fix(npm): allow to read package.json if permissions are granted (#17209)

This commit changes signature of "deno_core::ModuleLoader::resolve" to pass
an enum indicating whether or not we're resolving a specifier for dynamic import.

Additionally "CliModuleLoader" was changes to store both "parent permissions" (or
"root permissions") as well as "dynamic permissions" that allow to check for permissions
in top-level module load an dynamic imports.

Then all code paths that have anything to do with Node/npm compat are now checking
for permissions which are passed from module loader instance associated with given
worker.

1 files changed, 7 insertions, 0 deletions

diff --git a/cli/tests/npm_tests.rs b/cli/tests/npm_tests.rs
index aa0563ef9..c0ff56f2d 100644
--- a/cli/tests/npm_tests.rs
+++ b/cli/tests/npm_tests.rs
@@ -360,6 +360,13 @@ mod npm {
     exit_code: 1,
   });
 
+  itest!(permissions_outside_package {
+    args: "run --allow-read npm/permissions_outside_package/main.ts",
+    output: "npm/permissions_outside_package/main.out",
+    envs: env_vars_for_npm_tests(),
+    http_server: true,
+  });
+
   #[test]
   fn parallel_downloading() {
     let (out, _err) = util::run_and_collect_output_with_args(