mirror of
https://github.com/denoland/deno.git
synced 2025-02-01 12:16:11 -05:00
Add permission flags
This commit is contained in:
Ryan Dahl
parent
47cfde452d
commit
e64e4e3ec8
4 changed files with 40 additions and 2 deletions
6
fetch.go
6
fetch.go
|
|
@ -31,6 +31,12 @@ func Fetch(id int32, targetUrl string) []byte {
|
||||||
FetchResId: id,
|
FetchResId: id,
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if !Perms.Connect {
|
||||||
|
resMsg.Error = "Permission to connect denied."
|
||||||
|
PubMsg("fetch", resMsg)
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
resp, err := http.Get(targetUrl)
|
resp, err := http.Get(targetUrl)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
resMsg.Error = err.Error()
|
resMsg.Error = err.Error()
|
||||||
|
|
|
||||||
|
|
@ -149,7 +149,8 @@ func TestErrors(t *testing.T) {
|
||||||
|
|
||||||
func TestTestsTs(t *testing.T) {
|
func TestTestsTs(t *testing.T) {
|
||||||
integrationTestSetup()
|
integrationTestSetup()
|
||||||
cmd := exec.Command(denoFn, "tests.ts")
|
// TODO Need unit test for each of the permissions.
|
||||||
|
cmd := exec.Command(denoFn, "--allow-connect", "--allow-write", "tests.ts")
|
||||||
cmd.Stdout = os.Stdout
|
cmd.Stdout = os.Stdout
|
||||||
cmd.Stderr = os.Stderr
|
cmd.Stderr = os.Stderr
|
||||||
err := cmd.Run()
|
err := cmd.Run()
|
||||||
|
|
|
||||||
24
main.go
24
main.go
|
|
@ -14,6 +14,29 @@ var flagV8Options = flag.Bool("v8-options", false, "Print V8 command line option
|
||||||
var flagDebug = flag.Bool("debug", false, "Enable debug output.")
|
var flagDebug = flag.Bool("debug", false, "Enable debug output.")
|
||||||
var flagGoProf = flag.String("goprof", "", "Write golang cpu profile to file.")
|
var flagGoProf = flag.String("goprof", "", "Write golang cpu profile to file.")
|
||||||
|
|
||||||
|
var flagAllowWrite = flag.Bool("allow-write", false,
|
||||||
|
"Allow program to write to the fs.")
|
||||||
|
var flagAllowConnect = flag.Bool("allow-connect", false,
|
||||||
|
"Allow program to connect to other network addresses.")
|
||||||
|
var flagAllowAccept = flag.Bool("allow-accept", false,
|
||||||
|
"Allow program to accept connections.")
|
||||||
|
var flagAllowRead = flag.Bool("allow-read", true,
|
||||||
|
"Allow program to read file system.")
|
||||||
|
|
||||||
|
var Perms struct {
|
||||||
|
FsRead bool
|
||||||
|
FsWrite bool
|
||||||
|
Connect bool
|
||||||
|
Accept bool
|
||||||
|
}
|
||||||
|
|
||||||
|
func setPerms() {
|
||||||
|
Perms.FsRead = *flagAllowRead
|
||||||
|
Perms.FsWrite = *flagAllowWrite
|
||||||
|
Perms.Connect = *flagAllowConnect
|
||||||
|
Perms.Accept = *flagAllowAccept
|
||||||
|
}
|
||||||
|
|
||||||
func stringAsset(path string) string {
|
func stringAsset(path string) string {
|
||||||
data, err := Asset("dist/" + path)
|
data, err := Asset("dist/" + path)
|
||||||
check(err)
|
check(err)
|
||||||
|
|
@ -23,6 +46,7 @@ func stringAsset(path string) string {
|
||||||
func FlagsParse() []string {
|
func FlagsParse() []string {
|
||||||
flag.Parse()
|
flag.Parse()
|
||||||
args := flag.Args()
|
args := flag.Args()
|
||||||
|
setPerms()
|
||||||
if *flagV8Options {
|
if *flagV8Options {
|
||||||
args = append(args, "--help")
|
args = append(args, "--help")
|
||||||
}
|
}
|
||||||
|
|
|
||||||
9
os.go
9
os.go
|
|
@ -17,7 +17,14 @@ const assetPrefix string = "/$asset$/"
|
||||||
var fs afero.Fs
|
var fs afero.Fs
|
||||||
|
|
||||||
func InitOS() {
|
func InitOS() {
|
||||||
fs = afero.NewOsFs()
|
if Perms.FsWrite {
|
||||||
|
assert(Perms.FsRead, "Write access requires read access.")
|
||||||
|
fs = afero.NewOsFs()
|
||||||
|
} else if Perms.FsRead {
|
||||||
|
fs = afero.NewReadOnlyFs(afero.NewOsFs())
|
||||||
|
} else {
|
||||||
|
panic("Not implemented.")
|
||||||
|
}
|
||||||
|
|
||||||
Sub("os", func(buf []byte) []byte {
|
Sub("os", func(buf []byte) []byte {
|
||||||
msg := &Msg{}
|
msg := &Msg{}
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue