diff --git a/packages/hurl/src/runner/hurl_file.rs b/packages/hurl/src/runner/hurl_file.rs index b2aa6430e..ebc49ed4f 100644 --- a/packages/hurl/src/runner/hurl_file.rs +++ b/packages/hurl/src/runner/hurl_file.rs @@ -16,6 +16,7 @@ * */ use std::collections::HashMap; +use std::path::PathBuf; use std::thread; use std::time::Instant; @@ -27,7 +28,7 @@ use hurl_core::parser; use crate::http::Call; use crate::runner::runner_options::RunnerOptions; -use crate::runner::{entry, options, EntryResult, HurlResult, Value}; +use crate::runner::{entry, options, EntryResult, HurlResult, RunnerError, Value}; use crate::util::logger::{ErrorFormat, Logger, LoggerOptions, LoggerOptionsBuilder}; use crate::{http, runner}; @@ -214,13 +215,19 @@ pub fn run( }) = options { if !has_error { - // TODO: make output write error as part of entry result errors. + // TODO: make output write and access error as part of entry result errors. // For the moment, we deal the --output request failure as a simple warning and not // an error. If we want to treat it as an error, we've to add it to the current // `entry_result` errors, and optionally deals with retry if we can't write to the // specified path. - if let Err(e) = entry_result.write_response(output) { - logger.warning(&e.fixme()); + if !runner_options.context_dir.is_access_allowed(&output) { + let inner = RunnerError::UnauthorizedFileAccess { + path: PathBuf::from(output.clone()), + }; + let error = runner::Error::new(entry.request.source_info, inner, false); + logger.warning(&error.fixme()); + } else if let Err(error) = entry_result.write_response(output) { + logger.warning(&error.fixme()); } } } diff --git a/packages/hurl/src/util/path.rs b/packages/hurl/src/util/path.rs index 6760998a0..4490d8e85 100644 --- a/packages/hurl/src/util/path.rs +++ b/packages/hurl/src/util/path.rs @@ -21,7 +21,8 @@ use std::path::{Component, Path, PathBuf}; #[derive(Clone, Debug, PartialEq, Eq)] pub struct ContextDir { /// The current working directory. - /// If current directory is a relative path, the `is_allowed` is not guaranteed to be correct. + /// If current directory is a relative path, the `is_access_allowed` method + /// is not guaranteed to be correct. current_dir: PathBuf, /// The file root, either inferred or explicitly positioned by the user. /// As a consequence, it is always defined (and can't be replaced by a `Option`).