2.1/user/src/com/google/gwt/user/server/rpc/impl/LegacySerializationPolicy.java - gwt - Git at Google

 /*
  * Copyright 2008 Google Inc.
  *
  * Licensed under the Apache License, Version 2.0 (the "License"); you may not
  * use this file except in compliance with the License. You may obtain a copy of
  * the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  * License for the specific language governing permissions and limitations under
  * the License.
  */
 package com.google.gwt.user.server.rpc.impl;

 import com.google.gwt.user.client.rpc.IsSerializable;
 import com.google.gwt.user.client.rpc.SerializationException;
 import com.google.gwt.user.server.rpc.SerializationPolicy;

 import java.io.Serializable;
 import java.util.Arrays;
 import java.util.HashSet;
 import java.util.Set;

 /**
  * A serialization policy compatible with GWT 1.3.3 RPC. This is used when no
  * serialization policy file is present.
  *
  * <p>
  * The set of allowed types are:
  * </p>
  * <ol>
  * <li>Primitives</li>
  * <li>Types assignable to {@link IsSerializable}</li>
  * <li>Types with custom field serializers</li>
  * <li>Arrays of the above types</li>
  * </ol>
  * <p>
  * Types that derive from {@link Serializable} but do not meet any of the above
  * criteria may not be serialized as leaf types. However, their fields may be
  * serialized as super types of a legal type.
  * </p>
  */
 public class LegacySerializationPolicy extends SerializationPolicy implements
     TypeNameObfuscator {

   private static final String ELISION_ERROR = "Type name elision in RPC "
       + "payloads is only supported if the RPC whitelist file is used.";

   /**
    * Many JRE types would appear to be {@link Serializable} on the server.
    * However, clients would not see these types as being {@link Serializable}
    * due to mismatches between the GWT JRE emulation and the real JRE. As a
    * workaround, this blacklist specifies a list of problematic types which
    * should be seen as not implementing {@link Serializable} for the purpose
    * matching the client's expectations. Note that a type on this list may still
    * be serializable via a custom serializer.
    */
   private static final Class<?>[] JRE_BLACKLIST = {
       java.lang.ArrayStoreException.class, java.lang.AssertionError.class,
       java.lang.Boolean.class, java.lang.Byte.class, java.lang.Character.class,
       java.lang.Class.class, java.lang.ClassCastException.class,
       java.lang.Double.class, java.lang.Error.class, java.lang.Float.class,
       java.lang.IllegalArgumentException.class,
       java.lang.IllegalStateException.class,
       java.lang.IndexOutOfBoundsException.class, java.lang.Integer.class,
       java.lang.Long.class, java.lang.NegativeArraySizeException.class,
       java.lang.NullPointerException.class, java.lang.Number.class,
       java.lang.NumberFormatException.class, java.lang.Short.class,
       java.lang.StackTraceElement.class, java.lang.String.class,
       java.lang.StringBuffer.class,
       java.lang.StringIndexOutOfBoundsException.class,
       java.lang.UnsupportedOperationException.class, java.util.ArrayList.class,
       java.util.ConcurrentModificationException.class, java.util.Date.class,
       java.util.EmptyStackException.class, java.util.EventObject.class,
       java.util.HashMap.class, java.util.HashSet.class,
       java.util.MissingResourceException.class,
       java.util.NoSuchElementException.class, java.util.Stack.class,
       java.util.TooManyListenersException.class, java.util.Vector.class};

   private static final Set<Class<?>> JRE_BLACKSET = new HashSet<Class<?>>(
       Arrays.asList(JRE_BLACKLIST));

   private static final LegacySerializationPolicy sInstance = new LegacySerializationPolicy();

   public static LegacySerializationPolicy getInstance() {
     return sInstance;
   }

   /**
    * Singleton.
    */
   private LegacySerializationPolicy() {
   }

   /**
    * Implemented to fail with a useful error message.
    */
   public final String getClassNameForTypeId(String id)
       throws SerializationException {
     throw new SerializationException(ELISION_ERROR);
   }

   /**
    * Implemented to fail with a useful error message.
    */
   public final String getTypeIdForClass(Class<?> clazz)
       throws SerializationException {
     throw new SerializationException(ELISION_ERROR);
   }

   @Override
   public boolean shouldDeserializeFields(Class<?> clazz) {
     return isFieldSerializable(clazz);
   }

   @Override
   public boolean shouldSerializeFields(Class<?> clazz) {
     return isFieldSerializable(clazz);
   }

   @Override
   public void validateDeserialize(Class<?> clazz) throws SerializationException {
     if (!isInstantiable(clazz)) {
       throw new SerializationException("Type '" + clazz.getName()
           + "' was not assignable to '" + IsSerializable.class.getName()
           + "' and did not have a custom field serializer. "
           + "For security purposes, this type will not be deserialized.");
     }
   }

   @Override
   public void validateSerialize(Class<?> clazz) throws SerializationException {
     if (!isInstantiable(clazz)) {
       throw new SerializationException("Type '" + clazz.getName()
           + "' was not assignable to '" + IsSerializable.class.getName()
           + "' and did not have a custom field serializer."
           + "For security purposes, this type will not be serialized.");
     }
   }

   /**
    * Field serializable types are primitives, {@line IsSerializable},
    * {@link Serializable}, types with custom serializers, and any arrays of
    * those types.
    */
   private boolean isFieldSerializable(Class<?> clazz) {
     if (isInstantiable(clazz)) {
       return true;
     }
     if (Serializable.class.isAssignableFrom(clazz)) {
       return !JRE_BLACKSET.contains(clazz);
     }
     return false;
   }

   /**
    * Instantiable types are primitives, {@line IsSerializable}, types with
    * custom serializers, and any arrays of those types. Merely
    * {@link Serializable} types cannot be instantiated or serialized directly
    * (only as super types of legacy serializable types).
    */
   private boolean isInstantiable(Class<?> clazz) {
     if (clazz.isPrimitive()) {
       return true;
     }
     if (clazz.isArray()) {
       return isInstantiable(clazz.getComponentType());
     }
     if (IsSerializable.class.isAssignableFrom(clazz)) {
       return true;
     }
     return SerializabilityUtil.hasCustomFieldSerializer(clazz) != null;
   }
 }
	/*
	* Copyright 2008 Google Inc.
	*
	* Licensed under the Apache License, Version 2.0 (the "License"); you may not
	* use this file except in compliance with the License. You may obtain a copy of
	* the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
	* WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
	* License for the specific language governing permissions and limitations under
	* the License.
	*/
	package com.google.gwt.user.server.rpc.impl;

	import com.google.gwt.user.client.rpc.IsSerializable;
	import com.google.gwt.user.client.rpc.SerializationException;
	import com.google.gwt.user.server.rpc.SerializationPolicy;

	import java.io.Serializable;
	import java.util.Arrays;
	import java.util.HashSet;
	import java.util.Set;

	/**
	* A serialization policy compatible with GWT 1.3.3 RPC. This is used when no
	* serialization policy file is present.
	*
	* <p>
	* The set of allowed types are:
	* </p>
	* <ol>
	* <li>Primitives</li>
	* <li>Types assignable to {@link IsSerializable}</li>
	* <li>Types with custom field serializers</li>
	* <li>Arrays of the above types</li>
	* </ol>
	* <p>
	* Types that derive from {@link Serializable} but do not meet any of the above
	* criteria may not be serialized as leaf types. However, their fields may be
	* serialized as super types of a legal type.
	* </p>
	*/
	public class LegacySerializationPolicy extends SerializationPolicy implements
	TypeNameObfuscator {

	private static final String ELISION_ERROR = "Type name elision in RPC "
	+ "payloads is only supported if the RPC whitelist file is used.";

	/**
	* Many JRE types would appear to be {@link Serializable} on the server.
	* However, clients would not see these types as being {@link Serializable}
	* due to mismatches between the GWT JRE emulation and the real JRE. As a
	* workaround, this blacklist specifies a list of problematic types which
	* should be seen as not implementing {@link Serializable} for the purpose
	* matching the client's expectations. Note that a type on this list may still
	* be serializable via a custom serializer.
	*/
	private static final Class<?>[] JRE_BLACKLIST = {
	java.lang.ArrayStoreException.class, java.lang.AssertionError.class,
	java.lang.Boolean.class, java.lang.Byte.class, java.lang.Character.class,
	java.lang.Class.class, java.lang.ClassCastException.class,
	java.lang.Double.class, java.lang.Error.class, java.lang.Float.class,
	java.lang.IllegalArgumentException.class,
	java.lang.IllegalStateException.class,
	java.lang.IndexOutOfBoundsException.class, java.lang.Integer.class,
	java.lang.Long.class, java.lang.NegativeArraySizeException.class,
	java.lang.NullPointerException.class, java.lang.Number.class,
	java.lang.NumberFormatException.class, java.lang.Short.class,
	java.lang.StackTraceElement.class, java.lang.String.class,
	java.lang.StringBuffer.class,
	java.lang.StringIndexOutOfBoundsException.class,
	java.lang.UnsupportedOperationException.class, java.util.ArrayList.class,
	java.util.ConcurrentModificationException.class, java.util.Date.class,
	java.util.EmptyStackException.class, java.util.EventObject.class,
	java.util.HashMap.class, java.util.HashSet.class,
	java.util.MissingResourceException.class,
	java.util.NoSuchElementException.class, java.util.Stack.class,
	java.util.TooManyListenersException.class, java.util.Vector.class};

	private static final Set<Class<?>> JRE_BLACKSET = new HashSet<Class<?>>(
	Arrays.asList(JRE_BLACKLIST));

	private static final LegacySerializationPolicy sInstance = new LegacySerializationPolicy();

	public static LegacySerializationPolicy getInstance() {
	return sInstance;
	}

	/**
	* Singleton.
	*/
	private LegacySerializationPolicy() {
	}

	/**
	* Implemented to fail with a useful error message.
	*/
	public final String getClassNameForTypeId(String id)
	throws SerializationException {
	throw new SerializationException(ELISION_ERROR);
	}

	/**
	* Implemented to fail with a useful error message.
	*/
	public final String getTypeIdForClass(Class<?> clazz)
	throws SerializationException {
	throw new SerializationException(ELISION_ERROR);
	}

	@Override
	public boolean shouldDeserializeFields(Class<?> clazz) {
	return isFieldSerializable(clazz);
	}

	@Override
	public boolean shouldSerializeFields(Class<?> clazz) {
	return isFieldSerializable(clazz);
	}

	@Override
	public void validateDeserialize(Class<?> clazz) throws SerializationException {
	if (!isInstantiable(clazz)) {
	throw new SerializationException("Type '" + clazz.getName()
	+ "' was not assignable to '" + IsSerializable.class.getName()
	+ "' and did not have a custom field serializer. "
	+ "For security purposes, this type will not be deserialized.");
	}
	}

	@Override
	public void validateSerialize(Class<?> clazz) throws SerializationException {
	if (!isInstantiable(clazz)) {
	throw new SerializationException("Type '" + clazz.getName()
	+ "' was not assignable to '" + IsSerializable.class.getName()
	+ "' and did not have a custom field serializer."
	+ "For security purposes, this type will not be serialized.");
	}
	}

	/**
	* Field serializable types are primitives, {@line IsSerializable},
	* {@link Serializable}, types with custom serializers, and any arrays of
	* those types.
	*/
	private boolean isFieldSerializable(Class<?> clazz) {
	if (isInstantiable(clazz)) {
	return true;
	}
	if (Serializable.class.isAssignableFrom(clazz)) {
	return !JRE_BLACKSET.contains(clazz);
	}
	return false;
	}

	/**
	* Instantiable types are primitives, {@line IsSerializable}, types with
	* custom serializers, and any arrays of those types. Merely
	* {@link Serializable} types cannot be instantiated or serialized directly
	* (only as super types of legacy serializable types).
	*/
	private boolean isInstantiable(Class<?> clazz) {
	if (clazz.isPrimitive()) {
	return true;
	}
	if (clazz.isArray()) {
	return isInstantiable(clazz.getComponentType());
	}
	if (IsSerializable.class.isAssignableFrom(clazz)) {
	return true;
	}
	return SerializabilityUtil.hasCustomFieldSerializer(clazz) != null;
	}
	}