ILIAS  release_5-3 Revision v5.3.23-19-g915713cf615
Sandbox.php
Go to the documentation of this file.
1<?php
2
3/*
4 * This file is part of Twig.
5 *
6 * (c) Fabien Potencier
7 *
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
10 */
11
15class Twig_Extension_Sandbox extends Twig_Extension
16{
17 protected $sandboxedGlobally;
18 protected $sandboxed;
19 protected $policy;
20
21 public function __construct(Twig_Sandbox_SecurityPolicyInterface $policy, $sandboxed = false)
22 {
23 $this->policy = $policy;
24 $this->sandboxedGlobally = $sandboxed;
25 }
26
27 public function getTokenParsers()
28 {
29 return array(new Twig_TokenParser_Sandbox());
30 }
31
32 public function getNodeVisitors()
33 {
34 return array(new Twig_NodeVisitor_Sandbox());
35 }
36
37 public function enableSandbox()
38 {
39 $this->sandboxed = true;
40 }
41
42 public function disableSandbox()
43 {
44 $this->sandboxed = false;
45 }
46
47 public function isSandboxed()
48 {
49 return $this->sandboxedGlobally || $this->sandboxed;
50 }
51
52 public function isSandboxedGlobally()
53 {
54 return $this->sandboxedGlobally;
55 }
56
57 public function setSecurityPolicy(Twig_Sandbox_SecurityPolicyInterface $policy)
58 {
59 $this->policy = $policy;
60 }
61
62 public function getSecurityPolicy()
63 {
64 return $this->policy;
65 }
66
67 public function checkSecurity($tags, $filters, $functions)
68 {
69 if ($this->isSandboxed()) {
70 $this->policy->checkSecurity($tags, $filters, $functions);
71 }
72 }
73
74 public function checkMethodAllowed($obj, $method)
75 {
76 if ($this->isSandboxed()) {
77 $this->policy->checkMethodAllowed($obj, $method);
78 }
79 }
80
81 public function checkPropertyAllowed($obj, $method)
82 {
83 if ($this->isSandboxed()) {
84 $this->policy->checkPropertyAllowed($obj, $method);
85 }
86 }
87
88 public function ensureToStringAllowed($obj)
89 {
90 if ($this->isSandboxed() && is_object($obj)) {
91 $this->policy->checkMethodAllowed($obj, '__toString');
92 }
93
94 return $obj;
95 }
96
97 public function getName()
98 {
99 return 'sandbox';
100 }
101}
102
103class_alias('Twig_Extension_Sandbox', 'Twig\Extension\SandboxExtension', false);
php
An exception for terminatinating execution or to throw for unit testing.
Twig_Extension_Sandbox
@final
Definition: Sandbox.php:16
Twig_Extension_Sandbox\$sandboxedGlobally
$sandboxedGlobally
Definition: Sandbox.php:17
Twig_Extension_Sandbox\checkPropertyAllowed
checkPropertyAllowed($obj, $method)
Definition: Sandbox.php:81
Twig_Extension_Sandbox\__construct
__construct(Twig_Sandbox_SecurityPolicyInterface $policy, $sandboxed=false)
Definition: Sandbox.php:21
Twig_Extension_Sandbox\$sandboxed
$sandboxed
Definition: Sandbox.php:18
Twig_Extension_Sandbox\checkMethodAllowed
checkMethodAllowed($obj, $method)
Definition: Sandbox.php:74
Twig_Extension_Sandbox\getNodeVisitors
getNodeVisitors()
Returns the node visitor instances to add to the existing list.
Definition: Sandbox.php:32
Twig_Extension_Sandbox\ensureToStringAllowed
ensureToStringAllowed($obj)
Definition: Sandbox.php:88
Twig_Extension_Sandbox\checkSecurity
checkSecurity($tags, $filters, $functions)
Definition: Sandbox.php:67
Twig_Extension_Sandbox\setSecurityPolicy
setSecurityPolicy(Twig_Sandbox_SecurityPolicyInterface $policy)
Definition: Sandbox.php:57
Twig_Extension_Sandbox\isSandboxed
isSandboxed()
Definition: Sandbox.php:47
Twig_Extension_Sandbox\getTokenParsers
getTokenParsers()
Returns the token parser instances to add to the existing list.
Definition: Sandbox.php:27
Twig_Extension_Sandbox\disableSandbox
disableSandbox()
Definition: Sandbox.php:42
Twig_Extension_Sandbox\$policy
$policy
Definition: Sandbox.php:19
Twig_Extension_Sandbox\isSandboxedGlobally
isSandboxedGlobally()
Definition: Sandbox.php:52
Twig_Extension_Sandbox\enableSandbox
enableSandbox()
Definition: Sandbox.php:37
Twig_Extension_Sandbox\getSecurityPolicy
getSecurityPolicy()
Definition: Sandbox.php:62
Twig_Extension_Sandbox\getName
getName()
Definition: Sandbox.php:97
Twig_Extension
Definition: Extension.php:13
Twig_NodeVisitor_Sandbox
Twig_NodeVisitor_Sandbox implements sandboxing.
Definition: Sandbox.php:20
Twig_TokenParser_Sandbox
Marks a section of a template as untrusted code that must be evaluated in the sandbox mode.
Definition: Sandbox.php:26
$tags
$tags
Definition: croninfo.php:19
Twig_Sandbox_SecurityPolicyInterface
Interfaces that all security policy classes must implements.
Definition: SecurityPolicyInterface.php:18