ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Sandbox.php
Go to the documentation of this file.
1 <?php
2 
3 /*
4  * This file is part of Twig.
5  *
6  * (c) Fabien Potencier
7  *
8  * For the full copyright and license information, please view the LICENSE
9  * file that was distributed with this source code.
10  */
11 
15 class Twig_Extension_Sandbox extends Twig_Extension
16 {
17  protected $sandboxedGlobally;
18  protected $sandboxed;
19  protected $policy;
20 
21  public function __construct(Twig_Sandbox_SecurityPolicyInterface $policy, $sandboxed = false)
22  {
23  $this->policy = $policy;
24  $this->sandboxedGlobally = $sandboxed;
25  }
26 
27  public function getTokenParsers()
28  {
29  return array(new Twig_TokenParser_Sandbox());
30  }
31 
32  public function getNodeVisitors()
33  {
34  return array(new Twig_NodeVisitor_Sandbox());
35  }
36 
37  public function enableSandbox()
38  {
39  $this->sandboxed = true;
40  }
41 
42  public function disableSandbox()
43  {
44  $this->sandboxed = false;
45  }
46 
47  public function isSandboxed()
48  {
49  return $this->sandboxedGlobally || $this->sandboxed;
50  }
51 
52  public function isSandboxedGlobally()
53  {
54  return $this->sandboxedGlobally;
55  }
56 
57  public function setSecurityPolicy(Twig_Sandbox_SecurityPolicyInterface $policy)
58  {
59  $this->policy = $policy;
60  }
61 
62  public function getSecurityPolicy()
63  {
64  return $this->policy;
65  }
66 
67  public function checkSecurity($tags, $filters, $functions)
68  {
69  if ($this->isSandboxed()) {
70  $this->policy->checkSecurity($tags, $filters, $functions);
71  }
72  }
73 
74  public function checkMethodAllowed($obj, $method)
75  {
76  if ($this->isSandboxed()) {
77  $this->policy->checkMethodAllowed($obj, $method);
78  }
79  }
80 
81  public function checkPropertyAllowed($obj, $method)
82  {
83  if ($this->isSandboxed()) {
84  $this->policy->checkPropertyAllowed($obj, $method);
85  }
86  }
87 
88  public function ensureToStringAllowed($obj)
89  {
90  if ($this->isSandboxed() && is_object($obj)) {
91  $this->policy->checkMethodAllowed($obj, '__toString');
92  }
93 
94  return $obj;
95  }
96 
97  public function getName()
98  {
99  return 'sandbox';
100  }
101 }
102 
103 class_alias('Twig_Extension_Sandbox', 'Twig\Extension\SandboxExtension', false);
Twig_Extension_Sandbox\isSandboxed
isSandboxed()
Definition: Sandbox.php:47
Twig_Extension_Sandbox\setSecurityPolicy
setSecurityPolicy(Twig_Sandbox_SecurityPolicyInterface $policy)
Definition: Sandbox.php:57
Twig_Extension_Sandbox\getName
getName()
Returns the name of the extension.
Definition: Sandbox.php:97
Twig_Extension_Sandbox\__construct
__construct(Twig_Sandbox_SecurityPolicyInterface $policy, $sandboxed=false)
Definition: Sandbox.php:21
Twig_Extension_Sandbox\getTokenParsers
getTokenParsers()
Returns the token parser instances to add to the existing list.
Definition: Sandbox.php:27
Twig_Extension_Sandbox\ensureToStringAllowed
ensureToStringAllowed($obj)
Definition: Sandbox.php:88
Twig_Sandbox_SecurityPolicyInterface
Interfaces that all security policy classes must implements.
Definition: SecurityPolicyInterface.php:17
Twig_Extension_Sandbox\$sandboxed
$sandboxed
Definition: Sandbox.php:18
Twig_Extension_Sandbox\checkPropertyAllowed
checkPropertyAllowed($obj, $method)
Definition: Sandbox.php:81
Twig_Extension
Definition: Extension.php:12
Twig_Extension_Sandbox\isSandboxedGlobally
isSandboxedGlobally()
Definition: Sandbox.php:52
Twig_Extension_Sandbox\enableSandbox
enableSandbox()
Definition: Sandbox.php:37
Twig_Extension_Sandbox\getSecurityPolicy
getSecurityPolicy()
Definition: Sandbox.php:62
$tags
$tags
Definition: croninfo.php:19
Twig_Extension_Sandbox\$sandboxedGlobally
$sandboxedGlobally
Definition: Sandbox.php:17
array
Create styles array
The data for the language used.
Definition: 40duplicateStyle.php:19
Twig_Extension_Sandbox
Definition: Sandbox.php:15
Twig_Extension_Sandbox\$policy
$policy
Definition: Sandbox.php:19
Twig_Extension_Sandbox\getNodeVisitors
getNodeVisitors()
Returns the node visitor instances to add to the existing list.
Definition: Sandbox.php:32
Twig_TokenParser_Sandbox
Marks a section of a template as untrusted code that must be evaluated in the sandbox mode...
Definition: Sandbox.php:25
Twig_Extension_Sandbox\checkSecurity
checkSecurity($tags, $filters, $functions)
Definition: Sandbox.php:67
Twig_Extension_Sandbox\checkMethodAllowed
checkMethodAllowed($obj, $method)
Definition: Sandbox.php:74
Twig_Extension_Sandbox\disableSandbox
disableSandbox()
Definition: Sandbox.php:42
Twig_NodeVisitor_Sandbox
Twig_NodeVisitor_Sandbox implements sandboxing.
Definition: Sandbox.php:19