From ee2b6899a1e6a3108bad43443f130ca2dd86a697 Mon Sep 17 00:00:00 2001
From: Bedis Nbiba <bedisnbiba@gmail.com>
Date: Mon, 19 Aug 2024 18:45:10 +0100
Subject: fix: add permission name when accessing a special file errors
 (#25085)

---
 tests/unit/os_test.ts | 32 ++++++++++++++++++++++++++++++++
 1 file changed, 32 insertions(+)

(limited to 'tests/unit')

diff --git a/tests/unit/os_test.ts b/tests/unit/os_test.ts
index 30d8f26ee..80b421e63 100644
--- a/tests/unit/os_test.ts
+++ b/tests/unit/os_test.ts
@@ -3,6 +3,7 @@ import {
   assert,
   assertEquals,
   assertNotEquals,
+  assertStringIncludes,
   assertThrows,
 } from "./test_util.ts";
 
@@ -196,6 +197,37 @@ Deno.test({ permissions: { read: false } }, function execPathPerm() {
   );
 });
 
+Deno.test(async function execPathPerm() {
+  if (Deno.build.os !== "linux") return;
+  // This is hack to bypass a bug in deno test runner,
+  // Currently if you specify {read: true} permission, it will stil pass --allow-all (tests are run with deno test --allow-all) implicitly, so this test won't work
+  // The workaround is to spawn a deno executable with the needed permissions
+  // TODO(#25085): remove this hack when the bug is fixed
+  const cmd = new Deno.Command(Deno.execPath(), {
+    args: ["run", "--allow-read", "-"],
+    stdin: "piped",
+    stderr: "piped",
+  }).spawn();
+  const stdinWriter = cmd.stdin.getWriter();
+  await stdinWriter
+    .write(
+      new TextEncoder().encode('Deno.readTextFileSync("/proc/net/dev")'),
+    );
+  await stdinWriter.close();
+  await cmd.status;
+
+  const stderrReder = cmd.stderr.getReader();
+  const error = await stderrReder
+    .read()
+    .then((r) => new TextDecoder().decode(r.value));
+  await stderrReder.cancel();
+
+  assertStringIncludes(
+    error,
+    `PermissionDenied: Requires all access to "/proc/net/dev", run again with the --allow-all flag`,
+  );
+});
+
 Deno.test(
   { permissions: { sys: ["loadavg"] } },
   function loadavgSuccess() {
-- 
cgit v1.2.3