Type checks in use statements and parameter type hints #10
Conversation
| $node->type = new Node\Name($this->sandbox->getDefinedClass($class)); | ||
| } | ||
| if ($this->sandbox->isWhitelistedInterface($class)) | ||
| $this->sandbox->checkInterface($class); |
| } else { | ||
| $this->sandbox->validationError("Sandboxed code attempted use invalid namespace or alias!", Error::DEFINE_ALIAS_ERROR, $node); | ||
| } | ||
| if ($this->sandbox->isWhitelistedInterface($use->alias)) |
There was a problem hiding this comment.
Sorry, what does "CS :s" mean?
Also, I think I still have some flawed logic in this, I will work on this again and update the PR later.
There was a problem hiding this comment.
"Coding style": if ($this->sandbox->isWhitelistedInterface($use->alias)) { ;)
| * Test whether sandbox disallows non-whitelisted classes in parameter type hints | ||
| */ | ||
| public function testDisallowsTypeInParam(){ | ||
| $this->expectException('PHPSandbox\Error'); |
There was a problem hiding this comment.
Not sur, but use statement and Error::class ?
There was a problem hiding this comment.
In this test I'm expecting the use statement to fail even though use statements are allowed because the class I'm using is not whitelisted.
There was a problem hiding this comment.
I mean:
in top of file:
use PHPSandbox\Error;
And line 448:
$this->expectException(Error::class);
|
The |
|
Kudos, SonarCloud Quality Gate passed!
|
Manage this branch in SquashTest this branch here: https://master-63c39.squash.io |
3 participants
I've extended the code to check for whitelisted types and interfaces in parameter type hints and use statements. Even though this is not strictly required for practical sandbox constraints; for my use of this library this is very helpful. I'm not sure if this breaks other use cases; if so I can add a switch.