fix(shell): fix schema requiring sidecar property even though it is optional (#1839)

amrbashir · lucasfernog · web-flow · commit 44273b988957 · 2024-10-01T10:16:14.000-03:00
* fix(shell): fix schema requiring `sidecar` property even though it is optional

* fix clippy

* make `cmd` and `sidecar` exclusive

* make args optional

* cleanup

---------

Co-authored-by: Lucas Nogueira &lt;lucas@tauri.app&gt;
diff --git a/.changes/shell-schema-required-sidcar.md b/.changes/shell-schema-required-sidcar.md
@@ -0,0 +1,6 @@
+---
+"shell": "patch"
+---
+
+Fix the plugin schema requiring to set `sidecar` property when it is in fact optional. 
+
diff --git a/plugins/fs/build.rs b/plugins/fs/build.rs
@@ -24,14 +24,16 @@ enum FsScopeEntry {
     },
 }
 
-// Ensure scope entry is kept up to date
-impl From<FsScopeEntry> for scope::EntryRaw {
-    fn from(value: FsScopeEntry) -> Self {
-        match value {
-            FsScopeEntry::Value(path) => scope::EntryRaw::Value(path),
-            FsScopeEntry::Object { path } => scope::EntryRaw::Object { path },
-        }
-    }
+// Ensure `FsScopeEntry` and `scope::EntryRaw` is kept in sync
+fn _f() {
+    match scope::EntryRaw::Value(PathBuf::new()) {
+        scope::EntryRaw::Value(path) => FsScopeEntry::Value(path),
+        scope::EntryRaw::Object { path } => FsScopeEntry::Object { path },
+    };
+    match FsScopeEntry::Value(PathBuf::new()) {
+        FsScopeEntry::Value(path) => scope::EntryRaw::Value(path),
+        FsScopeEntry::Object { path } => scope::EntryRaw::Object { path },
+    };
 }
 
 const BASE_DIR_VARS: &[&str] = &[
diff --git a/plugins/fs/src/scope.rs b/plugins/fs/src/scope.rs
@@ -13,10 +13,9 @@ use std::{
 
 use serde::Deserialize;
 
-#[doc(hidden)]
 #[derive(Deserialize)]
 #[serde(untagged)]
-pub enum EntryRaw {
+pub(crate) enum EntryRaw {
     Value(PathBuf),
     Object { path: PathBuf },
 }
diff --git a/plugins/http/build.rs b/plugins/http/build.rs
@@ -47,23 +47,16 @@ enum HttpScopeEntry {
     },
 }
 
-// Ensure scope entry is kept up to date
-impl From<HttpScopeEntry> for scope::Entry {
-    fn from(value: HttpScopeEntry) -> Self {
-        let url = match value {
-            HttpScopeEntry::Value(url) => url,
-            HttpScopeEntry::Object { url } => url,
-        };
-
-        scope::Entry {
-            url: urlpattern::UrlPattern::parse(
-                urlpattern::UrlPatternInit::parse_constructor_string::<regex::Regex>(&url, None)
-                    .unwrap(),
-                Default::default(),
-            )
-            .unwrap(),
-        }
-    }
+// Ensure `HttpScopeEntry` and `scope::EntryRaw` is kept in sync
+fn _f() {
+    match scope::EntryRaw::Value(String::new()) {
+        scope::EntryRaw::Value(url) => HttpScopeEntry::Value(url),
+        scope::EntryRaw::Object { url } => HttpScopeEntry::Object { url },
+    };
+    match HttpScopeEntry::Value(String::new()) {
+        HttpScopeEntry::Value(url) => scope::EntryRaw::Value(url),
+        HttpScopeEntry::Object { url } => scope::EntryRaw::Object { url },
+    };
 }
 
 fn main() {
diff --git a/plugins/http/src/scope.rs b/plugins/http/src/scope.rs
@@ -33,18 +33,18 @@ fn parse_url_pattern(s: &str) -> Result<UrlPattern, urlpattern::quirks::Error> {
     UrlPattern::parse(init, Default::default())
 }
 
+#[derive(Deserialize)]
+#[serde(untagged)]
+pub(crate) enum EntryRaw {
+    Value(String),
+    Object { url: String },
+}
+
 impl<'de> Deserialize<'de> for Entry {
     fn deserialize<D>(deserializer: D) -> std::result::Result<Self, D::Error>
     where
         D: Deserializer<'de>,
     {
-        #[derive(Deserialize)]
-        #[serde(untagged)]
-        enum EntryRaw {
-            Value(String),
-            Object { url: String },
-        }
-
         EntryRaw::deserialize(deserializer).and_then(|raw| {
             let url = match raw {
                 EntryRaw::Value(url) => url,
diff --git a/plugins/shell/Cargo.toml b/plugins/shell/Cargo.toml
@@ -27,7 +27,6 @@ serde = { workspace = true }
 
 [dependencies]
 serde = { workspace = true }
-schemars = { workspace = true }
 serde_json = { workspace = true }
 tauri = { workspace = true }
 tokio = { version = "1", features = ["time"] }
diff --git a/plugins/shell/build.rs b/plugins/shell/build.rs
@@ -2,15 +2,173 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-License-Identifier: MIT
 
+use std::path::PathBuf;
+
+use schemars::JsonSchema;
+
 #[path = "src/scope_entry.rs"]
 mod scope_entry;
 
+/// A command argument allowed to be executed by the webview API.
+#[derive(Debug, PartialEq, Eq, Clone, Hash, schemars::JsonSchema)]
+#[serde(untagged, deny_unknown_fields)]
+#[non_exhaustive]
+pub enum ShellScopeEntryAllowedArg {
+    /// A non-configurable argument that is passed to the command in the order it was specified.
+    Fixed(String),
+
+    /// A variable that is set while calling the command from the webview API.
+    ///
+    Var {
+        /// [regex] validator to require passed values to conform to an expected input.
+        ///
+        /// This will require the argument value passed to this variable to match the `validator` regex
+        /// before it will be executed.
+        ///
+        /// The regex string is by default surrounded by `^...$` to match the full string.
+        /// For example the `https?://\w+` regex would be registered as `^https?://\w+$`.
+        ///
+        /// [regex]: <https://docs.rs/regex/latest/regex/#syntax>
+        validator: String,
+
+        /// Marks the validator as a raw regex, meaning the plugin should not make any modification at runtime.
+        ///
+        /// This means the regex will not match on the entire string by default, which might
+        /// be exploited if your regex allow unexpected input to be considered valid.
+        /// When using this option, make sure your regex is correct.
+        #[serde(default)]
+        raw: bool,
+    },
+}
+
+/// A set of command arguments allowed to be executed by the webview API.
+///
+/// A value of `true` will allow any arguments to be passed to the command. `false` will disable all
+/// arguments. A list of [`ShellScopeEntryAllowedArg`] will set those arguments as the only valid arguments to
+/// be passed to the attached command configuration.
+#[derive(Debug, PartialEq, Eq, Clone, Hash, JsonSchema)]
+#[serde(untagged, deny_unknown_fields)]
+#[non_exhaustive]
+pub enum ShellScopeEntryAllowedArgs {
+    /// Use a simple boolean to allow all or disable all arguments to this command configuration.
+    Flag(bool),
+
+    /// A specific set of [`ShellScopeEntryAllowedArg`] that are valid to call for the command configuration.
+    List(Vec<ShellScopeEntryAllowedArg>),
+}
+
+impl Default for ShellScopeEntryAllowedArgs {
+    fn default() -> Self {
+        Self::Flag(false)
+    }
+}
+
+/// Shell scope entry.
+#[derive(JsonSchema)]
+#[serde(untagged, deny_unknown_fields)]
+#[allow(unused)]
+pub(crate) enum ShellScopeEntry {
+    Command {
+        /// The name for this allowed shell command configuration.
+        ///
+        /// This name will be used inside of the webview API to call this command along with
+        /// any specified arguments.
+        name: String,
+        /// The command name.
+        /// It can start with a variable that resolves to a system base directory.
+        /// The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`,
+        /// `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`,
+        /// `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`,
+        /// `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`.
+        // use default just so the schema doesn't flag it as required
+        #[serde(rename = "cmd")]
+        command: PathBuf,
+        /// The allowed arguments for the command execution.
+        #[serde(default)]
+        args: ShellScopeEntryAllowedArgs,
+    },
+    Sidecar {
+        /// The name for this allowed shell command configuration.
+        ///
+        /// This name will be used inside of the webview API to call this command along with
+        /// any specified arguments.
+        name: String,
+        /// The allowed arguments for the command execution.
+        #[serde(default)]
+        args: ShellScopeEntryAllowedArgs,
+        /// If this command is a sidecar command.
+        sidecar: bool,
+    },
+}
+
+// Ensure `ShellScopeEntry` and `scope_entry::EntryRaw`
+// and `ShellScopeEntryAllowedArg` and `ShellAllowedArg`
+// and `ShellScopeEntryAllowedArgs` and `ShellAllowedArgs`
+// are kept in sync
+#[allow(clippy::unnecessary_operation)]
+fn _f() {
+    match (ShellScopeEntry::Sidecar {
+        name: String::new(),
+        args: ShellScopeEntryAllowedArgs::Flag(false),
+        sidecar: true,
+    }) {
+        ShellScopeEntry::Command {
+            name,
+            command,
+            args,
+        } => scope_entry::EntryRaw {
+            name,
+            command: Some(command),
+            args: match args {
+                ShellScopeEntryAllowedArgs::Flag(flag) => scope_entry::ShellAllowedArgs::Flag(flag),
+                ShellScopeEntryAllowedArgs::List(vec) => scope_entry::ShellAllowedArgs::List(
+                    vec.into_iter()
+                        .map(|s| match s {
+                            ShellScopeEntryAllowedArg::Fixed(fixed) => {
+                                scope_entry::ShellAllowedArg::Fixed(fixed)
+                            }
+                            ShellScopeEntryAllowedArg::Var { validator, raw } => {
+                                scope_entry::ShellAllowedArg::Var { validator, raw }
+                            }
+                        })
+                        .collect(),
+                ),
+            },
+            sidecar: false,
+        },
+        ShellScopeEntry::Sidecar {
+            name,
+            args,
+            sidecar,
+        } => scope_entry::EntryRaw {
+            name,
+            command: None,
+            args: match args {
+                ShellScopeEntryAllowedArgs::Flag(flag) => scope_entry::ShellAllowedArgs::Flag(flag),
+                ShellScopeEntryAllowedArgs::List(vec) => scope_entry::ShellAllowedArgs::List(
+                    vec.into_iter()
+                        .map(|s| match s {
+                            ShellScopeEntryAllowedArg::Fixed(fixed) => {
+                                scope_entry::ShellAllowedArg::Fixed(fixed)
+                            }
+                            ShellScopeEntryAllowedArg::Var { validator, raw } => {
+                                scope_entry::ShellAllowedArg::Var { validator, raw }
+                            }
+                        })
+                        .collect(),
+                ),
+            },
+            sidecar,
+        },
+    };
+}
+
 const COMMANDS: &[&str] = &["execute", "spawn", "stdin_write", "kill", "open"];
 
 fn main() {
     tauri_plugin::Builder::new(COMMANDS)
         .global_api_script_path("./api-iife.js")
-        .global_scope_schema(schemars::schema_for!(scope_entry::Entry))
+        .global_scope_schema(schemars::schema_for!(ShellScopeEntry))
         .android_path("android")
         .ios_path("ios")
         .build();
diff --git a/plugins/shell/src/scope_entry.rs b/plugins/shell/src/scope_entry.rs
diff --git a/plugins/updater/tests/app-updater/tests/update.rs b/plugins/updater/tests/app-updater/tests/update.rs
diff --git a/plugins/updater/tests/updater-migration/tests/update.rs b/plugins/updater/tests/updater-migration/tests/update.rs

-Original file line number
+Diff line change
@@ @@ -0,0 +1,6 @@ @@
 +---
 +"shell": "patch"
 +---
++
 +Fix the plugin schema requiring to set `sidecar` property when it is in fact optional.
++