绝尘
861d58d718
- Lexer/Parser/Executor 三阶段架构
- #{param} 参数化 + ${raw} 原样替换 + 白名单安全策略
- @if/@for/@tpl/@include/@namespace 控制流
- 表达式引擎: 比较、逻辑、nil 检查、len() 内置函数
- 支持 ?/$1/:1 多数据库占位符风格
- 零依赖,纯 Go 标准库实现
40 lines
859 B
Go
40 lines
859 B
Go
package utpl
|
|
|
|
import "slices"
|
|
|
|
type RawPolicy interface {
|
|
Validate(param string, value string) error
|
|
}
|
|
|
|
type RawAllowlist map[string][]string
|
|
|
|
func (a RawAllowlist) Validate(param string, value string) error {
|
|
allowed, ok := a[param]
|
|
if !ok {
|
|
return &UnsafeRawError{Param: param, Value: value, Message: "no allowlist defined"}
|
|
}
|
|
if slices.Contains(allowed, value) {
|
|
return nil
|
|
}
|
|
return &UnsafeRawError{Param: param, Value: value, Message: "value not in allowlist"}
|
|
}
|
|
|
|
type RawBlocklist map[string][]string
|
|
|
|
func (b RawBlocklist) Validate(param string, value string) error {
|
|
blocked, ok := b[param]
|
|
if !ok {
|
|
return nil
|
|
}
|
|
if slices.Contains(blocked, value) {
|
|
return &UnsafeRawError{Param: param, Value: value, Message: "value is blocked"}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
type RawNoop struct{}
|
|
|
|
func (RawNoop) Validate(string, string) error {
|
|
return nil
|
|
}
|