├── .dockerignore
├── .eslintrc.js
├── .formatter.exs
├── .github
├── dependabot.yml
└── workflows
│ └── elixir.yml
├── .gitignore
├── .tool-versions
├── Dockerfile
├── LICENSE.md
├── Procfile
├── README.md
├── assets
├── .babelrc
├── css
│ └── app.css
├── js
│ └── app.js
└── tailwind.config.js
├── config
├── config.exs
├── dev.exs
├── prod.exs
├── runtime.exs
└── test.exs
├── elixir_buildpack.config
├── fly.toml
├── lib
├── elixir_console.ex
├── elixir_console
│ ├── application.ex
│ ├── autocomplete.ex
│ ├── contextual_help.ex
│ ├── documentation.ex
│ ├── elixir_safe_parts.ex
│ ├── sandbox.ex
│ └── sandbox
│ │ ├── allowed_elixir_modules.ex
│ │ ├── code_executor.ex
│ │ ├── command_validator.ex
│ │ ├── erlang_modules_absence.ex
│ │ ├── exclude_conversion_to_atoms.ex
│ │ ├── runtime_validations.ex
│ │ ├── safe_kernel_functions.ex
│ │ └── util.ex
├── elixir_console_web.ex
└── elixir_console_web
│ ├── endpoint.ex
│ ├── live
│ ├── console_live.ex
│ ├── console_live
│ │ ├── command_input_component.ex
│ │ ├── helpers.ex
│ │ ├── history_component.ex
│ │ └── sidebar_component.ex
│ └── live_monitor.ex
│ ├── plugs
│ └── heroku_redirect.ex
│ ├── router.ex
│ ├── templates
│ └── layout
│ │ ├── live.html.heex
│ │ └── root.html.heex
│ └── views
│ ├── error_view.ex
│ └── layout_view.ex
├── mix.exs
├── mix.lock
├── phoenix_static_buildpack.config
├── priv
└── gettext
│ ├── en
│ └── LC_MESSAGES
│ │ └── errors.po
│ └── errors.pot
└── test
├── elixir_console
├── autocomplete_test.exs
├── contextual_help_test.exs
├── sandbox
│ ├── command_validator_test.exs
│ └── runtime_validations_test.exs
└── sandbox_test.exs
├── elixir_console_web
├── features
│ └── console_test.exs
├── live
│ └── console_live_test.exs
└── views
│ ├── error_view_test.exs
│ └── layout_view_test.exs
├── support
└── conn_case.ex
└── test_helper.exs
/.dockerignore:
--------------------------------------------------------------------------------
1 | # This file excludes paths from the Docker build context.
2 | #
3 | # By default, Docker's build context includes all files (and folders) in the
4 | # current directory. Even if a file isn't copied into the container it is still sent to
5 | # the Docker daemon.
6 | #
7 | # There are multiple reasons to exclude files from the build context:
8 | #
9 | # 1. Prevent nested folders from being copied into the container (ex: exclude
10 | # /assets/node_modules when copying /assets)
11 | # 2. Reduce the size of the build context and improve build time (ex. /build, /deps, /doc)
12 | # 3. Avoid sending files containing sensitive information
13 | #
14 | # More information on using .dockerignore is available here:
15 | # https://docs.docker.com/engine/reference/builder/#dockerignore-file
16 |
17 | .dockerignore
18 |
19 | # Ignore git, but keep git HEAD and refs to access current commit hash if needed:
20 | #
21 | # $ cat .git/HEAD | awk '{print ".git/"$2}' | xargs cat
22 | # d0b8727759e1e0e7aa3d41707d12376e373d5ecc
23 | .git
24 | !.git/HEAD
25 | !.git/refs
26 |
27 | # Common development/test artifacts
28 | /cover/
29 | /doc/
30 | /test/
31 | /tmp/
32 | .elixir_ls
33 |
34 | # Mix artifacts
35 | /_build/
36 | /deps/
37 | *.ez
38 |
39 | # Generated on crash by the VM
40 | erl_crash.dump
41 |
42 | # Static artifacts - These should be fetched and built inside the Docker image
43 | /assets/node_modules/
44 | /priv/static/assets/
45 | /priv/static/cache_manifest.json
46 |
--------------------------------------------------------------------------------
/.eslintrc.js:
--------------------------------------------------------------------------------
1 | /*eslint-env node*/
2 | module.exports = {
3 | "parserOptions": {
4 | "ecmaVersion": 6,
5 | "sourceType": "module"
6 | },
7 | "env": {
8 | "browser": true
9 | },
10 | "globals": {
11 | "require": "readonly",
12 | "__dirname": "readonly",
13 | "module": "writable"
14 | },
15 | 'rules': {
16 | 'camelcase': 2,
17 | 'comma-dangle': [2, 'never'],
18 | 'comma-style': [2, 'last'],
19 | 'eqeqeq': 2,
20 | 'indent': [2, 2, { 'VariableDeclarator': 2 }],
21 | 'no-eq-null': 2,
22 | 'no-extra-parens': 2,
23 | 'no-extra-semi': 2,
24 | 'no-lonely-if': 2,
25 | 'no-multi-spaces': 0,
26 | 'no-nested-ternary': 2,
27 | 'no-param-reassign': 2,
28 | 'no-self-compare': 2,
29 | 'no-shadow': 2,
30 | 'no-throw-literal': 2,
31 | 'no-undef': 2,
32 | 'no-underscore-dangle': 0,
33 | 'no-void': 2,
34 | 'quotes': [2, 'single'],
35 | 'semi': [2, 'always']
36 | }
37 | };
--------------------------------------------------------------------------------
/.formatter.exs:
--------------------------------------------------------------------------------
1 | [
2 | import_deps: [:phoenix],
3 | inputs: ["*.{ex,exs}", "{config,lib,test}/**/*.{ex,exs}"]
4 | ]
5 |
--------------------------------------------------------------------------------
/.github/dependabot.yml:
--------------------------------------------------------------------------------
1 | # Documentation for all configuration options:
2 | # https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
3 |
4 | version: 2
5 | updates:
6 | - package-ecosystem: "mix"
7 | directory: "/" # Location of package manifests
8 | schedule:
9 | interval: "weekly"
10 | open-pull-requests-limit: 2
11 |
--------------------------------------------------------------------------------
/.github/workflows/elixir.yml:
--------------------------------------------------------------------------------
1 | name: Elixir CI
2 |
3 | on: push
4 |
5 | jobs:
6 | build:
7 | name: Build and test
8 | runs-on: ubuntu-20.04
9 |
10 | steps:
11 | - uses: actions/checkout@v2
12 | - name: Set up Elixir
13 | uses: erlef/setup-beam@v1
14 | with:
15 | elixir-version: '1.13.2'
16 | otp-version: '24.0.6'
17 | - name: Restore dependencies cache
18 | uses: actions/cache@v2
19 | with:
20 | path: deps
21 | key: ${{ runner.os }}-mix-${{ hashFiles('**/mix.lock') }}
22 | restore-keys: ${{ runner.os }}-mix-
23 | - name: Install mix dependencies
24 | run: mix deps.get
25 | - name: Check unused mix dependencies
26 | run: mix deps.unlock --check-unused
27 | - name: Check code format
28 | run: mix format --check-formatted
29 | - name: Compile elixir deps
30 | run: MIX_ENV=test mix deps.compile
31 | - name: Compile elixir project
32 | run: MIX_ENV=test mix compile --force --warnings-as-errors
33 | - name: Run tests
34 | run: mix test
35 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | # The directory Mix will write compiled artifacts to.
2 | /_build/
3 |
4 | # If you run "mix test --cover", coverage assets end up here.
5 | /cover/
6 |
7 | # The directory Mix downloads your dependencies sources to.
8 | /deps/
9 |
10 | # Where 3rd-party dependencies like ExDoc output generated docs.
11 | /doc/
12 |
13 | # Ignore .fetch files in case you like to edit your project deps locally.
14 | /.fetch
15 |
16 | # If the VM crashes, it generates a dump, let's ignore it too.
17 | erl_crash.dump
18 |
19 | # Also ignore archive artifacts (built via "mix archive.build").
20 | *.ez
21 |
22 | # Ignore package tarball (built via "mix hex.build").
23 | elixir_console-*.tar
24 |
25 | # If NPM crashes, it generates a log, let's ignore it too.
26 | npm-debug.log
27 |
28 | # The directory NPM downloads your dependencies sources to.
29 | /assets/node_modules/
30 |
31 | # Since we are building assets from assets/,
32 | # we ignore priv/static. You may want to comment
33 | # this depending on your deployment strategy.
34 | /priv/static/
35 |
36 | # elixir files
37 | .elixir_ls/
38 |
39 | /screenshots
40 |
--------------------------------------------------------------------------------
/.tool-versions:
--------------------------------------------------------------------------------
1 | elixir 1.13.2-otp-24
2 | erlang 24.0.6
3 | nodejs 16.9.1
4 |
--------------------------------------------------------------------------------
/Dockerfile:
--------------------------------------------------------------------------------
1 | # Find eligible builder and runner images on Docker Hub. We use Ubuntu/Debian instead of
2 | # Alpine to avoid DNS resolution issues in production.
3 | #
4 | # https://hub.docker.com/r/hexpm/elixir/tags?page=1&name=ubuntu
5 | # https://hub.docker.com/_/ubuntu?tab=tags
6 | #
7 | #
8 | # This file is based on these images:
9 | #
10 | # - https://hub.docker.com/r/hexpm/elixir/tags - for the build image
11 | # - https://hub.docker.com/_/debian?tab=tags&page=1&name=bullseye-20210902-slim - for the release image
12 | # - https://pkgs.org/ - resource for finding needed packages
13 | # - Ex: hexpm/elixir:1.13.2-erlang-24.0.6-debian-bullseye-20210902-slim
14 | #
15 | ARG ELIXIR_VERSION=1.13.2
16 | ARG OTP_VERSION=24.0.6
17 | ARG DEBIAN_VERSION=bullseye-20210902-slim
18 |
19 | ARG BUILDER_IMAGE="hexpm/elixir:${ELIXIR_VERSION}-erlang-${OTP_VERSION}-debian-${DEBIAN_VERSION}"
20 | ARG RUNNER_IMAGE="debian:${DEBIAN_VERSION}"
21 |
22 | FROM ${BUILDER_IMAGE} as builder
23 |
24 | # install build dependencies
25 | RUN apt-get update -y && apt-get install -y build-essential git \
26 | && apt-get clean && rm -f /var/lib/apt/lists/*_*
27 |
28 | # prepare build dir
29 | WORKDIR /app
30 |
31 | # install hex + rebar
32 | RUN mix local.hex --force && \
33 | mix local.rebar --force
34 |
35 | # set build ENV
36 | ENV MIX_ENV="prod"
37 |
38 | # install mix dependencies
39 | COPY mix.exs mix.lock ./
40 | RUN mix deps.get --only $MIX_ENV
41 | RUN mkdir config
42 |
43 | # copy compile-time config files before we compile dependencies
44 | # to ensure any relevant config change will trigger the dependencies
45 | # to be re-compiled.
46 | COPY config/config.exs config/${MIX_ENV}.exs config/
47 | RUN mix deps.compile
48 |
49 | COPY priv priv
50 |
51 | COPY lib lib
52 |
53 | COPY assets assets
54 |
55 | # # compile assets
56 | RUN mix assets.deploy
57 |
58 | # Compile the release
59 | RUN mix compile
60 |
61 | # Changes to config/runtime.exs don't require recompiling the code
62 | COPY config/runtime.exs config/
63 |
64 | COPY rel rel
65 | RUN mix release
66 |
67 | # start a new build stage so that the final image will only contain
68 | # the compiled release and other runtime necessities
69 | FROM ${RUNNER_IMAGE}
70 |
71 | RUN apt-get update -y && apt-get install -y libstdc++6 openssl libncurses5 locales \
72 | && apt-get clean && rm -f /var/lib/apt/lists/*_*
73 |
74 | # Set the locale
75 | RUN sed -i '/en_US.UTF-8/s/^# //g' /etc/locale.gen && locale-gen
76 |
77 | ENV LANG en_US.UTF-8
78 | ENV LANGUAGE en_US:en
79 | ENV LC_ALL en_US.UTF-8
80 |
81 | # Appended by flyctl
82 | ENV ECTO_IPV6 true
83 | ENV ERL_AFLAGS "-proto_dist inet6_tcp"
84 |
85 | WORKDIR "/app"
86 | RUN chown nobody /app
87 |
88 | # set runner ENV
89 | ENV MIX_ENV="prod"
90 |
91 | # Only copy the final release from the build stage
92 | COPY --from=builder --chown=nobody:root /app/_build/${MIX_ENV}/rel/elixir_console ./
93 |
94 | USER nobody
95 |
96 | CMD ["/app/bin/server"]
--------------------------------------------------------------------------------
/LICENSE.md:
--------------------------------------------------------------------------------
1 | # MIT License
2 |
3 | Copyright (c) 2019 WyeWorks
4 |
5 | Permission is hereby granted, free of charge, to any person obtaining
6 | a copy of this software and associated documentation files (the
7 | "Software"), to deal in the Software without restriction, including
8 | without limitation the rights to use, copy, modify, merge, publish,
9 | distribute, sublicense, and/or sell copies of the Software, and to
10 | permit persons to whom the Software is furnished to do so, subject to
11 | the following conditions:
12 |
13 | The above copyright notice and this permission notice shall be
14 | included in all copies or substantial portions of the Software.
15 |
16 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
17 | EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
18 | MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
19 | NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
20 | LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
21 | OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
22 | WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--------------------------------------------------------------------------------
/Procfile:
--------------------------------------------------------------------------------
1 | web: mix phx.server
--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
1 | [](https://travis-ci.org/wyeworks/elixir_console)
2 |
3 | ---
4 |
5 | # Elixir Web Console
6 |
7 | The [Elixir Web Console](https://elixirconsole.wyeworks.com/) is a virtual place where people can try the [Elixir language](https://elixir-lang.org/) without the need to leave the browser or installing it on their computers. While this is a project in its early stages, we hope this is a contribution to the effort to promote the language, providing a convenient way to assess the capabilities of this technology. We would love to hear ideas about how to extend this project to serve this purpose better (see the Contributing section).
8 |
9 | This project is inspired in existing playground sites from distinct communities, such as [SwiftPlayground](http://online.swiftplayground.run/) and [Rust Playground](https://play.rust-lang.org/), yet, it is unique because it aims to mimic the [Elixir interactive shell (iEX)](https://hexdocs.pm/iex/IEx.html).
10 |
11 | # Features
12 |
13 | * Bindings are persisted through the current session. Users can assign values to variables. They will remain visible at the side of the screen.
14 | * Pressing the Tab key displays a list of suggestions based on what the user is currently typing in the command input. If only one option is available, the word is autocompleted. It will help to discover modules and public functions. Existing binding names are also taken into account to form the list of suggestions.
15 | * The console presents the history of executed commands and results. The sidebar will display the documentation of Elixir functions when the user clicks on them.
16 | * There is easy access to already-executed commands pressing Up and Down keys when the focus is in the command input.
17 |
18 | 
19 |
20 | # Where my Elixir code is executed?
21 |
22 | Unlike other playground projects, it does not rely on spawning sandbox nodes or additional servers to run the code. The Elixir application that is also serving the web page is also responsible for executing the user code.
23 |
24 | Of course, there are plenty of security considerations related to the execution of untrusted code. However, we came up with a solution that allows us to execute them directly on our Elixir backend (see next section).
25 |
26 | The system executes every submitted command in the context of a dedicated process. Note that subsequent invocations to `self()` will return the same PID value. Since this is an isolated process, the executed code should not interfere with the LiveView channel or any other process in the system.
27 |
28 | # How much Elixir can I run in the web console?
29 |
30 | As you might guess, not all Elixir code coming from unknown people on the internet is safe to execute in our online console. The system checks the code before running it. Code relying on certain parts of the language will cause an error message explaining the limitations to the user.
31 |
32 | ## Elixir safe modules and Kernel functions
33 |
34 | The console has a whitelist that includes modules and functions of Elixir considered safe to execute. The system will inform about this limitation when users attempt to use disallowed stuff, such as modules providing access to the file system, the network, and the operating system, among others.
35 |
36 | Moreover, the mentioned whitelist does exclude the metaprogramming functionality of Elixir. The functions [`Kernel.apply/2`](https://hexdocs.pm/elixir/Kernel.html#apply/2) and [`Kernel.apply/3`](https://hexdocs.pm/elixir/Kernel.html#apply/3) are also out of the whitelist to prevent the indirect invocation of not-secure functions.
37 |
38 | The AST of the user code is verified before its actual execution, checking if the function invocations are not dangerous. However, some cases are impossible to detect by only inspecting at the code. For this reason, a layer of runtime validations exists as well, providing an additional way to detect non-secure invocations that only happens when the user code computes the callee at runtime. Both approaches have some overlap, and the design of the solution has room for improvement, so we expect to work on having a more refined solution shortly.
39 |
40 | ## Processes
41 |
42 | The console currently does not allow the usage of the module `Process` and other parts of Elixir related to processes. Existing resource usage limitations (see next section) would be much harder to enforce if users were permitted to spawn processes. Similarly, the functions `send` and `receive` are restricted to avoid integrity and security problems.
43 |
44 | **This limitation does not make us happy** because it would be valuable to let people play with processes within our interactive shell. We are currently thinking about manners to include those modules and functions within the whitelist. Extra precaution is needed to implement it due to possible security implications.
45 |
46 | ## The problem with atoms
47 |
48 | It represents a tricky issue for our web console because in Elixir/Erlang atoms are never garbage collected. Therefore, each atom created by users code will be added to the global list of existing atoms. It means that, eventually, the [maximum number of atoms](http://erlang.org/doc/efficiency_guide/advanced.html#atoms) will be reached, causing a server crash.
49 |
50 | We consider this issue is not an impediment to have the server operating, at least for now. In case of a crash due to the overflow of atoms, Heroku will automatically restart the application.
51 |
52 | When the server is restarted, any existing sessions are lost. Of course, it would be problematic if it happens often. We are monitoring the server to diagnose the relevance of this issue better. Hopefully, it will require some server restart from time to time, and we have some ideas to automate it in the future.
53 |
54 | To mitigate this problem, the function `String.to_atom/1` is not available in the console limiting the creation of a large number of atoms programmatically.
55 |
56 | We are confident that the number of created atoms will grow relatively slow, giving us time to restore the server if this is ever needed.
57 |
58 | # Other limitations
59 |
60 | The execution of code in this console is limited by the backend logic in additional ways in an attempt to preserve the server health and being able to attend a more significant number of users.
61 |
62 | Each submitted command should run in a limited number of seconds; otherwise, a timeout error is returned. Moreover, the execution of the piece of code must respect a memory usage limit.
63 |
64 | The length of the command itself (the number of characters) is limited as well. This restriction exists due to security and resource-saving reasons.
65 |
66 | # Roadmap
67 |
68 | While a refined ongoing plan does not exist yet, the following is a list of possible improvements.
69 |
70 | * Add the ability to write multiline code.
71 | * Extract the Elixir Sandbox functionality to a package.
72 | * Allow spawning a limited amount of processes.
73 | * Try to permit the definition of modules and structs.
74 | * Implement sandboxed versions of individual restricted modules and functions (for example, a fake implementation of the filesystem functions).
75 | * Provide controlled access to additional concurrency-related functionality (send/receive, Agent, GenServer), if possible.
76 | * Overcome the problem with atoms (we are working on a prototype to confirm if this is feasible).
77 |
78 | # About this project
79 |
80 | This project was initially implemented to participate in the [Phoenix Phrenzy](https://phoenixphrenzy.com) contest. It is an example of the capabilities of [Phoenix](https://phoenixframework.org/) and [LiveView](https://github.com/phoenixframework/phoenix_live_view).
81 |
82 | Beyond its primary purpose, this is a research initiative. We are exploring the implications of executing untrusted Elixir code in a sandboxed manner. In particular, we want to solve it without using extra infrastructure, being as accessible and easy to use as possible. We have plans to create a package that includes the sandbox functionality. This package would enable the usage of Elixir as a scripting language (although we are not sure if this is a good idea).
83 |
84 | # Special Thanks
85 |
86 | The authors of the project are [Noelia](https://github.com/noelia-lencina), [Ignacio](https://github.com/iaguirre88), [Javier](https://github.com/JavierM42), and [Jorge](https://github.com/jmbejar). Special thanks to [WyeWorks](https://www.wyeworks.com) for providing working hours to dedicate to this project.
87 |
88 | We also want to publicly thanks [Marcelo Dominguez](https://github.com/marpo60), [Allen Madsen](https://github.com/noelia-lencina), [Gabriel Roldán](https://github.com/luisgabrielroldan), [Luis Ferreira](https://github.com/hidnasio), and [
89 | Ben Hu](https://github.com/Ben-Hu) for testing the console and reporting several security issues.
90 |
91 | # Contributing
92 |
93 | Please feel free to open issues or pull requests. Both things will help us to extend and improve the Elixir Web Console 🎉
94 | We know that security vulnerabilities probably exist due to the nature of the technical challenge. If you have found a security issue, please send us a note privately at [elixir-console-security@wyeworks.com](mailto:elixir-console-security@wyeworks.com).
95 |
96 | ## Runing tests
97 |
98 | ```
99 | $ mix test
100 | ```
101 |
102 | To run feature tests Wallaby [requires](https://hexdocs.pm/wallaby/Wallaby.Chrome.html#module-notes) you to have Chrome or Chromedriver in your PATH.
103 |
104 | Headful mode:
105 |
106 | ```
107 | $ HEADLESS=false mix test
108 | ```
109 |
110 | # License
111 |
112 | Elixir Web Console is released under the [MIT License](https://github.com/wyeworks/elixir_console/blob/master/LICENSE.md).
113 |
--------------------------------------------------------------------------------
/assets/.babelrc:
--------------------------------------------------------------------------------
1 | {
2 | "presets": [
3 | "@babel/preset-env"
4 | ]
5 | }
6 |
--------------------------------------------------------------------------------
/assets/css/app.css:
--------------------------------------------------------------------------------
1 | /* This file is for your main application css. */
2 |
3 | /* csslint ignore:start */
4 | @tailwind base;
5 | @tailwind components;
6 | @tailwind utilities;
7 | /* csslint ignore:end */
8 |
9 | .live-view-parent > div {
10 | height: 100%;
11 | }
12 |
13 | body {
14 | font-family: 'Fira Mono', monospace;
15 | }
16 |
17 | /* extending tailwind provided classes */
18 | .max-h-1\/3 {
19 | max-height: 33%;
20 | }
21 |
22 | /* styling contextual help (Utility-first paradigm is not useful here since it's inserted raw) */
23 | .contextual-help-doc h2 { /* csslint allow: qualified-headings */
24 | margin-bottom: 0.5rem;
25 | margin-top: 0.5rem;
26 | }
27 |
28 | .contextual-help-doc pre {
29 | @apply bg-teal-900;
30 | @apply text-teal-300;
31 | border-radius: 4px;
32 | margin-bottom: 0.5rem;
33 | padding: 0.25rem 0.5rem;
34 | white-space: pre-wrap;
35 | }
36 |
37 | .contextual-help-doc p > code {
38 | @apply bg-teal-900;
39 | @apply text-teal-300;
40 | border-radius: 2px;
41 | padding: 0.25rem;
42 | }
43 |
--------------------------------------------------------------------------------
/assets/js/app.js:
--------------------------------------------------------------------------------
1 | import "phoenix_html"
2 | import {Socket} from "phoenix"
3 | import {LiveSocket} from "phoenix_live_view"
4 |
5 | let Hooks = {};
6 | Hooks.CommandInput = {
7 | mounted() {
8 | const el = this.el;
9 | this.handleEvent("reset", () => {
10 | el.value = "";
11 | });
12 | el.addEventListener("keydown", (e) => {
13 | if (e.code === "Tab") {
14 | this.pushEventTo(
15 | "#commandInput",
16 | "suggest",
17 | {"value": el.value, "caret_position": el.selectionEnd}
18 | );
19 | } else if (e.code === "ArrowUp") {
20 | this.pushEventTo("#commandInput", "cycle_history_up");
21 | } else if (e.code === "ArrowDown") {
22 | this.pushEventTo("#commandInput", "cycle_history_down");
23 | }
24 | });
25 | },
26 | updated() {
27 | const newValue = this.el.dataset.input_value;
28 | const newCaretPosition = parseInt(this.el.dataset.caret_position);
29 |
30 | if (newValue !== "") {
31 | this.el.value = newValue;
32 | this.el.setSelectionRange(newCaretPosition, newCaretPosition);
33 | }
34 | }
35 | };
36 |
37 | let csrfToken = document.querySelector("meta[name='csrf-token']").getAttribute("content")
38 | /* eslint-disable camelcase */
39 | let liveSocket = new LiveSocket(
40 | "/live",
41 | Socket,
42 | {
43 | params: {_csrf_token: csrfToken},
44 | hooks: Hooks,
45 | metadata: {
46 | keydown: (_e, el) => {
47 | return {caret_position: el.selectionEnd};
48 | }
49 | }
50 | }
51 | );
52 | /* eslint-enable camelcase */
53 |
54 | // connect if there are any LiveViews on the page
55 | liveSocket.connect()
56 |
57 | // expose liveSocket on window for web console debug logs and latency simulation:
58 | // >> liveSocket.enableDebug()
59 | // >> liveSocket.enableLatencySim(1000) // enabled for duration of browser session
60 | // >> liveSocket.disableLatencySim()
61 | window.liveSocket = liveSocket
62 |
63 | document.addEventListener("DOMContentLoaded", () => {
64 | const input = document.getElementById("commandInput");
65 | input.addEventListener("keydown", (e) => {
66 | if (e.code === "Tab") {
67 | e.preventDefault();
68 | }
69 | }, true);
70 | });
71 |
--------------------------------------------------------------------------------
/assets/tailwind.config.js:
--------------------------------------------------------------------------------
1 | // See the Tailwind configuration guide for advanced usage
2 | // https://tailwindcss.com/docs/configuration
3 |
4 | let plugin = require('tailwindcss/plugin');
5 | const colors = require('tailwindcss/colors');
6 |
7 | module.exports = {
8 | content: [
9 | './js/**/*.js',
10 | '../lib/*_web.ex',
11 | '../lib/*_web/**/*.*ex'
12 | ],
13 | theme: {
14 | extend: {
15 | colors: {
16 | teal: colors.teal
17 | }
18 | },
19 | },
20 | plugins: [
21 | require('@tailwindcss/forms'),
22 | plugin(({addVariant}) => addVariant('phx-no-feedback', ['&.phx-no-feedback', '.phx-no-feedback &'])),
23 | plugin(({addVariant}) => addVariant('phx-click-loading', ['&.phx-click-loading', '.phx-click-loading &'])),
24 | plugin(({addVariant}) => addVariant('phx-submit-loading', ['&.phx-submit-loading', '.phx-submit-loading &'])),
25 | plugin(({addVariant}) => addVariant('phx-change-loading', ['&.phx-change-loading', '.phx-change-loading &']))
26 | ]
27 | }
28 |
--------------------------------------------------------------------------------
/config/config.exs:
--------------------------------------------------------------------------------
1 | # This file is responsible for configuring your application
2 | # and its dependencies with the aid of the Mix.Config module.
3 | #
4 | # This configuration file is loaded before any dependency and
5 | # is restricted to this project.
6 |
7 | # General application configuration
8 | import Config
9 |
10 | # Configures the endpoint
11 | config :elixir_console, ElixirConsoleWeb.Endpoint,
12 | url: [host: "localhost"],
13 | secret_key_base: "xkn0Oy0t0ydkJkKxKwFVJ36lc5MX7kHtdo+4vtEVqGrBNN/Kv4a9GIGqbx6CHlVw",
14 | render_errors: [view: ElixirConsoleWeb.ErrorView, accepts: ~w(html json), layout: false],
15 | pubsub_server: ElixirConsole.PubSub,
16 | live_view: [signing_salt: "7vohZO+j"]
17 |
18 | # Configure esbuild (the version is required)
19 | config :esbuild,
20 | version: "0.14.29",
21 | default: [
22 | args:
23 | ~w(js/app.js --bundle --target=es2017 --outdir=../priv/static/assets --external:/fonts/* --external:/images/*),
24 | cd: Path.expand("../assets", __DIR__),
25 | env: %{"NODE_PATH" => Path.expand("../deps", __DIR__)}
26 | ]
27 |
28 | config :tailwind,
29 | version: "3.3.2",
30 | default: [
31 | args: ~w(
32 | --config=tailwind.config.js
33 | --input=css/app.css
34 | --output=../priv/static/assets/app.css
35 | ),
36 | cd: Path.expand("../assets", __DIR__)
37 | ]
38 |
39 | # Configures Elixir's Logger
40 | config :logger, :console,
41 | format: "$time $metadata[$level] $message\n",
42 | metadata: [:request_id]
43 |
44 | # Use Jason for JSON parsing in Phoenix
45 | config :phoenix, :json_library, Jason
46 |
47 | # Import environment specific config. This must remain at the bottom
48 | # of this file so it overrides the configuration defined above.
49 | import_config "#{Mix.env()}.exs"
50 |
--------------------------------------------------------------------------------
/config/dev.exs:
--------------------------------------------------------------------------------
1 | import Config
2 |
3 | # For development, we disable any cache and enable
4 | # debugging and code reloading.
5 | config :elixir_console, ElixirConsoleWeb.Endpoint,
6 | http: [port: 4000],
7 | debug_errors: true,
8 | code_reloader: true,
9 | check_origin: false,
10 | secret_key_base: "NMIEOZnzwCYSnDEV234iGpRihRaAev6qzgkzPf5//LoR7QasoylrntyZckoRhMPT",
11 | watchers: [
12 | esbuild: {Esbuild, :install_and_run, [:default, ~w(--sourcemap=inline --watch)]},
13 | tailwind: {Tailwind, :install_and_run, [:default, ~w(--watch)]}
14 | ]
15 |
16 | # ## SSL Support
17 | #
18 | # In order to use HTTPS in development, a self-signed
19 | # certificate can be generated by running the following
20 | # Mix task:
21 | #
22 | # mix phx.gen.cert
23 | #
24 | # Note that this task requires Erlang/OTP 20 or later.
25 | # Run `mix help phx.gen.cert` for more information.
26 | #
27 | # The `http:` config above can be replaced with:
28 | #
29 | # https: [
30 | # port: 4001,
31 | # cipher_suite: :strong,
32 | # keyfile: "priv/cert/selfsigned_key.pem",
33 | # certfile: "priv/cert/selfsigned.pem"
34 | # ],
35 | #
36 | # If desired, both `http:` and `https:` keys can be
37 | # configured to run both http and https servers on
38 | # different ports.
39 |
40 | # Watch static and templates for browser reloading.
41 | config :elixir_console, ElixirConsoleWeb.Endpoint,
42 | live_reload: [
43 | patterns: [
44 | ~r"priv/static/.*(js|css|png|jpeg|jpg|gif|svg)$",
45 | ~r"lib/elixir_console_web/(live|views)/.*(ex)$",
46 | ~r"lib/elixir_console_web/templates/.*(eex)$"
47 | ]
48 | ]
49 |
50 | # Do not include metadata nor timestamps in development logs
51 | config :logger, :console, format: "[$level] $message\n"
52 |
53 | # Set a higher stacktrace during development. Avoid configuring such
54 | # in production as building large stacktraces may be expensive.
55 | config :phoenix, :stacktrace_depth, 20
56 |
57 | # Initialize plugs at runtime for faster development compilation
58 | config :phoenix, :plug_init_mode, :runtime
59 |
--------------------------------------------------------------------------------
/config/prod.exs:
--------------------------------------------------------------------------------
1 | import Config
2 |
3 | # For production, don't forget to configure the url host
4 | # to something meaningful, Phoenix uses this information
5 | # when generating URLs.
6 | #
7 | # Note we also include the path to a cache manifest
8 | # containing the digested version of static files. This
9 | # manifest is generated by the `mix phx.digest` task,
10 | # which you should run after static files are built and
11 | # before starting your production server.
12 | config :elixir_console, ElixirConsoleWeb.Endpoint,
13 | cache_static_manifest: "priv/static/cache_manifest.json"
14 |
15 | # Do not print debug messages in production
16 | config :logger, level: :info, backends: [:console, Sentry.LoggerBackend]
17 |
18 | # ## SSL Support
19 | #
20 | # To get SSL working, you will need to add the `https` key
21 | # to the previous section and set your `:url` port to 443:
22 | #
23 | # config :elixir_console, ElixirConsoleWeb.Endpoint,
24 | # ...
25 | # url: [host: "example.com", port: 443],
26 | # https: [
27 | # port: 443,
28 | # cipher_suite: :strong,
29 | # keyfile: System.get_env("SOME_APP_SSL_KEY_PATH"),
30 | # certfile: System.get_env("SOME_APP_SSL_CERT_PATH"),
31 | # transport_options: [socket_opts: [:inet6]]
32 | # ]
33 | #
34 | # The `cipher_suite` is set to `:strong` to support only the
35 | # latest and more secure SSL ciphers. This means old browsers
36 | # and clients may not be supported. You can set it to
37 | # `:compatible` for wider support.
38 | #
39 | # `:keyfile` and `:certfile` expect an absolute path to the key
40 | # and cert in disk or a relative path inside priv, for example
41 | # "priv/ssl/server.key". For all supported SSL configuration
42 | # options, see https://hexdocs.pm/plug/Plug.SSL.html#configure/1
43 | #
44 | # We also recommend setting `force_ssl` in your endpoint, ensuring
45 | # no data is ever sent via http, always redirecting to https:
46 | #
47 | # config :elixir_console, ElixirConsoleWeb.Endpoint,
48 | # force_ssl: [hsts: true]
49 | #
50 | # Check `Plug.SSL` for all available options in `force_ssl`.
51 |
52 | config :sentry,
53 | dsn: "https://55dc7d86c2454858830dda49bb24962d@sentry.io/1855223",
54 | environment_name: System.get_env("RELEASE_LEVEL") || "development",
55 | enable_source_code_context: true,
56 | root_source_code_path: File.cwd!(),
57 | tags: %{
58 | env: "production"
59 | },
60 | included_environments: ~w(production staging)
61 |
--------------------------------------------------------------------------------
/config/runtime.exs:
--------------------------------------------------------------------------------
1 | import Config
2 |
3 | # config/runtime.exs is executed for all environments, including
4 | # during releases. It is executed after compilation and before the
5 | # system starts, so it is typically used to load production configuration
6 | # and secrets from environment variables or elsewhere. Do not define
7 | # any compile-time configuration in here, as it won't be applied.
8 | # The block below contains prod specific runtime configuration.
9 |
10 | # ## Using releases
11 | #
12 | # If you use `mix release`, you need to explicitly enable the server
13 | # by passing the PHX_SERVER=true when you start it:
14 | #
15 | # PHX_SERVER=true bin/hello_world start
16 | #
17 | # Alternatively, you can use `mix phx.gen.release` to generate a `bin/server`
18 | # script that automatically sets the env var above.
19 | if System.get_env("PHX_SERVER") do
20 | config :elixir_console, ElixirConsoleWeb.Endpoint, server: true
21 | end
22 |
23 | if config_env() == :prod do
24 | # The secret key base is used to sign/encrypt cookies and other secrets.
25 | # A default value is used in config/dev.exs and config/test.exs but you
26 | # want to use a different value for prod and you most likely don't want
27 | # to check this value into version control, so we use an environment
28 | # variable instead.
29 | secret_key_base =
30 | System.get_env("SECRET_KEY_BASE") ||
31 | raise """
32 | environment variable SECRET_KEY_BASE is missing.
33 | You can generate one by calling: mix phx.gen.secret
34 | """
35 |
36 | host = System.get_env("PHX_HOST") || "example.com"
37 | port = String.to_integer(System.get_env("PORT") || "4000")
38 |
39 | config :elixir_console, ElixirConsoleWeb.Endpoint,
40 | url: [host: host, port: 443, scheme: "https"],
41 | http: [
42 | # Enable IPv6 and bind on all interfaces.
43 | # Set it to {0, 0, 0, 0, 0, 0, 0, 1} for local network only access.
44 | # See the documentation on https://hexdocs.pm/plug_cowboy/Plug.Cowboy.html
45 | # for details about using IPv6 vs IPv4 and loopback vs public addresses.
46 | ip: {0, 0, 0, 0, 0, 0, 0, 0},
47 | port: port
48 | ],
49 | secret_key_base: secret_key_base
50 |
51 | # ## Configuring the mailer
52 | #
53 | # In production you need to configure the mailer to use a different adapter.
54 | # Also, you may need to configure the Swoosh API client of your choice if you
55 | # are not using SMTP. Here is an example of the configuration:
56 | #
57 | # config :hello_world, HelloWorld.Mailer,
58 | # adapter: Swoosh.Adapters.Mailgun,
59 | # api_key: System.get_env("MAILGUN_API_KEY"),
60 | # domain: System.get_env("MAILGUN_DOMAIN")
61 | #
62 | # For this example you need include a HTTP client required by Swoosh API client.
63 | # Swoosh supports Hackney and Finch out of the box:
64 | #
65 | # config :swoosh, :api_client, Swoosh.ApiClient.Hackney
66 | #
67 | # See https://hexdocs.pm/swoosh/Swoosh.html#module-installation for details.
68 | end
69 |
--------------------------------------------------------------------------------
/config/test.exs:
--------------------------------------------------------------------------------
1 | import Config
2 |
3 | # We don't run a server during test. If one is required,
4 | # you can enable the server option below.
5 | config :elixir_console, ElixirConsoleWeb.Endpoint,
6 | http: [port: 4002],
7 | server: true
8 |
9 | # Print only warnings and errors during test
10 | config :logger, level: :warn
11 |
12 | config :wallaby,
13 | chromedriver: [headless: System.get_env("HEADLESS") != "false"],
14 | screenshot_on_failure: true
15 |
16 | config :phoenix, :plug_init_mode, :runtime
17 |
--------------------------------------------------------------------------------
/elixir_buildpack.config:
--------------------------------------------------------------------------------
1 | elixir_version=1.13.2
2 | erlang_version=24.0.6
3 |
--------------------------------------------------------------------------------
/fly.toml:
--------------------------------------------------------------------------------
1 | # fly.toml app configuration file generated for elixir-console-wye on 2023-05-18T09:26:47-03:00
2 | #
3 | # See https://fly.io/docs/reference/configuration/ for information about how to use this file.
4 | #
5 |
6 | app = "elixir-console-wye"
7 | primary_region = "phx"
8 | kill_signal = "SIGTERM"
9 |
10 | [env]
11 | PHX_HOST = "elixirconsole.wyeworks.com"
12 | PORT = "8080"
13 |
14 | [http_service]
15 | internal_port = 8080
16 | force_https = true
17 | auto_stop_machines = true
18 | auto_start_machines = true
19 | min_machines_running = 0
20 | [http_service.concurrency]
21 | type = "connections"
22 | hard_limit = 1000
23 | soft_limit = 1000
24 |
--------------------------------------------------------------------------------
/lib/elixir_console.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole do
2 | @moduledoc """
3 | ElixirConsole keeps the contexts that define your domain
4 | and business logic.
5 |
6 | Contexts are also responsible for managing your data, regardless
7 | if it comes from the database, an external API or others.
8 | """
9 | end
10 |
--------------------------------------------------------------------------------
/lib/elixir_console/application.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Application do
2 | # See https://hexdocs.pm/elixir/Application.html
3 | # for more information on OTP Applications
4 | @moduledoc false
5 |
6 | use Application
7 |
8 | def start(_type, _args) do
9 | children = [
10 | # Start the PubSub system
11 | {Phoenix.PubSub, name: ElixirConsole.PubSub},
12 | # Start the Endpoint (http/https)
13 | ElixirConsoleWeb.Endpoint,
14 | ElixirConsoleWeb.LiveMonitor,
15 | ElixirConsole.Documentation
16 | # Start a worker by calling: ElixirConsole.Worker.start_link(arg)
17 | # {ElixirConsole.Worker, arg}
18 | ]
19 |
20 | # See https://hexdocs.pm/elixir/Supervisor.html
21 | # for other strategies and supported options
22 | opts = [strategy: :one_for_one, name: ElixirConsole.Supervisor]
23 | Supervisor.start_link(children, opts)
24 | end
25 |
26 | # Tell Phoenix to update the endpoint configuration
27 | # whenever the application is updated.
28 | def config_change(changed, _new, removed) do
29 | ElixirConsoleWeb.Endpoint.config_change(changed, removed)
30 | :ok
31 | end
32 | end
33 |
--------------------------------------------------------------------------------
/lib/elixir_console/autocomplete.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Autocomplete do
2 | @moduledoc """
3 | Encapsulates all the logic related with the autocomplete feature
4 | """
5 |
6 | alias ElixirConsole.Documentation
7 |
8 | @max_command_length 10_000
9 |
10 | @doc """
11 | Get a list of suggestions with all the possible words that could fit in the
12 | command that is being typed by the user.
13 | """
14 | def get_suggestions(value, caret_position, bindings) do
15 | word_to_autocomplete = word_to_autocomplete(value, caret_position)
16 | modules_or_functions = modules_or_functions_from_docs(word_to_autocomplete)
17 |
18 | bindings
19 | |> all_suggestions_candidates(modules_or_functions)
20 | |> filter_suggestions(word_to_autocomplete)
21 | end
22 |
23 | defp all_suggestions_candidates(bindings, modules_or_functions) do
24 | bindings_variable_names(bindings) ++ elixir_library_names(modules_or_functions)
25 | end
26 |
27 | defp bindings_variable_names(bindings) do
28 | bindings
29 | |> Enum.map(fn {name, _} -> Atom.to_string(name) end)
30 | |> Enum.sort()
31 | end
32 |
33 | defp modules_or_functions_from_docs(word_to_autocomplete) do
34 | cond do
35 | String.match?(word_to_autocomplete, ~r/^[A-Z]\w*\.\w*$/) ->
36 | :functions
37 |
38 | String.match?(word_to_autocomplete, ~r/^[a-z]/) ->
39 | :kernel_functions
40 |
41 | true ->
42 | :modules
43 | end
44 | end
45 |
46 | defp elixir_library_names(modules_or_functions) do
47 | modules_or_functions
48 | |> retrieve_names_from_documentation()
49 | |> Enum.sort()
50 | end
51 |
52 | defp retrieve_names_from_documentation(:functions), do: Documentation.get_functions_names()
53 |
54 | defp retrieve_names_from_documentation(:kernel_functions),
55 | do: Documentation.get_kernel_functions_names()
56 |
57 | defp retrieve_names_from_documentation(:modules), do: Documentation.get_modules_names()
58 |
59 | defp filter_suggestions(candidates, word_to_autocomplete) do
60 | candidates
61 | |> Enum.filter(&String.starts_with?(&1, word_to_autocomplete))
62 | |> Enum.take(10)
63 | end
64 |
65 | @doc """
66 | Returns a modified version of the command input value with an autocompleted
67 | word. It means that the `suggestion` value is used to replace the word that
68 | ends in the `caret_position` position of the provided `value`.
69 |
70 | It returns a tuple with the new input command (modified with the autocompleted
71 | word) and the new caret position (right after the last character of the
72 | autocompleted word)
73 | """
74 | def autocompleted_input(value, caret_position, autocompleted_word) do
75 | word_to_autocomplete = word_to_autocomplete(value, caret_position)
76 |
77 | {
78 | calculate_new_input_value(value, caret_position, word_to_autocomplete, autocompleted_word),
79 | calculate_new_caret_position(caret_position, word_to_autocomplete, autocompleted_word)
80 | }
81 | end
82 |
83 | defp word_to_autocomplete(value, caret_position) do
84 | {value_until_caret, _} = split_command_for_autocomplete(value, caret_position)
85 | value_until_caret |> String.split() |> List.last() || ""
86 | end
87 |
88 | defp split_command_for_autocomplete(value, caret_position) do
89 | {String.slice(value, 0, caret_position),
90 | String.slice(value, caret_position, @max_command_length)}
91 | end
92 |
93 | defp calculate_new_caret_position(caret_position, word_to_autocomplete, autocompleted_word) do
94 | String.length(autocompleted_word) - String.length(word_to_autocomplete) + caret_position
95 | end
96 |
97 | defp calculate_new_input_value(
98 | input_value,
99 | caret_position,
100 | word_to_autocomplete,
101 | autocompleted_word
102 | ) do
103 | {value_until_caret, value_from_caret} =
104 | split_command_for_autocomplete(input_value, caret_position)
105 |
106 | Regex.replace(~r/\.*#{word_to_autocomplete}$/, value_until_caret, autocompleted_word) <>
107 | value_from_caret
108 | end
109 | end
110 |
--------------------------------------------------------------------------------
/lib/elixir_console/contextual_help.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.ContextualHelp do
2 | @moduledoc """
3 | Utilities to add metadata to an user-generated Elixir command about the
4 | standard library functions that are in use.
5 | """
6 |
7 | alias ElixirConsole.Documentation
8 |
9 | @kernel_binary_operators ~w(
10 | !=
11 | !==
12 | *
13 | -
14 | +
15 | /
16 | <
17 | <=
18 | ==
19 | ===
20 | >
21 | >=
22 | &&
23 | ++
24 | --
25 | ..
26 | **
27 | <>
28 | =~
29 | |>
30 | ||
31 | and
32 | or
33 | in
34 | )a
35 |
36 | @kernel_functions ~w(
37 | abs
38 | binary_part
39 | bit_size
40 | byte_size
41 | ceil
42 | div
43 | elem
44 | floor
45 | hd
46 | is_atom
47 | is_binary
48 | is_bitstring
49 | is_boolean
50 | is_exception
51 | is_float
52 | is_function
53 | is_integer
54 | is_list
55 | is_map
56 | is_map_key
57 | is_nil
58 | is_number
59 | is_reference
60 | is_struct
61 | is_tuple
62 | length
63 | map_size
64 | not
65 | rem
66 | round
67 | self
68 | tl
69 | trunc
70 | tuple_size
71 | !
72 | binding
73 | function_exported?
74 | get_and_update_in
75 | get_in
76 | if
77 | inspect
78 | macro_exported?
79 | make_ref
80 | match?
81 | max
82 | min
83 | pop_in
84 | put_elem
85 | put_in
86 | raise
87 | reraise
88 | struct
89 | struct!
90 | throw
91 | to_charlist
92 | to_string
93 | unless
94 | update_in
95 | tap
96 | then
97 | )a
98 |
99 | @doc """
100 | Takes an Elixir command and returns it divided in parts, and the ones that
101 | correspond to Elixir functions are augmented with metadata containing the docs
102 | """
103 | def compute(command) do
104 | case Code.string_to_quoted(command) do
105 | {:ok, expr} ->
106 | functions = find_functions(expr, [])
107 | add_documentation(command, functions)
108 |
109 | _ ->
110 | [command]
111 | end
112 | end
113 |
114 | defp find_functions(list, acc) when is_list(list) do
115 | Enum.reduce(list, acc, fn node, acc -> find_functions(node, acc) end)
116 | end
117 |
118 | defp find_functions({{:., _, [{_, _, [module]}, func_name]}, _, params}, acc)
119 | when is_atom(module) do
120 | acc = acc ++ [%{module: module, func_name: func_name, func_ary: Enum.count(params)}]
121 | Enum.reduce(params, acc, fn node, acc -> find_functions(node, acc) end)
122 | end
123 |
124 | defp find_functions({{:., _, nested_expression}, _, params}, acc) do
125 | acc = find_functions(nested_expression, acc)
126 | Enum.reduce(params, acc, fn node, acc -> find_functions(node, acc) end)
127 | end
128 |
129 | defp find_functions({func_name, _, params}, acc)
130 | when func_name in @kernel_functions and is_list(params) do
131 | acc = acc ++ [%{module: "Kernel", func_name: func_name, func_ary: Enum.count(params)}]
132 | Enum.reduce(params, acc, fn node, acc -> find_functions(node, acc) end)
133 | end
134 |
135 | defp find_functions({func_name, _, [left_param, right_param]}, acc)
136 | when func_name in @kernel_binary_operators do
137 | acc = find_functions(left_param, acc)
138 | acc = acc ++ [%{module: "Kernel", func_name: func_name, func_ary: 2}]
139 | find_functions(right_param, acc)
140 | end
141 |
142 | defp find_functions({_, _, list}, acc) when is_list(list) do
143 | Enum.reduce(list, acc, fn node, acc -> find_functions(node, acc) end)
144 | end
145 |
146 | defp find_functions({node_left, node_right}, acc) do
147 | find_functions(node_right, find_functions(node_left, acc))
148 | end
149 |
150 | defp find_functions(_, acc), do: acc
151 |
152 | defp add_documentation(command, []), do: [command]
153 |
154 | defp add_documentation(
155 | command,
156 | [%{module: module, func_name: func_name, func_ary: func_ary} | rest]
157 | ) do
158 | func_fullname = "#{module}.#{func_name}"
159 | regex = ~r/#{Regex.escape(func_fullname)}|#{Regex.escape(Atom.to_string(func_name))}/
160 |
161 | [before_matched, matched, remaining_command] =
162 | Regex.split(regex, command, include_captures: true, parts: 2)
163 |
164 | parts_to_add =
165 | case Documentation.get_doc(%Documentation.Key{func_name: func_fullname, arity: func_ary}) do
166 | nil ->
167 | [before_matched, matched]
168 |
169 | doc ->
170 | [before_matched, {matched, doc}]
171 | end
172 |
173 | parts_to_add ++ add_documentation(remaining_command, rest)
174 | end
175 | end
176 |
--------------------------------------------------------------------------------
/lib/elixir_console/documentation.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Documentation do
2 | @moduledoc """
3 | GenServer that holds Elixir functions/macros documentation in memory for fast
4 | access.
5 | """
6 |
7 | use GenServer
8 |
9 | defmodule Key do
10 | @enforce_keys [:func_name, :arity]
11 | defstruct @enforce_keys
12 | end
13 |
14 | defmodule DocEntry do
15 | @enforce_keys [:module_name, :func_name, :func_ary, :docs_header, :docs_body]
16 | defstruct @enforce_keys
17 |
18 | @az_range 97..122
19 |
20 | def build_docs_metadata(nil), do: nil
21 |
22 | def build_docs_metadata(doc_entry) do
23 | %DocEntry{
24 | module_name: module_name,
25 | func_name: func_name,
26 | func_ary: func_ary,
27 | docs_header: docs_header,
28 | docs_body: docs_body
29 | } = doc_entry
30 |
31 | %{
32 | type: function_or_operator(func_name),
33 | func_name: "#{module_name}.#{func_name}/#{func_ary}",
34 | header: docs_header,
35 | docs: docs_body,
36 | link: "https://hexdocs.pm/elixir/#{module_name}.html##{func_name}/#{func_ary}"
37 | }
38 | end
39 |
40 | defp function_or_operator(func_name) when is_atom(func_name) do
41 | func_name
42 | |> to_charlist
43 | |> function_or_operator
44 | end
45 |
46 | defp function_or_operator([first_char | _]) when first_char in @az_range, do: :function
47 | defp function_or_operator(_), do: :operator
48 | end
49 |
50 | alias ElixirConsole.ElixirSafeParts
51 | @modules ElixirSafeParts.safe_elixir_modules()
52 | @unsafe_kernel_functions ElixirSafeParts.unsafe_kernel_functions()
53 |
54 | def start_link(_) do
55 | GenServer.start_link(__MODULE__, %{}, name: __MODULE__)
56 | end
57 |
58 | @impl true
59 | def init(_) do
60 | {:ok, retrieve_docs(@modules)}
61 | end
62 |
63 | @impl true
64 | def handle_call({:get, key}, _from, docs) do
65 | doc = docs[key] || find_with_different_arity(key, docs)
66 | {:reply, DocEntry.build_docs_metadata(doc), docs}
67 | end
68 |
69 | @impl true
70 | def handle_call(:get_functions_names, _from, docs) do
71 | functions_names =
72 | Map.keys(docs)
73 | |> Enum.map(& &1.func_name)
74 | |> Enum.uniq()
75 |
76 | {:reply, functions_names, docs}
77 | end
78 |
79 | @impl true
80 | def handle_call(:get_kernel_functions_names, _from, docs) do
81 | functions_names =
82 | Map.values(docs)
83 | |> Enum.filter(&(&1.module_name == "Kernel"))
84 | |> Enum.map(&to_string(&1.func_name))
85 | |> Enum.uniq()
86 |
87 | {:reply, functions_names, docs}
88 | end
89 |
90 | @impl true
91 | def handle_call(:get_modules_names, _from, docs) do
92 | modules_names =
93 | Map.values(docs)
94 | |> Enum.map(& &1.module_name)
95 | |> Enum.uniq()
96 |
97 | {:reply, modules_names, docs}
98 | end
99 |
100 | def get_doc(key), do: GenServer.call(__MODULE__, {:get, key})
101 |
102 | def get_functions_names(), do: GenServer.call(__MODULE__, :get_functions_names)
103 | def get_kernel_functions_names(), do: GenServer.call(__MODULE__, :get_kernel_functions_names)
104 | def get_modules_names(), do: GenServer.call(__MODULE__, :get_modules_names)
105 |
106 | defp retrieve_docs([]), do: %{}
107 |
108 | defp retrieve_docs([module | remaining_modules]) do
109 | {:docs_v1, _, :elixir, _, _, _, list} = Code.fetch_docs(module)
110 |
111 | docs =
112 | list
113 | |> reject_unsafe_functions(module)
114 | |> build_module_documentation(module)
115 |
116 | Map.merge(docs, retrieve_docs(remaining_modules))
117 | end
118 |
119 | defp reject_unsafe_functions(function_docs, Kernel) do
120 | Enum.reject(function_docs, fn function ->
121 | case function do
122 | {{_, func_name, _}, _, _, %{"en" => _}, _}
123 | when func_name in @unsafe_kernel_functions ->
124 | true
125 |
126 | _ ->
127 | false
128 | end
129 | end)
130 | end
131 |
132 | defp reject_unsafe_functions(function_docs, _), do: function_docs
133 |
134 | defp build_module_documentation(function_list, module) do
135 | Enum.reduce(function_list, %{}, fn function, acc ->
136 | case function do
137 | {{function_or_macro, func_name, func_ary}, _, header, %{"en" => docs}, _}
138 | when function_or_macro in [:function, :macro] ->
139 | {:ok, html_doc, _} = Earmark.as_html(docs)
140 | [module_name] = Module.split(module)
141 |
142 | Map.put(
143 | acc,
144 | %Key{func_name: "#{module_name}.#{func_name}", arity: func_ary},
145 | %DocEntry{
146 | module_name: module_name,
147 | func_name: func_name,
148 | func_ary: func_ary,
149 | docs_header: header,
150 | docs_body: html_doc
151 | }
152 | )
153 |
154 | _ ->
155 | acc
156 | end
157 | end)
158 | end
159 |
160 | defp find_with_different_arity(%Key{func_name: func_name, arity: func_ary}, docs) do
161 | with {_, doc} <-
162 | Enum.filter(docs, fn {key, _} ->
163 | key.func_name == func_name && key.arity != func_ary
164 | end)
165 | |> Enum.sort(fn {k1, _}, {k2, _} -> k1.arity < k2.arity end)
166 | |> List.first() do
167 | doc
168 | else
169 | nil -> nil
170 | end
171 | end
172 | end
173 |
--------------------------------------------------------------------------------
/lib/elixir_console/elixir_safe_parts.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.ElixirSafeParts do
2 | @moduledoc """
3 | List of modules and functions considered safe to be executed by the Elixir
4 | Console
5 |
6 | The goal of the console is to run Elixir code from untrusted sources.
7 | Therefore, here is defined a few whitelists of Elixir modules and functions,
8 | in order to limit the accessible feature of the language that are at disposal
9 | """
10 |
11 | @safe_modules ~w(
12 | Kernel
13 | Atom
14 | Base
15 | Bitwise
16 | Date
17 | DateTime
18 | Float
19 | Integer
20 | NaiveDateTime
21 | Regex
22 | String
23 | Time
24 | Tuple
25 | URI
26 | Version
27 | Version.Requirement
28 | Access
29 | Date.Range
30 | Enum
31 | Keyword
32 | List
33 | Map
34 | MapSet
35 | Range
36 | Stream
37 | OptionParser
38 | Collectable
39 | Enumerable
40 | )a
41 |
42 | @safe_kernel_functions ~w(
43 | !
44 | &&
45 | ++
46 | --
47 | ..
48 | **
49 | <>
50 | =~
51 | binding
52 | get_and_update_in
53 | get_in
54 | if
55 | inspect
56 | make_ref
57 | match?
58 | max
59 | min
60 | pop_in
61 | put_elem
62 | put_in
63 | raise
64 | reraise
65 | sigil_C
66 | sigil_D
67 | sigil_N
68 | sigil_R
69 | sigil_S
70 | sigil_T
71 | sigil_U
72 | sigil_W
73 | sigil_c
74 | sigil_r
75 | sigil_s
76 | sigil_w
77 | struct
78 | struct!
79 | throw
80 | to_charlist
81 | to_string
82 | unless
83 | update_in
84 | |>
85 | ||
86 | !=
87 | !==
88 | *
89 | +
90 | -
91 | /
92 | <=
93 | <
94 | ==
95 | ===
96 | >
97 | >=
98 | abs
99 | and
100 | binary_part
101 | bit_size
102 | byte_size
103 | ceil
104 | div
105 | elem
106 | floor
107 | hd
108 | in
109 | is_atom
110 | is_binary
111 | is_bitstring
112 | is_boolean
113 | is_exception
114 | is_float
115 | is_function
116 | is_integer
117 | is_list
118 | is_map
119 | is_map_key
120 | is_nil
121 | is_number
122 | is_pid
123 | is_port
124 | is_reference
125 | is_struct
126 | is_tuple
127 | length
128 | map_size
129 | not
130 | or
131 | rem
132 | round
133 | self
134 | tl
135 | trunc
136 | tuple_size
137 | %
138 | %{}
139 | &
140 | .
141 | ::
142 | <<>>
143 | =
144 | ^
145 | __aliases__
146 | __block__
147 | case
148 | cond
149 | fn
150 | for
151 | try
152 | with
153 | {}
154 | tap
155 | then
156 | ..//
157 | )a
158 |
159 | def safe_modules, do: @safe_modules
160 |
161 | def safe_elixir_modules, do: Enum.map(@safe_modules, &:"Elixir.#{&1}")
162 |
163 | def unsafe_kernel_functions do
164 | all_kernel_functions() -- @safe_kernel_functions
165 | end
166 |
167 | defp all_kernel_functions do
168 | all_kernel_functions_raw() |> Keyword.keys() |> Enum.uniq()
169 | end
170 |
171 | defp all_kernel_functions_raw do
172 | Kernel.__info__(:functions) ++
173 | Kernel.__info__(:macros) ++ Kernel.SpecialForms.__info__(:macros)
174 | end
175 | end
176 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox do
2 | @moduledoc """
3 | Provides a sandbox where Elixir code from untrusted sources can be executed
4 | """
5 |
6 | @type sandbox() :: %__MODULE__{}
7 |
8 | alias ElixirConsole.Sandbox.CodeExecutor
9 |
10 | @max_command_length 500
11 | @max_memory_kb_default 256
12 | @max_binary_memory_kb_default 50 * 1024
13 | @timeout_ms_default 5000
14 | @check_every_ms_default 20
15 | @bytes_in_kb 1024
16 |
17 | @enforce_keys [:pid, :bindings]
18 | defstruct [:pid, :bindings]
19 |
20 | @doc """
21 | Initialize and returns a process where Elixir code will run in "sandbox mode".
22 | This is useful if we want to provide the chance to more than one individual
23 | command, where the user can assume it is always working the same process (as
24 | it happens when someone runs different commands in iex).
25 |
26 | Returns a Sandbox struct including the dedicated process and an empty list of
27 | bindings.
28 | """
29 | @spec init() :: sandbox()
30 | def init() do
31 | loop = fn loop_func ->
32 | receive do
33 | {:command, command, bindings, parent_pid} ->
34 | result = CodeExecutor.execute_code(command, bindings)
35 | send(parent_pid, {:result, result})
36 |
37 | loop_func.(loop_func)
38 | end
39 | end
40 |
41 | creator_pid = self()
42 |
43 | pid =
44 | spawn(fn ->
45 | # Add some metadata to those process to identify them, allowing to further
46 | # analysis
47 | Process.put(:sandbox_owner, creator_pid)
48 | loop.(loop)
49 | end)
50 |
51 | %__MODULE__{pid: pid, bindings: []}
52 | end
53 |
54 | @doc """
55 | Executes a command (Elixir code in a string) in the process given by the
56 | Sandbox struct provided.
57 |
58 | Returns the result of the execution and a Sandbox struct with the changes in
59 | the bindings, if the command succeeded. In case of errors, it returns an
60 | `{:error, error_message}` tuple where the second element is a string with an
61 | explanation.
62 |
63 | If the execution takes more time than the specified timeout, an error is
64 | returned. In addition, if the execution uses more memory than the allowed
65 | amount, it is interrupted and an error is returned.
66 |
67 | You can use the following options in the `opts` argument:
68 |
69 | `timeout`: Time limit to run the command (in milliseconds). The default is
70 | 5000.
71 |
72 | `max_memory_kb`: Memory usage limit (expressed in Kb). The default is
73 | 30.
74 |
75 | `check_every`: Determine the time elapsed between checks where memory
76 | usage is measured (expressed in Kb). The default is 20.
77 | """
78 | @typep execution_result() :: {binary(), sandbox()}
79 | @spec execute(binary(), sandbox(), keyword()) ::
80 | {:success, execution_result()} | {:error, execution_result()}
81 | def execute(command, sandbox, opts \\ [])
82 |
83 | def execute(command, sandbox, _) when byte_size(command) > @max_command_length do
84 | {:error, {"Command is too long. Try running a shorter piece of code.", sandbox}}
85 | end
86 |
87 | def execute(command, sandbox, opts) do
88 | task = Task.async(fn -> do_execute(command, sandbox, opts) end)
89 | Task.await(task, :infinity)
90 | end
91 |
92 | defp do_execute(command, sandbox, opts) do
93 | send(sandbox.pid, {:command, command, sandbox.bindings, self()})
94 |
95 | case check_execution_status(sandbox.pid, normalize_options(opts)) do
96 | {:ok, {:success, {result, bindings}}} ->
97 | {:success, {result, %{sandbox | bindings: Enum.sort(bindings)}}}
98 |
99 | {:ok, {:error, result}} ->
100 | {:error, {result, sandbox}}
101 |
102 | :timeout ->
103 | {:error, {"The command was cancelled due to timeout", restore(sandbox)}}
104 |
105 | :memory_abuse ->
106 | {:error, {"The command used more memory than allowed", restore(sandbox)}}
107 | end
108 | end
109 |
110 | @doc """
111 | The sandbox process is exited. This function should be used when the sandbox
112 | is not longer needed so resources are properly disposed.
113 | """
114 | def terminate(%__MODULE__{pid: pid}) do
115 | Process.exit(pid, :kill)
116 | end
117 |
118 | defp normalize_options(opts) do
119 | timeout = Keyword.get(opts, :timeout, @timeout_ms_default)
120 | check_every = Keyword.get(opts, :check_every, @check_every_ms_default)
121 | ticks = floor(timeout / check_every)
122 |
123 | max_memory_kb = Keyword.get(opts, :max_memory_kb, @max_memory_kb_default) * @bytes_in_kb
124 |
125 | max_binary_memory_kb =
126 | Keyword.get(opts, :max_binary_memory_kb, @max_binary_memory_kb_default) * @bytes_in_kb
127 |
128 | [
129 | ticks: ticks,
130 | check_every: check_every,
131 | max_memory_kb: max_memory_kb,
132 | max_binary_memory_kb: max_binary_memory_kb
133 | ]
134 | end
135 |
136 | defp restore(sandbox) do
137 | %__MODULE__{sandbox | pid: init().pid}
138 | end
139 |
140 | defp check_execution_status(pid, [{:ticks, 0} | _]) do
141 | Process.exit(pid, :kill)
142 | :timeout
143 | end
144 |
145 | defp check_execution_status(
146 | pid,
147 | [
148 | ticks: ticks,
149 | check_every: check_every,
150 | max_memory_kb: max_memory_kb,
151 | max_binary_memory_kb: max_binary_memory_kb
152 | ] = opts
153 | ) do
154 | receive do
155 | {:result, result} ->
156 | {:ok, result}
157 | after
158 | check_every ->
159 | if allowed_memory_usage_by_process?(pid, max_memory_kb) and
160 | allowed_memory_usage_in_binaries?(max_binary_memory_kb) do
161 | check_execution_status(pid, Keyword.put(opts, :ticks, ticks - 1))
162 | else
163 | Process.exit(pid, :kill)
164 | :memory_abuse
165 | end
166 | end
167 | end
168 |
169 | defp allowed_memory_usage_by_process?(pid, memory_limit) do
170 | {:memory, memory} = Process.info(pid, :memory)
171 | memory <= memory_limit
172 | end
173 |
174 | defp allowed_memory_usage_in_binaries?(binaries_memory_limit) do
175 | :erlang.memory(:binary) <= binaries_memory_limit
176 | end
177 | end
178 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/allowed_elixir_modules.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.AllowedElixirModules do
2 | @moduledoc """
3 | Analyze the AST to filter out non white-listed modules and kernel functions
4 | """
5 |
6 | alias ElixirConsole.Sandbox.CommandValidator
7 | @behaviour CommandValidator
8 |
9 | @valid_modules ElixirConsole.ElixirSafeParts.safe_modules()
10 |
11 | @impl CommandValidator
12 | def validate(ast) do
13 | {_ast, result} = Macro.prewalk(ast, [], &valid?(&1, &2))
14 |
15 | result
16 | |> Enum.filter(&match?({:error, _}, &1))
17 | |> Enum.map(fn {:error, module} -> module end)
18 | |> Enum.dedup()
19 | |> case do
20 | [] ->
21 | :ok
22 |
23 | invalid_modules ->
24 | {:error,
25 | "Some Elixir modules are not allowed to be used. " <>
26 | "Not allowed modules attempted: #{inspect(invalid_modules)}"}
27 | end
28 | end
29 |
30 | defp valid?({:__aliases__, _, [module]} = elem, acc) when module not in @valid_modules do
31 | {elem, [{:error, module} | acc]}
32 | end
33 |
34 | defp valid?(elem, acc), do: {elem, [:ok | acc]}
35 | end
36 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/code_executor.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.CodeExecutor do
2 | @moduledoc """
3 | This module is responsible to orchestrate the validation and execution of the
4 | user-provided code. It should be run inside the sandbox process.
5 | """
6 |
7 | require Logger
8 |
9 | alias ElixirConsole.Sandbox.{CommandValidator, RuntimeValidations}
10 |
11 | def execute_code(command, bindings) do
12 | Logger.info("Command to be executed: #{command}")
13 |
14 | try do
15 | with :ok <- CommandValidator.safe_command?(command),
16 | command_ast <- RuntimeValidations.get_augmented_ast(command),
17 | {result, bindings} <-
18 | Code.eval_quoted(command_ast, bindings, eval_context()) do
19 | {:success, {result, bindings}}
20 | else
21 | error -> error
22 | end
23 | rescue
24 | exception ->
25 | {:error, inspect(exception)}
26 | end
27 | end
28 |
29 | # This is just to make available Bitwise functions when evaluating user code
30 | defp eval_context do
31 | [
32 | requires: [Kernel],
33 | functions: [
34 | {Kernel, __ENV__.functions[Kernel]},
35 | {Bitwise,
36 | [
37 | &&&: 2,
38 | <<<: 2,
39 | >>>: 2,
40 | ^^^: 2,
41 | band: 2,
42 | bnot: 1,
43 | bor: 2,
44 | bsl: 2,
45 | bsr: 2,
46 | bxor: 2,
47 | |||: 2,
48 | ~~~: 1
49 | ]}
50 | ]
51 | ]
52 | end
53 | end
54 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/command_validator.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.CommandValidator do
2 | @moduledoc """
3 | Check if a given Elixir code from untrusted sources is safe to be executed in
4 | the sandbox. This module also defines a behavior to be implemented by
5 | validator modules, providing a mechanism to compose individual safety checks
6 | over the command.
7 | """
8 |
9 | @type ast :: Macro.t()
10 | @callback validate(ast()) :: :ok | {:error, String.t()}
11 |
12 | alias ElixirConsole.Sandbox.{
13 | AllowedElixirModules,
14 | ErlangModulesAbsence,
15 | ExcludeConversionToAtoms,
16 | SafeKernelFunctions
17 | }
18 |
19 | @ast_validator_modules [
20 | AllowedElixirModules,
21 | ErlangModulesAbsence,
22 | ExcludeConversionToAtoms,
23 | SafeKernelFunctions
24 | ]
25 |
26 | def safe_command?(command) do
27 | ast = Code.string_to_quoted!(command)
28 |
29 | Enum.reduce_while(@ast_validator_modules, nil, fn module, _acc ->
30 | case apply(module, :validate, [ast]) do
31 | :ok -> {:cont, :ok}
32 | error -> {:halt, error}
33 | end
34 | end)
35 | end
36 | end
37 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/erlang_modules_absence.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.ErlangModulesAbsence do
2 | @moduledoc """
3 | Analyze the AST and check if Erlang modules are not present.
4 | """
5 |
6 | alias ElixirConsole.Sandbox.{CommandValidator, Util}
7 | @behaviour CommandValidator
8 |
9 | @impl CommandValidator
10 | def validate(ast) do
11 | {_ast, result} = Macro.prewalk(ast, [], &valid?(&1, &2))
12 |
13 | result
14 | |> Enum.filter(&match?({:error, _}, &1))
15 | |> Enum.map(fn {:error, module} -> module end)
16 | |> Enum.dedup()
17 | |> case do
18 | [] ->
19 | :ok
20 |
21 | invalid_modules ->
22 | {:error,
23 | "Non-Elixir modules are not allowed to be used. " <>
24 | "Not allowed modules attempted: #{inspect(invalid_modules)}"}
25 | end
26 | end
27 |
28 | defp valid?({:., _, [module, _]} = elem, acc) do
29 | if Util.is_erlang_module?(module) do
30 | {elem, [{:error, module} | acc]}
31 | else
32 | {elem, acc}
33 | end
34 | end
35 |
36 | defp valid?(elem, acc), do: {elem, acc}
37 | end
38 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/exclude_conversion_to_atoms.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.ExcludeConversionToAtoms do
2 | @moduledoc """
3 | Check if the command from untrusted source is free of calls that
4 | programmatically create atoms.
5 | """
6 |
7 | alias ElixirConsole.Sandbox.CommandValidator
8 | @behaviour CommandValidator
9 |
10 | @impl CommandValidator
11 | def validate(ast) do
12 | {_ast, result} = Macro.prewalk(ast, :ok, &valid?(&1, &2))
13 |
14 | case result do
15 | :to_atom_error ->
16 | {:error,
17 | "Programmatically creation of atoms is not allowed in this online console. " <>
18 | "Consider using String.to_existing_atom/1"}
19 |
20 | :atom_modifier_in_sigils ->
21 | {:error,
22 | "Programmatically creation of atoms is not allowed in this online console. " <>
23 | "For this reason, the `a` modifier is not allowed when using ~w. " <>
24 | "Instead, try using ~W since it does not interpolate the content"}
25 |
26 | :ok ->
27 | :ok
28 | end
29 | end
30 |
31 | defp valid?(elem, result) when result != :ok, do: {elem, result}
32 |
33 | defp valid?({:., _, [{:__aliases__, _, [module]}, function]} = elem, _acc)
34 | when function == :to_atom and module in [:String, :List] do
35 | {elem, :to_atom_error}
36 | end
37 |
38 | defp valid?({:sigil_w, _, [_, 'a']} = elem, _acc) do
39 | {elem, :atom_modifier_in_sigils}
40 | end
41 |
42 | defp valid?(elem, acc), do: {elem, acc}
43 | end
44 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/runtime_validations.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.RuntimeValidations do
2 | @moduledoc """
3 | This module injects code to the AST for code from untrusted sources. It
4 | ensures that non-secure functions are not invoked at runtime.
5 | """
6 |
7 | alias ElixirConsole.{ElixirSafeParts, Sandbox.Util}
8 |
9 | @this_module __MODULE__ |> Module.split() |> Enum.map(&String.to_atom/1)
10 | @valid_modules ElixirSafeParts.safe_elixir_modules()
11 | @kernel_functions_blacklist ElixirSafeParts.unsafe_kernel_functions()
12 |
13 | @max_string_duplication_times 100_000
14 |
15 | # Random string that is large enough so it does not collide with user's code
16 | @keep_dot_operator_mark Util.random_atom(64)
17 |
18 | @doc """
19 | Returns the AST for the given Elixir code but including invocations to
20 | `safe_invocation/2` before invoking any given function (based on the
21 | presence of the :. operator)
22 | """
23 | def get_augmented_ast(command) do
24 | ast = Code.string_to_quoted!(command)
25 |
26 | {augmented_ast, _result} =
27 | Macro.traverse(ast, nil, &add_safe_invocation(&1, &2), &restore_dot_operator(&1, &2))
28 |
29 | augmented_ast
30 | end
31 |
32 | # Do not inline a `safe_invocation` call when the dot operator is used to access
33 | # nested structures
34 | defp add_safe_invocation({{:., _, [{{:., _, [Access, :get]}, _, _}, _]}, _, _} = elem, acc),
35 | do: {elem, acc}
36 |
37 | defp add_safe_invocation({{:., _, [Access, :get]}, _, _} = elem, acc), do: {elem, acc}
38 |
39 | # Do not inline a `safe_invocation` call when the dot operator is used in
40 | # function capturing. Note it is using the special token.
41 | # @keep_dot_operator_mark to prevent the modification of the inner node with
42 | # the dot operator. restore_dot_operator/2 is responsible for restoring the
43 | # AST by replacing token occurrences with the :. atom
44 | defp add_safe_invocation(
45 | {:&, outer_meta,
46 | [
47 | {:/, middle_meta,
48 | [
49 | {{:., inner_meta, [{:__aliases__, meta, [module]}, function]}, inner_params,
50 | outer_params},
51 | arity
52 | ]}
53 | ]},
54 | acc
55 | )
56 | when is_atom(module) and is_atom(function) and is_integer(arity) do
57 | elem =
58 | {:&, outer_meta,
59 | [
60 | {:/, middle_meta,
61 | [
62 | {{@keep_dot_operator_mark, inner_meta, [{:__aliases__, meta, [module]}, function]},
63 | inner_params, outer_params},
64 | arity
65 | ]}
66 | ]}
67 |
68 | {elem, acc}
69 | end
70 |
71 | # Inline `safe_invocation` call when dot operator implies to invoke a function
72 | # (this is exactly the case we want to intercept)
73 | defp add_safe_invocation({{:., meta, [callee, function]}, outer_meta, params}, acc)
74 | when is_atom(callee) or is_tuple(callee) do
75 | elem =
76 | {{:., outer_meta,
77 | [
78 | {:__aliases__, meta, @this_module},
79 | :safe_invocation
80 | ]}, meta, [callee, function, params]}
81 |
82 | {elem, acc}
83 | end
84 |
85 | # Also inline a `safe_invocation` call when pipe operator is used, since it is
86 | # equivalent to direct invocation
87 | defp add_safe_invocation(
88 | {:|>, outer_meta,
89 | [first_param, {{:., meta, [callee, function]}, _more_meta, remaining_params}]},
90 | acc
91 | )
92 | when is_atom(callee) or is_tuple(callee) do
93 | params = [first_param | remaining_params]
94 |
95 | elem =
96 | {{:., outer_meta,
97 | [
98 | {:__aliases__, meta, @this_module},
99 | :safe_invocation
100 | ]}, meta, [callee, function, params]}
101 |
102 | {elem, acc}
103 | end
104 |
105 | defp add_safe_invocation(elem, acc), do: {elem, acc}
106 |
107 | # Note that add_safe_invocation/2 could interchange a dot operator by an
108 | # special token (@keep_dot_operator_mark) in cases where the dot operator does
109 | # not represents an invocation (situation that is determined by the parent
110 | # nodes). This function restores the original :. occurrences.
111 | defp restore_dot_operator(
112 | {{@keep_dot_operator_mark, meta, [callee, function]}, outer_meta, params},
113 | acc
114 | ) do
115 | elem = {{:., meta, [callee, function]}, outer_meta, params}
116 |
117 | {elem, acc}
118 | end
119 |
120 | defp restore_dot_operator(elem, acc), do: {elem, acc}
121 |
122 | @doc """
123 | This function is meant to be injected into the modified AST so we have safe
124 | invocations. The original invocation is done once it is validated as a
125 | secure call.
126 | """
127 | def safe_invocation(callee, _, _) when is_atom(callee) and callee not in @valid_modules do
128 | raise "Sandbox runtime error: Some Elixir modules are not allowed to be used. " <>
129 | "Not allowed module attempted: #{inspect(callee)}"
130 | end
131 |
132 | def safe_invocation(Kernel, function, _) when function in @kernel_functions_blacklist do
133 | raise "Sandbox runtime error: Some Kernel functions/macros are not allowed to be used. " <>
134 | "Not allowed function/macro attempted: #{inspect(function)}"
135 | end
136 |
137 | def safe_invocation(String, :to_atom, _) do
138 | raise "Sandbox runtime error: String.to_atom/1 is not allowed."
139 | end
140 |
141 | def safe_invocation(String, :duplicate, [_, times])
142 | when times >= @max_string_duplication_times do
143 | raise "Sandbox runtime error: String.duplicate/2 is not safe to be executed " <>
144 | "when the second parameter is a very large number."
145 | end
146 |
147 | def safe_invocation(String, function, [_, times, _])
148 | when times >= @max_string_duplication_times and function in [:pad_leading, :pad_trailing] do
149 | raise "Sandbox runtime error: String.#{function}/3 is not safe to be executed " <>
150 | "when the second parameter is a very large number."
151 | end
152 |
153 | # This approach is not working well with Kernel macros that are invoked with
154 | # explicit callee (e.g. Kernel.to_string/1). The following functions cover a
155 | # little portion of the existing cases. Future work can be done to transform
156 | # AST converting those macro calls to implicit invocations.
157 |
158 | # In particular, Kernel.to_string/1 must be supported because of string
159 | # interpolation. This is the only one that is very important to have done.
160 | def safe_invocation(Kernel, :to_string, [param]) do
161 | to_string(param)
162 | end
163 |
164 | # A few extra cases that are cheap to cover
165 | def safe_invocation(Kernel, :binding, params) do
166 | apply(&binding(&1), params)
167 | end
168 |
169 | def safe_invocation(Kernel, :is_nil, [param]) do
170 | is_nil(param)
171 | end
172 |
173 | def safe_invocation(Kernel, :to_charlist, [param]) do
174 | to_charlist(param)
175 | end
176 |
177 | # Integer macros
178 | require Integer
179 |
180 | def safe_invocation(Integer, :is_odd, param) do
181 | Integer.is_odd(param)
182 | end
183 |
184 | def safe_invocation(Integer, :is_even, param) do
185 | Integer.is_even(param)
186 | end
187 |
188 | # Case where dot operator is used as a way to access a nested structure We are
189 | # still adding the safe_invocation call, just to make sure the callee is not
190 | # an atom but we can not resolve it using Kernel.apply/3
191 | def safe_invocation(term, key, []) when is_map(term) and is_atom(key) do
192 | case Access.fetch(term, key) do
193 | {:ok, result} -> result
194 | :error -> %KeyError{key: key, message: nil, term: term}
195 | end
196 | end
197 |
198 | # Base case
199 | def safe_invocation(callee, function, params) when is_atom(callee) do
200 | apply(callee, function, params)
201 | end
202 |
203 | def safe_invocation(callee, function, params) do
204 | try do
205 | Sentry.capture_message("safe_invocation unexpected case",
206 | extra: %{callee: callee, function: function, params: params}
207 | )
208 | after
209 | raise "Internal error. Please fill an issue at https://github.com/wyeworks/elixir_console/issues."
210 | end
211 | end
212 | end
213 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/safe_kernel_functions.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.SafeKernelFunctions do
2 | @moduledoc """
3 | Check if a command from untrusted source is using only safe Kernel functions
4 | """
5 |
6 | alias ElixirConsole.Sandbox.CommandValidator
7 | @behaviour CommandValidator
8 |
9 | @kernel_functions_blacklist ElixirConsole.ElixirSafeParts.unsafe_kernel_functions()
10 |
11 | @impl CommandValidator
12 | def validate(ast) do
13 | {_ast, result} = Macro.prewalk(ast, [], &valid?(&1, &2))
14 |
15 | result
16 | |> Enum.filter(&match?({:error, _}, &1))
17 | |> Enum.map(fn {:error, function} -> function end)
18 | |> Enum.dedup()
19 | |> case do
20 | [] ->
21 | :ok
22 |
23 | unsafe_functions ->
24 | {:error,
25 | "Only safe Kernel functions are allowed to be used. " <>
26 | "Not allowed functions attempted: #{inspect(unsafe_functions)}"}
27 | end
28 | end
29 |
30 | defp valid?({function, _, _} = elem, acc) when function in @kernel_functions_blacklist do
31 | {elem, [{:error, function} | acc]}
32 | end
33 |
34 | defp valid?({:., _, [{:__aliases__, _, [:Kernel]}, function]} = elem, acc)
35 | when function in @kernel_functions_blacklist do
36 | {elem, [{:error, function} | acc]}
37 | end
38 |
39 | defp valid?(elem, acc), do: {elem, acc}
40 | end
41 |
--------------------------------------------------------------------------------
/lib/elixir_console/sandbox/util.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.Util do
2 | @moduledoc false
3 |
4 | @az_range 97..122
5 |
6 | def is_erlang_module?(module) when not is_atom(module), do: false
7 |
8 | def is_erlang_module?(module) do
9 | module
10 | |> to_charlist
11 | |> starts_with_lowercase?
12 | end
13 |
14 | # Based on https://stackoverflow.com/a/32002566/2819826
15 | def random_atom(length) do
16 | :crypto.strong_rand_bytes(length)
17 | |> Base.url_encode64()
18 | |> binary_part(0, length)
19 | |> String.to_atom()
20 | end
21 |
22 | defp starts_with_lowercase?([first_char | _]) when first_char in @az_range, do: true
23 | defp starts_with_lowercase?(_module_charlist), do: false
24 | end
25 |
--------------------------------------------------------------------------------
/lib/elixir_console_web.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb do
2 | @moduledoc """
3 | The entrypoint for defining your web interface, such
4 | as controllers, views, channels and so on.
5 |
6 | This can be used in your application as:
7 |
8 | use ElixirConsoleWeb, :controller
9 | use ElixirConsoleWeb, :view
10 |
11 | The definitions below will be executed for every view,
12 | controller, etc, so keep them short and clean, focused
13 | on imports, uses and aliases.
14 |
15 | Do NOT define functions inside the quoted expressions
16 | below. Instead, define any helper function in modules
17 | and import those modules here.
18 | """
19 |
20 | def controller do
21 | quote do
22 | use Phoenix.Controller, namespace: ElixirConsoleWeb
23 |
24 | import Plug.Conn
25 | alias ElixirConsoleWeb.Router.Helpers, as: Routes
26 | end
27 | end
28 |
29 | def view do
30 | quote do
31 | use Phoenix.View,
32 | root: "lib/elixir_console_web/templates",
33 | namespace: ElixirConsoleWeb
34 |
35 | # Import convenience functions from controllers
36 | import Phoenix.Controller,
37 | only: [get_flash: 1, get_flash: 2, view_module: 1, view_template: 1]
38 |
39 | # Include shared imports and aliases for views
40 | unquote(view_helpers())
41 | end
42 | end
43 |
44 | def live_view do
45 | quote do
46 | use Phoenix.LiveView, layout: {ElixirConsoleWeb.LayoutView, "live.html"}
47 |
48 | unquote(view_helpers())
49 | end
50 | end
51 |
52 | def live_component do
53 | quote do
54 | use Phoenix.LiveComponent
55 |
56 | unquote(view_helpers())
57 | end
58 | end
59 |
60 | def router do
61 | quote do
62 | use Phoenix.Router
63 |
64 | import Plug.Conn
65 | import Phoenix.Controller
66 | import Phoenix.LiveView.Router
67 |
68 | use Plug.ErrorHandler
69 | use Sentry.Plug
70 | end
71 | end
72 |
73 | defp view_helpers do
74 | quote do
75 | # Use all HTML functionality (forms, tags, etc)
76 | use Phoenix.HTML
77 |
78 | # Import LiveView helpers (live_render, live_component, live_patch, etc)
79 | import Phoenix.LiveView.Helpers
80 |
81 | # Import basic rendering functionality (render, render_layout, etc)
82 | import Phoenix.View
83 |
84 | alias ElixirConsoleWeb.Router.Helpers, as: Routes
85 | end
86 | end
87 |
88 | @doc """
89 | When used, dispatch to the appropriate controller/view/etc.
90 | """
91 | defmacro __using__(which) when is_atom(which) do
92 | apply(__MODULE__, which, [])
93 | end
94 | end
95 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/endpoint.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.Endpoint do
2 | use Phoenix.Endpoint, otp_app: :elixir_console
3 | use Sentry.Phoenix.Endpoint
4 |
5 | # The session will be stored in the cookie and signed,
6 | # this means its contents can be read but not tampered with.
7 | # Set :encryption_salt if you would also like to encrypt it.
8 | @session_options [
9 | store: :cookie,
10 | key: "_elixir_console_key",
11 | signing_salt: "pIQrFsE9x"
12 | ]
13 |
14 | socket "/live", Phoenix.LiveView.Socket, websocket: [connect_info: [session: @session_options]]
15 |
16 | # Serve at "/" the static files from "priv/static" directory.
17 | #
18 | # You should set gzip to true if you are running phx.digest
19 | # when deploying your static files in production.
20 | plug Plug.Static,
21 | at: "/",
22 | from: :elixir_console,
23 | gzip: false,
24 | only: ~w(assets fonts images favicon.ico robots.txt)
25 |
26 | # ~w(css fonts images js favicon.ico robots.txt)
27 |
28 | # Code reloading can be explicitly enabled under the
29 | # :code_reloader configuration of your endpoint.
30 | if code_reloading? do
31 | socket "/phoenix/live_reload/socket", Phoenix.LiveReloader.Socket
32 | plug Phoenix.LiveReloader
33 | plug Phoenix.CodeReloader
34 | end
35 |
36 | plug Plug.RequestId
37 | plug Plug.Telemetry, event_prefix: [:phoenix, :endpoint]
38 |
39 | plug Plug.Parsers,
40 | parsers: [:urlencoded, :multipart, :json],
41 | pass: ["*/*"],
42 | json_decoder: Phoenix.json_library()
43 |
44 | plug Plug.MethodOverride
45 | plug Plug.Head
46 | plug Plug.Session, @session_options
47 |
48 | plug ElixirConsoleWeb.HerokuRedirect
49 | plug ElixirConsoleWeb.Router
50 | end
51 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/live/console_live.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.ConsoleLive do
2 | @moduledoc """
3 | This is the live view component that implements the console UI.
4 | """
5 |
6 | use ElixirConsoleWeb, :live_view
7 |
8 | alias ElixirConsole.Sandbox
9 | alias ElixirConsoleWeb.LiveMonitor
10 | alias ElixirConsoleWeb.ConsoleLive.{CommandInputComponent, HistoryComponent, SidebarComponent}
11 |
12 | defmodule Output do
13 | @enforce_keys [:command, :id]
14 | defstruct [:command, :result, :error, :id]
15 | end
16 |
17 | @impl true
18 | def mount(_params, _session, socket) do
19 | sandbox = Sandbox.init()
20 | LiveMonitor.monitor(self(), __MODULE__, %{id: socket.id, sandbox: sandbox})
21 |
22 | {:ok,
23 | assign(
24 | socket,
25 | output: [],
26 | history: [],
27 | suggestions: [],
28 | contextual_help: nil,
29 | command_id: 0,
30 | sandbox: sandbox
31 | )}
32 | end
33 |
34 | @doc "Function invoked when the live view process is finished. See LiveMonitor.terminate/1."
35 | def unmount(%{sandbox: sandbox}) do
36 | Sandbox.terminate(sandbox)
37 | end
38 |
39 | @impl true
40 | def render(assigns) do
41 | ~H"""
42 |
43 |
44 |
45 |
46 |
47 |
48 | <%= live_component(HistoryComponent, output: @output, id: :history) %>
49 | <%= live_component(CommandInputComponent, history: @history, bindings: @sandbox.bindings, id: :command_input) %>
50 |
51 |
52 |
53 |
54 | <%= live_component(SidebarComponent,
55 | sandbox: @sandbox, contextual_help: @contextual_help, suggestions: @suggestions)
56 | %>
57 |
16 |
17 |
Elixir <%= System.version() %>/OTP <%= System.otp_release() %>
18 |
19 | <%= for output <- @output do %>
20 |
21 | <.prompt /><%= format_command(output.command) %>
22 |
23 |
24 | <%= output.result %>
25 | <%= if output.error do %>
26 |
27 | <%= output.error %>
28 |
29 | <% end %>
30 |
31 | <% end %>
32 |
<%= part %> }
82 | end
83 |
84 | defp inline_help_class_for(:function), do: "text-green-400 cursor-pointer underline"
85 | defp inline_help_class_for(:operator), do: "cursor-pointer"
86 | end
87 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/live/console_live/sidebar_component.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.ConsoleLive.SidebarComponent do
2 | @moduledoc """
3 | Live component module that implements the portion of the UI corresponding to
4 | the sidebar. It displays the bindings, Elixir functions help and some static
5 | information.
6 | """
7 |
8 | use Phoenix.LiveComponent
9 |
10 | @impl true
11 | def render(assigns) do
12 | ~H"""
13 |
14 | <.bindings bindings={@sandbox.bindings} />
15 |
16 | <%= cond do %>
17 | <% @suggestions != [] -> %>
18 | <.suggestions suggestions={@suggestions}/>
19 | <% @contextual_help -> %>
20 | <.contextual_help {@contextual_help} />
21 | <% true -> %>
22 | <.instructions />
23 | <% end %>
24 |
25 |
Suggestions:
49 |
50 | <%= for suggestion <- @suggestions do %>
51 | <%= suggestion %>
52 | <% end %>
53 |
54 | """
55 | end
56 |
57 | def contextual_help(assigns) do
58 | ~H"""
59 |
60 |
61 | <%= @func_name %>
62 |
63 |
<%= @header %>
64 |
<%= Phoenix.HTML.raw @doc %>
65 |
INSTRUCTIONS
72 | [UP] [DOWN]: Navigate through commands history
73 | [TAB]: Get suggestions or autocomplete while typing
74 | You can see the history panel that includes all your commands and their output.
75 | Click on any Elixir function to see here the corresponding documentation.
76 | ABOUT SECURITY
77 | Please note some features of the language are not safe to run in a shared environment like this console.
78 | If you are interested in knowing more about the limitations, you must read here .
79 | Please report any security vulnerabilities to
80 | elixir-console-security@wyeworks.com .
81 |
82 | """
83 | end
84 | end
85 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/live/live_monitor.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.LiveMonitor do
2 | @moduledoc """
3 | This module monitors the created sandbox processes. Gives a way to dispose
4 | those processes when they are not longer used.
5 |
6 | The code is based on https://github.com/phoenixframework/phoenix_live_view/issues/123
7 | """
8 |
9 | use GenServer
10 |
11 | def start_link(_) do
12 | GenServer.start_link(__MODULE__, %{}, name: __MODULE__)
13 | end
14 |
15 | def monitor(pid, view_module, meta) do
16 | GenServer.call(__MODULE__, {:monitor, pid, view_module, meta})
17 | end
18 |
19 | def update_sandbox(pid, view_module, meta) do
20 | GenServer.call(__MODULE__, {:update_sandbox, pid, view_module, meta})
21 | end
22 |
23 | def init(_) do
24 | {:ok, %{views: %{}}}
25 | end
26 |
27 | def handle_call({:monitor, pid, view_module, meta}, _from, %{views: views} = state) do
28 | Process.monitor(pid)
29 | {:reply, :ok, %{state | views: Map.put(views, pid, {view_module, meta})}}
30 | end
31 |
32 | def handle_call({:update_sandbox, pid, view_module, meta}, _from, %{views: views} = state) do
33 | {:reply, :ok, %{state | views: Map.put(views, pid, {view_module, meta})}}
34 | end
35 |
36 | def handle_info({:DOWN, _ref, :process, pid, _reason}, state) do
37 | {{module, meta}, new_views} = Map.pop(state.views, pid)
38 | module.unmount(meta)
39 | {:noreply, %{state | views: new_views}}
40 | end
41 | end
42 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/plugs/heroku_redirect.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.HerokuRedirect do
2 | @moduledoc """
3 | Redirect to our custom domain if the app is accessed using the Heroku domain
4 | """
5 |
6 | import Plug.Conn
7 |
8 | def init(default), do: default
9 |
10 | def call(conn, _default) do
11 | if configured_host() != conn.host do
12 | conn
13 | |> put_resp_header("location", redirect_url())
14 | |> send_resp(:moved_permanently, "")
15 | |> halt()
16 | else
17 | conn
18 | end
19 | end
20 |
21 | defp redirect_url do
22 | URI.to_string(%URI{
23 | host: configured_host(),
24 | scheme: configured_scheme()
25 | })
26 | end
27 |
28 | defp configured_host, do: get_from_configured_url(:host, "localhost")
29 | defp configured_scheme, do: get_from_configured_url(:scheme, "https")
30 |
31 | defp get_from_configured_url(key, default) do
32 | Keyword.get(ElixirConsoleWeb.Endpoint.config(:url), key, default)
33 | end
34 | end
35 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/router.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.Router do
2 | use ElixirConsoleWeb, :router
3 |
4 | pipeline :browser do
5 | plug :accepts, ["html"]
6 | plug :fetch_session
7 | plug :fetch_live_flash
8 | plug :put_root_layout, {ElixirConsoleWeb.LayoutView, :root}
9 | plug :protect_from_forgery
10 | plug :put_secure_browser_headers
11 | end
12 |
13 | pipeline :api do
14 | plug :accepts, ["json"]
15 | end
16 |
17 | scope "/", ElixirConsoleWeb do
18 | pipe_through :browser
19 |
20 | live "/", ConsoleLive
21 | end
22 |
23 | # Other scopes may use custom stacks.
24 | # scope "/api", ElixirConsoleWeb do
25 | # pipe_through :api
26 | # end
27 | end
28 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/templates/layout/live.html.heex:
--------------------------------------------------------------------------------
1 |
2 | <%= live_flash(@flash, :info) %>
5 |
6 | <%= live_flash(@flash, :error) %>
9 |
10 |
11 | <%= @inner_content %>
12 |
13 |
14 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/templates/layout/root.html.heex:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 |
6 |
13 |
14 | Elixir Web Console - WyeWorks
19 |
43 | <%= @inner_content %>
44 |
45 |
46 |
47 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/views/error_view.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.ErrorView do
2 | use ElixirConsoleWeb, :view
3 |
4 | # If you want to customize a particular status code
5 | # for a certain format, you may uncomment below.
6 | # def render("500.html", _assigns) do
7 | # "Internal Server Error"
8 | # end
9 |
10 | # By default, Phoenix returns the status message from
11 | # the template name. For example, "404.html" becomes
12 | # "Not Found".
13 | def template_not_found(template, _assigns) do
14 | Phoenix.Controller.status_message_from_template(template)
15 | end
16 | end
17 |
--------------------------------------------------------------------------------
/lib/elixir_console_web/views/layout_view.ex:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.LayoutView do
2 | use ElixirConsoleWeb, :view
3 | end
4 |
--------------------------------------------------------------------------------
/mix.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.MixProject do
2 | use Mix.Project
3 |
4 | def project do
5 | [
6 | app: :elixir_console,
7 | version: "0.1.0",
8 | elixir: "~> 1.13.2",
9 | elixirc_paths: elixirc_paths(Mix.env()),
10 | start_permanent: Mix.env() == :prod,
11 | aliases: aliases(),
12 | deps: deps(),
13 | releases: [
14 | elixir_console: [
15 | strip_beams: [keep: ["Docs"]]
16 | ]
17 | ]
18 | ]
19 | end
20 |
21 | # Configuration for the OTP application.
22 | #
23 | # Type `mix help compile.app` for more information.
24 | def application do
25 | [
26 | mod: {ElixirConsole.Application, []},
27 | extra_applications: [:logger, :runtime_tools]
28 | ]
29 | end
30 |
31 | # Specifies which paths to compile per environment.
32 | defp elixirc_paths(:test), do: ["lib", "test/support"]
33 | defp elixirc_paths(_), do: ["lib"]
34 |
35 | # Specifies your project dependencies.
36 | #
37 | # Type `mix help deps` for examples and options.
38 | defp deps do
39 | [
40 | {:phoenix, "~> 1.6.0"},
41 | {:phoenix_live_view, "~> 0.16.0"},
42 | {:phoenix_html, "~> 3.0"},
43 | {:phoenix_live_reload, "~> 1.3", only: :dev},
44 | {:esbuild, "~> 0.4"},
45 | {:tailwind, "~> 0.1"},
46 | {:jason, "~> 1.0"},
47 | {:plug_cowboy, "~> 2.1"},
48 | {:earmark, "~> 1.4.0"},
49 | {:floki, "~> 0.31.0", only: :test},
50 | {:sentry, "~> 7.0"},
51 | {:wallaby, "~> 0.28", only: :test, runtime: false}
52 | ]
53 | end
54 |
55 | # Aliases are shortcuts or tasks specific to the current project.
56 | # For example, to install project dependencies and perform other setup tasks, run:
57 | #
58 | # $ mix ecto.setup
59 | #
60 | # See the documentation for `Mix` for more info on aliases.
61 | defp aliases do
62 | [
63 | test: ["test"],
64 | "assets.deploy": ["tailwind default --minify", "esbuild default --minify", "phx.digest"]
65 | ]
66 | end
67 | end
68 |
--------------------------------------------------------------------------------
/mix.lock:
--------------------------------------------------------------------------------
1 | %{
2 | "castore": {:hex, :castore, "0.1.22", "4127549e411bedd012ca3a308dede574f43819fe9394254ca55ab4895abfa1a2", [:mix], [], "hexpm", "c17576df47eb5aa1ee40cc4134316a99f5cad3e215d5c77b8dd3cfef12a22cac"},
3 | "certifi": {:hex, :certifi, "2.6.1", "dbab8e5e155a0763eea978c913ca280a6b544bfa115633fa20249c3d396d9493", [:rebar3], [], "hexpm", "524c97b4991b3849dd5c17a631223896272c6b0af446778ba4675a1dff53bb7e"},
4 | "cowboy": {:hex, :cowboy, "2.10.0", "ff9ffeff91dae4ae270dd975642997afe2a1179d94b1887863e43f681a203e26", [:make, :rebar3], [{:cowlib, "2.12.1", [hex: :cowlib, repo: "hexpm", optional: false]}, {:ranch, "1.8.0", [hex: :ranch, repo: "hexpm", optional: false]}], "hexpm", "3afdccb7183cc6f143cb14d3cf51fa00e53db9ec80cdcd525482f5e99bc41d6b"},
5 | "cowboy_telemetry": {:hex, :cowboy_telemetry, "0.4.0", "f239f68b588efa7707abce16a84d0d2acf3a0f50571f8bb7f56a15865aae820c", [:rebar3], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:telemetry, "~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "7d98bac1ee4565d31b62d59f8823dfd8356a169e7fcbb83831b8a5397404c9de"},
6 | "cowlib": {:hex, :cowlib, "2.12.1", "a9fa9a625f1d2025fe6b462cb865881329b5caff8f1854d1cbc9f9533f00e1e1", [:make, :rebar3], [], "hexpm", "163b73f6367a7341b33c794c4e88e7dbfe6498ac42dcd69ef44c5bc5507c8db0"},
7 | "earmark": {:hex, :earmark, "1.4.16", "2188754e590a3c379fdd2783bb44eedd8c54968fa0256b6f336f6d56b089d793", [:mix], [{:earmark_parser, ">= 1.4.16", [hex: :earmark_parser, repo: "hexpm", optional: false]}], "hexpm", "46f853f7ae10bee06923430dca522ba9dcbdc6b7a9729748e8dd5344d21b8418"},
8 | "earmark_parser": {:hex, :earmark_parser, "1.4.16", "607709303e1d4e3e02f1444df0c821529af1c03b8578dfc81bb9cf64553d02b9", [:mix], [], "hexpm", "69fcf696168f5a274dd012e3e305027010658b2d1630cef68421d6baaeaccead"},
9 | "esbuild": {:hex, :esbuild, "0.7.0", "ce3afb13cd2c5fd63e13c0e2d0e0831487a97a7696cfa563707342bb825d122a", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}], "hexpm", "4ae9f4f237c5ebcb001390b8ada65a12fb2bb04f3fe3d1f1692b7a06fbfe8752"},
10 | "file_system": {:hex, :file_system, "0.2.10", "fb082005a9cd1711c05b5248710f8826b02d7d1784e7c3451f9c1231d4fc162d", [:mix], [], "hexpm", "41195edbfb562a593726eda3b3e8b103a309b733ad25f3d642ba49696bf715dc"},
11 | "floki": {:hex, :floki, "0.31.0", "f05ee8a8e6a3ced4e62beeb2c79a63bc8e12ab98fbaaf6e6a3d9b76b1278e23f", [:mix], [{:html_entities, "~> 0.5.0", [hex: :html_entities, repo: "hexpm", optional: false]}], "hexpm", "b05afa372f5c345a5bf240ac25ea1f0f3d5fcfd7490ac0beeb4a203f9444891e"},
12 | "hackney": {:hex, :hackney, "1.17.4", "99da4674592504d3fb0cfef0db84c3ba02b4508bae2dff8c0108baa0d6e0977c", [:rebar3], [{:certifi, "~>2.6.1", [hex: :certifi, repo: "hexpm", optional: false]}, {:idna, "~>6.1.0", [hex: :idna, repo: "hexpm", optional: false]}, {:metrics, "~>1.0.0", [hex: :metrics, repo: "hexpm", optional: false]}, {:mimerl, "~>1.1", [hex: :mimerl, repo: "hexpm", optional: false]}, {:parse_trans, "3.3.1", [hex: :parse_trans, repo: "hexpm", optional: false]}, {:ssl_verify_fun, "~>1.1.0", [hex: :ssl_verify_fun, repo: "hexpm", optional: false]}, {:unicode_util_compat, "~>0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "de16ff4996556c8548d512f4dbe22dd58a587bf3332e7fd362430a7ef3986b16"},
13 | "html_entities": {:hex, :html_entities, "0.5.2", "9e47e70598da7de2a9ff6af8758399251db6dbb7eebe2b013f2bbd2515895c3c", [:mix], [], "hexpm", "c53ba390403485615623b9531e97696f076ed415e8d8058b1dbaa28181f4fdcc"},
14 | "httpoison": {:hex, :httpoison, "1.8.0", "6b85dea15820b7804ef607ff78406ab449dd78bed923a49c7160e1886e987a3d", [:mix], [{:hackney, "~> 1.17", [hex: :hackney, repo: "hexpm", optional: false]}], "hexpm", "28089eaa98cf90c66265b6b5ad87c59a3729bea2e74e9d08f9b51eb9729b3c3a"},
15 | "idna": {:hex, :idna, "6.1.1", "8a63070e9f7d0c62eb9d9fcb360a7de382448200fbbd1b106cc96d3d8099df8d", [:rebar3], [{:unicode_util_compat, "~>0.7.0", [hex: :unicode_util_compat, repo: "hexpm", optional: false]}], "hexpm", "92376eb7894412ed19ac475e4a86f7b413c1b9fbb5bd16dccd57934157944cea"},
16 | "jason": {:hex, :jason, "1.4.0", "e855647bc964a44e2f67df589ccf49105ae039d4179db7f6271dfd3843dc27e6", [:mix], [{:decimal, "~> 1.0 or ~> 2.0", [hex: :decimal, repo: "hexpm", optional: true]}], "hexpm", "79a3791085b2a0f743ca04cec0f7be26443738779d09302e01318f97bdb82121"},
17 | "metrics": {:hex, :metrics, "1.0.1", "25f094dea2cda98213cecc3aeff09e940299d950904393b2a29d191c346a8486", [:rebar3], [], "hexpm", "69b09adddc4f74a40716ae54d140f93beb0fb8978d8636eaded0c31b6f099f16"},
18 | "mime": {:hex, :mime, "1.6.0", "dabde576a497cef4bbdd60aceee8160e02a6c89250d6c0b29e56c0dfb00db3d2", [:mix], [], "hexpm", "31a1a8613f8321143dde1dafc36006a17d28d02bdfecb9e95a880fa7aabd19a7"},
19 | "mimerl": {:hex, :mimerl, "1.2.0", "67e2d3f571088d5cfd3e550c383094b47159f3eee8ffa08e64106cdf5e981be3", [:rebar3], [], "hexpm", "f278585650aa581986264638ebf698f8bb19df297f66ad91b18910dfc6e19323"},
20 | "parse_trans": {:hex, :parse_trans, "3.3.1", "16328ab840cc09919bd10dab29e431da3af9e9e7e7e6f0089dd5a2d2820011d8", [:rebar3], [], "hexpm", "07cd9577885f56362d414e8c4c4e6bdf10d43a8767abb92d24cbe8b24c54888b"},
21 | "phoenix": {:hex, :phoenix, "1.6.16", "e5bdd18c7a06da5852a25c7befb72246de4ddc289182285f8685a40b7b5f5451", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix_pubsub, "~> 2.0", [hex: :phoenix_pubsub, repo: "hexpm", optional: false]}, {:phoenix_view, "~> 1.0 or ~> 2.0", [hex: :phoenix_view, repo: "hexpm", optional: false]}, {:plug, "~> 1.10", [hex: :plug, repo: "hexpm", optional: false]}, {:plug_cowboy, "~> 2.2", [hex: :plug_cowboy, repo: "hexpm", optional: true]}, {:plug_crypto, "~> 1.2", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "e15989ff34f670a96b95ef6d1d25bad0d9c50df5df40b671d8f4a669e050ac39"},
22 | "phoenix_html": {:hex, :phoenix_html, "3.3.1", "4788757e804a30baac6b3fc9695bf5562465dd3f1da8eb8460ad5b404d9a2178", [:mix], [{:plug, "~> 1.5", [hex: :plug, repo: "hexpm", optional: true]}], "hexpm", "bed1906edd4906a15fd7b412b85b05e521e1f67c9a85418c55999277e553d0d3"},
23 | "phoenix_live_reload": {:hex, :phoenix_live_reload, "1.3.3", "3a53772a6118d5679bf50fc1670505a290e32a1d195df9e069d8c53ab040c054", [:mix], [{:file_system, "~> 0.2.1 or ~> 0.3", [hex: :file_system, repo: "hexpm", optional: false]}, {:phoenix, "~> 1.4", [hex: :phoenix, repo: "hexpm", optional: false]}], "hexpm", "766796676e5f558dbae5d1bdb066849673e956005e3730dfd5affd7a6da4abac"},
24 | "phoenix_live_view": {:hex, :phoenix_live_view, "0.16.4", "5692edd0bac247a9a816eee7394e32e7a764959c7d0cf9190662fc8b0cd24c97", [:mix], [{:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix, "~> 1.5.9 or ~> 1.6.0", [hex: :phoenix, repo: "hexpm", optional: false]}, {:phoenix_html, "~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4.2 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "754ba49aa2e8601afd4f151492c93eb72df69b0b9856bab17711b8397e43bba0"},
25 | "phoenix_pubsub": {:hex, :phoenix_pubsub, "2.1.1", "ba04e489ef03763bf28a17eb2eaddc2c20c6d217e2150a61e3298b0f4c2012b5", [:mix], [], "hexpm", "81367c6d1eea5878ad726be80808eb5a787a23dee699f96e72b1109c57cdd8d9"},
26 | "phoenix_template": {:hex, :phoenix_template, "1.0.1", "85f79e3ad1b0180abb43f9725973e3b8c2c3354a87245f91431eec60553ed3ef", [:mix], [{:phoenix_html, "~> 2.14.2 or ~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: true]}], "hexpm", "157dc078f6226334c91cb32c1865bf3911686f8bcd6bcff86736f6253e6993ee"},
27 | "phoenix_view": {:hex, :phoenix_view, "2.0.2", "6bd4d2fd595ef80d33b439ede6a19326b78f0f1d8d62b9a318e3d9c1af351098", [:mix], [{:phoenix_html, "~> 2.14.2 or ~> 3.0", [hex: :phoenix_html, repo: "hexpm", optional: true]}, {:phoenix_template, "~> 1.0", [hex: :phoenix_template, repo: "hexpm", optional: false]}], "hexpm", "a929e7230ea5c7ee0e149ffcf44ce7cf7f4b6d2bfe1752dd7c084cdff152d36f"},
28 | "plug": {:hex, :plug, "1.14.2", "cff7d4ec45b4ae176a227acd94a7ab536d9b37b942c8e8fa6dfc0fff98ff4d80", [:mix], [{:mime, "~> 1.0 or ~> 2.0", [hex: :mime, repo: "hexpm", optional: false]}, {:plug_crypto, "~> 1.1.1 or ~> 1.2", [hex: :plug_crypto, repo: "hexpm", optional: false]}, {:telemetry, "~> 0.4.3 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: false]}], "hexpm", "842fc50187e13cf4ac3b253d47d9474ed6c296a8732752835ce4a86acdf68d13"},
29 | "plug_cowboy": {:hex, :plug_cowboy, "2.6.1", "9a3bbfceeb65eff5f39dab529e5cd79137ac36e913c02067dba3963a26efe9b2", [:mix], [{:cowboy, "~> 2.7", [hex: :cowboy, repo: "hexpm", optional: false]}, {:cowboy_telemetry, "~> 0.3", [hex: :cowboy_telemetry, repo: "hexpm", optional: false]}, {:plug, "~> 1.14", [hex: :plug, repo: "hexpm", optional: false]}], "hexpm", "de36e1a21f451a18b790f37765db198075c25875c64834bcc82d90b309eb6613"},
30 | "plug_crypto": {:hex, :plug_crypto, "1.2.5", "918772575e48e81e455818229bf719d4ab4181fcbf7f85b68a35620f78d89ced", [:mix], [], "hexpm", "26549a1d6345e2172eb1c233866756ae44a9609bd33ee6f99147ab3fd87fd842"},
31 | "ranch": {:hex, :ranch, "1.8.0", "8c7a100a139fd57f17327b6413e4167ac559fbc04ca7448e9be9057311597a1d", [:make, :rebar3], [], "hexpm", "49fbcfd3682fab1f5d109351b61257676da1a2fdbe295904176d5e521a2ddfe5"},
32 | "sentry": {:hex, :sentry, "7.2.1", "ea6a5d26c4afef97bf21e09612ebe8d97b525b7822429092926377cd82c08f9e", [:mix], [{:hackney, "~> 1.8 or 1.6.5", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.1", [hex: :jason, repo: "hexpm", optional: true]}, {:phoenix, "~> 1.3", [hex: :phoenix, repo: "hexpm", optional: true]}, {:plug, "~> 1.6", [hex: :plug, repo: "hexpm", optional: true]}, {:plug_cowboy, "~> 1.0 or ~> 2.0", [hex: :plug_cowboy, repo: "hexpm", optional: true]}], "hexpm", "8d1a9469095a83ff8575d16dc1b4d73f5444f3da1ded89a44ce8b85481180089"},
33 | "ssl_verify_fun": {:hex, :ssl_verify_fun, "1.1.6", "cf344f5692c82d2cd7554f5ec8fd961548d4fd09e7d22f5b62482e5aeaebd4b0", [:make, :mix, :rebar3], [], "hexpm", "bdb0d2471f453c88ff3908e7686f86f9be327d065cc1ec16fa4540197ea04680"},
34 | "tailwind": {:hex, :tailwind, "0.2.0", "95f9e4a32020c5bec480f1d6a43a49ac8030b13183127b577605f506d6e13a66", [:mix], [{:castore, ">= 0.0.0", [hex: :castore, repo: "hexpm", optional: false]}], "hexpm", "385e939fcd7fe4654be5130b187e358aaabade385513f9d200ffecdbb9552a9e"},
35 | "telemetry": {:hex, :telemetry, "1.2.1", "68fdfe8d8f05a8428483a97d7aab2f268aaff24b49e0f599faa091f1d4e7f61c", [:rebar3], [], "hexpm", "dad9ce9d8effc621708f99eac538ef1cbe05d6a874dd741de2e689c47feafed5"},
36 | "tesla": {:hex, :tesla, "1.4.3", "f5a494e08fb1abe4fd9c28abb17f3d9b62b8f6fc492860baa91efb1aab61c8a0", [:mix], [{:castore, "~> 0.1", [hex: :castore, repo: "hexpm", optional: true]}, {:exjsx, ">= 3.0.0", [hex: :exjsx, repo: "hexpm", optional: true]}, {:finch, "~> 0.3", [hex: :finch, repo: "hexpm", optional: true]}, {:fuse, "~> 2.4", [hex: :fuse, repo: "hexpm", optional: true]}, {:gun, "~> 1.3", [hex: :gun, repo: "hexpm", optional: true]}, {:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: true]}, {:ibrowse, "4.4.0", [hex: :ibrowse, repo: "hexpm", optional: true]}, {:jason, ">= 1.0.0", [hex: :jason, repo: "hexpm", optional: true]}, {:mime, "~> 1.0", [hex: :mime, repo: "hexpm", optional: false]}, {:mint, "~> 1.0", [hex: :mint, repo: "hexpm", optional: true]}, {:poison, ">= 1.0.0", [hex: :poison, repo: "hexpm", optional: true]}, {:telemetry, "~> 0.4 or ~> 1.0", [hex: :telemetry, repo: "hexpm", optional: true]}], "hexpm", "e0755bb664bf4d664af72931f320c97adbf89da4586670f4864bf259b5750386"},
37 | "unicode_util_compat": {:hex, :unicode_util_compat, "0.7.0", "bc84380c9ab48177092f43ac89e4dfa2c6d62b40b8bd132b1059ecc7232f9a78", [:rebar3], [], "hexpm", "25eee6d67df61960cf6a794239566599b09e17e668d3700247bc498638152521"},
38 | "wallaby": {:hex, :wallaby, "0.29.1", "7ad61c98a1425db291a392e45504e897b1271c746b40fe9f19f87a86729d2fac", [:mix], [{:ecto_sql, ">= 3.0.0", [hex: :ecto_sql, repo: "hexpm", optional: true]}, {:httpoison, "~> 0.12 or ~> 1.0", [hex: :httpoison, repo: "hexpm", optional: false]}, {:jason, "~> 1.1", [hex: :jason, repo: "hexpm", optional: false]}, {:phoenix_ecto, ">= 3.0.0", [hex: :phoenix_ecto, repo: "hexpm", optional: true]}, {:web_driver_client, "~> 0.2.0", [hex: :web_driver_client, repo: "hexpm", optional: false]}], "hexpm", "21b1360c4b13adbb0a1ff5c1053204cc4489ac81e9579c6c5011a27915cb7415"},
39 | "web_driver_client": {:hex, :web_driver_client, "0.2.0", "63b76cd9eb3b0716ec5467a0f8bead73d3d9612e63f7560d21357f03ad86e31a", [:mix], [{:hackney, "~> 1.6", [hex: :hackney, repo: "hexpm", optional: false]}, {:jason, "~> 1.0", [hex: :jason, repo: "hexpm", optional: false]}, {:tesla, "~> 1.3", [hex: :tesla, repo: "hexpm", optional: false]}], "hexpm", "83cc6092bc3e74926d1c8455f0ce927d5d1d36707b74d9a65e38c084aab0350f"},
40 | }
41 |
--------------------------------------------------------------------------------
/phoenix_static_buildpack.config:
--------------------------------------------------------------------------------
1 | clean_cache=true
2 | compile="compile"
3 | node_version=16.9.1
4 | yarn_version=1.22.11
5 | phoenix_relative_path=.
6 | remove_node=false
7 | assets_path=.
8 | phoenix_ex=phoenix
--------------------------------------------------------------------------------
/priv/gettext/en/LC_MESSAGES/errors.po:
--------------------------------------------------------------------------------
1 | ## `msgid`s in this file come from POT (.pot) files.
2 | ##
3 | ## Do not add, change, or remove `msgid`s manually here as
4 | ## they're tied to the ones in the corresponding POT file
5 | ## (with the same domain).
6 | ##
7 | ## Use `mix gettext.extract --merge` or `mix gettext.merge`
8 | ## to merge POT files into PO files.
9 | msgid ""
10 | msgstr ""
11 | "Language: en\n"
12 |
13 | ## From Ecto.Changeset.cast/4
14 | msgid "can't be blank"
15 | msgstr ""
16 |
17 | ## From Ecto.Changeset.unique_constraint/3
18 | msgid "has already been taken"
19 | msgstr ""
20 |
21 | ## From Ecto.Changeset.put_change/3
22 | msgid "is invalid"
23 | msgstr ""
24 |
25 | ## From Ecto.Changeset.validate_acceptance/3
26 | msgid "must be accepted"
27 | msgstr ""
28 |
29 | ## From Ecto.Changeset.validate_format/3
30 | msgid "has invalid format"
31 | msgstr ""
32 |
33 | ## From Ecto.Changeset.validate_subset/3
34 | msgid "has an invalid entry"
35 | msgstr ""
36 |
37 | ## From Ecto.Changeset.validate_exclusion/3
38 | msgid "is reserved"
39 | msgstr ""
40 |
41 | ## From Ecto.Changeset.validate_confirmation/3
42 | msgid "does not match confirmation"
43 | msgstr ""
44 |
45 | ## From Ecto.Changeset.no_assoc_constraint/3
46 | msgid "is still associated with this entry"
47 | msgstr ""
48 |
49 | msgid "are still associated with this entry"
50 | msgstr ""
51 |
52 | ## From Ecto.Changeset.validate_length/3
53 | msgid "should be %{count} character(s)"
54 | msgid_plural "should be %{count} character(s)"
55 | msgstr[0] ""
56 | msgstr[1] ""
57 |
58 | msgid "should have %{count} item(s)"
59 | msgid_plural "should have %{count} item(s)"
60 | msgstr[0] ""
61 | msgstr[1] ""
62 |
63 | msgid "should be at least %{count} character(s)"
64 | msgid_plural "should be at least %{count} character(s)"
65 | msgstr[0] ""
66 | msgstr[1] ""
67 |
68 | msgid "should have at least %{count} item(s)"
69 | msgid_plural "should have at least %{count} item(s)"
70 | msgstr[0] ""
71 | msgstr[1] ""
72 |
73 | msgid "should be at most %{count} character(s)"
74 | msgid_plural "should be at most %{count} character(s)"
75 | msgstr[0] ""
76 | msgstr[1] ""
77 |
78 | msgid "should have at most %{count} item(s)"
79 | msgid_plural "should have at most %{count} item(s)"
80 | msgstr[0] ""
81 | msgstr[1] ""
82 |
83 | ## From Ecto.Changeset.validate_number/3
84 | msgid "must be less than %{number}"
85 | msgstr ""
86 |
87 | msgid "must be greater than %{number}"
88 | msgstr ""
89 |
90 | msgid "must be less than or equal to %{number}"
91 | msgstr ""
92 |
93 | msgid "must be greater than or equal to %{number}"
94 | msgstr ""
95 |
96 | msgid "must be equal to %{number}"
97 | msgstr ""
98 |
--------------------------------------------------------------------------------
/priv/gettext/errors.pot:
--------------------------------------------------------------------------------
1 | ## This is a PO Template file.
2 | ##
3 | ## `msgid`s here are often extracted from source code.
4 | ## Add new translations manually only if they're dynamic
5 | ## translations that can't be statically extracted.
6 | ##
7 | ## Run `mix gettext.extract` to bring this file up to
8 | ## date. Leave `msgstr`s empty as changing them here has no
9 | ## effect: edit them in PO (`.po`) files instead.
10 |
11 | ## From Ecto.Changeset.cast/4
12 | msgid "can't be blank"
13 | msgstr ""
14 |
15 | ## From Ecto.Changeset.unique_constraint/3
16 | msgid "has already been taken"
17 | msgstr ""
18 |
19 | ## From Ecto.Changeset.put_change/3
20 | msgid "is invalid"
21 | msgstr ""
22 |
23 | ## From Ecto.Changeset.validate_acceptance/3
24 | msgid "must be accepted"
25 | msgstr ""
26 |
27 | ## From Ecto.Changeset.validate_format/3
28 | msgid "has invalid format"
29 | msgstr ""
30 |
31 | ## From Ecto.Changeset.validate_subset/3
32 | msgid "has an invalid entry"
33 | msgstr ""
34 |
35 | ## From Ecto.Changeset.validate_exclusion/3
36 | msgid "is reserved"
37 | msgstr ""
38 |
39 | ## From Ecto.Changeset.validate_confirmation/3
40 | msgid "does not match confirmation"
41 | msgstr ""
42 |
43 | ## From Ecto.Changeset.no_assoc_constraint/3
44 | msgid "is still associated with this entry"
45 | msgstr ""
46 |
47 | msgid "are still associated with this entry"
48 | msgstr ""
49 |
50 | ## From Ecto.Changeset.validate_length/3
51 | msgid "should be %{count} character(s)"
52 | msgid_plural "should be %{count} character(s)"
53 | msgstr[0] ""
54 | msgstr[1] ""
55 |
56 | msgid "should have %{count} item(s)"
57 | msgid_plural "should have %{count} item(s)"
58 | msgstr[0] ""
59 | msgstr[1] ""
60 |
61 | msgid "should be at least %{count} character(s)"
62 | msgid_plural "should be at least %{count} character(s)"
63 | msgstr[0] ""
64 | msgstr[1] ""
65 |
66 | msgid "should have at least %{count} item(s)"
67 | msgid_plural "should have at least %{count} item(s)"
68 | msgstr[0] ""
69 | msgstr[1] ""
70 |
71 | msgid "should be at most %{count} character(s)"
72 | msgid_plural "should be at most %{count} character(s)"
73 | msgstr[0] ""
74 | msgstr[1] ""
75 |
76 | msgid "should have at most %{count} item(s)"
77 | msgid_plural "should have at most %{count} item(s)"
78 | msgstr[0] ""
79 | msgstr[1] ""
80 |
81 | ## From Ecto.Changeset.validate_number/3
82 | msgid "must be less than %{number}"
83 | msgstr ""
84 |
85 | msgid "must be greater than %{number}"
86 | msgstr ""
87 |
88 | msgid "must be less than or equal to %{number}"
89 | msgstr ""
90 |
91 | msgid "must be greater than or equal to %{number}"
92 | msgstr ""
93 |
94 | msgid "must be equal to %{number}"
95 | msgstr ""
96 |
--------------------------------------------------------------------------------
/test/elixir_console/autocomplete_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.AutocompleteTest do
2 | use ExUnit.Case, async: true
3 | alias ElixirConsole.Autocomplete
4 |
5 | describe "get_suggestions" do
6 | test "returns no suggestions" do
7 | assert Autocomplete.get_suggestions("Foo.bar", 8, []) == []
8 | end
9 |
10 | test "returns no suggestions when the caret is in the middle" do
11 | assert Autocomplete.get_suggestions("Foo.bar", 4, []) == []
12 | end
13 |
14 | test "returns suggestions" do
15 | assert Autocomplete.get_suggestions("Enum.cou", 8, []) == ["Enum.count", "Enum.count_until"]
16 | end
17 |
18 | test "returns suggestions when the caret is in the middle" do
19 | assert Autocomplete.get_suggestions("Enum.ch foo bar", 7, []) == [
20 | "Enum.chunk_by",
21 | "Enum.chunk_every",
22 | "Enum.chunk_while"
23 | ]
24 | end
25 |
26 | test "returns suggestions only for the module name" do
27 | assert Autocomplete.get_suggestions("Li", 3, []) == ["List"]
28 | end
29 |
30 | test "returns only the module name if this is the last word" do
31 | assert Autocomplete.get_suggestions("12 + Enum", 9, []) == ["Enum", "Enumerable"]
32 | end
33 |
34 | test "returns functions names when the last word includes module name and period" do
35 | assert Autocomplete.get_suggestions("12 + List.", 10, []) == [
36 | "List.ascii_printable?",
37 | "List.delete",
38 | "List.delete_at",
39 | "List.duplicate",
40 | "List.first",
41 | "List.flatten",
42 | "List.foldl",
43 | "List.foldr",
44 | "List.improper?",
45 | "List.insert_at"
46 | ]
47 | end
48 |
49 | test "returns suggestions from bindings" do
50 | assert Autocomplete.get_suggestions("4 + varia", 9, variable1: 1, variable2: 2) == [
51 | "variable1",
52 | "variable2"
53 | ]
54 | end
55 |
56 | test "returns suggestions from Kernel functions" do
57 | assert Autocomplete.get_suggestions("4 + le", 6, []) == ["length"]
58 | end
59 |
60 | test "does not return unsafe functions into the suggestions" do
61 | assert Autocomplete.get_suggestions("spawn", 5, []) == []
62 | end
63 |
64 | test "does not return unsafe modules into the suggestions" do
65 | assert Autocomplete.get_suggestions("Cod", 3, []) == []
66 | end
67 | end
68 |
69 | describe "autocompleted_input" do
70 | test "returns updated input value and caret position" do
71 | assert Autocomplete.autocompleted_input("3 + Enum.cou", 12, "Enum.count") == {
72 | "3 + Enum.count",
73 | 14
74 | }
75 | end
76 |
77 | test "returns modifications when it happens in the middle of the input string" do
78 | assert Autocomplete.autocompleted_input("Enum.cou([1]) + 3", 8, "Enum.count") == {
79 | "Enum.count([1]) + 3",
80 | 10
81 | }
82 | end
83 | end
84 | end
85 |
--------------------------------------------------------------------------------
/test/elixir_console/contextual_help_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.ContextualHelpTest do
2 | use ExUnit.Case, async: true
3 | alias ElixirConsole.ContextualHelp
4 |
5 | test "returns only one element if no Elixir functions are found" do
6 | assert ContextualHelp.compute("foo(1)") == ["foo(1)"]
7 | end
8 |
9 | test "adds documentation metadata if Elixir function is found" do
10 | assert [
11 | "",
12 | {"Enum.count",
13 | %{
14 | func_name: "Enum.count/1",
15 | header: ["count(enumerable)"],
16 | link: "https://hexdocs.pm/elixir/Enum.html#count/1"
17 | }},
18 | "([1,2])"
19 | ] = ContextualHelp.compute("Enum.count([1,2])")
20 | end
21 |
22 | test "adds documentation metadata when expression is a list" do
23 | assert [
24 | "[",
25 | {"Enum.count",
26 | %{
27 | func_name: "Enum.count/1",
28 | header: ["count(enumerable)"],
29 | link: "https://hexdocs.pm/elixir/Enum.html#count/1"
30 | }},
31 | "([1,2])]"
32 | ] = ContextualHelp.compute("[Enum.count([1,2])]")
33 | end
34 |
35 | test "adds documentation metadata when expression is a map" do
36 | assert [
37 | "%{\"a\" => ",
38 | {"Enum.count",
39 | %{
40 | func_name: "Enum.count/1",
41 | header: ["count(enumerable)"],
42 | link: "https://hexdocs.pm/elixir/Enum.html#count/1"
43 | }},
44 | "([1,2])}"
45 | ] = ContextualHelp.compute("%{\"a\" => Enum.count([1,2])}")
46 | end
47 |
48 | test "adds documentation metadata when expression is a keyword list" do
49 | assert [
50 | "[a: ",
51 | {"Enum.count",
52 | %{
53 | func_name: "Enum.count/1",
54 | header: ["count(enumerable)"],
55 | link: "https://hexdocs.pm/elixir/Enum.html#count/1"
56 | }},
57 | "([1,2])]"
58 | ] = ContextualHelp.compute("[a: Enum.count([1,2])]")
59 | end
60 |
61 | test "adds documentation metadata properly when omitting default parameters" do
62 | assert [
63 | "",
64 | {"Enum.find",
65 | %{
66 | func_name: "Enum.find/3",
67 | header: ["find(enumerable, default \\\\ nil, fun)"],
68 | link: "https://hexdocs.pm/elixir/Enum.html#find/3"
69 | }},
70 | "([2, 3, 4], fn x -> x end)"
71 | ] = ContextualHelp.compute("Enum.find([2, 3, 4], fn x -> x end)")
72 | end
73 |
74 | test "adds documentation metadata to Kernel functions" do
75 | assert [
76 | "",
77 | {"length",
78 | %{
79 | func_name: "Kernel.length/1",
80 | header: ["length(list)"],
81 | link: "https://hexdocs.pm/elixir/Kernel.html#length/1"
82 | }},
83 | "([1,2,3])"
84 | ] = ContextualHelp.compute("length([1,2,3])")
85 | end
86 |
87 | test "adds documentation metadata to Kernel macros" do
88 | assert [
89 | "3 ",
90 | {"||",
91 | %{
92 | func_name: "Kernel.||/2",
93 | header: ["left || right"],
94 | link: "https://hexdocs.pm/elixir/Kernel.html#||/2"
95 | }},
96 | " 4"
97 | ] = ContextualHelp.compute("3 || 4")
98 | end
99 |
100 | test "adds metadata indicating whether is function or operator" do
101 | assert [
102 | "5 ",
103 | {"+",
104 | %{
105 | type: :operator
106 | }},
107 | " ",
108 | {"Enum.count",
109 | %{
110 | type: :function
111 | }},
112 | "([2,4])"
113 | ] = ContextualHelp.compute("5 + Enum.count([2,4])")
114 | end
115 |
116 | test "adds metadata also for binary operator with functions in the left side" do
117 | assert [
118 | "",
119 | {"Enum.count",
120 | %{
121 | type: :function
122 | }},
123 | "([2]) ",
124 | {"+",
125 | %{
126 | type: :operator
127 | }},
128 | " 5"
129 | ] = ContextualHelp.compute("Enum.count([2]) + 5")
130 | end
131 |
132 | test "adds metadata when expression uses dot notation" do
133 | assert [
134 | "",
135 | {"Map.new",
136 | %{
137 | func_name: "Map.new/1",
138 | header: ["new(enumerable)"]
139 | }},
140 | "(foo).bar"
141 | ] = ContextualHelp.compute("Map.new(foo).bar")
142 | end
143 |
144 | @tag :pending
145 | test "adds metadata to sigils" do
146 | assert ["regex = ", {"Kerne.sigil_r", _}, "/foo|bar/"] =
147 | ContextualHelp.compute("regex = ~r/foo|bar/")
148 | end
149 | end
150 |
--------------------------------------------------------------------------------
/test/elixir_console/sandbox/command_validator_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.CommandValidatorTest do
2 | use ExUnit.Case, async: true
3 | alias ElixirConsole.Sandbox.CommandValidator
4 |
5 | describe "safe_command?/1" do
6 | test "returns :ok when the command is valid" do
7 | assert :ok == CommandValidator.safe_command?("List.first([1,2,3])")
8 | end
9 |
10 | test "returns :error when using an invalid module" do
11 | assert {:error,
12 | "Some Elixir modules are not allowed to be used. " <>
13 | "Not allowed modules attempted: [:File]"} ==
14 | CommandValidator.safe_command?("File.cwd()")
15 | end
16 |
17 | test "returns :error when mixing valid and invalid modules" do
18 | command = ~s{Enum.map(["file1", "file2"], &File.exists?(File.cwd(), &1))}
19 |
20 | assert {:error,
21 | "Some Elixir modules are not allowed to be used. " <>
22 | "Not allowed modules attempted: [:File]"} ==
23 | CommandValidator.safe_command?(command)
24 | end
25 |
26 | test "returns :ok when using a valid Kernel function with implicit module" do
27 | assert :ok == CommandValidator.safe_command?("length([])")
28 | end
29 |
30 | test "returns :ok when using a valid Kernel function with explicit module" do
31 | assert :ok == CommandValidator.safe_command?("Kernel.length([])")
32 | end
33 |
34 | test "returns :ok when using string interpolation" do
35 | assert :ok == CommandValidator.safe_command?("\"foo \#{10} bar\"")
36 | end
37 |
38 | test "returns :ok when using ~w without the atoms modifier" do
39 | assert :ok == CommandValidator.safe_command?("~w(\#{Enum.random(1..10)})")
40 | end
41 |
42 | test "returns :ok when using ~W and atoms modifier" do
43 | assert :ok == CommandValidator.safe_command?("~W(foo bar)a")
44 | end
45 |
46 | test "returns :error when using an invalid Kernel function" do
47 | assert {:error,
48 | "Only safe Kernel functions are allowed to be used. " <>
49 | "Not allowed functions attempted: [:apply]"} ==
50 | CommandValidator.safe_command?("apply(Enum, :count, [[]])")
51 | end
52 |
53 | test "returns :error when using an invalid Kernel macro" do
54 | assert {:error,
55 | "Only safe Kernel functions are allowed to be used. " <>
56 | "Not allowed functions attempted: [:use]"} ==
57 | CommandValidator.safe_command?("use Integer")
58 | end
59 |
60 | test "returns :error when using an invalid Kernel.SpecialForms macro" do
61 | assert {:error,
62 | "Only safe Kernel functions are allowed to be used. " <>
63 | "Not allowed functions attempted: [:quote]"} ==
64 | CommandValidator.safe_command?("quote do: 1 + 2")
65 | end
66 |
67 | test "returns :error when using an invalid Kernel function with explicit module" do
68 | assert {:error,
69 | "Only safe Kernel functions are allowed to be used. " <>
70 | "Not allowed functions attempted: [:apply]"} ==
71 | CommandValidator.safe_command?("Kernel.apply(Enum, :count, [[]])")
72 | end
73 |
74 | test "returns :error when using an Erlang module" do
75 | assert {:error,
76 | "Non-Elixir modules are not allowed to be used. " <>
77 | "Not allowed modules attempted: [:lists]"} ==
78 | CommandValidator.safe_command?(":lists.last([5])")
79 | end
80 |
81 | test "returns :error when attempting to use String.to_atom/1" do
82 | assert {:error,
83 | "Programmatically creation of atoms is not allowed in this online console. " <>
84 | "Consider using String.to_existing_atom/1"} ==
85 | CommandValidator.safe_command?("String.to_atom(\"foo\")")
86 | end
87 |
88 | test "returns :error when attempting to use sigils that create atoms dynamically" do
89 | assert {:error,
90 | "Programmatically creation of atoms is not allowed in this online console. " <>
91 | "For this reason, the `a` modifier is not allowed when using ~w. " <>
92 | "Instead, try using ~W since it does not interpolate the content"} ==
93 | CommandValidator.safe_command?("~w(\#{Enum.random(1..10)})a")
94 | end
95 | end
96 | end
97 |
--------------------------------------------------------------------------------
/test/elixir_console/sandbox/runtime_validations_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.Sandbox.RuntimeValidationsTest do
2 | use ExUnit.Case, async: true
3 | alias ElixirConsole.Sandbox.RuntimeValidations
4 |
5 | test "does not make any change to the AST when no needed" do
6 | command = "[1, 2, 3, 5] ++ [4, 5]"
7 | {:ok, original_ast} = Code.string_to_quoted(command)
8 | assert original_ast == RuntimeValidations.get_augmented_ast(command)
9 | end
10 |
11 | test "replaces invocation when dot operator is used" do
12 | command = "Enum.count([2])"
13 |
14 | {:ok, expected_ast} =
15 | Code.string_to_quoted(
16 | "ElixirConsole.Sandbox.RuntimeValidations.safe_invocation(Enum, :count, [[2]])"
17 | )
18 |
19 | assert expected_ast == RuntimeValidations.get_augmented_ast(command)
20 | end
21 |
22 | test "replace invocations within nested expressions" do
23 | command = "Enum.count(Enum.map([1,2,3], &(&1 * 2)))"
24 |
25 | {:ok, expected_ast} =
26 | Code.string_to_quoted(
27 | "ElixirConsole.Sandbox.RuntimeValidations.safe_invocation(Enum, :count, [" <>
28 | "ElixirConsole.Sandbox.RuntimeValidations.safe_invocation(Enum, :map, [[1,2,3], &(&1 * 2)])" <>
29 | "])"
30 | )
31 |
32 | assert expected_ast == RuntimeValidations.get_augmented_ast(command)
33 | end
34 |
35 | test "changes to direct invocation and replaces invocation when pipe operator is used" do
36 | command = "[1,2,3] |> Enum.map(fn n -> n * 2 end) |> Enum.count"
37 |
38 | {:ok, expected_ast} =
39 | Code.string_to_quoted(
40 | "ElixirConsole.Sandbox.RuntimeValidations.safe_invocation(Enum, :count, [" <>
41 | "ElixirConsole.Sandbox.RuntimeValidations.safe_invocation(Enum, :map, [[1,2,3], fn n -> n * 2 end])" <>
42 | "])"
43 | )
44 |
45 | assert expected_ast == RuntimeValidations.get_augmented_ast(command)
46 | end
47 |
48 | test "makes a safe invocation when string interpolation is used" do
49 | command = "\"Hello \#{:world}\""
50 |
51 | expected_ast =
52 | {:<<>>, [line: 1],
53 | [
54 | "Hello ",
55 | {:"::", [line: 1],
56 | [
57 | {{:., [line: 1],
58 | [
59 | {:__aliases__, [line: 1], [:ElixirConsole, :Sandbox, :RuntimeValidations]},
60 | :safe_invocation
61 | ]}, [line: 1], [Kernel, :to_string, [:world]]},
62 | {:binary, [line: 1], nil}
63 | ]}
64 | ]}
65 |
66 | assert expected_ast == RuntimeValidations.get_augmented_ast(command)
67 | end
68 |
69 | test "does not make changes when dot operator exists but it is not an invocation" do
70 | command = "&Kernel.+/2"
71 | {:ok, expected_ast} = Code.string_to_quoted("&Kernel.+/2")
72 |
73 | assert expected_ast == RuntimeValidations.get_augmented_ast(command)
74 | end
75 | end
76 |
--------------------------------------------------------------------------------
/test/elixir_console/sandbox_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsole.SandboxTest do
2 | use ExUnit.Case, async: true
3 | alias ElixirConsole.Sandbox
4 |
5 | setup do
6 | [sandbox: Sandbox.init()]
7 | end
8 |
9 | describe "Sandbox success and error cases" do
10 | test "runs a basic command", %{sandbox: sandbox} do
11 | expected_sandbox = %Sandbox{sandbox | bindings: []}
12 |
13 | assert Sandbox.execute("1 + 2", sandbox) == {:success, {3, expected_sandbox}}
14 | end
15 |
16 | test "adds a new binding", %{sandbox: sandbox} do
17 | expected_sandbox = %Sandbox{sandbox | bindings: [a: 3]}
18 |
19 | assert Sandbox.execute("a = 1 + 2", sandbox) == {:success, {3, expected_sandbox}}
20 | end
21 |
22 | test "updates an existing binding", %{sandbox: sandbox} do
23 | sandbox = %Sandbox{sandbox | bindings: [a: "foo"]}
24 | expected_sandbox = %Sandbox{sandbox | bindings: [a: 3]}
25 |
26 | assert Sandbox.execute("a = 1 + 2", sandbox) == {:success, {3, expected_sandbox}}
27 | end
28 |
29 | test "keeps existing bindings", %{sandbox: sandbox} do
30 | sandbox = %Sandbox{sandbox | bindings: [a: "foo"]}
31 | expected_sandbox = %Sandbox{sandbox | bindings: [a: "foo"]}
32 |
33 | assert Sandbox.execute("1 + 2", sandbox) == {:success, {3, expected_sandbox}}
34 | end
35 |
36 | test "doesn't store expanded bindings with added context", %{sandbox: sandbox} do
37 | sandbox = %Sandbox{sandbox | bindings: [a: "1"]}
38 | expected_sandbox = %Sandbox{sandbox | bindings: [a: "1"]}
39 |
40 | assert Sandbox.execute("nil", sandbox) == {:success, {nil, expected_sandbox}}
41 | end
42 |
43 | test "reports excessive memory usage", %{sandbox: sandbox} do
44 | assert {:error, {"The command used more memory than allowed", _}} =
45 | Sandbox.execute("for i <- 1..70_000, do: i", sandbox)
46 | end
47 |
48 | test "reports excessive memory usage with custom memory limit", %{sandbox: sandbox} do
49 | assert {:error, {"The command used more memory than allowed", _}} =
50 | Sandbox.execute("for i <- 1..100_000_000, do: i", sandbox, max_memory_kb: 10)
51 | end
52 |
53 | test "reports excessive time spent on the execution", %{sandbox: sandbox} do
54 | assert {:error, {"The command was cancelled due to timeout", _}} =
55 | Sandbox.execute("Enum.each(1..100_000_000, &(&1))", sandbox, timeout: 50)
56 | end
57 |
58 | test "refuses to run unsafe code", %{sandbox: sandbox} do
59 | assert {:error,
60 | {"Some Elixir modules are not allowed to be used. " <>
61 | "Not allowed modules attempted: [:File]",
62 | _}} = Sandbox.execute("File.cwd()", sandbox)
63 | end
64 |
65 | test "refuses to run a very large command", %{sandbox: sandbox} do
66 | assert {:error, {"Command is too long. Try running a shorter piece of code.", _}} =
67 | Sandbox.execute(
68 | String.duplicate("a", 600),
69 | sandbox
70 | )
71 | end
72 |
73 | test "allows to run more commands after excessive memory usage error", %{sandbox: sandbox} do
74 | {:error, {_, sandbox}} = Sandbox.execute("for i <- 1..70_000, do: i", sandbox)
75 |
76 | assert {:success, {3, _}} = Sandbox.execute("1 + 2", sandbox)
77 | end
78 |
79 | test "allows to run more commands after timeout error", %{sandbox: sandbox} do
80 | {:error, {_, sandbox}} =
81 | Sandbox.execute("Enum.each(1..100_000_000, &(&1))", sandbox, timeout: 50)
82 |
83 | assert {:success, {3, _}} = Sandbox.execute("1 + 2", sandbox)
84 | end
85 |
86 | test "returns a runtime error when about to invoke an unsafe function", %{sandbox: sandbox} do
87 | assert {:error,
88 | {"%RuntimeError{message: \"Sandbox runtime error: " <>
89 | "Some Elixir modules are not allowed to be used. " <>
90 | "Not allowed module attempted: File\"}",
91 | _}} = Sandbox.execute(":\"Elixir.File\".cwd()", sandbox)
92 | end
93 |
94 | test "returns a runtime error when about to invoke an unsafe function indirectly", %{
95 | sandbox: sandbox
96 | } do
97 | assert {:error,
98 | {"%RuntimeError{message: \"Sandbox runtime error: " <>
99 | "Some Elixir modules are not allowed to be used. " <>
100 | "Not allowed module attempted: File\"}",
101 | _}} = Sandbox.execute("a = :\"Elixir.File\"; a.cwd()", sandbox)
102 | end
103 |
104 | test "returns a runtime error when about to invoke an Erlang function", %{sandbox: sandbox} do
105 | assert {:error,
106 | {"%RuntimeError{message: \"Sandbox runtime error: " <>
107 | "Some Elixir modules are not allowed to be used. " <>
108 | "Not allowed module attempted: :lists\"}",
109 | _}} = Sandbox.execute("a = :lists; a.last([5])", sandbox)
110 | end
111 |
112 | test "returns a runtime error when abusive string creation is attempted", %{sandbox: sandbox} do
113 | assert {:error,
114 | {"%RuntimeError{message: \"Sandbox runtime error: String.duplicate/2 " <>
115 | "is not safe to be executed when the second parameter is a very large number.\"}",
116 | _}} = Sandbox.execute("String.duplicate(\"a\", 100_000_000)", sandbox)
117 |
118 | assert {:error,
119 | {"%RuntimeError{message: \"Sandbox runtime error: String.pad_leading/3 " <>
120 | "is not safe to be executed when the second parameter is a very large number.\"}",
121 | _}} = Sandbox.execute("String.pad_leading(\"a\", 1_000_000, \"b\")", sandbox)
122 |
123 | assert {:error,
124 | {"%RuntimeError{message: \"Sandbox runtime error: String.pad_trailing/3 " <>
125 | "is not safe to be executed when the second parameter is a very large number.\"}",
126 | _}} = Sandbox.execute("String.pad_trailing(\"a\", 1_000_000, \"b\")", sandbox)
127 | end
128 |
129 | test "returns a compile error when about to invoke an Erlang function", %{sandbox: sandbox} do
130 | assert {:error,
131 | {"%CompileError{description: \"undefined function date/0 (there is no such import)\", file: \"nofile\", line: 1}",
132 | _}} = Sandbox.execute("date()", sandbox)
133 | end
134 |
135 | test "returns a compile error when invoking unknown function", %{sandbox: sandbox} do
136 | assert {:error,
137 | {"%CompileError{description: \"undefined function foo/1 (there is no such import)\", file: \"nofile\", line: 1}",
138 | _}} = Sandbox.execute("foo(:bar)", sandbox)
139 | end
140 | end
141 |
142 | describe "Elixir functionality that is supported by the console" do
143 | test "works with empty command", %{sandbox: sandbox} do
144 | expected_sandbox = %Sandbox{sandbox | bindings: []}
145 |
146 | assert Sandbox.execute("", sandbox) ==
147 | {:success, {nil, expected_sandbox}}
148 | end
149 |
150 | test "works with string interpolation", %{sandbox: sandbox} do
151 | expected_sandbox = %Sandbox{sandbox | bindings: []}
152 |
153 | assert Sandbox.execute("\"Hello \#{:world}\"", sandbox) ==
154 | {:success, {"Hello world", expected_sandbox}}
155 | end
156 |
157 | test "works with pipe operator", %{sandbox: sandbox} do
158 | expected_sandbox = %Sandbox{sandbox | bindings: []}
159 |
160 | assert Sandbox.execute("[1,2,3] |> Enum.filter(fn n -> n > 2 end) |> Enum.count", sandbox) ==
161 | {:success, {1, expected_sandbox}}
162 | end
163 |
164 | test "works with tuples in pattern matching", %{sandbox: sandbox} do
165 | expected_sandbox = %Sandbox{sandbox | bindings: [a: :hello, b: "world", c: 42]}
166 |
167 | assert Sandbox.execute("{a, b, c} = {:hello, \"world\", 42}", sandbox) ==
168 | {:success, {{:hello, "world", 42}, expected_sandbox}}
169 | end
170 |
171 | test "works with list in pattern matching", %{sandbox: sandbox} do
172 | expected_sandbox = %Sandbox{sandbox | bindings: [head: 1, tail: [2, 3]]}
173 |
174 | assert Sandbox.execute("[head | tail] = [1, 2, 3]", sandbox) ==
175 | {:success, {[1, 2, 3], expected_sandbox}}
176 | end
177 |
178 | test "works with basic if blocks", %{sandbox: sandbox} do
179 | expected_sandbox = %Sandbox{sandbox | bindings: []}
180 |
181 | assert Sandbox.execute("if true, do: :great", sandbox) ==
182 | {:success, {:great, expected_sandbox}}
183 |
184 | assert Sandbox.execute("if false, do: :great, else: :bad", sandbox) ==
185 | {:success, {:bad, expected_sandbox}}
186 | end
187 |
188 | test "works with Bitwise macros (without the need to use the module)", %{sandbox: sandbox} do
189 | expected_sandbox = %Sandbox{sandbox | bindings: []}
190 |
191 | assert Sandbox.execute("1 &&& 1", sandbox) ==
192 | {:success, {1, expected_sandbox}}
193 | end
194 |
195 | test "works with improper lists", %{sandbox: sandbox} do
196 | expected_sandbox = %Sandbox{sandbox | bindings: [a: [1, 2 | 3], b: [4 | 5]]}
197 |
198 | assert Sandbox.execute("{a, b} = {[1, 2] ++ 3, [4 | 5]}", sandbox) ==
199 | {:success, {{[1, 2 | 3], [4 | 5]}, expected_sandbox}}
200 | end
201 |
202 | test "works with nested structures", %{sandbox: sandbox} do
203 | users = [
204 | john: %{name: "John", age: 27, languages: ["Erlang", "Ruby", "Elixir"]},
205 | mary: %{name: "Mary", age: 29, languages: ["Elixir", "F#", "Clojure"]}
206 | ]
207 |
208 | initial_and_expected_sandbox = %Sandbox{sandbox | bindings: [users: users]}
209 |
210 | assert Sandbox.execute("users[:john].age", initial_and_expected_sandbox) ==
211 | {:success, {27, initial_and_expected_sandbox}}
212 | end
213 |
214 | test "works when using Kernel.put_in/2 and friends", %{sandbox: sandbox} do
215 | users = %{"john" => %{age: 27}, "meg" => %{age: 23}}
216 | initial_and_expected_sandbox = %Sandbox{sandbox | bindings: [users: users]}
217 |
218 | assert Sandbox.execute("put_in(users[\"john\"][:age], 28)", initial_and_expected_sandbox) ==
219 | {:success,
220 | {%{"john" => %{age: 28}, "meg" => %{age: 23}}, initial_and_expected_sandbox}}
221 |
222 | assert Sandbox.execute(
223 | "update_in(users[\"john\"].age, &(&1 + 1))",
224 | initial_and_expected_sandbox
225 | ) ==
226 | {:success,
227 | {%{"john" => %{age: 28}, "meg" => %{age: 23}}, initial_and_expected_sandbox}}
228 |
229 | assert Sandbox.execute(
230 | "get_and_update_in(users[\"john\"].age, &{&1, &1 + 1})",
231 | initial_and_expected_sandbox
232 | ) ==
233 | {:success,
234 | {{27, %{"john" => %{age: 28}, "meg" => %{age: 23}}}, initial_and_expected_sandbox}}
235 | end
236 |
237 | test "works with function capturing", %{sandbox: sandbox} do
238 | expected_sandbox = %Sandbox{sandbox | bindings: []}
239 |
240 | assert Sandbox.execute("Enum.reduce([1,2,3,4,5], &Kernel.+/2)", sandbox) ==
241 | {:success, {15, expected_sandbox}}
242 | end
243 | end
244 | end
245 |
--------------------------------------------------------------------------------
/test/elixir_console_web/features/console_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.ConsoleTest do
2 | use ExUnit.Case, async: true
3 | use Wallaby.Feature
4 |
5 | import Wallaby.Query, only: [css: 1]
6 |
7 | @command_input css("#commandInput")
8 | @command_output css("#commandOutput")
9 | @suggestions_list css("#suggestions-list")
10 | @documentation_output css("#documentation-output")
11 |
12 | feature "visitor can evaluate an expression", %{session: session} do
13 | session
14 | |> visit("/")
15 | |> fill_in(@command_input, with: "a = 1 + 2")
16 | |> send_keys([:enter])
17 | |> find(@command_output, fn output ->
18 | assert_text(output, "> a = 1 + 2")
19 | assert_text(output, "3")
20 | end)
21 | |> find(@command_input, fn input ->
22 | input
23 | |> has_value?("")
24 | |> assert
25 | end)
26 | end
27 |
28 | feature "visitor can get suggestions while typing", %{session: session} do
29 | session
30 | |> visit("/")
31 | |> fill_in(@command_input, with: "Enu")
32 | |> send_keys([:tab])
33 | |> find(@suggestions_list, fn suggestions_list ->
34 | assert_text(suggestions_list, "Enum\n")
35 | assert_text(suggestions_list, "Enumerable")
36 | end)
37 | |> fill_in(@command_input, with: "Enumer")
38 | |> send_keys([:tab])
39 | |> find(@command_input, fn input ->
40 | input
41 | |> has_value?("Enumerable")
42 | |> assert
43 | end)
44 | end
45 |
46 | feature "visitor can get official documentation of an elixir function", %{session: session} do
47 | session
48 | |> visit("/")
49 | |> fill_in(@command_input, with: "String.length('elixir')")
50 | |> send_keys([:enter])
51 | |> find(@command_output, fn output ->
52 | output
53 | |> assert_text("> String.length('elixir')")
54 | |> click(css("[phx-value-func_name='String.length/1']"))
55 | end)
56 | |> find(@documentation_output, fn documentation_output ->
57 | assert_text(documentation_output, "String.length/1")
58 |
59 | assert_text(
60 | documentation_output,
61 | "Returns the number of Unicode graphemes in a UTF-8 string."
62 | )
63 | end)
64 | end
65 |
66 | feature "visitor can cycle through previously used commands", %{session: session} do
67 | session
68 | |> visit("/")
69 | |> fill_in(@command_input, with: "a = 1 + 2")
70 | |> send_keys([:enter])
71 | |> fill_in(@command_input, with: "b = 'This is a string'")
72 | |> send_keys([:enter])
73 | |> fill_in(@command_input, with: "c = String.length(b)")
74 | |> send_keys([:enter])
75 | |> find(@command_input, fn input ->
76 | input
77 | |> has_value?("")
78 | |> assert
79 | end)
80 | |> send_keys([:up_arrow])
81 | |> find(@command_input, fn input ->
82 | input
83 | |> has_value?("c = String.length(b)")
84 | |> assert
85 | end)
86 | |> send_keys([:up_arrow])
87 | |> find(@command_input, fn input ->
88 | input
89 | |> has_value?("b = 'This is a string'")
90 | |> assert
91 | end)
92 | |> send_keys([:down_arrow])
93 | |> find(@command_input, fn input ->
94 | input
95 | |> has_value?("c = String.length(b)")
96 | |> assert
97 | end)
98 | end
99 | end
100 |
--------------------------------------------------------------------------------
/test/elixir_console_web/live/console_live_test.exs:
--------------------------------------------------------------------------------
1 | defmodule ElixirConsoleWeb.ConsoleLiveTest do
2 | use ElixirConsoleWeb.ConnCase, async: true
3 | import Phoenix.LiveViewTest
4 |
5 | describe "sending valid commands" do
6 | def render_with_valid_command(%{conn: conn}) do
7 | {:ok, view, _html} = live(conn, "/")
8 |
9 | view
10 | |> element("#command_input")
11 | |> render_submit(%{"command" => "a = 1 + 2"})
12 |
13 | [html: render(view)]
14 | end
15 |
16 | setup :render_with_valid_command
17 |
18 | test "command is visible in the console history", %{html: html} do
19 | assert html =~ ~r/> a = 1 \+<\/span> 2/
20 | end
21 |
22 | test "command result is displayed", %{html: html} do
23 | assert html =~ ~r/]*id="output.".*3.*<\/div>/s
24 | end
25 |
26 | test "binding value is displayed in the Current Variables section", %{html: html} do
27 | assert html =~ ~r/]*>Current Bindings<\/h2>a: /s
28 | end
29 | end
30 |
31 | describe "sending a second valid command" do
32 | setup(%{conn: conn}) do
33 | {:ok, view, _html} = live(conn, "/")
34 |
35 | form = element(view, "#command_input")
36 | render_submit(form, %{"command" => "a = 3"})
37 | render_submit(form, %{"command" => "nil"})
38 |
39 | [html: render(view)]
40 | end
41 |
42 | test "binding value is still displayed when it's normalized", %{html: html} do
43 | assert html =~ ~r/a: /s
44 | end
45 | end
46 |
47 | describe "sending invalid commands" do
48 | test "runtime error is informed", %{conn: conn} do
49 | {:ok, view, _html} = live(conn, "/")
50 |
51 | view
52 | |> element("#command_input")
53 | |> render_submit(%{"command" => "3 / 0"})
54 |
55 | html = render(view)
56 |
57 | assert html =~
58 | "%ArithmeticError{message: "bad argument in arithmetic expression"}"
59 | end
60 |
61 | test "memory abuse is informed", %{conn: conn} do
62 | {:ok, view, _html} = live(conn, "/")
63 |
64 | view
65 | |> element("#command_input")
66 | |> render_submit(%{"command" => "for i <- 1..70_000, do: i"})
67 |
68 | html = render(view)
69 |
70 | assert html =~ "The command used more memory than allowed"
71 | end
72 |
73 | test "unknown module and functions error is displayed", %{conn: conn} do
74 | {:ok, view, _html} = live(conn, "/")
75 |
76 | view
77 | |> element("#command_input")
78 | |> render_submit(%{"command" => "Enum.foo(3)"})
79 |
80 | html = render(view)
81 |
82 | assert html =~
83 | "%UndefinedFunctionError{arity: 1, function: :foo, message: nil, module: Enum, reason: nil}"
84 | end
85 |
86 | test "send a command with invalid modules", %{conn: conn} do
87 | {:ok, view, _html} = live(conn, "/")
88 |
89 | view
90 | |> element("#command_input")
91 | |> render_submit(%{"command" => "File.exists?(Code.get_docs())"})
92 |
93 | html = render(view)
94 |
95 | assert html =~
96 | "Some Elixir modules are not allowed to be used. " <>
97 | "Not allowed modules attempted: [:Code, :File]"
98 | end
99 | end
100 |
101 | describe "autocomplete" do
102 | test "show suggestions if more than one", %{conn: conn} do
103 | {:ok, view, _html} = live(conn, "/")
104 |
105 | view
106 | |> with_target("#command_input")
107 | |> render_hook(:suggest, %{"value" => "Enum.co", "caret_position" => 7})
108 |
109 | html = render(view)
110 |
111 | assert html =~ ~r/Suggestions\:.*Enum\.concat.*Enum\.count/
112 | end
113 |
114 | test "autocomplete and do not show suggestions if only one", %{conn: conn} do
115 | {:ok, view, _html} = live(conn, "/")
116 |
117 | view
118 | |> with_target("#command_input")
119 | |> render_hook(:suggest, %{"value" => "Enum.conc", "caret_position" => 9})
120 |
121 | html = render(view)
122 |
123 | assert html =~ ~r/\