diff --git a/.changes/permission-schema-unique-item.md b/.changes/permission-schema-unique-item.md new file mode 100644 index 000000000..e670face0 --- /dev/null +++ b/.changes/permission-schema-unique-item.md @@ -0,0 +1,5 @@ +--- +"tauri-utils": patch:enhance +--- + +Mark ACL `permissions` array with unique items diff --git a/core/tauri-acl-schema/capability-schema.json b/core/tauri-acl-schema/capability-schema.json index 5878f3eb6..4f3301c1d 100644 --- a/core/tauri-acl-schema/capability-schema.json +++ b/core/tauri-acl-schema/capability-schema.json @@ -52,7 +52,8 @@ "type": "array", "items": { "$ref": "#/definitions/PermissionEntry" - } + }, + "uniqueItems": true }, "platforms": { "description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`", diff --git a/core/tauri-config-schema/schema.json b/core/tauri-config-schema/schema.json index 4a51c5adf..5867fd0de 100644 --- a/core/tauri-config-schema/schema.json +++ b/core/tauri-config-schema/schema.json @@ -1126,7 +1126,8 @@ "type": "array", "items": { "$ref": "#/definitions/PermissionEntry" - } + }, + "uniqueItems": true }, "platforms": { "description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`", diff --git a/core/tauri-utils/src/acl/capability.rs b/core/tauri-utils/src/acl/capability.rs index 805119982..d1a170263 100644 --- a/core/tauri-utils/src/acl/capability.rs +++ b/core/tauri-utils/src/acl/capability.rs @@ -157,6 +157,7 @@ pub struct Capability { /// "allow": [{ "path": "$HOME/test.txt" }] /// } /// ``` + #[cfg_attr(feature = "schema", schemars(schema_with = "unique_permission"))] pub permissions: Vec, /// Limit which target platforms this capability applies to. /// @@ -169,6 +170,21 @@ pub struct Capability { pub platforms: Option>, } +#[cfg(feature = "schema")] +fn unique_permission(gen: &mut schemars::gen::SchemaGenerator) -> schemars::schema::Schema { + use schemars::schema; + schema::SchemaObject { + instance_type: Some(schema::InstanceType::Array.into()), + array: Some(Box::new(schema::ArrayValidation { + unique_items: Some(true), + items: Some(gen.subschema_for::().into()), + ..Default::default() + })), + ..Default::default() + } + .into() +} + fn default_capability_local() -> bool { true } diff --git a/tooling/cli/schema.json b/tooling/cli/schema.json index 4a51c5adf..5867fd0de 100644 --- a/tooling/cli/schema.json +++ b/tooling/cli/schema.json @@ -1126,7 +1126,8 @@ "type": "array", "items": { "$ref": "#/definitions/PermissionEntry" - } + }, + "uniqueItems": true }, "platforms": { "description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",