mirror of
https://github.com/denoland/deno.git
synced 2025-01-01 03:54:06 -05:00
6fb7e8d93b
This commit adds new "--deny-*" permission flags. These are complimentary to "--allow-*" flags. These flags can be used to restrict access to certain resources, even if they were granted using "--allow-*" flags or the "--allow-all" ("-A") flag. Eg. specifying "--allow-read --deny-read" will result in a permission error, while "--allow-read --deny-read=/etc" will allow read access to all FS but the "/etc" directory. Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly by adding, a new "PermissionStatus.partial" field. This field denotes that while permission might be granted to requested resource, it's only partial (ie. a "--deny-*" flag was specified that excludes some of the requested resources). Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for permissions like "Deno.permissions.query({ name: "read", path: "foo/" })" will return "PermissionStatus { state: "granted", onchange: null, partial: true }", denoting that some of the subpaths don't have read access. Closes #18804. --------- Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com> Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
294 lines
7.1 KiB
JavaScript
294 lines
7.1 KiB
JavaScript
// Copyright 2018-2023 the Deno authors. All rights reserved. MIT license.
|
|
|
|
const core = globalThis.Deno.core;
|
|
const ops = core.ops;
|
|
import { pathFromURL } from "ext:deno_web/00_infra.js";
|
|
import { Event, EventTarget } from "ext:deno_web/02_event.js";
|
|
const primordials = globalThis.__bootstrap.primordials;
|
|
const {
|
|
ArrayIsArray,
|
|
ArrayPrototypeIncludes,
|
|
ArrayPrototypeMap,
|
|
ArrayPrototypeSlice,
|
|
MapPrototypeGet,
|
|
MapPrototypeHas,
|
|
MapPrototypeSet,
|
|
FunctionPrototypeCall,
|
|
PromiseResolve,
|
|
PromiseReject,
|
|
ReflectHas,
|
|
SafeArrayIterator,
|
|
SafeMap,
|
|
Symbol,
|
|
SymbolFor,
|
|
TypeError,
|
|
} = primordials;
|
|
|
|
const illegalConstructorKey = Symbol("illegalConstructorKey");
|
|
|
|
/**
|
|
* @typedef StatusCacheValue
|
|
* @property {PermissionState} state
|
|
* @property {PermissionStatus} status
|
|
* @property {boolean} partial
|
|
*/
|
|
|
|
/** @type {ReadonlyArray<"read" | "write" | "net" | "env" | "sys" | "run" | "ffi" | "hrtime">} */
|
|
const permissionNames = [
|
|
"read",
|
|
"write",
|
|
"net",
|
|
"env",
|
|
"sys",
|
|
"run",
|
|
"ffi",
|
|
"hrtime",
|
|
];
|
|
|
|
/**
|
|
* @param {Deno.PermissionDescriptor} desc
|
|
* @returns {Deno.PermissionState}
|
|
*/
|
|
function opQuery(desc) {
|
|
return ops.op_query_permission(desc);
|
|
}
|
|
|
|
/**
|
|
* @param {Deno.PermissionDescriptor} desc
|
|
* @returns {Deno.PermissionState}
|
|
*/
|
|
function opRevoke(desc) {
|
|
return ops.op_revoke_permission(desc);
|
|
}
|
|
|
|
/**
|
|
* @param {Deno.PermissionDescriptor} desc
|
|
* @returns {Deno.PermissionState}
|
|
*/
|
|
function opRequest(desc) {
|
|
return ops.op_request_permission(desc);
|
|
}
|
|
|
|
class PermissionStatus extends EventTarget {
|
|
/** @type {{ state: Deno.PermissionState, partial: boolean }} */
|
|
#status;
|
|
|
|
/** @type {((this: PermissionStatus, event: Event) => any) | null} */
|
|
onchange = null;
|
|
|
|
/** @returns {Deno.PermissionState} */
|
|
get state() {
|
|
return this.#status.state;
|
|
}
|
|
|
|
/** @returns {boolean} */
|
|
get partial() {
|
|
return this.#status.partial;
|
|
}
|
|
|
|
/**
|
|
* @param {{ state: Deno.PermissionState, partial: boolean }} status
|
|
* @param {unknown} key
|
|
*/
|
|
constructor(status = null, key = null) {
|
|
if (key != illegalConstructorKey) {
|
|
throw new TypeError("Illegal constructor.");
|
|
}
|
|
super();
|
|
this.#status = status;
|
|
}
|
|
|
|
/**
|
|
* @param {Event} event
|
|
* @returns {boolean}
|
|
*/
|
|
dispatchEvent(event) {
|
|
let dispatched = super.dispatchEvent(event);
|
|
if (dispatched && this.onchange) {
|
|
FunctionPrototypeCall(this.onchange, this, event);
|
|
dispatched = !event.defaultPrevented;
|
|
}
|
|
return dispatched;
|
|
}
|
|
|
|
[SymbolFor("Deno.privateCustomInspect")](inspect) {
|
|
const object = { state: this.state, onchange: this.onchange };
|
|
if (this.partial) object.partial = this.partial;
|
|
return `${this.constructor.name} ${inspect(object)}`;
|
|
}
|
|
}
|
|
|
|
/** @type {Map<string, StatusCacheValue>} */
|
|
const statusCache = new SafeMap();
|
|
|
|
/**
|
|
* @param {Deno.PermissionDescriptor} desc
|
|
* @param {{ state: Deno.PermissionState, partial: boolean }} rawStatus
|
|
* @returns {PermissionStatus}
|
|
*/
|
|
function cache(desc, rawStatus) {
|
|
let { name: key } = desc;
|
|
if (
|
|
(desc.name === "read" || desc.name === "write" || desc.name === "ffi") &&
|
|
ReflectHas(desc, "path")
|
|
) {
|
|
key += `-${desc.path}&`;
|
|
} else if (desc.name === "net" && desc.host) {
|
|
key += `-${desc.host}&`;
|
|
} else if (desc.name === "run" && desc.command) {
|
|
key += `-${desc.command}&`;
|
|
} else if (desc.name === "env" && desc.variable) {
|
|
key += `-${desc.variable}&`;
|
|
} else if (desc.name === "sys" && desc.kind) {
|
|
key += `-${desc.kind}&`;
|
|
} else {
|
|
key += "$";
|
|
}
|
|
if (MapPrototypeHas(statusCache, key)) {
|
|
const cachedObj = MapPrototypeGet(statusCache, key);
|
|
if (
|
|
cachedObj.state !== rawStatus.state ||
|
|
cachedObj.partial !== rawStatus.partial
|
|
) {
|
|
cachedObj.state = rawStatus.state;
|
|
cachedObj.partial = rawStatus.partial;
|
|
cachedObj.status.dispatchEvent(
|
|
new Event("change", { cancelable: false }),
|
|
);
|
|
}
|
|
return cachedObj.status;
|
|
}
|
|
/** @type {{ state: Deno.PermissionState, partial: boolean, status?: PermissionStatus }} */
|
|
const obj = rawStatus;
|
|
obj.status = new PermissionStatus(obj, illegalConstructorKey);
|
|
MapPrototypeSet(statusCache, key, obj);
|
|
return obj.status;
|
|
}
|
|
|
|
/**
|
|
* @param {unknown} desc
|
|
* @returns {desc is Deno.PermissionDescriptor}
|
|
*/
|
|
function isValidDescriptor(desc) {
|
|
return typeof desc === "object" && desc !== null &&
|
|
ArrayPrototypeIncludes(permissionNames, desc.name);
|
|
}
|
|
|
|
/**
|
|
* @param {Deno.PermissionDescriptor} desc
|
|
* @returns {desc is Deno.PermissionDescriptor}
|
|
*/
|
|
function formDescriptor(desc) {
|
|
if (
|
|
desc.name === "read" || desc.name === "write" || desc.name === "ffi"
|
|
) {
|
|
desc.path = pathFromURL(desc.path);
|
|
} else if (desc.name === "run") {
|
|
desc.command = pathFromURL(desc.command);
|
|
}
|
|
}
|
|
|
|
class Permissions {
|
|
constructor(key = null) {
|
|
if (key != illegalConstructorKey) {
|
|
throw new TypeError("Illegal constructor.");
|
|
}
|
|
}
|
|
|
|
query(desc) {
|
|
try {
|
|
return PromiseResolve(this.querySync(desc));
|
|
} catch (error) {
|
|
return PromiseReject(error);
|
|
}
|
|
}
|
|
|
|
querySync(desc) {
|
|
if (!isValidDescriptor(desc)) {
|
|
throw new TypeError(
|
|
`The provided value "${desc?.name}" is not a valid permission name.`,
|
|
);
|
|
}
|
|
|
|
formDescriptor(desc);
|
|
|
|
const status = opQuery(desc);
|
|
return cache(desc, status);
|
|
}
|
|
|
|
revoke(desc) {
|
|
try {
|
|
return PromiseResolve(this.revokeSync(desc));
|
|
} catch (error) {
|
|
return PromiseReject(error);
|
|
}
|
|
}
|
|
|
|
revokeSync(desc) {
|
|
if (!isValidDescriptor(desc)) {
|
|
throw new TypeError(
|
|
`The provided value "${desc?.name}" is not a valid permission name.`,
|
|
);
|
|
}
|
|
|
|
formDescriptor(desc);
|
|
|
|
const status = opRevoke(desc);
|
|
return cache(desc, status);
|
|
}
|
|
|
|
request(desc) {
|
|
try {
|
|
return PromiseResolve(this.requestSync(desc));
|
|
} catch (error) {
|
|
return PromiseReject(error);
|
|
}
|
|
}
|
|
|
|
requestSync(desc) {
|
|
if (!isValidDescriptor(desc)) {
|
|
throw new TypeError(
|
|
`The provided value "${desc?.name}" is not a valid permission name.`,
|
|
);
|
|
}
|
|
|
|
formDescriptor(desc);
|
|
|
|
const status = opRequest(desc);
|
|
return cache(desc, status);
|
|
}
|
|
}
|
|
|
|
const permissions = new Permissions(illegalConstructorKey);
|
|
|
|
/** Converts all file URLs in FS allowlists to paths. */
|
|
function serializePermissions(permissions) {
|
|
if (typeof permissions == "object" && permissions != null) {
|
|
const serializedPermissions = {};
|
|
for (
|
|
const key of new SafeArrayIterator(["read", "write", "run", "ffi"])
|
|
) {
|
|
if (ArrayIsArray(permissions[key])) {
|
|
serializedPermissions[key] = ArrayPrototypeMap(
|
|
permissions[key],
|
|
(path) => pathFromURL(path),
|
|
);
|
|
} else {
|
|
serializedPermissions[key] = permissions[key];
|
|
}
|
|
}
|
|
for (
|
|
const key of new SafeArrayIterator(["env", "hrtime", "net", "sys"])
|
|
) {
|
|
if (ArrayIsArray(permissions[key])) {
|
|
serializedPermissions[key] = ArrayPrototypeSlice(permissions[key]);
|
|
} else {
|
|
serializedPermissions[key] = permissions[key];
|
|
}
|
|
}
|
|
return serializedPermissions;
|
|
}
|
|
return permissions;
|
|
}
|
|
|
|
export { Permissions, permissions, PermissionStatus, serializePermissions };
|