diff options
| author | David Sherret <dsherret@users.noreply.github.com> | 2024-09-16 21:39:37 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-09-16 21:39:37 +0100 |
| commit | 62e952559f600e72d7498c9b12f906cb0b1ba150 (patch) | |
| tree | 6dbcce6592973358ef4bf6341888b0bbbdb98cc5 /cli/lsp | |
| parent | e0b9c745c15720914f14996bf357d5b375e2dbd8 (diff) | |
refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)
This makes the permission system more versatile.
Diffstat (limited to 'cli/lsp')
| -rw-r--r-- | cli/lsp/config.rs | 24 | ||||
| -rw-r--r-- | cli/lsp/jsr.rs | 3 | ||||
| -rw-r--r-- | cli/lsp/npm.rs | 3 | ||||
| -rw-r--r-- | cli/lsp/registries.rs | 12 | ||||
| -rw-r--r-- | cli/lsp/testing/execution.rs | 15 |
5 files changed, 30 insertions, 27 deletions
diff --git a/cli/lsp/config.rs b/cli/lsp/config.rs index c5d064285..f69cae435 100644 --- a/cli/lsp/config.rs +++ b/cli/lsp/config.rs @@ -37,7 +37,6 @@ use deno_lint::linter::LintConfig as DenoLintConfig; use deno_npm::npm_rc::ResolvedNpmRc; use deno_package_json::PackageJsonCache; use deno_runtime::deno_node::PackageJson; -use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::fs_util::specifier_to_file_path; use indexmap::IndexSet; use lsp_types::ClientCapabilities; @@ -1509,17 +1508,16 @@ impl ConfigData { ConfigWatchedFileType::ImportMap, ); // spawn due to the lsp's `Send` requirement - let fetch_result = deno_core::unsync::spawn({ - let file_fetcher = file_fetcher.cloned().unwrap(); - let import_map_url = import_map_url.clone(); - async move { - file_fetcher - .fetch(&import_map_url, &PermissionsContainer::allow_all()) - .await - } - }) - .await - .unwrap(); + let fetch_result = + deno_core::unsync::spawn({ + let file_fetcher = file_fetcher.cloned().unwrap(); + let import_map_url = import_map_url.clone(); + async move { + file_fetcher.fetch_bypass_permissions(&import_map_url).await + } + }) + .await + .unwrap(); let value_result = fetch_result.and_then(|f| { serde_json::from_slice::<Value>(&f.source).map_err(|e| e.into()) @@ -1558,7 +1556,7 @@ impl ConfigData { let file_fetcher = file_fetcher.clone().unwrap(); async move { let file = file_fetcher - .fetch(&specifier, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&specifier) .await? .into_text_decoded()?; Ok(file.source.to_string()) diff --git a/cli/lsp/jsr.rs b/cli/lsp/jsr.rs index 6c591637c..9a738ec28 100644 --- a/cli/lsp/jsr.rs +++ b/cli/lsp/jsr.rs @@ -14,7 +14,6 @@ use deno_graph::packages::JsrPackageInfo; use deno_graph::packages::JsrPackageInfoVersion; use deno_graph::packages::JsrPackageVersionInfo; use deno_graph::ModuleSpecifier; -use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::jsr::JsrPackageReqReference; use deno_semver::package::PackageNv; use deno_semver::package::PackageReq; @@ -311,7 +310,7 @@ impl PackageSearchApi for CliJsrSearchApi { // spawn due to the lsp's `Send` requirement let file = deno_core::unsync::spawn(async move { file_fetcher - .fetch(&search_url, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&search_url) .await? .into_text_decoded() }) diff --git a/cli/lsp/npm.rs b/cli/lsp/npm.rs index e5aa33744..8bdeb7e7d 100644 --- a/cli/lsp/npm.rs +++ b/cli/lsp/npm.rs @@ -4,7 +4,6 @@ use dashmap::DashMap; use deno_core::anyhow::anyhow; use deno_core::error::AnyError; use deno_core::serde_json; -use deno_runtime::deno_permissions::PermissionsContainer; use deno_semver::package::PackageNv; use deno_semver::Version; use serde::Deserialize; @@ -55,7 +54,7 @@ impl PackageSearchApi for CliNpmSearchApi { let file_fetcher = self.file_fetcher.clone(); let file = deno_core::unsync::spawn(async move { file_fetcher - .fetch(&search_url, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&search_url) .await? .into_text_decoded() }) diff --git a/cli/lsp/registries.rs b/cli/lsp/registries.rs index c709831d4..5f7ce0082 100644 --- a/cli/lsp/registries.rs +++ b/cli/lsp/registries.rs @@ -16,6 +16,7 @@ use crate::args::CacheSetting; use crate::cache::GlobalHttpCache; use crate::cache::HttpCache; use crate::file_fetcher::FetchOptions; +use crate::file_fetcher::FetchPermissionsOptionRef; use crate::file_fetcher::FileFetcher; use crate::http_util::HttpClientProvider; @@ -30,7 +31,6 @@ use deno_core::url::Position; use deno_core::url::Url; use deno_core::ModuleSpecifier; use deno_graph::Dependency; -use deno_runtime::deno_permissions::PermissionsContainer; use log::error; use once_cell::sync::Lazy; use std::borrow::Cow; @@ -481,7 +481,7 @@ impl ModuleRegistry { file_fetcher .fetch_with_options(FetchOptions { specifier: &specifier, - permissions: &PermissionsContainer::allow_all(), + permissions: FetchPermissionsOptionRef::AllowAll, maybe_accept: Some("application/vnd.deno.reg.v2+json, application/vnd.deno.reg.v1+json;q=0.9, application/json;q=0.8"), maybe_cache_setting: None, }) @@ -584,7 +584,7 @@ impl ModuleRegistry { let file = deno_core::unsync::spawn({ async move { file_fetcher - .fetch(&endpoint, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&endpoint) .await .ok()? .into_text_decoded() @@ -983,7 +983,7 @@ impl ModuleRegistry { // spawn due to the lsp's `Send` requirement let file = deno_core::unsync::spawn(async move { file_fetcher - .fetch(&specifier, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&specifier) .await .ok()? .into_text_decoded() @@ -1049,7 +1049,7 @@ impl ModuleRegistry { let specifier = specifier.clone(); async move { file_fetcher - .fetch(&specifier, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&specifier) .await .map_err(|err| { error!( @@ -1095,7 +1095,7 @@ impl ModuleRegistry { let specifier = specifier.clone(); async move { file_fetcher - .fetch(&specifier, &PermissionsContainer::allow_all()) + .fetch_bypass_permissions(&specifier) .await .map_err(|err| { error!( diff --git a/cli/lsp/testing/execution.rs b/cli/lsp/testing/execution.rs index c2398d4ff..a8cea8dd4 100644 --- a/cli/lsp/testing/execution.rs +++ b/cli/lsp/testing/execution.rs @@ -31,6 +31,7 @@ use deno_core::unsync::spawn; use deno_core::unsync::spawn_blocking; use deno_core::ModuleSpecifier; use deno_runtime::deno_permissions::Permissions; +use deno_runtime::deno_permissions::PermissionsContainer; use deno_runtime::tokio_util::create_and_run_current_thread; use indexmap::IndexMap; use std::borrow::Cow; @@ -227,8 +228,11 @@ impl TestRun { // Various test files should not share the same permissions in terms of // `PermissionsContainer` - otherwise granting/revoking permissions in one // file would have impact on other files, which is undesirable. - let permissions = - Permissions::from_options(&cli_options.permissions_options()?)?; + let permission_desc_parser = factory.permission_desc_parser()?.clone(); + let permissions = Permissions::from_options( + permission_desc_parser.as_ref(), + &cli_options.permissions_options(), + )?; let main_graph_container = factory.main_module_graph_container().await?; test::check_specifiers( factory.file_fetcher()?, @@ -276,7 +280,10 @@ impl TestRun { let join_handles = queue.into_iter().map(move |specifier| { let specifier = specifier.clone(); let worker_factory = worker_factory.clone(); - let permissions = permissions.clone(); + let permissions_container = PermissionsContainer::new( + permission_desc_parser.clone(), + permissions.clone(), + ); let worker_sender = test_event_sender_factory.worker(); let fail_fast_tracker = fail_fast_tracker.clone(); let lsp_filter = self.filters.get(&specifier); @@ -305,7 +312,7 @@ impl TestRun { // channel. create_and_run_current_thread(test::test_specifier( worker_factory, - permissions, + permissions_container, specifier, worker_sender, fail_fast_tracker, |