X-Git-Url: https://mudpy.org/gitweb?p=mudpy.git;a=blobdiff_plain;f=mudpy%2Fmisc.py;h=5beb3b67212ffdb6c66a36ae5b816314a0a2f4b9;hp=fca279abee5e98c7caf6ef15c6e2956264863724;hb=472e1de5356e4df0f099fe6a17ff6dab585314f3;hpb=e067958404628ee8881e132399f73a760efab8c1 diff --git a/mudpy/misc.py b/mudpy/misc.py index fca279a..5beb3b6 100644 --- a/mudpy/misc.py +++ b/mudpy/misc.py @@ -488,6 +488,7 @@ class User: self.address = "" self.authenticated = False self.avatar = None + self.choice = "" self.columns = 79 self.connection = None self.error = "" @@ -1217,7 +1218,9 @@ def weighted_choice(data): expanded.append(key) # return one at random - return random.choice(expanded) + # Whitelist the random.randrange() call in bandit since it's not used for + # security/cryptographic purposes + return random.choice(expanded) # nosec def random_name(): @@ -1264,7 +1267,9 @@ def random_name(): name = "" # create a name of random length from the syllables - for _syllable in range(random.randrange(2, 6)): + # Whitelist the random.randrange() call in bandit since it's not used for + # security/cryptographic purposes + for _syllable in range(random.randrange(2, 6)): # nosec name += weighted_choice(syllables) # strip any leading quotemark, capitalize and return the name @@ -1581,19 +1586,18 @@ def get_menu_prompt(state): def get_menu_choices(user): """Return a dict of choice:meaning.""" - menu = universe.groups["menu"][user.state] - create_choices = menu.get("create") + state = universe.groups["menu"][user.state] + create_choices = state.get("create") if create_choices: - choices = eval(create_choices) + choices = call_hook_function(create_choices, (user,)) else: choices = {} ignores = [] options = {} creates = {} - for facet in menu.facets(): - if facet.startswith("demand_") and not eval( - universe.groups["menu"][user.state].get(facet) - ): + for facet in state.facets(): + if facet.startswith("demand_") and not call_hook_function( + universe.groups["menu"][user.state].get(facet), (user,)): ignores.append(facet.split("_", 2)[1]) elif facet.startswith("create_"): creates[facet] = facet.split("_", 2)[1] @@ -1601,10 +1605,11 @@ def get_menu_choices(user): options[facet] = facet.split("_", 2)[1] for facet in creates.keys(): if not creates[facet] in ignores: - choices[creates[facet]] = eval(menu.get(facet)) + choices[creates[facet]] = call_hook_function( + state.get(facet), (user,)) for facet in options.keys(): if not options[facet] in ignores: - choices[options[facet]] = menu.get(facet) + choices[options[facet]] = state.get(facet) return choices @@ -1638,12 +1643,12 @@ def get_default_branch(state): return universe.groups["menu"][state].get("branch") -def get_choice_branch(user, choice): +def get_choice_branch(user): """Returns the new state matching the given choice.""" branches = get_menu_branches(user.state) - if choice in branches.keys(): - return branches[choice] - elif choice in user.menu_choices.keys(): + if user.choice in branches.keys(): + return branches[user.choice] + elif user.choice in user.menu_choices.keys(): return get_default_branch(user.state) else: return "" @@ -1665,17 +1670,39 @@ def get_default_action(state): return universe.groups["menu"][state].get("action") -def get_choice_action(user, choice): +def get_choice_action(user): """Run any indicated script for the given choice.""" actions = get_menu_actions(user.state) - if choice in actions.keys(): - return actions[choice] - elif choice in user.menu_choices.keys(): + if user.choice in actions.keys(): + return actions[user.choice] + elif user.choice in user.menu_choices.keys(): return get_default_action(user.state) else: return "" +def call_hook_function(fname, arglist): + """Safely execute named function with supplied arguments, return result.""" + + # all functions relative to mudpy package + function = mudpy + + for component in fname.split("."): + try: + function = getattr(function, component) + except AttributeError: + log('Could not find mudpy.%s() for arguments "%s"' + % (fname, arglist), 7) + function = None + break + if function: + try: + return function(*arglist) + except Exception: + log('Calling mudpy.%s(%s) raised an exception...\n%s' + % (fname, (*arglist,), traceback.format_exc()), 7) + + def handle_user_input(user): """The main handler, branches to a state-specific handler.""" @@ -1685,9 +1712,9 @@ def handle_user_input(user): user.send("", add_prompt=False, prepend_padding=False) # check to make sure the state is expected, then call that handler - if "handler_" + user.state in globals(): - exec("handler_" + user.state + "(user)") - else: + try: + globals()["handler_" + user.state](user) + except KeyError: generic_menu_handler(user) # since we got input, flag that the menu/prompt needs to be redisplayed @@ -1702,16 +1729,18 @@ def generic_menu_handler(user): # get a lower-case representation of the next line of input if user.input_queue: - choice = user.input_queue.pop(0) - if choice: - choice = choice.lower() + user.choice = user.input_queue.pop(0) + if user.choice: + user.choice = user.choice.lower() else: - choice = "" - if not choice: - choice = get_default_menu_choice(user.state) - if choice in user.menu_choices: - exec(get_choice_action(user, choice)) - new_state = get_choice_branch(user, choice) + user.choice = "" + if not user.choice: + user.choice = get_default_menu_choice(user.state) + if user.choice in user.menu_choices: + action = get_choice_action(user) + if action: + call_hook_function(action, (user,)) + new_state = get_choice_branch(user) if new_state: user.state = new_state else: @@ -1889,6 +1918,7 @@ def handler_active(user): ran = False if actor.can_run(command): # dereference the relative object path for the requested function + # TODO(fungi) use call_hook_function() here instead action = mudpy action_fname = command.get("action", command.key) for component in action_fname.split("."):