| Josh Cooper EPP results in AST elements specific to EPP for rendering a value as a string. That evaluation could evaluate the expression, check if the result is a Sensitive, and then instead of getting a REDACTED result it would unwrap the sensitive value and turn that into a string. It would then need to communicate the the top level that the entire result should be wrapped in a Sensitive. The passing back of that value is the most difficult as it needs to handle nesting (one EPP could call another for example). Well - you managed to nerd snipe me  The relevant parts is in the `evaluator_impl.rb`
def eval_EppExpression(o, scope) |
scope["@epp"] = [] |
evaluate(o.body, scope) |
result = scope["@epp"].join |
result |
end |
|
def eval_RenderStringExpression(o, scope) |
scope["@epp"] << o.value.dup |
nil |
end |
|
def eval_RenderExpression(o, scope) |
scope["@epp"] << string(evaluate(o.expr, scope), scope) |
nil |
end
|
As you can see the EppExpression is where it joins all the fragments into the final string. It would need to be able to tell Sensitive entries apart from the others. The RenderExpression should for example not call string() if the evaluate() results in a Sensitive, and instead just add the Sensitive instance to the scope's @epp array. The RenderStringExpression is for the verbatim template text. Then in EppExpression it would map the @epp array such that if it encountered a Sensitive values it would unwrap it and set the flag. Then it would join the segments, and finally if the flag was set, wrap the result in a Sensitive. As a consequence code that evaluates epp (like the epp application for testing etc) needs to be updated to handle the case that it may get a Sensitive. The return type of epp() and inline_epp() may not be declared, if it is it needs to be specified as Variant[String, Sensitive[String]]. Hope that helps. |
