2021-01-10 21:59:07 -05:00
|
|
|
// Copyright 2018-2021 the Deno authors. All rights reserved. MIT license.
|
2020-09-06 02:34:02 +02:00
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
use crate::permissions::resolve_read_allowlist;
|
|
|
|
use crate::permissions::resolve_write_allowlist;
|
|
|
|
use crate::permissions::BooleanPermission;
|
|
|
|
use crate::permissions::NetPermission;
|
2021-01-06 15:31:16 -05:00
|
|
|
use crate::permissions::PermissionState;
|
2020-05-04 14:10:59 -04:00
|
|
|
use crate::permissions::Permissions;
|
2021-03-17 22:45:12 +01:00
|
|
|
use crate::permissions::ReadPermission;
|
2021-01-06 15:31:16 -05:00
|
|
|
use crate::permissions::UnaryPermission;
|
2021-03-17 22:45:12 +01:00
|
|
|
use crate::permissions::WritePermission;
|
2020-12-07 04:30:40 +01:00
|
|
|
use crate::web_worker::run_web_worker;
|
2020-11-26 15:17:45 +01:00
|
|
|
use crate::web_worker::WebWorker;
|
|
|
|
use crate::web_worker::WebWorkerHandle;
|
|
|
|
use crate::web_worker::WorkerEvent;
|
2021-01-06 15:31:16 -05:00
|
|
|
use deno_core::error::custom_error;
|
2020-10-20 05:05:42 +01:00
|
|
|
use deno_core::error::generic_error;
|
2020-09-14 18:48:57 +02:00
|
|
|
use deno_core::error::AnyError;
|
2020-11-20 13:25:18 +01:00
|
|
|
use deno_core::error::JsError;
|
2020-10-20 05:05:42 +01:00
|
|
|
use deno_core::futures::channel::mpsc;
|
2021-01-06 15:31:16 -05:00
|
|
|
use deno_core::serde::de;
|
|
|
|
use deno_core::serde::de::SeqAccess;
|
|
|
|
use deno_core::serde::Deserialize;
|
|
|
|
use deno_core::serde::Deserializer;
|
2020-09-21 18:36:37 +02:00
|
|
|
use deno_core::serde_json::json;
|
|
|
|
use deno_core::serde_json::Value;
|
2020-08-28 17:08:24 +02:00
|
|
|
use deno_core::BufVec;
|
2020-04-23 05:51:07 -04:00
|
|
|
use deno_core::ModuleSpecifier;
|
2020-09-10 09:57:45 -04:00
|
|
|
use deno_core::OpState;
|
2020-04-23 05:51:07 -04:00
|
|
|
use deno_core::ZeroCopyBuf;
|
2020-09-10 09:57:45 -04:00
|
|
|
use std::cell::RefCell;
|
2020-09-20 01:17:35 +02:00
|
|
|
use std::collections::HashMap;
|
2021-01-06 15:31:16 -05:00
|
|
|
use std::collections::HashSet;
|
2019-08-14 17:03:02 +02:00
|
|
|
use std::convert::From;
|
2021-01-06 15:31:16 -05:00
|
|
|
use std::fmt;
|
|
|
|
use std::path::PathBuf;
|
2020-08-18 18:30:13 +02:00
|
|
|
use std::rc::Rc;
|
2020-12-11 18:49:26 +01:00
|
|
|
use std::sync::Arc;
|
2020-02-18 14:47:11 -05:00
|
|
|
use std::thread::JoinHandle;
|
2019-10-11 11:41:54 -07:00
|
|
|
|
2020-12-11 18:49:26 +01:00
|
|
|
pub struct CreateWebWorkerArgs {
|
|
|
|
pub name: String,
|
|
|
|
pub worker_id: u32,
|
2021-01-06 15:31:16 -05:00
|
|
|
pub parent_permissions: Permissions,
|
2020-12-11 18:49:26 +01:00
|
|
|
pub permissions: Permissions,
|
|
|
|
pub main_module: ModuleSpecifier,
|
|
|
|
pub use_deno_namespace: bool,
|
|
|
|
}
|
|
|
|
|
|
|
|
pub type CreateWebWorkerCb =
|
|
|
|
dyn Fn(CreateWebWorkerArgs) -> WebWorker + Sync + Send;
|
|
|
|
|
|
|
|
/// A holder for callback that is used to create a new
|
|
|
|
/// WebWorker. It's a struct instead of a type alias
|
|
|
|
/// because `GothamState` used in `OpState` overrides
|
|
|
|
/// value if type alises have the same underlying type
|
|
|
|
#[derive(Clone)]
|
|
|
|
pub struct CreateWebWorkerCbHolder(Arc<CreateWebWorkerCb>);
|
|
|
|
|
2020-10-20 05:05:42 +01:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
struct HostUnhandledErrorArgs {
|
|
|
|
message: String,
|
|
|
|
}
|
|
|
|
|
2021-01-06 15:31:16 -05:00
|
|
|
pub struct WorkerThread {
|
|
|
|
join_handle: JoinHandle<Result<(), AnyError>>,
|
|
|
|
worker_handle: WebWorkerHandle,
|
|
|
|
}
|
|
|
|
|
|
|
|
pub type WorkersTable = HashMap<u32, WorkerThread>;
|
|
|
|
pub type WorkerId = u32;
|
|
|
|
|
2020-10-20 05:05:42 +01:00
|
|
|
pub fn init(
|
|
|
|
rt: &mut deno_core::JsRuntime,
|
|
|
|
sender: Option<mpsc::Sender<WorkerEvent>>,
|
2020-12-11 18:49:26 +01:00
|
|
|
create_web_worker_cb: Arc<CreateWebWorkerCb>,
|
2020-10-20 05:05:42 +01:00
|
|
|
) {
|
2020-09-28 12:14:11 +02:00
|
|
|
{
|
|
|
|
let op_state = rt.op_state();
|
|
|
|
let mut state = op_state.borrow_mut();
|
|
|
|
state.put::<WorkersTable>(WorkersTable::default());
|
|
|
|
state.put::<WorkerId>(WorkerId::default());
|
2020-12-11 18:49:26 +01:00
|
|
|
|
|
|
|
let create_module_loader = CreateWebWorkerCbHolder(create_web_worker_cb);
|
|
|
|
state.put::<CreateWebWorkerCbHolder>(create_module_loader);
|
2020-09-28 12:14:11 +02:00
|
|
|
}
|
2020-09-10 09:57:45 -04:00
|
|
|
super::reg_json_sync(rt, "op_create_worker", op_create_worker);
|
|
|
|
super::reg_json_sync(
|
|
|
|
rt,
|
|
|
|
"op_host_terminate_worker",
|
|
|
|
op_host_terminate_worker,
|
|
|
|
);
|
|
|
|
super::reg_json_sync(rt, "op_host_post_message", op_host_post_message);
|
|
|
|
super::reg_json_async(rt, "op_host_get_message", op_host_get_message);
|
2020-10-20 05:05:42 +01:00
|
|
|
super::reg_json_sync(
|
|
|
|
rt,
|
|
|
|
"op_host_unhandled_error",
|
2021-03-18 19:42:01 +01:00
|
|
|
move |_state, args: HostUnhandledErrorArgs, _zero_copy| {
|
2020-10-20 05:05:42 +01:00
|
|
|
if let Some(mut sender) = sender.clone() {
|
|
|
|
sender
|
|
|
|
.try_send(WorkerEvent::Error(generic_error(args.message)))
|
|
|
|
.expect("Failed to propagate error event to parent worker");
|
|
|
|
Ok(json!(true))
|
|
|
|
} else {
|
|
|
|
Err(generic_error("Cannot be called from main worker."))
|
|
|
|
}
|
|
|
|
},
|
|
|
|
);
|
2020-02-11 10:04:59 +01:00
|
|
|
}
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
fn merge_boolean_permission(
|
|
|
|
target: &BooleanPermission,
|
2021-01-06 15:31:16 -05:00
|
|
|
incoming: Option<PermissionState>,
|
2021-03-17 22:45:12 +01:00
|
|
|
) -> Result<BooleanPermission, AnyError> {
|
|
|
|
let mut perm = target.clone();
|
|
|
|
perm.state = match target.state {
|
2021-01-06 15:31:16 -05:00
|
|
|
PermissionState::Granted => match incoming {
|
2021-03-17 22:45:12 +01:00
|
|
|
Some(state) => state,
|
|
|
|
None => perm.state,
|
2021-01-06 15:31:16 -05:00
|
|
|
},
|
|
|
|
_ => match incoming {
|
2021-03-17 22:45:12 +01:00
|
|
|
Some(state) => match state {
|
|
|
|
PermissionState::Denied => state,
|
|
|
|
_ => {
|
|
|
|
return Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
))
|
|
|
|
}
|
2021-01-06 15:31:16 -05:00
|
|
|
},
|
2021-03-17 22:45:12 +01:00
|
|
|
None => perm.state,
|
2021-01-06 15:31:16 -05:00
|
|
|
},
|
2021-03-17 22:45:12 +01:00
|
|
|
};
|
|
|
|
Ok(perm)
|
2020-02-11 10:04:59 +01:00
|
|
|
}
|
|
|
|
|
2021-01-06 15:31:16 -05:00
|
|
|
fn check_net_permission_contains(
|
2021-03-17 22:45:12 +01:00
|
|
|
a: &HashSet<NetPermission>,
|
|
|
|
b: &HashSet<NetPermission>,
|
2021-01-06 15:31:16 -05:00
|
|
|
) -> bool {
|
|
|
|
b.iter().all(|x| a.contains(x))
|
|
|
|
}
|
|
|
|
|
|
|
|
fn merge_net_permissions(
|
2021-03-17 22:45:12 +01:00
|
|
|
target: &UnaryPermission<NetPermission>,
|
|
|
|
incoming: Option<UnaryPermission<NetPermission>>,
|
|
|
|
) -> Result<UnaryPermission<NetPermission>, AnyError> {
|
2021-01-06 15:31:16 -05:00
|
|
|
if incoming.is_none() {
|
|
|
|
return Ok(target.clone());
|
|
|
|
};
|
|
|
|
|
|
|
|
let new_permissions = incoming.unwrap();
|
|
|
|
match &target.global_state {
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Granted => Ok(UnaryPermission::<NetPermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_net(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
PermissionState::Prompt => match new_permissions.global_state {
|
|
|
|
//Throw
|
|
|
|
PermissionState::Granted => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
//Merge
|
|
|
|
PermissionState::Prompt => {
|
|
|
|
if check_net_permission_contains(
|
|
|
|
&target.granted_list,
|
|
|
|
&new_permissions.granted_list,
|
|
|
|
) {
|
2021-03-17 22:45:12 +01:00
|
|
|
Ok(UnaryPermission::<NetPermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: target.denied_list.clone(),
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_net(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
})
|
|
|
|
} else {
|
|
|
|
Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//Copy
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<NetPermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_net(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
},
|
|
|
|
PermissionState::Denied => match new_permissions.global_state {
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<NetPermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_net(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
_ => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fn check_read_permissions(
|
2021-03-17 22:45:12 +01:00
|
|
|
allow_list: &HashSet<ReadPermission>,
|
2021-01-06 15:31:16 -05:00
|
|
|
current_permissions: &Permissions,
|
|
|
|
) -> bool {
|
|
|
|
allow_list
|
|
|
|
.iter()
|
2021-03-17 22:45:12 +01:00
|
|
|
.all(|x| current_permissions.read.check(&x.0).is_ok())
|
2021-01-06 15:31:16 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
fn check_write_permissions(
|
2021-03-17 22:45:12 +01:00
|
|
|
allow_list: &HashSet<WritePermission>,
|
2021-01-06 15:31:16 -05:00
|
|
|
current_permissions: &Permissions,
|
|
|
|
) -> bool {
|
|
|
|
allow_list
|
|
|
|
.iter()
|
2021-03-17 22:45:12 +01:00
|
|
|
.all(|x| current_permissions.write.check(&x.0).is_ok())
|
|
|
|
}
|
|
|
|
|
|
|
|
fn merge_read_permissions(
|
|
|
|
target: &UnaryPermission<ReadPermission>,
|
|
|
|
incoming: Option<UnaryPermission<ReadPermission>>,
|
|
|
|
current_permissions: &Permissions,
|
|
|
|
) -> Result<UnaryPermission<ReadPermission>, AnyError> {
|
|
|
|
if incoming.is_none() {
|
|
|
|
return Ok(target.clone());
|
|
|
|
};
|
|
|
|
|
|
|
|
let new_permissions = incoming.unwrap();
|
|
|
|
match &target.global_state {
|
|
|
|
PermissionState::Granted => Ok(UnaryPermission::<ReadPermission> {
|
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
|
|
|
..Permissions::new_read(&None)
|
|
|
|
}),
|
|
|
|
PermissionState::Prompt => match new_permissions.global_state {
|
|
|
|
//Throw
|
|
|
|
PermissionState::Granted => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
//Merge
|
|
|
|
PermissionState::Prompt => {
|
|
|
|
if check_read_permissions(
|
|
|
|
&new_permissions.granted_list,
|
|
|
|
current_permissions,
|
|
|
|
) {
|
|
|
|
Ok(UnaryPermission::<ReadPermission> {
|
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: target.denied_list.clone(),
|
|
|
|
..Permissions::new_read(&None)
|
|
|
|
})
|
|
|
|
} else {
|
|
|
|
Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//Copy
|
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<ReadPermission> {
|
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
|
|
|
..Permissions::new_read(&None)
|
|
|
|
}),
|
|
|
|
},
|
|
|
|
PermissionState::Denied => match new_permissions.global_state {
|
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<ReadPermission> {
|
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
|
|
|
..Permissions::new_read(&None)
|
|
|
|
}),
|
|
|
|
_ => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
},
|
|
|
|
}
|
2021-01-06 15:31:16 -05:00
|
|
|
}
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
fn merge_write_permissions(
|
|
|
|
target: &UnaryPermission<WritePermission>,
|
|
|
|
incoming: Option<UnaryPermission<WritePermission>>,
|
2021-01-06 15:31:16 -05:00
|
|
|
current_permissions: &Permissions,
|
2021-03-17 22:45:12 +01:00
|
|
|
) -> Result<UnaryPermission<WritePermission>, AnyError> {
|
2021-01-06 15:31:16 -05:00
|
|
|
if incoming.is_none() {
|
|
|
|
return Ok(target.clone());
|
|
|
|
};
|
|
|
|
|
|
|
|
let new_permissions = incoming.unwrap();
|
|
|
|
match &target.global_state {
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Granted => Ok(UnaryPermission::<WritePermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_write(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
PermissionState::Prompt => match new_permissions.global_state {
|
|
|
|
//Throw
|
|
|
|
PermissionState::Granted => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
//Merge
|
|
|
|
PermissionState::Prompt => {
|
2021-03-17 22:45:12 +01:00
|
|
|
if check_write_permissions(
|
|
|
|
&new_permissions.granted_list,
|
|
|
|
current_permissions,
|
|
|
|
) {
|
|
|
|
Ok(UnaryPermission::<WritePermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: target.denied_list.clone(),
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_write(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
})
|
|
|
|
} else {
|
|
|
|
Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
))
|
|
|
|
}
|
|
|
|
}
|
|
|
|
//Copy
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<WritePermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_write(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
},
|
|
|
|
PermissionState::Denied => match new_permissions.global_state {
|
2021-03-17 22:45:12 +01:00
|
|
|
PermissionState::Denied => Ok(UnaryPermission::<WritePermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: new_permissions.global_state,
|
|
|
|
granted_list: new_permissions.granted_list,
|
|
|
|
denied_list: new_permissions.denied_list,
|
2021-03-17 22:45:12 +01:00
|
|
|
..Permissions::new_write(&None)
|
2021-01-06 15:31:16 -05:00
|
|
|
}),
|
|
|
|
_ => Err(custom_error(
|
|
|
|
"PermissionDenied",
|
|
|
|
"Can't escalate parent thread permissions",
|
|
|
|
)),
|
|
|
|
},
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
fn create_worker_permissions(
|
|
|
|
main_thread_permissions: &Permissions,
|
|
|
|
permission_args: PermissionsArg,
|
|
|
|
) -> Result<Permissions, AnyError> {
|
|
|
|
Ok(Permissions {
|
2021-03-17 22:45:12 +01:00
|
|
|
env: merge_boolean_permission(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.env,
|
|
|
|
permission_args.env,
|
|
|
|
)?,
|
2021-03-17 22:45:12 +01:00
|
|
|
hrtime: merge_boolean_permission(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.hrtime,
|
|
|
|
permission_args.hrtime,
|
|
|
|
)?,
|
|
|
|
net: merge_net_permissions(
|
|
|
|
&main_thread_permissions.net,
|
|
|
|
permission_args.net,
|
|
|
|
)?,
|
2021-03-17 22:45:12 +01:00
|
|
|
plugin: merge_boolean_permission(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.plugin,
|
|
|
|
permission_args.plugin,
|
|
|
|
)?,
|
2021-03-17 22:45:12 +01:00
|
|
|
read: merge_read_permissions(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.read,
|
|
|
|
permission_args.read,
|
|
|
|
&main_thread_permissions,
|
|
|
|
)?,
|
2021-03-17 22:45:12 +01:00
|
|
|
run: merge_boolean_permission(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.run,
|
|
|
|
permission_args.run,
|
|
|
|
)?,
|
2021-03-17 22:45:12 +01:00
|
|
|
write: merge_write_permissions(
|
2021-01-06 15:31:16 -05:00
|
|
|
&main_thread_permissions.write,
|
|
|
|
permission_args.write,
|
|
|
|
&main_thread_permissions,
|
|
|
|
)?,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
#[derive(Debug, Deserialize)]
|
|
|
|
struct PermissionsArg {
|
|
|
|
#[serde(default, deserialize_with = "as_permission_state")]
|
|
|
|
env: Option<PermissionState>,
|
|
|
|
#[serde(default, deserialize_with = "as_permission_state")]
|
|
|
|
hrtime: Option<PermissionState>,
|
2021-03-17 22:45:12 +01:00
|
|
|
#[serde(default, deserialize_with = "as_unary_net_permission")]
|
|
|
|
net: Option<UnaryPermission<NetPermission>>,
|
2021-01-06 15:31:16 -05:00
|
|
|
#[serde(default, deserialize_with = "as_permission_state")]
|
|
|
|
plugin: Option<PermissionState>,
|
2021-03-17 22:45:12 +01:00
|
|
|
#[serde(default, deserialize_with = "as_unary_read_permission")]
|
|
|
|
read: Option<UnaryPermission<ReadPermission>>,
|
2021-01-06 15:31:16 -05:00
|
|
|
#[serde(default, deserialize_with = "as_permission_state")]
|
|
|
|
run: Option<PermissionState>,
|
2021-03-17 22:45:12 +01:00
|
|
|
#[serde(default, deserialize_with = "as_unary_write_permission")]
|
|
|
|
write: Option<UnaryPermission<WritePermission>>,
|
2021-01-06 15:31:16 -05:00
|
|
|
}
|
|
|
|
|
|
|
|
fn as_permission_state<'de, D>(
|
|
|
|
deserializer: D,
|
|
|
|
) -> Result<Option<PermissionState>, D::Error>
|
|
|
|
where
|
|
|
|
D: Deserializer<'de>,
|
|
|
|
{
|
|
|
|
let value: bool = Deserialize::deserialize(deserializer)?;
|
|
|
|
|
|
|
|
match value {
|
|
|
|
true => Ok(Some(PermissionState::Granted)),
|
|
|
|
false => Ok(Some(PermissionState::Denied)),
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
struct UnaryPermissionBase {
|
|
|
|
global_state: PermissionState,
|
|
|
|
paths: Vec<String>,
|
|
|
|
}
|
|
|
|
|
|
|
|
struct ParseBooleanOrStringVec;
|
|
|
|
|
|
|
|
impl<'de> de::Visitor<'de> for ParseBooleanOrStringVec {
|
|
|
|
type Value = UnaryPermissionBase;
|
|
|
|
|
|
|
|
fn expecting(&self, formatter: &mut fmt::Formatter) -> fmt::Result {
|
|
|
|
formatter.write_str("a vector of strings or a boolean")
|
|
|
|
}
|
|
|
|
|
|
|
|
fn visit_bool<E>(self, v: bool) -> Result<UnaryPermissionBase, E>
|
|
|
|
where
|
|
|
|
E: de::Error,
|
|
|
|
{
|
|
|
|
Ok(UnaryPermissionBase {
|
|
|
|
global_state: match v {
|
|
|
|
true => PermissionState::Granted,
|
|
|
|
false => PermissionState::Denied,
|
|
|
|
},
|
|
|
|
paths: Vec::new(),
|
|
|
|
})
|
|
|
|
}
|
|
|
|
|
|
|
|
fn visit_seq<V>(self, mut visitor: V) -> Result<UnaryPermissionBase, V::Error>
|
|
|
|
where
|
|
|
|
V: SeqAccess<'de>,
|
|
|
|
{
|
|
|
|
let mut vec: Vec<String> = Vec::new();
|
|
|
|
|
|
|
|
let mut value = visitor.next_element::<String>()?;
|
|
|
|
while value.is_some() {
|
|
|
|
vec.push(value.unwrap());
|
|
|
|
value = visitor.next_element()?;
|
|
|
|
}
|
|
|
|
Ok(UnaryPermissionBase {
|
|
|
|
global_state: PermissionState::Prompt,
|
|
|
|
paths: vec,
|
|
|
|
})
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
fn as_unary_net_permission<'de, D>(
|
2021-01-06 15:31:16 -05:00
|
|
|
deserializer: D,
|
2021-03-17 22:45:12 +01:00
|
|
|
) -> Result<Option<UnaryPermission<NetPermission>>, D::Error>
|
2021-01-06 15:31:16 -05:00
|
|
|
where
|
|
|
|
D: Deserializer<'de>,
|
|
|
|
{
|
|
|
|
let value: UnaryPermissionBase =
|
|
|
|
deserializer.deserialize_any(ParseBooleanOrStringVec)?;
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
let allowed: HashSet<NetPermission> = value
|
|
|
|
.paths
|
|
|
|
.into_iter()
|
|
|
|
.map(NetPermission::from_string)
|
|
|
|
.collect();
|
2021-01-06 15:31:16 -05:00
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
Ok(Some(UnaryPermission::<NetPermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: value.global_state,
|
|
|
|
granted_list: allowed,
|
|
|
|
..Default::default()
|
|
|
|
}))
|
|
|
|
}
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
fn as_unary_read_permission<'de, D>(
|
|
|
|
deserializer: D,
|
|
|
|
) -> Result<Option<UnaryPermission<ReadPermission>>, D::Error>
|
|
|
|
where
|
|
|
|
D: Deserializer<'de>,
|
|
|
|
{
|
|
|
|
let value: UnaryPermissionBase =
|
|
|
|
deserializer.deserialize_any(ParseBooleanOrStringVec)?;
|
|
|
|
|
|
|
|
let paths: Vec<PathBuf> =
|
|
|
|
value.paths.into_iter().map(PathBuf::from).collect();
|
|
|
|
|
|
|
|
Ok(Some(UnaryPermission::<ReadPermission> {
|
|
|
|
global_state: value.global_state,
|
|
|
|
granted_list: resolve_read_allowlist(&Some(paths)),
|
|
|
|
..Default::default()
|
|
|
|
}))
|
|
|
|
}
|
|
|
|
|
|
|
|
fn as_unary_write_permission<'de, D>(
|
2021-01-06 15:31:16 -05:00
|
|
|
deserializer: D,
|
2021-03-17 22:45:12 +01:00
|
|
|
) -> Result<Option<UnaryPermission<WritePermission>>, D::Error>
|
2021-01-06 15:31:16 -05:00
|
|
|
where
|
|
|
|
D: Deserializer<'de>,
|
|
|
|
{
|
|
|
|
let value: UnaryPermissionBase =
|
|
|
|
deserializer.deserialize_any(ParseBooleanOrStringVec)?;
|
|
|
|
|
|
|
|
let paths: Vec<PathBuf> =
|
|
|
|
value.paths.into_iter().map(PathBuf::from).collect();
|
|
|
|
|
2021-03-17 22:45:12 +01:00
|
|
|
Ok(Some(UnaryPermission::<WritePermission> {
|
2021-01-06 15:31:16 -05:00
|
|
|
global_state: value.global_state,
|
2021-03-17 22:45:12 +01:00
|
|
|
granted_list: resolve_write_allowlist(&Some(paths)),
|
2021-01-06 15:31:16 -05:00
|
|
|
..Default::default()
|
|
|
|
}))
|
|
|
|
}
|
2019-08-14 17:03:02 +02:00
|
|
|
|
2019-08-26 14:50:21 +02:00
|
|
|
#[derive(Deserialize)]
|
|
|
|
#[serde(rename_all = "camelCase")]
|
2021-03-18 19:42:01 +01:00
|
|
|
pub struct CreateWorkerArgs {
|
2019-08-26 14:50:21 +02:00
|
|
|
has_source_code: bool,
|
2021-01-06 15:31:16 -05:00
|
|
|
name: Option<String>,
|
|
|
|
permissions: Option<PermissionsArg>,
|
2019-08-26 14:50:21 +02:00
|
|
|
source_code: String,
|
2021-01-06 15:31:16 -05:00
|
|
|
specifier: String,
|
2020-04-16 23:40:29 +02:00
|
|
|
use_deno_namespace: bool,
|
2019-08-14 17:03:02 +02:00
|
|
|
}
|
|
|
|
|
|
|
|
/// Create worker as the host
|
2019-10-11 11:41:54 -07:00
|
|
|
fn op_create_worker(
|
2020-09-10 09:57:45 -04:00
|
|
|
state: &mut OpState,
|
2021-03-18 19:42:01 +01:00
|
|
|
args: CreateWorkerArgs,
|
2020-06-01 20:20:47 +02:00
|
|
|
_data: &mut [ZeroCopyBuf],
|
2020-09-14 18:48:57 +02:00
|
|
|
) -> Result<Value, AnyError> {
|
2020-02-03 18:08:44 -05:00
|
|
|
let specifier = args.specifier.clone();
|
2020-04-16 23:40:29 +02:00
|
|
|
let maybe_source_code = if args.has_source_code {
|
|
|
|
Some(args.source_code.clone())
|
|
|
|
} else {
|
|
|
|
None
|
|
|
|
};
|
2020-02-03 18:08:44 -05:00
|
|
|
let args_name = args.name;
|
2020-04-16 23:40:29 +02:00
|
|
|
let use_deno_namespace = args.use_deno_namespace;
|
2020-05-07 21:15:59 +02:00
|
|
|
if use_deno_namespace {
|
2021-01-06 15:31:16 -05:00
|
|
|
super::check_unstable(state, "Worker.deno.namespace");
|
2020-05-07 21:15:59 +02:00
|
|
|
}
|
2021-01-06 15:31:16 -05:00
|
|
|
let parent_permissions = state.borrow::<Permissions>().clone();
|
|
|
|
let worker_permissions = if let Some(permissions) = args.permissions {
|
|
|
|
super::check_unstable(state, "Worker.deno.permissions");
|
|
|
|
create_worker_permissions(&parent_permissions, permissions)?
|
|
|
|
} else {
|
|
|
|
parent_permissions.clone()
|
|
|
|
};
|
|
|
|
|
2020-09-20 01:17:35 +02:00
|
|
|
let worker_id = state.take::<WorkerId>();
|
2020-12-11 18:49:26 +01:00
|
|
|
let create_module_loader = state.take::<CreateWebWorkerCbHolder>();
|
|
|
|
state.put::<CreateWebWorkerCbHolder>(create_module_loader.clone());
|
2020-09-20 01:17:35 +02:00
|
|
|
state.put::<WorkerId>(worker_id + 1);
|
2020-02-08 20:34:31 +01:00
|
|
|
|
2021-02-17 13:47:18 -05:00
|
|
|
let module_specifier = deno_core::resolve_url(&specifier)?;
|
2020-04-14 17:41:06 +02:00
|
|
|
let worker_name = args_name.unwrap_or_else(|| "".to_string());
|
2020-12-07 04:30:40 +01:00
|
|
|
|
|
|
|
let (handle_sender, handle_receiver) =
|
|
|
|
std::sync::mpsc::sync_channel::<Result<WebWorkerHandle, AnyError>>(1);
|
|
|
|
|
|
|
|
// Setup new thread
|
|
|
|
let thread_builder =
|
|
|
|
std::thread::Builder::new().name(format!("deno-worker-{}", worker_id));
|
|
|
|
|
|
|
|
// Spawn it
|
|
|
|
let join_handle = thread_builder.spawn(move || {
|
|
|
|
// Any error inside this block is terminal:
|
|
|
|
// - JS worker is useless - meaning it throws an exception and can't do anything else,
|
|
|
|
// all action done upon it should be noops
|
|
|
|
// - newly spawned thread exits
|
2020-12-11 18:49:26 +01:00
|
|
|
|
|
|
|
let worker = (create_module_loader.0)(CreateWebWorkerArgs {
|
|
|
|
name: worker_name,
|
|
|
|
worker_id,
|
2021-01-06 15:31:16 -05:00
|
|
|
parent_permissions,
|
|
|
|
permissions: worker_permissions,
|
2020-12-11 18:49:26 +01:00
|
|
|
main_module: module_specifier.clone(),
|
2020-12-07 04:30:40 +01:00
|
|
|
use_deno_namespace,
|
2020-12-11 18:49:26 +01:00
|
|
|
});
|
2020-12-07 04:30:40 +01:00
|
|
|
|
|
|
|
// Send thread safe handle to newly created worker to host thread
|
|
|
|
handle_sender.send(Ok(worker.thread_safe_handle())).unwrap();
|
|
|
|
drop(handle_sender);
|
|
|
|
|
|
|
|
// At this point the only method of communication with host
|
|
|
|
// is using `worker.internal_channels`.
|
|
|
|
//
|
|
|
|
// Host can already push messages and interact with worker.
|
|
|
|
run_web_worker(worker, module_specifier, maybe_source_code)
|
|
|
|
})?;
|
|
|
|
|
|
|
|
let worker_handle = handle_receiver.recv().unwrap()?;
|
|
|
|
|
|
|
|
let worker_thread = WorkerThread {
|
|
|
|
join_handle,
|
|
|
|
worker_handle,
|
|
|
|
};
|
2020-01-18 00:43:53 +01:00
|
|
|
|
2020-02-11 10:04:59 +01:00
|
|
|
// At this point all interactions with worker happen using thread
|
2020-12-07 04:30:40 +01:00
|
|
|
// safe handler returned from previous function calls
|
2020-09-20 01:17:35 +02:00
|
|
|
state
|
|
|
|
.borrow_mut::<WorkersTable>()
|
2020-12-07 04:30:40 +01:00
|
|
|
.insert(worker_id, worker_thread);
|
2019-08-26 14:50:21 +02:00
|
|
|
|
2020-08-28 17:08:24 +02:00
|
|
|
Ok(json!({ "id": worker_id }))
|
2019-11-17 01:17:47 +01:00
|
|
|
}
|
|
|
|
|
2019-08-26 14:50:21 +02:00
|
|
|
#[derive(Deserialize)]
|
2021-03-18 19:42:01 +01:00
|
|
|
pub struct WorkerArgs {
|
2019-11-09 21:07:14 +01:00
|
|
|
id: i32,
|
2019-08-14 17:03:02 +02:00
|
|
|
}
|
|
|
|
|
2021-03-18 19:42:01 +01:00
|
|
|
#[allow(clippy::unnecessary_wraps)]
|
2020-02-11 10:04:59 +01:00
|
|
|
fn op_host_terminate_worker(
|
2020-09-10 09:57:45 -04:00
|
|
|
state: &mut OpState,
|
2021-03-18 19:42:01 +01:00
|
|
|
args: WorkerArgs,
|
2020-06-01 20:20:47 +02:00
|
|
|
_data: &mut [ZeroCopyBuf],
|
2020-09-14 18:48:57 +02:00
|
|
|
) -> Result<Value, AnyError> {
|
2020-01-18 00:43:53 +01:00
|
|
|
let id = args.id as u32;
|
2020-12-07 04:30:40 +01:00
|
|
|
let worker_thread = state
|
2020-09-20 01:17:35 +02:00
|
|
|
.borrow_mut::<WorkersTable>()
|
2020-08-18 18:30:13 +02:00
|
|
|
.remove(&id)
|
|
|
|
.expect("No worker handle found");
|
2020-12-07 04:30:40 +01:00
|
|
|
worker_thread.worker_handle.terminate();
|
|
|
|
worker_thread
|
|
|
|
.join_handle
|
|
|
|
.join()
|
|
|
|
.expect("Panic in worker thread")
|
|
|
|
.expect("Panic in worker event loop");
|
2020-08-28 17:08:24 +02:00
|
|
|
Ok(json!({}))
|
2020-01-18 00:43:53 +01:00
|
|
|
}
|
|
|
|
|
2020-02-11 10:04:59 +01:00
|
|
|
fn serialize_worker_event(event: WorkerEvent) -> Value {
|
|
|
|
match event {
|
|
|
|
WorkerEvent::Message(buf) => json!({ "type": "msg", "data": buf }),
|
2020-11-20 13:25:18 +01:00
|
|
|
WorkerEvent::TerminalError(error) => match error.downcast::<JsError>() {
|
2020-11-22 13:06:51 +00:00
|
|
|
Ok(js_error) => json!({
|
|
|
|
"type": "terminalError",
|
|
|
|
"error": {
|
|
|
|
"message": js_error.message,
|
|
|
|
"fileName": js_error.script_resource_name,
|
|
|
|
"lineNumber": js_error.line_number,
|
|
|
|
"columnNumber": js_error.start_column,
|
|
|
|
}
|
|
|
|
}),
|
|
|
|
Err(error) => json!({
|
|
|
|
"type": "terminalError",
|
|
|
|
"error": {
|
|
|
|
"message": error.to_string(),
|
|
|
|
}
|
|
|
|
}),
|
2020-11-20 13:25:18 +01:00
|
|
|
},
|
|
|
|
WorkerEvent::Error(error) => match error.downcast::<JsError>() {
|
2020-11-22 13:06:51 +00:00
|
|
|
Ok(js_error) => json!({
|
|
|
|
"type": "error",
|
|
|
|
"error": {
|
|
|
|
"message": js_error.message,
|
|
|
|
"fileName": js_error.script_resource_name,
|
|
|
|
"lineNumber": js_error.line_number,
|
|
|
|
"columnNumber": js_error.start_column,
|
|
|
|
}
|
|
|
|
}),
|
|
|
|
Err(error) => json!({
|
|
|
|
"type": "error",
|
|
|
|
"error": {
|
|
|
|
"message": error.to_string(),
|
|
|
|
}
|
|
|
|
}),
|
2020-11-20 13:25:18 +01:00
|
|
|
},
|
2020-02-11 10:04:59 +01:00
|
|
|
}
|
2019-08-14 17:03:02 +02:00
|
|
|
}
|
|
|
|
|
2020-12-07 04:30:40 +01:00
|
|
|
/// Try to remove worker from workers table - NOTE: `Worker.terminate()`
|
|
|
|
/// might have been called already meaning that we won't find worker in
|
|
|
|
/// table - in that case ignore.
|
|
|
|
fn try_remove_and_close(state: Rc<RefCell<OpState>>, id: u32) {
|
|
|
|
let mut s = state.borrow_mut();
|
|
|
|
let workers = s.borrow_mut::<WorkersTable>();
|
|
|
|
if let Some(mut worker_thread) = workers.remove(&id) {
|
|
|
|
worker_thread.worker_handle.sender.close_channel();
|
|
|
|
worker_thread
|
|
|
|
.join_handle
|
|
|
|
.join()
|
|
|
|
.expect("Worker thread panicked")
|
|
|
|
.expect("Panic in worker event loop");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-08-14 17:03:02 +02:00
|
|
|
/// Get message from guest worker as host
|
2020-08-28 17:08:24 +02:00
|
|
|
async fn op_host_get_message(
|
2020-09-10 09:57:45 -04:00
|
|
|
state: Rc<RefCell<OpState>>,
|
2021-03-18 19:42:01 +01:00
|
|
|
args: WorkerArgs,
|
2020-08-28 17:08:24 +02:00
|
|
|
_zero_copy: BufVec,
|
2020-09-14 18:48:57 +02:00
|
|
|
) -> Result<Value, AnyError> {
|
2019-11-09 21:07:14 +01:00
|
|
|
let id = args.id as u32;
|
2020-08-28 17:08:24 +02:00
|
|
|
|
2020-09-10 09:57:45 -04:00
|
|
|
let worker_handle = {
|
2020-09-20 01:17:35 +02:00
|
|
|
let s = state.borrow();
|
|
|
|
let workers_table = s.borrow::<WorkersTable>();
|
2020-09-10 09:57:45 -04:00
|
|
|
let maybe_handle = workers_table.get(&id);
|
|
|
|
if let Some(handle) = maybe_handle {
|
2020-12-07 04:30:40 +01:00
|
|
|
handle.worker_handle.clone()
|
2020-09-10 09:57:45 -04:00
|
|
|
} else {
|
|
|
|
// If handle was not found it means worker has already shutdown
|
|
|
|
return Ok(json!({ "type": "close" }));
|
|
|
|
}
|
2020-08-28 17:08:24 +02:00
|
|
|
};
|
|
|
|
|
2020-12-07 04:30:40 +01:00
|
|
|
let maybe_event = worker_handle.get_event().await?;
|
|
|
|
if let Some(event) = maybe_event {
|
|
|
|
// Terminal error means that worker should be removed from worker table.
|
|
|
|
if let WorkerEvent::TerminalError(_) = &event {
|
|
|
|
try_remove_and_close(state, id);
|
2020-08-28 17:08:24 +02:00
|
|
|
}
|
2020-12-07 04:30:40 +01:00
|
|
|
return Ok(serialize_worker_event(event));
|
|
|
|
}
|
|
|
|
|
|
|
|
// If there was no event from worker it means it has already been closed.
|
|
|
|
try_remove_and_close(state, id);
|
|
|
|
Ok(json!({ "type": "close" }))
|
2019-08-26 14:50:21 +02:00
|
|
|
}
|
|
|
|
|
2019-08-14 17:03:02 +02:00
|
|
|
/// Post message to guest worker as host
|
2019-10-11 11:41:54 -07:00
|
|
|
fn op_host_post_message(
|
2020-09-10 09:57:45 -04:00
|
|
|
state: &mut OpState,
|
2021-03-18 19:42:01 +01:00
|
|
|
args: WorkerArgs,
|
2020-06-01 20:20:47 +02:00
|
|
|
data: &mut [ZeroCopyBuf],
|
2020-09-14 18:48:57 +02:00
|
|
|
) -> Result<Value, AnyError> {
|
2020-06-01 20:20:47 +02:00
|
|
|
assert_eq!(data.len(), 1, "Invalid number of arguments");
|
2019-11-09 21:07:14 +01:00
|
|
|
let id = args.id as u32;
|
2020-06-01 20:20:47 +02:00
|
|
|
let msg = Vec::from(&*data[0]).into_boxed_slice();
|
2019-11-09 21:07:14 +01:00
|
|
|
|
|
|
|
debug!("post message to worker {}", id);
|
2020-12-07 04:30:40 +01:00
|
|
|
let worker_thread = state
|
|
|
|
.borrow::<WorkersTable>()
|
|
|
|
.get(&id)
|
|
|
|
.expect("No worker handle found");
|
|
|
|
worker_thread.worker_handle.post_message(msg)?;
|
2020-08-28 17:08:24 +02:00
|
|
|
Ok(json!({}))
|
2019-08-14 17:03:02 +02:00
|
|
|
}
|