Merge pull request #31 from archmoj/allow-cwise-transform

goto-bus-stop · web-flow · commit 09c4b836f28f · 2020-06-15T12:13:54.000+02:00
diff --git a/index.js b/index.js
@@ -1,9 +1,12 @@
 var unparse = require('escodegen').generate;
 
-module.exports = function (ast, vars) {
+module.exports = function (ast, vars, opts) {
+    if(!opts) opts = {};
+    var rejectAccessToMethodsOnFunctions = !opts.allowAccessToMethodsOnFunctions;
+
     if (!vars) vars = {};
     var FAIL = {};
-    
+
     var result = (function walk (node, noExecute) {
         if (node.type === 'Literal') {
             return node.value;
@@ -63,7 +66,7 @@ module.exports = function (ast, vars) {
             if (l === FAIL) return FAIL;
             var r = walk(node.right, noExecute);
             if (r === FAIL) return FAIL;
-            
+
             if (op === '==') return l == r;
             if (op === '===') return l === r;
             if (op === '!=') return l != r;
@@ -80,7 +83,7 @@ module.exports = function (ast, vars) {
             if (op === '|') return l | r;
             if (op === '&') return l & r;
             if (op === '^') return l ^ r;
-            
+
             return FAIL;
         }
         else if (node.type === 'Identifier') {
@@ -100,7 +103,7 @@ module.exports = function (ast, vars) {
             if (callee === FAIL) return FAIL;
             if (typeof callee !== 'function') return FAIL;
 
-            
+
             var ctx = node.callee.object ? walk(node.callee.object, noExecute) : FAIL;
             if (ctx === FAIL) ctx = null;
 
@@ -119,8 +122,9 @@ module.exports = function (ast, vars) {
         }
         else if (node.type === 'MemberExpression') {
             var obj = walk(node.object, noExecute);
-            // do not allow access to methods on Function 
-            if((obj === FAIL) || (typeof obj == 'function')){
+            if((obj === FAIL) || (
+                (typeof obj == 'function') && rejectAccessToMethodsOnFunctions
+            )){
                 return FAIL;
             }
             if (node.property.type === 'Identifier' && !node.computed) {
@@ -147,7 +151,7 @@ module.exports = function (ast, vars) {
         }
         else if (node.type === 'FunctionExpression') {
             var bodies = node.body.body;
-            
+
             // Create a "scope" for our arguments
             var oldVars = {};
             Object.keys(vars).forEach(function(element){
@@ -168,7 +172,7 @@ module.exports = function (ast, vars) {
             }
             // restore the vars and scope after we walk
             vars = oldVars;
-            
+
             var keys = Object.keys(vars);
             var vals = keys.map(function(key) {
                 return vars[key];
@@ -196,7 +200,7 @@ module.exports = function (ast, vars) {
         }
         else return FAIL;
     })(ast);
-    
+
     return result === FAIL ? undefined : result;
 };
 
