From 64cb3c7490bec8c908954076356aec3fe9126b40 Mon Sep 17 00:00:00 2001 From: Lucas Nogueira Date: Sat, 13 May 2023 00:33:26 -0300 Subject: [PATCH] update tauri --- Cargo.lock | 17 ++++---- examples/api/src-tauri/tauri.conf.json | 18 ++++----- plugins/fs/src/config.rs | 54 +++++++++++++++++++++++++- plugins/fs/src/lib.rs | 4 +- plugins/fs/src/scope.rs | 4 +- 5 files changed, 71 insertions(+), 26 deletions(-) diff --git a/Cargo.lock b/Cargo.lock index 3e7e94a1..9bdc25cf 100644 --- a/Cargo.lock +++ b/Cargo.lock @@ -4960,14 +4960,13 @@ dependencies = [ [[package]] name = "tauri" version = "2.0.0-alpha.8" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "anyhow", "bytes 1.4.0", "cocoa", "dirs-next", "embed_plist", - "encoding_rs", "futures-util", "glib", "glob", @@ -5011,11 +5010,10 @@ dependencies = [ [[package]] name = "tauri-build" version = "2.0.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "anyhow", "cargo_toml", - "filetime", "heck 0.4.1", "json-patch", "quote", @@ -5032,7 +5030,7 @@ dependencies = [ [[package]] name = "tauri-codegen" version = "2.0.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "base64 0.21.0", "brotli", @@ -5057,7 +5055,7 @@ dependencies = [ [[package]] name = "tauri-macros" version = "2.0.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "heck 0.4.1", "proc-macro2", @@ -5451,7 +5449,7 @@ dependencies = [ [[package]] name = "tauri-runtime" version = "0.13.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "gtk", "http", @@ -5465,14 +5463,13 @@ dependencies = [ "thiserror", "url", "uuid", - "webview2-com", "windows 0.44.0", ] [[package]] name = "tauri-runtime-wry" version = "0.13.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "cocoa", "gtk", @@ -5492,7 +5489,7 @@ dependencies = [ [[package]] name = "tauri-utils" version = "2.0.0-alpha.4" -source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#234edbaf29172c2a461e22a82996da65ebacfcf0" +source = "git+https://github.com/tauri-apps/tauri?branch=refactor/cleanup#2bbd957a3b1b1072487f5890071317593481f118" dependencies = [ "aes-gcm 0.10.1", "brotli", diff --git a/examples/api/src-tauri/tauri.conf.json b/examples/api/src-tauri/tauri.conf.json index b1aa782f..8fd3fee4 100644 --- a/examples/api/src-tauri/tauri.conf.json +++ b/examples/api/src-tauri/tauri.conf.json @@ -120,15 +120,6 @@ "pubkey": "dW50cnVzdGVkIGNvbW1lbnQ6IG1pbmlzaWduIHB1YmxpYyBrZXk6IDE5QzMxNjYwNTM5OEUwNTgKUldSWTRKaFRZQmJER1h4d1ZMYVA3dnluSjdpN2RmMldJR09hUFFlZDY0SlFqckkvRUJhZDJVZXAK" } }, - "allowlist": { - "protocol": { - "asset": true, - "assetScope": { - "allow": ["$APPDATA/db/**", "$RESOURCE/**"], - "deny": ["$APPDATA/db/*.stronghold"] - } - } - }, "windows": [], "security": { "csp": { @@ -137,7 +128,14 @@ "img-src": "'self' asset: https://asset.localhost blob: data:", "style-src": "'unsafe-inline' 'self' https://fonts.googleapis.com" }, - "freezePrototype": true + "freezePrototype": true, + "assetProtocol": { + "enable": true, + "scope": { + "allow": ["$APPDATA/db/**", "$RESOURCE/**"], + "deny": ["$APPDATA/db/*.stronghold"] + } + } }, "systemTray": { "iconPath": "icons/tray_icon_with_transparency.png", diff --git a/plugins/fs/src/config.rs b/plugins/fs/src/config.rs index a1dbc30c..837e3a40 100644 --- a/plugins/fs/src/config.rs +++ b/plugins/fs/src/config.rs @@ -1,7 +1,57 @@ +use std::path::PathBuf; + use serde::Deserialize; -use tauri::utils::config::FsAllowlistScope; #[derive(Debug, Deserialize)] pub struct Config { - pub scope: FsAllowlistScope, + pub scope: FsScope, +} + +/// Protocol scope definition. +/// It is a list of glob patterns that restrict the API access from the webview. +/// +/// Each pattern can start with a variable that resolves to a system base directory. +/// The variables are: `$AUDIO`, `$CACHE`, `$CONFIG`, `$DATA`, `$LOCALDATA`, `$DESKTOP`, +/// `$DOCUMENT`, `$DOWNLOAD`, `$EXE`, `$FONT`, `$HOME`, `$PICTURE`, `$PUBLIC`, `$RUNTIME`, +/// `$TEMPLATE`, `$VIDEO`, `$RESOURCE`, `$APP`, `$LOG`, `$TEMP`, `$APPCONFIG`, `$APPDATA`, +/// `$APPLOCALDATA`, `$APPCACHE`, `$APPLOG`. +#[derive(Debug, PartialEq, Eq, Clone, Deserialize)] +#[serde(untagged)] +pub enum FsScope { + /// A list of paths that are allowed by this scope. + AllowedPaths(Vec), + /// A complete scope configuration. + Scope { + /// A list of paths that are allowed by this scope. + #[serde(default)] + allow: Vec, + /// A list of paths that are not allowed by this scope. + /// This gets precedence over the [`Self::Scope::allow`] list. + #[serde(default)] + deny: Vec, + }, +} + +impl Default for FsScope { + fn default() -> Self { + Self::AllowedPaths(Vec::new()) + } +} + +impl FsScope { + /// The list of allowed paths. + pub fn allowed_paths(&self) -> &Vec { + match self { + Self::AllowedPaths(p) => p, + Self::Scope { allow, .. } => allow, + } + } + + /// The list of forbidden paths. + pub fn forbidden_paths(&self) -> Option<&Vec> { + match self { + Self::AllowedPaths(_) => None, + Self::Scope { deny, .. } => Some(deny), + } + } } diff --git a/plugins/fs/src/lib.rs b/plugins/fs/src/lib.rs index bf78f3b4..2873b108 100644 --- a/plugins/fs/src/lib.rs +++ b/plugins/fs/src/lib.rs @@ -2,9 +2,9 @@ // SPDX-License-Identifier: Apache-2.0 // SPDX-License-Identifier: MIT +use config::FsScope; use tauri::{ plugin::{Builder as PluginBuilder, TauriPlugin}, - utils::config::FsAllowlistScope, Manager, Runtime, }; @@ -50,7 +50,7 @@ pub fn init() -> TauriPlugin> { commands::metadata ]) .setup(|app: &tauri::AppHandle, api| { - let default_scope = FsAllowlistScope::default(); + let default_scope = FsScope::default(); app.manage(Scope::new( app, api.config() diff --git a/plugins/fs/src/scope.rs b/plugins/fs/src/scope.rs index 773dabe5..c8958f2e 100644 --- a/plugins/fs/src/scope.rs +++ b/plugins/fs/src/scope.rs @@ -9,8 +9,8 @@ use std::{ sync::{Arc, Mutex}, }; +use crate::config::FsScope; pub use glob::Pattern; -use tauri::utils::config::FsAllowlistScope; use uuid::Uuid; use crate::{Manager, Runtime}; @@ -83,7 +83,7 @@ impl Scope { /// Creates a new scope from a `FsAllowlistScope` configuration. pub(crate) fn new>( manager: &M, - scope: &FsAllowlistScope, + scope: &FsScope, ) -> crate::Result { let mut allowed_patterns = HashSet::new(); for path in scope.allowed_paths() {