mirror of
https://github.com/slawkens/myaac.git
synced 2025-04-26 17:29:21 +02:00
8021308822
This fixes some errors on PHP 7.4 and contains even more fixes Also bumped PHP version to 5.5 as Twig requires it.
110 lines
2.3 KiB
PHP
110 lines
2.3 KiB
PHP
<?php
|
|
|
|
/*
|
|
* This file is part of Twig.
|
|
*
|
|
* (c) Fabien Potencier
|
|
*
|
|
* For the full copyright and license information, please view the LICENSE
|
|
* file that was distributed with this source code.
|
|
*/
|
|
|
|
namespace Twig\Extension;
|
|
|
|
use Twig\NodeVisitor\SandboxNodeVisitor;
|
|
use Twig\Sandbox\SecurityPolicyInterface;
|
|
use Twig\TokenParser\SandboxTokenParser;
|
|
|
|
/**
|
|
* @final
|
|
*/
|
|
class SandboxExtension extends AbstractExtension
|
|
{
|
|
protected $sandboxedGlobally;
|
|
protected $sandboxed;
|
|
protected $policy;
|
|
|
|
public function __construct(SecurityPolicyInterface $policy, $sandboxed = false)
|
|
{
|
|
$this->policy = $policy;
|
|
$this->sandboxedGlobally = $sandboxed;
|
|
}
|
|
|
|
public function getTokenParsers()
|
|
{
|
|
return [new SandboxTokenParser()];
|
|
}
|
|
|
|
public function getNodeVisitors()
|
|
{
|
|
return [new SandboxNodeVisitor()];
|
|
}
|
|
|
|
public function enableSandbox()
|
|
{
|
|
$this->sandboxed = true;
|
|
}
|
|
|
|
public function disableSandbox()
|
|
{
|
|
$this->sandboxed = false;
|
|
}
|
|
|
|
public function isSandboxed()
|
|
{
|
|
return $this->sandboxedGlobally || $this->sandboxed;
|
|
}
|
|
|
|
public function isSandboxedGlobally()
|
|
{
|
|
return $this->sandboxedGlobally;
|
|
}
|
|
|
|
public function setSecurityPolicy(SecurityPolicyInterface $policy)
|
|
{
|
|
$this->policy = $policy;
|
|
}
|
|
|
|
public function getSecurityPolicy()
|
|
{
|
|
return $this->policy;
|
|
}
|
|
|
|
public function checkSecurity($tags, $filters, $functions)
|
|
{
|
|
if ($this->isSandboxed()) {
|
|
$this->policy->checkSecurity($tags, $filters, $functions);
|
|
}
|
|
}
|
|
|
|
public function checkMethodAllowed($obj, $method)
|
|
{
|
|
if ($this->isSandboxed()) {
|
|
$this->policy->checkMethodAllowed($obj, $method);
|
|
}
|
|
}
|
|
|
|
public function checkPropertyAllowed($obj, $method)
|
|
{
|
|
if ($this->isSandboxed()) {
|
|
$this->policy->checkPropertyAllowed($obj, $method);
|
|
}
|
|
}
|
|
|
|
public function ensureToStringAllowed($obj)
|
|
{
|
|
if ($this->isSandboxed() && \is_object($obj) && method_exists($obj, '__toString')) {
|
|
$this->policy->checkMethodAllowed($obj, '__toString');
|
|
}
|
|
|
|
return $obj;
|
|
}
|
|
|
|
public function getName()
|
|
{
|
|
return 'sandbox';
|
|
}
|
|
}
|
|
|
|
class_alias('Twig\Extension\SandboxExtension', 'Twig_Extension_Sandbox');
|