feat: Add hint to permission prompt to display allow flag (#13695)

author: Ryan Dahl <ry@tinyclouds.org> 2022-02-16 18:14:46 -0500
committer: GitHub <noreply@github.com> 2022-02-17 00:14:46 +0100
commit: 57f4b0e5af12942a3b65659e57f016b712f1e1e5 (patch)
tree: d987e9134f922e55cda63c7e9003bdcb6c37f56d /runtime/permissions.rs
parent: 53088e16de9728696df12b04670a0f2d5203592b (diff)
1 files changed, 68 insertions, 38 deletions
diff --git a/runtime/permissions.rs b/runtime/permissions.rs
index 77ad8496f..88cd7b51b 100644
--- a/runtime/permissions.rs
+++ b/runtime/permissions.rs
@@ -84,6 +84,7 @@ impl PermissionState {
     name: &str,
     info: Option<&str>,
     prompt: bool,
+    flag: &str,
   ) -> (Result<(), AnyError>, bool) {
     match self {
       PermissionState::Granted => {
@@ -92,7 +93,7 @@ impl PermissionState {
       }
       PermissionState::Prompt if prompt => {
         let msg = Self::fmt_access(name, info);
-        if permission_prompt(&msg) {
+        if permission_prompt(&msg, flag) {
           Self::log_perm_access(name, info);
           (Ok(()), true)
         } else {
@@ -135,7 +136,10 @@ impl UnitPermission {
 
   pub fn request(&mut self) -> PermissionState {
     if self.state == PermissionState::Prompt {
-      if permission_prompt(&format!("access to {}", self.description)) {
+      if permission_prompt(
+        &format!("access to {}", self.description),
+        self.name,
+      ) {
         self.state = PermissionState::Granted;
       } else {
         self.state = PermissionState::Denied;
@@ -152,7 +156,8 @@ impl UnitPermission {
   }
 
   pub fn check(&mut self) -> Result<(), AnyError> {
-    let (result, prompted) = self.state.check(self.name, None, self.prompt);
+    let (result, prompted) =
+      self.state.check(self.name, None, self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.state = PermissionState::Granted;
@@ -311,10 +316,10 @@ impl UnaryPermission<ReadDescriptor> {
       let (resolved_path, display_path) = resolved_and_display_path(path);
       let state = self.query(Some(&resolved_path));
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!(
-          "read access to \"{}\"",
-          display_path.display()
-        )) {
+        if permission_prompt(
+          &format!("read access to \"{}\"", display_path.display()),
+          self.name,
+        ) {
           self.granted_list.insert(ReadDescriptor(resolved_path));
           PermissionState::Granted
         } else {
@@ -331,7 +336,7 @@ impl UnaryPermission<ReadDescriptor> {
     } else {
       let state = self.query(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("read access") {
+        if permission_prompt("read access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -366,6 +371,7 @@ impl UnaryPermission<ReadDescriptor> {
       self.name,
       Some(&format!("\"{}\"", display_path.display())),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -390,6 +396,7 @@ impl UnaryPermission<ReadDescriptor> {
       self.name,
       Some(&format!("<{}>", display)),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -404,7 +411,9 @@ impl UnaryPermission<ReadDescriptor> {
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
     let (result, prompted) =
-      self.query(None).check(self.name, Some("all"), self.prompt);
+      self
+        .query(None)
+        .check(self.name, Some("all"), self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -462,10 +471,10 @@ impl UnaryPermission<WriteDescriptor> {
       let (resolved_path, display_path) = resolved_and_display_path(path);
       let state = self.query(Some(&resolved_path));
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!(
-          "write access to \"{}\"",
-          display_path.display()
-        )) {
+        if permission_prompt(
+          &format!("write access to \"{}\"", display_path.display()),
+          self.name,
+        ) {
           self.granted_list.insert(WriteDescriptor(resolved_path));
           PermissionState::Granted
         } else {
@@ -482,7 +491,7 @@ impl UnaryPermission<WriteDescriptor> {
     } else {
       let state = self.query(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("write access") {
+        if permission_prompt("write access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -517,6 +526,7 @@ impl UnaryPermission<WriteDescriptor> {
       self.name,
       Some(&format!("\"{}\"", display_path.display())),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -531,7 +541,9 @@ impl UnaryPermission<WriteDescriptor> {
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
     let (result, prompted) =
-      self.query(None).check(self.name, Some("all"), self.prompt);
+      self
+        .query(None)
+        .check(self.name, Some("all"), self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -600,7 +612,10 @@ impl UnaryPermission<NetDescriptor> {
       let state = self.query(Some(host));
       let host = NetDescriptor::new(&host);
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!("network access to \"{}\"", host)) {
+        if permission_prompt(
+          &format!("network access to \"{}\"", host),
+          self.name,
+        ) {
           self.granted_list.insert(host);
           PermissionState::Granted
         } else {
@@ -617,7 +632,7 @@ impl UnaryPermission<NetDescriptor> {
     } else {
       let state = self.query::<&str>(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("network access") {
+        if permission_prompt("network access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -662,6 +677,7 @@ impl UnaryPermission<NetDescriptor> {
       self.name,
       Some(&format!("\"{}\"", new_host)),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -688,6 +704,7 @@ impl UnaryPermission<NetDescriptor> {
       self.name,
       Some(&format!("\"{}\"", display_host)),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -701,10 +718,12 @@ impl UnaryPermission<NetDescriptor> {
   }
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
-    let (result, prompted) =
-      self
-        .query::<&str>(None)
-        .check(self.name, Some("all"), self.prompt);
+    let (result, prompted) = self.query::<&str>(None).check(
+      self.name,
+      Some("all"),
+      self.prompt,
+      self.name,
+    );
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -755,7 +774,7 @@ impl UnaryPermission<EnvDescriptor> {
     if let Some(env) = env {
       let state = self.query(Some(env));
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!("env access to \"{}\"", env)) {
+        if permission_prompt(&format!("env access to \"{}\"", env), self.name) {
           self.granted_list.insert(EnvDescriptor::new(env));
           PermissionState::Granted
         } else {
@@ -772,7 +791,7 @@ impl UnaryPermission<EnvDescriptor> {
     } else {
       let state = self.query(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("env access") {
+        if permission_prompt("env access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -803,6 +822,7 @@ impl UnaryPermission<EnvDescriptor> {
       self.name,
       Some(&format!("\"{}\"", env)),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -817,7 +837,9 @@ impl UnaryPermission<EnvDescriptor> {
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
     let (result, prompted) =
-      self.query(None).check(self.name, Some("all"), self.prompt);
+      self
+        .query(None)
+        .check(self.name, Some("all"), self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -871,7 +893,7 @@ impl UnaryPermission<RunDescriptor> {
     if let Some(cmd) = cmd {
       let state = self.query(Some(cmd));
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!("run access to \"{}\"", cmd)) {
+        if permission_prompt(&format!("run access to \"{}\"", cmd), self.name) {
           self
             .granted_list
             .insert(RunDescriptor::from_str(cmd).unwrap());
@@ -894,7 +916,7 @@ impl UnaryPermission<RunDescriptor> {
     } else {
       let state = self.query(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("run access") {
+        if permission_prompt("run access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -927,6 +949,7 @@ impl UnaryPermission<RunDescriptor> {
       self.name,
       Some(&format!("\"{}\"", cmd)),
       self.prompt,
+      self.name,
     );
     if prompted {
       if result.is_ok() {
@@ -945,7 +968,9 @@ impl UnaryPermission<RunDescriptor> {
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
     let (result, prompted) =
-      self.query(None).check(self.name, Some("all"), self.prompt);
+      self
+        .query(None)
+        .check(self.name, Some("all"), self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -997,10 +1022,10 @@ impl UnaryPermission<FfiDescriptor> {
       let (resolved_path, display_path) = resolved_and_display_path(path);
       let state = self.query(Some(&resolved_path));
       if state == PermissionState::Prompt {
-        if permission_prompt(&format!(
-          "ffi access to \"{}\"",
-          display_path.display()
-        )) {
+        if permission_prompt(
+          &format!("ffi access to \"{}\"", display_path.display()),
+          self.name,
+        ) {
           self.granted_list.insert(FfiDescriptor(resolved_path));
           PermissionState::Granted
         } else {
@@ -1017,7 +1042,7 @@ impl UnaryPermission<FfiDescriptor> {
     } else {
       let state = self.query(None);
       if state == PermissionState::Prompt {
-        if permission_prompt("ffi access") {
+        if permission_prompt("ffi access", self.name) {
           self.granted_list.clear();
           self.global_state = PermissionState::Granted;
           PermissionState::Granted
@@ -1051,6 +1076,7 @@ impl UnaryPermission<FfiDescriptor> {
         self.name,
         Some(&format!("\"{}\"", display_path.display())),
         self.prompt,
+        self.name,
       );
 
       if prompted {
@@ -1065,7 +1091,9 @@ impl UnaryPermission<FfiDescriptor> {
       result
     } else {
       let (result, prompted) =
-        self.query(None).check(self.name, None, self.prompt);
+        self
+          .query(None)
+          .check(self.name, None, self.prompt, self.name);
 
       if prompted {
         if result.is_ok() {
@@ -1081,7 +1109,9 @@ impl UnaryPermission<FfiDescriptor> {
 
   pub fn check_all(&mut self) -> Result<(), AnyError> {
     let (result, prompted) =
-      self.query(None).check(self.name, Some("all"), self.prompt);
+      self
+        .query(None)
+        .check(self.name, Some("all"), self.prompt, self.name);
     if prompted {
       if result.is_ok() {
         self.global_state = PermissionState::Granted;
@@ -1867,7 +1897,7 @@ pub fn create_child_permissions(
 /// Shows the permission prompt and returns the answer according to the user input.
 /// This loops until the user gives the proper input.
 #[cfg(not(test))]
-fn permission_prompt(message: &str) -> bool {
+fn permission_prompt(message: &str, name: &str) -> bool {
   if !atty::is(atty::Stream::Stdin) || !atty::is(atty::Stream::Stderr) {
     return false;
   };
@@ -1978,8 +2008,8 @@ fn permission_prompt(message: &str) -> bool {
 
   let opts = "[y/n (y = yes allow, n = no deny)] ";
   let msg = format!(
-    "{}  ️Deno requests {}. Allow? {}",
-    PERMISSION_EMOJI, message, opts
+    "{}  ️Deno requests {}. Run again with --allow-{} to bypass this prompt.\n   Allow? {} ",
+    PERMISSION_EMOJI, message, name, opts
   );
   // print to stderr so that if deno is > to a file this is still displayed.
   eprint!("{}", colors::bold(&msg));
@@ -2009,7 +2039,7 @@ fn permission_prompt(message: &str) -> bool {
 // When testing, permission prompt returns the value of STUB_PROMPT_VALUE
 // which we set from the test functions.
 #[cfg(test)]
-fn permission_prompt(_message: &str) -> bool {
+fn permission_prompt(_message: &str, _flag: &str) -> bool {
   STUB_PROMPT_VALUE.load(Ordering::SeqCst)
 }
author	Ryan Dahl <ry@tinyclouds.org>	2022-02-16 18:14:46 -0500
committer	GitHub <noreply@github.com>	2022-02-17 00:14:46 +0100
commit	57f4b0e5af12942a3b65659e57f016b712f1e1e5 (patch)
tree	d987e9134f922e55cda63c7e9003bdcb6c37f56d /runtime/permissions.rs
parent	53088e16de9728696df12b04670a0f2d5203592b (diff)