diff options
| author | Nayeem Rahman <nayeemrmn99@gmail.com> | 2024-03-12 22:12:29 +0000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-03-12 22:12:29 +0000 |
| commit | 485b4c6301d246f413aa9de91c883c97cd4d1235 (patch) | |
| tree | 2be8a80466f0341aa58d556225f36c2a0d16460c | |
| parent | c10d96cb21d5f75b4c6f7b7d8d96d12a6edeee99 (diff) | |
fix(runtime): negate partial condition for deny flags (#22866)
| -rw-r--r-- | runtime/permissions/lib.rs | 27 |
1 files changed, 26 insertions, 1 deletions
diff --git a/runtime/permissions/lib.rs b/runtime/permissions/lib.rs index ca9d8084f..e83d465d8 100644 --- a/runtime/permissions/lib.rs +++ b/runtime/permissions/lib.rs @@ -312,7 +312,7 @@ impl<T: Descriptor + Hash> UnaryPermission<T> { get_display_name: impl Fn() -> Option<String>, ) -> Result<(), AnyError> { let (result, prompted, is_allow_all) = self - .query_desc(desc, AllowPartial::from(assert_non_partial)) + .query_desc(desc, AllowPartial::from(!assert_non_partial)) .check2( T::flag_name(), api_name, @@ -2859,6 +2859,31 @@ mod tests { } #[test] + fn test_check_partial_denied() { + let mut perms = Permissions { + read: Permissions::new_read( + &Some(vec![]), + &Some(vec![PathBuf::from("/foo/bar")]), + false, + ) + .unwrap(), + write: Permissions::new_write( + &Some(vec![]), + &Some(vec![PathBuf::from("/foo/bar")]), + false, + ) + .unwrap(), + ..Default::default() + }; + + perms.read.check_partial(Path::new("/foo"), None).unwrap(); + assert!(perms.read.check(Path::new("/foo"), None).is_err()); + + perms.write.check_partial(Path::new("/foo"), None).unwrap(); + assert!(perms.write.check(Path::new("/foo"), None).is_err()); + } + + #[test] fn test_deserialize_child_permissions_arg() { set_prompter(Box::new(TestPrompter)); assert_eq!( |