feat(registry): support granular allowence of specifier types

2024-12-12 11:00:36 +00:00 · 2024-12-11 21:31:00 +01:00 · 2024-12-11 21:31:00 +01:00 · 16ab05ec72
commit 16ab05ec72
parent 36e6f16ca6
4 changed files with 79 additions and 57 deletions
--- a/docs/src/content/docs/guides/self-hosting-registries.mdx
+++ b/docs/src/content/docs/guides/self-hosting-registries.mdx
@ -19,10 +19,10 @@ To create an index, create a new repository and add a `config.toml` file with
 the following content:
 ```toml title="config.toml"
-# The URL of the registry API
+# the URL of the registry API
 api = "https://registry.acme.local/"
-# Package download URL (optional)
+# package download URL (optional)
 download = "{API_URL}/v0/packages/{PACKAGE}/{PACKAGE_VERSION}/{PACKAGE_TARGET}"
 # the client ID of the GitHub OAuth app (optional)
@ -33,13 +33,16 @@ git_allowed = true
 # whether to allow packages which depend on packages from other registries
 # (default: false)
-other_registries_allowed = true
+other_registries_allowed = ["https://git.acme.local/index"]
 # whether to allow packages with Wally dependencies (default: false)
 wally_allowed = false
 # the maximum size of the archive in bytes (default: 4MB)
 max_archive_size = 4194304
 # the scripts packages present in the `init` command selection by default
 scripts_packages = ["pesde/scripts_rojo"]
 ```
 - **api**: The URL of the registry API. See below for more information.
@ -60,18 +63,24 @@ max_archive_size = 4194304
 - **github_oauth_client_id**: This is required if you use GitHub OAuth for
  authentication. See below for more information.
- **git_allowed**: Whether to allow packages with Git dependencies. This is
+- **git_allowed**: Whether to allow packages with Git dependencies. This can be
-  optional and defaults to `false`.
+  either a bool or a list of allowed repository URLs. This is optional and
  defaults to `false`.
 - **other_registries_allowed**: Whether to allow packages which depend on
-  packages from other registries. This is optional and defaults to `false`.
+  packages from other registries. This can be either a bool or a list of
  allowed index repository URLs. This is optional and defaults to `false`.
- **wally_allowed**: Whether to allow packages with Wally dependencies. This is
+- **wally_allowed**: Whether to allow packages with Wally dependencies. This can
  be either a bool or a list of allowed index repository URLs. This is
  optional and defaults to `false`.
 - **max_archive_size**: The maximum size of the archive in bytes. This is
  optional and defaults to `4194304` (4MB).
 - **scripts_packages**: The scripts packages present in the `init` command
  selection by default. This is optional and defaults to none.
 You should then push this repository to [GitHub](https://github.com/).
 ## Configuring the registry
@ -88,8 +97,8 @@ has access to the index repository. We recommend using a separate account
 for this purpose.
 <Aside>
-	For a GitHub account the password **must** be a personal access token. For
+	For a GitHub account the password **must** be a personal access token. For instructions on how to
-	instructions on how to create a personal access token, see the [GitHub
+	create a personal access token, see the [GitHub
 	documentation](https://docs.github.com/en/authentication/keeping-your-account-and-data-secure/managing-your-personal-access-tokens).
 	The access token must have read and write access to the index repository.
 </Aside>
--- a/registry/src/endpoints/publish_version.rs
+++ b/registry/src/endpoints/publish_version.rs
@ -304,7 +304,7 @@ pub async fn publish_package(
                        .filter(|index| match gix::Url::try_from(*index) {
                            Ok(url) => config
                                .other_registries_allowed
-                                .is_allowed(source.repo_url().clone(), url),
+                                .is_allowed_or_same(source.repo_url().clone(), url),
                            Err(_) => false,
                        })
                        .is_none()
@ -315,16 +315,13 @@ pub async fn publish_package(
                    }
                }
                DependencySpecifiers::Wally(specifier) => {
                    if !config.wally_allowed {
                        return Err(Error::InvalidArchive(
                            "wally dependencies are not allowed".into(),
                        ));
                    }
                    if specifier
                        .index
-                        .as_ref()
+                        .as_deref()
-                        .filter(|index| index.parse::<url::Url>().is_ok())
+                        .filter(|index| match gix::Url::try_from(*index) {
                            Ok(url) => config.wally_allowed.is_allowed(url),
                            Err(_) => false,
                        })
                        .is_none()
                    {
                        return Err(Error::InvalidArchive(format!(
@ -332,15 +329,15 @@ pub async fn publish_package(
                        )));
                    }
                }
-                DependencySpecifiers::Git(_) => {
+                DependencySpecifiers::Git(specifier) => {
-                    if !config.git_allowed {
+                    if !config.git_allowed.is_allowed(specifier.repo.clone()) {
                        return Err(Error::InvalidArchive(
                            "git dependencies are not allowed".into(),
                        ));
                    }
                }
                DependencySpecifiers::Workspace(_) => {
-                    // workspace specifiers are to be transformed into Pesde specifiers by the sender
+                    // workspace specifiers are to be transformed into pesde specifiers by the sender
                    return Err(Error::InvalidArchive(
                        "non-transformed workspace dependency".into(),
                    ));
--- a/src/cli/commands/publish.rs
+++ b/src/cli/commands/publish.rs
@ -9,6 +9,7 @@ use pesde::{
    matching_globs_old_behaviour,
    scripts::ScriptName,
    source::{
        git_index::GitBasedSource,
        pesde::{specifier::PesdeDependencySpecifier, PesdePackageSource},
        specifiers::DependencySpecifiers,
        traits::PackageSource,
@ -362,10 +363,6 @@ info: otherwise, the file was deemed unnecessary, if you don't understand why, p
            }
        }
        #[cfg(feature = "wally-compat")]
        let mut has_wally = false;
        let mut has_git = false;
        for specifier in manifest
            .dependencies
            .values_mut()
@ -389,8 +386,6 @@ info: otherwise, the file was deemed unnecessary, if you don't understand why, p
                }
                #[cfg(feature = "wally-compat")]
                DependencySpecifiers::Wally(specifier) => {
                    has_wally = true;
                    let index_name = specifier
                        .index
                        .as_deref()
@ -406,9 +401,7 @@ info: otherwise, the file was deemed unnecessary, if you don't understand why, p
                            .to_string(),
                    );
                }
-                DependencySpecifiers::Git(_) => {
+                DependencySpecifiers::Git(_) => {}
                    has_git = true;
                }
                DependencySpecifiers::Workspace(spec) => {
                    let pkg_ref = WorkspacePackageSource
                        .resolve(spec, project, target_kind, &mut HashSet::new())
@ -570,8 +563,7 @@ info: otherwise, the file was deemed unnecessary, if you don't understand why, p
            .get(&self.index)
            .context(format!("missing index {}", self.index))?;
        let source = PesdePackageSource::new(index_url.clone());
-        source
+        PackageSource::refresh(&source, project)
            .refresh(project)
            .await
            .context("failed to refresh source")?;
        let config = source
@ -587,15 +579,31 @@ info: otherwise, the file was deemed unnecessary, if you don't understand why, p
            );
        }
-        manifest.all_dependencies().context("dependency conflict")?;
+        let deps = manifest.all_dependencies().context("dependency conflict")?;
-        if !config.git_allowed && has_git {
+        if let Some((disallowed, _)) = deps.iter().find(|(_, (spec, _))| match spec {
-            anyhow::bail!("git dependencies are not allowed on this index");
+            DependencySpecifiers::Pesde(spec) => {
-        }
+                !config.other_registries_allowed.is_allowed_or_same(
-
+                    source.repo_url().clone(),
-        #[cfg(feature = "wally-compat")]
+                    manifest
-        if !config.wally_allowed && has_wally {
+                        .indices
-            anyhow::bail!("wally dependencies are not allowed on this index");
+                        .get(spec.index.as_deref().unwrap_or(DEFAULT_INDEX_NAME))
                        .unwrap()
                        .clone(),
                )
            }
            DependencySpecifiers::Git(spec) => !config.git_allowed.is_allowed(spec.repo.clone()),
            #[cfg(feature = "wally-compat")]
            DependencySpecifiers::Wally(spec) => !config.wally_allowed.is_allowed(
                manifest
                    .wally_indices
                    .get(spec.index.as_deref().unwrap_or(DEFAULT_INDEX_NAME))
                    .unwrap()
                    .clone(),
            ),
            _ => false,
        }) {
            anyhow::bail!("dependency `{disallowed}` is not allowed on this index");
        }
        if self.dry_run {
--- a/src/source/pesde/mod.rs
+++ b/src/source/pesde/mod.rs
@ -274,22 +274,30 @@ impl Default for AllowedRegistries {
    }
 }
-impl AllowedRegistries {
+// strips .git suffix to allow for more flexible matching
-    /// Whether the given URL is allowed
+fn simplify_url(mut url: Url) -> Url {
-    pub fn is_allowed(&self, mut this: Url, mut external: Url) -> bool {
+    url.path = url.path.strip_suffix(b".git").unwrap_or(&url.path).into();
-        // strip .git suffix to allow for more flexible matching
+    url
-        this.path = this.path.strip_suffix(b".git").unwrap_or(&this.path).into();
+}
        external.path = external
            .path
            .strip_suffix(b".git")
            .unwrap_or(&external.path)
            .into();
-        this == external
+impl AllowedRegistries {
-            || (match self {
+    fn _is_allowed(&self, url: &Url) -> bool {
-                Self::All(all) => *all,
+        match self {
-                Self::Specific(urls) => urls.contains(&this) || urls.contains(&external),
+            Self::All(all) => *all,
-            })
+            Self::Specific(urls) => urls.contains(url),
        }
    }
    /// Whether the given URL is allowed
    pub fn is_allowed(&self, url: Url) -> bool {
        self._is_allowed(&simplify_url(url))
    }
    /// Whether the given URL is allowed, or is the same as the given URL
    pub fn is_allowed_or_same(&self, this: Url, external: Url) -> bool {
        let this = simplify_url(this);
        let external = simplify_url(external);
        (this == external) || self._is_allowed(&external) || self._is_allowed(&this)
    }
 }
@ -302,13 +310,13 @@ pub struct IndexConfig {
    pub download: Option<String>,
    /// Whether Git is allowed as a source for publishing packages
    #[serde(default)]
-    pub git_allowed: bool,
+    pub git_allowed: AllowedRegistries,
    /// Whether other registries are allowed as a source for publishing packages
    #[serde(default)]
    pub other_registries_allowed: AllowedRegistries,
    /// Whether Wally is allowed as a source for publishing packages
    #[serde(default)]
-    pub wally_allowed: bool,
+    pub wally_allowed: AllowedRegistries,
    /// The OAuth client ID for GitHub
    #[serde(default)]
    pub github_oauth_client_id: Option<String>,