Add Text.Pandoc.Class.PandocSandboxed...

exporting PandocSandboxed monad and runPandocSandboxed. [API change] So far this is just a skeleton; it works just like PandocIO right now...
author: John MacFarlane <[email protected]> 2021-08-22 21:40:52 -0700
committer: John MacFarlane <[email protected]> 2021-08-22 21:40:52 -0700
commit: 197aa993a5e828f931d6e8cd986597547e42056b (patch)
tree: 2032a5a6312f7ff346b9e1836df127d239c831f4
parent: cc90dc47190e588dfdb1c053a3d14e4bdbfa9bfb (diff)
3 files changed, 20 insertions, 26 deletions
diff --git a/pandoc.cabal b/pandoc.cabal
index b90a61942..80cc082dc 100644
--- a/pandoc.cabal
+++ b/pandoc.cabal
@@ -621,6 +621,7 @@ library
                    Text.Pandoc.Class.IO,
                    Text.Pandoc.Class.PandocMonad,
                    Text.Pandoc.Class.PandocIO,
+                   Text.Pandoc.Class.PandocSandboxed,
                    Text.Pandoc.Class.PandocPure,
                    Text.Pandoc.Filter.JSON,
                    Text.Pandoc.Filter.Lua,
diff --git a/src/Text/Pandoc/Class.hs b/src/Text/Pandoc/Class.hs
index 2f28ac4dd..77df9125f 100644
--- a/src/Text/Pandoc/Class.hs
+++ b/src/Text/Pandoc/Class.hs
@@ -17,6 +17,7 @@ reading include files or images).
 module Text.Pandoc.Class
   ( module Text.Pandoc.Class.CommonState
   , module Text.Pandoc.Class.PandocIO
+  , module Text.Pandoc.Class.PandocSandboxed
   , module Text.Pandoc.Class.PandocMonad
   , module Text.Pandoc.Class.PandocPure
   , Translations
@@ -25,5 +26,6 @@ module Text.Pandoc.Class
 import Text.Pandoc.Class.CommonState (CommonState (..))
 import Text.Pandoc.Class.PandocMonad
 import Text.Pandoc.Class.PandocIO
+import Text.Pandoc.Class.PandocSandboxed
 import Text.Pandoc.Class.PandocPure
 import Text.Pandoc.Translations (Translations)
diff --git a/src/Text/Pandoc/Class/PandocSandboxed.hs b/src/Text/Pandoc/Class/PandocSandboxed.hs
index 61ee1f1c6..68ed572a8 100644
--- a/src/Text/Pandoc/Class/PandocSandboxed.hs
+++ b/src/Text/Pandoc/Class/PandocSandboxed.hs
@@ -1,23 +1,22 @@
 {-# LANGUAGE DeriveFunctor #-}
 {-# LANGUAGE GeneralizedNewtypeDeriving #-}
 {- |
-Module      : Text.Pandoc.Class.PandocIO
-Copyright   : Copyright (C) 2016-2020 Jesse Rosenthal, John MacFarlane
+Module      : Text.Pandoc.Class.PandocSandboxed
+Copyright   : Copyright (C) 2021 John MacFarlane
 License     : GNU GPL, version 2 or above
 
-Maintainer  : Jesse Rosenthal <[email protected]>
+Maintainer  : John MacFarlane <[email protected]>
 Stability   : alpha
 Portability : portable
 
-This module defines @'PandocIO'@, an IO-based instance of the
+This module defines @'PandocSandboxed'@, an IO-based instance of the
 @'PandocMonad'@ type class. File, data, and network access all are run
-using IO operators.
+using IO operators, but only a whitelisted set of resources can be
+accessed.
 -}
-module Text.Pandoc.Class.PandocIO
-  ( PandocIO(..)
-  , runIO
-  , runIOorExplode
-  , extractMedia
+module Text.Pandoc.Class.PandocSandboxed
+  ( PandocSandboxed(..)
+  , runSandboxed
  ) where
 
 import Control.Monad.Except (ExceptT, MonadError, runExceptT)
@@ -31,17 +30,12 @@ import Text.Pandoc.Error
 import qualified Text.Pandoc.Class.IO as IO
 import Control.Monad.Catch (MonadCatch, MonadMask, MonadThrow)
 
--- | Evaluate a 'PandocIO' operation.
-runIO :: PandocIO a -> IO (Either PandocError a)
-runIO ma = flip evalStateT def $ runExceptT $ unPandocIO ma
+-- | Evaluate a 'PandocSandboxed' operation.
+runSandboxed :: PandocSandboxed a -> IO (Either PandocError a)
+runSandboxed ma = flip evalStateT def $ runExceptT $ unPandocSandboxed ma
 
--- | Evaluate a 'PandocIO' operation, handling any errors
--- by exiting with an appropriate message and error status.
-runIOorExplode :: PandocIO a -> IO a
-runIOorExplode ma = runIO ma >>= handleError
-
-newtype PandocIO a = PandocIO {
-  unPandocIO :: ExceptT PandocError (StateT CommonState IO) a
+newtype PandocSandboxed a = PandocSandboxed {
+  unPandocSandboxed :: ExceptT PandocError (StateT CommonState IO) a
   } deriving ( MonadIO
              , Functor
              , Applicative
@@ -52,7 +46,7 @@ newtype PandocIO a = PandocIO {
              , MonadError PandocError
              )
 
-instance PandocMonad PandocIO where
+instance PandocMonad PandocSandboxed where
   lookupEnv = IO.lookupEnv
   getCurrentTime = IO.getCurrentTime
   getCurrentTimeZone = IO.getCurrentTimeZone
@@ -69,11 +63,8 @@ instance PandocMonad PandocIO where
   getDataFileName = IO.getDataFileName
   getModificationTime = IO.getModificationTime
 
-  getCommonState = PandocIO $ lift get
-  putCommonState = PandocIO . lift . put
+  getCommonState = PandocSandboxed $ lift get
+  putCommonState = PandocSandboxed . lift . put
 
   logOutput = IO.logOutput
 
--- | Extract media from the mediabag into a directory.
-extractMedia :: (PandocMonad m, MonadIO m) => FilePath -> Pandoc -> m Pandoc
-extractMedia = IO.extractMedia
author	John MacFarlane <[email protected]>	2021-08-22 21:40:52 -0700
committer	John MacFarlane <[email protected]>	2021-08-22 21:40:52 -0700
commit	197aa993a5e828f931d6e8cd986597547e42056b (patch)
tree	2032a5a6312f7ff346b9e1836df127d239c831f4
parent	cc90dc47190e588dfdb1c053a3d14e4bdbfa9bfb (diff)