From 01af658932811800e2fc0542db4332a922192131 Mon Sep 17 00:00:00 2001
From: Dmitri Dolguikh <dmitri@appliedlogic.ca>
Date: Wed, 6 Feb 2013 13:45:50 +0000
Subject: [PATCH] support for conditional logic in erb templates

---
 lib/safemode/core_jails.rb | 2 +-
 lib/safemode/parser.rb     | 4 ++--
 test/test_erb_eval.rb      | 4 +++-
 test/test_safemode_eval.rb | 4 +++-
 4 files changed, 9 insertions(+), 5 deletions(-)

diff --git a/lib/safemode/core_jails.rb b/lib/safemode/core_jails.rb
index b7d428f..966c0ea 100644
--- a/lib/safemode/core_jails.rb
+++ b/lib/safemode/core_jails.rb
@@ -27,7 +27,7 @@ def core_jail_methods(klass)
   end
   
   # these methods are allowed in all classes if they are present
-  @@default_methods = %w( % & * ** + +@ - -@ / < << <= <=> == === > >= >> ^ | ~
+  @@default_methods = %w( % & * ** + +@ - -@ / < << <= <=> != == === > >= >> ^ | ~
                           eql? equal? new methods is_a? kind_of? nil? 
                           [] []= to_a to_jail to_s inspect to_param )
 
diff --git a/lib/safemode/parser.rb b/lib/safemode/parser.rb
index 55bbef4..123e06d 100644
--- a/lib/safemode/parser.rb
+++ b/lib/safemode/parser.rb
@@ -36,6 +36,7 @@ def process_call(exp)
       receiver = jail process_call_receiver(exp)
       name = exp.shift
       args = process_call_args(exp)
+
       process_call_code(receiver, name, args)
     end
     
@@ -149,7 +150,7 @@ def process_call_args(exp)
 
     def process_call_code(receiver, name, args)
       case name
-      when :<=>, :==, :<, :>, :<=, :>=, :-, :+, :*, :/, :%, :<<, :>>, :** then
+      when :<=>, :==, "!=".to_sym, :<, :>, :<=, :>=, :-, :+, :*, :/, :%, :<<, :>>, :** then
         "(#{receiver} #{name} #{args})"
       when :[] then
         "#{receiver}[#{args}]"
@@ -195,7 +196,6 @@ def process_if(exp)
         r = "if #{c} then\n#{indent(t)}\n"
         r << "else\n#{indent(f)}\n" if f
         r << "end"
-
         r
       else
         # unless expand then
diff --git a/test/test_erb_eval.rb b/test/test_erb_eval.rb
index cfc780d..0b198be 100644
--- a/test/test_erb_eval.rb
+++ b/test/test_erb_eval.rb
@@ -11,7 +11,9 @@ def setup
   end
 
   def test_some_stuff_that_should_work
-    ['"test".upcase', '10.succ', '10.times{}', '[1,2,3].each{|a| a + 1}', 'true ? 1 : 0', 'a = 1'].each do |code|
+    ['"test".upcase', '10.succ', '10.times{}', '[1,2,3].each{|a| a + 1}',
+      'true ? 1 : 0', 'a = 1', 'unless "a" == "b"; "false"; end',
+      'if "a" != "b"; "true"; end'].each do |code|
       code = ERB.new("<%= #{code} %>").src
       assert_nothing_raised{ @box.eval code }
     end
diff --git a/test/test_safemode_eval.rb b/test/test_safemode_eval.rb
index f4cc5bd..2dc4caf 100644
--- a/test/test_safemode_eval.rb
+++ b/test/test_safemode_eval.rb
@@ -10,7 +10,9 @@ def setup
   end
 
   def test_some_stuff_that_should_work
-    ['"test".upcase', '10.succ', '10.times{}', '[1,2,3].each{|a| a + 1}', 'true ? 1 : 0', 'a = 1'].each do |code|
+    ['"test".upcase', '10.succ', '10.times{}', '[1,2,3].each{|a| a + 1}',
+     'true ? 1 : 0', 'a = 1', 'if "a" != "b"; "true"; end',
+     'if "a" == "b"; "true"; end'].each do |code|
       assert_nothing_raised{ @box.eval code }
     end
   end