Skip to content

Commit 5188c0f

Browse files
FabianLarsFabianLars
authored
feat(core): Add Scope::is_forbidden (#11767)
1 parent ba6f370 commit 5188c0f

File tree

2 files changed

+43
-14
lines changed

2 files changed

+43
-14
lines changed

.changes/core-scope-is-forbidden.md

Lines changed: 5 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,5 @@
1+
---
2+
tauri: 'minor:feat'
3+
---
4+
5+
Added `Scope::is_forbidden` to check if a path was explicitly forbidden.

crates/tauri/src/scope/fs.rs

Lines changed: 38 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -339,21 +339,12 @@ impl Scope {
339339
}
340340

341341
/// Determines if the given path is allowed on this scope.
342+
///
343+
/// Returns `false` if the path was explicitly forbidden or neither allowed nor forbidden.
344+
///
345+
/// May return `false` if the path points to a broken symlink.
342346
pub fn is_allowed<P: AsRef<Path>>(&self, path: P) -> bool {
343-
let path = path.as_ref();
344-
let path = if path.is_symlink() {
345-
match std::fs::read_link(path) {
346-
Ok(p) => p,
347-
Err(_) => return false,
348-
}
349-
} else {
350-
path.to_path_buf()
351-
};
352-
let path = if !path.exists() {
353-
crate::Result::Ok(path)
354-
} else {
355-
std::fs::canonicalize(path).map_err(Into::into)
356-
};
347+
let path = try_resolve_symlink_and_canonicalize(path);
357348

358349
if let Ok(path) = path {
359350
let path: PathBuf = path.components().collect();
@@ -380,6 +371,39 @@ impl Scope {
380371
false
381372
}
382373
}
374+
375+
/// Determines if the given path is explicitly forbidden on this scope.
376+
///
377+
/// May return `true` if the path points to a broken symlink.
378+
pub fn is_forbidden<P: AsRef<Path>>(&self, path: P) -> bool {
379+
let path = try_resolve_symlink_and_canonicalize(path);
380+
381+
if let Ok(path) = path {
382+
let path: PathBuf = path.components().collect();
383+
self
384+
.forbidden_patterns
385+
.lock()
386+
.unwrap()
387+
.iter()
388+
.any(|p| p.matches_path_with(&path, self.match_options))
389+
} else {
390+
true
391+
}
392+
}
393+
}
394+
395+
fn try_resolve_symlink_and_canonicalize<P: AsRef<Path>>(path: P) -> crate::Result<PathBuf> {
396+
let path = path.as_ref();
397+
let path = if path.is_symlink() {
398+
std::fs::read_link(path)?
399+
} else {
400+
path.to_path_buf()
401+
};
402+
if !path.exists() {
403+
crate::Result::Ok(path)
404+
} else {
405+
std::fs::canonicalize(path).map_err(Into::into)
406+
}
383407
}
384408

385409
fn escaped_pattern(p: &str) -> Result<Pattern, glob::PatternError> {

0 commit comments

Comments
 (0)