Class: SafeYAML::Whitelist

Inherits:

Object

• Object
• SafeYAML::Whitelist

Defined in:

lib/safe_yaml/whitelist.rb

Instance Attribute Summary

• #allowed ⇒ Object readonly

  Returns the value of attribute allowed.

Instance Method Summary

• #add(*tags, &block) ⇒ Object
• #check(tag, value) ⇒ Object
• #check_value(tag, checker, value) ⇒ Object
• #initialize ⇒ Whitelist constructor

  A new instance of Whitelist.

• #remove(*tags) ⇒ Object
• #reset! ⇒ Object

Constructor Details

#initialize ⇒ Whitelist

Returns a new instance of Whitelist.

# File 'lib/safe_yaml/whitelist.rb', line 5

def initialize
  reset!
end

Instance Attribute Details

#allowed ⇒ Object (readonly)

Returns the value of attribute allowed.

# File 'lib/safe_yaml/whitelist.rb', line 3

def allowed
  @allowed
end

Instance Method Details

#add(*tags, &block) ⇒ Object

# File 'lib/safe_yaml/whitelist.rb', line 60

def add(*tags, &block)
  tags.each do |tag|
    @cached[tag] = {} if block
    @allowed[tag] = block || true
  end
end

#check(tag, value) ⇒ Object

# File 'lib/safe_yaml/whitelist.rb', line 9

def check(tag, value)
  @allowed.each do |ok, checker|
    if ok === tag
      check = check_value(ok, checker, value)
      return check if check
    end
  end
  nil
end

#check_value(tag, checker, value) ⇒ Object

# File 'lib/safe_yaml/whitelist.rb', line 19

def check_value(tag, checker, value)
  if checker == true
    return :cacheable
  end

  if @cached[tag][value]
    return :cacheable
  end

  result = checker.call(value)
  if result == :cacheable
    @cached[tag][value] = true
    return :cacheable
  elsif result
    return :allowed
  else
    return nil
  end
end

#remove(*tags) ⇒ Object

# File 'lib/safe_yaml/whitelist.rb', line 67

def remove(*tags)
  tags.each do |tag|
    @cached.delete(tag)
    @allowed.delete(tag)
  end
end

#reset! ⇒ Object

# File 'lib/safe_yaml/whitelist.rb', line 39

def reset!
  @allowed = {}
  @cached = {}
  if SafeYAML::YAML_ENGINE == "psych"
    # psych doesn't tag the default types, except for binary
    add("!binary",
        "tag:yaml.org,2002:binary")
  else
    add("tag:yaml.org,2002:str",
        "tag:yaml.org,2002:int",
        "tag:yaml.org,2002:float",
        "tag:yaml.org,2002:binary",
        "tag:yaml.org,2002:merge",
        "tag:yaml.org,2002:null",
        %r{^tag:yaml.org,2002:bool#},
        %r{^tag:yaml.org,2002:float#},
        %r{^tag:yaml.org,2002:timestamp#},
        "tag:ruby.yaml.org,2002:object:YAML::Syck::BadAlias")
  end
end