foster/deno
0
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-03-04 01:44:26 -05:00
Code Issues Packages 1 Wiki Activity

chore(permissions): add allow_all flag (#22890)

Browse source 
Unlocking a potential perf optimization at a later date -- carry the
`allow_all` flag into the permission container.
This commit is contained in:
Matt Mastracci 2024-03-13 10:07:24 -06:00 committed by GitHub
parent aef9bca876
commit eccdb0e99a
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
3 changed files with 196 additions and 210 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

39
cli/args/flags.rs
View file

@ -214,7 +214,7 @@ impl LintFlags {
} }
} }
#[derive(Clone, Debug, Eq, PartialEq)] #[derive(Clone, Debug, Eq, PartialEq, Default)]
pub struct ReplFlags { pub struct ReplFlags {
pub eval_files: Option<Vec<String>>, pub eval_files: Option<Vec<String>>,
pub eval: Option<String>, pub eval: Option<String>,
@ -814,6 +814,19 @@ impl Flags {
|| arg.starts_with("--deny-write") || arg.starts_with("--deny-write")
}) })
} }
#[inline(always)]
fn allow_all(&mut self) {
self.allow_all = true;
self.allow_read = Some(vec![]);
self.allow_env = Some(vec![]);
self.allow_net = Some(vec![]);
self.allow_run = Some(vec![]);
self.allow_write = Some(vec![]);
self.allow_sys = Some(vec![]);
self.allow_ffi = Some(vec![]);
self.allow_hrtime = true;
}
} }
static ENV_VARIABLES_HELP: &str = color_print::cstr!( static ENV_VARIABLES_HELP: &str = color_print::cstr!(
@ -3488,14 +3501,7 @@ fn doc_parse(flags: &mut Flags, matches: &mut ArgMatches) {
fn eval_parse(flags: &mut Flags, matches: &mut ArgMatches) { fn eval_parse(flags: &mut Flags, matches: &mut ArgMatches) {
runtime_args_parse(flags, matches, false, true); runtime_args_parse(flags, matches, false, true);
flags.allow_net = Some(vec![]); flags.allow_all();
flags.allow_env = Some(vec![]);
flags.allow_run = Some(vec![]);
flags.allow_read = Some(vec![]);
flags.allow_sys = Some(vec![]);
flags.allow_write = Some(vec![]);
flags.allow_ffi = Some(vec![]);
flags.allow_hrtime = true;
ext_arg_parse(flags, matches); ext_arg_parse(flags, matches);
@ -4005,15 +4011,7 @@ fn permission_args_parse(flags: &mut Flags, matches: &mut ArgMatches) {
} }
if matches.get_flag("allow-all") { if matches.get_flag("allow-all") {
flags.allow_all = true; flags.allow_all();
flags.allow_read = Some(vec![]);
flags.allow_env = Some(vec![]);
flags.allow_net = Some(vec![]);
flags.allow_run = Some(vec![]);
flags.allow_write = Some(vec![]);
flags.allow_sys = Some(vec![]);
flags.allow_ffi = Some(vec![]);
flags.allow_hrtime = true;
} }
if matches.get_flag("no-prompt") { if matches.get_flag("no-prompt") {
@ -5439,6 +5437,7 @@ mod tests {
print: false, print: false,
code: "'console.log(\"hello\")'".to_string(), code: "'console.log(\"hello\")'".to_string(),
}), }),
allow_all: true,
allow_net: Some(vec![]), allow_net: Some(vec![]),
allow_env: Some(vec![]), allow_env: Some(vec![]),
allow_run: Some(vec![]), allow_run: Some(vec![]),
@ -5462,6 +5461,7 @@ mod tests {
print: true, print: true,
code: "1+2".to_string(), code: "1+2".to_string(),
}), }),
allow_all: true,
allow_net: Some(vec![]), allow_net: Some(vec![]),
allow_env: Some(vec![]), allow_env: Some(vec![]),
allow_run: Some(vec![]), allow_run: Some(vec![]),
@ -5486,6 +5486,7 @@ mod tests {
print: false, print: false,
code: "'console.log(\"hello\")'".to_string(), code: "'console.log(\"hello\")'".to_string(),
}), }),
allow_all: true,
allow_net: Some(vec![]), allow_net: Some(vec![]),
allow_env: Some(vec![]), allow_env: Some(vec![]),
allow_run: Some(vec![]), allow_run: Some(vec![]),
@ -5524,6 +5525,7 @@ mod tests {
v8_flags: svec!["--help", "--random-seed=1"], v8_flags: svec!["--help", "--random-seed=1"],
seed: Some(1), seed: Some(1),
inspect: Some("127.0.0.1:9229".parse().unwrap()), inspect: Some("127.0.0.1:9229".parse().unwrap()),
allow_all: true,
allow_net: Some(vec![]), allow_net: Some(vec![]),
allow_env: Some(vec![]), allow_env: Some(vec![]),
allow_run: Some(vec![]), allow_run: Some(vec![]),
@ -5555,6 +5557,7 @@ mod tests {
code: "console.log(Deno.args)".to_string(), code: "console.log(Deno.args)".to_string(),
}), }),
argv: svec!["arg1", "arg2"], argv: svec!["arg1", "arg2"],
allow_all: true,
allow_net: Some(vec![]), allow_net: Some(vec![]),
allow_env: Some(vec![]), allow_env: Some(vec![]),
allow_run: Some(vec![]), allow_run: Some(vec![]),

1
cli/args/mod.rs
View file

@ -1469,6 +1469,7 @@ impl CliOptions {
pub fn permissions_options(&self) -> PermissionsOptions { pub fn permissions_options(&self) -> PermissionsOptions {
PermissionsOptions { PermissionsOptions {
allow_all: self.flags.allow_all,
allow_env: self.flags.allow_env.clone(), allow_env: self.flags.allow_env.clone(),
deny_env: self.flags.deny_env.clone(), deny_env: self.flags.deny_env.clone(),
allow_hrtime: self.flags.allow_hrtime, allow_hrtime: self.flags.allow_hrtime,

366
runtime/permissions/lib.rs
View file

@ -266,6 +266,8 @@ impl AsRef<str> for EnvVarName {
} }
pub trait Descriptor: Eq + Clone { pub trait Descriptor: Eq + Clone {
type Arg;
fn parse(list: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError>;
fn flag_name() -> &'static str; fn flag_name() -> &'static str;
fn name(&self) -> Cow<str>; fn name(&self) -> Cow<str>;
// By default, specifies no-stronger-than relationship. // By default, specifies no-stronger-than relationship.
@ -304,6 +306,13 @@ impl<T: Descriptor + Hash> Default for UnaryPermission<T> {
} }
impl<T: Descriptor + Hash> UnaryPermission<T> { impl<T: Descriptor + Hash> UnaryPermission<T> {
pub fn allow_all() -> Self {
Self {
granted_global: true,
..Default::default()
}
}
fn check_desc( fn check_desc(
&mut self, &mut self,
desc: &Option<T>, desc: &Option<T>,
@ -514,6 +523,12 @@ impl<T: Descriptor + Hash> UnaryPermission<T> {
pub struct ReadDescriptor(pub PathBuf); pub struct ReadDescriptor(pub PathBuf);
impl Descriptor for ReadDescriptor { impl Descriptor for ReadDescriptor {
type Arg = PathBuf;
fn parse(args: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_path_list(args, ReadDescriptor)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"read" "read"
} }
@ -531,6 +546,12 @@ impl Descriptor for ReadDescriptor {
pub struct WriteDescriptor(pub PathBuf); pub struct WriteDescriptor(pub PathBuf);
impl Descriptor for WriteDescriptor { impl Descriptor for WriteDescriptor {
type Arg = PathBuf;
fn parse(args: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_path_list(args, WriteDescriptor)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"write" "write"
} }
@ -554,6 +575,12 @@ impl NetDescriptor {
} }
impl Descriptor for NetDescriptor { impl Descriptor for NetDescriptor {
type Arg = String;
fn parse(args: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_net_list(args)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"net" "net"
} }
@ -603,6 +630,12 @@ impl EnvDescriptor {
} }
impl Descriptor for EnvDescriptor { impl Descriptor for EnvDescriptor {
type Arg = String;
fn parse(list: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_env_list(list)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"env" "env"
} }
@ -629,6 +662,12 @@ pub enum RunDescriptor {
} }
impl Descriptor for RunDescriptor { impl Descriptor for RunDescriptor {
type Arg = String;
fn parse(args: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_run_list(args)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"run" "run"
} }
@ -688,6 +727,12 @@ impl ToString for RunDescriptor {
pub struct SysDescriptor(pub String); pub struct SysDescriptor(pub String);
impl Descriptor for SysDescriptor { impl Descriptor for SysDescriptor {
type Arg = String;
fn parse(list: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_sys_list(list)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"sys" "sys"
} }
@ -709,6 +754,12 @@ pub fn parse_sys_kind(kind: &str) -> Result<&str, AnyError> {
pub struct FfiDescriptor(pub PathBuf); pub struct FfiDescriptor(pub PathBuf);
impl Descriptor for FfiDescriptor { impl Descriptor for FfiDescriptor {
type Arg = PathBuf;
fn parse(list: &Option<Vec<Self::Arg>>) -> Result<HashSet<Self>, AnyError> {
parse_path_list(list, FfiDescriptor)
}
fn flag_name() -> &'static str { fn flag_name() -> &'static str {
"ffi" "ffi"
} }
@ -1066,13 +1117,13 @@ pub struct Permissions {
impl Default for Permissions { impl Default for Permissions {
fn default() -> Self { fn default() -> Self {
Self { Self {
read: Permissions::new_read(&None, &None, false).unwrap(), read: Permissions::new_unary(&None, &None, false).unwrap(),
write: Permissions::new_write(&None, &None, false).unwrap(), write: Permissions::new_unary(&None, &None, false).unwrap(),
net: Permissions::new_net(&None, &None, false).unwrap(), net: Permissions::new_unary(&None, &None, false).unwrap(),
env: Permissions::new_env(&None, &None, false).unwrap(), env: Permissions::new_unary(&None, &None, false).unwrap(),
sys: Permissions::new_sys(&None, &None, false).unwrap(), sys: Permissions::new_unary(&None, &None, false).unwrap(),
run: Permissions::new_run(&None, &None, false).unwrap(), run: Permissions::new_unary(&None, &None, false).unwrap(),
ffi: Permissions::new_ffi(&None, &None, false).unwrap(), ffi: Permissions::new_unary(&None, &None, false).unwrap(),
hrtime: Permissions::new_hrtime(false, false), hrtime: Permissions::new_hrtime(false, false),
} }
} }
@ -1080,6 +1131,7 @@ impl Default for Permissions {
#[derive(Clone, Debug, Eq, PartialEq, Default, Serialize, Deserialize)] #[derive(Clone, Debug, Eq, PartialEq, Default, Serialize, Deserialize)]
pub struct PermissionsOptions { pub struct PermissionsOptions {
pub allow_all: bool,
pub allow_env: Option<Vec<String>>, pub allow_env: Option<Vec<String>>,
pub deny_env: Option<Vec<String>>, pub deny_env: Option<Vec<String>>,
pub allow_hrtime: bool, pub allow_hrtime: bool,
@ -1100,112 +1152,28 @@ pub struct PermissionsOptions {
} }
impl Permissions { impl Permissions {
pub fn new_read( pub fn new_unary<T>(
allow_list: &Option<Vec<PathBuf>>, allow_list: &Option<Vec<T::Arg>>,
deny_list: &Option<Vec<PathBuf>>, deny_list: &Option<Vec<T::Arg>>,
prompt: bool, prompt: bool,
) -> Result<UnaryPermission<ReadDescriptor>, AnyError> { ) -> Result<UnaryPermission<T>, AnyError>
Ok(UnaryPermission::<ReadDescriptor> { where
T: Descriptor + Hash,
{
Ok(UnaryPermission::<T> {
granted_global: global_from_option(allow_list), granted_global: global_from_option(allow_list),
granted_list: parse_path_list(allow_list, ReadDescriptor)?, granted_list: T::parse(allow_list)?,
flag_denied_global: global_from_option(deny_list), flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_path_list(deny_list, ReadDescriptor)?, flag_denied_list: T::parse(deny_list)?,
prompt, prompt,
..Default::default() ..Default::default()
}) })
} }
pub fn new_write( pub const fn new_hrtime(
allow_list: &Option<Vec<PathBuf>>, allow_state: bool,
deny_list: &Option<Vec<PathBuf>>, deny_state: bool,
prompt: bool, ) -> UnitPermission {
) -> Result<UnaryPermission<WriteDescriptor>, AnyError> {
Ok(UnaryPermission {
granted_global: global_from_option(allow_list),
granted_list: parse_path_list(allow_list, WriteDescriptor)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_path_list(deny_list, WriteDescriptor)?,
prompt,
..Default::default()
})
}
pub fn new_net(
allow_list: &Option<Vec<String>>,
deny_list: &Option<Vec<String>>,
prompt: bool,
) -> Result<UnaryPermission<NetDescriptor>, AnyError> {
Ok(UnaryPermission::<NetDescriptor> {
granted_global: global_from_option(allow_list),
granted_list: parse_net_list(allow_list)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_net_list(deny_list)?,
prompt,
..Default::default()
})
}
pub fn new_env(
allow_list: &Option<Vec<String>>,
deny_list: &Option<Vec<String>>,
prompt: bool,
) -> Result<UnaryPermission<EnvDescriptor>, AnyError> {
Ok(UnaryPermission::<EnvDescriptor> {
granted_global: global_from_option(allow_list),
granted_list: parse_env_list(allow_list)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_env_list(deny_list)?,
prompt,
..Default::default()
})
}
pub fn new_sys(
allow_list: &Option<Vec<String>>,
deny_list: &Option<Vec<String>>,
prompt: bool,
) -> Result<UnaryPermission<SysDescriptor>, AnyError> {
Ok(UnaryPermission::<SysDescriptor> {
granted_global: global_from_option(allow_list),
granted_list: parse_sys_list(allow_list)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_sys_list(deny_list)?,
prompt,
..Default::default()
})
}
pub fn new_run(
allow_list: &Option<Vec<String>>,
deny_list: &Option<Vec<String>>,
prompt: bool,
) -> Result<UnaryPermission<RunDescriptor>, AnyError> {
Ok(UnaryPermission::<RunDescriptor> {
granted_global: global_from_option(allow_list),
granted_list: parse_run_list(allow_list)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_run_list(deny_list)?,
prompt,
..Default::default()
})
}
pub fn new_ffi(
allow_list: &Option<Vec<PathBuf>>,
deny_list: &Option<Vec<PathBuf>>,
prompt: bool,
) -> Result<UnaryPermission<FfiDescriptor>, AnyError> {
Ok(UnaryPermission::<FfiDescriptor> {
granted_global: global_from_option(allow_list),
granted_list: parse_path_list(allow_list, FfiDescriptor)?,
flag_denied_global: global_from_option(deny_list),
flag_denied_list: parse_path_list(deny_list, FfiDescriptor)?,
prompt,
..Default::default()
})
}
pub fn new_hrtime(allow_state: bool, deny_state: bool) -> UnitPermission {
unit_permission_from_flag_bools( unit_permission_from_flag_bools(
allow_state, allow_state,
deny_state, deny_state,
@ -1217,34 +1185,54 @@ impl Permissions {
pub fn from_options(opts: &PermissionsOptions) -> Result<Self, AnyError> { pub fn from_options(opts: &PermissionsOptions) -> Result<Self, AnyError> {
Ok(Self { Ok(Self {
read: Permissions::new_read( read: Permissions::new_unary(
&opts.allow_read, &opts.allow_read,
&opts.deny_read, &opts.deny_read,
opts.prompt, opts.prompt,
)?, )?,
write: Permissions::new_write( write: Permissions::new_unary(
&opts.allow_write, &opts.allow_write,
&opts.deny_write, &opts.deny_write,
opts.prompt, opts.prompt,
)?, )?,
net: Permissions::new_net(&opts.allow_net, &opts.deny_net, opts.prompt)?, net: Permissions::new_unary(
env: Permissions::new_env(&opts.allow_env, &opts.deny_env, opts.prompt)?, &opts.allow_net,
sys: Permissions::new_sys(&opts.allow_sys, &opts.deny_sys, opts.prompt)?, &opts.deny_net,
run: Permissions::new_run(&opts.allow_run, &opts.deny_run, opts.prompt)?, opts.prompt,
ffi: Permissions::new_ffi(&opts.allow_ffi, &opts.deny_ffi, opts.prompt)?, )?,
env: Permissions::new_unary(
&opts.allow_env,
&opts.deny_env,
opts.prompt,
)?,
sys: Permissions::new_unary(
&opts.allow_sys,
&opts.deny_sys,
opts.prompt,
)?,
run: Permissions::new_unary(
&opts.allow_run,
&opts.deny_run,
opts.prompt,
)?,
ffi: Permissions::new_unary(
&opts.allow_ffi,
&opts.deny_ffi,
opts.prompt,
)?,
hrtime: Permissions::new_hrtime(opts.allow_hrtime, opts.deny_hrtime), hrtime: Permissions::new_hrtime(opts.allow_hrtime, opts.deny_hrtime),
}) })
} }
pub fn allow_all() -> Self { pub fn allow_all() -> Self {
Self { Self {
read: Permissions::new_read(&Some(vec![]), &None, false).unwrap(), read: UnaryPermission::allow_all(),
write: Permissions::new_write(&Some(vec![]), &None, false).unwrap(), write: UnaryPermission::allow_all(),
net: Permissions::new_net(&Some(vec![]), &None, false).unwrap(), net: UnaryPermission::allow_all(),
env: Permissions::new_env(&Some(vec![]), &None, false).unwrap(), env: UnaryPermission::allow_all(),
sys: Permissions::new_sys(&Some(vec![]), &None, false).unwrap(), sys: UnaryPermission::allow_all(),
run: Permissions::new_run(&Some(vec![]), &None, false).unwrap(), run: UnaryPermission::allow_all(),
ffi: Permissions::new_ffi(&Some(vec![]), &None, false).unwrap(), ffi: UnaryPermission::allow_all(),
hrtime: Permissions::new_hrtime(true, false), hrtime: Permissions::new_hrtime(true, false),
} }
} }
@ -1436,7 +1424,7 @@ impl PermissionsContainer {
} }
} }
fn unit_permission_from_flag_bools( const fn unit_permission_from_flag_bools(
allow_flag: bool, allow_flag: bool,
deny_flag: bool, deny_flag: bool,
name: &'static str, name: &'static str,
@ -2424,89 +2412,93 @@ mod tests {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
let perms1 = Permissions::allow_all(); let perms1 = Permissions::allow_all();
let perms2 = Permissions { let perms2 = Permissions {
read: Permissions::new_read( read: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
write: Permissions::new_write( write: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
ffi: Permissions::new_ffi( ffi: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
net: Permissions::new_net(&Some(svec!["127.0.0.1:8000"]), &None, false) net: Permissions::new_unary(&Some(svec!["127.0.0.1:8000"]), &None, false)
.unwrap(), .unwrap(),
env: Permissions::new_env(&Some(svec!["HOME"]), &None, false).unwrap(), env: Permissions::new_unary(&Some(svec!["HOME"]), &None, false).unwrap(),
sys: Permissions::new_sys(&Some(svec!["hostname"]), &None, false) sys: Permissions::new_unary(&Some(svec!["hostname"]), &None, false)
.unwrap(), .unwrap(),
run: Permissions::new_run(&Some(svec!["deno"]), &None, false).unwrap(), run: Permissions::new_unary(&Some(svec!["deno"]), &None, false).unwrap(),
hrtime: Permissions::new_hrtime(false, false), hrtime: Permissions::new_hrtime(false, false),
}; };
let perms3 = Permissions { let perms3 = Permissions {
read: Permissions::new_read( read: Permissions::new_unary(
&None, &None,
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
write: Permissions::new_write( write: Permissions::new_unary(
&None, &None,
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
ffi: Permissions::new_ffi( ffi: Permissions::new_unary(
&None, &None,
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
net: Permissions::new_net(&None, &Some(svec!["127.0.0.1:8000"]), false) net: Permissions::new_unary(&None, &Some(svec!["127.0.0.1:8000"]), false)
.unwrap(), .unwrap(),
env: Permissions::new_env(&None, &Some(svec!["HOME"]), false).unwrap(), env: Permissions::new_unary(&None, &Some(svec!["HOME"]), false).unwrap(),
sys: Permissions::new_sys(&None, &Some(svec!["hostname"]), false) sys: Permissions::new_unary(&None, &Some(svec!["hostname"]), false)
.unwrap(), .unwrap(),
run: Permissions::new_run(&None, &Some(svec!["deno"]), false).unwrap(), run: Permissions::new_unary(&None, &Some(svec!["deno"]), false).unwrap(),
hrtime: Permissions::new_hrtime(false, true), hrtime: Permissions::new_hrtime(false, true),
}; };
let perms4 = Permissions { let perms4 = Permissions {
read: Permissions::new_read( read: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
write: Permissions::new_write( write: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
ffi: Permissions::new_ffi( ffi: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(vec![PathBuf::from("/foo")]), &Some(vec![PathBuf::from("/foo")]),
false, false,
) )
.unwrap(), .unwrap(),
net: Permissions::new_net( net: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(svec!["127.0.0.1:8000"]), &Some(svec!["127.0.0.1:8000"]),
false, false,
) )
.unwrap(), .unwrap(),
env: Permissions::new_env(&Some(vec![]), &Some(svec!["HOME"]), false) env: Permissions::new_unary(&Some(vec![]), &Some(svec!["HOME"]), false)
.unwrap(), .unwrap(),
sys: Permissions::new_sys(&Some(vec![]), &Some(svec!["hostname"]), false) sys: Permissions::new_unary(
.unwrap(), &Some(vec![]),
run: Permissions::new_run(&Some(vec![]), &Some(svec!["deno"]), false) &Some(svec!["hostname"]),
false,
)
.unwrap(),
run: Permissions::new_unary(&Some(vec![]), &Some(svec!["deno"]), false)
.unwrap(), .unwrap(),
hrtime: Permissions::new_hrtime(true, true), hrtime: Permissions::new_hrtime(true, true),
}; };
@ -2643,34 +2635,34 @@ mod tests {
fn test_revoke() { fn test_revoke() {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
let mut perms = Permissions { let mut perms = Permissions {
read: Permissions::new_read( read: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]), &Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
write: Permissions::new_write( write: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]), &Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
ffi: Permissions::new_ffi( ffi: Permissions::new_unary(
&Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]), &Some(vec![PathBuf::from("/foo"), PathBuf::from("/foo/baz")]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
net: Permissions::new_net( net: Permissions::new_unary(
&Some(svec!["127.0.0.1", "127.0.0.1:8000"]), &Some(svec!["127.0.0.1", "127.0.0.1:8000"]),
&None, &None,
false, false,
) )
.unwrap(), .unwrap(),
env: Permissions::new_env(&Some(svec!["HOME"]), &None, false).unwrap(), env: Permissions::new_unary(&Some(svec!["HOME"]), &None, false).unwrap(),
sys: Permissions::new_sys(&Some(svec!["hostname"]), &None, false) sys: Permissions::new_unary(&Some(svec!["hostname"]), &None, false)
.unwrap(), .unwrap(),
run: Permissions::new_run(&Some(svec!["deno"]), &None, false).unwrap(), run: Permissions::new_unary(&Some(svec!["deno"]), &None, false).unwrap(),
hrtime: Permissions::new_hrtime(false, true), hrtime: Permissions::new_hrtime(false, true),
}; };
#[rustfmt::skip] #[rustfmt::skip]
@ -2698,13 +2690,13 @@ mod tests {
fn test_check() { fn test_check() {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
let mut perms = Permissions { let mut perms = Permissions {
read: Permissions::new_read(&None, &None, true).unwrap(), read: Permissions::new_unary(&None, &None, true).unwrap(),
write: Permissions::new_write(&None, &None, true).unwrap(), write: Permissions::new_unary(&None, &None, true).unwrap(),
net: Permissions::new_net(&None, &None, true).unwrap(), net: Permissions::new_unary(&None, &None, true).unwrap(),
env: Permissions::new_env(&None, &None, true).unwrap(), env: Permissions::new_unary(&None, &None, true).unwrap(),
sys: Permissions::new_sys(&None, &None, true).unwrap(), sys: Permissions::new_unary(&None, &None, true).unwrap(),
run: Permissions::new_run(&None, &None, true).unwrap(), run: Permissions::new_unary(&None, &None, true).unwrap(),
ffi: Permissions::new_ffi(&None, &None, true).unwrap(), ffi: Permissions::new_unary(&None, &None, true).unwrap(),
hrtime: Permissions::new_hrtime(false, false), hrtime: Permissions::new_hrtime(false, false),
}; };
@ -2762,13 +2754,13 @@ mod tests {
fn test_check_fail() { fn test_check_fail() {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
let mut perms = Permissions { let mut perms = Permissions {
read: Permissions::new_read(&None, &None, true).unwrap(), read: Permissions::new_unary(&None, &None, true).unwrap(),
write: Permissions::new_write(&None, &None, true).unwrap(), write: Permissions::new_unary(&None, &None, true).unwrap(),
net: Permissions::new_net(&None, &None, true).unwrap(), net: Permissions::new_unary(&None, &None, true).unwrap(),
env: Permissions::new_env(&None, &None, true).unwrap(), env: Permissions::new_unary(&None, &None, true).unwrap(),
sys: Permissions::new_sys(&None, &None, true).unwrap(), sys: Permissions::new_unary(&None, &None, true).unwrap(),
run: Permissions::new_run(&None, &None, true).unwrap(), run: Permissions::new_unary(&None, &None, true).unwrap(),
ffi: Permissions::new_ffi(&None, &None, true).unwrap(), ffi: Permissions::new_unary(&None, &None, true).unwrap(),
hrtime: Permissions::new_hrtime(false, false), hrtime: Permissions::new_hrtime(false, false),
}; };
@ -2846,7 +2838,7 @@ mod tests {
let mut perms = Permissions::allow_all(); let mut perms = Permissions::allow_all();
perms.env = UnaryPermission { perms.env = UnaryPermission {
granted_global: false, granted_global: false,
..Permissions::new_env(&Some(svec!["HOME"]), &None, false).unwrap() ..Permissions::new_unary(&Some(svec!["HOME"]), &None, false).unwrap()
}; };
prompt_value.set(true); prompt_value.set(true);
@ -2861,13 +2853,13 @@ mod tests {
#[test] #[test]
fn test_check_partial_denied() { fn test_check_partial_denied() {
let mut perms = Permissions { let mut perms = Permissions {
read: Permissions::new_read( read: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(vec![PathBuf::from("/foo/bar")]), &Some(vec![PathBuf::from("/foo/bar")]),
false, false,
) )
.unwrap(), .unwrap(),
write: Permissions::new_write( write: Permissions::new_unary(
&Some(vec![]), &Some(vec![]),
&Some(vec![PathBuf::from("/foo/bar")]), &Some(vec![PathBuf::from("/foo/bar")]),
false, false,
@ -3042,9 +3034,9 @@ mod tests {
fn test_create_child_permissions() { fn test_create_child_permissions() {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
let mut main_perms = Permissions { let mut main_perms = Permissions {
env: Permissions::new_env(&Some(vec![]), &None, false).unwrap(), env: Permissions::new_unary(&Some(vec![]), &None, false).unwrap(),
hrtime: Permissions::new_hrtime(true, false), hrtime: Permissions::new_hrtime(true, false),
net: Permissions::new_net(&Some(svec!["foo", "bar"]), &None, false) net: Permissions::new_unary(&Some(svec!["foo", "bar"]), &None, false)
.unwrap(), .unwrap(),
..Default::default() ..Default::default()
}; };
@ -3061,8 +3053,8 @@ mod tests {
) )
.unwrap(), .unwrap(),
Permissions { Permissions {
env: Permissions::new_env(&Some(vec![]), &None, false).unwrap(), env: Permissions::new_unary(&Some(vec![]), &None, false).unwrap(),
net: Permissions::new_net(&Some(svec!["foo"]), &None, false).unwrap(), net: Permissions::new_unary(&Some(svec!["foo"]), &None, false).unwrap(),
..Default::default() ..Default::default()
} }
); );
@ -3139,27 +3131,17 @@ mod tests {
#[test] #[test]
fn test_handle_empty_value() { fn test_handle_empty_value() {
set_prompter(Box::new(TestPrompter)); set_prompter(Box::new(TestPrompter));
assert!( assert!(Permissions::new_unary::<ReadDescriptor>(
Permissions::new_read(&Some(vec![PathBuf::new()]), &None, false).is_err() &Some(vec![PathBuf::new()]),
); &None,
assert!( false
Permissions::new_env(&Some(vec![String::new()]), &None, false).is_err() )
); .is_err());
assert!( assert!(Permissions::new_unary::<EnvDescriptor>(
Permissions::new_sys(&Some(vec![String::new()]), &None, false).is_err() &Some(vec![String::new()]),
); &None,
assert!( false
Permissions::new_run(&Some(vec![String::new()]), &None, false).is_err() )
); .is_err());
assert!(
Permissions::new_ffi(&Some(vec![PathBuf::new()]), &None, false).is_err()
);
assert!(
Permissions::new_net(&Some(svec![String::new()]), &None, false).is_err()
);
assert!(
Permissions::new_write(&Some(vec![PathBuf::new()]), &None, false)
.is_err()
);
} }
} }