groove/Part-DB-server
1
0
Fork 0
mirror of https://github.com/Part-DB/Part-DB-server.git synced 2025-12-11 05:29:30 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Fixed some inspection issues.

Browse source
This commit is contained in:
Jan Böhmer 2022-08-14 19:32:53 +02:00
parent eef26f7ae6
commit 639829f5c5
97 changed files with 305 additions and 185 deletions
Download patch file Download diff file Expand all files Collapse all files

20
src/Twig/Sandbox/InheritanceSecurityPolicy.php
View file

@ -22,6 +22,10 @@ use Twig\Sandbox\SecurityNotAllowedTagError;
use Twig\Sandbox\SecurityPolicyInterface;
use Twig\Template;
use function get_class;
use function in_array;
use function is_array;
/**
* Represents a security policy which need to be enforced when sandbox mode is enabled.
*
@ -61,7 +65,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
$this->allowedMethods = [];
foreach ($methods as $class => $m) {
$this->allowedMethods[$class] = array_map(
static function ($value) { return strtr($value, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); }, \is_array($m) ? $m : [$m]);
static function ($value) { return strtr($value, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz'); }, is_array($m) ? $m : [$m]);
}
}
@ -78,19 +82,19 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
public function checkSecurity($tags, $filters, $functions): void
{
foreach ($tags as $tag) {
if (!\in_array($tag, $this->allowedTags, true)) {
if (!in_array($tag, $this->allowedTags, true)) {
throw new SecurityNotAllowedTagError(sprintf('Tag "%s" is not allowed.', $tag), $tag);
}
}
foreach ($filters as $filter) {
if (!\in_array($filter, $this->allowedFilters, true)) {
if (!in_array($filter, $this->allowedFilters, true)) {
throw new SecurityNotAllowedFilterError(sprintf('Filter "%s" is not allowed.', $filter), $filter);
}
}
foreach ($functions as $function) {
if (!\in_array($function, $this->allowedFunctions, true)) {
if (!in_array($function, $this->allowedFunctions, true)) {
throw new SecurityNotAllowedFunctionError(sprintf('Function "%s" is not allowed.', $function), $function);
}
}
@ -106,7 +110,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
$method = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
foreach ($this->allowedMethods as $class => $methods) {
if ($obj instanceof $class) {
$allowed = \in_array($method, $methods, true);
$allowed = in_array($method, $methods, true);
//CHANGED: Only break if we the method is allowed, otherwise try it on the other methods
if ($allowed) {
@ -116,7 +120,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
}
if (!$allowed) {
$class = \get_class($obj);
$class = get_class($obj);
throw new SecurityNotAllowedMethodError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, $class), $class, $method);
}
@ -127,7 +131,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
$allowed = false;
foreach ($this->allowedProperties as $class => $properties) {
if ($obj instanceof $class) {
$allowed = \in_array($property, \is_array($properties) ? $properties : [$properties], true);
$allowed = in_array($property, is_array($properties) ? $properties : [$properties], true);
//CHANGED: Only break if we the method is allowed, otherwise try it on the other methods
if ($allowed) {
@ -137,7 +141,7 @@ final class InheritanceSecurityPolicy implements SecurityPolicyInterface
}
if (!$allowed) {
$class = \get_class($obj);
$class = get_class($obj);
throw new SecurityNotAllowedPropertyError(sprintf('Calling "%s" property on a "%s" object is not allowed.', $property, $class), $class, $property);
}