[Improve] maven build args check improvement

apache · Dec 23, 2023 · cfb9cd0 · cfb9cd0
1 parent 170d487
commit cfb9cd0
Showing 1 changed file with 26 additions and 11 deletions.
diff --git a/...park-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java b/...park-console-service/src/main/java/org/apache/streampark/console/core/entity/Project.java
@@ -46,6 +46,8 @@
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 import java.util.stream.Collectors;
 
 @Slf4j
@@ -210,39 +212,49 @@ public String getMavenArgs() {
     StringBuilder cmdBuffer = new StringBuilder(mvn).append(" clean package -DskipTests ");
 
     if (StringUtils.isNotBlank(this.buildArgs)) {
-      List<String> dangerArgs = getDangerArgs(this.buildArgs);
-      if (dangerArgs.isEmpty()) {
+      String dangerArgs = getDangerArgs(this.buildArgs);
+      if (dangerArgs == null) {
         cmdBuffer.append(this.buildArgs.trim());
       } else {
         throw new IllegalArgumentException(
             String.format(
-                "Invalid build args, dangerous operation symbol detected: %s, in your buildArgs: %s",
-                dangerArgs.stream().collect(Collectors.joining(",")), this.buildArgs));
+                "Invalid maven argument, dangerous args: %s, in your buildArgs: %s",
+                dangerArgs, this.buildArgs));
       }
     }
 
     String setting = InternalConfigHolder.get(CommonConfig.MAVEN_SETTINGS_PATH());
     if (StringUtils.isNotBlank(setting)) {
-      List<String> dangerArgs = getDangerArgs(setting);
-      if (dangerArgs.isEmpty()) {
+      String dangerArgs = getDangerArgs(setting);
+      if (dangerArgs == null) {
         File file = new File(setting);
         if (file.exists() && file.isFile()) {
           cmdBuffer.append(" --settings ").append(setting);
         } else {
           throw new IllegalArgumentException(
-              String.format("Invalid maven setting path, %s no exists or not file", setting));
+              String.format("Invalid maven-setting file path, %s no exists or not file", setting));
         }
       } else {
         throw new IllegalArgumentException(
             String.format(
-                "Invalid maven setting path, dangerous operation symbol detected: %s, in your maven setting path: %s",
-                dangerArgs.stream().collect(Collectors.joining(",")), setting));
+                "Invalid maven-setting file path, dangerous args: %s, in your maven setting path: %s",
+                dangerArgs, setting));
       }
     }
     return cmdBuffer.toString();
   }
 
-  private List<String> getDangerArgs(String param) {
+  private String getDangerArgs(String param) {
+    Pattern pattern = Pattern.compile("(`.*?`)|(\\$\\((.*?)\\))");
+    Matcher matcher = pattern.matcher(param);
+    if (matcher.find()) {
+      String dangerArgs = matcher.group(1);
+      if (dangerArgs == null) {
+        dangerArgs = matcher.group(2);
+      }
+      return dangerArgs;
+    }
+
     String[] args = param.split("\\s+");
     List<String> dangerArgs = new ArrayList<>();
     for (String arg : args) {
@@ -263,7 +275,10 @@ private List<String> getDangerArgs(String param) {
         }
       }
     }
-    return dangerArgs;
+    if (!dangerArgs.isEmpty()) {
+      return dangerArgs.stream().collect(Collectors.joining(","));
+    }
+    return null;
   }
 
   @JsonIgnore