remove nested commands from deny

8 months ago · 57034948d9
parent 5ccca82779
commit 57034948d9
4 changed files with 9 additions and 6 deletions
--- a/Cargo.lock
+++ b/Cargo.lock
@ -6565,7 +6565,9 @@ dependencies = [
 "serde_repr",
 "tauri",
 "tauri-plugin",
+ "tauri-utils",
 "thiserror 2.0.3",
+ "toml 0.8.19",
 "url",
 "uuid",
 ]
--- a/plugins/fs/build.rs
+++ b/plugins/fs/build.rs
@ -228,7 +228,11 @@ permissions = [
        let mut permission_file = toml::from_str::<PermissionFile>(&content)
            .unwrap_or_else(|_| panic!("failed to deserialize {command}.toml"));

-        for p in permission_file.permission.iter_mut() {
+        for p in permission_file
+            .permission
+            .iter_mut()
+            .filter(|p| p.identifier.starts_with("allow"))
+        {
            p.commands
                .allow
                .extend(nested_commands.iter().map(|s| s.to_string()));
--- a/plugins/fs/permissions/autogenerated/commands/read_text_file_lines.toml
+++ b/plugins/fs/permissions/autogenerated/commands/read_text_file_lines.toml
@ -18,5 +18,5 @@ identifier = "deny-read-text-file-lines"
 description = "Denies the read_text_file_lines command without any pre-configured scope."

 [permission.commands]
-allow = ["read_text_file_lines_next"]
+allow = []
 deny = ["read_text_file_lines"]
--- a/plugins/fs/permissions/autogenerated/commands/write_file.toml
+++ b/plugins/fs/permissions/autogenerated/commands/write_file.toml
@ -19,8 +19,5 @@ identifier = "deny-write-file"
 description = "Denies the write_file command without any pre-configured scope."

 [permission.commands]
-allow = [
-    "open",
-    "write",
-]
+allow = []
 deny = ["write_file"]