Skip to content

Commit

Permalink
[secure-mode] make allowlist interface
Browse files Browse the repository at this point in the history
  • Loading branch information
ethnzhng committed Jun 28, 2024
1 parent 4f53236 commit d019e01
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 6 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -14,13 +14,18 @@

import java.util.Set;

/** A class for properties that are allowlisted in Secure Mode. */
final class SecureModeAllowList {
/** Properties that are explicitly allowlisted in Secure Mode. */
interface SecureModeAllowList {

public static final Set<String> PROPERTIES_ALLOWLIST =
Set.of(
"engine",
"job_queue_size",
"max_idle_time",
"batch_size",
"max_batch_delay",
"minWorkers",
"maxWorkers",
"option.entryPoint",
"option.task",
"option.model_id",
Expand Down Expand Up @@ -61,6 +66,4 @@ final class SecureModeAllowList {
"option.max_lora_rank",
"option.lora_extra_vocab_size",
"option.max_cpu_loras");

private SecureModeAllowList() {}
}
Original file line number Diff line number Diff line change
Expand Up @@ -108,9 +108,9 @@ public static void validateSecurity(ModelInfo<?, ?> modelInfo) throws IOExceptio
*/
private static void validateProperties(ModelInfo<?, ?> modelInfo, Set<String> allowedKeys) {
Properties prop = modelInfo.getProperties();
Set<String> allowedKeysSet = new HashSet<>(allowedKeys);
allowedKeys = new HashSet<>(allowedKeys);
for (String key : prop.stringPropertyNames()) {
if (!allowedKeysSet.contains(key)) {
if (!allowedKeys.contains(key)) {
throw new IllegalConfigurationException(
"Property " + key + " is prohibited from being set in Secure Mode.");
}
Expand Down

0 comments on commit d019e01

Please sign in to comment.