mirror of
https://github.com/denoland/deno.git
synced 2024-11-28 16:20:57 -05:00
Enforce env permission on homeDir() and execPath (#2714)
This commit is contained in:
parent
c6861b537e
commit
52c13fb3ed
4 changed files with 40 additions and 10 deletions
21
cli/ops.rs
21
cli/ops.rs
|
@ -354,12 +354,17 @@ fn op_start(
|
||||||
let cwd_off =
|
let cwd_off =
|
||||||
builder.create_string(deno_fs::normalize_path(cwd_path.as_ref()).as_ref());
|
builder.create_string(deno_fs::normalize_path(cwd_path.as_ref()).as_ref());
|
||||||
|
|
||||||
let current_exe = std::env::current_exe().unwrap();
|
// Use permissions.allows_env() to bypass env request prompt.
|
||||||
// Now apply URL parser to current exe to get fully resolved path, otherwise we might get
|
let exec_path = if state.permissions.allows_env() {
|
||||||
// `./` and `../` bits in `exec_path`
|
let current_exe = std::env::current_exe().unwrap();
|
||||||
let exe_url = Url::from_file_path(current_exe).unwrap();
|
// Now apply URL parser to current exe to get fully resolved path, otherwise we might get
|
||||||
let exec_path =
|
// `./` and `../` bits in `exec_path`
|
||||||
builder.create_string(exe_url.to_file_path().unwrap().to_str().unwrap());
|
let exe_url = Url::from_file_path(current_exe).unwrap();
|
||||||
|
exe_url.to_file_path().unwrap().to_str().unwrap().to_owned()
|
||||||
|
} else {
|
||||||
|
"".to_owned()
|
||||||
|
};
|
||||||
|
let exec_path = builder.create_string(&exec_path);
|
||||||
|
|
||||||
let v8_version = version::v8();
|
let v8_version = version::v8();
|
||||||
let v8_version_off = builder.create_string(v8_version);
|
let v8_version_off = builder.create_string(v8_version);
|
||||||
|
@ -1751,13 +1756,15 @@ fn op_metrics(
|
||||||
}
|
}
|
||||||
|
|
||||||
fn op_home_dir(
|
fn op_home_dir(
|
||||||
_state: &ThreadSafeState,
|
state: &ThreadSafeState,
|
||||||
base: &msg::Base<'_>,
|
base: &msg::Base<'_>,
|
||||||
data: Option<PinnedBuf>,
|
data: Option<PinnedBuf>,
|
||||||
) -> CliOpResult {
|
) -> CliOpResult {
|
||||||
assert!(data.is_none());
|
assert!(data.is_none());
|
||||||
let cmd_id = base.cmd_id();
|
let cmd_id = base.cmd_id();
|
||||||
|
|
||||||
|
state.check_env()?;
|
||||||
|
|
||||||
let builder = &mut FlatBufferBuilder::new();
|
let builder = &mut FlatBufferBuilder::new();
|
||||||
let path = dirs::home_dir()
|
let path = dirs::home_dir()
|
||||||
.unwrap_or_default()
|
.unwrap_or_default()
|
||||||
|
|
|
@ -39,6 +39,26 @@ test(function osIsTTYSmoke(): void {
|
||||||
console.log(Deno.isTTY());
|
console.log(Deno.isTTY());
|
||||||
});
|
});
|
||||||
|
|
||||||
test(function homeDir(): void {
|
testPerm({ env: true }, function homeDir(): void {
|
||||||
assertNotEquals(Deno.homeDir(), "");
|
assertNotEquals(Deno.homeDir(), "");
|
||||||
});
|
});
|
||||||
|
|
||||||
|
testPerm({ env: false }, function homeDirPerm(): void {
|
||||||
|
let caughtError = false;
|
||||||
|
try {
|
||||||
|
Deno.homeDir();
|
||||||
|
} catch (err) {
|
||||||
|
caughtError = true;
|
||||||
|
assertEquals(err.kind, Deno.ErrorKind.PermissionDenied);
|
||||||
|
assertEquals(err.name, "PermissionDenied");
|
||||||
|
}
|
||||||
|
assert(caughtError);
|
||||||
|
});
|
||||||
|
|
||||||
|
testPerm({ env: true }, function execPath(): void {
|
||||||
|
assertNotEquals(Deno.execPath, "");
|
||||||
|
});
|
||||||
|
|
||||||
|
testPerm({ env: false }, function execPathPerm(): void {
|
||||||
|
assertEquals(Deno.execPath, "");
|
||||||
|
});
|
||||||
|
|
|
@ -55,7 +55,10 @@ class TestTarget(DenoTestCase):
|
||||||
assert result.out.strip() == "noColor false"
|
assert result.out.strip() == "noColor false"
|
||||||
|
|
||||||
def test_exec_path(self):
|
def test_exec_path(self):
|
||||||
cmd = [self.deno_exe, "run", "--allow-run", "tests/exec_path.ts"]
|
cmd = [
|
||||||
|
self.deno_exe, "run", "--allow-run", "--allow-env",
|
||||||
|
"tests/exec_path.ts"
|
||||||
|
]
|
||||||
result = run_output(cmd, quiet=True)
|
result = run_output(cmd, quiet=True)
|
||||||
print "exec_path", result.code
|
print "exec_path", result.code
|
||||||
print result.out
|
print result.out
|
||||||
|
|
|
@ -10,7 +10,7 @@ from test_util import DenoTestCase, run_tests
|
||||||
class JsUnitTests(DenoTestCase):
|
class JsUnitTests(DenoTestCase):
|
||||||
def test_unit_test_runner(self):
|
def test_unit_test_runner(self):
|
||||||
cmd = [
|
cmd = [
|
||||||
self.deno_exe, "run", "--reload", "--allow-run",
|
self.deno_exe, "run", "--reload", "--allow-run", "--allow-env",
|
||||||
"js/unit_test_runner.ts"
|
"js/unit_test_runner.ts"
|
||||||
]
|
]
|
||||||
process = subprocess.Popen(
|
process = subprocess.Popen(
|
||||||
|
|
Loading…
Reference in a new issue