-
-
Notifications
You must be signed in to change notification settings - Fork 31.4k
/
Copy pathpermission_base.h
61 lines (45 loc) · 2.07 KB
/
permission_base.h
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
#ifndef SRC_PERMISSION_PERMISSION_BASE_H_
#define SRC_PERMISSION_PERMISSION_BASE_H_
#if defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
#include <map>
#include <string>
#include <string_view>
#include "v8.h"
namespace node {
class Environment;
namespace permission {
#define FILESYSTEM_PERMISSIONS(V) \
V(FileSystem, "fs", PermissionsRoot, "") \
V(FileSystemRead, "fs.read", FileSystem, "--allow-fs-read") \
V(FileSystemWrite, "fs.write", FileSystem, "--allow-fs-write")
#define CHILD_PROCESS_PERMISSIONS(V) \
V(ChildProcess, "child", PermissionsRoot, "--allow-child-process")
#define WASI_PERMISSIONS(V) V(WASI, "wasi", PermissionsRoot, "--allow-wasi")
#define WORKER_THREADS_PERMISSIONS(V) \
V(WorkerThreads, "worker", PermissionsRoot, "--allow-worker")
#define INSPECTOR_PERMISSIONS(V) V(Inspector, "inspector", PermissionsRoot, "")
#define PERMISSIONS(V) \
FILESYSTEM_PERMISSIONS(V) \
CHILD_PROCESS_PERMISSIONS(V) \
WASI_PERMISSIONS(V) \
WORKER_THREADS_PERMISSIONS(V) \
INSPECTOR_PERMISSIONS(V)
#define V(name, _, __, ___) k##name,
enum class PermissionScope {
kPermissionsRoot = -1,
PERMISSIONS(V) kPermissionsCount
};
#undef V
class PermissionBase {
public:
virtual void Apply(Environment* env,
const std::vector<std::string>& allow,
PermissionScope scope) = 0;
virtual bool is_granted(Environment* env,
PermissionScope perm,
const std::string_view& param = "") const = 0;
};
} // namespace permission
} // namespace node
#endif // defined(NODE_WANT_INTERNALS) && NODE_WANT_INTERNALS
#endif // SRC_PERMISSION_PERMISSION_BASE_H_