nushell/crates/nu-cli/src/commands/autoenv_untrust.rs

99 lines
2.9 KiB
Rust
Raw Normal View History

Autoenv rewrite, security and scripting (#2083) * Add args in .nurc file to environment * Working dummy version * Add add_nurc to sync_env command * Parse .nurc file * Delete env vars after leaving directory * Removing vals not working, strangely * Refactoring, add comment * Debugging * Debug by logging to file * Add and remove env var behavior appears correct However, it does not use existing code that well. * Move work to cli.rs * Parse config directories * I am in a state of distress * Rename .nurc to .nu * Some notes for me * Refactoring * Removing vars works, but not done in a very nice fashion * Refactor env_vars_to_delete * Refactor env_vars_to_add() * Move directory environment code to separate file * Refactor from_config * Restore env values * Working? * Working? * Update comments and change var name * Formatting * Remove vars after leaving dir * Remove notes I made * Rename config function * Clippy * Cleanup and handle errors * cargo fmt * Better error messages, remove last (?) unwrap * FORMAT PLZ * Rename whitelisted_directories to allowed_directories * Add comment to clarify how overwritten values are restored. * Change list of allowed dirs to indexmap * Rewrite starting * rewrite everything * Overwritten env values tracks an indexmap instead of vector * Refactor restore function * Untrack removed vars properly * Performance concerns * Performance concerns * Error handling * Clippy * Add type aliases for String and OsString * Deletion almost works * Working? * Error handling and refactoring * nicer errors * Add TODO file * Move outside of loop * Error handling * Reworking adding of vars * Reworking adding of vars * Ready for testing * Refactoring * Restore overwritten vals code * todo.org * Remove overwritten values tracking, as it is not needed * Cleanup, stop tracking overwritten values as nu takes care of it * Init autoenv command * Initialize autoenv and autoenv trust * autoenv trust toml * toml * Use serde for autoenv * Optional directory arg * Add autoenv untrust command * ... actually add autoenv untrust this time * OsString and paths * Revert "OsString and paths" This reverts commit e6eedf882498c1365ecfc899e5ec11bd83cb055c. * Fix path * Fix path * Autoenv trust and untrust * Start using autoenv * Check hashes * Use trust functionality when setting vars * Remove unused code * Clippy * Nicer errors for autoenv commands * Non-working errors * Update error description * Satisfy fmt * Errors * Errors print, but not nicely * Nicer errors * fmt * Delete accidentally added todo.org file * Rename direnv to autoenv * Use ShellError instead of Error * Change tests to pass, danger zone? * Clippy and errors * Clippy... again * Replace match with or_else * Use sha2 crate for hashing * parsing and error msg * Refactoring * Only apply vars once * if parent dir * Delete vars * Rework exit code * Adding works * restore * Fix possibility of infinite loop * Refactoring * Non-working * Revert "Non-working" This reverts commit e231b85570bcb3fc838f950e9f5004c6a7c5a2ac. * Revert "Revert "Non-working"" This reverts commit 804092e46a752266576b044401cc97c317e41f21. * Autoenv trust works without restart * Cargo fix * Script vars * Serde * Serde errors * Entry and exitscripts * Clippy * Support windows and handle errors * Formatting * Fix infinite loop on windows * Debugging windows loop * More windows infinite loop debugging * Windows loop debugging #3 * windows loop #4 * Don't return err * Cleanup unused code * Infinite loop debug * Loop debugging * Check if infinite loop is vars_to_add * env_vars_to_add does not terminate, skip loop as test * Hypothesis: std::env::current_dir() is messing with something * Hypothesis: std::env::current_dir() is messing with something * plz * make clippy happy * debugging in env_vars_to_add * Debbuging env_vars_to_add #2 * clippy * clippy.. * Fool clippy * Fix another infinite loop * Binary search for error location x) * Binary search #3 * fmt * Binary search #4 * more searching... * closing in... maybe * PLZ * Cleanup * Restore commented out functionality * Handle case when user gives the directory "." * fmt * Use fs::canonicalize for paths * Create optional script section * fmt * Add exitscripts even if no entryscripts are defined * All sections in .nu-env are now optional * Re-read config file each directory change * Hot reload after autoenv untrust, don't run exitscripts if untrusted * Debugging * Fix issue with recursive adding of vars * Thank you for finding my issues Mr. Azure * use std::env
2020-07-05 19:34:00 +02:00
use super::autoenv::Trusted;
use crate::commands::WholeStreamCommand;
use crate::prelude::*;
use nu_errors::ShellError;
use nu_protocol::SyntaxShape;
use nu_protocol::{Primitive, ReturnSuccess, Signature, UntaggedValue, Value};
use std::io::Read;
use std::{fs, path::PathBuf};
pub struct AutoenvUnTrust;
#[async_trait]
impl WholeStreamCommand for AutoenvUnTrust {
fn name(&self) -> &str {
"autoenv untrust"
}
fn signature(&self) -> Signature {
Signature::build("autoenv untrust").optional(
"dir",
SyntaxShape::String,
"Directory to disallow",
)
}
fn usage(&self) -> &str {
"Untrust a .nu-env file in the current or given directory"
}
async fn run(
&self,
args: CommandArgs,
registry: &CommandRegistry,
) -> Result<OutputStream, ShellError> {
let tag = args.call_info.name_tag.clone();
let file_to_untrust = match args.call_info.evaluate(registry).await?.args.nth(0) {
Some(Value {
value: UntaggedValue::Primitive(Primitive::String(ref path)),
tag: _,
}) => {
let mut dir = fs::canonicalize(path)?;
dir.push(".nu-env");
dir
}
_ => {
let mut dir = std::env::current_dir()?;
dir.push(".nu-env");
dir
}
};
let config_path = config::default_path_for(&Some(PathBuf::from("nu-env.toml")))?;
let mut file = match std::fs::OpenOptions::new()
.read(true)
.create(true)
.write(true)
.open(config_path.clone())
{
Ok(p) => p,
Err(_) => {
return Err(ShellError::untagged_runtime_error(
"Couldn't open nu-env.toml",
));
}
};
let mut doc = String::new();
file.read_to_string(&mut doc)?;
let mut allowed: Trusted = toml::from_str(doc.as_str()).unwrap_or_else(|_| Trusted::new());
let file_to_untrust = file_to_untrust.to_string_lossy().to_string();
if allowed.files.remove(&file_to_untrust).is_none() {
return
Err(ShellError::untagged_runtime_error(
"No .nu-env file to untrust in the given directory. Is it missing, or already untrusted?",
));
}
let tomlstr = toml::to_string(&allowed).or_else(|_| {
Err(ShellError::untagged_runtime_error(
"Couldn't serialize allowed dirs to nu-env.toml",
))
})?;
fs::write(config_path, tomlstr).expect("Couldn't write to toml file");
Ok(OutputStream::one(ReturnSuccess::value(
UntaggedValue::string(".nu-env untrusted!").into_value(tag),
)))
}
fn is_binary(&self) -> bool {
false
}
fn examples(&self) -> Vec<Example> {
Vec::new()
}
}