refactor: Elevate DenoPermissions lock to top level (#3398)

author: Kevin (Kun) "Kassimo" Qian <kevinkassimo@gmail.com> 2019-11-24 07:42:30 -0800
committer: Ry Dahl <ry@tinyclouds.org> 2019-11-24 10:42:30 -0500
commit: bca23e64339f9b41272e4a01e4c1a86602e5c1e4 (patch)
tree: fe72fe56fd0f9ffa8e7392ec1941cce3300915ec /cli/ops
parent: 9e97eb287954393615ec89d42e7ca5548ecb0881 (diff)
3 files changed, 26 insertions, 25 deletions
diff --git a/cli/ops/permissions.rs b/cli/ops/permissions.rs
index 0f40b642c..bd8340bf0 100644
--- a/cli/ops/permissions.rs
+++ b/cli/ops/permissions.rs
@@ -33,7 +33,8 @@ pub fn op_query_permission(
   _zero_copy: Option<PinnedBuf>,
 ) -> Result<JsonOp, ErrBox> {
   let args: PermissionArgs = serde_json::from_value(args)?;
-  let perm = state.permissions.get_permission_state(
+  let permissions = state.permissions.lock().unwrap();
+  let perm = permissions.get_permission_state(
     &args.name,
     &args.url.as_ref().map(String::as_str),
     &args.path.as_ref().map(String::as_str),
@@ -47,16 +48,17 @@ pub fn op_revoke_permission(
   _zero_copy: Option<PinnedBuf>,
 ) -> Result<JsonOp, ErrBox> {
   let args: PermissionArgs = serde_json::from_value(args)?;
+  let mut permissions = state.permissions.lock().unwrap();
   match args.name.as_ref() {
-    "run" => state.permissions.allow_run.revoke(),
-    "read" => state.permissions.allow_read.revoke(),
-    "write" => state.permissions.allow_write.revoke(),
-    "net" => state.permissions.allow_net.revoke(),
-    "env" => state.permissions.allow_env.revoke(),
-    "hrtime" => state.permissions.allow_hrtime.revoke(),
+    "run" => permissions.allow_run.revoke(),
+    "read" => permissions.allow_read.revoke(),
+    "write" => permissions.allow_write.revoke(),
+    "net" => permissions.allow_net.revoke(),
+    "env" => permissions.allow_env.revoke(),
+    "hrtime" => permissions.allow_hrtime.revoke(),
     _ => {}
   };
-  let perm = state.permissions.get_permission_state(
+  let perm = permissions.get_permission_state(
     &args.name,
     &args.url.as_ref().map(String::as_str),
     &args.path.as_ref().map(String::as_str),
@@ -70,23 +72,18 @@ pub fn op_request_permission(
   _zero_copy: Option<PinnedBuf>,
 ) -> Result<JsonOp, ErrBox> {
   let args: PermissionArgs = serde_json::from_value(args)?;
+  let mut permissions = state.permissions.lock().unwrap();
   let perm = match args.name.as_ref() {
-    "run" => Ok(state.permissions.request_run()),
-    "read" => Ok(
-      state
-        .permissions
-        .request_read(&args.path.as_ref().map(String::as_str)),
-    ),
-    "write" => Ok(
-      state
-        .permissions
-        .request_write(&args.path.as_ref().map(String::as_str)),
-    ),
-    "net" => state
-      .permissions
-      .request_net(&args.url.as_ref().map(String::as_str)),
-    "env" => Ok(state.permissions.request_env()),
-    "hrtime" => Ok(state.permissions.request_hrtime()),
+    "run" => Ok(permissions.request_run()),
+    "read" => {
+      Ok(permissions.request_read(&args.path.as_ref().map(String::as_str)))
+    }
+    "write" => {
+      Ok(permissions.request_write(&args.path.as_ref().map(String::as_str)))
+    }
+    "net" => permissions.request_net(&args.url.as_ref().map(String::as_str)),
+    "env" => Ok(permissions.request_env()),
+    "hrtime" => Ok(permissions.request_hrtime()),
     n => Err(type_error(format!("No such permission name: {}", n))),
   }?;
   Ok(JsonOp::Sync(json!({ "state": perm.to_string() })))
diff --git a/cli/ops/timers.rs b/cli/ops/timers.rs
index 7223633f8..21d1eda24 100644
--- a/cli/ops/timers.rs
+++ b/cli/ops/timers.rs
@@ -66,11 +66,12 @@ fn op_now(
   let seconds = state.start_time.elapsed().as_secs();
   let mut subsec_nanos = state.start_time.elapsed().subsec_nanos();
   let reduced_time_precision = 2_000_000; // 2ms in nanoseconds
+  let permissions = state.permissions.lock().unwrap();
 
   // If the permission is not enabled
   // Round the nano result on 2 milliseconds
   // see: https://developer.mozilla.org/en-US/docs/Web/API/DOMHighResTimeStamp#Reduced_time_precision
-  if !state.permissions.allow_hrtime.is_allow() {
+  if !permissions.allow_hrtime.is_allow() {
     subsec_nanos -= subsec_nanos % reduced_time_precision
   }
 
diff --git a/cli/ops/workers.rs b/cli/ops/workers.rs
index a03290545..4bde38222 100644
--- a/cli/ops/workers.rs
+++ b/cli/ops/workers.rs
@@ -142,10 +142,13 @@ fn op_create_worker(
   let (int, ext) = ThreadSafeState::create_channels();
   let child_state = ThreadSafeState::new(
     state.global_state.clone(),
+    Some(parent_state.permissions.clone()), // by default share with parent
     Some(module_specifier.clone()),
     include_deno_namespace,
     int,
   )?;
+  // TODO: add a new option to make child worker not sharing permissions
+  // with parent (aka .clone(), requests from child won't reflect in parent)
   let name = format!("USER-WORKER-{}", specifier);
   let deno_main_call = format!("denoMain({})", include_deno_namespace);
   let mut worker =
author	Kevin (Kun) "Kassimo" Qian <kevinkassimo@gmail.com>	2019-11-24 07:42:30 -0800
committer	Ry Dahl <ry@tinyclouds.org>	2019-11-24 10:42:30 -0500
commit	bca23e64339f9b41272e4a01e4c1a86602e5c1e4 (patch)
tree	fe72fe56fd0f9ffa8e7392ec1941cce3300915ec /cli/ops
parent	9e97eb287954393615ec89d42e7ca5548ecb0881 (diff)