mirror of
https://github.com/Microsoft/vscode
synced 2024-09-13 21:55:38 +00:00
first pass to update workspace trust to capabilities
This commit is contained in:
parent
43d2efaab6
commit
aec0921e5c
|
@ -60,11 +60,11 @@ export class SettingsDocument {
|
|||
return provideInstalledExtensionProposals(alreadyConfigured, `: [\n\t"ui"\n]`, range, true);
|
||||
}
|
||||
|
||||
// security.workspace.trust.extensionRequest
|
||||
if (location.path[0] === 'security.workspace.trust.extensionRequest' && location.path.length === 2 && location.isAtPropertyKey) {
|
||||
// security.workspace.trust.extensionUntrustedSupport
|
||||
if (location.path[0] === 'security.workspace.trust.extensionUntrustedSupport' && location.path.length === 2 && location.isAtPropertyKey) {
|
||||
let alreadyConfigured: string[] = [];
|
||||
try {
|
||||
alreadyConfigured = Object.keys(parse(this.document.getText())['security.workspace.trust.extensionRequest']);
|
||||
alreadyConfigured = Object.keys(parse(this.document.getText())['security.workspace.trust.extensionUntrustedSupport']);
|
||||
} catch (e) {/* ignore error */ }
|
||||
return provideWorkspaceTrustExtensionProposals(alreadyConfigured, range);
|
||||
}
|
||||
|
|
|
@ -20,9 +20,9 @@ export type ConfigurationSyncStore = {
|
|||
authenticationProviders: IStringDictionary<{ scopes: string[] }>
|
||||
};
|
||||
|
||||
export type ExtensionWorkspaceTrustRequest = {
|
||||
readonly default?: 'never' | 'onStart' | 'onDemand',
|
||||
readonly override?: 'never' | 'onStart' | 'onDemand'
|
||||
export type ExtensionUntrustedWorkspaceSupport = {
|
||||
readonly default?: boolean | 'limited',
|
||||
readonly override?: boolean | 'limited'
|
||||
};
|
||||
|
||||
export interface IProductConfiguration {
|
||||
|
@ -121,7 +121,7 @@ export interface IProductConfiguration {
|
|||
readonly extensionKind?: { readonly [extensionId: string]: ('ui' | 'workspace' | 'web')[]; };
|
||||
readonly extensionSyncedKeys?: { readonly [extensionId: string]: string[]; };
|
||||
readonly extensionAllowedProposedApi?: readonly string[];
|
||||
readonly extensionWorkspaceTrustRequest?: { readonly [extensionId: string]: ExtensionWorkspaceTrustRequest };
|
||||
readonly extensionUntrustedWorkspaceSupport?: { readonly [extensionId: string]: ExtensionUntrustedWorkspaceSupport };
|
||||
readonly extensionSupportsVirtualWorkspace?: { readonly [extensionId: string]: { default?: boolean, override?: boolean } };
|
||||
|
||||
readonly msftInternalDomains?: string[];
|
||||
|
|
|
@ -163,9 +163,14 @@ export interface IExtensionContributions {
|
|||
startEntries?: IStartEntry[];
|
||||
}
|
||||
|
||||
export interface IExtensionCapabilities {
|
||||
virtualWorkspaces?: boolean;
|
||||
untrustedWorkspaces?: ExtensionUntrustedWorkspaceSupport;
|
||||
}
|
||||
|
||||
export type ExtensionKind = 'ui' | 'workspace' | 'web';
|
||||
export type ExtensionWorkspaceTrustRequestType = 'never' | 'onStart' | 'onDemand';
|
||||
export type ExtensionWorkspaceTrust = { request: 'never'; } | { request: 'onStart', description: string } | { request: 'onDemand', description: string, requiredForConfigurations?: string[] };
|
||||
export type ExtensionUntrustedWorkpaceSupportType = boolean | 'limited';
|
||||
export type ExtensionUntrustedWorkspaceSupport = { supported: true; } | { supported: false, description: string } | { supported: 'limited', description: string, restrictedConfigurations?: string[] };
|
||||
|
||||
export function isIExtensionIdentifier(thing: any): thing is IExtensionIdentifier {
|
||||
return thing
|
||||
|
@ -222,7 +227,7 @@ export interface IExtensionManifest {
|
|||
readonly enableProposedApi?: boolean;
|
||||
readonly api?: string;
|
||||
readonly scripts?: { [key: string]: string; };
|
||||
readonly workspaceTrust?: ExtensionWorkspaceTrust;
|
||||
readonly capabilities?: IExtensionCapabilities;
|
||||
readonly supportsVirtualWorkspace?: boolean;
|
||||
}
|
||||
|
||||
|
|
|
@ -170,7 +170,7 @@ configurationExtPoint.setHandler((extensions, { added, removed }) => {
|
|||
validateProperties(configuration, extension);
|
||||
|
||||
configuration.id = node.id || extension.description.identifier.value;
|
||||
configuration.extensionInfo = { id: extension.description.identifier.value, requireTrustForConfigurations: extension.description.workspaceTrust?.request === 'onDemand' ? extension.description.workspaceTrust?.requiredForConfigurations : undefined };
|
||||
configuration.extensionInfo = { id: extension.description.identifier.value, requireTrustForConfigurations: extension.description.capabilities?.untrustedWorkspaces?.supported === 'limited' ? extension.description.capabilities?.untrustedWorkspaces?.restrictedConfigurations : undefined };
|
||||
configuration.title = configuration.title || extension.description.displayName || extension.description.identifier.value;
|
||||
configurations.push(configuration);
|
||||
return configurations;
|
||||
|
|
|
@ -205,14 +205,14 @@ export class Renderer implements IPagedRenderer<IExtension, ITemplateData> {
|
|||
data.author.textContent = extension.publisherDisplayName;
|
||||
data.description.textContent = extension.description;
|
||||
|
||||
if (extension.local?.manifest.workspaceTrust?.request) {
|
||||
const trustRequirement = extension.local.manifest.workspaceTrust;
|
||||
const requestType = this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest);
|
||||
if (requestType !== 'never' && trustRequirement.request !== 'never') {
|
||||
data.workspaceTrustDescription.textContent = trustRequirement.description;
|
||||
} else if (requestType === 'onStart') {
|
||||
if (extension.local?.manifest.capabilities?.untrustedWorkspaces?.supported) {
|
||||
const untrustedWorkspaceCapability = extension.local.manifest.capabilities.untrustedWorkspaces;
|
||||
const untrustedWorkspaceSupported = this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest);
|
||||
if (untrustedWorkspaceSupported !== true && untrustedWorkspaceCapability.supported !== true) {
|
||||
data.workspaceTrustDescription.textContent = untrustedWorkspaceCapability.description;
|
||||
} else if (untrustedWorkspaceSupported === false) {
|
||||
data.workspaceTrustDescription.textContent = localize('onStartDefaultText', "A trusted workspace is required to enable this extension.");
|
||||
} else if (requestType === 'onDemand') {
|
||||
} else if (untrustedWorkspaceSupported === 'limited') {
|
||||
data.workspaceTrustDescription.textContent = localize('onDemandDefaultText', "Some features require a trusted workspace.");
|
||||
}
|
||||
}
|
||||
|
|
|
@ -561,15 +561,15 @@ export class ExtensionsListView extends ViewPane {
|
|||
|
||||
value = value.replace(/@trustRequired/g, '').replace(/@sort:(\w+)(-\w*)?/g, '').trim().toLowerCase();
|
||||
|
||||
const result = local.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) !== 'never' && (extension.name.toLowerCase().indexOf(value) > -1 || extension.displayName.toLowerCase().indexOf(value) > -1));
|
||||
const result = local.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) !== true && (extension.name.toLowerCase().indexOf(value) > -1 || extension.displayName.toLowerCase().indexOf(value) > -1));
|
||||
|
||||
if (onStartOnly) {
|
||||
const onStartExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) === 'onStart');
|
||||
const onStartExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) === false);
|
||||
return this.sortExtensions(onStartExtensions, options);
|
||||
}
|
||||
|
||||
if (onDemandOnly) {
|
||||
const onDemandExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) === 'onDemand');
|
||||
const onDemandExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) === 'limited');
|
||||
return this.sortExtensions(onDemandExtensions, options);
|
||||
}
|
||||
|
||||
|
|
|
@ -27,7 +27,7 @@ import { IStatusbarEntry, IStatusbarEntryAccessor, IStatusbarService, StatusbarA
|
|||
import { IEditorRegistry, Extensions as EditorExtensions, EditorDescriptor } from 'vs/workbench/browser/editor';
|
||||
import { WorkspaceTrustEditor } from 'vs/workbench/contrib/workspace/browser/workspaceTrustEditor';
|
||||
import { WorkspaceTrustEditorInput } from 'vs/workbench/services/workspaces/browser/workspaceTrustEditorInput';
|
||||
import { isWorkspaceTrustEnabled, WorkspaceTrustContext, WORKSPACE_TRUST_ENABLED, WORKSPACE_TRUST_EXTENSION_REQUEST } from 'vs/workbench/services/workspaces/common/workspaceTrust';
|
||||
import { isWorkspaceTrustEnabled, WorkspaceTrustContext, WORKSPACE_TRUST_ENABLED, WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT } from 'vs/workbench/services/workspaces/common/workspaceTrust';
|
||||
import { EditorInput, Extensions as EditorInputExtensions, IEditorInputSerializer, IEditorInputFactoryRegistry } from 'vs/workbench/common/editor';
|
||||
import { ITelemetryService } from 'vs/platform/telemetry/common/telemetry';
|
||||
import { IWorkspaceContextService } from 'vs/platform/workspace/common/workspace';
|
||||
|
@ -403,9 +403,9 @@ Registry.as<IConfigurationRegistry>(ConfigurationExtensions.Configuration)
|
|||
included: !isWeb,
|
||||
description: localize('workspace.trust.description', "Controls whether or not workspace trust is enabled within VS Code."),
|
||||
},
|
||||
[WORKSPACE_TRUST_EXTENSION_REQUEST]: {
|
||||
[WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT]: {
|
||||
type: 'object',
|
||||
markdownDescription: localize('security.workspace.trust.extensionRequest', "Override the workspace trust request of an extension. Extensions using `never` will always be enabled. Extensions using `onDemand` will always be enabled, and the extension will request for workspace trust only when necessary. Extensions using `onStart` will only be enabled only when the workspace is trusted."),
|
||||
markdownDescription: localize('security.workspace.trust.extensionUntrustedSupport', "Override the untrusted workpace support of an extension. Extensions using `true` will always be enabled. Extensions using `limited` will always be enabled, and the extension will hide functionality that requires trust. Extensions using `false` will only be enabled only when the workspace is trusted."),
|
||||
patternProperties: {
|
||||
'([a-z0-9A-Z][a-z0-9\-A-Z]*)\\.([a-z0-9A-Z][a-z0-9\-A-Z]*)$': {
|
||||
type: 'object',
|
||||
|
@ -414,15 +414,15 @@ Registry.as<IConfigurationRegistry>(ConfigurationExtensions.Configuration)
|
|||
type: 'string',
|
||||
enum: ['never', 'onDemand', 'onStart'],
|
||||
enumDescriptions: [
|
||||
localize('security.workspace.trust.extensionRequest.request.never', "Extension will always be enabled."),
|
||||
localize('security.workspace.trust.extensionRequest.request.onDemand', "Extension will always be enabled, and the extension will request for workspace trust only when necessary."),
|
||||
localize('security.workspace.trust.extensionRequest.request.onStart', "Extension will only be enabled only when the workspace is trusted."),
|
||||
localize('security.workspace.trust.extensionUntrustedSupport.supported.true', "Extension will always be enabled."),
|
||||
localize('security.workspace.trust.extensionUntrustedSupport.supported.limited', "Extension will always be enabled, and the extension will hide functionality requiring trust."),
|
||||
localize('security.workspace.trust.extensionUntrustedSupport.supported.false', "Extension will only be enabled only when the workspace is trusted."),
|
||||
],
|
||||
description: localize('security.workspace.trust.extensionRequest.request', "Defines the workspace trust request setting for the extension."),
|
||||
description: localize('security.workspace.trust.extensionUntrustedSupport.supported', "Defines the untrusted workspace support setting for the extension."),
|
||||
},
|
||||
'version': {
|
||||
type: 'string',
|
||||
description: localize('security.workspace.trust.extensionRequest.version', "Defines the version of the extension for which the override should be applied. If not specified, the override will be applied independent of the extension version."),
|
||||
description: localize('security.workspace.trust.extensionUntrustedSupport.version', "Defines the version of the extension for which the override should be applied. If not specified, the override will be applied independent of the extension version."),
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -549,7 +549,7 @@ class WorkspaceTrustTelemetryContribution extends Disposable implements IWorkben
|
|||
this.telemetryService.publicLog2<WorkspaceTrustRequestedEvent, WorkspaceTrustRequestedEventClassification>('workspaceTrustRequested', {
|
||||
modal: options.modal,
|
||||
workspaceId: this.workspaceContextService.getWorkspace().id,
|
||||
extensions: (await this.extensionService.getExtensions()).filter(ext => !!ext.workspaceTrust).map(ext => ext.identifier.value)
|
||||
extensions: (await this.extensionService.getExtensions()).filter(ext => !!ext.capabilities?.untrustedWorkspaces).map(ext => ext.identifier.value)
|
||||
});
|
||||
}
|
||||
}
|
||||
|
|
|
@ -22,7 +22,7 @@ import { URI } from 'vs/base/common/uri';
|
|||
import { localize } from 'vs/nls';
|
||||
import { IContextMenuService } from 'vs/platform/contextview/browser/contextView';
|
||||
import { IDialogService } from 'vs/platform/dialogs/common/dialogs';
|
||||
import { ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions';
|
||||
import { ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions';
|
||||
import { IInstantiationService } from 'vs/platform/instantiation/common/instantiation';
|
||||
import { IPromptChoiceWithMenu, Severity } from 'vs/platform/notification/common/notification';
|
||||
import { Link } from 'vs/platform/opener/browser/link';
|
||||
|
@ -206,8 +206,8 @@ export class WorkspaceTrustEditor extends EditorPane {
|
|||
|
||||
// Features List
|
||||
const installedExtensions = await this.instantiationService.invokeFunction(getInstalledExtensions);
|
||||
const onDemandExtensionCount = this.getExtensionCountByTrustRequestType(installedExtensions, 'onDemand');
|
||||
const onStartExtensionCount = this.getExtensionCountByTrustRequestType(installedExtensions, 'onStart');
|
||||
const onDemandExtensionCount = this.getExtensionCountByUntrustedWorkspaceSupport(installedExtensions, 'limited');
|
||||
const onStartExtensionCount = this.getExtensionCountByUntrustedWorkspaceSupport(installedExtensions, false);
|
||||
|
||||
this.renderAffectedFeatures(settingsRequiringTrustedWorkspaceCount, onDemandExtensionCount + onStartExtensionCount);
|
||||
|
||||
|
@ -220,8 +220,8 @@ export class WorkspaceTrustEditor extends EditorPane {
|
|||
this.rendering = false;
|
||||
}
|
||||
|
||||
private getExtensionCountByTrustRequestType(extensions: IExtensionStatus[], trustRequestType: ExtensionWorkspaceTrustRequestType): number {
|
||||
const filtered = extensions.filter(ext => this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(ext.local.manifest) === trustRequestType);
|
||||
private getExtensionCountByUntrustedWorkspaceSupport(extensions: IExtensionStatus[], trustRequestType: ExtensionUntrustedWorkpaceSupportType): number {
|
||||
const filtered = extensions.filter(ext => this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(ext.local.manifest) === trustRequestType);
|
||||
const set = new Set<string>();
|
||||
for (const ext of filtered) {
|
||||
set.add(ext.identifier.id);
|
||||
|
|
|
@ -289,7 +289,7 @@ export class ExtensionEnablementService extends Disposable implements IWorkbench
|
|||
return false;
|
||||
}
|
||||
|
||||
return this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.manifest) === 'onStart';
|
||||
return this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.manifest) === false;
|
||||
}
|
||||
|
||||
private _getEnablementState(identifier: IExtensionIdentifier): EnablementState {
|
||||
|
@ -442,7 +442,7 @@ export class ExtensionEnablementService extends Disposable implements IWorkbench
|
|||
|
||||
private async _getExtensionsByWorkspaceTrustRequirement(): Promise<IExtension[]> {
|
||||
const extensions = await this.extensionManagementService.getInstalled();
|
||||
return extensions.filter(e => this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(e.manifest) === 'onStart');
|
||||
return extensions.filter(e => this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(e.manifest) === false);
|
||||
}
|
||||
|
||||
public async updateEnablementByWorkspaceTrustRequirement(): Promise<void> {
|
||||
|
|
|
@ -358,7 +358,7 @@ export class ExtensionManagementService extends Disposable implements IWorkbench
|
|||
}
|
||||
|
||||
protected async checkForWorkspaceTrust(manifest: IExtensionManifest): Promise<void> {
|
||||
if (this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(manifest) === 'onStart') {
|
||||
if (this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(manifest) === false) {
|
||||
const trustState = await this.workspaceTrustRequestService.requestWorkspaceTrust({
|
||||
modal: true,
|
||||
message: localize('extensionInstallWorkspaceTrustMessage', "Enabling this extension requires a trusted workspace."),
|
||||
|
|
|
@ -4,16 +4,16 @@
|
|||
*--------------------------------------------------------------------------------------------*/
|
||||
|
||||
import { IConfigurationService } from 'vs/platform/configuration/common/configuration';
|
||||
import { IExtensionManifest, ExtensionKind, ExtensionIdentifier, ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions';
|
||||
import { IExtensionManifest, ExtensionKind, ExtensionIdentifier, ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions';
|
||||
import { ExtensionsRegistry } from 'vs/workbench/services/extensions/common/extensionsRegistry';
|
||||
import { getGalleryExtensionId } from 'vs/platform/extensionManagement/common/extensionManagementUtil';
|
||||
import { isNonEmptyArray } from 'vs/base/common/arrays';
|
||||
import { IProductService } from 'vs/platform/product/common/productService';
|
||||
import { createDecorator } from 'vs/platform/instantiation/common/instantiation';
|
||||
import { registerSingleton } from 'vs/platform/instantiation/common/extensions';
|
||||
import { ExtensionWorkspaceTrustRequest } from 'vs/base/common/product';
|
||||
import { ExtensionUntrustedWorkspaceSupport } from 'vs/base/common/product';
|
||||
import { Disposable } from 'vs/base/common/lifecycle';
|
||||
import { isWorkspaceTrustEnabled, WORKSPACE_TRUST_EXTENSION_REQUEST } from 'vs/workbench/services/workspaces/common/workspaceTrust';
|
||||
import { isWorkspaceTrustEnabled, WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT } from 'vs/workbench/services/workspaces/common/workspaceTrust';
|
||||
|
||||
export const IExtensionManifestPropertiesService = createDecorator<IExtensionManifestPropertiesService>('extensionManifestPropertiesService');
|
||||
|
||||
|
@ -29,7 +29,7 @@ export interface IExtensionManifestPropertiesService {
|
|||
canExecuteOnWeb(manifest: IExtensionManifest): boolean;
|
||||
|
||||
getExtensionKind(manifest: IExtensionManifest): ExtensionKind[];
|
||||
getExtensionWorkspaceTrustRequestType(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType;
|
||||
getExtensionUntrustedWorkspaceSupportType(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType;
|
||||
canSupportVirtualWorkspace(manifest: IExtensionManifest): boolean;
|
||||
}
|
||||
|
||||
|
@ -44,8 +44,8 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
private _productVirtualWorkspaceSupportMap: Map<string, { default?: boolean, override?: boolean }> | null = null;
|
||||
private _configuredVirtualWorkspaceSupportMap: Map<string, boolean> | null = null;
|
||||
|
||||
private readonly _configuredExtensionWorkspaceTrustRequestMap: Map<string, { request: ExtensionWorkspaceTrustRequestType, version?: string }>;
|
||||
private readonly _productExtensionWorkspaceTrustRequestMap: Map<string, ExtensionWorkspaceTrustRequest>;
|
||||
private readonly _configuredExtensionWorkspaceTrustRequestMap: Map<string, { request: ExtensionUntrustedWorkpaceSupportType, version?: string }>;
|
||||
private readonly _productExtensionWorkspaceTrustRequestMap: Map<string, ExtensionUntrustedWorkspaceSupport>;
|
||||
|
||||
constructor(
|
||||
@IProductService private readonly productService: IProductService,
|
||||
|
@ -54,17 +54,17 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
super();
|
||||
|
||||
// Workspace trust request type (settings.json)
|
||||
this._configuredExtensionWorkspaceTrustRequestMap = new Map<string, { request: ExtensionWorkspaceTrustRequestType, version?: string }>();
|
||||
const configuredExtensionWorkspaceTrustRequests = configurationService.inspect<{ [key: string]: { request: ExtensionWorkspaceTrustRequestType, version?: string } }>(WORKSPACE_TRUST_EXTENSION_REQUEST).userValue || {};
|
||||
this._configuredExtensionWorkspaceTrustRequestMap = new Map<string, { request: ExtensionUntrustedWorkpaceSupportType, version?: string }>();
|
||||
const configuredExtensionWorkspaceTrustRequests = configurationService.inspect<{ [key: string]: { request: ExtensionUntrustedWorkpaceSupportType, version?: string } }>(WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT).userValue || {};
|
||||
for (const id of Object.keys(configuredExtensionWorkspaceTrustRequests)) {
|
||||
this._configuredExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), configuredExtensionWorkspaceTrustRequests[id]);
|
||||
}
|
||||
|
||||
// Workpace trust request type (products.json)
|
||||
this._productExtensionWorkspaceTrustRequestMap = new Map<string, ExtensionWorkspaceTrustRequest>();
|
||||
if (productService.extensionWorkspaceTrustRequest) {
|
||||
for (const id of Object.keys(productService.extensionWorkspaceTrustRequest)) {
|
||||
this._productExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), productService.extensionWorkspaceTrustRequest[id]);
|
||||
this._productExtensionWorkspaceTrustRequestMap = new Map<string, ExtensionUntrustedWorkspaceSupport>();
|
||||
if (productService.extensionUntrustedWorkspaceSupport) {
|
||||
for (const id of Object.keys(productService.extensionUntrustedWorkspaceSupport)) {
|
||||
this._productExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), productService.extensionUntrustedWorkspaceSupport[id]);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -121,10 +121,10 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
return this.deduceExtensionKind(manifest);
|
||||
}
|
||||
|
||||
getExtensionWorkspaceTrustRequestType(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType {
|
||||
getExtensionUntrustedWorkspaceSupportType(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType {
|
||||
// Workspace trust feature is disabled, or extension has no entry point
|
||||
if (!isWorkspaceTrustEnabled(this.configurationService) || !manifest.main) {
|
||||
return 'never';
|
||||
return true;
|
||||
}
|
||||
|
||||
// Get extension workspace trust requirements from settings.json
|
||||
|
@ -144,8 +144,8 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
}
|
||||
|
||||
// Use extension manifest value if it exists
|
||||
if (manifest.workspaceTrust?.request !== undefined) {
|
||||
return manifest.workspaceTrust.request;
|
||||
if (manifest.capabilities?.untrustedWorkspaces?.supported !== undefined) {
|
||||
return manifest.capabilities.untrustedWorkspaces.supported;
|
||||
}
|
||||
|
||||
// Use product.json default value if it exists
|
||||
|
@ -153,7 +153,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
return productWorkspaceTrustRequest.default;
|
||||
}
|
||||
|
||||
return 'onStart';
|
||||
return false;
|
||||
}
|
||||
|
||||
canSupportVirtualWorkspace(manifest: IExtensionManifest): boolean {
|
||||
|
@ -285,7 +285,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
return this._configuredVirtualWorkspaceSupportMap.get(ExtensionIdentifier.toKey(extensionId));
|
||||
}
|
||||
|
||||
private getConfiguredExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType | undefined {
|
||||
private getConfiguredExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType | undefined {
|
||||
const extensionId = getGalleryExtensionId(manifest.publisher, manifest.name);
|
||||
const extensionWorkspaceTrustRequest = this._configuredExtensionWorkspaceTrustRequestMap.get(ExtensionIdentifier.toKey(extensionId));
|
||||
|
||||
|
@ -296,7 +296,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE
|
|||
return undefined;
|
||||
}
|
||||
|
||||
private getProductExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequest | undefined {
|
||||
private getProductExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionUntrustedWorkspaceSupport | undefined {
|
||||
const extensionId = getGalleryExtensionId(manifest.publisher, manifest.name);
|
||||
return this._productExtensionWorkspaceTrustRequestMap.get(ExtensionIdentifier.toKey(extensionId));
|
||||
}
|
||||
|
|
|
@ -4,7 +4,7 @@
|
|||
*--------------------------------------------------------------------------------------------*/
|
||||
|
||||
import * as assert from 'assert';
|
||||
import { IExtensionManifest, ExtensionKind, ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions';
|
||||
import { IExtensionManifest, ExtensionKind, ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions';
|
||||
import { ExtensionManifestPropertiesService } from 'vs/workbench/services/extensions/common/extensionManifestPropertiesService';
|
||||
import { TestConfigurationService } from 'vs/platform/configuration/test/common/testConfigurationService';
|
||||
import { TestProductService } from 'vs/workbench/test/common/workbenchTestServices';
|
||||
|
@ -63,11 +63,11 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () =>
|
|||
|
||||
teardown(() => testObject.dispose());
|
||||
|
||||
function assertWorkspaceTrustRequest(extensionMaifest: IExtensionManifest, expected: ExtensionWorkspaceTrustRequestType): void {
|
||||
function assertUntrustedWorkspaceSupport(extensionMaifest: IExtensionManifest, expected: ExtensionUntrustedWorkpaceSupportType): void {
|
||||
testObject = instantiationService.createInstance(ExtensionManifestPropertiesService);
|
||||
const workspaceTrustRequest = testObject.getExtensionWorkspaceTrustRequestType(extensionMaifest);
|
||||
const untrustedWorkspaceSupport = testObject.getExtensionUntrustedWorkspaceSupportType(extensionMaifest);
|
||||
|
||||
assert.strictEqual(workspaceTrustRequest, expected);
|
||||
assert.strictEqual(untrustedWorkspaceSupport, expected);
|
||||
}
|
||||
|
||||
function getExtensionManifest(properties: any = {}): IExtensionManifest {
|
||||
|
@ -78,7 +78,7 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () =>
|
|||
instantiationService.stub(IProductService, <Partial<IProductService>>{});
|
||||
|
||||
const extensionMaifest = getExtensionManifest();
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'never');
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when workspace trust is disabled', async () => {
|
||||
|
@ -86,23 +86,23 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () =>
|
|||
await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { enabled: false } } });
|
||||
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js' });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'never');
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when override exists in settings.json', async () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{});
|
||||
|
||||
await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionRequest: { 'pub.a': { request: 'never' } } } } });
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'never');
|
||||
await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionUntrustedSupport: { 'pub.a': { supported: true } } } } });
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } });
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when override for the version exists in settings.json', async () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{});
|
||||
|
||||
await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionRequest: { 'pub.a': { request: 'never', version: '1.0.0' } } } } });
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'never');
|
||||
await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionUntrustedSupport: { 'pub.a': { supported: true, version: '1.0.0' } } } } });
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } });
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when override for a different version exists in settings.json', async () => {
|
||||
|
@ -112,39 +112,39 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () =>
|
|||
workspace: {
|
||||
trust: {
|
||||
enabled: true,
|
||||
extensionRequest: { 'pub.a': { request: 'never', version: '2.0.0' } }
|
||||
extensionUntrustedSupport: { 'pub.a': { supported: true, version: '2.0.0' } }
|
||||
}
|
||||
}
|
||||
});
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'onDemand');
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } });
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, 'limited');
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when default exists in product.json', () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{ extensionWorkspaceTrustRequest: { 'pub.a': { default: 'never' } } });
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{ extensionUntrustedWorkspaceSupport: { 'pub.a': { default: true } } });
|
||||
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js' });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'never');
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when override exists in product.json', () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{ extensionWorkspaceTrustRequest: { 'pub.a': { override: 'onDemand' } } });
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{ extensionUntrustedWorkspaceSupport: { 'pub.a': { override: 'limited' } } });
|
||||
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'never' } });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'onDemand');
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: true } } });
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, 'limited');
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when value exists in package.json', () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{});
|
||||
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'onDemand');
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } });
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, true);
|
||||
});
|
||||
|
||||
test('test extension workspace trust request when no value exists in package.json', () => {
|
||||
instantiationService.stub(IProductService, <Partial<IProductService>>{});
|
||||
|
||||
const extensionMaifest = getExtensionManifest({ main: './out/extension.js' });
|
||||
assertWorkspaceTrustRequest(extensionMaifest, 'onStart');
|
||||
assertUntrustedWorkspaceSupport(extensionMaifest, false);
|
||||
});
|
||||
});
|
||||
|
|
|
@ -19,7 +19,7 @@ import { isSingleFolderWorkspaceIdentifier, toWorkspaceIdentifier } from 'vs/pla
|
|||
import { IUriIdentityService } from 'vs/workbench/services/uriIdentity/common/uriIdentity';
|
||||
|
||||
export const WORKSPACE_TRUST_ENABLED = 'security.workspace.trust.enabled';
|
||||
export const WORKSPACE_TRUST_EXTENSION_REQUEST = 'security.workspace.trust.extensionRequest';
|
||||
export const WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT = 'security.workspace.trust.extensionUntrustedSupport';
|
||||
export const WORKSPACE_TRUST_STORAGE_KEY = 'content.trust.model.key';
|
||||
|
||||
export const WorkspaceTrustContext = {
|
||||
|
|
Loading…
Reference in a new issue