mirror of
https://github.com/denoland/deno.git
synced 2025-08-31 07:47:46 +00:00
fix: do special file permission check for check_read_path (#27989)
Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com>
This commit is contained in:
Divy Srivastava
GitHub
parent
7253820764
commit
cda0c5b3ae
9 changed files with 116 additions and 33 deletions
|
|
@ -2353,6 +2353,9 @@ pub enum PermissionCheckError {
|
|||
#[class(uri)]
|
||||
#[error(transparent)]
|
||||
HostParse(#[from] HostParseError),
|
||||
#[class("NotCapable")]
|
||||
#[error("Permission denied {0}")]
|
||||
NotCapable(&'static str),
|
||||
}
|
||||
|
||||
/// Wrapper struct for `Permissions` that can be shared across threads.
|
||||
|
|
@ -2589,6 +2592,7 @@ impl PermissionsContainer {
|
|||
}
|
||||
.into_read();
|
||||
inner.check(&desc, api_name)?;
|
||||
|
||||
Ok(Cow::Owned(desc.0.resolved))
|
||||
}
|
||||
}
|
||||
|
|
@ -2597,7 +2601,7 @@ impl PermissionsContainer {
|
|||
/// by replacing it with the given `display`.
|
||||
#[inline(always)]
|
||||
pub fn check_read_blind(
|
||||
&mut self,
|
||||
&self,
|
||||
path: &Path,
|
||||
display: &str,
|
||||
api_name: &str,
|
||||
|
|
@ -2714,7 +2718,7 @@ impl PermissionsContainer {
|
|||
|
||||
#[inline(always)]
|
||||
pub fn check_write_partial(
|
||||
&mut self,
|
||||
&self,
|
||||
path: &str,
|
||||
api_name: &str,
|
||||
) -> Result<PathBuf, PermissionCheckError> {
|
||||
|
|
@ -2731,7 +2735,7 @@ impl PermissionsContainer {
|
|||
|
||||
#[inline(always)]
|
||||
pub fn check_run(
|
||||
&mut self,
|
||||
&self,
|
||||
cmd: &RunQueryDescriptor,
|
||||
api_name: &str,
|
||||
) -> Result<(), PermissionCheckError> {
|
||||
|
|
@ -2767,25 +2771,25 @@ impl PermissionsContainer {
|
|||
}
|
||||
|
||||
#[inline(always)]
|
||||
pub fn check_env(&mut self, var: &str) -> Result<(), PermissionCheckError> {
|
||||
pub fn check_env(&self, var: &str) -> Result<(), PermissionCheckError> {
|
||||
self.inner.lock().env.check(var, None)?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[inline(always)]
|
||||
pub fn check_env_all(&mut self) -> Result<(), PermissionCheckError> {
|
||||
pub fn check_env_all(&self) -> Result<(), PermissionCheckError> {
|
||||
self.inner.lock().env.check_all()?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[inline(always)]
|
||||
pub fn check_sys_all(&mut self) -> Result<(), PermissionCheckError> {
|
||||
pub fn check_sys_all(&self) -> Result<(), PermissionCheckError> {
|
||||
self.inner.lock().sys.check_all()?;
|
||||
Ok(())
|
||||
}
|
||||
|
||||
#[inline(always)]
|
||||
pub fn check_ffi_all(&mut self) -> Result<(), PermissionCheckError> {
|
||||
pub fn check_ffi_all(&self) -> Result<(), PermissionCheckError> {
|
||||
self.inner.lock().ffi.check_all()?;
|
||||
Ok(())
|
||||
}
|
||||
|
|
@ -2794,7 +2798,7 @@ impl PermissionsContainer {
|
|||
/// permissions are enabled!
|
||||
#[inline(always)]
|
||||
pub fn check_was_allow_all_flag_passed(
|
||||
&mut self,
|
||||
&self,
|
||||
) -> Result<(), PermissionCheckError> {
|
||||
self.inner.lock().all.check()?;
|
||||
Ok(())
|
||||
|
|
@ -2803,7 +2807,7 @@ impl PermissionsContainer {
|
|||
/// Checks special file access, returning the failed permission type if
|
||||
/// not successful.
|
||||
pub fn check_special_file(
|
||||
&mut self,
|
||||
&self,
|
||||
path: &Path,
|
||||
_api_name: &str,
|
||||
) -> Result<(), &'static str> {
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue