tina4ruby 3.10.16 → 3.10.21

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: 3b4c3594fbc563cd59432d661382280e066d4632f94d2e8244a42479d2016b10
-  data.tar.gz: 15d5e418f53d660591813dd65a7eab0ff66edb98bc4c99b6c22f062b7c36fd55
+  metadata.gz: 29aa756b32ea3d0051d1b5d26cb8b1312bb77c871fec39fea3e4ce2a8d5c5afd
+  data.tar.gz: 326553173c9e4753b6b0bf0471729c065d169d62f609c663b0c3400847e889e8
 SHA512:
-  metadata.gz: a0c02ec7be3a98f05845983cdea86f11dc9c9d6994e028fe61817daebe60bcec7b24dc07318932d66b8abd48d6145cddb6f1490b00a6fd9a2a74280a524591a6
-  data.tar.gz: a169f586a60bcd5c01b9600f3905aacb9ffa65c0cafc2e478acd31a09fbf572e94dc092b91cdf09cb02ada09fde75c04973b058a65c50a12ab7a488fea3fb96a
+  metadata.gz: 2f23cc2b84be7fdc7d7f6b9e21ce400a124a95d51b78e5d5b458313516d4aba930e166fc32120df8c1c6f317df78e3d4937b9722d3459bcfbb00cd2cd7c731c0
+  data.tar.gz: db8f5ac24ff747c59cb6b93b4877b99ac5790b3234b1f7e360d811fb002bb00618215d32fb2fa1a707108b68257de31dfd937f4c312e41f7b63f8caf65b359e7

data/lib/tina4/database.rb

@@ -313,14 +313,18 @@ module Tina4
 
     # Pre-generate the next available primary key ID using engine-aware strategies.
     #
+    # Race-safe implementation using a `tina4_sequences` table for SQLite/MySQL/MSSQL
+    # fallback. Each call atomically increments the stored counter, so concurrent
+    # callers never receive the same value.
+    #
     # - Firebird: auto-creates a generator if missing, then increments via GEN_ID.
-    # - PostgreSQL: tries nextval() on the standard sequence, falls through to MAX+1.
-    # - SQLite/MySQL/MSSQL: uses MAX(pk) + 1.
+    # - PostgreSQL: tries nextval() on the named sequence, auto-creates it if missing.
+    # - SQLite/MySQL/MSSQL: atomic UPDATE on `tina4_sequences` table.
     # - Returns 1 if the table is empty or does not exist.
     #
     # @param table [String] Table name
     # @param pk_column [String] Primary key column name (default: "id")
-    # @param generator_name [String, nil] Firebird generator name override
+    # @param generator_name [String, nil] Override for sequence/generator name
     # @return [Integer] The next available ID
     def get_next_id(table, pk_column: "id", generator_name: nil)
       drv = current_driver
@@ -338,36 +342,101 @@ module Tina4
 
         rows = drv.execute_query("SELECT GEN_ID(#{gen_name}, 1) AS NEXT_ID FROM RDB$DATABASE")
         row = rows.is_a?(Array) ? rows.first : nil
-        return (row && (row["NEXT_ID"] || row["next_id"]))&.to_i || 1
+        val = row_value(row, :NEXT_ID) || row_value(row, :next_id)
+        return val&.to_i || 1
       end
 
-      # PostgreSQL — try sequence first, fall through to MAX
+      # PostgreSQL — try sequence first, auto-create if missing
       if @driver_name == "postgres"
-        seq_name = "#{table.downcase}_#{pk_column.downcase}_seq"
+        seq_name = generator_name || "#{table.downcase}_#{pk_column.downcase}_seq"
         begin
           rows = drv.execute_query("SELECT nextval('#{seq_name}') AS next_id")
           row = rows.is_a?(Array) ? rows.first : nil
-          if row && (row["next_id"] || row["nextval"])
-            return (row["next_id"] || row["nextval"]).to_i
-          end
+          val = row_value(row, :next_id) || row_value(row, :nextval)
+          return val.to_i if val
         rescue
-          # No sequence — fall through to MAX
+          # Sequence does not exist — auto-create it seeded from MAX
+          begin
+            max_rows = drv.execute_query("SELECT COALESCE(MAX(#{pk_column}), 0) AS max_id FROM #{table}")
+            max_row = max_rows.is_a?(Array) ? max_rows.first : nil
+            max_val = row_value(max_row, :max_id)
+            start_val = max_val ? max_val.to_i + 1 : 1
+            drv.execute("CREATE SEQUENCE #{seq_name} START WITH #{start_val}")
+            drv.commit rescue nil
+            rows = drv.execute_query("SELECT nextval('#{seq_name}') AS next_id")
+            row = rows.is_a?(Array) ? rows.first : nil
+            val = row_value(row, :next_id) || row_value(row, :nextval)
+            return val&.to_i || start_val
+          rescue
+            # Fall through to sequence table fallback
+          end
         end
       end
 
-      # SQLite / MySQL / MSSQL / PostgreSQL fallback — MAX + 1
-      begin
-        rows = drv.execute_query("SELECT MAX(#{pk_column}) + 1 AS next_id FROM #{table}")
-        row = rows.is_a?(Array) ? rows.first : nil
-        next_id = row && (row["next_id"] || row["max"])
-        return next_id ? next_id.to_i : 1
-      rescue
-        return 1
-      end
+      # SQLite / MySQL / MSSQL / PostgreSQL fallback — atomic sequence table
+      seq_key = generator_name || "#{table}.#{pk_column}"
+      sequence_next(seq_key, table: table, pk_column: pk_column)
     end
 
     private
 
+    # Ensure the tina4_sequences table exists for race-safe ID generation.
+    def ensure_sequence_table
+      return if table_exists?("tina4_sequences")
+
+      drv = current_driver
+      if @driver_name == "mssql"
+        drv.execute("CREATE TABLE tina4_sequences (seq_name VARCHAR(200) NOT NULL PRIMARY KEY, current_value INTEGER NOT NULL DEFAULT 0)")
+      else
+        drv.execute("CREATE TABLE IF NOT EXISTS tina4_sequences (seq_name VARCHAR(200) NOT NULL PRIMARY KEY, current_value INTEGER NOT NULL DEFAULT 0)")
+      end
+      drv.commit rescue nil
+    end
+
+    # Atomically increment and return the next value for a named sequence.
+    # Seeds from MAX(pk_column) on first use so existing data is respected.
+    def sequence_next(seq_name, table: nil, pk_column: "id")
+      ensure_sequence_table
+      drv = current_driver
+
+      # Check if the sequence key already exists
+      rows = drv.execute_query("SELECT current_value FROM tina4_sequences WHERE seq_name = ?", [seq_name])
+      row = rows.is_a?(Array) ? rows.first : nil
+
+      if row.nil?
+        # Seed from MAX(pk_column) if table data exists
+        seed_value = 0
+        if table
+          begin
+            max_rows = drv.execute_query("SELECT MAX(#{pk_column}) AS max_id FROM #{table}")
+            max_row = max_rows.is_a?(Array) ? max_rows.first : nil
+            val = row_value(max_row, :max_id)
+            seed_value = val.to_i if val
+          rescue
+            # Table may not exist yet — start from 0
+          end
+        end
+        drv.execute("INSERT INTO tina4_sequences (seq_name, current_value) VALUES (?, ?)", [seq_name, seed_value])
+        drv.commit rescue nil
+      end
+
+      # Atomic increment
+      drv.execute("UPDATE tina4_sequences SET current_value = current_value + 1 WHERE seq_name = ?", [seq_name])
+      drv.commit rescue nil
+
+      # Read back the incremented value
+      rows = drv.execute_query("SELECT current_value FROM tina4_sequences WHERE seq_name = ?", [seq_name])
+      row = rows.is_a?(Array) ? rows.first : nil
+      val = row_value(row, :current_value)
+      val ? val.to_i : 1
+    end
+
+    # Safely extract a value from a driver result row, trying both symbol and string keys.
+    def row_value(row, key)
+      return nil unless row
+      row[key.to_sym] || row[key.to_s] || row[key.to_s.upcase] || row[key.to_s.downcase]
+    end
+
     def truthy?(val)
       %w[true 1 yes on].include?((val || "").to_s.strip.downcase)
     end

data/lib/tina4/frond.rb

@@ -34,6 +34,121 @@ module Tina4
                         '"' => """, "'" => "'" }.freeze
     HTML_ESCAPE_RE  = /[&<>"']/
 
+    # -- Compiled regex constants (optimization: avoid re-compiling in methods) --
+    EXTENDS_RE      = /\{%-?\s*extends\s+["'](.+?)["']\s*-?%\}/
+    BLOCK_RE        = /\{%-?\s*block\s+(\w+)\s*-?%\}(.*?)\{%-?\s*endblock\s*-?%\}/m
+    STRING_LIT_RE   = /\A["'](.*)["']\z/
+    INTEGER_RE      = /\A-?\d+\z/
+    FLOAT_RE        = /\A-?\d+\.\d+\z/
+    ARRAY_LIT_RE    = /\A\[(.+)\]\z/m
+    HASH_LIT_RE     = /\A\{(.+)\}\z/m
+    HASH_PAIR_RE    = /\A\s*["']?(\w+)["']?\s*:\s*(.+)\z/
+    RANGE_LIT_RE    = /\A(\d+)\.\.(\d+)\z/
+    ARITHMETIC_RE   = /\A(.+?)\s*(\+|-|\*|\/|%)\s*(.+)\z/
+    FUNC_CALL_RE    = /\A(\w+)\s*\((.*)\)\z/m
+    FILTER_WITH_ARGS_RE = /\A(\w+)\s*\((.*)\)\z/m
+    FILTER_CMP_RE   = /\A(\w+)\s*(!=|==|>=|<=|>|<)\s*(.+)\z/
+    OR_SPLIT_RE     = /\s+or\s+/
+    AND_SPLIT_RE    = /\s+and\s+/
+    IS_NOT_RE       = /\A(.+?)\s+is\s+not\s+(\w+)(.*)\z/
+    IS_RE           = /\A(.+?)\s+is\s+(\w+)(.*)\z/
+    NOT_IN_RE       = /\A(.+?)\s+not\s+in\s+(.+)\z/
+    IN_RE           = /\A(.+?)\s+in\s+(.+)\z/
+    DIVISIBLE_BY_RE = /\s*by\s*\(\s*(\d+)\s*\)/
+    RESOLVE_SPLIT_RE = /\.|\[([^\]]+)\]/
+    RESOLVE_STRIP_RE = /\A["']|["']\z/
+    DIGIT_RE        = /\A\d+\z/
+    FOR_RE          = /\Afor\s+(\w+)(?:\s*,\s*(\w+))?\s+in\s+(.+)\z/
+    SET_RE          = /\Aset\s+(\w+)\s*=\s*(.+)\z/m
+    INCLUDE_RE      = /\Ainclude\s+["'](.+?)["'](?:\s+with\s+(.+))?\z/
+    MACRO_RE        = /\Amacro\s+(\w+)\s*\(([^)]*)\)/
+    FROM_IMPORT_RE  = /\Afrom\s+["'](.+?)["']\s+import\s+(.+)/
+    CACHE_RE        = /\Acache\s+["'](.+?)["']\s*(\d+)?/
+    SPACELESS_RE    = />\s+</
+    AUTOESCAPE_RE   = /\Aautoescape\s+(false|true)/
+    STRIPTAGS_RE    = /<[^>]+>/
+    THOUSANDS_RE    = /(\d)(?=(\d{3})+(?!\d))/
+    SLUG_CLEAN_RE   = /[^a-z0-9]+/
+    SLUG_TRIM_RE    = /\A-|-\z/
+
+    # Set of common no-arg filter names that can be inlined for speed
+    INLINE_FILTERS = %w[upper lower length trim capitalize title string int escape e].each_with_object({}) { |f, h| h[f] = true }.freeze
+
+    # -- Lazy context overlay for for-loops (avoids full Hash#dup) --
+    class LoopContext
+      def initialize(parent)
+        @parent = parent
+        @local = {}
+      end
+
+      def [](key)
+        @local.key?(key) ? @local[key] : @parent[key]
+      end
+
+      def []=(key, value)
+        @local[key] = value
+      end
+
+      def key?(key)
+        @local.key?(key) || @parent.key?(key)
+      end
+      alias include? key?
+      alias has_key? key?
+
+      def fetch(key, *args, &block)
+        if @local.key?(key)
+          @local[key]
+        elsif @parent.key?(key)
+          @parent[key]
+        elsif block
+          yield key
+        elsif !args.empty?
+          args[0]
+        else
+          raise KeyError, "key not found: #{key.inspect}"
+        end
+      end
+
+      def merge(other)
+        dup_hash = to_h
+        dup_hash.merge!(other)
+        dup_hash
+      end
+
+      def merge!(other)
+        other.each { |k, v| @local[k] = v }
+        self
+      end
+
+      def dup
+        copy = LoopContext.new(@parent)
+        @local.each { |k, v| copy[k] = v }
+        copy
+      end
+
+      def to_h
+        h = @parent.is_a?(LoopContext) ? @parent.to_h : @parent.dup
+        @local.each { |k, v| h[k] = v }
+        h
+      end
+
+      def each(&block)
+        to_h.each(&block)
+      end
+
+      def respond_to_missing?(name, include_private = false)
+        @parent.respond_to?(name, include_private) || super
+      end
+
+      def is_a?(klass)
+        klass == Hash || super
+      end
+
+      def keys
+        (@parent.is_a?(LoopContext) ? @parent.keys : @parent.keys) | @local.keys
+      end
+    end
+
     # -----------------------------------------------------------------------
     # Public API
     # -----------------------------------------------------------------------
@@ -60,6 +175,15 @@ module Tina4
       @compiled         = {}  # {template_name => [tokens, mtime]}
       @compiled_strings = {}  # {md5_hash => tokens}
 
+      # Parsed filter chain cache: expr_string => [variable, filters]
+      @filter_chain_cache = {}
+
+      # Resolved dotted-path split cache: expr_string => parts_array
+      @resolve_cache = {}
+
+      # Sandbox root-var split cache: var_name => root_var_string
+      @dotted_split_cache = {}
+
       # Built-in global functions
       register_builtin_globals
     end
@@ -115,6 +239,9 @@ module Tina4
     def clear_cache
       @compiled.clear
       @compiled_strings.clear
+      @filter_chain_cache.clear
+      @resolve_cache.clear
+      @dotted_split_cache.clear
     end
 
     # Register a custom filter.
@@ -261,7 +388,7 @@ module Tina4
 
     def execute_with_tokens(source, tokens, context)
       # Handle extends first
-      if source =~ /\{%-?\s*extends\s+["'](.+?)["']\s*-?%\}/
+      if source =~ EXTENDS_RE
         parent_name = Regexp.last_match(1)
         parent_source = load_template(parent_name)
         child_blocks = extract_blocks(source)
@@ -273,7 +400,7 @@ module Tina4
 
     def execute(source, context)
       # Handle extends first
-      if source =~ /\{%-?\s*extends\s+["'](.+?)["']\s*-?%\}/
+      if source =~ EXTENDS_RE
         parent_name = Regexp.last_match(1)
         parent_source = load_template(parent_name)
         child_blocks = extract_blocks(source)
@@ -285,14 +412,14 @@ module Tina4
 
     def extract_blocks(source)
       blocks = {}
-      source.scan(/\{%-?\s*block\s+(\w+)\s*-?%\}(.*?)\{%-?\s*endblock\s*-?%\}/m) do
+      source.scan(BLOCK_RE) do
         blocks[Regexp.last_match(1)] = Regexp.last_match(2)
       end
       blocks
     end
 
     def render_with_blocks(parent_source, context, child_blocks)
-      result = parent_source.gsub(/\{%-?\s*block\s+(\w+)\s*-?%\}(.*?)\{%-?\s*endblock\s*-?%\}/m) do
+      result = parent_source.gsub(BLOCK_RE) do
         name = Regexp.last_match(1)
         default_content = Regexp.last_match(2)
         block_source = child_blocks.fetch(name, default_content)
@@ -422,7 +549,7 @@ module Tina4
           # The filter name may include a trailing comparison operator,
           # e.g. "length != 1".  Extract the real filter name and the
           # comparison suffix, apply the filter, then evaluate the comparison.
-          m = fname.match(/\A(\w+)\s*(!=|==|>=|<=|>|<)\s*(.+)\z/)
+          m = fname.match(FILTER_CMP_RE)
           if m
             real_filter = m[1]
             op = m[2]
@@ -455,7 +582,11 @@ module Tina4
 
       # Sandbox: check variable access
       if @sandbox && @allowed_vars
-        root_var = var_name.split(".")[0].split("[")[0].strip
+        root_var = @dotted_split_cache[var_name]
+        unless root_var
+          root_var = var_name.split(".")[0].split("[")[0].strip
+          @dotted_split_cache[var_name] = root_var
+        end
         return "" if !root_var.empty? && !@allowed_vars.include?(root_var) && root_var != "loop"
       end
 
@@ -473,6 +604,23 @@ module Tina4
           next
         end
 
+        # Inline common no-arg filters for speed (skip generic dispatch)
+        if args.empty? && INLINE_FILTERS.include?(fname)
+          value = case fname
+                  when "upper"      then value.to_s.upcase
+                  when "lower"      then value.to_s.downcase
+                  when "length"     then value.respond_to?(:length) ? value.length : value.to_s.length
+                  when "trim"       then value.to_s.strip
+                  when "capitalize" then value.to_s.capitalize
+                  when "title"      then value.to_s.split.map(&:capitalize).join(" ")
+                  when "string"     then value.to_s
+                  when "int"        then value.to_i
+                  when "escape", "e" then Frond.escape_html(value.to_s)
+                  else value
+                  end
+          next
+        end
+
         fn = @filters[fname]
         if fn
           evaluated_args = args.map { |a| eval_filter_arg(a, context) }
@@ -489,12 +637,47 @@ module Tina4
     end
 
     def eval_filter_arg(arg, context)
-      return Regexp.last_match(1) if arg =~ /\A["'](.*)["']\z/
-      return arg.to_i if arg =~ /\A-?\d+\z/
-      return arg.to_f if arg =~ /\A-?\d+\.\d+\z/
+      return Regexp.last_match(1) if arg =~ STRING_LIT_RE
+      return arg.to_i if arg =~ INTEGER_RE
+      return arg.to_f if arg =~ FLOAT_RE
       eval_expr(arg, context)
     end
 
+    # Find the first occurrence of +needle+ that is not inside quotes or
+    # parentheses.  Returns the index, or -1 if not found.
+    def find_outside_quotes(expr, needle)
+      in_q = nil
+      depth = 0
+      i = 0
+      nlen = needle.length
+      while i <= expr.length - nlen
+        ch = expr[i]
+        if (ch == '"' || ch == "'") && depth == 0
+          if in_q.nil?
+            in_q = ch
+          elsif ch == in_q
+            in_q = nil
+          end
+          i += 1
+          next
+        end
+        if in_q
+          i += 1
+          next
+        end
+        if ch == "("
+          depth += 1
+        elsif ch == ")"
+          depth -= 1
+        end
+        if depth == 0 && expr[i, nlen] == needle
+          return i
+        end
+        i += 1
+      end
+      -1
+    end
+
     # Find the index of a top-level ``?`` that is part of a ternary operator.
     # Respects quoted strings, parentheses, and skips ``??`` (null coalesce).
     # Returns -1 if not found.
@@ -562,13 +745,16 @@ module Tina4
     # -----------------------------------------------------------------------
 
     def parse_filter_chain(expr)
+      cached = @filter_chain_cache[expr]
+      return cached if cached
+
       parts = split_on_pipe(expr)
       variable = parts[0].strip
       filters = []
 
       parts[1..].each do |f|
         f = f.strip
-        if f =~ /\A(\w+)\s*\((.*)\)\z/m
+        if f =~ FILTER_WITH_ARGS_RE
           name = Regexp.last_match(1)
           raw_args = Regexp.last_match(2).strip
           args = raw_args.empty? ? [] : parse_args(raw_args)
@@ -578,7 +764,9 @@ module Tina4
         end
       end
 
-      [variable, filters]
+      result = [variable, filters].freeze
+      @filter_chain_cache[expr] = result
+      result
     end
 
     # Split expression on | but not inside quotes or parens.
@@ -659,8 +847,8 @@ module Tina4
       end
 
       # Numeric
-      return expr.to_i if expr =~ /\A-?\d+\z/
-      return expr.to_f if expr =~ /\A-?\d+\.\d+\z/
+      return expr.to_i if expr =~ INTEGER_RE
+      return expr.to_f if expr =~ FLOAT_RE
 
       # Boolean/null
       return true  if expr == "true"
@@ -668,17 +856,17 @@ module Tina4
       return nil   if expr == "null" || expr == "none" || expr == "nil"
 
       # Array literal [a, b, c]
-      if expr =~ /\A\[(.+)\]\z/m
+      if expr =~ ARRAY_LIT_RE
         inner = Regexp.last_match(1)
         return split_args_toplevel(inner).map { |item| eval_expr(item.strip, context) }
       end
 
       # Hash literal { key: value, ... }
-      if expr =~ /\A\{(.+)\}\z/m
+      if expr =~ HASH_LIT_RE
         inner = Regexp.last_match(1)
         hash = {}
         split_args_toplevel(inner).each do |pair|
-          if pair =~ /\A\s*["']?(\w+)["']?\s*:\s*(.+)\z/
+          if pair =~ HASH_PAIR_RE
             hash[Regexp.last_match(1)] = eval_expr(Regexp.last_match(2).strip, context)
           end
         end
@@ -686,22 +874,50 @@ module Tina4
       end
 
       # Range literal: 1..5
-      if expr =~ /\A(\d+)\.\.(\d+)\z/
+      if expr =~ RANGE_LIT_RE
         return (Regexp.last_match(1).to_i..Regexp.last_match(2).to_i).to_a
       end
 
-      # Ternary: condition ? "yes" : "no"
-      ternary = expr.match(/\A(.+?)\s*\?\s*(.+?)\s*:\s*(.+)\z/)
-      if ternary
-        cond = eval_expr(ternary[1], context)
-        return truthy?(cond) ? eval_expr(ternary[2], context) : eval_expr(ternary[3], context)
+      # Parenthesized sub-expression: (expr) — strip parens and evaluate inner
+      if expr.start_with?("(") && expr.end_with?(")")
+        depth = 0
+        matched = true
+        expr.each_char.with_index do |ch, pi|
+          depth += 1 if ch == "("
+          depth -= 1 if ch == ")"
+          if depth == 0 && pi < expr.length - 1
+            matched = false
+            break
+          end
+        end
+        return eval_expr(expr[1..-2], context) if matched
       end
 
-      # Jinja2-style inline if: value if condition else other_value
-      inline_if = expr.match(/\A(.+?)\s+if\s+(.+?)\s+else\s+(.+)\z/)
-      if inline_if
-        cond = eval_expr(inline_if[2], context)
-        return truthy?(cond) ? eval_expr(inline_if[1], context) : eval_expr(inline_if[3], context)
+      # Ternary: condition ? "yes" : "no" — quote-aware
+      q_pos = find_outside_quotes(expr, "?")
+      if q_pos > 0
+        cond_part = expr[0...q_pos].strip
+        rest = expr[(q_pos + 1)..]
+        c_pos = find_outside_quotes(rest, ":")
+        if c_pos >= 0
+          true_part = rest[0...c_pos].strip
+          false_part = rest[(c_pos + 1)..].strip
+          cond = eval_expr(cond_part, context)
+          return truthy?(cond) ? eval_expr(true_part, context) : eval_expr(false_part, context)
+        end
+      end
+
+      # Jinja2-style inline if: value if condition else other_value — quote-aware
+      if_pos = find_outside_quotes(expr, " if ")
+      if if_pos >= 0
+        else_pos = find_outside_quotes(expr, " else ")
+        if else_pos && else_pos > if_pos
+          value_part = expr[0...if_pos].strip
+          cond_part = expr[(if_pos + 4)...else_pos].strip
+          else_part = expr[(else_pos + 6)..].strip
+          cond = eval_expr(cond_part, context)
+          return truthy?(cond) ? eval_expr(value_part, context) : eval_expr(else_part, context)
+        end
       end
 
       # Null coalescing: value ?? "default"
@@ -723,7 +939,7 @@ module Tina4
       end
 
       # Arithmetic: +, -, *, /, %
-      if expr =~ /\A(.+?)\s*(\+|-|\*|\/|%)\s*(.+)\z/
+      if expr =~ ARITHMETIC_RE
         left  = eval_expr(Regexp.last_match(1), context)
         op    = Regexp.last_match(2)
         right = eval_expr(Regexp.last_match(3), context)
@@ -731,7 +947,7 @@ module Tina4
       end
 
       # Function call: name(arg1, arg2)
-      if expr =~ /\A(\w+)\s*\((.*)\)\z/m
+      if expr =~ FUNC_CALL_RE
         fn_name  = Regexp.last_match(1)
         raw_args = Regexp.last_match(2).strip
         fn = context[fn_name]
@@ -788,49 +1004,50 @@ module Tina4
     # Comparison / logical evaluator
     # -----------------------------------------------------------------------
 
-    def eval_comparison(expr, context)
+    def eval_comparison(expr, context, eval_fn = nil)
+      eval_fn ||= method(:eval_expr)
       expr = expr.strip
 
       # Handle 'not' prefix
       if expr.start_with?("not ")
-        return !eval_comparison(expr[4..], context)
+        return !eval_comparison(expr[4..], context, eval_fn)
       end
 
       # 'or' (lowest precedence)
-      or_parts = expr.split(/\s+or\s+/)
+      or_parts = expr.split(OR_SPLIT_RE)
       if or_parts.length > 1
-        return or_parts.any? { |p| eval_comparison(p, context) }
+        return or_parts.any? { |p| eval_comparison(p, context, eval_fn) }
       end
 
       # 'and'
-      and_parts = expr.split(/\s+and\s+/)
+      and_parts = expr.split(AND_SPLIT_RE)
       if and_parts.length > 1
-        return and_parts.all? { |p| eval_comparison(p, context) }
+        return and_parts.all? { |p| eval_comparison(p, context, eval_fn) }
       end
 
       # 'is not' test
-      if expr =~ /\A(.+?)\s+is\s+not\s+(\w+)(.*)\z/
+      if expr =~ IS_NOT_RE
         return !eval_test(Regexp.last_match(1).strip, Regexp.last_match(2),
-                          Regexp.last_match(3).strip, context)
+                          Regexp.last_match(3).strip, context, eval_fn)
       end
 
       # 'is' test
-      if expr =~ /\A(.+?)\s+is\s+(\w+)(.*)\z/
+      if expr =~ IS_RE
         return eval_test(Regexp.last_match(1).strip, Regexp.last_match(2),
-                         Regexp.last_match(3).strip, context)
+                         Regexp.last_match(3).strip, context, eval_fn)
       end
 
       # 'not in'
-      if expr =~ /\A(.+?)\s+not\s+in\s+(.+)\z/
-        val = eval_expr(Regexp.last_match(1).strip, context)
-        collection = eval_expr(Regexp.last_match(2).strip, context)
+      if expr =~ NOT_IN_RE
+        val = eval_fn.call(Regexp.last_match(1).strip, context)
+        collection = eval_fn.call(Regexp.last_match(2).strip, context)
         return !(collection.respond_to?(:include?) && collection.include?(val))
       end
 
       # 'in'
-      if expr =~ /\A(.+?)\s+in\s+(.+)\z/
-        val = eval_expr(Regexp.last_match(1).strip, context)
-        collection = eval_expr(Regexp.last_match(2).strip, context)
+      if expr =~ IN_RE
+        val = eval_fn.call(Regexp.last_match(1).strip, context)
+        collection = eval_fn.call(Regexp.last_match(2).strip, context)
         return collection.respond_to?(:include?) ? collection.include?(val) : false
       end
 
@@ -843,8 +1060,8 @@ module Tina4
        ["<",  ->(a, b) { a.to_f < b.to_f }]].each do |op, fn|
         if expr.include?(op)
           left, _, right = expr.partition(op)
-          l = eval_expr(left.strip, context)
-          r = eval_expr(right.strip, context)
+          l = eval_fn.call(left.strip, context)
+          r = eval_fn.call(right.strip, context)
           begin
             return fn.call(l, r)
           rescue
@@ -854,7 +1071,7 @@ module Tina4
       end
 
       # Fall through to simple eval
-      val = eval_expr(expr, context)
+      val = eval_fn.call(expr, context)
       truthy?(val)
     end
 
@@ -862,12 +1079,13 @@ module Tina4
     # Tests ('is' expressions)
     # -----------------------------------------------------------------------
 
-    def eval_test(value_expr, test_name, args_str, context)
-      val = eval_expr(value_expr, context)
+    def eval_test(value_expr, test_name, args_str, context, eval_fn = nil)
+      eval_fn ||= method(:eval_expr)
+      val = eval_fn.call(value_expr, context)
 
       # 'divisible by(n)'
       if test_name == "divisible"
-        if args_str =~ /\s*by\s*\(\s*(\d+)\s*\)/
+        if args_str =~ DIVISIBLE_BY_RE
           n = Regexp.last_match(1).to_i
           return val.is_a?(Integer) && (val % n).zero?
         end
@@ -901,14 +1119,19 @@ module Tina4
     # -----------------------------------------------------------------------
 
     def resolve(expr, context)
-      parts = expr.split(/\.|\[([^\]]+)\]/).reject(&:empty?)
+      parts = @resolve_cache[expr]
+      unless parts
+        parts = expr.split(RESOLVE_SPLIT_RE).reject(&:empty?)
+        @resolve_cache[expr] = parts
+      end
+
       value = context
 
       parts.each do |part|
-        part = part.strip.gsub(/\A["']|["']\z/, "") # strip quotes from bracket access
-        if value.is_a?(Hash)
+        part = part.strip.gsub(RESOLVE_STRIP_RE, "") # strip quotes from bracket access
+        if value.is_a?(Hash) || value.is_a?(LoopContext)
           value = value[part] || value[part.to_sym]
-        elsif value.is_a?(Array) && part =~ /\A\d+\z/
+        elsif value.is_a?(Array) && part =~ DIGIT_RE
           value = value[part.to_i]
         elsif value.respond_to?(part.to_sym)
           value = value.send(part.to_sym)
@@ -1010,7 +1233,7 @@ module Tina4
       end
 
       branches.each do |cond, branch_tokens|
-        if cond.nil? || eval_comparison(cond, context)
+        if cond.nil? || eval_comparison(cond, context, method(:eval_var_raw))
           return [render_tokens(branch_tokens.dup, context), i]
         end
       end
@@ -1021,7 +1244,7 @@ module Tina4
     # {% for item in items %}...{% else %}...{% endfor %}
     def handle_for(tokens, start, context)
       content, _, strip_a_open = strip_tag(tokens[start][1])
-      m = content.match(/\Afor\s+(\w+)(?:\s*,\s*(\w+))?\s+in\s+(.+)\z/)
+      m = content.match(FOR_RE)
       return ["", start + 1] unless m
 
       var1 = m[1]
@@ -1095,7 +1318,7 @@ module Tina4
       total = items.length
 
       items.each_with_index do |item, idx|
-        loop_ctx = context.dup
+        loop_ctx = LoopContext.new(context)
         loop_ctx["loop"] = {
           "index"     => idx + 1,
           "index0"    => idx,
@@ -1133,7 +1356,7 @@ module Tina4
 
     # {% set name = expr %}
     def handle_set(content, context)
-      if content =~ /\Aset\s+(\w+)\s*=\s*(.+)\z/m
+      if content =~ SET_RE
         name = Regexp.last_match(1)
         expr = Regexp.last_match(2).strip
         context[name] = eval_expr(expr, context)
@@ -1145,7 +1368,7 @@ module Tina4
       ignore_missing = content.include?("ignore missing")
       content = content.gsub("ignore missing", "").strip
 
-      m = content.match(/\Ainclude\s+["'](.+?)["'](?:\s+with\s+(.+))?\z/)
+      m = content.match(INCLUDE_RE)
       return "" unless m
 
       filename = m[1]
@@ -1170,7 +1393,7 @@ module Tina4
     # {% macro name(args) %}...{% endmacro %}
     def handle_macro(tokens, start, context)
       content, _, _ = strip_tag(tokens[start][1])
-      m = content.match(/\Amacro\s+(\w+)\s*\(([^)]*)\)/)
+      m = content.match(MACRO_RE)
       unless m
         i = start + 1
         while i < tokens.length
@@ -1213,7 +1436,7 @@ module Tina4
 
     # {% from "file" import macro1, macro2 %}
     def handle_from_import(content, context)
-      m = content.match(/\Afrom\s+["'](.+?)["']\s+import\s+(.+)/)
+      m = content.match(FROM_IMPORT_RE)
       return unless m
 
       filename = m[1]
@@ -1229,7 +1452,7 @@ module Tina4
           tag_content, _, _ = strip_tag(raw)
           tag = (tag_content.split[0] || "")
           if tag == "macro"
-            macro_m = tag_content.match(/\Amacro\s+(\w+)\s*\(([^)]*)\)/)
+            macro_m = tag_content.match(MACRO_RE)
             if macro_m && names.include?(macro_m[1])
               macro_name = macro_m[1]
               param_names = macro_m[2].split(",").map(&:strip).reject(&:empty?)
@@ -1269,7 +1492,7 @@ module Tina4
     # {% cache "key" ttl %}...{% endcache %}
     def handle_cache(tokens, start, context)
       content, _, _ = strip_tag(tokens[start][1])
-      m = content.match(/\Acache\s+["'](.+?)["']\s*(\d+)?/)
+      m = content.match(CACHE_RE)
       cache_key = m ? m[1] : "default"
       ttl = m && m[2] ? m[2].to_i : 60
 
@@ -1357,13 +1580,13 @@ module Tina4
       end
 
       rendered = render_tokens(body_tokens.dup, context)
-      rendered = rendered.gsub(/>\s+</, "><")
+      rendered = rendered.gsub(SPACELESS_RE, "><")
       [rendered, i]
     end
 
     def handle_autoescape(tokens, start, context)
       content, _, _ = strip_tag(tokens[start][1])
-      mode_match = content.match(/\Aautoescape\s+(false|true)/)
+      mode_match = content.match(AUTOESCAPE_RE)
       auto_escape_on = !(mode_match && mode_match[1] == "false")
 
       body_tokens = []
@@ -1434,7 +1657,7 @@ module Tina4
         "ltrim"      => ->(v, *_a) { v.to_s.lstrip },
         "rtrim"      => ->(v, *_a) { v.to_s.rstrip },
         "replace"    => ->(v, *a)  { a.length >= 2 ? v.to_s.gsub(a[0].to_s, a[1].to_s) : v.to_s },
-        "striptags"  => ->(v, *_a) { v.to_s.gsub(/<[^>]+>/, "") },
+        "striptags"  => ->(v, *_a) { v.to_s.gsub(STRIPTAGS_RE, "") },
 
         # -- Encoding --
         "escape"        => ->(v, *_a) { Frond.escape_html(v.to_s) },
@@ -1459,6 +1682,25 @@ module Tina4
         },
         "url_encode"    => ->(v, *_a) { CGI.escape(v.to_s) },
 
+        # -- JSON / JS --
+        "to_json" => ->(v, *a) {
+          indent = a[0] ? a[0].to_i : nil
+          json = indent ? JSON.pretty_generate(v) : JSON.generate(v)
+          # Escape <, >, & for safe HTML embedding
+          Tina4::SafeString.new(json.gsub("<", '\u003c').gsub(">", '\u003e').gsub("&", '\u0026'))
+        },
+        "tojson" => ->(v, *a) {
+          indent = a[0] ? a[0].to_i : nil
+          json = indent ? JSON.pretty_generate(v) : JSON.generate(v)
+          Tina4::SafeString.new(json.gsub("<", '\u003c').gsub(">", '\u003e').gsub("&", '\u0026'))
+        },
+        "js_escape" => ->(v, *_a) {
+          Tina4::SafeString.new(
+            v.to_s.gsub("\\", "\\\\").gsub("'", "\\'").gsub('"', '\\"')
+                  .gsub("\n", "\\n").gsub("\r", "\\r").gsub("\t", "\\t")
+          )
+        },
+
         # -- Hashing --
         "md5"    => ->(v, *_a) { Digest::MD5.hexdigest(v.to_s) },
         "sha256" => ->(v, *_a) { Digest::SHA256.hexdigest(v.to_s) },
@@ -1473,7 +1715,7 @@ module Tina4
           formatted = format("%.#{decimals}f", v.to_f)
           # Add comma thousands separator
           parts = formatted.split(".")
-          parts[0] = parts[0].gsub(/(\d)(?=(\d{3})+(?!\d))/, '\\1,')
+          parts[0] = parts[0].gsub(THOUSANDS_RE, '\\1,')
           parts.join(".")
         },
 
@@ -1578,7 +1820,7 @@ module Tina4
           lines << current unless current.empty?
           lines.join("\n")
         },
-        "slug"   => ->(v, *_a) { v.to_s.downcase.gsub(/[^a-z0-9]+/, "-").gsub(/\A-|-\z/, "") },
+        "slug"   => ->(v, *_a) { v.to_s.downcase.gsub(SLUG_CLEAN_RE, "-").gsub(SLUG_TRIM_RE, "") },
         "nl2br"  => ->(v, *_a) { v.to_s.gsub("\n", "<br>\n") },
         "format" => ->(v, *a) {
           if a.any?

data/lib/tina4/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Tina4
-  VERSION = "3.10.16"
+  VERSION = "3.10.21"
 end

metadata

@@ -1,7 +1,7 @@
 --- !ruby/object:Gem::Specification
 name: tina4ruby
 version: !ruby/object:Gem::Version
-  version: 3.10.16
+  version: 3.10.21
 platform: ruby
 authors:
 - Tina4 Team