nushell/crates/nu-cli/src/commands/autoenv.rs

use crate::commands::WholeStreamCommand;
use crate::prelude::*;
use nu_errors::ShellError;
use nu_protocol::{ReturnSuccess, Signature, UntaggedValue};
use serde::Deserialize;
use serde::Serialize;
use sha2::{Digest, Sha256};
use std::io::Read;
use std::path::PathBuf;
pub struct Autoenv;

#[derive(Deserialize, Serialize, Debug, Default)]
pub struct Trusted {
    pub files: IndexMap<String, Vec<u8>>,
}
impl Trusted {
    pub fn new() -> Self {
        Trusted {
            files: IndexMap::new(),
        }
    }
}
pub fn file_is_trusted(nu_env_file: &PathBuf, content: &[u8]) -> Result<bool, ShellError> {
    let contentdigest = Sha256::digest(&content).as_slice().to_vec();
    let nufile = nu_env_file.to_str().unwrap_or("");

    let trusted = read_trusted()?;
    Ok(trusted.files.get(nufile) == Some(&contentdigest))
}

pub fn read_trusted() -> Result<Trusted, ShellError> {
    let config_path = config::default_path_for(&Some(PathBuf::from("nu-env.toml")))?;

    let mut file = std::fs::OpenOptions::new()
        .read(true)
        .create(true)
        .write(true)
        .open(config_path)
        .or_else(|_| {
            Err(ShellError::untagged_runtime_error(
                "Couldn't open nu-env.toml",
            ))
        })?;
    let mut doc = String::new();
    file.read_to_string(&mut doc)?;

    let allowed = toml::de::from_str(doc.as_str()).unwrap_or_else(|_| Trusted::new());
    Ok(allowed)
}

#[async_trait]
impl WholeStreamCommand for Autoenv {
    fn name(&self) -> &str {
        "autoenv"
    }
    fn usage(&self) -> &str {
        // "Mark a .nu-env file in a directory as trusted. Needs to be re-run after each change to the file or its filepath."
        "Manage directory specific environments"
    }
    fn signature(&self) -> Signature {
        Signature::build("autoenv")
    }
    async fn run(
        &self,
        _args: CommandArgs,
        registry: &CommandRegistry,
    ) -> Result<OutputStream, ShellError> {
        let registry = registry.clone();
        Ok(OutputStream::one(ReturnSuccess::value(
            UntaggedValue::string(crate::commands::help::get_help(&Autoenv, &registry))
                .into_value(Tag::unknown()),
        )))
    }

    fn examples(&self) -> Vec<Example> {
        vec![Example {
            description: "Allow .nu-env file in current directory",
            example: "autoenv trust",
            result: None,
        }]
    }
}
Autoenv rewrite, security and scripting (#2083) * Add args in .nurc file to environment * Working dummy version * Add add_nurc to sync_env command * Parse .nurc file * Delete env vars after leaving directory * Removing vals not working, strangely * Refactoring, add comment * Debugging * Debug by logging to file * Add and remove env var behavior appears correct However, it does not use existing code that well. * Move work to cli.rs * Parse config directories * I am in a state of distress * Rename .nurc to .nu * Some notes for me * Refactoring * Removing vars works, but not done in a very nice fashion * Refactor env_vars_to_delete * Refactor env_vars_to_add() * Move directory environment code to separate file * Refactor from_config * Restore env values * Working? * Working? * Update comments and change var name * Formatting * Remove vars after leaving dir * Remove notes I made * Rename config function * Clippy * Cleanup and handle errors * cargo fmt * Better error messages, remove last (?) unwrap * FORMAT PLZ * Rename whitelisted_directories to allowed_directories * Add comment to clarify how overwritten values are restored. * Change list of allowed dirs to indexmap * Rewrite starting * rewrite everything * Overwritten env values tracks an indexmap instead of vector * Refactor restore function * Untrack removed vars properly * Performance concerns * Performance concerns * Error handling * Clippy * Add type aliases for String and OsString * Deletion almost works * Working? * Error handling and refactoring * nicer errors * Add TODO file * Move outside of loop * Error handling * Reworking adding of vars * Reworking adding of vars * Ready for testing * Refactoring * Restore overwritten vals code * todo.org * Remove overwritten values tracking, as it is not needed * Cleanup, stop tracking overwritten values as nu takes care of it * Init autoenv command * Initialize autoenv and autoenv trust * autoenv trust toml * toml * Use serde for autoenv * Optional directory arg * Add autoenv untrust command * ... actually add autoenv untrust this time * OsString and paths * Revert "OsString and paths" This reverts commit e6eedf882498c1365ecfc899e5ec11bd83cb055c. * Fix path * Fix path * Autoenv trust and untrust * Start using autoenv * Check hashes * Use trust functionality when setting vars * Remove unused code * Clippy * Nicer errors for autoenv commands * Non-working errors * Update error description * Satisfy fmt * Errors * Errors print, but not nicely * Nicer errors * fmt * Delete accidentally added todo.org file * Rename direnv to autoenv * Use ShellError instead of Error * Change tests to pass, danger zone? * Clippy and errors * Clippy... again * Replace match with or_else * Use sha2 crate for hashing * parsing and error msg * Refactoring * Only apply vars once * if parent dir * Delete vars * Rework exit code * Adding works * restore * Fix possibility of infinite loop * Refactoring * Non-working * Revert "Non-working" This reverts commit e231b85570bcb3fc838f950e9f5004c6a7c5a2ac. * Revert "Revert "Non-working"" This reverts commit 804092e46a752266576b044401cc97c317e41f21. * Autoenv trust works without restart * Cargo fix * Script vars * Serde * Serde errors * Entry and exitscripts * Clippy * Support windows and handle errors * Formatting * Fix infinite loop on windows * Debugging windows loop * More windows infinite loop debugging * Windows loop debugging #3 * windows loop #4 * Don't return err * Cleanup unused code * Infinite loop debug * Loop debugging * Check if infinite loop is vars_to_add * env_vars_to_add does not terminate, skip loop as test * Hypothesis: std::env::current_dir() is messing with something * Hypothesis: std::env::current_dir() is messing with something * plz * make clippy happy * debugging in env_vars_to_add * Debbuging env_vars_to_add #2 * clippy * clippy.. * Fool clippy * Fix another infinite loop * Binary search for error location x) * Binary search #3 * fmt * Binary search #4 * more searching... * closing in... maybe * PLZ * Cleanup * Restore commented out functionality * Handle case when user gives the directory "." * fmt * Use fs::canonicalize for paths * Create optional script section * fmt * Add exitscripts even if no entryscripts are defined * All sections in .nu-env are now optional * Re-read config file each directory change * Hot reload after autoenv untrust, don't run exitscripts if untrusted * Debugging * Fix issue with recursive adding of vars * Thank you for finding my issues Mr. Azure * use std::env 2020-07-05 19:34:00 +02:00			`use crate::commands::WholeStreamCommand;`
			`use crate::prelude::*;`
			`use nu_errors::ShellError;`
			`use nu_protocol::{ReturnSuccess, Signature, UntaggedValue};`
			`use serde::Deserialize;`
			`use serde::Serialize;`
			`use sha2::{Digest, Sha256};`
			`use std::io::Read;`
			`use std::path::PathBuf;`
			`pub struct Autoenv;`

			`#[derive(Deserialize, Serialize, Debug, Default)]`
			`pub struct Trusted {`
			`pub files: IndexMap<String, Vec<u8>>,`
			`}`
			`impl Trusted {`
			`pub fn new() -> Self {`
			`Trusted {`
			`files: IndexMap::new(),`
			`}`
			`}`
			`}`
			`pub fn file_is_trusted(nu_env_file: &PathBuf, content: &[u8]) -> Result<bool, ShellError> {`
			`let contentdigest = Sha256::digest(&content).as_slice().to_vec();`
			`let nufile = nu_env_file.to_str().unwrap_or("");`

			`let trusted = read_trusted()?;`
			`Ok(trusted.files.get(nufile) == Some(&contentdigest))`
			`}`

			`pub fn read_trusted() -> Result<Trusted, ShellError> {`
			`let config_path = config::default_path_for(&Some(PathBuf::from("nu-env.toml")))?;`

			`let mut file = std::fs::OpenOptions::new()`
			`.read(true)`
			`.create(true)`
			`.write(true)`
			`.open(config_path)`
			`.or_else(\|_\| {`
			`Err(ShellError::untagged_runtime_error(`
			`"Couldn't open nu-env.toml",`
			`))`
			`})?;`
			`let mut doc = String::new();`
			`file.read_to_string(&mut doc)?;`

			`let allowed = toml::de::from_str(doc.as_str()).unwrap_or_else(\|_\| Trusted::new());`
			`Ok(allowed)`
			`}`

			`#[async_trait]`
			`impl WholeStreamCommand for Autoenv {`
			`fn name(&self) -> &str {`
			`"autoenv"`
			`}`
			`fn usage(&self) -> &str {`
			`// "Mark a .nu-env file in a directory as trusted. Needs to be re-run after each change to the file or its filepath."`
			`"Manage directory specific environments"`
			`}`
			`fn signature(&self) -> Signature {`
			`Signature::build("autoenv")`
			`}`
			`async fn run(`
			`&self,`
			`_args: CommandArgs,`
			`registry: &CommandRegistry,`
			`) -> Result<OutputStream, ShellError> {`
			`let registry = registry.clone();`
			`Ok(OutputStream::one(ReturnSuccess::value(`
			`UntaggedValue::string(crate::commands::help::get_help(&Autoenv, &registry))`
			`.into_value(Tag::unknown()),`
			`)))`
			`}`

			`fn examples(&self) -> Vec<Example> {`
			`vec![Example {`
			`description: "Allow .nu-env file in current directory",`
			`example: "autoenv trust",`
			`result: None,`
			`}]`
			`}`
			`}`