module safe

serialization :: safe

Services for safer deserialization engines

Introduced classes

class SafeDeserializer

serialization :: SafeDeserializer

Deserialization engine limiting which types can be deserialized

Redefined classes

redef abstract class Deserializer

serialization :: safe $ Deserializer

Abstract deserialization service
redef class Sys

serialization :: safe $ Sys

The main class of the program.

All class definitions

redef abstract class Deserializer

serialization :: safe $ Deserializer

Abstract deserialization service
class SafeDeserializer

serialization $ SafeDeserializer

Deserialization engine limiting which types can be deserialized
redef class Sys

serialization :: safe $ Sys

The main class of the program.
package_diagram serialization::safe safe poset poset serialization::safe->poset serialization serialization serialization::safe->serialization poset->serialization ...serialization ... ...serialization->serialization json::serialization_read serialization_read json::serialization_read->serialization::safe json::json json json::json->json::serialization_read json::json... ... json::json...->json::json

Ancestors

module abstract_collection

core :: abstract_collection

Abstract collection classes and services.
module abstract_text

core :: abstract_text

Abstract class for manipulation of sequences of characters
module array

core :: array

This module introduces the standard array structure.
module bitset

core :: bitset

Services to handle BitSet
module bytes

core :: bytes

Services for byte streams and arrays
module caching

serialization :: caching

Services for caching serialization engines
module circular_array

core :: circular_array

Efficient data structure to access both end of the sequence.
module codec_base

core :: codec_base

Base for codecs to use with streams
module codecs

core :: codecs

Group module for all codec-related manipulations
module collection

core :: collection

This module define several collection classes.
module core

core :: core

Standard classes and methods used by default by Nit programs and libraries.
module engine_tools

serialization :: engine_tools

Advanced services for serialization engines
module environ

core :: environ

Access to the environment variables of the process
module error

core :: error

Standard error-management infrastructure.
module exec

core :: exec

Invocation and management of operating system sub-processes.
module file

core :: file

File manipulations (create, read, write, etc.)
module fixed_ints

core :: fixed_ints

Basic integers of fixed-precision
module fixed_ints_text

core :: fixed_ints_text

Text services to complement fixed_ints
module flat

core :: flat

All the array-based text representations
module gc

core :: gc

Access to the Nit internal garbage collection mechanism
module hash_collection

core :: hash_collection

Introduce HashMap and HashSet.
module inspect

serialization :: inspect

Refine Serializable::inspect to show more useful information
module iso8859_1

core :: iso8859_1

Codec for ISO8859-1 I/O
module kernel

core :: kernel

Most basic classes and methods.
module list

core :: list

This module handle double linked lists
module math

core :: math

Mathematical operations
module meta

meta :: meta

Simple user-defined meta-level to manipulate types of instances as object.
module native

core :: native

Native structures for text and bytes
module numeric

core :: numeric

Advanced services for Numeric types
module protocol

core :: protocol

module queue

core :: queue

Queuing data structures and wrappers
module range

core :: range

Module for range of discrete objects.
module re

core :: re

Regular expression support for all services based on Pattern
module ropes

core :: ropes

Tree-based representation of a String.
module serialization_core

serialization :: serialization_core

Abstract services to serialize Nit objects to different formats
module sorter

core :: sorter

This module contains classes used to compare things and sorts arrays.
module stream

core :: stream

Input and output streams of characters
module text

core :: text

All the classes and methods related to the manipulation of text entities
module time

core :: time

Management of time and dates
module union_find

core :: union_find

union–find algorithm using an efficient disjoint-set data structure
module utf8

core :: utf8

Codec for UTF-8 I/O

Parents

module poset

poset :: poset

Pre order sets and partial order set (ie hierarchies)
module serialization

serialization :: serialization

General serialization services

Children

module serialization_read

json :: serialization_read

Services to read JSON: deserialize_json and JsonDeserializer

Descendants

module a_star-m

a_star-m

module api

github :: api

Nit object oriented interface to Github api.
module at_boot

android :: at_boot

Import this module to launch Service at device boot
module bundle

android :: bundle

A mapping class of String to various value types used by the
module cache

github :: cache

Enable caching on Github API accesses.
module client

gamnit :: client

Client-side network services for games and such
module common

gamnit :: common

Services common to the client and server modules
module commonmark_gen

markdown2 :: commonmark_gen

Generate Nitunit tests from commonmark specification.
module curl_json

neo4j :: curl_json

cURL requests compatible with the JSON REST APIs.
module curl_rest

curl :: curl_rest

module data_store

ios :: data_store

Implements app::data_store using NSUserDefaults
module data_store

linux :: data_store

app::data_store implementation on GNU/Linux
module data_store

android :: data_store

Implements app::data_store using shared_preferences
module error

neo4j :: error

Errors thrown by the neo4j library.
module events

github :: events

Events are emitted by Github Hooks.
module example_angular

popcorn :: example_angular

This is an example of how to use angular.js with popcorn
module github

github :: github

Nit wrapper for Github API
module graph

neo4j :: graph

Provides an interface for services on a Neo4j graphs.
module hooks

github :: hooks

Github hook event listening with nitcorn.
module http_request

app :: http_request

HTTP request services: AsyncHttpRequest and Text::http_get
module http_request

linux :: http_request

Implementation of app::http_request using GDK and Curl
module http_request

android :: http_request

Android implementation of app:http_request
module http_request

ios :: http_request

Implementation of app::http_request for iOS
module http_request_example

app :: http_request_example

Example for the app::http_request main service AsyncHttpRequest
module intent

android :: intent

Services allowing to launch activities and start/stop services using
module intent_api10

android :: intent_api10

Services allowing to launch activities and start/stop services using
module intent_api11

android :: intent_api11

Refines intent module to add API 11 services
module intent_api12

android :: intent_api12

Refines intent module to add API 12 services
module intent_api14

android :: intent_api14

Refines intent module to add API 14 services
module intent_api15

android :: intent_api15

Refines intent module to add API 15 services
module intent_api16

android :: intent_api16

Refines intent module to add API 16 services
module intent_api17

android :: intent_api17

Refines intent module to add API 17 services
module intent_api18

android :: intent_api18

Refines intent module to add API 18 services
module intent_api19

android :: intent_api19

Refines intent module to add API 19 services
module json

json :: json

Read and write JSON formatted text using the standard serialization services
module json_graph_store

neo4j :: json_graph_store

Provides JSON as a mean to store graphs.
module loader

github :: loader

module mongodb

mongodb :: mongodb

MongoDB Nit Driver.
module mpi

mpi :: mpi

Implementation of the Message Passing Interface protocol by wrapping OpenMPI
module msgpack

msgpack :: msgpack

MessagePack, an efficient binary serialization format
module msgpack_to_json

msgpack :: msgpack_to_json

Convert MessagePack format to JSON
module native_ui

android :: native_ui

Native services from the android.view and android.widget namespaces
module neo4j

neo4j :: neo4j

Neo4j connector through its JSON REST API using curl.
module network

gamnit :: network

Easy client/server logic for games and simple distributed applications
module nit_activity

android :: nit_activity

Core implementation of app.nit on Android using a custom Java entry point
module pop_auth

popcorn :: pop_auth

Authentification handlers.
module pop_json

popcorn :: pop_json

Introduce useful services for JSON REST API handlers.
module pop_repos

popcorn :: pop_repos

Repositories for data management.
module pop_templates

popcorn :: pop_templates

Template rendering for popcorn
module queries

mongodb :: queries

Mongo queries framework
module restful

nitcorn :: restful

Support module for the nitrestful tool and the restful annotation
module restful_annot

nitcorn :: restful_annot

Example for the restful annotation documented at lib/nitcorn/restful.nit
module sequential_id

neo4j :: sequential_id

Provides a sequential identification scheme for Neo4j nodes.
module serialization_read

msgpack :: serialization_read

Deserialize full Nit objects from MessagePack format
module server

gamnit :: server

Server-side network services for games and such
module service

android :: service

Android service support for app.nit centered around the class Service
module shared_preferences

android :: shared_preferences

Services allowing to save and load datas to internal android device
module shared_preferences_api10

android :: shared_preferences_api10

Services to save/load data using android.content.SharedPreferences for the android platform
module shared_preferences_api11

android :: shared_preferences_api11

Refines shared_preferences module to add API 11 services
module store

json :: store

Store and load json data.
module ui

android :: ui

Views and services to use the Android native user interface
module ui

linux :: ui

Implementation of the app.nit UI module for GNU/Linux
module ui_test

android :: ui_test

Test for app.nit's UI services
module wallet

github :: wallet

Github OAuth tokens management
module wifi

android :: wifi

Simple wrapper of the Android WiFi services 
# Services for safer deserialization engines
module safe

import poset

import serialization
private import engine_tools

# Deserialization engine limiting which types can be deserialized
class SafeDeserializer
	super Deserializer

	# Accepted parameterized classes to deserialize
	#
	# If `whitelist.empty`, all types are accepted.
	#
	# ~~~
	# import json
	#
	# class MyClass
	#     serialize
	# end
	#
	# var json_string = """
	# {"__class": "MyClass"}
	# """
	#
	# var deserializer = new JsonDeserializer(json_string)
	# var obj = deserializer.deserialize
	# assert deserializer.errors.is_empty
	# assert obj isa MyClass
	#
	# deserializer = new JsonDeserializer(json_string)
	# deserializer.whitelist.add "Array[String]"
	# deserializer.whitelist.add "AnotherAcceptedClass"
	# obj = deserializer.deserialize
	# assert deserializer.errors.length == 1
	# assert obj == null
	# ~~~
	var whitelist = new Array[Text]

	# Should objects be checked if they a subtype of the static type before deserialization?
	#
	# Defaults to `true`, as it should always be activated.
	# It can be turned off to implement the subtype check itself.
	var check_subtypes = true is writable

	# Should `self` accept to deserialize an instance of `dynamic_type` for an attribute wuth `static_type`?
	#
	# Uses `whitelist` if not empty...
	# Check correct inheritance if `check_subtypes`...
	fun accept(dynamic_type: Text, static_type: nullable Text): Bool
	do
		if whitelist.not_empty and not whitelist.has(dynamic_type) then
			errors.add new Error("Deserialization Error: '{dynamic_type}' not in whitelist")
			return false
		end

		if static_type != null and check_subtypes then
			var static_class = static_type.strip_nullable_and_params.to_s
			var dynamic_class = dynamic_type.strip_nullable_and_params.to_s
			if not class_inheritance_metamodel.has_edge(dynamic_class, static_class) then
				errors.add new Error("Deserialization Error: `{dynamic_type}` is not a subtype of the static type `{static_type}`")
				return false
			end
		end

		return true
	end
end

redef class Sys
	# Class inheritance graph, implemented by the `json` package
	#
	# ~~~
	# import json
	#
	# var hierarchy = class_inheritance_metamodel
	# assert hierarchy.has_edge("String", "Object")
	# assert not hierarchy.has_edge("Object", "String")
	# ~~~
	fun class_inheritance_metamodel: POSet[String] is abstract
end

redef class Deserializer
	redef fun deserialize_class(name)
	do
		if name == "POSet[String]" then return new POSet[String].from_deserializer(self)
		if name == "POSetElement[String]" then return new POSetElement[String].from_deserializer(self)
		if name == "HashSet[String]" then return new HashSet[String].from_deserializer(self)
		if name == "HashMap[String, POSetElement[String]]" then return new HashMap[String, POSetElement[String]].from_deserializer(self)

		return super
	end
end
lib/serialization/safe.nit:15,1--109,3
Nit standard library. Version v0.8-3595-g3f58b4f.