refactor(permissions): split up Descriptor into Allow, Deny, and Query (#25508)

This makes the permission system more versatile.

1 files changed, 20 insertions, 7 deletions

diff --git a/ext/fetch/lib.rs b/ext/fetch/lib.rs
index 79659771e..88f303852 100644
--- a/ext/fetch/lib.rs
+++ b/ext/fetch/lib.rs
@@ -299,10 +299,15 @@ impl Drop for ResourceToBodyAdapter {
 pub trait FetchPermissions {
   fn check_net_url(
     &mut self,
-    _url: &Url,
+    url: &Url,
     api_name: &str,
   ) -> Result<(), AnyError>;
-  fn check_read(&mut self, _p: &Path, api_name: &str) -> Result<(), AnyError>;
+  #[must_use = "the resolved return value to mitigate time-of-check to time-of-use issues"]
+  fn check_read<'a>(
+    &mut self,
+    p: &'a Path,
+    api_name: &str,
+  ) -> Result<Cow<'a, Path>, AnyError>;
 }
 
 impl FetchPermissions for deno_permissions::PermissionsContainer {
@@ -316,12 +321,16 @@ impl FetchPermissions for deno_permissions::PermissionsContainer {
   }
 
   #[inline(always)]
-  fn check_read(
+  fn check_read<'a>(
     &mut self,
-    path: &Path,
+    path: &'a Path,
     api_name: &str,
-  ) -> Result<(), AnyError> {
-    deno_permissions::PermissionsContainer::check_read(self, path, api_name)
+  ) -> Result<Cow<'a, Path>, AnyError> {
+    deno_permissions::PermissionsContainer::check_read_path(
+      self,
+      path,
+      Some(api_name),
+    )
   }
 }
 
@@ -359,7 +368,11 @@ where
         type_error("NetworkError when attempting to fetch resource")
       })?;
       let permissions = state.borrow_mut::<FP>();
-      permissions.check_read(&path, "fetch()")?;
+      let path = permissions.check_read(&path, "fetch()")?;
+      let url = match path {
+        Cow::Owned(path) => Url::from_file_path(path).unwrap(),
+        Cow::Borrowed(_) => url,
+      };
 
       if method != Method::GET {
         return Err(type_error(format!(