build_box 0.0.3 → 0.0.4
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- checksums.yaml +4 -4
- data/lib/build_box/perform.rb +4 -3
- data/lib/build_box/response.rb +6 -4
- data/lib/build_box/version.rb +1 -1
- data/lib/build_box.rb +7 -2
- data/spec/build_box_spec.rb +22 -0
- metadata +2 -2
checksums.yaml
CHANGED
@@ -1,7 +1,7 @@
|
|
1
1
|
---
|
2
2
|
SHA1:
|
3
|
-
metadata.gz:
|
4
|
-
data.tar.gz:
|
3
|
+
metadata.gz: ff554d9ee6d2c5de96dc3b451f5f96e291664eed
|
4
|
+
data.tar.gz: 6781f63e6a9dfe6ef610c496312cb69d225512c8
|
5
5
|
SHA512:
|
6
|
-
metadata.gz:
|
7
|
-
data.tar.gz:
|
6
|
+
metadata.gz: e58905f0871ae87e515db45868ced96e89acf27723321c88aeb8238ab27e1ac899b4b2522f9070aa3297c8e22d4aca6c622ce95b8e3ac2f04d66c3dd479ec715
|
7
|
+
data.tar.gz: fdf3a5ef898b33da3ddffbc7ab4eff3658c143a26df2a815259131812666f873d9d4d57157570e9224850c35f7cf26affdad655bfd3fffc592cf2572ad125681
|
data/lib/build_box/perform.rb
CHANGED
@@ -2,11 +2,12 @@ class BuildBox::Perform
|
|
2
2
|
|
3
3
|
attr_accessor :output, :error, :code, :unbound_methods, :unbound_constants
|
4
4
|
|
5
|
-
def initialize(code, binding_context=TOPLEVEL_BINDING)
|
5
|
+
def initialize(code, binding_context=TOPLEVEL_BINDING, security_level)
|
6
6
|
self.unbound_methods = []
|
7
7
|
self.unbound_constants = []
|
8
8
|
self.code = code
|
9
|
-
@binding_context = binding_context
|
9
|
+
@binding_context = binding_context
|
10
|
+
@security_level = security_level
|
10
11
|
evaluate
|
11
12
|
end
|
12
13
|
|
@@ -14,7 +15,7 @@ class BuildBox::Perform
|
|
14
15
|
|
15
16
|
def evaluate
|
16
17
|
t = Thread.new do
|
17
|
-
$SAFE =
|
18
|
+
$SAFE = @securit_level || 0
|
18
19
|
begin
|
19
20
|
BuildBox.config.bad_methods.each {|meth| remove_method(meth.first, meth.last)}
|
20
21
|
BuildBox.config.bad_constants.each {|const| remove_constant(const)}
|
data/lib/build_box/response.rb
CHANGED
@@ -2,8 +2,10 @@ class BuildBox::Response
|
|
2
2
|
|
3
3
|
attr_accessor :output, :error, :code # TODO: return de evaluated code
|
4
4
|
|
5
|
-
|
6
|
-
|
5
|
+
alias :result :output
|
6
|
+
|
7
|
+
def initialize(code, binding_context, security_level)
|
8
|
+
evaluate(code, binding_context, security_level)
|
7
9
|
end
|
8
10
|
|
9
11
|
def error?
|
@@ -12,9 +14,9 @@ class BuildBox::Response
|
|
12
14
|
|
13
15
|
private
|
14
16
|
|
15
|
-
def evaluate(code, binding_context)
|
17
|
+
def evaluate(code, binding_context, security_level)
|
16
18
|
preserve_namespace
|
17
|
-
result = BuildBox::Perform.new(code, binding_context)
|
19
|
+
result = BuildBox::Perform.new(code, binding_context, security_level)
|
18
20
|
@output = result.output
|
19
21
|
@error = result.error
|
20
22
|
@code = result.code
|
data/lib/build_box/version.rb
CHANGED
data/lib/build_box.rb
CHANGED
@@ -11,8 +11,13 @@ module BuildBox
|
|
11
11
|
end
|
12
12
|
alias :config :configure
|
13
13
|
|
14
|
-
def perform(code, binding_context=TOPLEVEL_BINDING)
|
15
|
-
|
14
|
+
def perform(code, binding_context=TOPLEVEL_BINDING, security_level=BuildBox.config.security_level)
|
15
|
+
if code.is_a?(Hash)
|
16
|
+
binding_context = code.fetch(:binding_context, binding_context)
|
17
|
+
security_level = code.fetch(:security_level, security_level)
|
18
|
+
code = code[:code] || (raise 'Code parameter must be informed.')
|
19
|
+
end
|
20
|
+
BuildBox::Response.new(code, binding_context, security_level)
|
16
21
|
end
|
17
22
|
|
18
23
|
end
|
data/spec/build_box_spec.rb
CHANGED
@@ -66,6 +66,28 @@ describe "BuildBox" do
|
|
66
66
|
expect(BuildBox.perform('params[:a] + params[:b]', ctx.__binding__).output).to eql(3)
|
67
67
|
end
|
68
68
|
|
69
|
+
it "permit add define security level in specific perform" do
|
70
|
+
code = %{ eval('{a: 1, b:2, c:3}')}
|
71
|
+
expect(BuildBox.perform(code, TOPLEVEL_BINDING, 0).result).to eql({a: 1, b:2, c:3})
|
72
|
+
expect(BuildBox.perform(code, TOPLEVEL_BINDING, 3).error?).to be_false
|
73
|
+
end
|
74
|
+
|
75
|
+
it "must permit pass hash parameters" do
|
76
|
+
code = %{ eval('{a: 1, b:2, c:3}')}
|
77
|
+
expect(BuildBox.perform(code: code, security_level: 0).result).to eql({a: 1, b:2, c:3})
|
78
|
+
end
|
79
|
+
|
80
|
+
it "must raise error when code key is not passed" do
|
81
|
+
code = %{ eval('{a: 1, b:2, c:3}')}
|
82
|
+
begin
|
83
|
+
expect(BuildBox.perform(cod: code, security_level: 0).result).to raise_error(RuntimeError)
|
84
|
+
rescue => e
|
85
|
+
raise e unless e.message == 'Code parameter must be informed.'
|
86
|
+
end
|
87
|
+
end
|
88
|
+
|
89
|
+
|
90
|
+
|
69
91
|
context 'unsafe commands' do
|
70
92
|
it 'does not exit' do
|
71
93
|
expect(BuildBox.config).to receive(:bad_methods).at_least(:once).and_return([])
|
metadata
CHANGED
@@ -1,14 +1,14 @@
|
|
1
1
|
--- !ruby/object:Gem::Specification
|
2
2
|
name: build_box
|
3
3
|
version: !ruby/object:Gem::Version
|
4
|
-
version: 0.0.
|
4
|
+
version: 0.0.4
|
5
5
|
platform: ruby
|
6
6
|
authors:
|
7
7
|
- Rafael Vettori
|
8
8
|
autorequire:
|
9
9
|
bindir: bin
|
10
10
|
cert_chain: []
|
11
|
-
date: 2014-05-
|
11
|
+
date: 2014-05-29 00:00:00.000000000 Z
|
12
12
|
dependencies:
|
13
13
|
- !ruby/object:Gem::Dependency
|
14
14
|
name: bundler
|