diff options
| -rw-r--r-- | cli/ops.rs | 21 | ||||
| -rwxr-xr-x | tools/complex_permissions_test.py | 129 | ||||
| -rw-r--r-- | tools/complex_permissions_test.ts | 17 |
3 files changed, 51 insertions, 116 deletions
diff --git a/cli/ops.rs b/cli/ops.rs index 2960f3d9d..9b5bc0079 100644 --- a/cli/ops.rs +++ b/cli/ops.rs @@ -1625,18 +1625,19 @@ fn op_listen( data: Option<PinnedBuf>, ) -> Box<OpWithError> { assert!(data.is_none()); + if let Err(e) = state.check_net("listen") { + return odd_future(e); + } + let cmd_id = base.cmd_id(); let inner = base.inner_as_listen().unwrap(); let network = inner.network().unwrap(); assert_eq!(network, "tcp"); let address = inner.address().unwrap(); - if let Err(e) = state.check_net(&address) { - return odd_future(e); - } - Box::new(futures::future::result((move || { let addr = resolve_addr(address).wait()?; + let listener = TcpListener::bind(&addr)?; let resource = resources::add_tcp_listener(listener); @@ -1681,11 +1682,14 @@ fn new_conn(cmd_id: u32, tcp_stream: TcpStream) -> OpResult { } fn op_accept( - _state: &ThreadSafeState, + state: &ThreadSafeState, base: &msg::Base<'_>, data: Option<PinnedBuf>, ) -> Box<OpWithError> { assert!(data.is_none()); + if let Err(e) = state.check_net("accept") { + return odd_future(e); + } let cmd_id = base.cmd_id(); let inner = base.inner_as_accept().unwrap(); let server_rid = inner.rid(); @@ -1709,16 +1713,15 @@ fn op_dial( data: Option<PinnedBuf>, ) -> Box<OpWithError> { assert!(data.is_none()); + if let Err(e) = state.check_net("dial") { + return odd_future(e); + } let cmd_id = base.cmd_id(); let inner = base.inner_as_dial().unwrap(); let network = inner.network().unwrap(); assert_eq!(network, "tcp"); // TODO Support others. let address = inner.address().unwrap(); - if let Err(e) = state.check_net(&address) { - return odd_future(e); - } - let op = resolve_addr(address) .map_err(DenoError::from) diff --git a/tools/complex_permissions_test.py b/tools/complex_permissions_test.py index a338654fe..8fdc99d8b 100755 --- a/tools/complex_permissions_test.py +++ b/tools/complex_permissions_test.py @@ -8,7 +8,6 @@ import subprocess import sys import time -import http_server from util import build_path, root_path, executable_suffix, green_ok, red_failed PERMISSIONS_PROMPT_TEST_TS = "tools/complex_permissions_test.ts" @@ -97,53 +96,15 @@ class Prompt(object): test_type) wrap_test(test_name_base + "_no_prefix", self.test_no_prefix, test_type) - - test_name = "net_fetch" - test_name_base = "test_" + test_name - wrap_test(test_name_base + "_allow_localhost_4545", - self.test_allow_localhost_4545, test_name, - ["http://localhost:4545"]) - wrap_test(test_name_base + "_allow_deno_land", - self.test_allow_deno_land, test_name, - ["http://localhost:4545"]) - wrap_test(test_name_base + "_allow_localhost_4545_fail", - self.test_allow_localhost_4545_fail, test_name, - ["http://localhost:4546"]) - wrap_test(test_name_base + "_allow_localhost", - self.test_allow_localhost, test_name, [ - "http://localhost:4545", "http://localhost:4546", - "http://localhost:4547" - ]) - - test_name = "net_dial" - test_name_base = "test_" + test_name wrap_test(test_name_base + "_allow_localhost_4545", - self.test_allow_localhost_4545, test_name, - ["localhost:4545"]) + self.test_allow_localhost_4545) wrap_test(test_name_base + "_allow_deno_land", - self.test_allow_deno_land, test_name, ["localhost:4545"]) + self.test_allow_deno_land) wrap_test(test_name_base + "_allow_localhost_4545_fail", - self.test_allow_localhost_4545_fail, test_name, - ["localhost:4546"]) + self.test_allow_localhost_4545_fail) wrap_test(test_name_base + "_allow_localhost", - self.test_allow_localhost, test_name, - ["localhost:4545", "localhost:4546", "localhost:4547"]) + self.test_allow_localhost) - test_name = "net_listen" - test_name_base = "test_" + test_name - wrap_test(test_name_base + "_allow_localhost_4555", - self.test_allow_localhost_4555, test_name, - ["localhost:4555"]) - wrap_test(test_name_base + "_allow_deno_land", - self.test_allow_deno_land, test_name, ["localhost:4545"]) - wrap_test(test_name_base + "_allow_localhost_4555_fail", - self.test_allow_localhost_4555_fail, test_name, - ["localhost:4556"]) - wrap_test(test_name_base + "_allow_localhost", - self.test_allow_localhost, test_name, - ["localhost:4555", "localhost:4556", "localhost:4557"]) - - # read/write tests def test_inside_project_dir(self, test_type): code, _stdout, stderr = self.run( ["--no-prompt", "--allow-" + test_type + "=" + root_path], @@ -188,76 +149,63 @@ class Prompt(object): assert not PROMPT_PATTERN in stderr assert not PERMISSION_DENIED_PATTERN in stderr - def test_relative(self, test_type): - # Save and restore curdir - saved_curdir = os.getcwd() - os.chdir(root_path) - code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-" + test_type + "=" + "./tests"], - [test_type, "tests/subdir/config.json"], b'') - assert code == 0 - assert not PROMPT_PATTERN in stderr - assert not PERMISSION_DENIED_PATTERN in stderr - os.chdir(saved_curdir) - - def test_no_prefix(self, test_type): - # Save and restore curdir - saved_curdir = os.getcwd() - os.chdir(root_path) + def test_allow_localhost_4545(self): code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-" + test_type + "=" + "tests"], - [test_type, "tests/subdir/config.json"], b'') + ["--no-prompt", "--allow-net=localhost:4545"], + ["net", "http://localhost:4545"], b'') assert code == 0 assert not PROMPT_PATTERN in stderr assert not PERMISSION_DENIED_PATTERN in stderr - os.chdir(saved_curdir) - # net tests - def test_allow_localhost_4545(self, test_type, hosts): + def test_allow_deno_land(self): code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=localhost:4545"], [test_type] + hosts, - b'') - assert code == 0 - assert not PROMPT_PATTERN in stderr - assert not PERMISSION_DENIED_PATTERN in stderr - - def test_allow_localhost_4555(self, test_type, hosts): - code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=localhost:4555"], [test_type] + hosts, - b'') - assert code == 0 + ["--no-prompt", "--allow-net=deno.land"], + ["net", "http://localhost:4545"], b'') + assert code == 1 assert not PROMPT_PATTERN in stderr - assert not PERMISSION_DENIED_PATTERN in stderr + assert PERMISSION_DENIED_PATTERN in stderr - def test_allow_deno_land(self, test_type, hosts): + def test_allow_localhost_4545_fail(self): code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=deno.land"], [test_type] + hosts, b'') + ["--no-prompt", "--allow-net=localhost:4545"], + ["net", "http://localhost:4546"], b'') assert code == 1 assert not PROMPT_PATTERN in stderr assert PERMISSION_DENIED_PATTERN in stderr - def test_allow_localhost_4545_fail(self, test_type, hosts): + def test_allow_localhost(self): code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=localhost:4545"], [test_type] + hosts, - b'') - assert code == 1 + ["--no-prompt", "--allow-net=localhost"], [ + "net", "http://localhost:4545", "http://localhost:4546", + "http://localhost:4547" + ], b'') + assert code == 0 assert not PROMPT_PATTERN in stderr - assert PERMISSION_DENIED_PATTERN in stderr + assert not PERMISSION_DENIED_PATTERN in stderr - def test_allow_localhost_4555_fail(self, test_type, hosts): + def test_relative(self, test_type): + # Save and restore curdir + saved_curdir = os.getcwd() + os.chdir(root_path) code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=localhost:4555"], [test_type] + hosts, - b'') - assert code == 1 + ["--no-prompt", "--allow-" + test_type + "=" + "./tests"], + [test_type, "tests/subdir/config.json"], b'') + assert code == 0 assert not PROMPT_PATTERN in stderr - assert PERMISSION_DENIED_PATTERN in stderr + assert not PERMISSION_DENIED_PATTERN in stderr + os.chdir(saved_curdir) - def test_allow_localhost(self, test_type, hosts): + def test_no_prefix(self, test_type): + # Save and restore curdir + saved_curdir = os.getcwd() + os.chdir(root_path) code, _stdout, stderr = self.run( - ["--no-prompt", "--allow-net=localhost"], [test_type] + hosts, b'') + ["--no-prompt", "--allow-" + test_type + "=" + "tests"], + [test_type, "tests/subdir/config.json"], b'') assert code == 0 assert not PROMPT_PATTERN in stderr assert not PERMISSION_DENIED_PATTERN in stderr + os.chdir(saved_curdir) def complex_permissions_test(deno_exe): @@ -268,7 +216,6 @@ def complex_permissions_test(deno_exe): def main(): print "Permissions prompt tests" deno_exe = os.path.join(build_path(), "deno" + executable_suffix) - http_server.spawn() complex_permissions_test(deno_exe) diff --git a/tools/complex_permissions_test.ts b/tools/complex_permissions_test.ts index da3ca5314..72377ff93 100644 --- a/tools/complex_permissions_test.ts +++ b/tools/complex_permissions_test.ts @@ -11,23 +11,8 @@ const test: (args: string[]) => void = { (file): any => writeFileSync(file, new Uint8Array(), { append: true }) ); }, - net_fetch: (hosts: string[]): void => { + net: (hosts: string[]): void => { hosts.forEach((host): any => fetch(host)); - }, - net_listen: (hosts: string[]): void => { - hosts.forEach( - (host): any => { - const listener = Deno.listen("tcp", host); - listener.close(); - } - ); - }, - net_dial: async (hosts: string[]): Promise<void> => { - for (const host of hosts) { - console.log("host in dial:", host); - const listener = await Deno.dial("tcp", host); - listener.close(); - } } }[name]; |