development/deno
development/deno
1
0
Fork 0
mirror of https://github.com/denoland/deno synced 2024-09-19 16:12:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat(runtime): allow URL for permissions (#11578)

Browse source
This commit is contained in:
Leo K 2021-08-06 15:04:00 +02:00 committed by GitHub
parent b6b71c3d59
commit 15b0e61de5
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 75 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
cli/dts/lib.deno.ns.d.ts vendored
View file

@ -2133,17 +2133,17 @@ declare namespace Deno {
export interface RunPermissionDescriptor { export interface RunPermissionDescriptor {
name: "run"; name: "run";
command?: string; command?: string | URL;
} }
export interface ReadPermissionDescriptor { export interface ReadPermissionDescriptor {
name: "read"; name: "read";
path?: string; path?: string | URL;
} }
export interface WritePermissionDescriptor { export interface WritePermissionDescriptor {
name: "write"; name: "write";
path?: string; path?: string | URL;
} }
export interface NetPermissionDescriptor { export interface NetPermissionDescriptor {
@ -2153,7 +2153,7 @@ declare namespace Deno {
* "github.com" * "github.com"
* "deno.land:8080" * "deno.land:8080"
*/ */
host?: string; host?: string | URL;
} }
export interface EnvPermissionDescriptor { export interface EnvPermissionDescriptor {

12
cli/dts/lib.deno.unstable.d.ts vendored
View file

@ -959,7 +959,7 @@ declare namespace Deno {
* *
* Defaults to "inherit". * Defaults to "inherit".
*/ */
env?: "inherit" | boolean; env?: "inherit" | boolean | string[];
/** Specifies if the `hrtime` permission should be requested or revoked. /** Specifies if the `hrtime` permission should be requested or revoked.
* If set to `"inherit"`, the current `hrtime` permission will be inherited. * If set to `"inherit"`, the current `hrtime` permission will be inherited.
@ -1041,7 +1041,7 @@ declare namespace Deno {
* }); * });
* ``` * ```
*/ */
net?: "inherit" | boolean | string[]; net?: "inherit" | boolean | Array<string | URL>;
/** Specifies if the `plugin` permission should be requested or revoked. /** Specifies if the `plugin` permission should be requested or revoked.
* If set to `"inherit"`, the current `plugin` permission will be inherited. * If set to `"inherit"`, the current `plugin` permission will be inherited.
@ -1070,7 +1070,7 @@ declare namespace Deno {
* *
* Defaults to "inherit". * Defaults to "inherit".
*/ */
run?: "inherit" | boolean; run?: "inherit" | boolean | Array<string | URL>;
/** Specifies if the `write` permission should be requested or revoked. /** Specifies if the `write` permission should be requested or revoked.
* If set to `"inherit"`, the current `write` permission will be inherited. * If set to `"inherit"`, the current `write` permission will be inherited.
@ -1129,17 +1129,17 @@ declare interface WorkerOptions {
namespace?: boolean; namespace?: boolean;
/** Set to `"none"` to disable all the permissions in the worker. */ /** Set to `"none"` to disable all the permissions in the worker. */
permissions?: "inherit" | "none" | { permissions?: "inherit" | "none" | {
env?: "inherit" | boolean; env?: "inherit" | boolean | string[];
hrtime?: "inherit" | boolean; hrtime?: "inherit" | boolean;
/** The format of the net access list must be `hostname[:port]` /** The format of the net access list must be `hostname[:port]`
* in order to be resolved. * in order to be resolved.
* *
* For example: `["https://deno.land", "localhost:8080"]`. * For example: `["https://deno.land", "localhost:8080"]`.
*/ */
net?: "inherit" | boolean | string[]; net?: "inherit" | boolean | Array<string | URL>;
plugin?: "inherit" | boolean; plugin?: "inherit" | boolean;
read?: "inherit" | boolean | Array<string | URL>; read?: "inherit" | boolean | Array<string | URL>;
run?: "inherit" | boolean; run?: "inherit" | boolean | Array<string | URL>;
write?: "inherit" | boolean | Array<string | URL>; write?: "inherit" | boolean | Array<string | URL>;
}; };
}; };

19
cli/tests/unit/permissions_test.ts
View file

@ -57,3 +57,22 @@ unitTest(function permissionStatusIllegalConstructor() {
); );
assertEquals(Deno.PermissionStatus.length, 0); assertEquals(Deno.PermissionStatus.length, 0);
}); });
unitTest(async function permissionURL() {
await Deno.permissions.query({
name: "read",
path: new URL(".", import.meta.url),
});
await Deno.permissions.query({
name: "write",
path: new URL(".", import.meta.url),
});
await Deno.permissions.query({
name: "run",
command: new URL(".", import.meta.url),
});
await Deno.permissions.query({
name: "net",
host: new URL("https://deno.land/foo"),
});
});

15
runtime/js/11_workers.js
View file

@ -93,7 +93,16 @@
} else if (ArrayIsArray(value)) { } else if (ArrayIsArray(value)) {
value = ArrayPrototypeMap(value, (route) => { value = ArrayPrototypeMap(value, (route) => {
if (route instanceof URL) { if (route instanceof URL) {
route = pathFromURL(route); if (permission === "net") {
route = route.host;
}
if (permission === "env") {
throw new Error(
`Expected 'string' for env permission, received 'URL'`,
);
} else {
route = pathFromURL(route);
}
} }
return route; return route;
}); });
@ -115,12 +124,12 @@
write = "inherit", write = "inherit",
}) { }) {
return { return {
env: parseUnitPermission(env, "env"), env: parseArrayPermission(env, "env"),
hrtime: parseUnitPermission(hrtime, "hrtime"), hrtime: parseUnitPermission(hrtime, "hrtime"),
net: parseArrayPermission(net, "net"), net: parseArrayPermission(net, "net"),
plugin: parseUnitPermission(plugin, "plugin"), plugin: parseUnitPermission(plugin, "plugin"),
read: parseArrayPermission(read, "read"), read: parseArrayPermission(read, "read"),
run: parseUnitPermission(run, "run"), run: parseArrayPermission(run, "run"),
write: parseArrayPermission(write, "write"), write: parseArrayPermission(write, "write"),
}; };
} }

34
runtime/js/40_permissions.js
View file

@ -8,6 +8,7 @@
Deno: { core }, Deno: { core },
__bootstrap: { webUtil: { illegalConstructorKey } }, __bootstrap: { webUtil: { illegalConstructorKey } },
} = window; } = window;
const { pathFromURL } = window.__bootstrap.util;
const { const {
ArrayPrototypeIncludes, ArrayPrototypeIncludes,
Map, Map,
@ -161,6 +162,17 @@
), ),
); );
} }
if (desc.name === "read" || desc.name === "write") {
desc.path = pathFromURL(desc.path);
} else if (desc.name === "run") {
desc.command = pathFromURL(desc.command);
} else if (desc.name === "net") {
if (desc.host instanceof URL) {
desc.host = desc.host.host;
}
}
const state = opQuery(desc); const state = opQuery(desc);
return PromiseResolve(cache(desc, state)); return PromiseResolve(cache(desc, state));
} }
@ -173,6 +185,17 @@
), ),
); );
} }
if (desc.name === "read" || desc.name === "write") {
desc.path = pathFromURL(desc.path);
} else if (desc.name === "run") {
desc.command = pathFromURL(desc.command);
} else if (desc.name === "net") {
if (desc.host instanceof URL) {
desc.host = desc.host.host;
}
}
const state = opRevoke(desc); const state = opRevoke(desc);
return PromiseResolve(cache(desc, state)); return PromiseResolve(cache(desc, state));
} }
@ -185,6 +208,17 @@
), ),
); );
} }
if (desc.name === "read" || desc.name === "write") {
desc.path = pathFromURL(desc.path);
} else if (desc.name === "run") {
desc.command = pathFromURL(desc.command);
} else if (desc.name === "net") {
if (desc.host instanceof URL) {
desc.host = desc.host.host;
}
}
const state = opRequest(desc); const state = opRequest(desc);
return PromiseResolve(cache(desc, state)); return PromiseResolve(cache(desc, state));
} }