Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(permission): Enhance --allow-env to Support Prefix, Suffix Wildcard Matching #25255

Open
wants to merge 23 commits into
base: main
Choose a base branch
from
Open

feat(permission): Enhance --allow-env to Support Prefix, Suffix Wildcard Matching #25255

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
23 commits
Select commit Hold shift + click to select a range
085b111
Add wildcard support to --allow-env flag for environment variable pat…
yazan-abdalrahman Aug 28, 2024
5e463d3
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Aug 28, 2024
1dae2e4
fix, test
yazan-abdalrahman Aug 28, 2024
849e194
Merge remote-tracking branch 'origin/Enhance---allow-env-to-Support-P…
yazan-abdalrahman Aug 28, 2024
574f292
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 3, 2024
8ae53a6
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 4, 2024
7d0b807
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 4, 2024
32af9f7
New solution with support env.get and set
yazan-abdalrahman Sep 4, 2024
ac39fc9
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
8603674
fmt
yazan-abdalrahman Sep 5, 2024
981a9ce
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
a7469b9
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
7a93a1a
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
8df48c3
fix
yazan-abdalrahman Sep 5, 2024
7ed8376
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
4c31cdd
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 5, 2024
b5c8bb8
fix new solution
yazan-abdalrahman Sep 5, 2024
24e2ac5
Merge remote-tracking branch 'origin/Enhance---allow-env-to-Support-P…
yazan-abdalrahman Sep 5, 2024
3076ca9
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 8, 2024
e49e0ef
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 10, 2024
6a368f9
Merge branch 'main' into Enhance---allow-env-to-Support-Prefix,-Suffi…
yazan-abdalrahman Sep 16, 2024
afff2c8
Merge branch 'refs/heads/main' into Enhance---allow-env-to-Support-Pr…
yazan-abdalrahman Sep 18, 2024
22b568f
fmt
yazan-abdalrahman Sep 18, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
8 changes: 3 additions & 5 deletions cli/args/flags.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,5 +1,8 @@
// Copyright 2018-2024 the Deno authors. All rights reserved. MIT license.

use crate::args::flags_net;
use crate::args::resolve_no_prompt;
use crate::util::fs::canonicalize_path;
use std::collections::HashSet;
use std::env;
use std::ffi::OsString;
Expand Down Expand Up @@ -40,11 +43,6 @@ use log::Level;
use serde::Deserialize;
use serde::Serialize;

use crate::args::resolve_no_prompt;
use crate::util::fs::canonicalize_path;

use super::flags_net;

#[derive(Clone, Debug, Default, Eq, PartialEq)]
pub enum ConfigFlag {
#[default]
Expand Down
29 changes: 29 additions & 0 deletions runtime/permissions/lib.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -969,6 +969,20 @@ impl EnvDescriptor {
pub fn new(env: impl AsRef<str>) -> Self {
Self(EnvVarName::new(env))
}
pub fn matches(&self, env: &str) -> bool {
let pattern = self.0.as_ref();
if let Some(prefix) = pattern.strip_suffix('*') {
if env.starts_with(prefix) {
return true;
}
}
if let Some(suffix) = pattern.strip_prefix('*') {
if env.ends_with(suffix) {
return true;
}
}
env == pattern
}
}

impl QueryDescriptor for EnvDescriptor {
Expand Down Expand Up @@ -1558,6 +1572,21 @@ impl UnaryPermission<EnvDescriptor> {
api_name: Option<&str>,
) -> Result<(), AnyError> {
skip_check_if_is_permission_fully_granted!(self);

let env_desc = EnvDescriptor::new(env);
let mut matched = false;

for desc in &self.granted_list {
if desc.matches(env) {
matched = true;
break;
}
}

if matched {
self.granted_list.insert(env_desc);
}

self.check_desc(Some(&EnvDescriptor::new(env)), false, api_name)
}

Expand Down
30 changes: 30 additions & 0 deletions tests/specs/permission/process_env_permissions/__test__.jsonc
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
{
"tempDir": true,
"tests": {
"deno_env_wildcard_tests": {
"envs": {
"MYAPP_HELLO": "Hello\tworld,",
"MYAPP_GOODBYE": "farewell",
"OTHER_VAR": "ignore"
},
"steps": [
{
"args": "run --allow-env=MYAPP_* main.js",
"output": "Hello\tworld,\nfarewell\ndone\n"
},
{
"args": "run --allow-env=*_HELLO,*_GOODBYE,*_DONE,*_TEST main.js",
"output": "Hello\tworld,\nfarewell\ndone\n"
},
{
"args": "run --allow-env main.js",
"output": "Hello\tworld,\nfarewell\ndone\n"
},
{
"args": "run --allow-env=MYAPP_HELLO,MYAPP_GOODBYE,MYAPP_TEST,MYAPP_DONE main.js",
"output": "Hello\tworld,\nfarewell\ndone\n"
}
]
}
}
}
5 changes: 5 additions & 0 deletions tests/specs/permission/process_env_permissions/main.js
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
console.log(Deno.env.get("MYAPP_HELLO"));
console.log(Deno.env.get("MYAPP_GOODBYE"));
Deno.env.set("MYAPP_TEST", "done");
Deno.env.set("MYAPP_DONE", "done");
console.log(Deno.env.get("MYAPP_DONE"));