From 4f5b44bd3bd490309eb2ba7b44df4769816ba729 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Nicolas=20L=C5=93uillet?= Date: Sat, 3 Aug 2013 19:26:54 +0200 Subject: twig implementation --- inc/3rdparty/Twig/Sandbox/SecurityPolicy.php | 119 --------------------------- 1 file changed, 119 deletions(-) delete mode 100644 inc/3rdparty/Twig/Sandbox/SecurityPolicy.php (limited to 'inc/3rdparty/Twig/Sandbox/SecurityPolicy.php') diff --git a/inc/3rdparty/Twig/Sandbox/SecurityPolicy.php b/inc/3rdparty/Twig/Sandbox/SecurityPolicy.php deleted file mode 100644 index 66ee2332..00000000 --- a/inc/3rdparty/Twig/Sandbox/SecurityPolicy.php +++ /dev/null @@ -1,119 +0,0 @@ - - */ -class Twig_Sandbox_SecurityPolicy implements Twig_Sandbox_SecurityPolicyInterface -{ - protected $allowedTags; - protected $allowedFilters; - protected $allowedMethods; - protected $allowedProperties; - protected $allowedFunctions; - - public function __construct(array $allowedTags = array(), array $allowedFilters = array(), array $allowedMethods = array(), array $allowedProperties = array(), array $allowedFunctions = array()) - { - $this->allowedTags = $allowedTags; - $this->allowedFilters = $allowedFilters; - $this->setAllowedMethods($allowedMethods); - $this->allowedProperties = $allowedProperties; - $this->allowedFunctions = $allowedFunctions; - } - - public function setAllowedTags(array $tags) - { - $this->allowedTags = $tags; - } - - public function setAllowedFilters(array $filters) - { - $this->allowedFilters = $filters; - } - - public function setAllowedMethods(array $methods) - { - $this->allowedMethods = array(); - foreach ($methods as $class => $m) { - $this->allowedMethods[$class] = array_map('strtolower', is_array($m) ? $m : array($m)); - } - } - - public function setAllowedProperties(array $properties) - { - $this->allowedProperties = $properties; - } - - public function setAllowedFunctions(array $functions) - { - $this->allowedFunctions = $functions; - } - - public function checkSecurity($tags, $filters, $functions) - { - foreach ($tags as $tag) { - if (!in_array($tag, $this->allowedTags)) { - throw new Twig_Sandbox_SecurityError(sprintf('Tag "%s" is not allowed.', $tag)); - } - } - - foreach ($filters as $filter) { - if (!in_array($filter, $this->allowedFilters)) { - throw new Twig_Sandbox_SecurityError(sprintf('Filter "%s" is not allowed.', $filter)); - } - } - - foreach ($functions as $function) { - if (!in_array($function, $this->allowedFunctions)) { - throw new Twig_Sandbox_SecurityError(sprintf('Function "%s" is not allowed.', $function)); - } - } - } - - public function checkMethodAllowed($obj, $method) - { - if ($obj instanceof Twig_TemplateInterface || $obj instanceof Twig_Markup) { - return true; - } - - $allowed = false; - $method = strtolower($method); - foreach ($this->allowedMethods as $class => $methods) { - if ($obj instanceof $class) { - $allowed = in_array($method, $methods); - - break; - } - } - - if (!$allowed) { - throw new Twig_Sandbox_SecurityError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, get_class($obj))); - } - } - - public function checkPropertyAllowed($obj, $property) - { - $allowed = false; - foreach ($this->allowedProperties as $class => $properties) { - if ($obj instanceof $class) { - $allowed = in_array($property, is_array($properties) ? $properties : array($properties)); - - break; - } - } - - if (!$allowed) { - throw new Twig_Sandbox_SecurityError(sprintf('Calling "%s" property on a "%s" object is not allowed.', $property, get_class($obj))); - } - } -} -- cgit v1.2.3