wlxsp
/
test1
1
0
Atdalīts 0
Kods Problēmas 0 Izmaiņu pieprasījumi 0 Laidieni 0 Vikivietne Aktivitāte
Pārlūkot izejas kodu

Changes many commands to be read-only when a guest 

Adds whitelist for allowed git methods to be run on the host
main
Eric Amodio pirms 6 gadiem
vecāks
9ccbae3521
revīzija
0415c6426a
4 mainītis faili ar 89 papildinājumiem un 60 dzēšanām
Dalītais skats
Salīdzināšanas iespējas
Rādīt statistiku Lejupielādēt ielāpa failu Lejupielādēt izmaiņu failu
  1. +60
    -60
      package.json
  2. +1
    -0
      src/constants.ts
  3. +24
    -0
      src/vsls/host.ts
  4. +4
    -0
      src/vsls/vsls.ts

+ 60
- 60
package.json Parādīt failu

@ -2766,7 +2766,7 @@
},
{
"command": "gitlens.stashApply",
"when": "gitlens:enabled"
"when": "gitlens:enabled && !gitlens:readonly"
},
{
"command": "gitlens.stashDelete",
@ -2774,7 +2774,7 @@
},
{
"command": "gitlens.stashSave",
"when": "gitlens:enabled"
"when": "gitlens:enabled && !gitlens:readonly"
},
{
"command": "gitlens.resetSuppressedWarnings",
@ -2786,15 +2786,15 @@
},
{
"command": "gitlens.fetchRepositories",
"when": "gitlens:hasRemotes"
"when": "gitlens:hasRemotes && !gitlens:readonly"
},
{
"command": "gitlens.pullRepositories",
"when": "gitlens:hasRemotes"
"when": "gitlens:hasRemotes && !gitlens:readonly"
},
{
"command": "gitlens.pushRepositories",
"when": "gitlens:hasRemotes"
"when": "gitlens:hasRemotes && !gitlens:readonly"
},
{
"command": "gitlens.views.checkout",
@ -3299,7 +3299,7 @@
"scm/resourceGroup/context": [
{
"command": "gitlens.stashSave",
"when": "gitlens:enabled",
"when": "gitlens:enabled && !gitlens:readonly",
"group": "inline@-1"
},
{
@ -3319,7 +3319,7 @@
},
{
"command": "gitlens.stashSave",
"when": "gitlens:enabled",
"when": "gitlens:enabled && !gitlens:readonly",
"group": "3_gitlens@1"
}
],
@ -3351,7 +3351,7 @@
},
{
"command": "gitlens.stashSave",
"when": "gitlens:enabled",
"when": "gitlens:enabled && !gitlens:readonly",
"group": "2_gitlens@1"
},
{
@ -3363,17 +3363,17 @@
"view/title": [
{
"command": "gitlens.pushRepositories",
"when": "gitlens:enabled && view =~ /^gitlens\\.views\\.repositories:/",
"when": "gitlens:hasRemotes && !gitlens:readonly && view =~ /^gitlens\\.views\\.repositories:/",
"group": "navigation@10"
},
{
"command": "gitlens.pullRepositories",
"when": "gitlens:enabled && view =~ /^gitlens\\.views\\.repositories:/",
"when": "gitlens:hasRemotes && !gitlens:readonly && view =~ /^gitlens\\.views\\.repositories:/",
"group": "navigation@11"
},
{
"command": "gitlens.fetchRepositories",
"when": "gitlens:enabled && view =~ /^gitlens\\.views\\.repositories:/",
"when": "gitlens:hasRemotes && !gitlens:readonly && view =~ /^gitlens\\.views\\.repositories:/",
"group": "navigation@12"
},
{
@ -3570,7 +3570,7 @@
},
{
"command": "gitlens.views.checkout",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)\\b/",
"group": "inline@10"
},
{
@ -3596,7 +3596,7 @@
},
{
"command": "gitlens.views.checkout",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)\\b/",
"group": "1_gitlens@1"
},
{
@ -3651,42 +3651,42 @@
},
{
"command": "gitlens.views.terminalCheckoutBranch",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)/",
"group": "8_gitlens@1"
},
{
"command": "gitlens.views.terminalRebaseBranchToRemote",
"when": "viewItem =~ /gitlens:(branch:current:tracking)\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:(branch:current:tracking)\\b/",
"group": "8_gitlens@1"
},
{
"command": "gitlens.views.terminalMergeBranch",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)/",
"group": "8_gitlens@2"
},
{
"command": "gitlens.views.terminalRebaseBranch",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)/",
"group": "8_gitlens@3"
},
{
"command": "gitlens.views.terminalSquashBranchIntoCommit",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)/",
"group": "8_gitlens@4"
},
{
"command": "gitlens.views.terminalCreateBranch",
"when": "viewItem =~ /gitlens:(branch|commit|tag)\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:(branch|commit|tag)\\b/",
"group": "8_gitlens@5"
},
{
"command": "gitlens.views.terminalDeleteBranch",
"when": "viewItem =~ /gitlens:branch\\b(?!:current)/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:branch\\b(?!:current)/",
"group": "8_gitlens@6"
},
{
"command": "gitlens.views.terminalCreateTag",
"when": "viewItem =~ /gitlens:(branch|commit)\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:(branch|commit)\\b/",
"group": "8_gitlens@7"
},
{
@ -3747,32 +3747,32 @@
},
{
"command": "gitlens.views.terminalCherryPickCommit",
"when": "viewItem == gitlens:commit",
"when": "!gitlens:readonly && viewItem == gitlens:commit",
"group": "8_gitlens@1"
},
{
"command": "gitlens.views.terminalPushCommit",
"when": "viewItem == gitlens:commit:current",
"when": "!gitlens:readonly && viewItem == gitlens:commit:current",
"group": "8_gitlens@2"
},
{
"command": "gitlens.views.terminalRevertCommit",
"when": "viewItem == gitlens:commit:current",
"when": "!gitlens:readonly && viewItem == gitlens:commit:current",
"group": "8_gitlens@3"
},
{
"command": "gitlens.views.terminalCheckoutCommit",
"when": "viewItem =~ /gitlens:commit\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:commit\\b/",
"group": "8_gitlens@4"
},
{
"command": "gitlens.views.terminalRebaseCommit",
"when": "viewItem =~ /gitlens:commit\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:commit\\b/",
"group": "8_gitlens@5"
},
{
"command": "gitlens.views.terminalResetCommit",
"when": "viewItem =~ /gitlens:commit\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:commit\\b/",
"group": "8_gitlens@6"
},
{
@ -3787,22 +3787,22 @@
},
{
"command": "gitlens.views.unstageFile",
"when": "viewItem =~ /gitlens:file\\b.*:staged\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:file\\b.*:staged\\b/",
"group": "inline@1"
},
{
"command": "gitlens.views.stageFile",
"when": "viewItem =~ /gitlens:file\\b.*:unstaged\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:file\\b.*:unstaged\\b/",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.unstageFile",
"when": "viewItem =~ /gitlens:file\\b.*:staged\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:file\\b.*:staged\\b/",
"group": "1_gitlens@1"
},
{
"command": "gitlens.stashSave",
"when": "viewItem =~ /gitlens:file\\b.*:(un)?staged\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:file\\b.*:(un)?staged\\b/",
"group": "1_gitlens@2"
},
{
@ -3863,7 +3863,7 @@
},
{
"command": "gitlens.views.applyChanges",
"when": "viewItem == gitlens:file:stash",
"when": "!gitlens:readonly && viewItem == gitlens:file:stash",
"group": "1_gitlens@1"
},
{
@ -3888,7 +3888,7 @@
},
{
"command": "gitlens.views.fetch",
"when": "viewItem == gitlens:remote",
"when": "!gitlens:readonly && viewItem == gitlens:remote",
"group": "inline@97"
},
{
@ -3908,12 +3908,12 @@
},
{
"command": "gitlens.views.fetch",
"when": "viewItem == gitlens:remote",
"when": "!gitlens:readonly && viewItem == gitlens:remote",
"group": "2_gitlens@1"
},
{
"command": "gitlens.views.terminalRemoveRemote",
"when": "viewItem == gitlens:remote",
"when": "!gitlens:readonly && viewItem == gitlens:remote",
"group": "8_gitlens@1"
},
{
@ -3928,64 +3928,64 @@
},
{
"command": "gitlens.views.push",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "inline@97",
"alt": "gitlens.views.pushWithForce"
},
{
"command": "gitlens.views.pull",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "inline@98"
},
{
"command": "gitlens.views.fetch",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "inline@99"
},
{
"command": "gitlens.views.fetch",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.pull",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.push",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.pushWithForce",
"when": "viewItem == gitlens:repository && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:repository",
"group": "1_gitlens@2"
},
{
"command": "gitlens.views.pull",
"when": "viewItem == gitlens:status:upstream:behind && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:status:upstream:behind",
"group": "inline@1"
},
{
"command": "gitlens.views.pull",
"when": "viewItem == gitlens:status:upstream:behind && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:status:upstream:behind",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.push",
"when": "viewItem == gitlens:status:upstream:ahead && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:status:upstream:ahead",
"group": "inline@1",
"alt": "gitlens.views.pushWithForce"
},
{
"command": "gitlens.views.push",
"when": "viewItem == gitlens:status:upstream:ahead && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:status:upstream:ahead",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.pushWithForce",
"when": "viewItem == gitlens:status:upstream:ahead && gitlens:hasRemotes",
"when": "gitlens:hasRemotes && !gitlens:readonly && viewItem == gitlens:status:upstream:ahead",
"group": "1_gitlens@2"
},
{
@ -3995,12 +3995,12 @@
},
{
"command": "gitlens.stashSave",
"when": "viewItem == gitlens:repository",
"when": "!gitlens:readonly && viewItem == gitlens:repository",
"group": "3_gitlens@1"
},
{
"command": "gitlens.stashApply",
"when": "viewItem == gitlens:repository",
"when": "!gitlens:readonly && viewItem == gitlens:repository",
"group": "3_gitlens@2"
},
{
@ -4040,57 +4040,57 @@
},
{
"command": "gitlens.stashApply",
"when": "viewItem == gitlens:stashes",
"when": "!gitlens:readonly && viewItem == gitlens:stashes",
"group": "inline@98"
},
{
"command": "gitlens.stashSave",
"when": "viewItem =~ /^gitlens:(stashes|status:files)$/",
"when": "!gitlens:readonly && viewItem =~ /^gitlens:(stashes|status:files)$/",
"group": "inline@99"
},
{
"command": "gitlens.stashSave",
"when": "viewItem =~ /^gitlens:(stashes|status:files)$/",
"when": "!gitlens:readonly && viewItem =~ /^gitlens:(stashes|status:files)$/",
"group": "1_gitlens@1"
},
{
"command": "gitlens.stashApply",
"when": "viewItem == gitlens:stashes",
"when": "!gitlens:readonly && viewItem == gitlens:stashes",
"group": "1_gitlens@2"
},
{
"command": "gitlens.stashApply",
"when": "viewItem == gitlens:stash",
"when": "!gitlens:readonly && viewItem == gitlens:stash",
"group": "inline@98"
},
{
"command": "gitlens.stashDelete",
"when": "viewItem == gitlens:stash",
"when": "!gitlens:readonly && viewItem == gitlens:stash",
"group": "inline@99"
},
{
"command": "gitlens.stashApply",
"when": "viewItem == gitlens:stash",
"when": "!gitlens:readonly && viewItem == gitlens:stash",
"group": "1_gitlens@1"
},
{
"command": "gitlens.stashDelete",
"when": "viewItem == gitlens:stash",
"when": "!gitlens:readonly && viewItem == gitlens:stash",
"group": "1_gitlens@2"
},
{
"command": "gitlens.views.checkout",
"when": "viewItem =~ /gitlens:tag\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:tag\\b/",
"group": "inline@10"
},
{
"command": "gitlens.views.checkout",
"when": "viewItem =~ /gitlens:tag\\b/",
"when": "!gitlens:readonly && viewItem =~ /gitlens:tag\\b/",
"group": "1_gitlens@1"
},
{
"command": "gitlens.views.terminalDeleteTag",
"when": "viewItem == gitlens:tag",
"when": "!gitlens:readonly && viewItem == gitlens:tag",
"group": "8_gitlens"
},
{

+ 1
- 0
src/constants.ts Parādīt failu

@ -33,6 +33,7 @@ export enum CommandContext {
Enabled = 'gitlens:enabled',
HasRemotes = 'gitlens:hasRemotes',
Key = 'gitlens:key',
Readonly = 'gitlens:readonly',
ViewsCanCompare = 'gitlens:views:canCompare',
ViewsCanCompareFile = 'gitlens:views:canCompare:file',
ViewsCompareKeepResults = 'gitlens:views:compare:keepResults',

+ 24
- 0
src/vsls/host.ts Parādīt failu

@ -20,6 +20,27 @@ import {
} from './protocol';
import { vslsUriRootRegex } from './vsls';
const defaultWhitelistFn = () => true;
const gitWhitelist = new Map<string, ((args: any[]) => boolean)>([
['blame', defaultWhitelistFn],
['branch', args => args[1] === '-vv' || args[1] === '--contains'],
['cat-file', defaultWhitelistFn],
['config', args => args[1] === '--get' || args[1] === '--get-regex'],
['diff', defaultWhitelistFn],
['difftool', defaultWhitelistFn],
['log', defaultWhitelistFn],
['ls-files', defaultWhitelistFn],
['ls-tree', defaultWhitelistFn],
['merge-base', defaultWhitelistFn],
['remote', args => args[1] === '-v' || args[1] === 'get-url'],
['rev-parse', defaultWhitelistFn],
['show', defaultWhitelistFn],
['stash', args => args[1] === 'list'],
['status', defaultWhitelistFn],
['symbolic-ref', defaultWhitelistFn],
['tag', args => args[1] === '-l']
]);
const leadingSlashRegex = /^[\/|\\]/;
export class VslsHostService implements Disposable {
@ -111,6 +132,9 @@ export class VslsHostService implements Disposable {
): Promise<GitCommandResponse> {
const { options, args } = request;
const fn = gitWhitelist.get(request.args[0]);
if (fn === undefined || !fn(request.args)) throw new Error(`Git ${request.args[0]} command is not allowed`);
let isRootWorkspace = false;
if (options.cwd !== undefined && options.cwd.length > 0 && this._sharedToLocalPaths !== undefined) {
// This is all so ugly, but basically we are converting shared paths to local paths

+ 4
- 0
src/vsls/vsls.ts Parādīt failu

@ -40,6 +40,7 @@ export class VslsController implements Disposable {
workspace.workspaceFolders !== undefined &&
workspace.workspaceFolders.some(f => f.uri.scheme === DocumentSchemes.Vsls)
) {
setCommandContext(CommandContext.Readonly, true);
this._waitForReady = new Promise(resolve => (this._onReady = resolve));
}
@ -92,15 +93,18 @@ export class VslsController implements Disposable {
switch (e.session.role) {
case Role.Host:
setCommandContext(CommandContext.Readonly, undefined);
if (Container.config.liveshare.allowGuestAccess) {
this._host = await VslsHostService.share(api);
}
break;
case Role.Guest:
setCommandContext(CommandContext.Readonly, true);
this._guest = await VslsGuestService.connect(api);
break;
default:
setCommandContext(CommandContext.Readonly, undefined);
break;
}

Rakstīt Priekšskatītījums
Notiek ielāde…
Atcelt
Saglabāt