Jenkins : Groovy : Scripts not permitted to use method groovy.lang.GroovyObject getProperty java.lang.String

Question

org.jenkinsci.plugins.scriptsecurity.sandbox.RejectedAccessException:

Scripts not permitted to use method groovy.lang.GroovyObject

getProperty

java.lang.String (com.cccis.telematics.build.Templates.run_jgitflow_template)

at org.jenkinsci.plugins.scriptsecurity.sandbox.whitelists.StaticWhitelist.rejectMethod

(StaticWhitelist.java:180)

Jeff Maass · Accepted Answer

What happened here is that the property didn't exist as named on the object in question, so Groovy began introspecting the object looking for it. I suppose that allowing introspection could lead to security vulnerabilities.

reproduce:

class Foo
{
   String FOOSPRoperty
}

def a_method()
{
  Foo f = new Foo()
  f.foosPROPERTY.replace( "x", "y" )
}

Jenkins : Groovy : Scripts not permitted to use method groovy.lang.GroovyObject getProperty java.lang.String

Answers (1)

Related Questions