Matthias Andreas Benkard | 12a5735 | 2021-12-28 18:02:04 +0100 | [diff] [blame^] | 1 | <?php |
| 2 | |
| 3 | /* |
| 4 | * This file is part of Twig. |
| 5 | * |
| 6 | * (c) Fabien Potencier |
| 7 | * |
| 8 | * For the full copyright and license information, please view the LICENSE |
| 9 | * file that was distributed with this source code. |
| 10 | */ |
| 11 | |
| 12 | namespace Twig\Node; |
| 13 | |
| 14 | use Twig\Compiler; |
| 15 | |
| 16 | /** |
| 17 | * @author Fabien Potencier <fabien@symfony.com> |
| 18 | */ |
| 19 | class CheckSecurityNode extends Node |
| 20 | { |
| 21 | private $usedFilters; |
| 22 | private $usedTags; |
| 23 | private $usedFunctions; |
| 24 | |
| 25 | public function __construct(array $usedFilters, array $usedTags, array $usedFunctions) |
| 26 | { |
| 27 | $this->usedFilters = $usedFilters; |
| 28 | $this->usedTags = $usedTags; |
| 29 | $this->usedFunctions = $usedFunctions; |
| 30 | |
| 31 | parent::__construct(); |
| 32 | } |
| 33 | |
| 34 | public function compile(Compiler $compiler): void |
| 35 | { |
| 36 | $tags = $filters = $functions = []; |
| 37 | foreach (['tags', 'filters', 'functions'] as $type) { |
| 38 | foreach ($this->{'used'.ucfirst($type)} as $name => $node) { |
| 39 | if ($node instanceof Node) { |
| 40 | ${$type}[$name] = $node->getTemplateLine(); |
| 41 | } else { |
| 42 | ${$type}[$node] = null; |
| 43 | } |
| 44 | } |
| 45 | } |
| 46 | |
| 47 | $compiler |
| 48 | ->write("\n") |
| 49 | ->write("public function checkSecurity()\n") |
| 50 | ->write("{\n") |
| 51 | ->indent() |
| 52 | ->write('static $tags = ')->repr(array_filter($tags))->raw(";\n") |
| 53 | ->write('static $filters = ')->repr(array_filter($filters))->raw(";\n") |
| 54 | ->write('static $functions = ')->repr(array_filter($functions))->raw(";\n\n") |
| 55 | ->write("try {\n") |
| 56 | ->indent() |
| 57 | ->write("\$this->sandbox->checkSecurity(\n") |
| 58 | ->indent() |
| 59 | ->write(!$tags ? "[],\n" : "['".implode("', '", array_keys($tags))."'],\n") |
| 60 | ->write(!$filters ? "[],\n" : "['".implode("', '", array_keys($filters))."'],\n") |
| 61 | ->write(!$functions ? "[]\n" : "['".implode("', '", array_keys($functions))."']\n") |
| 62 | ->outdent() |
| 63 | ->write(");\n") |
| 64 | ->outdent() |
| 65 | ->write("} catch (SecurityError \$e) {\n") |
| 66 | ->indent() |
| 67 | ->write("\$e->setSourceContext(\$this->source);\n\n") |
| 68 | ->write("if (\$e instanceof SecurityNotAllowedTagError && isset(\$tags[\$e->getTagName()])) {\n") |
| 69 | ->indent() |
| 70 | ->write("\$e->setTemplateLine(\$tags[\$e->getTagName()]);\n") |
| 71 | ->outdent() |
| 72 | ->write("} elseif (\$e instanceof SecurityNotAllowedFilterError && isset(\$filters[\$e->getFilterName()])) {\n") |
| 73 | ->indent() |
| 74 | ->write("\$e->setTemplateLine(\$filters[\$e->getFilterName()]);\n") |
| 75 | ->outdent() |
| 76 | ->write("} elseif (\$e instanceof SecurityNotAllowedFunctionError && isset(\$functions[\$e->getFunctionName()])) {\n") |
| 77 | ->indent() |
| 78 | ->write("\$e->setTemplateLine(\$functions[\$e->getFunctionName()]);\n") |
| 79 | ->outdent() |
| 80 | ->write("}\n\n") |
| 81 | ->write("throw \$e;\n") |
| 82 | ->outdent() |
| 83 | ->write("}\n\n") |
| 84 | ->outdent() |
| 85 | ->write("}\n") |
| 86 | ; |
| 87 | } |
| 88 | } |