mirror of
https://github.com/denoland/deno.git
synced 2025-08-04 10:59:13 +00:00
refactor: permissions (#7074)
This commit is contained in:
Nayeem Rahman
GitHub
parent
f6e9150b33
commit
015fa0bd41
24 changed files with 1051 additions and 724 deletions
|
|
@ -35,12 +35,18 @@ pub fn op_query_permission(
|
|||
) -> Result<JsonOp, OpError> {
|
||||
let args: PermissionArgs = serde_json::from_value(args)?;
|
||||
let state = state.borrow();
|
||||
let permissions = &state.permissions;
|
||||
let path = args.path.as_deref();
|
||||
let perm = state.permissions.get_permission_state(
|
||||
&args.name,
|
||||
&args.url.as_deref(),
|
||||
&path.as_deref().map(Path::new),
|
||||
)?;
|
||||
let perm = match args.name.as_ref() {
|
||||
"read" => permissions.query_read(&path.as_deref().map(Path::new)),
|
||||
"write" => permissions.query_write(&path.as_deref().map(Path::new)),
|
||||
"net" => permissions.query_net_url(&args.url.as_deref())?,
|
||||
"env" => permissions.query_env(),
|
||||
"run" => permissions.query_run(),
|
||||
"plugin" => permissions.query_plugin(),
|
||||
"hrtime" => permissions.query_hrtime(),
|
||||
n => return Err(OpError::other(format!("No such permission name: {}", n))),
|
||||
};
|
||||
Ok(JsonOp::Sync(json!({ "state": perm.to_string() })))
|
||||
}
|
||||
|
||||
|
|
@ -52,22 +58,17 @@ pub fn op_revoke_permission(
|
|||
let args: PermissionArgs = serde_json::from_value(args)?;
|
||||
let mut state = state.borrow_mut();
|
||||
let permissions = &mut state.permissions;
|
||||
match args.name.as_ref() {
|
||||
"run" => permissions.allow_run.revoke(),
|
||||
"read" => permissions.allow_read.revoke(),
|
||||
"write" => permissions.allow_write.revoke(),
|
||||
"net" => permissions.allow_net.revoke(),
|
||||
"env" => permissions.allow_env.revoke(),
|
||||
"plugin" => permissions.allow_plugin.revoke(),
|
||||
"hrtime" => permissions.allow_hrtime.revoke(),
|
||||
_ => {}
|
||||
};
|
||||
let path = args.path.as_deref();
|
||||
let perm = permissions.get_permission_state(
|
||||
&args.name,
|
||||
&args.url.as_deref(),
|
||||
&path.as_deref().map(Path::new),
|
||||
)?;
|
||||
let perm = match args.name.as_ref() {
|
||||
"read" => permissions.revoke_read(&path.as_deref().map(Path::new)),
|
||||
"write" => permissions.revoke_write(&path.as_deref().map(Path::new)),
|
||||
"net" => permissions.revoke_net(&args.url.as_deref())?,
|
||||
"env" => permissions.revoke_env(),
|
||||
"run" => permissions.revoke_run(),
|
||||
"plugin" => permissions.revoke_plugin(),
|
||||
"hrtime" => permissions.revoke_hrtime(),
|
||||
n => return Err(OpError::other(format!("No such permission name: {}", n))),
|
||||
};
|
||||
Ok(JsonOp::Sync(json!({ "state": perm.to_string() })))
|
||||
}
|
||||
|
||||
|
|
@ -81,14 +82,14 @@ pub fn op_request_permission(
|
|||
let permissions = &mut state.permissions;
|
||||
let path = args.path.as_deref();
|
||||
let perm = match args.name.as_ref() {
|
||||
"run" => Ok(permissions.request_run()),
|
||||
"read" => Ok(permissions.request_read(&path.as_deref().map(Path::new))),
|
||||
"write" => Ok(permissions.request_write(&path.as_deref().map(Path::new))),
|
||||
"net" => permissions.request_net(&args.url.as_deref()),
|
||||
"env" => Ok(permissions.request_env()),
|
||||
"plugin" => Ok(permissions.request_plugin()),
|
||||
"hrtime" => Ok(permissions.request_hrtime()),
|
||||
n => Err(OpError::other(format!("No such permission name: {}", n))),
|
||||
}?;
|
||||
"read" => permissions.request_read(&path.as_deref().map(Path::new)),
|
||||
"write" => permissions.request_write(&path.as_deref().map(Path::new)),
|
||||
"net" => permissions.request_net(&args.url.as_deref())?,
|
||||
"env" => permissions.request_env(),
|
||||
"run" => permissions.request_run(),
|
||||
"plugin" => permissions.request_plugin(),
|
||||
"hrtime" => permissions.request_hrtime(),
|
||||
n => return Err(OpError::other(format!("No such permission name: {}", n))),
|
||||
};
|
||||
Ok(JsonOp::Sync(json!({ "state": perm.to_string() })))
|
||||
}
|
||||
|
|
|
|||
|
|
@ -59,16 +59,20 @@ fn op_now(
|
|||
_args: Value,
|
||||
_zero_copy: &mut [ZeroCopyBuf],
|
||||
) -> Result<JsonOp, OpError> {
|
||||
let state = state.borrow();
|
||||
let seconds = state.start_time.elapsed().as_secs();
|
||||
let mut subsec_nanos = state.start_time.elapsed().subsec_nanos();
|
||||
let inner_state = state.borrow();
|
||||
let seconds = inner_state.start_time.elapsed().as_secs();
|
||||
let mut subsec_nanos = inner_state.start_time.elapsed().subsec_nanos();
|
||||
let reduced_time_precision = 2_000_000; // 2ms in nanoseconds
|
||||
|
||||
// If the permission is not enabled
|
||||
// Round the nano result on 2 milliseconds
|
||||
// see: https://developer.mozilla.org/en-US/docs/Web/API/DOMHighResTimeStamp#Reduced_time_precision
|
||||
if !state.permissions.allow_hrtime.is_allow() {
|
||||
subsec_nanos -= subsec_nanos % reduced_time_precision
|
||||
if let Err(op_error) = state.check_hrtime() {
|
||||
if op_error.kind_str == "PermissionDenied" {
|
||||
subsec_nanos -= subsec_nanos % reduced_time_precision;
|
||||
} else {
|
||||
return Err(op_error);
|
||||
}
|
||||
}
|
||||
|
||||
Ok(JsonOp::Sync(json!({
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue