| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280 |
- local helpers = require('test.functional.helpers')(after_each)
- local Screen = require('test.functional.ui.screen')
- local eq = helpers.eq
- local clear = helpers.clear
- local command = helpers.command
- local pathsep = helpers.get_pathsep()
- local is_os = helpers.is_os
- local curbufmeths = helpers.curbufmeths
- local exec_lua = helpers.exec_lua
- local feed_command = helpers.feed_command
- local feed = helpers.feed
- local funcs = helpers.funcs
- local pcall_err = helpers.pcall_err
- local matches = helpers.matches
- describe('vim.secure', function()
- describe('read()', function()
- local xstate = 'Xstate'
- setup(function()
- clear{env={XDG_STATE_HOME=xstate}}
- helpers.mkdir_p(xstate .. pathsep .. (is_os('win') and 'nvim-data' or 'nvim'))
- helpers.write_file('Xfile', [[
- let g:foobar = 42
- ]])
- end)
- teardown(function()
- os.remove('Xfile')
- helpers.rmdir(xstate)
- end)
- it('works', function()
- local screen = Screen.new(80, 8)
- screen:attach()
- screen:set_default_attr_ids({
- [1] = {bold = true, foreground = Screen.colors.Blue1},
- [2] = {bold = true, reverse = true},
- [3] = {bold = true, foreground = Screen.colors.SeaGreen},
- [4] = {reverse = true},
- })
- --- XXX: screen:expect() may fail if this path is too long.
- local cwd = funcs.getcwd()
- -- Need to use feed_command instead of exec_lua because of the confirmation prompt
- feed_command([[lua vim.secure.read('Xfile')]])
- screen:expect{grid=[[
- |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {2: }|
- :lua vim.secure.read('Xfile') |
- {3:]] .. cwd .. pathsep .. [[Xfile is not trusted.}{MATCH:%s+}|
- {3:[i]gnore, (v)iew, (d)eny, (a)llow: }^ |
- ]]}
- feed('d')
- screen:expect{grid=[[
- ^ |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- |
- ]]}
- local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('! %s', cwd .. pathsep .. 'Xfile'), vim.trim(trust))
- eq(helpers.NIL, exec_lua([[return vim.secure.read('Xfile')]]))
- os.remove(funcs.stdpath('state') .. pathsep .. 'trust')
- feed_command([[lua vim.secure.read('Xfile')]])
- screen:expect{grid=[[
- |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {2: }|
- :lua vim.secure.read('Xfile') |
- {3:]] .. cwd .. pathsep .. [[Xfile is not trusted.}{MATCH:%s+}|
- {3:[i]gnore, (v)iew, (d)eny, (a)llow: }^ |
- ]]}
- feed('a')
- screen:expect{grid=[[
- ^ |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- |
- ]]}
- local hash = funcs.sha256(helpers.read_file('Xfile'))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('%s %s', hash, cwd .. pathsep .. 'Xfile'), vim.trim(trust))
- eq(helpers.NIL, exec_lua([[vim.secure.read('Xfile')]]))
- os.remove(funcs.stdpath('state') .. pathsep .. 'trust')
- feed_command([[lua vim.secure.read('Xfile')]])
- screen:expect{grid=[[
- |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {2: }|
- :lua vim.secure.read('Xfile') |
- {3:]] .. cwd .. pathsep .. [[Xfile is not trusted.}{MATCH:%s+}|
- {3:[i]gnore, (v)iew, (d)eny, (a)llow: }^ |
- ]]}
- feed('i')
- screen:expect{grid=[[
- ^ |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {1:~ }|
- |
- ]]}
- -- Trust database is not updated
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(nil, trust)
- feed_command([[lua vim.secure.read('Xfile')]])
- screen:expect{grid=[[
- |
- {1:~ }|
- {1:~ }|
- {1:~ }|
- {2: }|
- :lua vim.secure.read('Xfile') |
- {3:]] .. cwd .. pathsep .. [[Xfile is not trusted.}{MATCH:%s+}|
- {3:[i]gnore, (v)iew, (d)eny, (a)llow: }^ |
- ]]}
- feed('v')
- screen:expect{grid=[[
- ^let g:foobar = 42 |
- {1:~ }|
- {1:~ }|
- {2:]] .. funcs.fnamemodify(cwd, ':~') .. pathsep .. [[Xfile [RO]{MATCH:%s+}}|
- |
- {1:~ }|
- {4:[No Name] }|
- |
- ]]}
- -- Trust database is not updated
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(nil, trust)
- -- Cannot write file
- pcall_err(command, 'write')
- eq(true, curbufmeths.get_option('readonly'))
- end)
- end)
- describe('trust()', function()
- local xstate = 'Xstate'
- setup(function()
- clear{env={XDG_STATE_HOME=xstate}}
- helpers.mkdir_p(xstate .. pathsep .. (is_os('win') and 'nvim-data' or 'nvim'))
- end)
- teardown(function()
- helpers.rmdir(xstate)
- end)
- before_each(function()
- helpers.write_file('test_file', 'test')
- end)
- after_each(function()
- os.remove('test_file')
- end)
- it('returns error when passing both path and bufnr', function()
- matches('"path" and "bufnr" are mutually exclusive',
- pcall_err(exec_lua, [[vim.secure.trust({action='deny', bufnr=0, path='test_file'})]]))
- end)
- it('returns error when passing neither path or bufnr', function()
- matches('one of "path" or "bufnr" is required',
- pcall_err(exec_lua, [[vim.secure.trust({action='deny'})]]))
- end)
- it('trust then deny then remove a file using bufnr', function()
- local cwd = funcs.getcwd()
- local hash = funcs.sha256(helpers.read_file('test_file'))
- local full_path = cwd .. pathsep .. 'test_file'
- command('edit test_file')
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
- local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('%s %s', hash, full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', bufnr=0})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('! %s', full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', bufnr=0})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq('', vim.trim(trust))
- end)
- it('deny then trust then remove a file using bufnr', function()
- local cwd = funcs.getcwd()
- local hash = funcs.sha256(helpers.read_file('test_file'))
- local full_path = cwd .. pathsep .. 'test_file'
- command('edit test_file')
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', bufnr=0})}]]))
- local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('! %s', full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('%s %s', hash, full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', bufnr=0})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq('', vim.trim(trust))
- end)
- it('trust using bufnr then deny then remove a file using path', function()
- local cwd = funcs.getcwd()
- local hash = funcs.sha256(helpers.read_file('test_file'))
- local full_path = cwd .. pathsep .. 'test_file'
- command('edit test_file')
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
- local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('%s %s', hash, full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', path='test_file'})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('! %s', full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', path='test_file'})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq('', vim.trim(trust))
- end)
- it('deny then trust then remove a file using bufnr', function()
- local cwd = funcs.getcwd()
- local hash = funcs.sha256(helpers.read_file('test_file'))
- local full_path = cwd .. pathsep .. 'test_file'
- command('edit test_file')
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', path='test_file'})}]]))
- local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('! %s', full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq(string.format('%s %s', hash, full_path), vim.trim(trust))
- eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', path='test_file'})}]]))
- trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
- eq('', vim.trim(trust))
- end)
- it('trust returns error when buffer not associated to file', function()
- command('new')
- eq({false, 'buffer is not associated with a file'},
- exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
- end)
- end)
- end)
|
