From 346f49610d3592d45a7598883c900647255b339f Mon Sep 17 00:00:00 2001 From: Quaternions Date: Fri, 13 Dec 2024 21:50:19 -0800 Subject: [PATCH] script review: introduce None policy --- pkg/model/policy.go | 9 +++++---- validation/api/src/lib.rs | 9 +++++---- validation/src/validator.rs | 8 ++++++-- 3 files changed, 16 insertions(+), 10 deletions(-) diff --git a/pkg/model/policy.go b/pkg/model/policy.go index 6df5bf6..41e7dfd 100644 --- a/pkg/model/policy.go +++ b/pkg/model/policy.go @@ -5,10 +5,11 @@ import "time" type Policy int32 const ( - ScriptPolicyAllowed Policy = 0 - ScriptPolicyBlocked Policy = 1 - ScriptPolicyDelete Policy = 2 - ScriptPolicyReplace Policy = 3 + ScriptPolicyNone Policy = 0 // not yet reviewed + ScriptPolicyAllowed Policy = 1 + ScriptPolicyBlocked Policy = 2 + ScriptPolicyDelete Policy = 3 + ScriptPolicyReplace Policy = 4 ) type ScriptPolicy struct { diff --git a/validation/api/src/lib.rs b/validation/api/src/lib.rs index 240f22b..d580421 100644 --- a/validation/api/src/lib.rs +++ b/validation/api/src/lib.rs @@ -29,10 +29,11 @@ pub struct ScriptResponse{ #[derive(serde::Deserialize)] #[repr(i32)] pub enum Policy{ - Allowed=0, - Blocked=1, - Delete=2, - Replace=3, + None=0, // not yet reviewed + Allowed=1, + Blocked=2, + Delete=3, + Replace=4, } pub struct ScriptPolicyHashRequest{ diff --git a/validation/src/validator.rs b/validation/src/validator.rs index 1b57f66..99c7443 100644 --- a/validation/src/validator.rs +++ b/validation/src/validator.rs @@ -5,6 +5,7 @@ use crate::nats_types::ValidateRequest; const SCRIPT_CONCURRENCY:usize=16; enum Policy{ + None, Allowed, Blocked, Delete, @@ -71,7 +72,7 @@ impl Validator{ for &script_ref in &script_refs{ if let Some(script)=dom.get_by_ref(script_ref){ if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get("Source"){ - script_map.insert(source.clone(),Policy::Blocked); + script_map.insert(source.clone(),Policy::None); } } } @@ -91,6 +92,7 @@ impl Validator{ // write the policy to the script_map, fetching the replacement code if necessary *replacement=match script_policy.Policy{ + api::Policy::None=>Policy::None, api::Policy::Allowed=>Policy::Allowed, api::Policy::Blocked=>Policy::Blocked, api::Policy::Delete=>Policy::Delete, @@ -113,7 +115,9 @@ impl Validator{ if let Some(rbx_dom_weak::types::Variant::String(source))=script.properties.get_mut("Source"){ match script_map.get(source.as_str()){ Some(Policy::Blocked)=>return Err(ValidateError::Blocked), - None=>return Err(ValidateError::NotAllowed), + None + |Some(Policy::None) + =>return Err(ValidateError::NotAllowed), Some(Policy::Allowed)=>(), Some(Policy::Delete)=>{ modified=true;