locomotivecms-liquid 2.6.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA1:
+  metadata.gz: 0dd3865307a040e127b4a088bb3ccda9af424c66
+  data.tar.gz: bf77f86b27a172af5476e7d00b329a647a9bc96a
+SHA512:
+  metadata.gz: a6de109bf59a18bd39b7f357636a22aa62be7286a23b87e1aa1bc7e8b5f8981d52ca397656147c16dd62c87bb872c448f2a8bc9c5d5b8158d703e7cb2426628f
+  data.tar.gz: 406c6e6858b0623afe3a5b4eda92fc0b552c4516aa920ec5b16bc3261913223d87a51216fa88cd94c76dfab1573758fe27857ce6ebabbefc6ab5157fbb116c3f

data/History.md

@@ -0,0 +1,108 @@
+# Liquid Version History
+
+IMPORTANT: Liquid 2.6 is going to be the last version of Liquid which maintains explicit Ruby 1.8 compatability.
+The following releases will only be tested against Ruby 1.9 and Ruby 2.0 and are likely to break on Ruby 1.8.
+
+## 2.6.0 / Master branch (not yet released)
+
+* ...
+* Add optional strict parsing and warn parsing, see #235 [Tristan Hume, trishume]
+* Add I18n syntax error translation, see #241 [Simon Hørup Eskildsen, Sirupsen]
+* Make sort filter work on enumerable drops, see #239 [Florian Weingarten, fw42]
+* Fix clashing method names in enumerable drops, see #238 [Florian Weingarten, fw42]
+* Make map filter work on enumerable drops, see #233 [Florian Weingarten, fw42]
+* Fix security issue with map filter, see #230, #232, #234, #237 [Florian Weingarten, fw42]
+* Improved whitespace stripping for blank blocks, related to #216 [Florian Weingarten, fw42]
+* Bugfix for #106: fix example servlet [gnowoel]
+* Bugfix for #97: strip_html filter supports multi-line tags [Jo Liss, joliss]
+* Bugfix for #114: strip_html filter supports style tags [James Allardice, jamesallardice]
+* Bugfix for #117: 'now' support for date filter in Ruby 1.9 [Notre Dame Webgroup, ndwebgroup]
+* Bugfix for #166: truncate filter on UTF-8 strings with Ruby 1.8 [Florian Weingarten, fw42]
+* Bugfix for #204: 'raw' parsing bug [Florian Weingarten, fw42]
+* Bugfix for #150: 'for' parsing bug [Peter Schröder, phoet]
+* Bugfix for #126: Strip CRLF in strip_newline [Peter Schröder, phoet]
+* Allow a Liquid::Drop to be passed into Template#render [Daniel Huckstep, darkhelmet]
+* Resource limits [Florian Weingarten, fw42]
+* Add reverse filter [Jay Strybis, unreal]
+* Add utf-8 support
+* Use array instead of Hash to keep the registered filters [Tasos Stathopoulos, astathopoulos]
+* Cache tokenized partial templates [Tom Burns, boourns]
+* Avoid warnings in Ruby 1.9.3 [Marcus Stollsteimer, stomar]
+* Better documentation for 'include' tag (closes #163) [Peter Schröder, phoet]
+* Use of BigDecimal on filters to have better precision (closes #155) [Arthur Nogueira Neves, arthurnn]
+
+
+## 2.5.0 / 2013-03-06
+
+* Prevent Object methods from being called on drops
+* Avoid symbol injection from liquid
+* Added break and continue statements
+* Fix filter parser for args without space separators
+* Add support for filter keyword arguments
+
+
+## 2.4.0 / 2012-08-03
+
+* Performance improvements
+* Allow filters in `assign`
+* Add `modulo` filter
+* Ruby 1.8, 1.9, and Rubinius compatibility fixes
+* Add support for `quoted['references']` in `tablerow`
+* Add support for Enumerable to `tablerow`
+* `strip_html` filter removes html comments
+
+
+## 2.3.0 / 2011-10-16
+
+* Several speed/memory improvements
+* Numerous bug fixes
+* Added support for MRI 1.9, Rubinius, and JRuby
+* Added support for integer drop parameters
+* Added epoch support to `date` filter
+* New `raw` tag that suppresses parsing
+* Added `else` option to `for` tag
+* New `increment` tag
+* New `split` filter
+
+
+## 2.2.1 / 2010-08-23
+
+* Added support for literal tags
+
+
+## 2.2.0 / 2010-08-22
+
+* Compatible with Ruby 1.8.7, 1.9.1 and 1.9.2-p0
+* Merged some changed made by the community
+
+
+## 1.9.0 / 2008-03-04
+
+* Fixed gem install rake task
+* Improve Error encapsulation in liquid by maintaining a own set of exceptions instead of relying on ruby build ins
+
+
+## Before 1.9.0
+
+* Added If with or / and expressions
+* Implemented .to_liquid for all objects which can be passed to liquid like Strings Arrays Hashes Numerics and Booleans. To export new objects to liquid just implement .to_liquid on them and return objects which themselves have .to_liquid methods.
+* Added more tags to standard library
+* Added include tag ( like partials in rails )
+* [...] Gazillion of detail improvements
+* Added strainers as filter hosts for better security [Tobias Luetke]
+* Fixed that rails integration would call filter with the wrong "self" [Michael Geary]
+* Fixed bad error reporting when a filter called a method which doesn't exist. Liquid told you that it couldn't find the filter which was obviously misleading [Tobias Luetke]
+* Removed count helper from standard lib. use size [Tobias Luetke]
+* Fixed bug with string filter parameters failing to tolerate commas in strings. [Paul Hammond]
+* Improved filter parameters. Filter parameters are now context sensitive; Types are resolved according to the rules of the context. Multiple parameters are now separated by the Liquid::ArgumentSeparator: , by default [Paul Hammond]
+    {{ 'Typo' | link_to: 'http://typo.leetsoft.com', 'Typo - a modern weblog engine' }}
+* Added Liquid::Drop. A base class which you can use for exporting proxy objects to liquid which can acquire more data when used in liquid. [Tobias Luetke]
+
+  class ProductDrop < Liquid::Drop
+    def top_sales
+       Shop.current.products.find(:all, :order => 'sales', :limit => 10 )
+    end
+  end
+  t = Liquid::Template.parse( ' {% for product in product.top_sales %} {{ product.name }} {% endfor %} '  )
+  t.render('product' => ProductDrop.new )
+* Added filter parameters support. Example: {{ date | format_date: "%Y" }} [Paul Hammond]

data/MIT-LICENSE

@@ -0,0 +1,20 @@
+Copyright (c) 2005, 2006 Tobias Luetke
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.

data/README.md

@@ -0,0 +1,75 @@
+# Liquid template engine
+
+* [Contributing guidelines](CONTRIBUTING.md)
+* [Version history](History.md)
+* [Liquid documentation from Shopify](http://docs.shopify.com/themes/liquid-basics)
+* [Liquid Wiki from Shopify](http://wiki.shopify.com/Liquid)
+* [Liquid Wiki at GitHub](https://github.com/Shopify/liquid/wiki)
+* [Website](http://liquidmarkup.org/)
+
+## Introduction
+
+Liquid is a template engine which was written with very specific requirements:
+
+* It has to have beautiful and simple markup. Template engines which don't produce good looking markup are no fun to use.
+* It needs to be non evaling and secure. Liquid templates are made so that users can edit them. You don't want to run code on your server which your users wrote.
+* It has to be stateless. Compile and render steps have to be separate so that the expensive parsing and compiling can be done once and later on you can just render it passing in a hash with local variables and objects.
+
+## Why you should use Liquid
+
+* You want to allow your users to edit the appearance of your application but don't want them to run **insecure code on your server**.
+* You want to render templates directly from the database.
+* You like smarty (PHP) style template engines.
+* You need a template engine which does HTML just as well as emails.
+* You don't like the markup of your current templating engine.
+
+## What does it look like?
+
+```html
+<ul id="products">
+  {% for product in products %}
+    <li>
+      <h2>{{ product.name }}</h2>
+      Only {{ product.price | price }}
+
+      {{ product.description | prettyprint | paragraph }}
+    </li>
+  {% endfor %}
+</ul>
+```
+
+## How to use Liquid
+
+Liquid supports a very simple API based around the Liquid::Template class.
+For standard use you can just pass it the content of a file and call render with a parameters hash.
+
+```ruby
+@template = Liquid::Template.parse("hi {{name}}") # Parses and compiles the template
+@template.render('name' => 'tobi')                # => "hi tobi"
+```
+
+### Error Modes
+
+Setting the error mode of Liquid lets you specify how strictly you want your templates to be interpreted.
+Normally the parser is very lax and will accept almost anything without error. Unfortunately this can make
+it very hard to debug and can lead to unexpected behaviour.
+
+Liquid also comes with a stricter parser that can be used when editing templates to give better error messages
+when templates are invalid. You can enable this new parser like this:
+
+```ruby
+Liquid::Template.error_mode = :strict # Raises a SyntaxError when invalid syntax is used
+Liquid::Template.error_mode = :warn # Adds errors to template.errors but continues as normal
+Liquid::Template.error_mode = :lax # The default mode, accepts almost anything.
+```
+
+If you want to set the error mode only on specific templates you can pass `:error_mode` as an option to `parse`:
+```ruby
+Liquid::Template.parse(source, :error_mode => :strict)
+```
+This is useful for doing things like enabling strict mode only in the theme editor.
+
+It is recommended that you enable `:strict` or `:warn` mode on new apps to stop invalid templates from being created.
+It is also recommended that you use it in the template editors of existing apps to give editors better error messages.
+
+[![Build Status](https://secure.travis-ci.org/Shopify/liquid.png)](http://travis-ci.org/Shopify/liquid)

data/lib/extras/liquid_view.rb

@@ -0,0 +1,51 @@
+# LiquidView is a action view extension class. You can register it with rails
+# and use liquid as an template system for .liquid files
+#
+# Example
+#
+#   ActionView::Base::register_template_handler :liquid, LiquidView
+class LiquidView
+  PROTECTED_ASSIGNS = %w( template_root response _session template_class action_name request_origin session template
+                          _response url _request _cookies variables_added _flash params _headers request cookies
+                          ignore_missing_templates flash _params logger before_filter_chain_aborted headers )
+  PROTECTED_INSTANCE_VARIABLES = %w( @_request @controller @_first_render @_memoized__pick_template @view_paths
+                                     @helpers @assigns_added @template @_render_stack @template_format @assigns )
+
+  def self.call(template)
+    "LiquidView.new(self).render(template, local_assigns)"
+  end
+
+  def initialize(view)
+    @view = view
+  end
+
+  def render(template, local_assigns = nil)
+    @view.controller.headers["Content-Type"] ||= 'text/html; charset=utf-8'
+
+    # Rails 2.2 Template has source, but not locals
+    if template.respond_to?(:source) && !template.respond_to?(:locals)
+      assigns = (@view.instance_variables - PROTECTED_INSTANCE_VARIABLES).inject({}) do |hash, ivar|
+                  hash[ivar[1..-1]] = @view.instance_variable_get(ivar)
+                  hash
+                end
+    else
+      assigns = @view.assigns.reject{ |k,v| PROTECTED_ASSIGNS.include?(k) }
+    end
+
+    source = template.respond_to?(:source) ? template.source : template
+    local_assigns = (template.respond_to?(:locals) ? template.locals : local_assigns) || {}
+
+    if content_for_layout = @view.instance_variable_get("@content_for_layout")
+      assigns['content_for_layout'] = content_for_layout
+    end
+    assigns.merge!(local_assigns.stringify_keys)
+
+    liquid = Liquid::Template.parse(source)
+    liquid.render(assigns, :filters => [@view.controller.master_helper_module], :registers => {:action_view => @view, :controller => @view.controller})
+  end
+
+  def compilable?
+    false
+  end
+
+end

data/lib/liquid/block.rb

@@ -0,0 +1,160 @@
+module Liquid
+  class Block < Tag
+    IsTag             = /^#{TagStart}/o
+    IsVariable        = /^#{VariableStart}/o
+    FullToken         = /^#{TagStart}\s*(\w+)\s*(.*)?#{TagEnd}$/o
+    ContentOfVariable = /^#{VariableStart}(.*)#{VariableEnd}$/o
+
+    def blank?
+      @blank || false
+    end
+
+    def parse(tokens)
+      self.line ||= 1
+      @blank = true
+      @nodelist ||= []
+      @nodelist.clear
+
+      # All child tags of the current block.
+      @children = []
+
+      while token = tokens.shift
+        case token
+        when IsTag
+          if token =~ FullToken
+
+            # if we found the proper block delimiter just end parsing here and let the outer block
+            # proceed
+            if block_delimiter == $1
+              end_tag
+              return
+            end
+
+            # fetch the tag from registered blocks
+            if tag = Template.tags[$1]
+              new_tag = tag.new_with_options($1, $2, tokens, @options.merge(line: line))
+              @blank &&= new_tag.blank?
+              @nodelist << new_tag
+              @children << new_tag
+            else
+              # this tag is not registered with the system
+              # pass it to the current block for special handling or error reporting
+              unknown_tag($1, $2, tokens)
+            end
+          else
+            raise SyntaxError.new(options[:locale].t("errors.syntax.tag_termination", :token => token, :tag_end => TagEnd.inspect), line)
+          end
+        when IsVariable
+          new_var = create_variable(token)
+          @nodelist << new_var
+          @children << new_var
+          @blank = false
+        when ''
+          # pass
+        else
+          self.line += token.count("\n") if @options[:count_lines] || Template.count_lines
+          @nodelist << token
+          @blank &&= (token =~ /\A\s*\z/)
+        end
+      end
+
+      # restore the line
+
+      # Make sure that it's ok to end parsing in the current block.
+      # Effectively this method will throw an exception unless the current block is
+      # of type Document
+      assert_missing_delimitation!
+    end
+
+    # warnings of this block and all sub-tags
+    def warnings
+      all_warnings = []
+      all_warnings.concat(@warnings) if @warnings
+
+      (@children || []).each do |node|
+        all_warnings.concat(node.warnings || [])
+      end
+
+      all_warnings
+    end
+
+    def end_tag
+    end
+
+    def unknown_tag(tag, params, tokens)
+      case tag
+      when 'else'
+        raise SyntaxError.new(options[:locale].t("errors.syntax.unexpected_else",
+                                                 :block_name => block_name), line)
+      when 'end'
+        raise SyntaxError.new(options[:locale].t("errors.syntax.invalid_delimiter",
+                                                 :block_name => block_name,
+                                                 :block_delimiter => block_delimiter), line)
+      else
+        raise SyntaxError.new(options[:locale].t("errors.syntax.unknown_tag", :tag => tag), line)
+      end
+    end
+
+    def block_delimiter
+      "end#{block_name}"
+    end
+
+    def block_name
+      @tag_name
+    end
+
+    def create_variable(token)
+      token.scan(ContentOfVariable) do |content|
+        return Variable.new(content.first, @options)
+      end
+      raise SyntaxError.new(options[:locale].t("errors.syntax.variable_termination", :token => token, :tag_end => VariableEnd.inspect), line)
+    end
+
+    def render(context)
+      render_all(@nodelist, context)
+    end
+
+    protected
+
+    def assert_missing_delimitation!
+      raise SyntaxError.new(options[:locale].t("errors.syntax.tag_never_closed", :block_name => block_name), line)
+    end
+
+    def render_all(list, context)
+      output = []
+      context.resource_limits[:render_length_current] = 0
+      context.resource_limits[:render_score_current] += list.length
+
+      list.each do |token|
+        # Break out if we have any unhanded interrupts.
+        break if context.has_interrupt?
+
+        begin
+          # If we get an Interrupt that means the block must stop processing. An
+          # Interrupt is any command that stops block execution such as {% break %}
+          # or {% continue %}
+          if token.is_a? Continue or token.is_a? Break
+            context.push_interrupt(token.interrupt)
+            break
+          end
+
+          token_output = (token.respond_to?(:render) ? token.render(context) : token)
+          context.resource_limits[:render_length_current] += (token_output.respond_to?(:length) ? token_output.length : 1)
+          if context.resource_limits_reached?
+            context.resource_limits[:reached] = true
+            raise MemoryError.new("Memory limits exceeded", token.respond_to?(:line) ? token.line : nil)
+          end
+          unless token.is_a?(Block) && token.blank?
+            output << token_output
+          end
+        rescue MemoryError => e
+          raise e
+        rescue ::StandardError => e
+          output << (context.handle_error(e))
+        end
+      end
+
+      output.join
+    end
+  end
+end

data/lib/liquid/condition.rb

@@ -0,0 +1,120 @@
+module Liquid
+  # Container for liquid nodes which conveniently wraps decision making logic
+  #
+  # Example:
+  #
+  #   c = Condition.new('1', '==', '1')
+  #   c.evaluate #=> true
+  #
+  class Condition #:nodoc:
+    @@operators = {
+      '==' => lambda { |cond, left, right|  cond.send(:equal_variables, left, right) },
+      '!=' => lambda { |cond, left, right| !cond.send(:equal_variables, left, right) },
+      '<>' => lambda { |cond, left, right| !cond.send(:equal_variables, left, right) },
+      '<'  => :<,
+      '>'  => :>,
+      '>=' => :>=,
+      '<=' => :<=,
+      'contains' => lambda { |cond, left, right| left && right ? left.include?(right) : false }
+    }
+
+    def self.operators
+      @@operators
+    end
+
+    attr_reader :attachment
+    attr_accessor :left, :operator, :right
+
+    def initialize(left = nil, operator = nil, right = nil)
+      @left, @operator, @right = left, operator, right
+      @child_relation  = nil
+      @child_condition = nil
+    end
+
+    def evaluate(context = Context.new)
+      result = interpret_condition(left, right, operator, context)
+
+      case @child_relation
+      when :or
+        result || @child_condition.evaluate(context)
+      when :and
+        result && @child_condition.evaluate(context)
+      else
+        result
+      end
+    end
+
+    def or(condition)
+      @child_relation, @child_condition = :or, condition
+    end
+
+    def and(condition)
+      @child_relation, @child_condition = :and, condition
+    end
+
+    def attach(attachment)
+      @attachment = attachment
+    end
+
+    def else?
+      false
+    end
+
+    def inspect
+      "#<Condition #{[@left, @operator, @right].compact.join(' ')}>"
+    end
+
+    private
+
+    def equal_variables(left, right)
+      if left.is_a?(Symbol)
+        if right.respond_to?(left)
+          return right.send(left.to_s)
+        else
+          return nil
+        end
+      end
+
+      if right.is_a?(Symbol)
+        if left.respond_to?(right)
+          return left.send(right.to_s)
+        else
+          return nil
+        end
+      end
+
+      left == right
+    end
+
+    def interpret_condition(left, right, op, context)
+      # If the operator is empty this means that the decision statement is just
+      # a single variable. We can just poll this variable from the context and
+      # return this as the result.
+      return context[left] if op == nil
+
+      left, right = context[left], context[right]
+
+      operation = self.class.operators[op] || raise(ArgumentError.new("Unknown operator #{op}"))
+
+      if operation.respond_to?(:call)
+        operation.call(self, left, right)
+      elsif left.respond_to?(operation) and right.respond_to?(operation)
+        left.send(operation, right)
+      else
+        nil
+      end
+    end
+  end
+
+
+  class ElseCondition < Condition
+    def else?
+      true
+    end
+
+    def evaluate(context)
+      true
+    end
+  end
+
+end