Class: Cadenza::FilesystemLoader

Inherits:

Object

• Object
• Cadenza::FilesystemLoader

Defined in:

lib/cadenza/filesystem_loader.rb

Overview

The FilesystemLoader is a very simple loader object which takes a given “root” directory and loads templates using the filesystem. Relative file paths from this directory should be used for template names.

This implemenation makes no attempt to be secure so upwards relative file paths could be used to load sensitive files into the output template.

“‘django

{# assuming you add /home/someuser as a loaded path #}
{{ load '../../etc/passwd' }}

“‘

If you allow loading to be used for insecure user content then consider using a more secure loader class such as ZipLoader or writing a simple loader for your database connection.

Instance Attribute Summary

• #path ⇒ String

  The path on the filesystem to load relative to.

Instance Method Summary

• #initialize(path) ⇒ FilesystemLoader constructor

  creates a new FilesystemLoader with the given filesystem directory to load templates relative to.

• #load_source(template) ⇒ String

  loads and returns the given template’s content or nil if the file was not a file object (such as a directory).

• #load_template(template) ⇒ DocumentNode

  loads and parses the given template name using Parser.

Constructor Details

#initialize(path) ⇒ FilesystemLoader

creates a new Cadenza::FilesystemLoader with the given filesystem directory to load templates relative to.

Parameters:

• path (String) —

  see #path

# File 'lib/cadenza/filesystem_loader.rb', line 25

def initialize(path)
   @path = path
end

Instance Attribute Details

#path ⇒ String

Returns the path on the filesystem to load relative to.

Returns:

• (String) —

  the path on the filesystem to load relative to

# File 'lib/cadenza/filesystem_loader.rb', line 20

def path
  @path
end

Instance Method Details

#load_source(template) ⇒ String

loads and returns the given template’s content or nil if the file was not a file object (such as a directory).

Parameters:

• template (String) —

  the name of the template to load

Returns:

• (String) —

  the content of the template

# File 'lib/cadenza/filesystem_loader.rb', line 33

def load_source(template)
   filename = File.join(path, template)

   return unless File.file?(filename)

   File.read filename
end

#load_template(template) ⇒ DocumentNode

loads and parses the given template name using Parser. If the template could not be loaded then nil is returned.

Parameters:

• template (String) —

  the name of the template to load

Returns:

• (DocumentNode) —

  the root node of the parsed AST

# File 'lib/cadenza/filesystem_loader.rb', line 45

def load_template(template)
   source = load_source(template)

   if source
      return Cadenza::Parser.new.parse(source)
   else
      return nil
   end
end