| [ Index ] |
PHP Cross Reference of phpBB-3.3.14-deutsch |
[Summary view] [Print] [Text view]
1 <?php 2 3 /* 4 * This file is part of Twig. 5 * 6 * (c) Fabien Potencier 7 * 8 * For the full copyright and license information, please view the LICENSE 9 * file that was distributed with this source code. 10 */ 11 12 namespace Twig\Extension; 13 14 use Twig\NodeVisitor\SandboxNodeVisitor; 15 use Twig\Sandbox\SecurityNotAllowedMethodError; 16 use Twig\Sandbox\SecurityNotAllowedPropertyError; 17 use Twig\Sandbox\SecurityPolicyInterface; 18 use Twig\Sandbox\SourcePolicyInterface; 19 use Twig\Source; 20 use Twig\TokenParser\SandboxTokenParser; 21 22 final class SandboxExtension extends AbstractExtension 23 { 24 private $sandboxedGlobally; 25 private $sandboxed; 26 private $policy; 27 private $sourcePolicy; 28 29 public function __construct(SecurityPolicyInterface $policy, $sandboxed = false, SourcePolicyInterface $sourcePolicy = null) 30 { 31 $this->policy = $policy; 32 $this->sandboxedGlobally = $sandboxed; 33 $this->sourcePolicy = $sourcePolicy; 34 } 35 36 public function getTokenParsers() 37 { 38 return [new SandboxTokenParser()]; 39 } 40 41 public function getNodeVisitors() 42 { 43 return [new SandboxNodeVisitor()]; 44 } 45 46 public function enableSandbox() 47 { 48 $this->sandboxed = true; 49 } 50 51 public function disableSandbox() 52 { 53 $this->sandboxed = false; 54 } 55 56 public function isSandboxed(Source $source = null) 57 { 58 return $this->sandboxedGlobally || $this->sandboxed || $this->isSourceSandboxed($source); 59 } 60 61 public function isSandboxedGlobally() 62 { 63 return $this->sandboxedGlobally; 64 } 65 66 private function isSourceSandboxed(?Source $source): bool 67 { 68 if (null === $source || null === $this->sourcePolicy) { 69 return false; 70 } 71 72 return $this->sourcePolicy->enableSandbox($source); 73 } 74 75 public function setSecurityPolicy(SecurityPolicyInterface $policy) 76 { 77 $this->policy = $policy; 78 } 79 80 public function getSecurityPolicy() 81 { 82 return $this->policy; 83 } 84 85 public function checkSecurity($tags, $filters, $functions, Source $source = null) 86 { 87 if ($this->isSandboxed($source)) { 88 $this->policy->checkSecurity($tags, $filters, $functions); 89 } 90 } 91 92 public function checkMethodAllowed($obj, $method, int $lineno = -1, Source $source = null) 93 { 94 if ($this->isSandboxed($source)) { 95 try { 96 $this->policy->checkMethodAllowed($obj, $method); 97 } catch (SecurityNotAllowedMethodError $e) { 98 $e->setSourceContext($source); 99 $e->setTemplateLine($lineno); 100 101 throw $e; 102 } 103 } 104 } 105 106 public function checkPropertyAllowed($obj, $property, int $lineno = -1, Source $source = null) 107 { 108 if ($this->isSandboxed($source)) { 109 try { 110 $this->policy->checkPropertyAllowed($obj, $property); 111 } catch (SecurityNotAllowedPropertyError $e) { 112 $e->setSourceContext($source); 113 $e->setTemplateLine($lineno); 114 115 throw $e; 116 } 117 } 118 } 119 120 public function ensureToStringAllowed($obj, int $lineno = -1, Source $source = null) 121 { 122 if ($this->isSandboxed($source) && \is_object($obj) && method_exists($obj, '__toString')) { 123 try { 124 $this->policy->checkMethodAllowed($obj, '__toString'); 125 } catch (SecurityNotAllowedMethodError $e) { 126 $e->setSourceContext($source); 127 $e->setTemplateLine($lineno); 128 129 throw $e; 130 } 131 } 132 133 return $obj; 134 } 135 } 136 137 class_alias('Twig\Extension\SandboxExtension', 'Twig_Extension_Sandbox');
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
| Generated: Mon Nov 25 19:05:08 2024 | Cross-referenced by PHPXref 0.7.1 |