CheapCoder
The CheapCoder gem can censor Ruby scripts.
This allows only non-structed scripts which do not contain any shell command.
Usage
The sample code below provides a script samples/sample1.rb rejected any built-in methods, e.g. puts
and ==
(received by a constant).
require 'cheap_coder'
require 'parser/current'
CODEPATH = 'samples/sample1.rb'
expr = Parser::CurrentRuby.parse(File.read(CODEPATH))
censor = CheapCoder::Censor.new
expr = censor.process(expr)
puts Unparser.unparse(expr)
The censor rejects also any shell commands. For example, please see the censord result of samples/sample2.rb.
Whitelist
One can set a whitelist of methods.
The sample below provides a script admits the build-in puts
.
method_whitelist = %i[puts]
censor = CheapCoder::Censor.new(
allowed_methods: method_whitelist,
)
expr = censor.process(expr)
Evaluator
One can set an evaluator to a censor instance. For example, the below evaluates the ABC size metric (not strictly).
censor = CheapCoder::Censor.new(
evaluator: CheapCoder::AbcEvaluator.new
)
censor.process(expr)
censor.score # gives ABC size