.security;
/**
* There are 4 different security profile defined.
*
* The security profile to be used is set at the launch of PlantUML and cannot
* be changed by users. The security profile defines what an instance of
* PlantUML is allowed to do:
* - access some local file
* - connection to some remote URL
* - print some technical information to the users.
*
*
* The security profile is defined:
* - either by an environment variable
* - or an option at command line
*
* There is also a default value, which is LEGACY in this current
* implementation.
*
*/
public enum SecurityProfile {
// ::remove folder when __HAXE__
/**
* Running in SANDBOX mode is completely secure. No local file can be read
* (except dot executable) No remote URL access can be used No technical
* information are print to users.
*
* This mode is defined for test and debug, since it's not very useful for
* users. However, you can use it if you need to.
*/
SANDBOX,
/**
*
*/
ALLOWLIST,
/**
* This mode is designed for PlantUML running in a web server.
*
*/
INTERNET,
/**
* This mode reproduce old PlantUML version behaviour.
*
* Right now, this is the default Security Profile but this will be removed from
* future version because it is now full secure, especially on Internet server.
*/
LEGACY,
/**
* Running in UNSECURE mode means that PlantUML can access to any local file and
* can connect to any URL.
*
* Some technical information (file path, Java version) are also printed in some
* error messages. This is not an issue if you are running PlantUML locally. But
* you should not use this mode if PlantUML is running on some server,
* especially if the server is accessible from Internet.
*/
UNSECURE;
/**
* Initialize the default value.
*
* It search in some config variable if the user has defined a some default
* value.
*
* @return the value
*/
static SecurityProfile init() {
// ::comment when __CORE__
final String env = SecurityUtils.getenv("PLANTUML_SECURITY_PROFILE");
if ("SANDBOX".equalsIgnoreCase(env))
return SANDBOX;
else if ("ALLOWLIST".equalsIgnoreCase(env))
return ALLOWLIST;
else if ("INTERNET".equalsIgnoreCase(env))
return INTERNET;
else if ("UNSECURE".equalsIgnoreCase(env))
return UNSECURE;
// ::comment when __CORE__
return LEGACY;
}
/**
* A Human understandable description.
*/
public String longDescription() {
switch (this) {
case SANDBOX:
return "This is completely safe: no access to local files or to distant URL.";
case ALLOWLIST:
return "Some local resource may be accessible.";
case INTERNET:
return "Mode designed for server connected to Internet.";
case LEGACY:
return "Warning: this mode will be removed in future version";
case UNSECURE:
return "Make sure that this server is not accessible from Internet";
}
return "This is completely safe: no access on local files or on distant URL.";
}
/**
* Retrieve the timeout for URL.
*/
public long getTimeout() {
switch (this) {
case SANDBOX:
return 1000L;
case ALLOWLIST:
return 1000L * 60 * 5;
case INTERNET:
return 1000L * 10;
case LEGACY:
return 1000L * 60;
case UNSECURE:
return 1000L * 60 * 5;
}
throw new AssertionError();
}
public boolean canWeReadThisEnvironmentVariable(String name) {
if (name == null)
return false;
final String lname = name.toLowerCase();
if (lname.startsWith("plantuml.security"))
return false;
if (lname.startsWith("plantuml"))
return true;
if (lname.equals("path.separator") || lname.equals("line.separator"))
return true;
return this == UNSECURE;
}
}