Security settings for Scripting environment

Solved6.83K viewsScripting
0

This arose in another context and I haven’t seen a response from the Quantrix side, so surfacing it here to make visible.

The current environment for scripting appears to use the default Java Security Policy i.e. scripts are treated as though they were applets in a browser. This means scripts have no access to the local machine i.e. they can’t load or save files, etc.

Is this intended to be the case? If so it would be highly desirable if it were possible to set an alternative security policy as an option. This would probably require a user warning/confirmation to be issued when loading such a script – similar to loading VBA scripts in Excel.

Thanks

Simon

0

Dominik:

External JARs can be imported as of 4.0.42. For security reasons, we decided to use a single blessed location for external libraries rather than making the entire class path available to scripting. To install a library for use with scripting, follow these steps:

1) Open the folder on your hard drive where Quantrix is installed, and within that folder create a subfolder called “ScriptingLibs”.

2) Place any JARs you need to use within the ScriptingLibs folder.

3) Restart Quantrix if necessary. In your script, import the classes you would like to use as you would in normal Groovy or Java source.

Simon:

We’re reluctant to expand scripting capabilities hastily, for two reasons. First, scripting is mainly intended as a tool for automating routine tasks within a model. We would like scripting to be robust, but also simple to use and not so powerful that it blurs the line between an accessible feature and something more heavy duty. The second consideration is security. Allowing file system access, even with user consent, is problematic because a naive user may not always understand what they are consenting to.

We feel that if you need to perform file system operations beyond opening, closing, and exporting models, you may be better off going with the QDK. For routine operations on model files, the [font=”Courier New”]quantrix[/font] global object provides the following methods for creating, opening and navigating models:

[code:3w0m4lfk]
createModel
openModel
getModelNamed
openModels [a property]
[/code:3w0m4lfk]

And the [font=”Courier New”]model[/font] global object offers the following methods for saving, exporting, or closing an open model:

[code:3w0m4lfk]
save
saveAs
exportExcel
exportHTML
close[/code:3w0m4lfk]

Correct me if I’m wrong, but printing seems less like something you would need particular permissions for, and more like something we would incorporate into the scripting API as a method on printable objects (which we are willing to look into).

I realize this might not be exactly the answer you’re looking for, but hopefully it’s somewhat helpful.

Regards,
Ben

You are viewing 1 out of 13 answers, click here to view all answers.

Latest Questions