loppers v1.0.0

Loppers.validate

You're seeing just the function validate, go back to Loppers module for more information.
Link to this function

validate(quoted, opts)

Specs

validate(quoted :: term(), opts :: [validate_option()]) ::
  :ok | {:error, [error()]}

Validates a syntax tree against the given whitelist.

Use Code.string_to_quoted/2 to get the syntax tree out of source code.

When no whitelist is defined, it is assumed that all function calls are ok, except when they exist in the blacklist.

Supplying both a white- and a blacklist can be useful, for example when you want to allow all functions of a module, except a few that you don't want:

iex> whitelist = Loppers.special_forms ++ [{Enum, :__all__}]
iex> blacklist = [{Enum, :map_reduce}]
iex> quoted = quote do Enum.map_reduce([], nil, &({&1, nil})) end
iex> Loppers.validate(quoted, [whitelist: whitelist, blacklist: blacklist])
{:error, [
  not_allowed: {{:., [parent_modules: []],
    [
      {:__aliases__, [parent_modules: [], alias: false], [:Enum]},
      :map_reduce
    ]}, [parent_modules: []],
   [
     [],
     nil,
     {:&, [parent_modules: []],
      [{{:&, [parent_modules: []], [1]}, nil}]}
   ]}
]}

Options

  • :whitelist - a list of function_refs that are allowed in the code
  • :blacklist - a list of function_refs that are forbidden in the code