[midPoint-git] [Evolveum/midpoint] 807070: Fix mapping quality assessor.
Michal Zelenčík
noreply at github.com
Wed Oct 15 09:50:58 CEST 2025
Branch: refs/heads/improvement/10888
Home: https://github.com/Evolveum/midpoint
Commit: 807070210a7caab4367e4100fe8704f618e66a5c
https://github.com/Evolveum/midpoint/commit/807070210a7caab4367e4100fe8704f618e66a5c
Author: Michal Zelencik <michal.zelencik at evolveum.com>
Date: 2025-10-15 (Wed, 15 Oct 2025)
Changed paths:
M model/smart-impl/src/main/java/com/evolveum/midpoint/smart/impl/scoring/MappingsQualityAssessor.java
M model/smart-impl/src/test/java/com/evolveum/midpoint/smart/impl/TestMappingsSuggestionOperation.java
Log Message:
-----------
Fix mapping quality assessor.
- Redesign restrictedProfile() to safely allow Groovy scripts
with a minimal allow-list:
- Enable script evaluator and evaluators default (ALLOW) only for Groovy.
- Allow java.lang.String methods; explicitly deny a placeholder
execute method as a guardrail.
Keep bulk actions, function libraries disabled; privilege elevation denied.
To unsubscribe from these emails, change your notification settings at https://github.com/Evolveum/midpoint/settings/notifications
More information about the midPoint-svn
mailing list