1
0
Fork 0
mirror of https://github.com/denoland/deno.git synced 2025-01-07 06:46:59 -05:00

feat(cli): add warning for incorrectly ordered flags (#16734)

This code checks if permission flags are incorrectly defined after the
module name (e.g. `deno run mod.ts --allow-read` instead of the correct
`deno run --allow-read mod.ts`). If so, a simple warning is displayed.
This commit is contained in:
Asher Gomez 2022-11-24 14:00:31 +11:00 committed by Bartek Iwańczuk
parent 06df0ff332
commit d178ab6049
No known key found for this signature in database
GPG key ID: 0C6BCDDC3B3AD750
4 changed files with 70 additions and 0 deletions

View file

@ -493,6 +493,32 @@ impl Flags {
prompt: !self.no_prompt, prompt: !self.no_prompt,
} }
} }
pub fn has_permission(&self) -> bool {
self.allow_all
|| self.allow_hrtime
|| self.allow_env.is_some()
|| self.allow_ffi.is_some()
|| self.allow_net.is_some()
|| self.allow_read.is_some()
|| self.allow_run.is_some()
|| self.allow_sys.is_some()
|| self.allow_write.is_some()
}
pub fn has_permission_in_argv(&self) -> bool {
self.argv.iter().any(|arg| {
arg == "--allow-all"
|| arg == "--allow-hrtime"
|| arg.starts_with("--allow-env")
|| arg.starts_with("--allow-ffi")
|| arg.starts_with("--allow-net")
|| arg.starts_with("--allow-read")
|| arg.starts_with("--allow-run")
|| arg.starts_with("--allow-sys")
|| arg.starts_with("--allow-write")
})
}
} }
static ENV_VARIABLES_HELP: &str = r#"ENVIRONMENT VARIABLES: static ENV_VARIABLES_HELP: &str = r#"ENVIRONMENT VARIABLES:
@ -3388,6 +3414,24 @@ mod tests {
); );
} }
#[test]
fn has_permission() {
let r = flags_from_vec(svec!["deno", "run", "--allow-read", "x.ts"]);
assert_eq!(r.unwrap().has_permission(), true);
let r = flags_from_vec(svec!["deno", "run", "x.ts"]);
assert_eq!(r.unwrap().has_permission(), false);
}
#[test]
fn has_permission_in_argv() {
let r = flags_from_vec(svec!["deno", "run", "x.ts", "--allow-read"]);
assert_eq!(r.unwrap().has_permission_in_argv(), true);
let r = flags_from_vec(svec!["deno", "run", "x.ts"]);
assert_eq!(r.unwrap().has_permission_in_argv(), false);
}
#[test] #[test]
fn script_args() { fn script_args() {
let r = flags_from_vec(svec![ let r = flags_from_vec(svec![

View file

@ -686,6 +686,17 @@ async fn run_command(
return run_from_stdin(flags).await; return run_from_stdin(flags).await;
} }
if !flags.has_permission() && flags.has_permission_in_argv() {
log::warn!(
"{}",
crate::colors::yellow(
r#"Permission flags have likely been incorrectly set after the script argument.
To grant permissions, set them before the script argument. For example:
deno run --allow-read=. main.js"#
)
);
}
if flags.watch.is_some() { if flags.watch.is_some() {
return run_with_watch(flags, run_flags.script).await; return run_with_watch(flags, run_flags.script).await;
} }

View file

@ -3647,3 +3647,14 @@ itest!(flash_shutdown {
args: "run --unstable --allow-net run/flash_shutdown/main.ts", args: "run --unstable --allow-net run/flash_shutdown/main.ts",
exit_code: 0, exit_code: 0,
}); });
itest!(permission_args {
args: "run run/001_hello.js --allow-net",
output: "run/permission_args.out",
envs: vec![("NO_COLOR".to_string(), "1".to_string())],
});
itest!(permission_args_quiet {
args: "run --quiet run/001_hello.js --allow-net",
output: "run/001_hello.js.out",
});

View file

@ -0,0 +1,4 @@
Permission flags have likely been incorrectly set after the script argument.
To grant permissions, set them before the script argument. For example:
deno run --allow-read=. main.js
Hello World