Class: Paquito::SafeYAML

Inherits:
Object
  • Object
show all
Defined in:
lib/paquito/safe_yaml.rb

Defined Under Namespace

Classes: RestrictedYAMLTree

Constant Summary collapse

ALL_SYMBOLS =

Restricting symbols isn’t really useful since symbols are no longer immortal

[].freeze
BASE_PERMITTED_CLASSNAMES = 
[
  "TrueClass",
  "FalseClass",
  "NilClass",
  "Numeric",
  "String",
  "Array",
  "Hash",
  "Integer",
  "Float",
].freeze

Instance Method Summary collapse

Constructor Details

#initialize(permitted_classes: [], deprecated_classes: [], aliases: false) ⇒ SafeYAML

Returns a new instance of SafeYAML.



18
19
20
21
22
23
24
25
26
27
28
29
30
 
# File 'lib/paquito/safe_yaml.rb', line 18

def initialize(permitted_classes: [], deprecated_classes: [], aliases: false)
  permitted_classes += BASE_PERMITTED_CLASSNAMES
  @dumpable_classes = permitted_classes
  @loadable_classes = permitted_classes + deprecated_classes
  @aliases = aliases

  @dump_options = {
    permitted_classes: permitted_classes,
    permitted_symbols: ALL_SYMBOLS,
    aliases: true,
    line_width: -1, # Disable YAML line-wrapping because it causes extremely obscure issues.
  }.freeze
end

Instance Method Details

#dump(obj) ⇒ Object 



45
46
47
48
49
50
51
 
# File 'lib/paquito/safe_yaml.rb', line 45

def dump(obj)
  visitor = RestrictedYAMLTree.create(@dump_options)
  visitor << obj
  visitor.tree.yaml(nil, @dump_options)
rescue Psych::Exception => psych_error
  raise PackError, psych_error.message
end

#load(serial) ⇒ Object 



32
33
34
35
36
37
38
39
40
41
42
43
 
# File 'lib/paquito/safe_yaml.rb', line 32

def load(serial)
  Psych.safe_load(
    serial,
    permitted_classes: @loadable_classes,
    permitted_symbols: ALL_SYMBOLS,
    aliases: @aliases,
  )
rescue Psych::DisallowedClass => psych_error
  raise UnsupportedType, psych_error.message
rescue Psych::Exception => psych_error
  raise UnpackError, psych_error.message
end