safemode 0.0.2 → 1.0.0

data/Gemfile

@@ -0,0 +1,15 @@
+source "http://rubygems.org"
+
+gem "ruby2ruby"
+gem "ruby_parser"
+
+# Add dependencies to develop your gem here.
+# Include everything needed to run rake, tests, features, etc.
+group :development do
+  gem "shoulda", ">= 0"
+  gem "rdoc", "~> 3.12"
+  gem "bundler", "~> 1.0.0"
+  gem "jeweler", "~> 1.8.3"
+  gem "rcov", ">= 0"
+  gem "rake"
+end

data/Gemfile.lock

@@ -0,0 +1,38 @@
+GEM
+  remote: http://rubygems.org/
+  specs:
+    git (1.2.5)
+    jeweler (1.8.3)
+      bundler (~> 1.0)
+      git (>= 1.2.5)
+      rake
+      rdoc
+    json (1.6.5)
+    rake (0.9.2.2)
+    rcov (1.0.0)
+    rdoc (3.12)
+      json (~> 1.4)
+    ruby2ruby (1.3.1)
+      ruby_parser (~> 2.0)
+      sexp_processor (~> 3.0)
+    ruby_parser (2.3.1)
+      sexp_processor (~> 3.0)
+    sexp_processor (3.1.0)
+    shoulda (3.0.1)
+      shoulda-context (~> 1.0.0)
+      shoulda-matchers (~> 1.0.0)
+    shoulda-context (1.0.0)
+    shoulda-matchers (1.0.0)
+
+PLATFORMS
+  ruby
+
+DEPENDENCIES
+  bundler (~> 1.0.0)
+  jeweler (~> 1.8.3)
+  rake
+  rcov
+  rdoc (~> 3.12)
+  ruby2ruby
+  ruby_parser
+  shoulda

data/README.markdown

@@ -11,6 +11,11 @@ anything beyond experiments and playing.
 That said, please **do** play with it, read and run the unit tests and provide
 feedback to help make it waterproof and finally suitable for serious purposes.
 
+### Installation
+
+safemode is available as gem, therefore you can use bundler or gem install to the
+tool. The above warning still applies.
+
 ### Usage
 
 For manual evaluation of Ruby code and ERB templates see demo.rb
@@ -35,8 +40,8 @@ can do that by defining a Safemode::Jail class for your classes, like so:
       class Jail < Safemode::Jail
         allow :name
       end
-    end  
-  
+    end
+
 This will allow your template users to access the name method on your User 
 objects.
 
@@ -46,7 +51,7 @@ following blog posts until a more comprehensive writeup is available:
 * Initial reasoning: [http://www.artweb-design.de/2008/2/5/sexy-theme-templating-with-haml-safemode-finally](http://www.artweb-design.de/2008/2/5/sexy-theme-templating-with-haml-safemode-finally)
 * Refined concept: [http://www.artweb-design.de/2008/2/17/sending-ruby-to-the-jail-an-attemp-on-a-haml-safemode](http://www.artweb-design.de/2008/2/17/sending-ruby-to-the-jail-an-attemp-on-a-haml-safemode)
 * ActionView ERB handler: [http://www.artweb-design.de/2008/4/22/an-erb-safemode-handler-for-actionview](http://www.artweb-design.de/2008/4/22/an-erb-safemode-handler-for-actionview)
-  
+
 ### Dependencies
 
 Requires the gems:
@@ -64,8 +69,12 @@ See lib/ruby\_parser\_string\_io\_patch.diff
 
 * Sven Fuchs - Maintainer
 * Peter Cooper
+* Ohad Levy
+* Matthias Viehweger
 
-This code and all of the Safemode library's code was initially written by 
+This code and all of the Safemode library's code was initially written by
 Sven Fuchs to allow Haml to have a safe mode. It was then modified and
 re-structured by Peter Cooper and Sven Fuchs to extend the idea to generic
 Ruby eval situations.
+
+Thanks to Ohad Levy for gemifying it.

data/Rakefile

@@ -1,3 +1,15 @@
+# encoding: utf-8
+
+require 'rubygems'
+require 'bundler'
+begin
+  Bundler.setup(:default, :development)
+rescue Bundler::BundlerError => e
+  $stderr.puts e.message
+  $stderr.puts "Run `bundle install` to install missing gems"
+  exit e.status_code
+end
+
 # optional libraries
 %w[ redgreen ].each do |lib|
   begin
@@ -5,11 +17,45 @@
   rescue LoadError
   end
 end
+require 'rake'
 
-task :default => [:test]
+require 'jeweler'
+Jeweler::Tasks.new do |gem|
+  # gem is a Gem::Specification... see http://docs.rubygems.org/read/chapter/20 for more options
+  gem.name = "safemode"
+  gem.homepage = "http://github.com/svenfuchs/safemode"
+  gem.license = "MIT"
+  gem.summary = %Q{A library for safe evaluation of Ruby code based on ParseTree/RubyParser and Ruby2Ruby}
+  gem.description = %Q{A library for safe evaluation of Ruby code based on RubyParser and Ruby2Ruby. Provides Rails ActionView template handlers for ERB and Haml.}
+  gem.email = "ohadlevy@gmail.com"
+  gem.authors = ["Sven Fuchs"]
+  # dependencies defined in Gemfile
+end
+Jeweler::RubygemsDotOrgTasks.new
 
-task :test do
-  ['test/unit', 'test/test_helper', 'test/test_all'].each do |file|
-    require file
-  end
+require 'rake/testtask'
+Rake::TestTask.new(:test) do |test|
+  test.libs << 'lib' << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+end
+
+require 'rcov/rcovtask'
+Rcov::RcovTask.new do |test|
+  test.libs << 'test'
+  test.pattern = 'test/**/test_*.rb'
+  test.verbose = true
+  test.rcov_opts << '--exclude "gems/*"'
+end
+
+task :default => :test
+
+require 'rdoc/task'
+Rake::RDocTask.new do |rdoc|
+  version = File.exist?('VERSION') ? File.read('VERSION') : ""
+
+  rdoc.rdoc_dir = 'rdoc'
+  rdoc.title = "safemode #{version}"
+  rdoc.rdoc_files.include('README*')
+  rdoc.rdoc_files.include('lib/**/*.rb')
 end

data/VERSION

@@ -0,0 +1 @@
+1.0.0

data/lib/ruby_parser_string_io_patch.diff

@@ -0,0 +1,194 @@
+--- lib/ruby_lexer.rb	2008-04-27 01:07:24.000000000 +0200
++++ lib/ruby_lexer.rb	2008-04-27 01:07:03.000000000 +0200
+@@ -45,7 +45,7 @@
+     raise "bad val: #{str.inspect}" unless String === str
+ 
+     self.file = file
+-    self.lexer.src = StringIO.new(str)
++    self.lexer.src = RubyParser::StringIO.new(str)
+ 
+     @yydebug = ENV.has_key? 'DEBUG'
+ 
+@@ -2604,104 +2604,106 @@
+   end
+ end
+ 
+-class StringIO # HACK: everything in here is a hack
+-  attr_accessor :begin_of_line, :was_begin_of_line
+-  alias :begin_of_line? :begin_of_line
+-  alias :read_all :read
++class RubyParser
++  class StringIO < StringIO # HACK: everything in here is a hack
++    attr_accessor :begin_of_line, :was_begin_of_line
++    alias :begin_of_line? :begin_of_line
++    alias :read_all :read
+ 
+-  alias :old_initialize :initialize
++    alias :old_initialize :initialize
+   
+-  def initialize(*args)
+-    self.begin_of_line = true
+-    self.was_begin_of_line = false
+-    old_initialize(*args)
+-    @original_string = self.string.dup
+-  end
++    def initialize(*args)
++      self.begin_of_line = true
++      self.was_begin_of_line = false
++      old_initialize(*args)
++      @original_string = self.string.dup
++    end
+ 
+-  def rest
+-    self.string[self.pos..-1]
+-  end
++    def rest
++      self.string[self.pos..-1]
++    end
+ 
+-  def current_line # HAHA fuck you
+-    @original_string[0..self.pos][/\A.*__LINE__/m].split(/\n/).size
+-  end
++    def current_line # HAHA fuck you
++      @original_string[0..self.pos][/\A.*__LINE__/m].split(/\n/).size
++    end
+ 
+-  def read
+-    c = self.getc
++    def read
++      c = self.getc
+ 
+-    if c == ?\r then
+-      d = self.getc
+-      self.ungetc d if d and d != ?\n
+-      c = ?\n
+-    end
++      if c == ?\r then
++        d = self.getc
++        self.ungetc d if d and d != ?\n
++        c = ?\n
++      end
+     
+-    self.was_begin_of_line = self.begin_of_line
+-    self.begin_of_line = c == ?\n
+-    if c and c != 0 then
+-      c.chr
+-    else
+-      ::RubyLexer::EOF
++      self.was_begin_of_line = self.begin_of_line
++      self.begin_of_line = c == ?\n
++      if c and c != 0 then
++        c.chr
++      else
++        ::RubyLexer::EOF
++      end
+     end
+-  end
+ 
+-  def match_string term, indent=false # TODO: add case insensitivity, or just remove
+-    buffer = []
++    def match_string term, indent=false # TODO: add case insensitivity, or just remove
++      buffer = []
+ 
+-    if indent
+-      while c = self.read do
+-        if c !~ /\s/ or c == "\n" or c == "\r" then
+-          self.unread c
+-          break
++      if indent
++        while c = self.read do
++          if c !~ /\s/ or c == "\n" or c == "\r" then
++            self.unread c
++            break
++          end
++          buffer << c
+         end
+-        buffer << c
+       end
+-    end
+ 
+-    term.each_byte do |c2|
+-      c = self.read
+-      c = self.read if c and c == "\r"
+-      buffer << c
+-      if c and c2 != c[0] then
+-        self.unread_many buffer.join # HACK omg
+-        return false
++      term.each_byte do |c2|
++        c = self.read
++        c = self.read if c and c == "\r"
++        buffer << c
++        if c and c2 != c[0] then
++          self.unread_many buffer.join # HACK omg
++          return false
++        end
+       end
++
++      return true
+     end
+ 
+-    return true
+-  end
++    def read_line
++      self.begin_of_line = true
++      self.was_begin_of_line = false
++      gets.sub(/\r\n?$/, "\n") # HACK
++    end
+ 
+-  def read_line
+-    self.begin_of_line = true
+-    self.was_begin_of_line = false
+-    gets.sub(/\r\n?$/, "\n") # HACK
+-  end
+-
+-  def peek expected = nil # FIX: barf
+-    c = self.getc
+-    return RubyLexer::EOF if c.nil?
+-    self.ungetc c if c
+-    c = c.chr if c
+-    if expected then
+-      c == expected
+-    else
+-      c
++    def peek expected = nil # FIX: barf
++      c = self.getc
++      return RubyLexer::EOF if c.nil?
++      self.ungetc c if c
++      c = c.chr if c
++      if expected then
++        c == expected
++      else
++        c
++      end
+     end
+-  end
+ 
+-  def unread(c)
+-    return if c.nil? # UGH
++    def unread(c)
++      return if c.nil? # UGH
+ 
+-    # HACK: only depth is 2... who cares? really I want to remove all of this
+-    self.begin_of_line = self.was_begin_of_line || true
+-    self.was_begin_of_line = nil
++      # HACK: only depth is 2... who cares? really I want to remove all of this
++      self.begin_of_line = self.was_begin_of_line || true
++      self.was_begin_of_line = nil
+ 
+-    c = c[0] if String === c
+-    self.ungetc c
+-  end
++      c = c[0] if String === c
++      self.ungetc c
++    end
+ 
+-  def unread_many str
+-    str.split(//).reverse.each do |c|
+-      unread c
++    def unread_many str
++      str.split(//).reverse.each do |c|
++        unread c
++      end
+     end
+   end
+ end

data/safemode.gemspec

@@ -1,14 +1,88 @@
+# Generated by jeweler
+# DO NOT EDIT THIS FILE DIRECTLY
+# Instead, edit Jeweler::Tasks in Rakefile, and run 'rake gemspec'
+# -*- encoding: utf-8 -*-
+
 Gem::Specification.new do |s|
-  s.name = %q{safemode}
-  s.version = "0.0.2"
-  s.date = %q{2011-12-17}
-  s.authors = ["sven fuchs, peter cooper, kingsley hendrickse"]
-  s.email = %q{kingsley@mindflowsolutions.com}
-  s.summary = %q{Safemode provides a simple sandbox for executing eval ruby code, as well as erb and haml}
-  s.homepage = %q{https://github.com/svenfuchs/safemode}
-  s.description = %q{Safemode provides a simple sandbox for executing eval ruby code, as well as erb and haml. Written by Sven Fuchs and Peter Cooper and packaged into a gem by Kingsley Hendrickse}
-  s.add_dependency('ruby2ruby')
-  s.files = Dir['lib/**/*.rb'] + Dir['*']
-  s.files += Dir['test/**/*.rb']
-  s.rubyforge_project = 'safemode'
-end
+  s.name = "safemode"
+  s.version = "1.0.0"
+
+  s.required_rubygems_version = Gem::Requirement.new(">= 0") if s.respond_to? :required_rubygems_version=
+  s.authors = ["Sven Fuchs"]
+  s.date = "2012-03-15"
+  s.description = "A library for safe evaluation of Ruby code based on RubyParser and Ruby2Ruby. Provides Rails ActionView template handlers for ERB and Haml."
+  s.email = "ohadlevy@gmail.com"
+  s.extra_rdoc_files = [
+    "README.markdown"
+  ]
+  s.files = [
+    "Gemfile",
+    "Gemfile.lock",
+    "LICENCSE",
+    "README.markdown",
+    "Rakefile",
+    "VERSION",
+    "demo.rb",
+    "init.rb",
+    "lib/action_view/template_handlers/safe_erb.rb",
+    "lib/action_view/template_handlers/safe_haml.rb",
+    "lib/action_view/template_handlers/safemode_handler.rb",
+    "lib/haml/safemode.rb",
+    "lib/ruby_parser_string_io_patch.diff",
+    "lib/rubyparser_bug.rb",
+    "lib/safemode.rb",
+    "lib/safemode/blankslate.rb",
+    "lib/safemode/core_ext.rb",
+    "lib/safemode/core_jails.rb",
+    "lib/safemode/exceptions.rb",
+    "lib/safemode/jail.rb",
+    "lib/safemode/parser.rb",
+    "lib/safemode/scope.rb",
+    "safemode.gemspec",
+    "test/test_all.rb",
+    "test/test_erb_eval.rb",
+    "test/test_helper.rb",
+    "test/test_jail.rb",
+    "test/test_safemode_eval.rb",
+    "test/test_safemode_parser.rb"
+  ]
+  s.homepage = "http://github.com/svenfuchs/safemode"
+  s.licenses = ["MIT"]
+  s.require_paths = ["lib"]
+  s.rubygems_version = "1.8.19"
+  s.summary = "A library for safe evaluation of Ruby code based on ParseTree/RubyParser and Ruby2Ruby"
+
+  if s.respond_to? :specification_version then
+    s.specification_version = 3
+
+    if Gem::Version.new(Gem::VERSION) >= Gem::Version.new('1.2.0') then
+      s.add_runtime_dependency(%q<ruby2ruby>, [">= 0"])
+      s.add_runtime_dependency(%q<ruby_parser>, [">= 0"])
+      s.add_development_dependency(%q<shoulda>, [">= 0"])
+      s.add_development_dependency(%q<rdoc>, ["~> 3.12"])
+      s.add_development_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_development_dependency(%q<jeweler>, ["~> 1.8.3"])
+      s.add_development_dependency(%q<rcov>, [">= 0"])
+      s.add_development_dependency(%q<rake>, [">= 0"])
+    else
+      s.add_dependency(%q<ruby2ruby>, [">= 0"])
+      s.add_dependency(%q<ruby_parser>, [">= 0"])
+      s.add_dependency(%q<shoulda>, [">= 0"])
+      s.add_dependency(%q<rdoc>, ["~> 3.12"])
+      s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+      s.add_dependency(%q<jeweler>, ["~> 1.8.3"])
+      s.add_dependency(%q<rcov>, [">= 0"])
+      s.add_dependency(%q<rake>, [">= 0"])
+    end
+  else
+    s.add_dependency(%q<ruby2ruby>, [">= 0"])
+    s.add_dependency(%q<ruby_parser>, [">= 0"])
+    s.add_dependency(%q<shoulda>, [">= 0"])
+    s.add_dependency(%q<rdoc>, ["~> 3.12"])
+    s.add_dependency(%q<bundler>, ["~> 1.0.0"])
+    s.add_dependency(%q<jeweler>, ["~> 1.8.3"])
+    s.add_dependency(%q<rcov>, [">= 0"])
+    s.add_dependency(%q<rake>, [">= 0"])
+  end
+end
+

metadata

@@ -1,48 +1,163 @@
 --- !ruby/object:Gem::Specification 
 name: safemode
 version: !ruby/object:Gem::Version 
-  prerelease: false
+  hash: 23
+  prerelease: 
   segments: 
+  - 1
   - 0
   - 0
-  - 2
-  version: 0.0.2
+  version: 1.0.0
 platform: ruby
 authors: 
-- sven fuchs, peter cooper, kingsley hendrickse
+- Sven Fuchs
 autorequire: 
 bindir: bin
 cert_chain: []
 
-date: 2011-12-17 00:00:00 +00:00
-default_executable: 
+date: 2012-03-15 00:00:00 Z
 dependencies: 
 - !ruby/object:Gem::Dependency 
   name: ruby2ruby
   prerelease: false
   requirement: &id001 !ruby/object:Gem::Requirement 
+    none: false
     requirements: 
     - - ">="
       - !ruby/object:Gem::Version 
+        hash: 3
         segments: 
         - 0
         version: "0"
   type: :runtime
   version_requirements: *id001
-description: Safemode provides a simple sandbox for executing eval ruby code, as well as erb and haml. Written by Sven Fuchs and Peter Cooper and packaged into a gem by Kingsley Hendrickse
-email: kingsley@mindflowsolutions.com
+- !ruby/object:Gem::Dependency 
+  name: ruby_parser
+  prerelease: false
+  requirement: &id002 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :runtime
+  version_requirements: *id002
+- !ruby/object:Gem::Dependency 
+  name: shoulda
+  prerelease: false
+  requirement: &id003 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id003
+- !ruby/object:Gem::Dependency 
+  name: rdoc
+  prerelease: false
+  requirement: &id004 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 31
+        segments: 
+        - 3
+        - 12
+        version: "3.12"
+  type: :development
+  version_requirements: *id004
+- !ruby/object:Gem::Dependency 
+  name: bundler
+  prerelease: false
+  requirement: &id005 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 23
+        segments: 
+        - 1
+        - 0
+        - 0
+        version: 1.0.0
+  type: :development
+  version_requirements: *id005
+- !ruby/object:Gem::Dependency 
+  name: jeweler
+  prerelease: false
+  requirement: &id006 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ~>
+      - !ruby/object:Gem::Version 
+        hash: 49
+        segments: 
+        - 1
+        - 8
+        - 3
+        version: 1.8.3
+  type: :development
+  version_requirements: *id006
+- !ruby/object:Gem::Dependency 
+  name: rcov
+  prerelease: false
+  requirement: &id007 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id007
+- !ruby/object:Gem::Dependency 
+  name: rake
+  prerelease: false
+  requirement: &id008 !ruby/object:Gem::Requirement 
+    none: false
+    requirements: 
+    - - ">="
+      - !ruby/object:Gem::Version 
+        hash: 3
+        segments: 
+        - 0
+        version: "0"
+  type: :development
+  version_requirements: *id008
+description: A library for safe evaluation of Ruby code based on RubyParser and Ruby2Ruby. Provides Rails ActionView template handlers for ERB and Haml.
+email: ohadlevy@gmail.com
 executables: []
 
 extensions: []
 
-extra_rdoc_files: []
-
+extra_rdoc_files: 
+- README.markdown
 files: 
+- Gemfile
+- Gemfile.lock
+- LICENCSE
+- README.markdown
+- Rakefile
+- VERSION
+- demo.rb
+- init.rb
 - lib/action_view/template_handlers/safe_erb.rb
 - lib/action_view/template_handlers/safe_haml.rb
 - lib/action_view/template_handlers/safemode_handler.rb
 - lib/haml/safemode.rb
+- lib/ruby_parser_string_io_patch.diff
 - lib/rubyparser_bug.rb
+- lib/safemode.rb
 - lib/safemode/blankslate.rb
 - lib/safemode/core_ext.rb
 - lib/safemode/core_jails.rb
@@ -50,49 +165,45 @@ files:
 - lib/safemode/jail.rb
 - lib/safemode/parser.rb
 - lib/safemode/scope.rb
-- lib/safemode.rb
-- demo.rb
-- init.rb
-- LICENCSE
-- Rakefile
-- README.markdown
 - safemode.gemspec
-- safemode.rb
 - test/test_all.rb
 - test/test_erb_eval.rb
 - test/test_helper.rb
 - test/test_jail.rb
 - test/test_safemode_eval.rb
 - test/test_safemode_parser.rb
-has_rdoc: true
-homepage: https://github.com/svenfuchs/safemode
-licenses: []
-
+homepage: http://github.com/svenfuchs/safemode
+licenses: 
+- MIT
 post_install_message: 
 rdoc_options: []
 
 require_paths: 
 - lib
 required_ruby_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 required_rubygems_version: !ruby/object:Gem::Requirement 
+  none: false
   requirements: 
   - - ">="
     - !ruby/object:Gem::Version 
+      hash: 3
       segments: 
       - 0
       version: "0"
 requirements: []
 
-rubyforge_project: safemode
-rubygems_version: 1.3.6
+rubyforge_project: 
+rubygems_version: 1.8.19
 signing_key: 
 specification_version: 3
-summary: Safemode provides a simple sandbox for executing eval ruby code, as well as erb and haml
+summary: A library for safe evaluation of Ruby code based on ParseTree/RubyParser and Ruby2Ruby
 test_files: []
 

data/safemode.rb

@@ -1 +0,0 @@
-require File.dirname(__FILE__) + '/lib/safemode.rb'