tauri-plugin-fs-stream 2.0.0

File Streaming API for Tauri
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151

use crate::*;
use tauri::Manager as _;
use tauri_plugin_fs::FsExt as _;


pub fn convert_rid_to_bytes(rid: tauri::ResourceId) -> Vec<u8> {
    let rid: u32 = rid;
    rid.to_be_bytes().to_vec()
}

// Based on code from tauri-plugin-fs crate
//
// Source:
// - https://github.com/tauri-apps/plugins-workspace/blob/6c3da6d2901590eff4daa2d84a21a6883085776f/plugins/fs/src/commands.rs#L1129
// - Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// - Licensed under the MIT License or the Apache 2.0 License
pub fn resolve_path<R: tauri::Runtime>(
    webview: &tauri::Webview<R>,
    global_scope: &tauri::ipc::GlobalScope<Scope>,
    command_scope: &tauri::ipc::CommandScope<Scope>,
    config: &PluginConfig,
    path: tauri_plugin_fs::SafeFilePath,
    base_dir: Option<tauri::path::BaseDirectory>,
) -> Result<std::path::PathBuf> {

    let path = path.into_path()?;
    let path = if let Some(base_dir) = base_dir {
        webview.path().resolve(&path, base_dir)?
    } else {
        path.to_path_buf()
    };

    let fs_scope = webview.try_fs_scope();

    let scope = tauri::scope::fs::Scope::new(
        webview,
        &tauri::utils::config::FsScope::Scope {
            allow: global_scope
                .allows()
                .iter()
                .filter_map(|e| e.path.clone())
                .chain(command_scope.allows().iter().filter_map(|e| e.path.clone()))
                .collect(),
            deny: global_scope
                .denies()
                .iter()
                .filter_map(|e| e.path.clone())
                .chain(command_scope.denies().iter().filter_map(|e| e.path.clone()))
                .collect(),
            require_literal_leading_dot: config.require_literal_leading_dot,
        },
    )?;

    let require_literal_leading_dot = config.require_literal_leading_dot.unwrap_or(cfg!(unix));

    if is_forbidden(&scope, &path, require_literal_leading_dot) {
        return Err(Error::with(format!("forbidden path: {}", path.display())));
    }
    if fs_scope.as_ref().is_some_and(|s| is_forbidden(&s, &path, require_literal_leading_dot)) {
        return Err(Error::with(format!("forbidden path: {}", path.display())));
    }

    if scope.is_allowed(&path) {
        return Ok(path)
    }
    if fs_scope.as_ref().is_some_and(|s| s.is_allowed(&path)) {
        return Ok(path)
    }

    if cfg!(debug_assertions) {
        Err(Error::with(format!(
            "forbidden path: {}, maybe it is not allowed on the scope configuration in your capability file",
            path.display()
        )))
    }
    else {
        Err(Error::with(format!("forbidden path: {}", path.display())))
    }
}

// Based on code from tauri-plugin-fs crate
//
// Source:
// - https://github.com/tauri-apps/plugins-workspace/blob/6c3da6d2901590eff4daa2d84a21a6883085776f/plugins/fs/src/commands.rs#L1190
// - Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// - Licensed under the MIT License or the Apache 2.0 License
fn is_forbidden<P: AsRef<std::path::Path>>(
    scope: &tauri::fs::Scope,
    path: P,
    require_literal_leading_dot: bool,
) -> bool {
    let path = path.as_ref();
    let path = if path.is_symlink() {
        match std::fs::read_link(path) {
            Ok(p) => p,
            Err(_) => return false,
        }
    } else {
        path.to_path_buf()
    };
    let path = if !path.exists() {
        crate::Result::Ok(path)
    } else {
        std::fs::canonicalize(path).map_err(Into::into)
    };

    if let Ok(path) = path {
        let path: std::path::PathBuf = path.components().collect();
        scope.forbidden_patterns().iter().any(|p| {
            p.matches_path_with(
                &path,
                glob::MatchOptions {
                    // this is needed so `/dir/*` doesn't match files within subdirectories such as `/dir/subdir/file.txt`
                    // see: <https://github.com/tauri-apps/tauri/security/advisories/GHSA-6mv3-wm7j-h4w5>
                    require_literal_separator: true,
                    require_literal_leading_dot,
                    ..Default::default()
                },
            )
        })
    } else {
        false
    }
}

// Based on code from tauri-plugin-fs crate
//
// Source:
// - https://github.com/tauri-apps/plugins-workspace/blob/3d0d2e041bbad9766aebecaeba291a28d8d7bf5c/plugins/fs/src/lib.rs#L347
// - Copyright 2019-2023 Tauri Programme within The Commons Conservancy
// - Licensed under the MIT License or the Apache 2.0 License
impl tauri::ipc::ScopeObject for Scope {
    type Error = Error;

    fn deserialize<R: tauri::Runtime>(
        app: &tauri::AppHandle<R>,
        raw: tauri::utils::acl::Value,
    ) -> Result<Self> {
        let path = serde_json::from_value(raw.into()).map(|raw| match raw {
            ScopeSchema::Value(path) => path,
            ScopeSchema::Object { path } => path,
        })?;

        use tauri::Manager as _;

        match app.path().parse(path) {
            Ok(path) => Ok(Self { path: Some(path) }),
            Err(err) => Err(err.into()),
        }
    }
}