Commit | Line | Data |
---|---|---|
7ad87df9 | 1 | package Catalyst::Action::Deserialize::Data::Serializer; |
2 | ||
930013e6 | 3 | use Moose; |
4 | use namespace::autoclean; | |
7ad87df9 | 5 | |
930013e6 | 6 | extends 'Catalyst::Action'; |
7ad87df9 | 7 | use Data::Serializer; |
0fd45d2a | 8 | use Safe; |
1bb5ad32 | 9 | use Scalar::Util qw(openhandle); |
0fd45d2a | 10 | my $compartment = Safe->new; |
11 | $compartment->permit_only( qw(padany null lineseq const pushmark list anonhash anonlist refgen leaveeval undef) ); | |
7ad87df9 | 12 | |
29f9721b | 13 | our $VERSION = '0.94'; |
f465980c | 14 | $VERSION = eval $VERSION; |
15 | ||
7ad87df9 | 16 | sub execute { |
17 | my $self = shift; | |
18 | my ( $controller, $c, $serializer ) = @_; | |
eccb2137 | 19 | |
e601adda | 20 | my $sp = $serializer; |
21 | $sp =~ s/::/\//g; | |
22 | $sp .= ".pm"; | |
23 | eval { | |
24 | require $sp | |
25 | }; | |
26 | if ($@) { | |
d4611771 | 27 | $c->log->debug("Could not load $serializer, refusing to serialize: $@") |
28 | if $c->debug; | |
e601adda | 29 | return 0; |
30 | } | |
7ad87df9 | 31 | my $body = $c->request->body; |
32 | if ($body) { | |
1bb5ad32 | 33 | my $rbody = ''; |
34 | ||
35 | if(openhandle $body) { | |
36 | seek($body, 0, 0); # in case something has already read from it | |
37 | while ( defined( my $line = <$body> ) ) { | |
7ad87df9 | 38 | $rbody .= $line; |
39 | } | |
1bb5ad32 | 40 | } else { |
41 | $rbody = $body; | |
7ad87df9 | 42 | } |
1bb5ad32 | 43 | |
e601adda | 44 | my $rdata; |
0fd45d2a | 45 | if ( $serializer eq "Data::Dumper" ) { |
46 | # Taken from Data::Serialize::Data::Dumper::deserialize, but run within a Safe compartment | |
47 | my $code = $rbody =~ /^\{/ ? "+".$rbody : $rbody; | |
48 | $rdata = $compartment->reval( $code ); | |
49 | } | |
50 | else { | |
51 | my $dso = Data::Serializer->new( serializer => $serializer ); | |
52 | eval { | |
53 | $rdata = $dso->raw_deserialize($rbody); | |
54 | }; | |
55 | } | |
e601adda | 56 | if ($@) { |
57 | return $@; | |
58 | } | |
7ad87df9 | 59 | $c->request->data($rdata); |
60 | } else { | |
eccb2137 | 61 | $c->log->debug( |
d4611771 | 62 | 'I would have deserialized, but there was nothing in the body!') |
63 | if $c->debug; | |
7ad87df9 | 64 | } |
e601adda | 65 | return 1; |
eccb2137 | 66 | } |
7ad87df9 | 67 | |
24748286 | 68 | __PACKAGE__->meta->make_immutable; |
69 | ||
7ad87df9 | 70 | 1; |