Skip to content

Commit

Permalink
refactor(acl): permission and capability platforms are optional (#9115)
Browse files Browse the repository at this point in the history
* refactor(acl): permission and capability platforms are optional

* add iterator version

* fix build

---------

Co-authored-by: Amr Bashir <amr.bashir2015@gmail.com>
  • Loading branch information
lucasfernog and amrbashir authored Mar 7, 2024
1 parent 4ef17d0 commit 3e472d0
Show file tree
Hide file tree
Showing 12 changed files with 78 additions and 63 deletions.
8 changes: 8 additions & 0 deletions .changes/acl-platform-refactor.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,8 @@
---
"tauri-utils": patch:enhance
"tauri": patch:enhance
"tauri-cli": patch:enhance
"@tauri-apps/cli": patch:enhance
---

Changed the permission and capability platforms to be optional.
5 changes: 5 additions & 0 deletions .changes/capability-builder-platform.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,5 @@
---
"tauri": patch:feat
---

Added `CapabilityBuilder::platform` to link the runtime capability with a specific platform.
7 changes: 6 additions & 1 deletion core/tauri-build/src/acl.rs
Original file line number Diff line number Diff line change
Expand Up @@ -452,7 +452,12 @@ pub fn validate_capabilities(
let target = tauri_utils::platform::Target::from_triple(&std::env::var("TARGET").unwrap());

for capability in capabilities.values() {
if !capability.platforms.contains(&target) {
if !capability
.platforms
.as_ref()
.map(|platforms| platforms.contains(&target))
.unwrap_or(true)
{
continue;
}

Expand Down
13 changes: 4 additions & 9 deletions core/tauri-config-schema/schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1072,8 +1072,7 @@
"type": "object",
"required": [
"identifier",
"permissions",
"windows"
"permissions"
],
"properties": {
"identifier": {
Expand Down Expand Up @@ -1124,14 +1123,10 @@
},
"platforms": {
"description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
"type": [
"array",
"null"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
Expand Down
17 changes: 4 additions & 13 deletions core/tauri-utils/src/acl/capability.rs
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ pub struct Capability {
/// List of windows that uses this capability. Can be a glob pattern.
///
/// On multiwebview windows, prefer [`Self::webviews`] for a fine grained access control.
#[serde(default, skip_serializing_if = "Vec::is_empty")]
pub windows: Vec<String>,
/// List of webviews that uses this capability. Can be a glob pattern.
///
Expand All @@ -75,24 +76,14 @@ pub struct Capability {
/// List of permissions attached to this capability. Must include the plugin name as prefix in the form of `${plugin-name}:${permission-name}`.
pub permissions: Vec<PermissionEntry>,
/// Target platforms this capability applies. By default all platforms are affected by this capability.
#[serde(default = "default_platforms", skip_serializing_if = "Vec::is_empty")]
pub platforms: Vec<Target>,
#[serde(skip_serializing_if = "Option::is_none")]
pub platforms: Option<Vec<Target>>,
}

fn default_capability_local() -> bool {
true
}

fn default_platforms() -> Vec<Target> {
vec![
Target::Linux,
Target::MacOS,
Target::Windows,
Target::Android,
Target::Ios,
]
}

/// Configuration for remote URLs that are associated with the capability.
#[derive(Debug, Default, Clone, Serialize, Deserialize, Eq, PartialEq, PartialOrd, Ord, Hash)]
#[cfg_attr(feature = "schema", derive(schemars::JsonSchema))]
Expand Down Expand Up @@ -190,7 +181,7 @@ mod build {
let local = self.local;
let windows = vec_lit(&self.windows, str_lit);
let permissions = vec_lit(&self.permissions, identity);
let platforms = vec_lit(&self.platforms, identity);
let platforms = opt_vec_lit(self.platforms.as_ref(), identity);

literal_struct!(
tokens,
Expand Down
16 changes: 3 additions & 13 deletions core/tauri-utils/src/acl/mod.rs
Original file line number Diff line number Diff line change
Expand Up @@ -176,18 +176,8 @@ pub struct Permission {
pub scope: Scopes,

/// Target platforms this permission applies. By default all platforms are affected by this permission.
#[serde(default = "default_platforms", skip_serializing_if = "Vec::is_empty")]
pub platforms: Vec<Target>,
}

fn default_platforms() -> Vec<Target> {
vec![
Target::Linux,
Target::MacOS,
Target::Windows,
Target::Android,
Target::Ios,
]
#[serde(skip_serializing_if = "Option::is_none")]
pub platforms: Option<Vec<Target>>,
}

/// A set of direct permissions grouped together under a new name.
Expand Down Expand Up @@ -313,7 +303,7 @@ mod build_ {
let description = opt_str_lit(self.description.as_ref());
let commands = &self.commands;
let scope = &self.scope;
let platforms = vec_lit(&self.platforms, identity);
let platforms = opt_vec_lit(self.platforms.as_ref(), identity);

literal_struct!(
tokens,
Expand Down
14 changes: 12 additions & 2 deletions core/tauri-utils/src/acl/resolved.rs
Original file line number Diff line number Diff line change
Expand Up @@ -92,7 +92,12 @@ impl Resolved {

// resolve commands
for capability in capabilities.values() {
if !capability.platforms.contains(&target) {
if !capability
.platforms
.as_ref()
.map(|platforms| platforms.contains(&target))
.unwrap_or(true)
{
continue;
}

Expand Down Expand Up @@ -222,7 +227,12 @@ fn with_resolved_permissions<F: FnMut(ResolvedPermission<'_>) -> Result<(), Erro

let permissions = get_permissions(key, permission_name, acl)?
.into_iter()
.filter(|p| p.platforms.contains(&target))
.filter(|p| {
p.platforms
.as_ref()
.map(|platforms| platforms.contains(&target))
.unwrap_or(true)
})
.collect::<Vec<_>>();

let mut resolved_scope = Scopes::default();
Expand Down
27 changes: 26 additions & 1 deletion core/tauri/src/ipc/authority.rs
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ use tauri_utils::acl::{
resolved::{Resolved, ResolvedCommand, ResolvedScope, ScopeKey},
ExecutionContext, Scopes,
};
use tauri_utils::platform::Target;

use url::Url;

Expand Down Expand Up @@ -93,7 +94,7 @@ impl CapabilityBuilder {
windows: Vec::new(),
webviews: Vec::new(),
permissions: Vec::new(),
platforms: Vec::new(),
platforms: None,
})
}

Expand Down Expand Up @@ -193,6 +194,30 @@ impl CapabilityBuilder {
.push(PermissionEntry::ExtendedPermission { identifier, scope });
self
}

/// Adds a target platform for this capability.
///
/// By default all platforms are applied.
pub fn platform(mut self, platform: Target) -> Self {
self
.0
.platforms
.get_or_insert_with(Default::default)
.push(platform);
self
}

/// Adds target platforms for this capability.
///
/// By default all platforms are applied.
pub fn platforms(mut self, platforms: impl IntoIterator<Item = Target>) -> Self {
self
.0
.platforms
.get_or_insert_with(Default::default)
.extend(platforms);
self
}
}

impl RuntimeCapability for CapabilityBuilder {
Expand Down
13 changes: 4 additions & 9 deletions tooling/cli/schema.json
Original file line number Diff line number Diff line change
Expand Up @@ -1072,8 +1072,7 @@
"type": "object",
"required": [
"identifier",
"permissions",
"windows"
"permissions"
],
"properties": {
"identifier": {
Expand Down Expand Up @@ -1124,14 +1123,10 @@
},
"platforms": {
"description": "Target platforms this capability applies. By default all platforms are affected by this capability.",
"default": [
"linux",
"macOS",
"windows",
"android",
"iOS"
"type": [
"array",
"null"
],
"type": "array",
"items": {
"$ref": "#/definitions/Target"
}
Expand Down
2 changes: 1 addition & 1 deletion tooling/cli/src/acl/capability/new.rs
Original file line number Diff line number Diff line change
Expand Up @@ -100,7 +100,7 @@ pub fn command(options: Options) -> Result<()> {
)
})
.collect(),
platforms: Vec::new(),
platforms: None,
};

let path = match options.out {
Expand Down
17 changes: 4 additions & 13 deletions tooling/cli/src/migrate/config.rs
Original file line number Diff line number Diff line change
Expand Up @@ -5,12 +5,9 @@
use crate::Result;

use serde_json::{Map, Value};
use tauri_utils::{
acl::{
capability::{Capability, PermissionEntry},
Scopes, Value as AclValue,
},
platform::Target,
use tauri_utils::acl::{
capability::{Capability, PermissionEntry},
Scopes, Value as AclValue,
};

use std::{
Expand Down Expand Up @@ -52,13 +49,7 @@ pub fn migrate(tauri_dir: &Path) -> Result<MigratedConfig> {
windows: vec!["main".into()],
webviews: vec![],
permissions,
platforms: vec![
Target::Linux,
Target::MacOS,
Target::Windows,
Target::Android,
Target::Ios,
],
platforms: None,
})?,
)?;

Expand Down
2 changes: 1 addition & 1 deletion tooling/cli/src/mobile/ios/project.rs
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,7 @@ use cargo_mobile2::{
use handlebars::Handlebars;
use include_dir::{include_dir, Dir};
use std::{
ffi::{OsStr, OsString},
ffi::OsString,
fs::{create_dir_all, OpenOptions},
path::{Component, PathBuf},
};
Expand Down

0 comments on commit 3e472d0

Please sign in to comment.