How can I give users the ability to write scripts (in a safe way)?

I am currently having a problem when I need to write a function that receives a dictionary where all values ​​are strings or dictionaries and prints a string. The problem is the logic behind creating this output string. I would like to allow the user to write logic.

Now, of course, I can just ask the user to create a valid Python script with a function

def generate_string(input_dict): # your logic return "some_string" 

The problem is that I do not want users to be able to execute arbitrary code. Especially working with the file system (reading / writing / deleting files) should not be possible. There should also be a limitation in computation / memory time.

Is it possible?

I am currently letting them enter a format string. But this seems too limited, as it skips if .

Example

This is just a minimal abstract example:

 def generate_string(input_dict): if input_dict['type'] == 1: return "I want my date in {d:%Y%m%d}".format(d=input_dict['date']) elif input_dict['type'] == 2: return "type is {}".format(input_dict['type']) return "some_string" d = {'type': 1, 'date': datetime.date(2017, 1, 14)} generate_string(d)