mirror of
https://github.com/denoland/deno.git
synced 2024-11-24 15:19:26 -05:00
BREAKING(permissions): remove --allow-hrtime (#25367)
Remove `--allow-hrtime` and `--deny-hrtime`. We are doing this because it is already possible to get access to high resolution timers through workers and SharedArrayBuffer. Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
This commit is contained in:
parent
b5695d02df
commit
5cf97f539b
34 changed files with 30 additions and 270 deletions
|
@ -619,8 +619,6 @@ pub struct PermissionFlags {
|
|||
pub allow_all: bool,
|
||||
pub allow_env: Option<Vec<String>>,
|
||||
pub deny_env: Option<Vec<String>>,
|
||||
pub allow_hrtime: bool,
|
||||
pub deny_hrtime: bool,
|
||||
pub allow_ffi: Option<Vec<String>>,
|
||||
pub deny_ffi: Option<Vec<String>>,
|
||||
pub allow_net: Option<Vec<String>>,
|
||||
|
@ -641,8 +639,6 @@ impl PermissionFlags {
|
|||
self.allow_all
|
||||
|| self.allow_env.is_some()
|
||||
|| self.deny_env.is_some()
|
||||
|| self.allow_hrtime
|
||||
|| self.deny_hrtime
|
||||
|| self.allow_ffi.is_some()
|
||||
|| self.deny_ffi.is_some()
|
||||
|| self.allow_net.is_some()
|
||||
|
@ -690,8 +686,6 @@ impl PermissionFlags {
|
|||
allow_all: self.allow_all,
|
||||
allow_env: self.allow_env.clone(),
|
||||
deny_env: self.deny_env.clone(),
|
||||
allow_hrtime: self.allow_hrtime,
|
||||
deny_hrtime: self.deny_hrtime,
|
||||
allow_net: self.allow_net.clone(),
|
||||
deny_net: self.deny_net.clone(),
|
||||
allow_ffi: convert_option_str_to_path_buf(&self.allow_ffi, initial_cwd)?,
|
||||
|
@ -905,14 +899,6 @@ impl Flags {
|
|||
_ => {}
|
||||
}
|
||||
|
||||
if self.permissions.allow_hrtime {
|
||||
args.push("--allow-hrtime".to_string());
|
||||
}
|
||||
|
||||
if self.permissions.deny_hrtime {
|
||||
args.push("--deny-hrtime".to_string());
|
||||
}
|
||||
|
||||
args
|
||||
}
|
||||
|
||||
|
@ -996,8 +982,6 @@ impl Flags {
|
|||
pub fn has_permission_in_argv(&self) -> bool {
|
||||
self.argv.iter().any(|arg| {
|
||||
arg == "--allow-all"
|
||||
|| arg == "--allow-hrtime"
|
||||
|| arg == "--deny-hrtime"
|
||||
|| arg.starts_with("--allow-env")
|
||||
|| arg.starts_with("--deny-env")
|
||||
|| arg.starts_with("--allow-ffi")
|
||||
|
@ -1025,7 +1009,6 @@ impl Flags {
|
|||
self.permissions.allow_write = Some(vec![]);
|
||||
self.permissions.allow_sys = Some(vec![]);
|
||||
self.permissions.allow_ffi = Some(vec![]);
|
||||
self.permissions.allow_hrtime = true;
|
||||
}
|
||||
|
||||
pub fn resolve_watch_exclude_set(
|
||||
|
@ -1393,7 +1376,6 @@ fn handle_repl_flags(flags: &mut Flags, repl_flags: ReplFlags) {
|
|||
flags.permissions.allow_sys = Some(vec![]);
|
||||
flags.permissions.allow_write = Some(vec![]);
|
||||
flags.permissions.allow_ffi = Some(vec![]);
|
||||
flags.permissions.allow_hrtime = true;
|
||||
}
|
||||
flags.subcommand = DenoSubcommand::Repl(repl_flags);
|
||||
}
|
||||
|
@ -3098,8 +3080,6 @@ Docs: <c>https://docs.deno.com/go/permissions</>
|
|||
<p(245)>--allow-run | --allow-run="whoami,ps"</>
|
||||
<g>--allow-ffi[=<<PATH>...]</> (Unstable) Allow loading dynamic libraries. Optionally specify allowed directories or files.
|
||||
<p(245)>--allow-ffi | --allow-ffi="./libfoo.so"</>
|
||||
<g>--allow-hrtime</> Allow high-resolution time measurement. Note: this can enable timing attacks and fingerprinting.
|
||||
<p(245)>--allow-hrtime</>
|
||||
<g> --deny-read[=<<PATH>...]</> Deny file system read access. Optionally specify denied paths.
|
||||
<p(245)>--deny-read | --deny-read="/etc,/var/log.txt"</>
|
||||
<g> --deny-write[=<<PATH>...]</> Deny file system write access. Optionally specify denied paths.
|
||||
|
@ -3114,8 +3094,6 @@ Docs: <c>https://docs.deno.com/go/permissions</>
|
|||
<p(245)>--deny-run | --deny-run="whoami,ps"</>
|
||||
<g>--deny-ffi[=<<PATH>...]</> (Unstable) Deny loading dynamic libraries. Optionally specify denied directories or files.
|
||||
<p(245)>--deny-ffi | --deny-ffi="./libfoo.so"</>
|
||||
<g>--deny-hrtime</> Deny high-resolution time measurement.
|
||||
<p(245)>--deny-hrtime</>
|
||||
"#))
|
||||
.arg(
|
||||
Arg::new("allow-all")
|
||||
|
@ -3312,14 +3290,14 @@ Docs: <c>https://docs.deno.com/go/permissions</>
|
|||
Arg::new("allow-hrtime")
|
||||
.long("allow-hrtime")
|
||||
.action(ArgAction::SetTrue)
|
||||
.help("Allow high-resolution time measurement. Note: this can enable timing attacks and fingerprinting")
|
||||
.help("REMOVED in Deno 2.0")
|
||||
.hide(true),
|
||||
)
|
||||
.arg(
|
||||
Arg::new("deny-hrtime")
|
||||
.long("deny-hrtime")
|
||||
.action(ArgAction::SetTrue)
|
||||
.help("Deny high-resolution time measurement. Note: this can prevent timing attacks and fingerprinting")
|
||||
.help("REMOVED in Deno 2.0")
|
||||
.hide(true),
|
||||
)
|
||||
.arg(
|
||||
|
@ -4802,12 +4780,8 @@ fn permission_args_parse(flags: &mut Flags, matches: &mut ArgMatches) {
|
|||
debug!("ffi denylist: {:#?}", &flags.permissions.deny_ffi);
|
||||
}
|
||||
|
||||
if matches.get_flag("allow-hrtime") {
|
||||
flags.permissions.allow_hrtime = true;
|
||||
}
|
||||
|
||||
if matches.get_flag("deny-hrtime") {
|
||||
flags.permissions.deny_hrtime = true;
|
||||
if matches.get_flag("allow-hrtime") || matches.get_flag("deny-hrtime") {
|
||||
log::warn!("⚠️ Warning: `allow-hrtime` and `deny-hrtime` have been removed in Deno 2, as high resolution time is now always allowed.");
|
||||
}
|
||||
|
||||
if matches.get_flag("allow-all") {
|
||||
|
@ -5784,7 +5758,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
code_cache_enabled: true,
|
||||
|
@ -5856,44 +5829,6 @@ mod tests {
|
|||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn allow_hrtime() {
|
||||
let r = flags_from_vec(svec!["deno", "run", "--allow-hrtime", "gist.ts"]);
|
||||
assert_eq!(
|
||||
r.unwrap(),
|
||||
Flags {
|
||||
subcommand: DenoSubcommand::Run(RunFlags::new_default(
|
||||
"gist.ts".to_string(),
|
||||
)),
|
||||
permissions: PermissionFlags {
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
code_cache_enabled: true,
|
||||
..Flags::default()
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn deny_hrtime() {
|
||||
let r = flags_from_vec(svec!["deno", "run", "--deny-hrtime", "gist.ts"]);
|
||||
assert_eq!(
|
||||
r.unwrap(),
|
||||
Flags {
|
||||
subcommand: DenoSubcommand::Run(RunFlags::new_default(
|
||||
"gist.ts".to_string(),
|
||||
)),
|
||||
permissions: PermissionFlags {
|
||||
deny_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
code_cache_enabled: true,
|
||||
..Flags::default()
|
||||
}
|
||||
);
|
||||
}
|
||||
|
||||
#[test]
|
||||
fn double_hyphen() {
|
||||
// notice that flags passed after double dash will not
|
||||
|
@ -6717,7 +6652,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
..Flags::default()
|
||||
|
@ -6744,7 +6678,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
..Flags::default()
|
||||
|
@ -6776,7 +6709,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
ext: Some("ts".to_string()),
|
||||
|
@ -6817,7 +6749,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
env_file: Some(".example.env".to_owned()),
|
||||
|
@ -6852,7 +6783,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
..Flags::default()
|
||||
|
@ -6886,7 +6816,6 @@ mod tests {
|
|||
deny_write: None,
|
||||
allow_ffi: Some(vec![]),
|
||||
deny_ffi: None,
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
..Flags::default()
|
||||
|
@ -6940,7 +6869,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
env_file: Some(".example.env".to_owned()),
|
||||
|
@ -10312,7 +10240,6 @@ mod tests {
|
|||
allow_sys: Some(vec![]),
|
||||
allow_write: Some(vec![]),
|
||||
allow_ffi: Some(vec![]),
|
||||
allow_hrtime: true,
|
||||
..Default::default()
|
||||
},
|
||||
..Flags::default()
|
||||
|
|
26
cli/tsc/dts/lib.deno.ns.d.ts
vendored
26
cli/tsc/dts/lib.deno.ns.d.ts
vendored
|
@ -553,15 +553,6 @@ declare namespace Deno {
|
|||
*/
|
||||
sys?: "inherit" | boolean | string[];
|
||||
|
||||
/** Specifies if the `hrtime` permission should be requested or revoked.
|
||||
* If set to `"inherit"`, the current `hrtime` permission will be inherited.
|
||||
* If set to `true`, the global `hrtime` permission will be requested.
|
||||
* If set to `false`, the global `hrtime` permission will be revoked.
|
||||
*
|
||||
* @default {false}
|
||||
*/
|
||||
hrtime?: "inherit" | boolean;
|
||||
|
||||
/** Specifies if the `net` permission should be requested or revoked.
|
||||
* if set to `"inherit"`, the current `net` permission will be inherited.
|
||||
* if set to `true`, the global `net` permission will be requested.
|
||||
|
@ -4741,8 +4732,7 @@ declare namespace Deno {
|
|||
| "net"
|
||||
| "env"
|
||||
| "sys"
|
||||
| "ffi"
|
||||
| "hrtime";
|
||||
| "ffi";
|
||||
|
||||
/** The current status of the permission:
|
||||
*
|
||||
|
@ -4873,17 +4863,6 @@ declare namespace Deno {
|
|||
path?: string | URL;
|
||||
}
|
||||
|
||||
/** The permission descriptor for the `allow-hrtime` and `deny-hrtime` permissions, which
|
||||
* controls if the runtime code has access to high resolution time. High
|
||||
* resolution time is considered sensitive information, because it can be used
|
||||
* by malicious code to gain information about the host that it might not
|
||||
* otherwise have access to.
|
||||
*
|
||||
* @category Permissions */
|
||||
export interface HrtimePermissionDescriptor {
|
||||
name: "hrtime";
|
||||
}
|
||||
|
||||
/** Permission descriptors which define a permission and can be queried,
|
||||
* requested, or revoked.
|
||||
*
|
||||
|
@ -4899,8 +4878,7 @@ declare namespace Deno {
|
|||
| NetPermissionDescriptor
|
||||
| EnvPermissionDescriptor
|
||||
| SysPermissionDescriptor
|
||||
| FfiPermissionDescriptor
|
||||
| HrtimePermissionDescriptor;
|
||||
| FfiPermissionDescriptor;
|
||||
|
||||
/** The interface which defines what event types are supported by
|
||||
* {@linkcode PermissionStatus} instances.
|
||||
|
|
6
cli/tsc/dts/lib.deno.shared_globals.d.ts
vendored
6
cli/tsc/dts/lib.deno.shared_globals.d.ts
vendored
|
@ -593,16 +593,12 @@ declare interface Performance extends EventTarget {
|
|||
endMark?: string,
|
||||
): PerformanceMeasure;
|
||||
|
||||
/** Returns a current time from Deno's start in milliseconds.
|
||||
*
|
||||
* Use the permission flag `--allow-hrtime` to return a precise value.
|
||||
/** Returns a current time from Deno's start in fractional milliseconds.
|
||||
*
|
||||
* ```ts
|
||||
* const t = performance.now();
|
||||
* console.log(`${t} ms since start!`);
|
||||
* ```
|
||||
*
|
||||
* @tags allow-hrtime
|
||||
*/
|
||||
now(): number;
|
||||
|
||||
|
|
|
@ -13,7 +13,7 @@ pub trait TimersPermission {
|
|||
impl TimersPermission for deno_permissions::PermissionsContainer {
|
||||
#[inline(always)]
|
||||
fn allow_hrtime(&mut self) -> bool {
|
||||
deno_permissions::PermissionsContainer::allow_hrtime(self)
|
||||
true
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ const illegalConstructorKey = Symbol("illegalConstructorKey");
|
|||
* @property {boolean} partial
|
||||
*/
|
||||
|
||||
/** @type {ReadonlyArray<"read" | "write" | "net" | "env" | "sys" | "run" | "ffi" | "hrtime">} */
|
||||
/** @type {ReadonlyArray<"read" | "write" | "net" | "env" | "sys" | "run" | "ffi">} */
|
||||
const permissionNames = [
|
||||
"read",
|
||||
"write",
|
||||
|
@ -46,7 +46,6 @@ const permissionNames = [
|
|||
"sys",
|
||||
"run",
|
||||
"ffi",
|
||||
"hrtime",
|
||||
];
|
||||
|
||||
/**
|
||||
|
@ -282,7 +281,7 @@ function serializePermissions(permissions) {
|
|||
}
|
||||
}
|
||||
for (
|
||||
const key of new SafeArrayIterator(["env", "hrtime", "net", "sys"])
|
||||
const key of new SafeArrayIterator(["env", "net", "sys"])
|
||||
) {
|
||||
if (ArrayIsArray(permissions[key])) {
|
||||
serializedPermissions[key] = ArrayPrototypeSlice(permissions[key]);
|
||||
|
|
|
@ -73,7 +73,6 @@ pub fn op_query_permission(
|
|||
.query(args.kind.as_deref().map(parse_sys_kind).transpose()?),
|
||||
"run" => permissions.run.query(args.command.as_deref()),
|
||||
"ffi" => permissions.ffi.query(args.path.as_deref().map(Path::new)),
|
||||
"hrtime" => permissions.hrtime.query(),
|
||||
n => {
|
||||
return Err(custom_error(
|
||||
"ReferenceError",
|
||||
|
@ -108,7 +107,6 @@ pub fn op_revoke_permission(
|
|||
.revoke(args.kind.as_deref().map(parse_sys_kind).transpose()?),
|
||||
"run" => permissions.run.revoke(args.command.as_deref()),
|
||||
"ffi" => permissions.ffi.revoke(args.path.as_deref().map(Path::new)),
|
||||
"hrtime" => permissions.hrtime.revoke(),
|
||||
n => {
|
||||
return Err(custom_error(
|
||||
"ReferenceError",
|
||||
|
@ -143,7 +141,6 @@ pub fn op_request_permission(
|
|||
.request(args.kind.as_deref().map(parse_sys_kind).transpose()?),
|
||||
"run" => permissions.run.request(args.command.as_deref()),
|
||||
"ffi" => permissions.ffi.request(args.path.as_deref().map(Path::new)),
|
||||
"hrtime" => permissions.hrtime.request(),
|
||||
n => {
|
||||
return Err(custom_error(
|
||||
"ReferenceError",
|
||||
|
|
|
@ -1416,7 +1416,6 @@ pub struct Permissions {
|
|||
pub run: UnaryPermission<RunDescriptor>,
|
||||
pub ffi: UnaryPermission<FfiDescriptor>,
|
||||
pub all: UnitPermission,
|
||||
pub hrtime: UnitPermission,
|
||||
}
|
||||
|
||||
#[derive(Clone, Debug, Eq, PartialEq, Default, Serialize, Deserialize)]
|
||||
|
@ -1424,8 +1423,6 @@ pub struct PermissionsOptions {
|
|||
pub allow_all: bool,
|
||||
pub allow_env: Option<Vec<String>>,
|
||||
pub deny_env: Option<Vec<String>>,
|
||||
pub allow_hrtime: bool,
|
||||
pub deny_hrtime: bool,
|
||||
pub allow_net: Option<Vec<String>>,
|
||||
pub deny_net: Option<Vec<String>>,
|
||||
pub allow_ffi: Option<Vec<PathBuf>>,
|
||||
|
@ -1460,19 +1457,6 @@ impl Permissions {
|
|||
})
|
||||
}
|
||||
|
||||
pub const fn new_hrtime(
|
||||
allow_state: bool,
|
||||
deny_state: bool,
|
||||
) -> UnitPermission {
|
||||
unit_permission_from_flag_bools(
|
||||
allow_state,
|
||||
deny_state,
|
||||
"hrtime",
|
||||
"high precision time",
|
||||
false, // never prompt for hrtime
|
||||
)
|
||||
}
|
||||
|
||||
pub const fn new_all(allow_state: bool) -> UnitPermission {
|
||||
unit_permission_from_flag_bools(
|
||||
allow_state,
|
||||
|
@ -1521,7 +1505,6 @@ impl Permissions {
|
|||
opts.prompt,
|
||||
)?,
|
||||
all: Permissions::new_all(opts.allow_all),
|
||||
hrtime: Permissions::new_hrtime(opts.allow_hrtime, opts.deny_hrtime),
|
||||
})
|
||||
}
|
||||
|
||||
|
@ -1536,7 +1519,6 @@ impl Permissions {
|
|||
run: UnaryPermission::allow_all(),
|
||||
ffi: UnaryPermission::allow_all(),
|
||||
all: Permissions::new_all(true),
|
||||
hrtime: Permissions::new_hrtime(true, false),
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1560,7 +1542,6 @@ impl Permissions {
|
|||
run: Permissions::new_unary(&None, &None, prompt).unwrap(),
|
||||
ffi: Permissions::new_unary(&None, &None, prompt).unwrap(),
|
||||
all: Permissions::new_all(false),
|
||||
hrtime: Permissions::new_hrtime(false, false),
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1598,11 +1579,6 @@ impl PermissionsContainer {
|
|||
Self(Arc::new(Mutex::new(perms)))
|
||||
}
|
||||
|
||||
#[inline(always)]
|
||||
pub fn allow_hrtime(&mut self) -> bool {
|
||||
self.0.lock().hrtime.check().is_ok()
|
||||
}
|
||||
|
||||
pub fn allow_all() -> Self {
|
||||
Self::new(Permissions::allow_all())
|
||||
}
|
||||
|
@ -2115,7 +2091,6 @@ impl<'de> Deserialize<'de> for ChildUnaryPermissionArg {
|
|||
#[derive(Debug, Eq, PartialEq)]
|
||||
pub struct ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg,
|
||||
hrtime: ChildUnitPermissionArg,
|
||||
net: ChildUnaryPermissionArg,
|
||||
ffi: ChildUnaryPermissionArg,
|
||||
read: ChildUnaryPermissionArg,
|
||||
|
@ -2128,7 +2103,6 @@ impl ChildPermissionsArg {
|
|||
pub fn inherit() -> Self {
|
||||
ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg::Inherit,
|
||||
hrtime: ChildUnitPermissionArg::Inherit,
|
||||
net: ChildUnaryPermissionArg::Inherit,
|
||||
ffi: ChildUnaryPermissionArg::Inherit,
|
||||
read: ChildUnaryPermissionArg::Inherit,
|
||||
|
@ -2141,7 +2115,6 @@ impl ChildPermissionsArg {
|
|||
pub fn none() -> Self {
|
||||
ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg::NotGranted,
|
||||
hrtime: ChildUnitPermissionArg::NotGranted,
|
||||
net: ChildUnaryPermissionArg::NotGranted,
|
||||
ffi: ChildUnaryPermissionArg::NotGranted,
|
||||
read: ChildUnaryPermissionArg::NotGranted,
|
||||
|
@ -2198,11 +2171,6 @@ impl<'de> Deserialize<'de> for ChildPermissionsArg {
|
|||
child_permissions_arg.env = arg.map_err(|e| {
|
||||
de::Error::custom(format!("(deno.permissions.env) {e}"))
|
||||
})?;
|
||||
} else if key == "hrtime" {
|
||||
let arg = serde_json::from_value::<ChildUnitPermissionArg>(value);
|
||||
child_permissions_arg.hrtime = arg.map_err(|e| {
|
||||
de::Error::custom(format!("(deno.permissions.hrtime) {e}"))
|
||||
})?;
|
||||
} else if key == "net" {
|
||||
let arg = serde_json::from_value::<ChildUnaryPermissionArg>(value);
|
||||
child_permissions_arg.net = arg.map_err(|e| {
|
||||
|
@ -2258,13 +2226,6 @@ pub fn create_child_permissions(
|
|||
}
|
||||
}
|
||||
|
||||
fn is_granted_unit(arg: &ChildUnitPermissionArg) -> bool {
|
||||
match arg {
|
||||
ChildUnitPermissionArg::Inherit | ChildUnitPermissionArg::Granted => true,
|
||||
ChildUnitPermissionArg::NotGranted => false,
|
||||
}
|
||||
}
|
||||
|
||||
let mut worker_perms = Permissions::none_without_prompt();
|
||||
|
||||
worker_perms.all = main_perms
|
||||
|
@ -2282,9 +2243,7 @@ pub fn create_child_permissions(
|
|||
&child_permissions_arg.run,
|
||||
&child_permissions_arg.ffi,
|
||||
];
|
||||
let unit_perms = [&child_permissions_arg.hrtime];
|
||||
let allow_all = unary_perms.into_iter().all(is_granted_unary)
|
||||
&& unit_perms.into_iter().all(is_granted_unit);
|
||||
let allow_all = unary_perms.into_iter().all(is_granted_unary);
|
||||
if !allow_all {
|
||||
worker_perms.all.revoke();
|
||||
}
|
||||
|
@ -2313,9 +2272,6 @@ pub fn create_child_permissions(
|
|||
worker_perms.ffi = main_perms
|
||||
.ffi
|
||||
.create_child_permissions(child_permissions_arg.ffi)?;
|
||||
worker_perms.hrtime = main_perms
|
||||
.hrtime
|
||||
.create_child_permissions(child_permissions_arg.hrtime)?;
|
||||
|
||||
Ok(worker_perms)
|
||||
}
|
||||
|
@ -2747,7 +2703,6 @@ mod tests {
|
|||
.unwrap(),
|
||||
run: Permissions::new_unary(&Some(svec!["deno"]), &None, false).unwrap(),
|
||||
all: Permissions::new_all(false),
|
||||
hrtime: Permissions::new_hrtime(false, false),
|
||||
};
|
||||
let perms3 = Permissions {
|
||||
read: Permissions::new_unary(
|
||||
|
@ -2775,7 +2730,6 @@ mod tests {
|
|||
.unwrap(),
|
||||
run: Permissions::new_unary(&None, &Some(svec!["deno"]), false).unwrap(),
|
||||
all: Permissions::new_all(false),
|
||||
hrtime: Permissions::new_hrtime(false, true),
|
||||
};
|
||||
let perms4 = Permissions {
|
||||
read: Permissions::new_unary(
|
||||
|
@ -2813,7 +2767,6 @@ mod tests {
|
|||
run: Permissions::new_unary(&Some(vec![]), &Some(svec!["deno"]), false)
|
||||
.unwrap(),
|
||||
all: Permissions::new_all(false),
|
||||
hrtime: Permissions::new_hrtime(true, true),
|
||||
};
|
||||
#[rustfmt::skip]
|
||||
{
|
||||
|
@ -2889,10 +2842,6 @@ mod tests {
|
|||
assert_eq!(perms4.run.query(None), PermissionState::GrantedPartial);
|
||||
assert_eq!(perms4.run.query(Some("deno")), PermissionState::Denied);
|
||||
assert_eq!(perms4.run.query(Some("node")), PermissionState::Granted);
|
||||
assert_eq!(perms1.hrtime.query(), PermissionState::Granted);
|
||||
assert_eq!(perms2.hrtime.query(), PermissionState::Prompt);
|
||||
assert_eq!(perms3.hrtime.query(), PermissionState::Denied);
|
||||
assert_eq!(perms4.hrtime.query(), PermissionState::Denied);
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -2937,10 +2886,6 @@ mod tests {
|
|||
assert_eq!(perms.run.query(None), PermissionState::Prompt);
|
||||
prompt_value.set(false);
|
||||
assert_eq!(perms.run.request(Some("deno")), PermissionState::Granted);
|
||||
prompt_value.set(false);
|
||||
assert_eq!(perms.hrtime.request(), PermissionState::Denied);
|
||||
prompt_value.set(true);
|
||||
assert_eq!(perms.hrtime.request(), PermissionState::Denied);
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -2977,7 +2922,6 @@ mod tests {
|
|||
.unwrap(),
|
||||
run: Permissions::new_unary(&Some(svec!["deno"]), &None, false).unwrap(),
|
||||
all: Permissions::new_all(false),
|
||||
hrtime: Permissions::new_hrtime(false, true),
|
||||
};
|
||||
#[rustfmt::skip]
|
||||
{
|
||||
|
@ -2996,7 +2940,6 @@ mod tests {
|
|||
assert_eq!(perms.env.revoke(Some("HOME")), PermissionState::Prompt);
|
||||
assert_eq!(perms.env.revoke(Some("hostname")), PermissionState::Prompt);
|
||||
assert_eq!(perms.run.revoke(Some("deno")), PermissionState::Prompt);
|
||||
assert_eq!(perms.hrtime.revoke(), PermissionState::Denied);
|
||||
};
|
||||
}
|
||||
|
||||
|
@ -3080,8 +3023,6 @@ mod tests {
|
|||
prompt_value.set(false);
|
||||
assert!(perms.env.check("hostname", None).is_ok());
|
||||
assert!(perms.env.check("osRelease", None).is_err());
|
||||
|
||||
assert!(perms.hrtime.check().is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -3183,11 +3124,6 @@ mod tests {
|
|||
assert!(perms.sys.check("osRelease", None).is_ok());
|
||||
prompt_value.set(false);
|
||||
assert!(perms.sys.check("osRelease", None).is_ok());
|
||||
|
||||
prompt_value.set(false);
|
||||
assert!(perms.hrtime.check().is_err());
|
||||
prompt_value.set(true);
|
||||
assert!(perms.hrtime.check().is_err());
|
||||
}
|
||||
|
||||
#[test]
|
||||
|
@ -3278,7 +3214,6 @@ mod tests {
|
|||
ChildPermissionsArg::inherit(),
|
||||
ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg::Inherit,
|
||||
hrtime: ChildUnitPermissionArg::Inherit,
|
||||
net: ChildUnaryPermissionArg::Inherit,
|
||||
ffi: ChildUnaryPermissionArg::Inherit,
|
||||
read: ChildUnaryPermissionArg::Inherit,
|
||||
|
@ -3291,7 +3226,6 @@ mod tests {
|
|||
ChildPermissionsArg::none(),
|
||||
ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg::NotGranted,
|
||||
hrtime: ChildUnitPermissionArg::NotGranted,
|
||||
net: ChildUnaryPermissionArg::NotGranted,
|
||||
ffi: ChildUnaryPermissionArg::NotGranted,
|
||||
read: ChildUnaryPermissionArg::NotGranted,
|
||||
|
@ -3322,26 +3256,6 @@ mod tests {
|
|||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
assert_eq!(
|
||||
serde_json::from_value::<ChildPermissionsArg>(json!({
|
||||
"hrtime": true,
|
||||
}))
|
||||
.unwrap(),
|
||||
ChildPermissionsArg {
|
||||
hrtime: ChildUnitPermissionArg::Granted,
|
||||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
assert_eq!(
|
||||
serde_json::from_value::<ChildPermissionsArg>(json!({
|
||||
"hrtime": false,
|
||||
}))
|
||||
.unwrap(),
|
||||
ChildPermissionsArg {
|
||||
hrtime: ChildUnitPermissionArg::NotGranted,
|
||||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
assert_eq!(
|
||||
serde_json::from_value::<ChildPermissionsArg>(json!({
|
||||
"env": true,
|
||||
|
@ -3361,7 +3275,6 @@ mod tests {
|
|||
run: ChildUnaryPermissionArg::Granted,
|
||||
sys: ChildUnaryPermissionArg::Granted,
|
||||
write: ChildUnaryPermissionArg::Granted,
|
||||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
assert_eq!(
|
||||
|
@ -3383,7 +3296,6 @@ mod tests {
|
|||
run: ChildUnaryPermissionArg::NotGranted,
|
||||
sys: ChildUnaryPermissionArg::NotGranted,
|
||||
write: ChildUnaryPermissionArg::NotGranted,
|
||||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
assert_eq!(
|
||||
|
@ -3421,7 +3333,6 @@ mod tests {
|
|||
"foo",
|
||||
"file:///bar/baz"
|
||||
]),
|
||||
..ChildPermissionsArg::none()
|
||||
}
|
||||
);
|
||||
}
|
||||
|
@ -3431,7 +3342,6 @@ mod tests {
|
|||
set_prompter(Box::new(TestPrompter));
|
||||
let mut main_perms = Permissions {
|
||||
env: Permissions::new_unary(&Some(vec![]), &None, false).unwrap(),
|
||||
hrtime: Permissions::new_hrtime(true, false),
|
||||
net: Permissions::new_unary(&Some(svec!["foo", "bar"]), &None, false)
|
||||
.unwrap(),
|
||||
..Permissions::none_without_prompt()
|
||||
|
@ -3441,7 +3351,6 @@ mod tests {
|
|||
&mut main_perms.clone(),
|
||||
ChildPermissionsArg {
|
||||
env: ChildUnaryPermissionArg::Inherit,
|
||||
hrtime: ChildUnitPermissionArg::NotGranted,
|
||||
net: ChildUnaryPermissionArg::GrantedList(svec!["foo"]),
|
||||
ffi: ChildUnaryPermissionArg::NotGranted,
|
||||
..ChildPermissionsArg::none()
|
||||
|
|
|
@ -153,11 +153,6 @@ itest!(_023_no_ext {
|
|||
output: "run/023_no_ext.out",
|
||||
});
|
||||
|
||||
itest!(_025_hrtime {
|
||||
args: "run --quiet --allow-hrtime --reload run/025_hrtime.ts",
|
||||
output: "run/025_hrtime.ts.out",
|
||||
});
|
||||
|
||||
itest!(_025_reload_js_type_error {
|
||||
args: "run --quiet --reload run/025_reload_js_type_error.js",
|
||||
output: "run/025_reload_js_type_error.js.out",
|
||||
|
@ -735,12 +730,12 @@ fn permission_request_long() {
|
|||
}
|
||||
|
||||
itest!(deny_all_permission_args {
|
||||
args: "run --deny-env --deny-read --deny-write --deny-ffi --deny-run --deny-sys --deny-net --deny-hrtime run/deny_all_permission_args.js",
|
||||
args: "run --deny-env --deny-read --deny-write --deny-ffi --deny-run --deny-sys --deny-net run/deny_all_permission_args.js",
|
||||
output: "run/deny_all_permission_args.out",
|
||||
});
|
||||
|
||||
itest!(deny_some_permission_args {
|
||||
args: "run --allow-env --deny-env=FOO --allow-read --deny-read=/foo --allow-write --deny-write=/foo --allow-ffi --deny-ffi=/foo --allow-run --deny-run=foo --allow-sys --deny-sys=hostname --allow-net --deny-net=127.0.0.1 --allow-hrtime --deny-hrtime run/deny_some_permission_args.js",
|
||||
args: "run --allow-env --deny-env=FOO --allow-read --deny-read=/foo --allow-write --deny-write=/foo --allow-ffi --deny-ffi=/foo --allow-run --deny-run=foo --allow-sys --deny-sys=hostname --allow-net --deny-net=127.0.0.1 run/deny_some_permission_args.js",
|
||||
output: "run/deny_some_permission_args.out",
|
||||
});
|
||||
|
||||
|
|
|
@ -5,8 +5,8 @@ Runtime | Deno [WILDLINE] ([WILDLINE])
|
|||
|
||||
[WILDLINE]/allow_all.ts
|
||||
|
||||
benchmark time/iter (avg) iter/s (min … max) p75 p99 p995
|
||||
-------------- ----------------------------- --------------------- --------------------------
|
||||
benchmark time/iter (avg) iter/s (min … max) p75 p99 p995
|
||||
------------- ----------------------------- --------------------- --------------------------
|
||||
read false [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
read true [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
write false [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
|
@ -19,6 +19,4 @@ run false [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE
|
|||
run true [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
ffi false [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
ffi true [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
hrtime false [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
hrtime true [WILDLINE] [WILDLINE] [WILDLINE] ([WILDLINE] … [WILDLINE]) [WILDLINE]
|
||||
|
||||
|
|
|
@ -7,7 +7,6 @@ const permissions: Deno.PermissionName[] = [
|
|||
"env",
|
||||
"run",
|
||||
"ffi",
|
||||
"hrtime",
|
||||
];
|
||||
|
||||
for (const name of permissions) {
|
||||
|
|
|
@ -18,6 +18,4 @@ run error: PermissionDenied: Can't escalate parent thread permissions
|
|||
[WILDCARD]
|
||||
ffi error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
hrtime error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
error: Bench failed
|
||||
|
|
|
@ -5,7 +5,6 @@ const permissions: Deno.PermissionName[] = [
|
|||
"env",
|
||||
"run",
|
||||
"ffi",
|
||||
"hrtime",
|
||||
];
|
||||
|
||||
for (const name of permissions) {
|
||||
|
|
|
@ -7,7 +7,6 @@ Deno.bench({
|
|||
env: true,
|
||||
run: true,
|
||||
ffi: true,
|
||||
hrtime: true,
|
||||
},
|
||||
ignore: true,
|
||||
fn() {
|
||||
|
|
2
tests/testdata/bench/allow_all.out
vendored
2
tests/testdata/bench/allow_all.out
vendored
|
@ -18,5 +18,3 @@ run false [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD
|
|||
run true [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD]
|
||||
ffi false [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD]
|
||||
ffi true [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD]
|
||||
hrtime false [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD]
|
||||
hrtime true [WILDCARD] [WILDCARD] [WILDCARD] ([WILDCARD] … [WILDCARD]) [WILDCARD]
|
||||
|
|
2
tests/testdata/bench/allow_none.out
vendored
2
tests/testdata/bench/allow_none.out
vendored
|
@ -18,6 +18,4 @@ run error: PermissionDenied: Can't escalate parent thread permissions
|
|||
[WILDCARD]
|
||||
ffi error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
hrtime error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
error: Bench failed
|
||||
|
|
5
tests/testdata/run/025_hrtime.ts
vendored
5
tests/testdata/run/025_hrtime.ts
vendored
|
@ -1,5 +0,0 @@
|
|||
globalThis.onload = async () => {
|
||||
console.log(performance.now() % 2 !== 0);
|
||||
await Deno.permissions.revoke({ name: "hrtime" });
|
||||
console.log(performance.now() % 2 === 0);
|
||||
};
|
2
tests/testdata/run/025_hrtime.ts.out
vendored
2
tests/testdata/run/025_hrtime.ts.out
vendored
|
@ -1,2 +0,0 @@
|
|||
true
|
||||
true
|
|
@ -5,4 +5,3 @@ console.log(Deno.permissions.querySync({ name: "ffi" }));
|
|||
console.log(Deno.permissions.querySync({ name: "run" }));
|
||||
console.log(Deno.permissions.querySync({ name: "sys" }));
|
||||
console.log(Deno.permissions.querySync({ name: "net" }));
|
||||
console.log(Deno.permissions.querySync({ name: "hrtime" }));
|
||||
|
|
|
@ -5,4 +5,3 @@ PermissionStatus { state: "denied", onchange: null }
|
|||
PermissionStatus { state: "denied", onchange: null }
|
||||
PermissionStatus { state: "denied", onchange: null }
|
||||
PermissionStatus { state: "denied", onchange: null }
|
||||
PermissionStatus { state: "denied", onchange: null }
|
||||
|
|
|
@ -19,4 +19,3 @@ console.log(Deno.permissions.querySync({ name: "sys", kind: "loadavg" }));
|
|||
console.log(Deno.permissions.querySync({ name: "net" }));
|
||||
console.log(Deno.permissions.querySync({ name: "net", host: "127.0.0.1" }));
|
||||
console.log(Deno.permissions.querySync({ name: "net", host: "192.168.0.1" }));
|
||||
console.log(Deno.permissions.querySync({ name: "hrtime" }));
|
||||
|
|
|
@ -19,4 +19,3 @@ PermissionStatus { state: "granted", onchange: null }
|
|||
PermissionStatus { state: "granted", onchange: null, partial: true }
|
||||
PermissionStatus { state: "denied", onchange: null }
|
||||
PermissionStatus { state: "granted", onchange: null }
|
||||
PermissionStatus { state: "denied", onchange: null }
|
||||
|
|
6
tests/testdata/test/allow_all.out
vendored
6
tests/testdata/test/allow_all.out
vendored
|
@ -1,5 +1,5 @@
|
|||
[WILDCARD]
|
||||
running 14 tests from [WILDCARD]
|
||||
running 12 tests from [WILDCARD]
|
||||
read false ... ok [WILDCARD]
|
||||
read true ... ok [WILDCARD]
|
||||
write false ... ok [WILDCARD]
|
||||
|
@ -12,7 +12,5 @@ run false ... ok [WILDCARD]
|
|||
run true ... ok [WILDCARD]
|
||||
ffi false ... ok [WILDCARD]
|
||||
ffi true ... ok [WILDCARD]
|
||||
hrtime false ... ok [WILDCARD]
|
||||
hrtime true ... ok [WILDCARD]
|
||||
|
||||
ok | 14 passed | 0 failed [WILDCARD]
|
||||
ok | 12 passed | 0 failed [WILDCARD]
|
||||
|
|
1
tests/testdata/test/allow_all.ts
vendored
1
tests/testdata/test/allow_all.ts
vendored
|
@ -7,7 +7,6 @@ const permissions: Deno.PermissionName[] = [
|
|||
"env",
|
||||
"run",
|
||||
"ffi",
|
||||
"hrtime",
|
||||
];
|
||||
|
||||
for (const name of permissions) {
|
||||
|
|
10
tests/testdata/test/allow_none.out
vendored
10
tests/testdata/test/allow_none.out
vendored
|
@ -1,12 +1,11 @@
|
|||
[WILDCARD]
|
||||
running 7 tests from [WILDCARD]
|
||||
running 6 tests from [WILDCARD]
|
||||
read ... FAILED [WILDCARD]
|
||||
write ... FAILED [WILDCARD]
|
||||
net ... FAILED [WILDCARD]
|
||||
env ... FAILED [WILDCARD]
|
||||
run ... FAILED [WILDCARD]
|
||||
ffi ... FAILED [WILDCARD]
|
||||
hrtime ... FAILED [WILDCARD]
|
||||
|
||||
ERRORS
|
||||
|
||||
|
@ -32,10 +31,6 @@ error: PermissionDenied: Can't escalate parent thread permissions
|
|||
|
||||
ffi => ./test/allow_none.ts:[WILDCARD]
|
||||
error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
|
||||
hrtime => ./test/allow_none.ts:[WILDCARD]
|
||||
error: PermissionDenied: Can't escalate parent thread permissions
|
||||
[WILDCARD]
|
||||
|
||||
FAILURES
|
||||
|
@ -46,6 +41,5 @@ net => ./test/allow_none.ts:[WILDCARD]
|
|||
env => ./test/allow_none.ts:[WILDCARD]
|
||||
run => ./test/allow_none.ts:[WILDCARD]
|
||||
ffi => ./test/allow_none.ts:[WILDCARD]
|
||||
hrtime => ./test/allow_none.ts:[WILDCARD]
|
||||
|
||||
FAILED | 0 passed | 7 failed [WILDCARD]
|
||||
FAILED | 0 passed | 6 failed [WILDCARD]
|
||||
|
|
1
tests/testdata/test/allow_none.ts
vendored
1
tests/testdata/test/allow_none.ts
vendored
|
@ -7,7 +7,6 @@ const permissions: Deno.PermissionName[] = [
|
|||
"env",
|
||||
"run",
|
||||
"ffi",
|
||||
"hrtime",
|
||||
];
|
||||
|
||||
for (const name of permissions) {
|
||||
|
|
1
tests/testdata/test/ignore_permissions.ts
vendored
1
tests/testdata/test/ignore_permissions.ts
vendored
|
@ -7,7 +7,6 @@ Deno.test({
|
|||
env: true,
|
||||
run: true,
|
||||
ffi: true,
|
||||
hrtime: true,
|
||||
},
|
||||
ignore: true,
|
||||
fn() {
|
||||
|
|
|
@ -1,13 +1,11 @@
|
|||
self.onmessage = async () => {
|
||||
const hrtime = await Deno.permissions.query({ name: "hrtime" });
|
||||
const net = await Deno.permissions.query({ name: "net" });
|
||||
const ffi = await Deno.permissions.query({ name: "ffi" });
|
||||
const read = await Deno.permissions.query({ name: "read" });
|
||||
const run = await Deno.permissions.query({ name: "run" });
|
||||
const write = await Deno.permissions.query({ name: "write" });
|
||||
self.postMessage(
|
||||
hrtime.state === "prompt" &&
|
||||
net.state === "prompt" &&
|
||||
net.state === "prompt" &&
|
||||
ffi.state === "prompt" &&
|
||||
read.state === "prompt" &&
|
||||
run.state === "prompt" &&
|
||||
|
|
2
tests/testdata/workers/permission_echo.js
vendored
2
tests/testdata/workers/permission_echo.js
vendored
|
@ -1,7 +1,6 @@
|
|||
self.onmessage = async () => {
|
||||
const env = await Deno.permissions.query({ name: "env" });
|
||||
const ffi = await Deno.permissions.query({ name: "ffi" });
|
||||
const hrtime = await Deno.permissions.query({ name: "hrtime" });
|
||||
const net = await Deno.permissions.query({ name: "net" });
|
||||
const read = await Deno.permissions.query({ name: "read" });
|
||||
const run = await Deno.permissions.query({ name: "run" });
|
||||
|
@ -9,7 +8,6 @@ self.onmessage = async () => {
|
|||
self.postMessage({
|
||||
env: env.state,
|
||||
ffi: ffi.state,
|
||||
hrtime: hrtime.state,
|
||||
net: net.state,
|
||||
read: read.state,
|
||||
run: run.state,
|
||||
|
|
|
@ -3,7 +3,6 @@ postMessage({
|
|||
envGlobal: (await Deno.permissions.query({ name: "env" })).state,
|
||||
envFoo: (await Deno.permissions.query({ name: "env", variable: "foo" })).state,
|
||||
envAbsent: (await Deno.permissions.query({ name: "env", variable: "absent" })).state,
|
||||
hrtime: (await Deno.permissions.query({ name: "hrtime" })).state,
|
||||
netGlobal: (await Deno.permissions.query({ name: "net" })).state,
|
||||
netFoo: (await Deno.permissions.query({ name: "net", host: "foo" })).state,
|
||||
netFoo8000: (await Deno.permissions.query({ name: "net", host: "foo:8000" })).state,
|
||||
|
|
|
@ -782,14 +782,14 @@ Deno.test({ permissions: { read: true } }, function fsFileIsTerminal() {
|
|||
});
|
||||
|
||||
Deno.test(
|
||||
{ permissions: { read: true, run: true, hrtime: true } },
|
||||
{ permissions: { read: true, run: true } },
|
||||
async function fsFileLockFileSync() {
|
||||
await runFlockTests({ sync: true });
|
||||
},
|
||||
);
|
||||
|
||||
Deno.test(
|
||||
{ permissions: { read: true, run: true, hrtime: true } },
|
||||
{ permissions: { read: true, run: true } },
|
||||
async function fsFileLockFileAsync() {
|
||||
await runFlockTests({ sync: false });
|
||||
},
|
||||
|
|
|
@ -7,7 +7,7 @@ import {
|
|||
assertThrows,
|
||||
} from "./test_util.ts";
|
||||
|
||||
Deno.test({ permissions: { hrtime: false } }, async function performanceNow() {
|
||||
Deno.test({ permissions: {} }, async function performanceNow() {
|
||||
const { promise, resolve } = Promise.withResolvers<void>();
|
||||
const start = performance.now();
|
||||
let totalTime = 0;
|
||||
|
|
|
@ -70,7 +70,7 @@ Deno.test(function permissionSysInvalidKindSync() {
|
|||
});
|
||||
|
||||
Deno.test(async function permissionQueryReturnsEventTarget() {
|
||||
const status = await Deno.permissions.query({ name: "hrtime" });
|
||||
const status = await Deno.permissions.query({ name: "read", path: "." });
|
||||
assert(["granted", "denied", "prompt"].includes(status.state));
|
||||
let called = false;
|
||||
status.addEventListener("change", () => {
|
||||
|
@ -78,11 +78,13 @@ Deno.test(async function permissionQueryReturnsEventTarget() {
|
|||
});
|
||||
status.dispatchEvent(new Event("change"));
|
||||
assert(called);
|
||||
assert(status === (await Deno.permissions.query({ name: "hrtime" })));
|
||||
assert(
|
||||
status === (await Deno.permissions.query({ name: "read", path: "." })),
|
||||
);
|
||||
});
|
||||
|
||||
Deno.test(function permissionQueryReturnsEventTargetSync() {
|
||||
const status = Deno.permissions.querySync({ name: "hrtime" });
|
||||
const status = Deno.permissions.querySync({ name: "read", path: "." });
|
||||
assert(["granted", "denied", "prompt"].includes(status.state));
|
||||
let called = false;
|
||||
status.addEventListener("change", () => {
|
||||
|
@ -90,7 +92,7 @@ Deno.test(function permissionQueryReturnsEventTargetSync() {
|
|||
});
|
||||
status.dispatchEvent(new Event("change"));
|
||||
assert(called);
|
||||
assert(status === Deno.permissions.querySync({ name: "hrtime" }));
|
||||
assert(status === Deno.permissions.querySync({ name: "read", path: "." }));
|
||||
});
|
||||
|
||||
Deno.test(async function permissionQueryForReadReturnsSameStatus() {
|
||||
|
|
|
@ -451,7 +451,6 @@ Deno.test("Worker limit children permissions granularly", async function () {
|
|||
deno: {
|
||||
permissions: {
|
||||
env: ["foo"],
|
||||
hrtime: true,
|
||||
net: ["foo", "bar:8000"],
|
||||
ffi: [new URL("foo", workerUrl), "bar"],
|
||||
read: [new URL("foo", workerUrl), "bar"],
|
||||
|
@ -468,7 +467,6 @@ Deno.test("Worker limit children permissions granularly", async function () {
|
|||
envGlobal: "prompt",
|
||||
envFoo: "granted",
|
||||
envAbsent: "prompt",
|
||||
hrtime: "granted",
|
||||
netGlobal: "prompt",
|
||||
netFoo: "granted",
|
||||
netFoo8000: "granted",
|
||||
|
@ -508,7 +506,6 @@ Deno.test("Nested worker limit children permissions", async function () {
|
|||
envGlobal: "prompt",
|
||||
envFoo: "prompt",
|
||||
envAbsent: "prompt",
|
||||
hrtime: "prompt",
|
||||
netGlobal: "prompt",
|
||||
netFoo: "prompt",
|
||||
netFoo8000: "prompt",
|
||||
|
@ -586,7 +583,6 @@ Deno.test("Worker permissions are not inherited with empty permission object", a
|
|||
worker.postMessage(null);
|
||||
assertEquals(await promise, {
|
||||
env: "prompt",
|
||||
hrtime: "prompt",
|
||||
net: "prompt",
|
||||
ffi: "prompt",
|
||||
read: "prompt",
|
||||
|
@ -611,7 +607,6 @@ Deno.test("Worker permissions are not inherited with single specified permission
|
|||
worker.postMessage(null);
|
||||
assertEquals(await promise, {
|
||||
env: "prompt",
|
||||
hrtime: "prompt",
|
||||
net: "granted",
|
||||
ffi: "prompt",
|
||||
read: "prompt",
|
||||
|
|
|
@ -221,7 +221,7 @@ async function ensureNoNewITests() {
|
|||
"pm_tests.rs": 0,
|
||||
"publish_tests.rs": 0,
|
||||
"repl_tests.rs": 0,
|
||||
"run_tests.rs": 352,
|
||||
"run_tests.rs": 351,
|
||||
"shared_library_tests.rs": 0,
|
||||
"task_tests.rs": 30,
|
||||
"test_tests.rs": 75,
|
||||
|
|
Loading…
Reference in a new issue