diff options
| author | Bartek IwaĆczuk <biwanczuk@gmail.com> | 2022-09-27 22:36:33 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-09-27 22:36:33 +0200 |
| commit | 212b7dd6da487c070229b6348ec7907b4fecbcf9 (patch) | |
| tree | 3eb743f90e8b293182a830722eb4ff26bec72039 /ext/net | |
| parent | a344368603063bcb281e743f3810ca1e4e46e85d (diff) | |
feat: Add requesting API name to permission prompt (#15936)
Co-authored-by: Leo Kettmeir <crowlkats@toaxl.com>
Diffstat (limited to 'ext/net')
| -rw-r--r-- | ext/net/lib.rs | 6 | ||||
| -rw-r--r-- | ext/net/ops.rs | 50 | ||||
| -rw-r--r-- | ext/net/ops_tls.rs | 12 |
3 files changed, 46 insertions, 22 deletions
diff --git a/ext/net/lib.rs b/ext/net/lib.rs index 249170060..35d612598 100644 --- a/ext/net/lib.rs +++ b/ext/net/lib.rs @@ -21,9 +21,11 @@ pub trait NetPermissions { fn check_net<T: AsRef<str>>( &mut self, _host: &(T, Option<u16>), + _api_name: &str, ) -> Result<(), AnyError>; - fn check_read(&mut self, _p: &Path) -> Result<(), AnyError>; - fn check_write(&mut self, _p: &Path) -> Result<(), AnyError>; + fn check_read(&mut self, _p: &Path, _api_name: &str) -> Result<(), AnyError>; + fn check_write(&mut self, _p: &Path, _api_name: &str) + -> Result<(), AnyError>; } /// `UnstableChecker` is a struct so it can be placed inside `GothamState`; diff --git a/ext/net/ops.rs b/ext/net/ops.rs index 36786cd86..41d04467e 100644 --- a/ext/net/ops.rs +++ b/ext/net/ops.rs @@ -252,8 +252,10 @@ where } if transport == "udp" => { { let mut s = state.borrow_mut(); - s.borrow_mut::<NP>() - .check_net(&(&args.hostname, Some(args.port)))?; + s.borrow_mut::<NP>().check_net( + &(&args.hostname, Some(args.port)), + "Deno.DatagramConn.send()", + )?; } let addr = resolve_addr(&args.hostname, args.port) .await? @@ -278,7 +280,8 @@ where let address_path = Path::new(&args.path); { let mut s = state.borrow_mut(); - s.borrow_mut::<NP>().check_write(address_path)?; + s.borrow_mut::<NP>() + .check_write(address_path, "Deno.DatagramConn.send()")?; } let resource = state .borrow() @@ -319,7 +322,7 @@ where let mut state_ = state.borrow_mut(); state_ .borrow_mut::<NP>() - .check_net(&(&args.hostname, Some(args.port)))?; + .check_net(&(&args.hostname, Some(args.port)), "Deno.connect()")?; } let addr = resolve_addr(&args.hostname, args.port) .await? @@ -354,8 +357,12 @@ where super::check_unstable2(&state, "Deno.connect"); { let mut state_ = state.borrow_mut(); - state_.borrow_mut::<NP>().check_read(address_path)?; - state_.borrow_mut::<NP>().check_write(address_path)?; + state_ + .borrow_mut::<NP>() + .check_read(address_path, "Deno.connect()")?; + state_ + .borrow_mut::<NP>() + .check_write(address_path, "Deno.connect()")?; } let path = args.path; let unix_stream = net_unix::UnixStream::connect(Path::new(&path)).await?; @@ -494,9 +501,10 @@ where if transport == "udp" { super::check_unstable(state, "Deno.listenDatagram"); } - state - .borrow_mut::<NP>() - .check_net(&(&args.hostname, Some(args.port)))?; + state.borrow_mut::<NP>().check_net( + &(&args.hostname, Some(args.port)), + "Deno.listenDatagram()", + )?; } let addr = resolve_addr_sync(&args.hostname, args.port)? .next() @@ -540,9 +548,14 @@ where if transport == "unixpacket" { super::check_unstable(state, "Deno.listenDatagram"); } + let api_name = if transport == "unix" { + "Deno.listen()" + } else { + "Deno.listenDatagram()" + }; let permissions = state.borrow_mut::<NP>(); - permissions.check_read(address_path)?; - permissions.check_write(address_path)?; + permissions.check_read(address_path, api_name)?; + permissions.check_write(address_path, api_name)?; } let (rid, local_addr) = if transport == "unix" { net_unix::listen_unix(state, address_path)? @@ -678,7 +691,7 @@ where let socker_addr = &ns.socket_addr; let ip = socker_addr.ip().to_string(); let port = socker_addr.port(); - perm.check_net(&(ip, Some(port)))?; + perm.check_net(&(ip, Some(port)), "Deno.resolveDns()")?; } } @@ -1010,15 +1023,24 @@ mod tests { fn check_net<T: AsRef<str>>( &mut self, _host: &(T, Option<u16>), + _api_name: &str, ) -> Result<(), AnyError> { Ok(()) } - fn check_read(&mut self, _p: &Path) -> Result<(), AnyError> { + fn check_read( + &mut self, + _p: &Path, + _api_name: &str, + ) -> Result<(), AnyError> { Ok(()) } - fn check_write(&mut self, _p: &Path) -> Result<(), AnyError> { + fn check_write( + &mut self, + _p: &Path, + _api_name: &str, + ) -> Result<(), AnyError> { Ok(()) } } diff --git a/ext/net/ops_tls.rs b/ext/net/ops_tls.rs index 1c91674df..230f4359e 100644 --- a/ext/net/ops_tls.rs +++ b/ext/net/ops_tls.rs @@ -799,7 +799,7 @@ where { let mut s = state.borrow_mut(); let permissions = s.borrow_mut::<NP>(); - permissions.check_net(&(hostname, Some(0)))?; + permissions.check_net(&(hostname, Some(0)), "Deno.startTls()")?; } let ca_certs = args @@ -904,9 +904,9 @@ where { let mut s = state.borrow_mut(); let permissions = s.borrow_mut::<NP>(); - permissions.check_net(&(hostname, Some(port)))?; + permissions.check_net(&(hostname, Some(port)), "Deno.connectTls()")?; if let Some(path) = cert_file { - permissions.check_read(Path::new(path))?; + permissions.check_read(Path::new(path), "Deno.connectTls()")?; } } @@ -1051,12 +1051,12 @@ where { let permissions = state.borrow_mut::<NP>(); - permissions.check_net(&(hostname, Some(port)))?; + permissions.check_net(&(hostname, Some(port)), "Deno.listenTls()")?; if let Some(path) = cert_file { - permissions.check_read(Path::new(path))?; + permissions.check_read(Path::new(path), "Deno.listenTls()")?; } if let Some(path) = key_file { - permissions.check_read(Path::new(path))?; + permissions.check_read(Path::new(path), "Deno.listenTls()")?; } } |