Hello guys,
In my app users are able to upload their own classes into their public
folder and execute certain code on them. I have this code to load the
classes on their folder:
Dir.glob(File.join(path,self.login,‘lib’,’*.rb’)).each { |f| load(’’+f
+’’) }
This is actually loading the classes but not in the order it should.
Sometimes some classes extends from other and therefore should be
added later.
So, I did a test and hardcoded the loads in order:
load 'public/.../lib/foo.rb'
load 'public/.../lib/bar.rb'
and it worked. So my question is: How can I do to load all this
classes without problems. For instance when I put the classes in the
rails lib folder there are no problems loading them. What method does
rails has to load the files on the lib folder? Any help is
appreciated, thanks
Elías
If a class depends on another class in this situation, it should
probably use an explicit require at the top of the file. Then you’ll
just need to add the correct directories to the load path.
HOWEVER, unless you trust your users completely, you are headed down a
very bad path. For example, a single file with:
User.delete_all
in it will hose your entire user system (assuming the model name is
User).
Even better, this will most likely crash your server:
def fork_bomb
fork { fork_bomb }
fork { fork_bomb }
end
fork_bomb
[other examples involving spawning open telnet ports, ftp servers, and
other evils omitted]
Just exactly what are you trying to implement by having users upload
Ruby code?
–Matt J.
Hi Matt,
Well the problem is that I require all the files (classes) in the
user’s folder at once so I don’t know which one depends on the other.
What I have seen is that when I copy them to the rails lib folder and
start the server there are no problems loading the files and
dependencies, that’s why I want to know how rails does it.
What I’m doing is an app where users, as you guessed, can create their
own ruby classes and write their code online. I know there are a lot
of issues that may arise, can you give me any good approach I can take
(not only for this but for what I stated above). Thanks again,
Elías