mirror of
https://github.com/lune-org/docs.git
synced 2025-04-04 18:40:59 +01:00
145 lines
3.5 KiB
Lua
145 lines
3.5 KiB
Lua
local fs = require("@lune/fs")
|
|
local luau = require("@lune/luau")
|
|
local process = require("@lune/process")
|
|
local stdio = require("@lune/stdio")
|
|
local processArgs = table.clone(process.args)
|
|
local filePath: string = table.remove(processArgs, 1) or error("usage: lune run sandbox [SCRIPT_PATH] -- [ARGS]")
|
|
|
|
local DEFAULT_REQUIRE = require
|
|
local DEFAULT_PRINT = print
|
|
local SANDBOXED_ENV = {
|
|
debugName = filePath,
|
|
environment = {
|
|
require = nil,
|
|
getfenv = nil,
|
|
setfenv = nil,
|
|
print = nil,
|
|
warn = nil,
|
|
},
|
|
}
|
|
|
|
local function discoverAndReadScript(filePath: string): string
|
|
local scriptContents: string
|
|
|
|
if fs.isFile(filePath) then
|
|
scriptContents = fs.readFile(filePath)
|
|
return scriptContents
|
|
end
|
|
|
|
if fs.isDir(filePath) then
|
|
if fs.isFile(filePath .. "/init.luau") then
|
|
scriptContents = fs.readFile(filePath .. "/init.luau")
|
|
end
|
|
|
|
if fs.isFile(filePath .. "/init.lua") then
|
|
scriptContents = fs.readFile(filePath .. "init.lua")
|
|
end
|
|
end
|
|
|
|
if scriptContents == nil then
|
|
for _, ext in { ".luau", ".lua" } do
|
|
local filePathExt = filePath .. ext
|
|
if fs.isFile(filePathExt) then
|
|
scriptContents = fs.readFile(filePathExt)
|
|
end
|
|
end
|
|
|
|
if scriptContents == nil then
|
|
error(`No such file or directory \`{filePath}\``)
|
|
end
|
|
end
|
|
|
|
return scriptContents
|
|
end
|
|
|
|
local function sandboxGetfenv(): {}
|
|
return table.freeze(SANDBOXED_ENV)
|
|
end
|
|
|
|
local function sandboxSetfenv(env: {}): never
|
|
error("cannot call setfenv from sandbox")
|
|
end
|
|
|
|
local function sandboxPrint(...: any)
|
|
DEFAULT_PRINT(`---- Output from {SANDBOXED_ENV.debugName} ----`)
|
|
DEFAULT_PRINT(...)
|
|
DEFAULT_PRINT(`---------------------------------------`)
|
|
end
|
|
|
|
local function sandboxedRequire(path: string)
|
|
if path:find("@lune") then
|
|
local module = path:split("/")[2]:gsub("%s", "")
|
|
|
|
if module == "net" or module == "fs" or module == "process" or module == "roblox" then
|
|
local allow: boolean =
|
|
stdio.prompt("confirm", `allow {SANDBOXED_ENV.debugName} to access {module}?`)
|
|
|
|
if allow then
|
|
local moduleRequire = DEFAULT_REQUIRE(path)
|
|
|
|
return setmetatable({}, {
|
|
__index = function(_, key)
|
|
local value = moduleRequire[key]
|
|
|
|
if typeof(value) == "function" then
|
|
if module == "roblox" and key == "getAuthCookie" then
|
|
local allowAuthCookie: boolean = stdio.prompt(
|
|
"confirm",
|
|
`allow {SANDBOXED_ENV.debugName} to access your .ROBLOSECURITY token?`
|
|
)
|
|
|
|
if allowAuthCookie then
|
|
return value
|
|
end
|
|
end
|
|
|
|
return function(...)
|
|
warn(`{SANDBOXED_ENV.debugName} invoked {key} with args {...}`)
|
|
return value(...)
|
|
end
|
|
end
|
|
|
|
if module == "process" and key == "args" then
|
|
return processArgs
|
|
end
|
|
|
|
return value
|
|
end,
|
|
|
|
__tostring = function()
|
|
return stdio.format(moduleRequire)
|
|
end,
|
|
})
|
|
end
|
|
|
|
error(`{SANDBOXED_ENV.debugName} tried to access disallowed library {module}`)
|
|
end
|
|
|
|
local otherModule = DEFAULT_REQUIRE(path)
|
|
|
|
if module == "stdio" then
|
|
return setmetatable({
|
|
write = sandboxPrint,
|
|
ewrite = sandboxPrint,
|
|
}, {
|
|
__index = otherModule,
|
|
})
|
|
end
|
|
|
|
return otherModule
|
|
else
|
|
local contents = discoverAndReadScript(path)
|
|
|
|
local evalChunk = luau.load(contents, SANDBOXED_ENV)
|
|
return evalChunk()
|
|
end
|
|
end
|
|
|
|
|
|
|
|
SANDBOXED_ENV.environment.require = sandboxedRequire
|
|
SANDBOXED_ENV.environment.getfenv = sandboxGetfenv
|
|
SANDBOXED_ENV.environment.setfenv = sandboxSetfenv
|
|
SANDBOXED_ENV.environment.print = sandboxPrint
|
|
SANDBOXED_ENV.environment.warn = sandboxPrint
|
|
luau.load(discoverAndReadScript(filePath), table.freeze(SANDBOXED_ENV))()
|