mirror of
https://github.com/denoland/deno.git
synced 2025-01-12 00:54:02 -05:00
feat(runtime): allow URL for permissions (#11578)
This commit is contained in:
parent
b6b71c3d59
commit
15b0e61de5
5 changed files with 75 additions and 13 deletions
8
cli/dts/lib.deno.ns.d.ts
vendored
8
cli/dts/lib.deno.ns.d.ts
vendored
|
@ -2133,17 +2133,17 @@ declare namespace Deno {
|
||||||
|
|
||||||
export interface RunPermissionDescriptor {
|
export interface RunPermissionDescriptor {
|
||||||
name: "run";
|
name: "run";
|
||||||
command?: string;
|
command?: string | URL;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface ReadPermissionDescriptor {
|
export interface ReadPermissionDescriptor {
|
||||||
name: "read";
|
name: "read";
|
||||||
path?: string;
|
path?: string | URL;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface WritePermissionDescriptor {
|
export interface WritePermissionDescriptor {
|
||||||
name: "write";
|
name: "write";
|
||||||
path?: string;
|
path?: string | URL;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface NetPermissionDescriptor {
|
export interface NetPermissionDescriptor {
|
||||||
|
@ -2153,7 +2153,7 @@ declare namespace Deno {
|
||||||
* "github.com"
|
* "github.com"
|
||||||
* "deno.land:8080"
|
* "deno.land:8080"
|
||||||
*/
|
*/
|
||||||
host?: string;
|
host?: string | URL;
|
||||||
}
|
}
|
||||||
|
|
||||||
export interface EnvPermissionDescriptor {
|
export interface EnvPermissionDescriptor {
|
||||||
|
|
12
cli/dts/lib.deno.unstable.d.ts
vendored
12
cli/dts/lib.deno.unstable.d.ts
vendored
|
@ -959,7 +959,7 @@ declare namespace Deno {
|
||||||
*
|
*
|
||||||
* Defaults to "inherit".
|
* Defaults to "inherit".
|
||||||
*/
|
*/
|
||||||
env?: "inherit" | boolean;
|
env?: "inherit" | boolean | string[];
|
||||||
|
|
||||||
/** Specifies if the `hrtime` permission should be requested or revoked.
|
/** Specifies if the `hrtime` permission should be requested or revoked.
|
||||||
* If set to `"inherit"`, the current `hrtime` permission will be inherited.
|
* If set to `"inherit"`, the current `hrtime` permission will be inherited.
|
||||||
|
@ -1041,7 +1041,7 @@ declare namespace Deno {
|
||||||
* });
|
* });
|
||||||
* ```
|
* ```
|
||||||
*/
|
*/
|
||||||
net?: "inherit" | boolean | string[];
|
net?: "inherit" | boolean | Array<string | URL>;
|
||||||
|
|
||||||
/** Specifies if the `plugin` permission should be requested or revoked.
|
/** Specifies if the `plugin` permission should be requested or revoked.
|
||||||
* If set to `"inherit"`, the current `plugin` permission will be inherited.
|
* If set to `"inherit"`, the current `plugin` permission will be inherited.
|
||||||
|
@ -1070,7 +1070,7 @@ declare namespace Deno {
|
||||||
*
|
*
|
||||||
* Defaults to "inherit".
|
* Defaults to "inherit".
|
||||||
*/
|
*/
|
||||||
run?: "inherit" | boolean;
|
run?: "inherit" | boolean | Array<string | URL>;
|
||||||
|
|
||||||
/** Specifies if the `write` permission should be requested or revoked.
|
/** Specifies if the `write` permission should be requested or revoked.
|
||||||
* If set to `"inherit"`, the current `write` permission will be inherited.
|
* If set to `"inherit"`, the current `write` permission will be inherited.
|
||||||
|
@ -1129,17 +1129,17 @@ declare interface WorkerOptions {
|
||||||
namespace?: boolean;
|
namespace?: boolean;
|
||||||
/** Set to `"none"` to disable all the permissions in the worker. */
|
/** Set to `"none"` to disable all the permissions in the worker. */
|
||||||
permissions?: "inherit" | "none" | {
|
permissions?: "inherit" | "none" | {
|
||||||
env?: "inherit" | boolean;
|
env?: "inherit" | boolean | string[];
|
||||||
hrtime?: "inherit" | boolean;
|
hrtime?: "inherit" | boolean;
|
||||||
/** The format of the net access list must be `hostname[:port]`
|
/** The format of the net access list must be `hostname[:port]`
|
||||||
* in order to be resolved.
|
* in order to be resolved.
|
||||||
*
|
*
|
||||||
* For example: `["https://deno.land", "localhost:8080"]`.
|
* For example: `["https://deno.land", "localhost:8080"]`.
|
||||||
*/
|
*/
|
||||||
net?: "inherit" | boolean | string[];
|
net?: "inherit" | boolean | Array<string | URL>;
|
||||||
plugin?: "inherit" | boolean;
|
plugin?: "inherit" | boolean;
|
||||||
read?: "inherit" | boolean | Array<string | URL>;
|
read?: "inherit" | boolean | Array<string | URL>;
|
||||||
run?: "inherit" | boolean;
|
run?: "inherit" | boolean | Array<string | URL>;
|
||||||
write?: "inherit" | boolean | Array<string | URL>;
|
write?: "inherit" | boolean | Array<string | URL>;
|
||||||
};
|
};
|
||||||
};
|
};
|
||||||
|
|
|
@ -57,3 +57,22 @@ unitTest(function permissionStatusIllegalConstructor() {
|
||||||
);
|
);
|
||||||
assertEquals(Deno.PermissionStatus.length, 0);
|
assertEquals(Deno.PermissionStatus.length, 0);
|
||||||
});
|
});
|
||||||
|
|
||||||
|
unitTest(async function permissionURL() {
|
||||||
|
await Deno.permissions.query({
|
||||||
|
name: "read",
|
||||||
|
path: new URL(".", import.meta.url),
|
||||||
|
});
|
||||||
|
await Deno.permissions.query({
|
||||||
|
name: "write",
|
||||||
|
path: new URL(".", import.meta.url),
|
||||||
|
});
|
||||||
|
await Deno.permissions.query({
|
||||||
|
name: "run",
|
||||||
|
command: new URL(".", import.meta.url),
|
||||||
|
});
|
||||||
|
await Deno.permissions.query({
|
||||||
|
name: "net",
|
||||||
|
host: new URL("https://deno.land/foo"),
|
||||||
|
});
|
||||||
|
});
|
||||||
|
|
|
@ -93,7 +93,16 @@
|
||||||
} else if (ArrayIsArray(value)) {
|
} else if (ArrayIsArray(value)) {
|
||||||
value = ArrayPrototypeMap(value, (route) => {
|
value = ArrayPrototypeMap(value, (route) => {
|
||||||
if (route instanceof URL) {
|
if (route instanceof URL) {
|
||||||
route = pathFromURL(route);
|
if (permission === "net") {
|
||||||
|
route = route.host;
|
||||||
|
}
|
||||||
|
if (permission === "env") {
|
||||||
|
throw new Error(
|
||||||
|
`Expected 'string' for env permission, received 'URL'`,
|
||||||
|
);
|
||||||
|
} else {
|
||||||
|
route = pathFromURL(route);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
return route;
|
return route;
|
||||||
});
|
});
|
||||||
|
@ -115,12 +124,12 @@
|
||||||
write = "inherit",
|
write = "inherit",
|
||||||
}) {
|
}) {
|
||||||
return {
|
return {
|
||||||
env: parseUnitPermission(env, "env"),
|
env: parseArrayPermission(env, "env"),
|
||||||
hrtime: parseUnitPermission(hrtime, "hrtime"),
|
hrtime: parseUnitPermission(hrtime, "hrtime"),
|
||||||
net: parseArrayPermission(net, "net"),
|
net: parseArrayPermission(net, "net"),
|
||||||
plugin: parseUnitPermission(plugin, "plugin"),
|
plugin: parseUnitPermission(plugin, "plugin"),
|
||||||
read: parseArrayPermission(read, "read"),
|
read: parseArrayPermission(read, "read"),
|
||||||
run: parseUnitPermission(run, "run"),
|
run: parseArrayPermission(run, "run"),
|
||||||
write: parseArrayPermission(write, "write"),
|
write: parseArrayPermission(write, "write"),
|
||||||
};
|
};
|
||||||
}
|
}
|
||||||
|
|
|
@ -8,6 +8,7 @@
|
||||||
Deno: { core },
|
Deno: { core },
|
||||||
__bootstrap: { webUtil: { illegalConstructorKey } },
|
__bootstrap: { webUtil: { illegalConstructorKey } },
|
||||||
} = window;
|
} = window;
|
||||||
|
const { pathFromURL } = window.__bootstrap.util;
|
||||||
const {
|
const {
|
||||||
ArrayPrototypeIncludes,
|
ArrayPrototypeIncludes,
|
||||||
Map,
|
Map,
|
||||||
|
@ -161,6 +162,17 @@
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (desc.name === "read" || desc.name === "write") {
|
||||||
|
desc.path = pathFromURL(desc.path);
|
||||||
|
} else if (desc.name === "run") {
|
||||||
|
desc.command = pathFromURL(desc.command);
|
||||||
|
} else if (desc.name === "net") {
|
||||||
|
if (desc.host instanceof URL) {
|
||||||
|
desc.host = desc.host.host;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const state = opQuery(desc);
|
const state = opQuery(desc);
|
||||||
return PromiseResolve(cache(desc, state));
|
return PromiseResolve(cache(desc, state));
|
||||||
}
|
}
|
||||||
|
@ -173,6 +185,17 @@
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (desc.name === "read" || desc.name === "write") {
|
||||||
|
desc.path = pathFromURL(desc.path);
|
||||||
|
} else if (desc.name === "run") {
|
||||||
|
desc.command = pathFromURL(desc.command);
|
||||||
|
} else if (desc.name === "net") {
|
||||||
|
if (desc.host instanceof URL) {
|
||||||
|
desc.host = desc.host.host;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const state = opRevoke(desc);
|
const state = opRevoke(desc);
|
||||||
return PromiseResolve(cache(desc, state));
|
return PromiseResolve(cache(desc, state));
|
||||||
}
|
}
|
||||||
|
@ -185,6 +208,17 @@
|
||||||
),
|
),
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
if (desc.name === "read" || desc.name === "write") {
|
||||||
|
desc.path = pathFromURL(desc.path);
|
||||||
|
} else if (desc.name === "run") {
|
||||||
|
desc.command = pathFromURL(desc.command);
|
||||||
|
} else if (desc.name === "net") {
|
||||||
|
if (desc.host instanceof URL) {
|
||||||
|
desc.host = desc.host.host;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
const state = opRequest(desc);
|
const state = opRequest(desc);
|
||||||
return PromiseResolve(cache(desc, state));
|
return PromiseResolve(cache(desc, state));
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue