hdabo_sf: vendor/twig/lib/Twig/Extension/Sandbox.php@7f95f8617b0b (annotated)

0 7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	1	<?php
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	2
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	3	/*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	4	* This file is part of Twig.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	5	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	6	* (c) 2009 Fabien Potencier
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	7	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	8	* For the full copyright and license information, please view the LICENSE
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	9	* file that was distributed with this source code.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	10	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	11	class Twig_Extension_Sandbox extends Twig_Extension
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	12	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	13	protected $sandboxedGlobally;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	14	protected $sandboxed;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	15	protected $policy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	16
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	17	public function __construct(Twig_Sandbox_SecurityPolicyInterface $policy, $sandboxed = false)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	18	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	19	$this->policy = $policy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	20	$this->sandboxedGlobally = $sandboxed;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	21	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	22
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	23	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	24	* Returns the token parser instances to add to the existing list.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	25	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	26	* @return array An array of Twig_TokenParserInterface or Twig_TokenParserBrokerInterface instances
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	27	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	28	public function getTokenParsers()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	29	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	30	return array(new Twig_TokenParser_Sandbox());
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	31	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	32
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	33	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	34	* Returns the node visitor instances to add to the existing list.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	35	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	36	* @return array An array of Twig_NodeVisitorInterface instances
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	37	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	38	public function getNodeVisitors()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	39	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	40	return array(new Twig_NodeVisitor_Sandbox());
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	41	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	42
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	43	public function enableSandbox()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	44	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	45	$this->sandboxed = true;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	46	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	47
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	48	public function disableSandbox()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	49	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	50	$this->sandboxed = false;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	51	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	52
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	53	public function isSandboxed()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	54	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	55	return $this->sandboxedGlobally \|\| $this->sandboxed;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	56	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	57
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	58	public function isSandboxedGlobally()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	59	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	60	return $this->sandboxedGlobally;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	61	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	62
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	63	public function setSecurityPolicy(Twig_Sandbox_SecurityPolicyInterface $policy)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	64	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	65	$this->policy = $policy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	66	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	67
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	68	public function getSecurityPolicy()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	69	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	70	return $this->policy;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	71	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	72
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	73	public function checkSecurity($tags, $filters, $functions)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	74	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	75	if ($this->isSandboxed()) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	76	$this->policy->checkSecurity($tags, $filters, $functions);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	77	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	78	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	79
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	80	public function checkMethodAllowed($obj, $method)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	81	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	82	if ($this->isSandboxed()) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	83	$this->policy->checkMethodAllowed($obj, $method);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	84	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	85	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	86
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	87	public function checkPropertyAllowed($obj, $method)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	88	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	89	if ($this->isSandboxed()) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	90	$this->policy->checkPropertyAllowed($obj, $method);
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	91	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	92	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	93
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	94	public function ensureToStringAllowed($obj)
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	95	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	96	if (is_object($obj)) {
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	97	$this->policy->checkMethodAllowed($obj, '__toString');
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	98	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	99
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	100	return $obj;
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	101	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	102
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	103	/**
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	104	* Returns the name of the extension.
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	105	*
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	106	* @return string The extension name
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	107	*/
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	108	public function getName()
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	109	{
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	110	return 'sandbox';
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	111	}
7f95f8617b0b first commit ymh <ymh.work@gmail.com> parents: diff changeset	112	}

author	ymh <ymh.work@gmail.com>
	Sat, 24 Sep 2011 15:40:41 +0200
changeset 0	7f95f8617b0b
permissions	-rwxr-xr-x