Merge pull request #101 from Shopify/fix-75

x4d3 · web-flow · commit e54b01bd57fe · 2022-10-07T09:36:28.000+01:00
Fix #75 Untrusted directory error message should mention the directory
diff --git a/Cargo.lock b/Cargo.lock
diff --git a/Cargo.toml b/Cargo.toml
@@ -30,3 +30,4 @@ rand = "0.7"
 [dev-dependencies]
 quickcheck = "1.0.3"
 quickcheck_macros = "1.0.0"
+tempfile = "3.3.0"
diff --git a/src/hook.rs b/src/hook.rs
@@ -114,9 +114,12 @@ pub fn load_env(
 
 /// Load a Source from the current dir, ensuring that it is trusted.
 fn load_trusted_source(pathbuf: PathBuf) -> Result<Option<Source>, Error> {
-    if let Some(root) = loader::find_root(pathbuf, loader::DEFAULT_RELATIVE_COMPONENT)? {
+    if let Some(root) = loader::find_root(&pathbuf, loader::DEFAULT_RELATIVE_COMPONENT)? {
         if !trust::is_dir_trusted(&root)? {
-            return Err(trust::NotTrusted {}.into());
+            return Err(trust::NotTrusted {
+                not_trusted_dir_path: pathbuf.to_string_lossy().to_string(),
+            }
+            .into());
         }
         return Ok(loader::load(root)?);
     }
@@ -196,3 +199,19 @@ pub fn apply_env(
 fn shell_escape(s: &str) -> String {
     shell::escape(Cow::from(s)).to_string()
 }
+
+#[cfg(test)]
+mod tests {
+    use super::*;
+    use std::fs;
+    use tempfile::tempdir;
+    #[test]
+    fn load_trusted_source_returns_an_error_for_untrusted_folders() {
+        let temp_dir = tempdir().unwrap().into_path();
+        let path = temp_dir.to_string_lossy().to_string();
+        fs::create_dir(temp_dir.join(".shadowenv.d")).unwrap();
+        let result = load_trusted_source(temp_dir);
+        assert!(result.is_err());
+        assert_eq!(format!("directory: '{}' contains untrusted shadowenv program: `shadowenv help trust` to learn more.", path), result.err().unwrap().to_string())
+    }
+}
diff --git a/src/loader.rs b/src/loader.rs
@@ -11,12 +11,12 @@ pub const DEFAULT_RELATIVE_COMPONENT: &'static str = ".shadowenv.d";
 
 /// Search upwards the filesystem branch starting with `at` and then its ancestors looking
 /// for a file or directory named `relative_component`.
-pub fn find_root(at: PathBuf, relative_component: &str) -> Result<Option<PathBuf>, Error> {
+pub fn find_root(at: &PathBuf, relative_component: &str) -> Result<Option<PathBuf>, Error> {
     for curr in at.ancestors() {
         let dirpath = curr.join(relative_component);
 
         match fs::read_dir(&dirpath) {
-            Ok(_) => return Ok(Some(std::fs::canonicalize(dirpath)?)),
+            Ok(_) => return Ok(Some(fs::canonicalize(dirpath)?)),
             Err(ref e) if e.kind() == ErrorKind::NotFound => (),
             Err(e) => return Err(e.into()),
         }
diff --git a/src/output.rs b/src/output.rs
@@ -72,7 +72,7 @@ fn backticks_to_bright_green(err: Error) -> String {
 
 fn check_and_trigger_cooldown(err: &Error, shellpid: u32) -> Result<bool, Error> {
     // if no .shadowenv.d, then Err(_) just means no cooldown: always display error.
-    let root = loader::find_root(env::current_dir()?, loader::DEFAULT_RELATIVE_COMPONENT)?
+    let root = loader::find_root(&env::current_dir()?, loader::DEFAULT_RELATIVE_COMPONENT)?
         .ok_or_else(|| format_err!("no .shadowenv.d"))?;
 
     let _ = clean_up_stale_errors(&root, Duration::new(300, 0));
diff --git a/src/trust.rs b/src/trust.rs
@@ -17,14 +17,17 @@ pub struct NoShadowenv;
 
 #[derive(Fail, Debug)]
 #[fail(
-    display = "directory contains untrusted shadowenv program: `shadowenv help trust` to learn more."
+    display = "directory: '{}' contains untrusted shadowenv program: `shadowenv help trust` to learn more.",
+    not_trusted_dir_path
 )]
-pub struct NotTrusted;
+pub struct NotTrusted {
+    pub not_trusted_dir_path: String,
+}
 
 pub fn is_dir_trusted(dir: &PathBuf) -> Result<bool, Error> {
     let signer = load_or_generate_signer().unwrap();
 
-    let root = match loader::find_root(dir.to_path_buf(), loader::DEFAULT_RELATIVE_COMPONENT)? {
+    let root = match loader::find_root(&dir.to_path_buf(), loader::DEFAULT_RELATIVE_COMPONENT)? {
         None => return Err(NoShadowenv {}.into()),
         Some(r) => r,
     };
@@ -52,7 +55,7 @@ pub fn is_dir_trusted(dir: &PathBuf) -> Result<bool, Error> {
 }
 
 fn load_or_generate_signer() -> Result<Keypair, Error> {
-    let path = format!("{}/.config/shadowenv/trust-key-v2", std::env::var("HOME")?);
+    let path = format!("{}/.config/shadowenv/trust-key-v2", env::var("HOME")?);
 
     let r_o_bytes: Result<Option<Vec<u8>>, Error> = match fs::read(Path::new(&path)) {
         Ok(bytes) => Ok(Some(bytes)),
@@ -67,7 +70,7 @@ fn load_or_generate_signer() -> Result<Keypair, Error> {
         None => {
             let mut csprng = OsRng {};
             let seed = Keypair::generate(&mut csprng);
-            std::fs::create_dir_all(Path::new(&path).to_path_buf().parent().unwrap())?;
+            fs::create_dir_all(Path::new(&path).to_path_buf().parent().unwrap())?;
             let mut file = match File::create(OsString::from(&path)) {
                 // TODO: error type
                 Err(why) => panic!("couldn''t write to {}: {}", path, why),
@@ -85,7 +88,7 @@ fn load_or_generate_signer() -> Result<Keypair, Error> {
 pub fn run() -> Result<(), Error> {
     let signer = load_or_generate_signer().unwrap();
 
-    let root = match loader::find_root(env::current_dir()?, loader::DEFAULT_RELATIVE_COMPONENT)? {
+    let root = match loader::find_root(&env::current_dir()?, loader::DEFAULT_RELATIVE_COMPONENT)? {
         None => return Err(NoShadowenv {}.into()),
         Some(r) => r,
     };
