From 663c9000b3f0909c5972b43a462fcee8869530f5 Mon Sep 17 00:00:00 2001
From: Krishnan Shankar <krishnans2006@gmail.com>
Date: Tue, 7 May 2024 20:44:13 -0400
Subject: [PATCH] Add a dummy sandboxing module

This serves as a fallback for the sandboxing **package**, which is loaded as a submodule.
---
 tin/sandboxing.py | 69 +++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 69 insertions(+)
 create mode 100644 tin/sandboxing.py

diff --git a/tin/sandboxing.py b/tin/sandboxing.py
new file mode 100644
index 00000000..6841f2c3
--- /dev/null
+++ b/tin/sandboxing.py
@@ -0,0 +1,69 @@
+"""
+This module provides dummy, insecure versions of Tin sandboxing functions.
+
+For production and production-like environments, the sandboxing submodule (.sandboxing/__init__.py)
+should be used. If this module is used as a fallback, running submissions will still not work due to
+a FileNotFoundError. However, the rest of Tin's functionality should work as expected (albeit
+without secure sandboxing).
+
+This module is able to serve as a fallback due to PEP 420's import processing specification. See:
+https://peps.python.org/pep-0420/#specification.
+"""
+
+import logging
+
+logger = logging.getLogger(__name__)
+
+
+def get_assignment_sandbox_args(
+    command_args,
+    *,
+    network_access: bool,
+    direct_network_access: bool = False,
+    whitelist=None,
+    read_only=None,
+    extra_firejail_args=None,
+):
+    return get_sandbox_args(
+        command_args,
+        "grader",
+        network_access=network_access,
+        direct_network_access=direct_network_access,
+        whitelist=whitelist,
+        read_only=read_only,
+        extra_firejail_args=extra_firejail_args,
+    )
+
+
+def get_action_sandbox_args(
+    command_args,
+    *,
+    network_access: bool,
+    direct_network_access: bool = False,
+    whitelist=None,
+    read_only=None,
+    extra_firejail_args=None,
+):
+    return get_sandbox_args(
+        command_args,
+        "actions",
+        network_access=network_access,
+        direct_network_access=direct_network_access,
+        whitelist=whitelist,
+        read_only=read_only,
+        extra_firejail_args=extra_firejail_args,
+    )
+
+
+def get_sandbox_args(
+    command_args,
+    profile,
+    *,
+    network_access: bool,
+    direct_network_access: bool = False,
+    whitelist=None,
+    read_only=None,
+    extra_firejail_args=None,
+):
+    logger.warning("Tin is using the dummy sandboxing module. This is insecure.")
+    return command_args