1<?php
2
3/*
4 * This file is part of Twig.
5 *
6 * (c) Fabien Potencier
7 *
8 * For the full copyright and license information, please view the LICENSE
9 * file that was distributed with this source code.
10 */
11
12namespace Twig\Node;
13
14use Twig\Compiler;
15
16/**
17 * @author Fabien Potencier <fabien@symfony.com>
18 */
19class CheckSecurityNode extends Node
20{
21    private $usedFilters;
22    private $usedTags;
23    private $usedFunctions;
24
25    public function __construct(array $usedFilters, array $usedTags, array $usedFunctions)
26    {
27        $this->usedFilters = $usedFilters;
28        $this->usedTags = $usedTags;
29        $this->usedFunctions = $usedFunctions;
30
31        parent::__construct();
32    }
33
34    public function compile(Compiler $compiler)
35    {
36        $tags = $filters = $functions = [];
37        foreach (['tags', 'filters', 'functions'] as $type) {
38            foreach ($this->{'used'.ucfirst($type)} as $name => $node) {
39                if ($node instanceof Node) {
40                    ${$type}[$name] = $node->getTemplateLine();
41                } else {
42                    ${$type}[$node] = null;
43                }
44            }
45        }
46
47        $compiler
48            ->write("\n")
49            ->write("public function checkSecurity()\n")
50            ->write("{\n")
51            ->indent()
52            ->write('static $tags = ')->repr(array_filter($tags))->raw(";\n")
53            ->write('static $filters = ')->repr(array_filter($filters))->raw(";\n")
54            ->write('static $functions = ')->repr(array_filter($functions))->raw(";\n\n")
55            ->write("try {\n")
56            ->indent()
57            ->write("\$this->sandbox->checkSecurity(\n")
58            ->indent()
59            ->write(!$tags ? "[],\n" : "['".implode("', '", array_keys($tags))."'],\n")
60            ->write(!$filters ? "[],\n" : "['".implode("', '", array_keys($filters))."'],\n")
61            ->write(!$functions ? "[]\n" : "['".implode("', '", array_keys($functions))."']\n")
62            ->outdent()
63            ->write(");\n")
64            ->outdent()
65            ->write("} catch (SecurityError \$e) {\n")
66            ->indent()
67            ->write("\$e->setSourceContext(\$this->source);\n\n")
68            ->write("if (\$e instanceof SecurityNotAllowedTagError && isset(\$tags[\$e->getTagName()])) {\n")
69            ->indent()
70            ->write("\$e->setTemplateLine(\$tags[\$e->getTagName()]);\n")
71            ->outdent()
72            ->write("} elseif (\$e instanceof SecurityNotAllowedFilterError && isset(\$filters[\$e->getFilterName()])) {\n")
73            ->indent()
74            ->write("\$e->setTemplateLine(\$filters[\$e->getFilterName()]);\n")
75            ->outdent()
76            ->write("} elseif (\$e instanceof SecurityNotAllowedFunctionError && isset(\$functions[\$e->getFunctionName()])) {\n")
77            ->indent()
78            ->write("\$e->setTemplateLine(\$functions[\$e->getFunctionName()]);\n")
79            ->outdent()
80            ->write("}\n\n")
81            ->write("throw \$e;\n")
82            ->outdent()
83            ->write("}\n\n")
84            ->outdent()
85            ->write("}\n")
86        ;
87    }
88}
89
90class_alias('Twig\Node\CheckSecurityNode', 'Twig_Node_CheckSecurity');
91