my eye
Angelo Gladding
Hacker for right homesteading the web.
@ragt.ag@angelo@ragt.agangelo@ragt.ag@tyosxbghzcf5

Release 0.0.39

Committed 15aea0

--- a/pyproject.toml
+++ b/pyproject.toml

 
 [tool.poetry]
 name = "webint-code"
-version = "0.0.38"
+version = "0.0.39"
 description = "manage code on your website"
 keywords = ["git", "pypi"]
 homepage = "https://ragt.ag/code/projects/webint-code"

--- a/webint_code/__init__.py
+++ b/webint_code/__init__.py

 
 import os
 import pathlib
+import random
 import re
 import shutil
+import string
 import subprocess
 import time
 

 import semver
 import web
 import webagt
+from RestrictedPython import (
+    compile_restricted,
+    limited_builtins,
+    safe_builtins,
+    utility_builtins,
+)
+from RestrictedPython.Eval import (
+    default_guarded_getattr,
+    default_guarded_getitem,
+    default_guarded_getiter,
+)
+from RestrictedPython.PrintCollector import PrintCollector
 
 app = web.application(
     __name__,

         )
 
 
+@app.control("snippets")
+class Snippets:
+    """Code snippets."""
+
+    def get(self):
+        return ""
+
+    def post(self):
+        code = web.form("code").code
+        builtins = dict(safe_builtins)
+        builtins.update(**limited_builtins)
+        builtins.update(**utility_builtins)
+        env = {
+            "__builtins__": builtins,
+            "_getiter_": default_guarded_getiter,
+            "_getattr_": default_guarded_getattr,
+            "_getitem_": default_guarded_getitem,
+            "_print_": PrintCollector,
+        }
+        secret = "".join(random.choices(string.ascii_lowercase, k=20))
+        try:
+            exec(
+                compile_restricted(f"{code}\n{secret} = printed", "<string>", "exec"),
+                env,
+            )
+        except Exception as err:
+            result = err.args[0]
+        else:
+            result = env[secret]
+        return app.view.snippets.snippet(code, result)
+
+
 @app.control("projects")
 class Projects:
     """List of projects."""

--- a/webint_code/templates/index.html
+++ b/webint_code/templates/index.html

 $def with (system, apps, projects)
 $var title: Code
 
+<form action=/snippets method=post>
+<textarea name=code>random.choice("foobarbatbaz")</textarea>
+<button>Run</button>
+</form>
+
 <h2>Projects</h2>
 <ul>
 $for project in projects:

index 0000000..b6a2a7e
--- /dev/null

+$def with (code, result)
+
+<pre>$code</pre>
+
+<p><big>$result</big></p>