Skip to content

Commit 6cdfe32

Browse files
MaxDesiatovMaxDesiatov
authored
Revert "make it possible to specify permitted network port access at runtime (#7151)"
This reverts commit a5771ec.
1 parent d2eb0ca commit 6cdfe32

File tree

2 files changed

+12
-72
lines changed

2 files changed

+12
-72
lines changed

Sources/Commands/PackageTools/PluginCommand.swift

Lines changed: 8 additions & 68 deletions
Original file line numberDiff line numberDiff line change
@@ -47,72 +47,12 @@ struct PluginCommand: SwiftCommand {
4747
)
4848
var additionalAllowedWritableDirectories: [String] = []
4949

50-
enum NetworkPermission: EnumerableFlag, ExpressibleByArgument {
51-
static var allCases: [PluginCommand.PluginOptions.NetworkPermission] {
52-
return [.none, .local(ports: []), .all(ports: []), .docker, .unixDomainSocket]
53-
}
54-
50+
enum NetworkPermission: String, EnumerableFlag, ExpressibleByArgument {
5551
case none
56-
case local(ports: [Int])
57-
case all(ports: [Int])
52+
case local
53+
case all
5854
case docker
5955
case unixDomainSocket
60-
61-
init?(argument: String) {
62-
let arg = argument.lowercased()
63-
switch arg {
64-
case "none":
65-
self = .none
66-
case "docker":
67-
self = .docker
68-
case "unixdomainsocket":
69-
self = .unixDomainSocket
70-
default:
71-
if "all" == arg.prefix(3) {
72-
let ports = Self.parsePorts(arg)
73-
self = .all(ports: ports)
74-
} else if "local" == arg.prefix(5) {
75-
let ports = Self.parsePorts(arg)
76-
self = .local(ports: ports)
77-
} else {
78-
return nil
79-
}
80-
}
81-
}
82-
83-
static func parsePorts(_ string: String) -> [Int] {
84-
let parts = string.split(separator: ":")
85-
guard parts.count == 2 else {
86-
return []
87-
}
88-
return parts[1]
89-
.split(separator: ",")
90-
.compactMap{ String($0).spm_chuzzle() }
91-
.compactMap { Int($0) }
92-
}
93-
94-
var remedyDescription: String {
95-
switch self {
96-
case .none:
97-
return "none"
98-
case .local(let ports):
99-
if ports.isEmpty {
100-
return "local"
101-
} else {
102-
return "local:\(ports.map(String.init).joined(separator: ","))"
103-
}
104-
case .all(let ports):
105-
if ports.isEmpty {
106-
return "all"
107-
} else {
108-
return "all:\(ports.map(String.init).joined(separator: ","))"
109-
}
110-
case .docker:
111-
return "docker"
112-
case .unixDomainSocket:
113-
return "unixDomainSocket"
114-
}
115-
}
11656
}
11757

11858
@Option(name: .customLong("allow-network-connections"))
@@ -271,7 +211,7 @@ struct PluginCommand: SwiftCommand {
271211

272212
reasonString = reason
273213
remedyOption =
274-
"--allow-network-connections \(PluginCommand.PluginOptions.NetworkPermission(scope).remedyDescription)"
214+
"--allow-network-connections \(PluginCommand.PluginOptions.NetworkPermission(scope).defaultValueDescription)"
275215
}
276216

277217
let problem = "Plugin ‘\(plugin.name)’ wants permission to \(permissionString)."
@@ -436,8 +376,8 @@ extension PluginCommand.PluginOptions.NetworkPermission {
436376
case .unixDomainSocket: self = .unixDomainSocket
437377
case .docker: self = .docker
438378
case .none: self = .none
439-
case .all(let ports): self = .all(ports: ports)
440-
case .local(let ports): self = .local(ports: ports)
379+
case .all: self = .all
380+
case .local: self = .local
441381
}
442382
}
443383
}
@@ -446,8 +386,8 @@ extension SandboxNetworkPermission {
446386
init(_ permission: PluginCommand.PluginOptions.NetworkPermission) {
447387
switch permission {
448388
case .none: self = .none
449-
case .local(let ports): self = .local(ports: ports)
450-
case .all(let ports): self = .all(ports: ports)
389+
case .local: self = .local(ports: [])
390+
case .all: self = .all(ports: [])
451391
case .docker: self = .docker
452392
case .unixDomainSocket: self = .unixDomainSocket
453393
}

Tests/CommandsTests/PackageToolTests.swift

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1939,12 +1939,12 @@ final class PackageToolTests: CommandsTestCase {
19391939
permissionsManifestFragment: "[.allowNetworkConnections(scope: .all(ports: [23, 42, 443, 8080]), reason: \"internet good\")]",
19401940
permissionError: "all network connections on ports: 23, 42, 443, 8080",
19411941
reason: "internet good",
1942-
remedy: ["--allow-network-connections", "all:23,42,443,8080"])
1942+
remedy: ["--allow-network-connections", "all"])
19431943
try testCommandPluginNetworkingPermissions(
19441944
permissionsManifestFragment: "[.allowNetworkConnections(scope: .all(ports: 1..<4), reason: \"internet good\")]",
19451945
permissionError: "all network connections on ports: 1, 2, 3",
19461946
reason: "internet good",
1947-
remedy: ["--allow-network-connections", "all:1,2,3"])
1947+
remedy: ["--allow-network-connections", "all"])
19481948

19491949
try testCommandPluginNetworkingPermissions(
19501950
permissionsManifestFragment: "[.allowNetworkConnections(scope: .local(), reason: \"localhost good\")]",
@@ -1955,12 +1955,12 @@ final class PackageToolTests: CommandsTestCase {
19551955
permissionsManifestFragment: "[.allowNetworkConnections(scope: .local(ports: [23, 42, 443, 8080]), reason: \"localhost good\")]",
19561956
permissionError: "local network connections on ports: 23, 42, 443, 8080",
19571957
reason: "localhost good",
1958-
remedy: ["--allow-network-connections", "local:23,42,443,8080"])
1958+
remedy: ["--allow-network-connections", "local"])
19591959
try testCommandPluginNetworkingPermissions(
19601960
permissionsManifestFragment: "[.allowNetworkConnections(scope: .local(ports: 1..<4), reason: \"localhost good\")]",
19611961
permissionError: "local network connections on ports: 1, 2, 3",
19621962
reason: "localhost good",
1963-
remedy: ["--allow-network-connections", "local:1,2,3"])
1963+
remedy: ["--allow-network-connections", "local"])
19641964

19651965
try testCommandPluginNetworkingPermissions(
19661966
permissionsManifestFragment: "[.allowNetworkConnections(scope: .docker, reason: \"docker good\")]",

0 commit comments

Comments
 (0)