asciidoctor 0.1.1 → 0.1.2

data/lib/asciidoctor/path_resolver.rb

@@ -0,0 +1,360 @@
+module Asciidoctor
+# Public: Handles all operations for resolving, cleaning and joining paths.
+# This class includes operations for handling both web paths (request URIs) and
+# system paths.
+#
+# The main emphasis of the class is on creating clean and secure paths. Clean
+# paths are void of duplicate parent and current directory references in the
+# path name. Secure paths are paths which are restricted from accessing
+# directories outside of a jail root, if specified.
+#
+# Since joining two paths can result in an insecure path, this class also
+# handles the task of joining a parent (start) and child (target) path.
+#
+# This class makes no use of path utilities from the Ruby libraries. Instead,
+# it handles all aspects of path manipulation. The main benefit of
+# internalizing these operations is that the class is able to handle both posix
+# and windows paths independent of the operating system on which it runs. This
+# makes the class both deterministic and easier to test.
+#
+# Examples
+#
+#     resolver = PathResolver.new
+#
+#     # Web Paths
+#
+#     resolver.web_path('images')
+#     => 'images'
+#
+#     resolver.web_path('./images')
+#     => './images'
+#
+#     resolver.web_path('/images')
+#     => '/images'
+#
+#     resolver.web_path('./images/../assets/images')
+#     => './assets/images'
+#
+#     resolver.web_path('/../images')
+#     => '/images'
+#
+#     resolver.web_path('images', 'assets')
+#     => 'assets/images'
+#
+#     resolver.web_path('tiger.png', '../assets/images')
+#     => '../assets/images/tiger.png'
+#
+#     # System Paths
+#
+#     resolver.working_dir
+#     => '/path/to/docs'
+#
+#     resolver.system_path('images')
+#     => '/path/to/docs/images'
+#
+#     resolver.system_path('../images')
+#     => '/path/to/images'
+#
+#     resolver.system_path('/etc/images')
+#     => '/etc/images'
+#
+#     resolver.system_path('images', '/etc')
+#     => '/etc/images'
+#
+#     resolver.system_path('', '/etc/images')
+#     => '/etc/images'
+#
+#     resolver.system_path(nil, nil, '/path/to/docs')
+#     => '/path/to/docs'
+#
+#     resolver.system_path('..', nil, '/path/to/docs')
+#     => '/path/to/docs'
+#
+#     resolver.system_path('../../../css', nil, '/path/to/docs')
+#     => '/path/to/docs/css'
+#
+#     resolver.system_path('../../../css', '../../..', '/path/to/docs')
+#     => '/path/to/docs/css'
+#
+#     begin
+#       resolver.system_path('../../../css', '../../..', '/path/to/docs', :recover => false)
+#     rescue SecurityError => e
+#       puts e.message
+#     end
+#     => 'path ../../../../../../css refers to location outside jail: /path/to/docs (disallowed in safe mode)'
+#
+#     resolver.system_path('/path/to/docs/images', nil, '/path/to/docs')
+#     => '/path/to/docs/images'
+#
+#     begin
+#       resolver.system_path('images', '/etc', '/path/to/docs')
+#     rescue SecurityError => e
+#       puts e.message 
+#     end
+#     => Start path /etc is outside of jail: /path/to/docs'
+#
+class PathResolver
+  DOT = '.'
+  DOT_DOT = '..'
+  SLASH = '/'
+  BACKSLASH = '\\'
+  PARTITION_RE = /\/+/
+  WIN_ROOT_RE = /^[[:alpha:]]:(?:\\|\/)/
+
+  attr_accessor :file_separator
+  attr_accessor :working_dir
+
+  # Public: Construct a new instance of PathResolver, optionally specifying the
+  # path separator (to override the system default) and the working directory
+  # (to override the present working directory). The working directory will be
+  # expanded to an absolute path inside the constructor.
+  #
+  # file_separator - the String file separator to use for path operations
+  #                  (optional, default: File::FILE_SEPARATOR)
+  # working_dir    - the String working directory (optional, default: Dir.pwd)
+  #
+  def initialize(file_separator = nil, working_dir = nil)
+    @file_separator = file_separator.nil? ? File::SEPARATOR : file_separator
+    if working_dir.nil?
+      @working_dir = File.expand_path(Dir.pwd)
+    else
+      @working_dir = is_root?(working_dir) ? working_dir : File.expand_path(working_dir) 
+    end
+  end
+
+  # Public: Check if the specified path is an absolute root path
+  # This operation correctly handles both posix and windows paths.
+  #
+  # path - the String path to check
+  #
+  # returns a Boolean indicating whether the path is an absolute root path
+  def is_root?(path)
+    if @file_separator == BACKSLASH && path.match(WIN_ROOT_RE)
+      true
+    elsif path.start_with? SLASH
+      true
+    else
+      false
+    end
+  end
+
+  # Public: Determine if the path is an absolute (root) web path
+  #
+  # path - the String path to check
+  #
+  # returns a Boolean indicating whether the path is an absolute (root) web path
+  def is_web_root?(path)
+    path.start_with? SLASH
+  end
+  
+  # Public: Normalize path by converting any backslashes to forward slashes
+  #
+  # path - the String path to normalize
+  #
+  # returns a String path with any backslashes replaced with forward slashes
+  def posixfy(path)
+    return '' if path.to_s.empty?
+    path.include?(BACKSLASH) ? path.tr(BACKSLASH, SLASH) : path
+  end
+
+  # Public: Expand the path by resolving any parent references (..)
+  # and cleaning self references (.).
+  #
+  # The result will be relative if the path is relative and
+  # absolute if the path is absolute. The file separator used
+  # in the expanded path is the one specified when the class
+  # was constructed.
+  #
+  # path - the String path to expand
+  #
+  # returns a String path with any parent or self references resolved.
+  def expand_path(path)
+    path_segments, path_root, _ = partition_path(path)
+    join_path(path_segments, path_root)
+  end
+  
+  # Public: Partition the path into path segments and remove any empty segments
+  # or segments that are self references (.). The path is split on either posix
+  # or windows file separators.
+  #
+  # path     - the String path to partition
+  # web_path - a Boolean indicating whether the path should be handled
+  #            as a web path (optional, default: false)
+  #
+  # returns a 3-item Array containing the Array of String path segments, the
+  # path root, if the path is absolute, and the posix version of the path.
+  def partition_path(path, web_path = false)
+    posix_path = posixfy path
+    is_root = web_path ? is_web_root?(posix_path) : is_root?(posix_path)
+    path_segments = posix_path.split(PARTITION_RE)
+    # capture relative root
+    root = path_segments.first == DOT ? DOT : nil
+    path_segments.delete(DOT)
+    # capture absolute root, preserving relative root if set
+    root = is_root ? path_segments.shift : root
+  
+    [path_segments, root, posix_path]
+  end
+  
+  # Public: Join the segments using the file separator specified in the
+  # constructor. Use the root, if specified, to construct an absolute path.
+  # Otherwise join the segments as a relative path.
+  #
+  # segments - a String Array of path segments
+  # root     - a String path root (optional, default: nil)
+  #
+  # returns a String path formed by joining the segments and prepending
+  # the root, if specified
+  def join_path(segments, root = nil)
+    if root
+      "#{root}#{@file_separator}#{segments * @file_separator}"
+    else
+      segments * @file_separator
+    end
+  end
+  
+  # Public: Resolve a system path from the target and start paths. If a jail
+  # path is specified, enforce that the resolved directory is contained within
+  # the jail path. If a jail path is not provided, the resolved path may be
+  # any location on the system. If the resolved path is absolute, use it as is.
+  # If the resolved path is relative, resolve it relative to the working_dir
+  # specified in the constructor.
+  #
+  # target - the String target path
+  # start  - the String start (i.e., parent) path
+  # jail   - the String jail path to confine the resolved path
+  # opts   - an optional Hash of options to control processing (default: {}):
+  #          * :recover is used to control whether the processor should auto-recover
+  #              when an illegal path is encountered
+  #          * :target_name is used in messages to refer to the path being resolved
+  #
+  # returns a String path that joins the target path with the start path with
+  # any parent references resolved and self references removed and enforces
+  # that the resolved path be contained within the jail, if provided
+  def system_path(target, start, jail = nil, opts = {})
+    recover = opts.fetch(:recover, true)
+    unless jail.nil?
+      unless is_root? jail
+        raise SecurityError, "Jail is not an absolute path: #{jail}"
+      end
+      jail = posixfy jail
+    end
+
+    if target.to_s.empty?
+      target_segments = []
+    else
+      target_segments, target_root, _ = partition_path(target)
+    end
+
+    if target_segments.empty?
+      if start.to_s.empty?
+        return jail.nil? ? @working_dir : jail
+      elsif is_root? start
+        if jail.nil?
+          return expand_path start
+        end
+      else
+        return system_path(start, jail, jail)
+      end
+    end
+  
+    if target_root && target_root != DOT
+      resolved_target = join_path target_segments, target_root
+      # if target is absolute and a sub-directory of jail, or
+      # a jail is not in place, let it slide
+      if jail.nil? || resolved_target.start_with?(jail)
+        return resolved_target
+      end
+    end
+  
+    if start.to_s.empty?
+      start = jail.nil? ? @working_dir : jail
+    elsif is_root? start
+      start = posixfy start
+    else
+      start = system_path(start, jail, jail)
+    end
+  
+    # both jail and start have been posixfied at this point
+    if jail == start
+      jail_segments, jail_root, _ = partition_path(jail)
+      start_segments = jail_segments.dup
+    elsif !jail.nil?
+      if !start.start_with?(jail)
+        raise SecurityError, "#{opts[:target_name] || 'Start path'} #{start} is outside of jail: #{jail} (disallowed in safe mode)"
+      end
+
+      start_segments, start_root, _ = partition_path(start)
+      jail_segments, jail_root, _ = partition_path(jail)
+  
+      # Already checked for this condition
+      #if start_root != jail_root
+      #  raise SecurityError, "Jail root #{jail_root} does not match root of #{opts[:target_name] || 'start path'}: #{start_root}"
+      #end
+    else
+      start_segments, start_root, _ = partition_path(start)
+      jail_root = start_root
+    end
+  
+    resolved_segments = start_segments.dup
+    warned = false
+    target_segments.each do |segment|
+      if segment == DOT_DOT
+        if !jail.nil?
+          if resolved_segments.length > jail_segments.length
+            resolved_segments.pop
+          elsif !recover
+            raise SecurityError, "#{opts[:target_name] || 'path'} #{target} refers to location outside jail: #{jail} (disallowed in safe mode)"
+          elsif !warned
+            puts "asciidoctor: WARNING: #{opts[:target_name] || 'path'} has illegal reference to ancestor of jail, auto-recovering"
+            warned = true
+          end
+        else
+          resolved_segments.pop
+        end
+      else
+        resolved_segments.push segment
+      end
+    end
+  
+    join_path resolved_segments, jail_root
+  end
+
+  # Public: Resolve a web path from the target and start paths.
+  # The main function of this operation is to resolve any parent
+  # references and remove any self references.
+  #
+  # target - the String target path
+  # start  - the String start (i.e., parent) path
+  #
+  # returns a String path that joins the target path with the
+  # start path with any parent references resolved and self
+  # references removed
+  def web_path(target, start = nil)
+    target = posixfy(target)
+    start = posixfy(start)
+
+    unless is_web_root?(target) || start.empty?
+      target = "#{start}#{SLASH}#{target}"
+    end
+
+    target_segments, target_root, _ = partition_path(target, true)
+    resolved_segments = target_segments.inject([]) do |accum, segment|
+      if segment == DOT_DOT
+        if accum.empty?
+          accum.push segment unless target_root && target_root != DOT
+        elsif accum[-1] == DOT_DOT
+          accum.push segment
+        else
+          accum.pop
+        end
+      else
+        accum.push segment
+      end
+      accum
+    end
+
+    join_path resolved_segments, target_root
+  end
+end
+end

data/lib/asciidoctor/reader.rb

@@ -268,7 +268,7 @@ class Reader
   def preprocess_next_line
     # this return could be happening from a recursive call
     return nil if @eof || (next_line = @lines.first).nil?
-    if next_line.include?('if') && (match = next_line.match(REGEXP[:ifdef_macro]))
+    if next_line.include?('::') && (next_line.include?('if') || next_line.include?('endif')) && (match = next_line.match(REGEXP[:ifdef_macro]))
       if next_line.start_with? '\\'
         @next_line_preprocessed = true
         @unescape_next_line = true
@@ -287,7 +287,7 @@ class Reader
         @unescape_next_line = true
         false
       else
-        preprocess_include(match[1])
+        preprocess_include(match[1], match[2].strip)
       end
     else
       @next_line_preprocessed = true
@@ -343,7 +343,7 @@ class Reader
       return preprocess_next_line.nil? ? nil : true
     end
 
-    skip = nil
+    skip = false
     if !@skipping
       case directive
       when 'ifdef'
@@ -384,17 +384,19 @@ class Reader
 
         skip = !lhs.send(op.to_sym, rhs)
       end
-      @skipping = skip
     end
     advance
     # single line conditional inclusion
     if directive != 'ifeval' && !text.nil?
-      if !@skipping
+      if !@skipping && !skip
         unshift_line "#{text.rstrip}\n"
         return true
       end
     # conditional inclusion block
     else
+      if !@skipping && skip
+        @skipping = true
+      end
       @conditionals_stack << {:target => target, :skip => skip, :skipping => @skipping}
     end
     return preprocess_next_line.nil? ? nil : true
@@ -422,9 +424,11 @@ class Reader
   #          target slot of the include::[] macro
   #
   # returns a Boolean indicating whether the line under the cursor has changed.
-  def preprocess_include(target)
+  def preprocess_include(target, raw_attributes)
     # if running in SafeMode::SECURE or greater, don't process this directive
+    # however, be friendly and at least make it a link to the source document
     if @document.safe >= SafeMode::SECURE
+      @lines[0] = "link:#{target}[#{target}]"
       @next_line_preprocessed = true
       false
     # assume that if a block is given, the developer wants
@@ -438,7 +442,81 @@ class Reader
     elsif @document.attributes.fetch('include-depth', 0).to_i > 0
       advance
       # FIXME this borks line numbers
-      @lines.unshift(*File.readlines(@document.normalize_asset_path(target, 'include file')).map {|l| "#{l.rstrip}\n"})
+      include_file = @document.normalize_system_path(target, nil, nil, :target_name => 'include file')
+      if !File.file?(include_file)
+        puts "asciidoctor: WARNING: line #{@lineno}: include file not found: #{include_file}"
+        return true
+      end
+
+      lines = nil
+      tags = nil
+      if !raw_attributes.empty?
+        attributes = AttributeList.new(raw_attributes).parse
+        if attributes.has_key? 'lines'
+          lines = []
+          attributes['lines'].split(REGEXP[:scsv_csv_delim]).each do |linedef|
+            if linedef.include?('..')
+              from, to = linedef.split('..').map(&:to_i)
+              if to == -1
+                lines << from
+                lines << 1.0/0.0
+              else
+                lines.concat Range.new(from, to).to_a
+              end
+            else
+              lines << linedef.to_i
+            end
+          end
+          lines = lines.sort.uniq
+          #lines.push lines.shift if lines.first == -1
+        elsif attributes.has_key? 'tags'
+          tags = attributes['tags'].split(REGEXP[:scsv_csv_delim]).uniq
+        end
+      end
+      if !lines.nil?
+        if !lines.empty?
+          selected = []
+          f = File.new(include_file)
+          f.each_line do |l|
+            take = lines.first
+            if take.is_a?(Float) && take.infinite?
+              selected.push("#{l.rstrip}\n")
+            else
+              if f.lineno == take
+                selected.push("#{l.rstrip}\n")
+                lines.shift 
+              end
+              break if lines.empty?
+            end
+          end
+          @lines.unshift(*selected) unless selected.empty?
+        end
+      elsif !tags.nil?
+        if !tags.empty?
+          selected = []
+          active_tag = nil
+          f = File.new(include_file)
+          f.each_line do |l|
+            if !active_tag.nil?
+              if l.include?("end::#{active_tag}[]")
+                active_tag = nil
+              else
+                selected.push("#{l.rstrip}\n")
+              end
+            else
+              tags.each do |tag|
+                if l.include?("tag::#{tag}[]")
+                  active_tag = tag
+                  break
+                end
+              end
+            end
+          end
+          @lines.unshift(*selected) unless selected.empty?
+        end
+      else
+        @lines.unshift(*File.readlines(include_file).map {|l| "#{l.rstrip}\n"})
+      end
       true
     else
       @next_line_preprocessed = true
@@ -514,32 +592,54 @@ class Reader
   def grab_lines_until(options = {}, &block)
     buffer = []
 
-    finis = false
     advance if options[:skip_first_line]
-    # save options to locals for minor optimization
-    terminator = options[:terminator]
-    terminator.chomp! if terminator
-    break_on_blank_lines = options[:break_on_blank_lines]
-    break_on_list_continuation = options[:break_on_list_continuation]
+    # very hot code
+    # save options to locals for minor optimizations
+    if options.has_key? :terminator
+      terminator = options[:terminator]
+      break_on_blank_lines = false
+      break_on_list_continuation = false
+      chomp_last_line = options[:chomp_last_line] || false
+    else
+      terminator = nil
+      break_on_blank_lines = options[:break_on_blank_lines]
+      break_on_list_continuation = options[:break_on_list_continuation]
+      chomp_last_line = break_on_blank_lines
+    end
     skip_line_comments = options[:skip_line_comments]
     preprocess = options.fetch(:preprocess, true)
+    buffer_empty = true
     while !(this_line = get_line(preprocess)).nil?
-      Debug.debug { "Reader processing line: '#{this_line}'" }
-      finis = true if terminator && this_line.chomp == terminator
-      finis = true if !finis && break_on_blank_lines && this_line.strip.empty?
-      finis = true if !finis && break_on_list_continuation && this_line.chomp == LIST_CONTINUATION
-      finis = true if !finis && block && yield(this_line)
-      if finis
-        buffer << this_line if options[:grab_last_line]
-        unshift_line(this_line) if options[:preserve_last_line]
+      # effectively a no-args lamba, but much faster
+      finish = while true
+        break true if terminator && this_line.chomp == terminator
+        break true if break_on_blank_lines && this_line.strip.empty?
+        if break_on_list_continuation && !buffer_empty && this_line.chomp == LIST_CONTINUATION
+          options[:preserve_last_line] = true
+          break true
+        end
+        break true if block && yield(this_line)
+        break false
+      end
+
+      if finish
+        if options[:grab_last_line]
+          buffer << this_line
+          buffer_empty = false
+        end
+        # QUESTION should we dup this_line when restoring??
+        unshift_line this_line if options[:preserve_last_line]
         break
       end
 
       unless skip_line_comments && this_line.match(REGEXP[:comment])
         buffer << this_line
+        buffer_empty = false
       end
     end
 
+    # should we dup the line before chopping?
+    buffer.last.chomp! if chomp_last_line && !buffer_empty
     buffer
   end
 
@@ -619,8 +719,7 @@ class Reader
 
     # Process bibliography references, so they're available when text
     # before the reference is being rendered.
-    # FIXME we don't have support for bibliography lists yet, so disable for now
-    # plus, this should be done while we are walking lines above
+    # FIXME reenable whereever it belongs
     #@lines.each do |line|
     #  if biblio = line.match(REGEXP[:biblio])
     #    @document.register(:ids, biblio[1])