feat(schema): make acl permissions schema unique (#9999)

* Make acl permissions schema unique

* Add change file

* use a hashset

* fix cli

* Revert "use a hashset"

This reverts commit 778d316f34.

* Revert "fix cli"

This reverts commit cfc0e39182.

---------

Co-authored-by: Lucas Nogueira <lucas@tauri.studio>
This commit is contained in:
Tony 2024-06-27 04:13:55 +08:00 committed by GitHub
parent 1601da5b52
commit 878198777e
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
5 changed files with 27 additions and 3 deletions

View File

@ -0,0 +1,5 @@
---
"tauri-utils": patch:enhance
---
Mark ACL `permissions` array with unique items

View File

@ -52,7 +52,8 @@
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"uniqueItems": true
},
"platforms": {
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",

View File

@ -1126,7 +1126,8 @@
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"uniqueItems": true
},
"platforms": {
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",

View File

@ -157,6 +157,7 @@ pub struct Capability {
/// "allow": [{ "path": "$HOME/test.txt" }]
/// }
/// ```
#[cfg_attr(feature = "schema", schemars(schema_with = "unique_permission"))]
pub permissions: Vec<PermissionEntry>,
/// Limit which target platforms this capability applies to.
///
@ -169,6 +170,21 @@ pub struct Capability {
pub platforms: Option<Vec<Target>>,
}
#[cfg(feature = "schema")]
fn unique_permission(gen: &mut schemars::gen::SchemaGenerator) -> schemars::schema::Schema {
use schemars::schema;
schema::SchemaObject {
instance_type: Some(schema::InstanceType::Array.into()),
array: Some(Box::new(schema::ArrayValidation {
unique_items: Some(true),
items: Some(gen.subschema_for::<PermissionEntry>().into()),
..Default::default()
})),
..Default::default()
}
.into()
}
fn default_capability_local() -> bool {
true
}

View File

@ -1126,7 +1126,8 @@
"type": "array",
"items": {
"$ref": "#/definitions/PermissionEntry"
}
},
"uniqueItems": true
},
"platforms": {
"description": "Limit which target platforms this capability applies to.\n\n By default all platforms are targeted.\n\n ## Example\n\n `[\"macOS\",\"windows\"]`",