From ee2b6899a1e6a3108bad43443f130ca2dd86a697 Mon Sep 17 00:00:00 2001
From: Bedis Nbiba <bedisnbiba@gmail.com>
Date: Mon, 19 Aug 2024 18:45:10 +0100
Subject: [PATCH] fix: add permission name when accessing a special file errors
 (#25085)

---
 ext/fs/lib.rs         |  6 +++---
 tests/unit/os_test.ts | 32 ++++++++++++++++++++++++++++++++
 2 files changed, 35 insertions(+), 3 deletions(-)

diff --git a/ext/fs/lib.rs b/ext/fs/lib.rs
index 2dce04b325..8eb6f27643 100644
--- a/ext/fs/lib.rs
+++ b/ext/fs/lib.rs
@@ -89,9 +89,9 @@ impl FsPermissions for deno_permissions::PermissionsContainer {
     api_name: &str,
   ) -> Result<Cow<'a, Path>, FsError> {
     if resolved {
-      self.check_special_file(path, api_name).map_err(|_| {
-        std::io::Error::from(std::io::ErrorKind::PermissionDenied)
-      })?;
+      self
+        .check_special_file(path, api_name)
+        .map_err(FsError::PermissionDenied)?;
       return Ok(Cow::Borrowed(path));
     }
 
diff --git a/tests/unit/os_test.ts b/tests/unit/os_test.ts
index 30d8f26eef..80b421e63d 100644
--- a/tests/unit/os_test.ts
+++ b/tests/unit/os_test.ts
@@ -3,6 +3,7 @@ import {
   assert,
   assertEquals,
   assertNotEquals,
+  assertStringIncludes,
   assertThrows,
 } from "./test_util.ts";
 
@@ -196,6 +197,37 @@ Deno.test({ permissions: { read: false } }, function execPathPerm() {
   );
 });
 
+Deno.test(async function execPathPerm() {
+  if (Deno.build.os !== "linux") return;
+  // This is hack to bypass a bug in deno test runner,
+  // Currently if you specify {read: true} permission, it will stil pass --allow-all (tests are run with deno test --allow-all) implicitly, so this test won't work
+  // The workaround is to spawn a deno executable with the needed permissions
+  // TODO(#25085): remove this hack when the bug is fixed
+  const cmd = new Deno.Command(Deno.execPath(), {
+    args: ["run", "--allow-read", "-"],
+    stdin: "piped",
+    stderr: "piped",
+  }).spawn();
+  const stdinWriter = cmd.stdin.getWriter();
+  await stdinWriter
+    .write(
+      new TextEncoder().encode('Deno.readTextFileSync("/proc/net/dev")'),
+    );
+  await stdinWriter.close();
+  await cmd.status;
+
+  const stderrReder = cmd.stderr.getReader();
+  const error = await stderrReder
+    .read()
+    .then((r) => new TextDecoder().decode(r.value));
+  await stderrReder.cancel();
+
+  assertStringIncludes(
+    error,
+    `PermissionDenied: Requires all access to "/proc/net/dev", run again with the --allow-all flag`,
+  );
+});
+
 Deno.test(
   { permissions: { sys: ["loadavg"] } },
   function loadavgSuccess() {