function TwigSandboxPolicy::checkMethodAllowed

Same name in other branches
  1. 8.9.x core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::checkMethodAllowed()
  2. 10 core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::checkMethodAllowed()
  3. 11.x core/lib/Drupal/Core/Template/TwigSandboxPolicy.php \Drupal\Core\Template\TwigSandboxPolicy::checkMethodAllowed()

File

core/lib/Drupal/Core/Template/TwigSandboxPolicy.php, line 89

Class

TwigSandboxPolicy
Default sandbox policy for Twig templates.

Namespace

Drupal\Core\Template

Code

public function checkMethodAllowed($obj, $method) {
    foreach ($this->allowed_classes as $class => $key) {
        if ($obj instanceof $class) {
            return TRUE;
        }
    }
    // Return quickly for an exact match of the method name.
    if (isset($this->allowed_methods[$method])) {
        return TRUE;
    }
    // If the method name starts with an allowed prefix, allow it. Note:
    // strpos() is between 3x and 7x faster than preg_match() in this case.
    foreach ($this->allowed_prefixes as $prefix) {
        if (strpos($method, $prefix) === 0) {
            return TRUE;
        }
    }
    throw new SecurityError(sprintf('Calling "%s" method on a "%s" object is not allowed.', $method, get_class($obj)));
}

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.