[enh] Remove `eval` code

eb796fb4 · Cédric Moreau · a28c08b1 · eb796fb4 · eb796fb4 · eb796fb4
Commit eb796fb4 authored 8 years ago by Cédric Moreau
--- a/.eslintrc
+++ b/.eslintrc
@@ -22,6 +22,7 @@
    "no-trailing-spaces": 0,
    "no-unused-expressions": 0,
    "comma-spacing": 0,
+    "no-eval": 0,

    "quotes": [0, "double"],
    "linebreak-style": [1,"unix"],
@@ -30,7 +31,6 @@

    "no-process-exit": [1],
    "indent": [1,2],
-    "no-eval": [1],
    "comma-dangle": [1],
    "eol-last": [1],
    "no-shadow": [1],

--- a/app/cli.js
+++ b/app/cli.js
@@ -304,7 +304,7 @@ program
 program
  .command('gen-next [host] [port] [difficulty]')
  .description('Tries to generate the next block of the blockchain')
-  .action(subCommand(service(generateAndSend("generateNext"))));
+  .action(subCommand(service(generateAndSend((server) => server.BlockchainService.generateNext))));

 program
  .command('gen-root [host] [port] [difficulty]')
@@ -319,15 +319,15 @@ program
      if (!difficulty) {
        throw 'Difficulty is required.';
      }
-      return generateAndSend("generateManualRoot")(host, port, difficulty, server, conf);
+      return generateAndSend((server) => server.BlockchainService.generateManualRoot)(host, port, difficulty, server, conf);
    })));

-function generateAndSend(generationMethod) {
+function generateAndSend(getGenerationMethod) {
  return function (host, port, difficulty, server, conf) {
    return new Promise((resolve, reject) => {
      async.waterfall([
        function (next) {
-          var method = eval('server.BlockchainService.' + generationMethod);
+          const method = getGenerationMethod(server);
          co(function*(){
            try {
              const block = yield method();

--- a/app/lib/streams/sanitize.js
+++ b/app/lib/streams/sanitize.js
@@ -63,25 +63,46 @@ module.exports = function sanitize (json, contract) {
        // Check coherence & alter member if needed
        if (!_(json[prop]).isNull() && t.toLowerCase() != tjson.toLowerCase()) {
          try {
-            if (t == "String" || t == "Number") {
+            if (t == "String") {
              let s = json[prop] == undefined ? '' : json[prop];
-              eval('json[prop] = new ' + t + '(' + s + ').valueOf()');
+              json[prop] = String(s).valueOf();
+            }
+            else if (t == "Number") {
+              let s = json[prop] == undefined ? '' : json[prop];
+              json[prop] = Number(s).valueOf();
+            }
+            else if (t == "Array") {
+              json[prop] = [];
+            }
+            else if (t == "Object") {
+              json[prop] = {};
            }
            else {
-              eval('json[prop] = new ' + t + '()');
+              json[prop] = Boolean();
            }
          } catch (ex) {
-            eval('json[prop] = new ' + t + '()');
+            if (t == "String") {
+              json[prop] = String();
+            }
+            else if (t == "Number") {
+              json[prop] = Number();
+            }
+            else if (t == "Array") {
+              json[prop] = [];
+            }
+            else if (t == "Object") {
+              json[prop] = {};
+            }
+            else {
+              json[prop] = Boolean();
+            }
          }
        }
        // Arrays
        if (t == 'Array') {
          let subt = propType[0];
          for (let j = 0, len2 = json[prop].length; j < len2; j++) {
-            if (subt == "String" || subt == "Number") {
-              eval('item = new ' + t + '(' + (json[prop] + '') + ').valueOf()');
-            }
-            else {
+            if (!(subt == "String" || subt == "Number")) {
              json[prop][j] = sanitize(json[prop][j], subt);
            }
          }