Skip to content

feat(core): Add Scope::is_forbidden #11767

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merged
amrbashir merged 3 commits into from
Nov 26, 2024
Merged

feat(core): Add Scope::is_forbidden #11767

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
3 commits
Select commit Hold shift + click to select a range
923b76e
feat(core): Add `Scope::is_forbidden`
FabianLars Nov 21, 2024
fe61a0d
fix
FabianLars Nov 21, 2024
13da004
review
FabianLars Nov 21, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
5 changes: 5 additions & 0 deletions .changes/core-scope-is-forbidden.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
tauri: 'minor:feat'
---

Added `Scope::is_forbidden` to check if a path was explicitly forbidden.
52 changes: 38 additions & 14 deletions crates/tauri/src/scope/fs.rs
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -339,21 +339,12 @@ impl Scope {
}

/// Determines if the given path is allowed on this scope.
///
/// Returns `false` if the path was explicitly forbidden or neither allowed nor forbidden.
///
/// May return `false` if the path points to a broken symlink.
pub fn is_allowed<P: AsRef<Path>>(&self, path: P) -> bool {
let path = path.as_ref();
let path = if path.is_symlink() {
match std::fs::read_link(path) {
Ok(p) => p,
Err(_) => return false,
}
} else {
path.to_path_buf()
};
let path = if !path.exists() {
crate::Result::Ok(path)
} else {
std::fs::canonicalize(path).map_err(Into::into)
};
let path = try_resolve_symlink_and_canonicalize(path);

if let Ok(path) = path {
let path: PathBuf = path.components().collect();
Expand All @@ -380,6 +371,39 @@ impl Scope {
false
}
}

/// Determines if the given path is explicitly forbidden on this scope.
///
/// May return `true` if the path points to a broken symlink.
pub fn is_forbidden<P: AsRef<Path>>(&self, path: P) -> bool {
let path = try_resolve_symlink_and_canonicalize(path);

if let Ok(path) = path {
let path: PathBuf = path.components().collect();
self
.forbidden_patterns
.lock()
.unwrap()
.iter()
.any(|p| p.matches_path_with(&path, self.match_options))
} else {
true
}
}
}

fn try_resolve_symlink_and_canonicalize<P: AsRef<Path>>(path: P) -> crate::Result<PathBuf> {
let path = path.as_ref();
let path = if path.is_symlink() {
std::fs::read_link(path)?
} else {
path.to_path_buf()
};
if !path.exists() {
crate::Result::Ok(path)
} else {
std::fs::canonicalize(path).map_err(Into::into)
}
}

fn escaped_pattern(p: &str) -> Result<Pattern, glob::PatternError> {
Expand Down