refactor(接口测试): 优化脚本关键字过滤机制

Signed-off-by: fit2-zhao <yong.zhao@fit2cloud.com>
This commit is contained in:
fit2-zhao 2023-03-20 16:26:38 +08:00 committed by 刘瑞斌
parent 5da6dbe3e5
commit fabf5ed317
6 changed files with 24 additions and 2 deletions

View File

@ -9,17 +9,32 @@ import org.apache.commons.lang3.StringUtils;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
public class ScriptFilter {
public static final String beanshell = "/blacklist/beanshell.bk";
public static final String groovy = "/blacklist/groovy.bk";
public static final String python = "/blacklist/python.bk";
// 关键字内容较小全局缓存下来避免重复读取
public static final Map<String, List<String>> scriptCache = new HashMap<>();
private static void blackList(StringBuffer buffer, String script, String path) {
public static void initScript(String path) {
try {
InputStream in = ScriptFilter.class.getResourceAsStream(path);
List<String> bks = IOUtils.readLines(in, Charset.defaultCharset());
if (CollectionUtils.isNotEmpty(bks)) {
scriptCache.put(path, bks);
}
} catch (Exception ex) {
LogUtil.error(ex.getMessage());
}
}
private static void blackList(StringBuffer buffer, String script, String path) {
try {
List<String> bks = scriptCache.get(path);
if (CollectionUtils.isNotEmpty(bks)) {
bks.forEach(item -> {
if (script.contains(item) && script.indexOf(item) != -1) {

View File

@ -1,6 +1,7 @@
package io.metersphere.listener;
import com.mchange.lang.IntegerUtils;
import io.metersphere.api.dto.shell.filter.ScriptFilter;
import io.metersphere.api.exec.queue.ExecThreadPoolExecutor;
import io.metersphere.api.jmeter.JMeterService;
import io.metersphere.commons.constants.ScheduleGroup;
@ -56,6 +57,11 @@ public class ApiAppStartListener implements ApplicationRunner {
LogUtil.info("================= API 应用启动 =================");
System.setProperty("jmeter.home", jmeterHome);
LogUtil.info("初始化安全过滤脚本");
ScriptFilter.initScript(ScriptFilter.beanshell);
ScriptFilter.initScript(ScriptFilter.python);
ScriptFilter.initScript(ScriptFilter.groovy);
LogUtil.info("加载自定义插件");
pluginService.loadPlugins();

View File

@ -9,7 +9,7 @@ import org.springframework.stereotype.Component;
public class ApiExecutionQueueListener {
private ApiExecutionQueueService queueService;
@Scheduled(cron = "0 0/5 * * * ?")
@Scheduled(cron = "0 0/10 0/1 * * ?")
public void execute() {
if (queueService == null) {
queueService = CommonBeanFactory.getBean(ApiExecutionQueueService.class);

View File

@ -0,0 +1 @@
os.system