safe_chains/registry/
dispatch.rs1use crate::parse::Token;
2use crate::verdict::{SafetyLevel, Verdict};
3
4use super::policy::check_owned;
5use super::types::*;
6use super::{CMD_HANDLERS, SUB_HANDLERS};
7
8type HandlerMap = std::collections::HashMap<&'static str, super::HandlerFn>;
9
10fn dispatch_first_arg(tokens: &[Token], patterns: &[String], level: SafetyLevel) -> Verdict {
11 if tokens.len() == 2 && (tokens[1] == "--help" || tokens[1] == "-h") {
12 return Verdict::Allowed(SafetyLevel::Inert);
13 }
14 let Some(arg) = tokens.get(1) else {
15 return Verdict::Denied;
16 };
17 let arg_str = arg.as_str();
18 let matches = patterns.iter().any(|p| {
19 if let Some(prefix) = p.strip_suffix('*') {
20 arg_str.starts_with(prefix)
21 } else {
22 arg_str == p
23 }
24 });
25 if matches { Verdict::Allowed(level) } else { Verdict::Denied }
26}
27
28fn dispatch_require_any(
29 tokens: &[Token],
30 require_any: &[String],
31 policy: &OwnedPolicy,
32 level: SafetyLevel,
33 accept_bare_help: bool,
34) -> Verdict {
35 if tokens.len() == 2 {
36 let t = tokens[1].as_str();
37 if t == "--help" || t == "-h" || (accept_bare_help && t == "help") {
38 return Verdict::Allowed(SafetyLevel::Inert);
39 }
40 }
41 let has_required = tokens[1..].iter().any(|t| {
42 require_any.iter().any(|r| {
43 t == r.as_str() || (r.starts_with("--") && t.as_str().starts_with(&format!("{r}=")))
44 })
45 });
46 if has_required && check_owned(tokens, policy) {
47 Verdict::Allowed(level)
48 } else {
49 Verdict::Denied
50 }
51}
52
53fn skip_pre_flags(
54 tokens: &[Token],
55 pre_standalone: &[String],
56 pre_valued: &[String],
57) -> usize {
58 let mut i = 1;
59 while i < tokens.len() {
60 let t = &tokens[i];
61 if !t.starts_with('-') {
62 break;
63 }
64 if pre_valued.iter().any(|f| t == f.as_str()) {
65 i += 2;
66 continue;
67 }
68 if pre_valued.iter().any(|f| t.as_str().starts_with(&format!("{f}="))) {
69 i += 1;
70 continue;
71 }
72 if pre_standalone.iter().any(|f| t == f.as_str()) {
73 i += 1;
74 continue;
75 }
76 break;
77 }
78 i
79}
80
81fn dispatch_branching(
82 tokens: &[Token],
83 subs: &[SubSpec],
84 bare_flags: &[String],
85 bare_ok: bool,
86 pre_standalone: &[String],
87 pre_valued: &[String],
88 first_arg: &[String],
89 first_arg_level: SafetyLevel,
90) -> Verdict {
91 let start = skip_pre_flags(tokens, pre_standalone, pre_valued);
92 if start >= tokens.len() {
93 return if bare_ok { Verdict::Allowed(SafetyLevel::Inert) } else { Verdict::Denied };
94 }
95 let arg = tokens[start].as_str();
96 if bare_flags.is_empty() && matches!(arg, "--help" | "-h") {
97 if tokens.len() == start + 1 {
98 return Verdict::Allowed(SafetyLevel::Inert);
99 }
100 return Verdict::Denied;
101 }
102 if start + 1 == tokens.len() && bare_flags.iter().any(|f| f == arg) {
103 return Verdict::Allowed(SafetyLevel::Inert);
104 }
105 if let Some(sub) = subs.iter().find(|s| s.name == arg) {
106 return dispatch_kind(&tokens[start..], &sub.kind, &SUB_HANDLERS);
107 }
108 if !first_arg.is_empty() {
109 let matches = first_arg.iter().any(|p| {
110 if let Some(prefix) = p.strip_suffix('*') {
111 arg.starts_with(prefix)
112 } else {
113 arg == p
114 }
115 });
116 if matches {
117 return Verdict::Allowed(first_arg_level);
118 }
119 }
120 Verdict::Denied
121}
122
123fn dispatch_wrapper(
124 tokens: &[Token],
125 standalone: &[String],
126 valued: &[String],
127 positional_skip: usize,
128 separator: Option<&str>,
129 bare_ok: bool,
130) -> Verdict {
131 let mut i = 1;
132 while i < tokens.len() {
133 let t = &tokens[i];
134 if let Some(sep) = separator
135 && t == sep
136 {
137 i += 1;
138 break;
139 }
140 if !t.starts_with('-') {
141 break;
142 }
143 if valued.iter().any(|f| t == f.as_str()) {
144 i += 2;
145 continue;
146 }
147 if valued.iter().any(|f| t.as_str().starts_with(&format!("{f}="))) {
148 i += 1;
149 continue;
150 }
151 if standalone.iter().any(|f| t == f.as_str()) {
152 i += 1;
153 continue;
154 }
155 return Verdict::Denied;
156 }
157 for _ in 0..positional_skip {
158 if i >= tokens.len() {
159 return if bare_ok {
160 Verdict::Allowed(SafetyLevel::Inert)
161 } else {
162 Verdict::Denied
163 };
164 }
165 i += 1;
166 }
167 if i >= tokens.len() {
168 return if bare_ok {
169 Verdict::Allowed(SafetyLevel::Inert)
170 } else {
171 Verdict::Denied
172 };
173 }
174 let inner = shell_words::join(tokens[i..].iter().map(|t| t.as_str()));
175 crate::command_verdict(&inner)
176}
177
178fn dispatch_kind(tokens: &[Token], kind: &DispatchKind, handlers: &HandlerMap) -> Verdict {
179 match kind {
180 DispatchKind::Policy { policy, level } => {
181 if check_owned(tokens, policy) {
182 Verdict::Allowed(*level)
183 } else {
184 Verdict::Denied
185 }
186 }
187 DispatchKind::FirstArg { patterns, level } => {
188 dispatch_first_arg(tokens, patterns, *level)
189 }
190 DispatchKind::RequireAny { require_any, policy, level, accept_bare_help } => {
191 dispatch_require_any(tokens, require_any, policy, *level, *accept_bare_help)
192 }
193 DispatchKind::Branching {
194 subs, bare_flags, bare_ok, pre_standalone, pre_valued, first_arg, first_arg_level,
195 } => {
196 dispatch_branching(
197 tokens, subs, bare_flags, *bare_ok, pre_standalone, pre_valued,
198 first_arg, *first_arg_level,
199 )
200 }
201 DispatchKind::WriteFlagged { policy, base_level, write_flags } => {
202 if !check_owned(tokens, policy) {
203 return Verdict::Denied;
204 }
205 let has_write = tokens[1..].iter().any(|t| {
206 write_flags.iter().any(|f| t == f.as_str() || t.as_str().starts_with(&format!("{f}=")))
207 });
208 if has_write {
209 Verdict::Allowed(SafetyLevel::SafeWrite)
210 } else {
211 Verdict::Allowed(*base_level)
212 }
213 }
214 DispatchKind::DelegateAfterSeparator { separator } => {
215 let sep_pos = tokens[1..].iter().position(|t| t == separator.as_str());
216 let Some(pos) = sep_pos else {
217 return Verdict::Denied;
218 };
219 let inner_start = pos + 2;
220 if inner_start >= tokens.len() {
221 return Verdict::Denied;
222 }
223 let inner = shell_words::join(tokens[inner_start..].iter().map(|t| t.as_str()));
224 crate::command_verdict(&inner)
225 }
226 DispatchKind::DelegateSkip { skip } => {
227 if tokens.len() <= *skip {
228 return Verdict::Denied;
229 }
230 let inner = shell_words::join(tokens[*skip..].iter().map(|t| t.as_str()));
231 crate::command_verdict(&inner)
232 }
233 DispatchKind::Wrapper {
234 standalone, valued, positional_skip, separator, bare_ok,
235 } => {
236 dispatch_wrapper(tokens, standalone, valued, *positional_skip, separator.as_deref(), *bare_ok)
237 }
238 DispatchKind::Custom { handler_name } => {
239 handlers
240 .get(handler_name.as_str())
241 .map(|f| f(tokens))
242 .unwrap_or(Verdict::Denied)
243 }
244 }
245}
246
247pub fn dispatch_spec(tokens: &[Token], spec: &CommandSpec) -> Verdict {
248 dispatch_kind(tokens, &spec.kind, &CMD_HANDLERS)
249}