Fix deno.open permission check (#1336)

author: Kevin (Kun) "Kassimo" Qian <kevinkassimo@gmail.com> 2018-12-13 16:20:37 -0500
committer: Ryan Dahl <ry@tinyclouds.org> 2018-12-13 16:20:37 -0500
commit: 2cb52cc4d19b212c4a1095ca4f668fe62b237c7a (patch)
tree: e08f7714165fe2bff643dd25a987d4f0b4531d09
parent: 40d6daf8240f9dc090c23f975488c424b88f120f (diff)
4 files changed, 54 insertions, 7 deletions
diff --git a/js/deno.ts b/js/deno.ts
index 21c93c5d3..869314d2c 100644
--- a/js/deno.ts
+++ b/js/deno.ts
@@ -4,7 +4,17 @@
 /// <amd-module name="deno"/>
 export { env, exit } from "./os";
 export { chdir, cwd } from "./dir";
-export { File, open, stdin, stdout, stderr, read, write, close } from "./files";
+export {
+  File,
+  open,
+  stdin,
+  stdout,
+  stderr,
+  read,
+  write,
+  close,
+  OpenMode
+} from "./files";
 export {
   copy,
   toAsyncIterator,
diff --git a/js/files.ts b/js/files.ts
index 4392eadf7..e23d19cfe 100644
--- a/js/files.ts
+++ b/js/files.ts
@@ -29,7 +29,7 @@ export const stdout = new File(1);
 /** An instance of `File` for stderr. */
 export const stderr = new File(2);
 
-type OpenMode =
+export type OpenMode =
   /** Read-only. Default. Starts at beginning of file. */
   | "r"
   /** Read-write. Start at beginning of file. */
diff --git a/js/files_test.ts b/js/files_test.ts
index d46a46906..03ad7a7cd 100644
--- a/js/files_test.ts
+++ b/js/files_test.ts
@@ -30,10 +30,26 @@ test(async function filesToAsyncIterator() {
   assertEqual(totalSize, 12);
 });
 
+testPerm({ write: false }, async function writePermFailure() {
+  const filename = "tests/hello.txt";
+  const writeModes: deno.OpenMode[] = ["r+", "w", "w+", "a", "a+", "x", "x+"];
+  for (const mode of writeModes) {
+    let err;
+    try {
+      await deno.open(filename, mode);
+    } catch (e) {
+      err = e;
+    }
+    assert(!!err);
+    assertEqual(err.kind, deno.ErrorKind.PermissionDenied);
+    assertEqual(err.name, "PermissionDenied");
+  }
+});
+
 testPerm({ write: true }, async function createFile() {
   const tempDir = await deno.makeTempDir();
   const filename = tempDir + "/test.txt";
-  let f = await deno.open(filename, "w");
+  const f = await deno.open(filename, "w");
   let fileInfo = deno.statSync(filename);
   assert(fileInfo.isFile());
   assert(fileInfo.len === 0);
@@ -88,7 +104,7 @@ testPerm({ write: true }, async function openModeWriteRead() {
   const filename = tempDir + "hello.txt";
   const data = encoder.encode("Hello world!\n");
 
-  let file = await deno.open(filename, "w+");
+  const file = await deno.open(filename, "w+");
   // assert file was created
   let fileInfo = deno.statSync(filename);
   assert(fileInfo.isFile());
diff --git a/src/ops.rs b/src/ops.rs
index 3cf466d0d..3dc457aa6 100644
--- a/src/ops.rs
+++ b/src/ops.rs
@@ -576,15 +576,15 @@ fn op_chmod(
 }
 
 fn op_open(
-  _state: &IsolateState,
+  state: &IsolateState,
   base: &msg::Base,
   data: libdeno::deno_buf,
 ) -> Box<Op> {
   assert_eq!(data.len(), 0);
   let cmd_id = base.cmd_id();
   let inner = base.inner_as_open().unwrap();
-  let filename = PathBuf::from(inner.filename().unwrap());
-  //  let perm = inner.perm();
+  let filename_str = inner.filename().unwrap();
+  let filename = PathBuf::from(&filename_str);
   let mode = inner.mode().unwrap();
 
   let mut open_options = tokio::fs::OpenOptions::new();
@@ -594,12 +594,21 @@ fn op_open(
       open_options.read(true);
     }
     "r+" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.read(true).write(true);
     }
     "w" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.create(true).write(true).truncate(true);
     }
     "w+" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options
         .read(true)
         .create(true)
@@ -607,15 +616,27 @@ fn op_open(
         .truncate(true);
     }
     "a" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.create(true).append(true);
     }
     "a+" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.read(true).create(true).append(true);
     }
     "x" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.create_new(true).write(true);
     }
     "x+" => {
+      if let Err(e) = state.check_write(&filename_str) {
+        return odd_future(e);
+      }
       open_options.create_new(true).read(true).write(true);
     }
     &_ => {
author	Kevin (Kun) "Kassimo" Qian <kevinkassimo@gmail.com>	2018-12-13 16:20:37 -0500
committer	Ryan Dahl <ry@tinyclouds.org>	2018-12-13 16:20:37 -0500
commit	2cb52cc4d19b212c4a1095ca4f668fe62b237c7a (patch)
tree	e08f7714165fe2bff643dd25a987d4f0b4531d09
parent	40d6daf8240f9dc090c23f975488c424b88f120f (diff)