diff options
| author | Bartek Iwańczuk <biwanczuk@gmail.com> | 2020-01-28 03:13:17 +0100 |
|---|---|---|
| committer | Ryan Dahl <ry@tinyclouds.org> | 2020-01-27 21:13:17 -0500 |
| commit | f32c31a0eba90b6b1f711a2d5dfe182157d3ecb5 (patch) | |
| tree | 9b9cc0f4d141586a692264c65eb4b96d0fc93a09 /cli/permissions.rs | |
| parent | ac10d79d231d3b66b918764b9706597321850687 (diff) | |
dx: descriptive permission errors (#3808)
Before:
```
▶ target/debug/deno https://deno.land/std/examples/echo_server.ts
error: Uncaught PermissionDenied: run again with the --allow-net flag
► $deno$/dispatch_json.ts:40:11
at DenoError ($deno$/errors.ts:20:5)
at unwrapResponse ($deno$/dispatch_json.ts:40:11)
at sendSync ($deno$/dispatch_json.ts:67:10)
at listen ($deno$/net.ts:170:15)
at https://deno.land/std/examples/echo_server.ts:4:23
```
```
▶ target/debug/deno --allow-read=/usr https://deno.land/std/examples/cat.ts /etc/passwd
error: Uncaught PermissionDenied: run again with the --allow-read flag
► $deno$/dispatch_json.ts:40:11
at DenoError ($deno$/errors.ts:20:5)
at unwrapResponse ($deno$/dispatch_json.ts:40:11)
at sendAsync ($deno$/dispatch_json.ts:91:10)
```
After:
```
▶ target/debug/deno https://deno.land/std/examples/echo_server.ts
error: Uncaught PermissionDenied: network access to "0.0.0.0:8080", run again with the --allow-net flag
► $deno$/dispatch_json.ts:40:11
at DenoError ($deno$/errors.ts:20:5)
at unwrapResponse ($deno$/dispatch_json.ts:40:11)
at sendSync ($deno$/dispatch_json.ts:67:10)
at listen ($deno$/net.ts:170:15)
at https://deno.land/std/examples/echo_server.ts:4:23
```
```
▶ target/debug/deno --allow-read=/usr https://deno.land/std/examples/cat.ts /etc/passwd
error: Uncaught PermissionDenied: read access to "/etc/passwd", run again with the --allow-read flag
► $deno$/dispatch_json.ts:40:11
at DenoError ($deno$/errors.ts:20:5)
at unwrapResponse ($deno$/dispatch_json.ts:40:11)
at sendAsync ($deno$/dispatch_json.ts:91:10)
```
Diffstat (limited to 'cli/permissions.rs')
| -rw-r--r-- | cli/permissions.rs | 32 |
1 files changed, 14 insertions, 18 deletions
diff --git a/cli/permissions.rs b/cli/permissions.rs index 3964b07a3..98b7e7a33 100644 --- a/cli/permissions.rs +++ b/cli/permissions.rs @@ -29,12 +29,13 @@ pub enum PermissionState { impl PermissionState { /// Checks the permission state and returns the result. - pub fn check(self, msg: &str, err_msg: &str) -> Result<(), ErrBox> { + pub fn check(self, msg: &str, flag_name: &str) -> Result<(), ErrBox> { if self == PermissionState::Allow { log_perm_access(msg); return Ok(()); } - Err(permission_denied_msg(err_msg.to_string())) + let m = format!("{}, run again with the {} flag", msg, flag_name); + Err(permission_denied_msg(m)) } pub fn is_allow(self) -> bool { self == PermissionState::Allow @@ -129,10 +130,9 @@ impl DenoPermissions { } pub fn check_run(&self) -> Result<(), ErrBox> { - self.allow_run.check( - "access to run a subprocess", - "run again with the --allow-run flag", - ) + self + .allow_run + .check("access to run a subprocess", "--allow-run") } fn get_state_read(&self, path: &Option<&Path>) -> PermissionState { @@ -145,7 +145,7 @@ impl DenoPermissions { pub fn check_read(&self, path: &Path) -> Result<(), ErrBox> { self.get_state_read(&Some(path)).check( &format!("read access to \"{}\"", path.display()), - "run again with the --allow-read flag", + "--allow-read", ) } @@ -159,7 +159,7 @@ impl DenoPermissions { pub fn check_write(&self, path: &Path) -> Result<(), ErrBox> { self.get_state_write(&Some(path)).check( &format!("write access to \"{}\"", path.display()), - "run again with the --allow-write flag", + "--allow-write", ) } @@ -188,30 +188,26 @@ impl DenoPermissions { pub fn check_net(&self, hostname: &str, port: u16) -> Result<(), ErrBox> { self.get_state_net(hostname, Some(port)).check( &format!("network access to \"{}:{}\"", hostname, port), - "run again with the --allow-net flag", + "--allow-net", ) } pub fn check_net_url(&self, url: &url::Url) -> Result<(), ErrBox> { self .get_state_net(&format!("{}", url.host().unwrap()), url.port()) - .check( - &format!("network access to \"{}\"", url), - "run again with the --allow-net flag", - ) + .check(&format!("network access to \"{}\"", url), "--allow-net") } pub fn check_env(&self) -> Result<(), ErrBox> { - self.allow_env.check( - "access to environment variables", - "run again with the --allow-env flag", - ) + self + .allow_env + .check("access to environment variables", "--allow-env") } pub fn check_plugin(&self, path: &Path) -> Result<(), ErrBox> { self.allow_plugin.check( &format!("access to open a plugin: {}", path.display()), - "run again with the --allow-plugin flag", + "--allow-plugin", ) } |