refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)

This makes the permission system more versatile.

3 files changed, 4 insertions, 7 deletions

diff --git a/cli/npm/byonm.rs b/cli/npm/byonm.rs
index 3249b2ed1..24645e416 100644
--- a/cli/npm/byonm.rs
+++ b/cli/npm/byonm.rs
@@ -280,7 +280,7 @@ impl NodeRequireResolver for ByonmCliNpmResolver {
       .components()
       .any(|c| c.as_os_str().to_ascii_lowercase() == "node_modules")
     {
-      permissions.check_read(path)?;
+      _ = permissions.check_read_path(path)?;
     }
     Ok(())
   }
diff --git a/cli/npm/managed/resolvers/common.rs b/cli/npm/managed/resolvers/common.rs
index 170dc2ae6..1893aa56a 100644
--- a/cli/npm/managed/resolvers/common.rs
+++ b/cli/npm/managed/resolvers/common.rs
@@ -127,7 +127,8 @@ impl RegistryReadPermissionChecker {
       }
     }
 
-    permissions.check_read(path)
+    _ = permissions.check_read_path(path)?;
+    Ok(())
   }
 }
 
diff --git a/cli/npm/mod.rs b/cli/npm/mod.rs
index c8f87e6af..bedde6455 100644
--- a/cli/npm/mod.rs
+++ b/cli/npm/mod.rs
@@ -15,7 +15,6 @@ use deno_core::serde_json;
 use deno_npm::registry::NpmPackageInfo;
 use deno_runtime::deno_node::NodeRequireResolver;
 use deno_runtime::deno_node::NpmProcessStateProvider;
-use deno_runtime::deno_permissions::PermissionsContainer;
 use deno_semver::package::PackageNv;
 use deno_semver::package::PackageReq;
 use node_resolver::NpmResolver;
@@ -152,10 +151,7 @@ impl NpmFetchResolver {
       let file_fetcher = self.file_fetcher.clone();
       // spawn due to the lsp's `Send` requirement
       let file = deno_core::unsync::spawn(async move {
-        file_fetcher
-          .fetch(&info_url, &PermissionsContainer::allow_all())
-          .await
-          .ok()
+        file_fetcher.fetch_bypass_permissions(&info_url).await.ok()
       })
       .await
       .ok()??;