diff --git a/src/app/script/app_fs_object.cpp b/src/app/script/app_fs_object.cpp index 1f872377c..0250f4b97 100644 --- a/src/app/script/app_fs_object.cpp +++ b/src/app/script/app_fs_object.cpp @@ -126,7 +126,7 @@ int AppFS_makeDirectory(lua_State* L) return 1; } - if (!ask_access(L, path, FileAccessMode::Write, true)) + if (!ask_access(L, path, FileAccessMode::Full, ResourceType::File)) return luaL_error(L, "the script doesn't have access to create the directory '%s'", path); try { @@ -148,7 +148,7 @@ int AppFS_makeAllDirectories(lua_State* L) return 1; } - if (!ask_access(L, path, FileAccessMode::Write, true)) + if (!ask_access(L, path, FileAccessMode::Write, ResourceType::File)) return luaL_error(L, "the script doesn't have access to create all directories '%s'", path); try { @@ -170,7 +170,7 @@ int AppFS_removeDirectory(lua_State* L) return 1; } - if (!ask_access(L, path, FileAccessMode::Write, true)) + if (!ask_access(L, path, FileAccessMode::Write, ResourceType::File)) return luaL_error(L, "the script doesn't have access to remove the directory '%s'", path); try { diff --git a/src/app/script/app_object.cpp b/src/app/script/app_object.cpp index e1b5f6651..2792cee76 100644 --- a/src/app/script/app_object.cpp +++ b/src/app/script/app_object.cpp @@ -58,7 +58,7 @@ int load_sprite_from_file(lua_State* L, const char* filename, const LoadSpriteFromFileParam param) { std::string absFn = base::get_absolute_path(filename); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, ResourceType::File)) return luaL_error(L, "script doesn't have access to open file %s", absFn.c_str()); diff --git a/src/app/script/engine.h b/src/app/script/engine.h index 3c3c0b7f6..6db3fce94 100644 --- a/src/app/script/engine.h +++ b/src/app/script/engine.h @@ -58,13 +58,6 @@ namespace app { namespace script { - enum class FileAccessMode { - Execute = 1, - Write = 2, - Read = 4, - Full = 7 - }; - class EngineDelegate { public: virtual ~EngineDelegate() { } diff --git a/src/app/script/image_class.cpp b/src/app/script/image_class.cpp index 785237852..cc69bc04b 100644 --- a/src/app/script/image_class.cpp +++ b/src/app/script/image_class.cpp @@ -367,7 +367,7 @@ int Image_saveAs(lua_State* L) return luaL_error(L, "missing filename in Image:saveAs()"); std::string absFn = base::get_absolute_path(fn); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, ResourceType::File)) return luaL_error(L, "script doesn't have access to write file %s", absFn.c_str()); diff --git a/src/app/script/palette_class.cpp b/src/app/script/palette_class.cpp index 05cf8ec8b..d926b2c6f 100644 --- a/src/app/script/palette_class.cpp +++ b/src/app/script/palette_class.cpp @@ -76,7 +76,7 @@ int Palette_new(lua_State* L) std::string absFn = base::get_absolute_path(fromFile); lua_pop(L, 1); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, ResourceType::File)) return luaL_error(L, "script doesn't have access to open file %s", absFn.c_str()); @@ -105,7 +105,7 @@ int Palette_new(lua_State* L) if (!idAndPaths[id].empty()) { std::string absFn = base::get_absolute_path(idAndPaths[id]); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, ResourceType::File)) return luaL_error(L, "script doesn't have access to open file %s", absFn.c_str()); @@ -240,7 +240,7 @@ int Palette_saveAs(lua_State* L) const char* fn = luaL_checkstring(L, 2); if (fn) { std::string absFn = base::get_absolute_path(fn); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, ResourceType::File)) return luaL_error(L, "script doesn't have access to write file %s", absFn.c_str()); save_palette(absFn.c_str(), pal, pal->size()); diff --git a/src/app/script/security.cpp b/src/app/script/security.cpp index d9f077173..ae9170869 100644 --- a/src/app/script/security.cpp +++ b/src/app/script/security.cpp @@ -1,5 +1,5 @@ // Aseprite -// Copyright (C) 2019 Igara Studio S.A. +// Copyright (C) 2019-2021 Igara Studio S.A. // Copyright (C) 2018 David Capello // // This program is distributed under the terms of @@ -81,7 +81,7 @@ int secure_io_open(lua_State* L) mode = FileAccessMode::Write; } - if (!ask_access(L, absFilename.c_str(), mode, true)) { + if (!ask_access(L, absFilename.c_str(), mode, ResourceType::File)) { return luaL_error(L, "the script doesn't have access to file '%s'", absFilename.c_str()); } @@ -101,7 +101,7 @@ int secure_os_execute(lua_State* L) return 0; const char* cmd = lua_tostring(L, 1); - if (!ask_access(L, cmd, FileAccessMode::Execute, false)) { + if (!ask_access(L, cmd, FileAccessMode::Execute, ResourceType::Command)) { // Stop script return luaL_error(L, "the script doesn't have access to execute the command: '%s'", cmd); @@ -117,7 +117,7 @@ int secure_os_execute(lua_State* L) bool ask_access(lua_State* L, const char* filename, const FileAccessMode mode, - const bool canOpenFile) + const ResourceType resourceType) { #ifdef ENABLE_UI // Ask for permission to open the file @@ -144,10 +144,16 @@ bool ask_access(lua_State* L, app::gen::ScriptAccess dlg; dlg.script()->setText(script); - dlg.fileLabel()->setText( - canOpenFile ? - Strings::script_access_file_label(): - Strings::script_access_command_label()); + + { + std::string label; + switch (resourceType) { + case ResourceType::File: label = Strings::script_access_file_label(); break; + case ResourceType::Command: label = Strings::script_access_command_label(); break; + } + dlg.fileLabel()->setText(label); + } + dlg.file()->setText(filename); dlg.allow()->setText(allowButtonText); dlg.allow()->processMnemonicFromText(); @@ -174,7 +180,7 @@ bool ask_access(lua_State* L, } }); - if (canOpenFile) { + if (resourceType == ResourceType::File) { dlg.file()->Click.connect( [&dlg]{ std::string fn = dlg.file()->text(); diff --git a/src/app/script/security.h b/src/app/script/security.h index 4e7b1741b..9ee283471 100644 --- a/src/app/script/security.h +++ b/src/app/script/security.h @@ -1,4 +1,5 @@ // Aseprite +// Copyright (C) 2021 Igara Studio S.A. // Copyright (C) 2018 David Capello // // This program is distributed under the terms of @@ -17,13 +18,25 @@ namespace app { namespace script { + enum class FileAccessMode { + Execute = 1, + Write = 2, + Read = 4, + Full = 7, + }; + + enum class ResourceType { + File, + Command, + }; + int secure_io_open(lua_State* L); int secure_os_execute(lua_State* L); bool ask_access(lua_State* L, const char* filename, const FileAccessMode mode, - const bool canOpenFile); + const ResourceType resourceType); } // namespace script } // namespace app diff --git a/src/app/script/sprite_class.cpp b/src/app/script/sprite_class.cpp index e2db05306..6b60cbf41 100644 --- a/src/app/script/sprite_class.cpp +++ b/src/app/script/sprite_class.cpp @@ -208,7 +208,7 @@ int Sprite_saveAs_base(lua_State* L, std::string& absFn) appCtx->setActiveDocument(doc); absFn = base::get_absolute_path(fn); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Write, ResourceType::File)) return luaL_error(L, "script doesn't have access to write file %s", absFn.c_str()); @@ -267,7 +267,7 @@ int Sprite_loadPalette(lua_State* L) const char* fn = luaL_checkstring(L, 2); if (fn && sprite) { std::string absFn = base::get_absolute_path(fn); - if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, true)) + if (!ask_access(L, absFn.c_str(), FileAccessMode::Read, ResourceType::File)) return luaL_error(L, "script doesn't have access to open file %s", absFn.c_str());