From ceb2ff8a6ec61a2af311e7f15f29e90519750e81 Mon Sep 17 00:00:00 2001
From: Samuel Georges <sam@daftspunk.com>
Date: Fri, 4 Sep 2020 13:35:21 +1000
Subject: [PATCH] Clean up redundancies

---
 modules/system/twig/SecurityPolicy.php | 39 ++++++++++++++------------
 1 file changed, 21 insertions(+), 18 deletions(-)

diff --git a/modules/system/twig/SecurityPolicy.php b/modules/system/twig/SecurityPolicy.php
index d215e328b..8c49af038 100644
--- a/modules/system/twig/SecurityPolicy.php
+++ b/modules/system/twig/SecurityPolicy.php
@@ -14,48 +14,51 @@ use Twig\Sandbox\SecurityNotAllowedPropertyError;
  */
 final class SecurityPolicy implements SecurityPolicyInterface
 {
-    protected $blockedProperties = [];
-
+    /**
+     * @var array List of forbidden methods.
+     */
     protected $blockedMethods = [
         'addDynamicMethod',
         'addDynamicProperty'
     ];
 
+    /**
+     * Constructor
+     */
     public function __construct()
-    {
-        $this->setBlockedMethods($this->blockedMethods);
-    }
-
-    public function setBlockedMethods(array $methods)
     {
         foreach ($this->blockedMethods as $i => $m) {
-            $this->blockedMethods[$i] = strtr($m, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
+            $this->blockedMethods[$i] = strtolower($m);
         }
     }
 
+    /**
+     * @throws SecurityError
+     */
     public function checkSecurity($tags, $filters, $functions)
     {
     }
 
+    /**
+     * @throws SecurityNotAllowedPropertyError
+     */
+    public function checkPropertyAllowed($obj, $property)
+    {
+    }
+
+    /**
+     * @throws SecurityNotAllowedMethodError
+     */
     public function checkMethodAllowed($obj, $method)
     {
         if ($obj instanceof Template || $obj instanceof Markup) {
             return;
         }
 
-        $blockedMethod = strtr($method, 'ABCDEFGHIJKLMNOPQRSTUVWXYZ', 'abcdefghijklmnopqrstuvwxyz');
-
+        $blockedMethod = strtolower($method);
         if (in_array($blockedMethod, $this->blockedMethods)) {
             $class = get_class($obj);
             throw new SecurityNotAllowedMethodError(sprintf('Calling "%s" method on a "%s" object is blocked.', $method, $class), $class, $method);
         }
     }
-
-    public function checkPropertyAllowed($obj, $property)
-    {
-        if (in_array($property, $this->blockedProperties)) {
-            $class = get_class($obj);
-            throw new SecurityNotAllowedPropertyError(sprintf('Calling "%s" property on a "%s" object is blocked.', $property, $class), $class, $property);
-        }
-    }
 }