mirror of
https://github.com/neovim/neovim.git
synced 2025-09-07 11:58:17 +00:00
feat(secure): add :trust command and vim.secure.trust() (#21107)
Introduce vim.secure.trust() to programmatically manage the trust database. Use this function in a new :trust ex command which can be used as a simple frontend. Resolves: https://github.com/neovim/neovim/issues/21092 Co-authored-by: Gregory Anders <greg@gpanders.com> Co-authored-by: ii14 <ii14@users.noreply.github.com>
This commit is contained in:
Jlll1
@@ -168,4 +168,111 @@ describe('vim.secure', function()
|
||||
eq(false, curbufmeths.get_option('modifiable'))
|
||||
end)
|
||||
end)
|
||||
|
||||
describe('trust()', function()
|
||||
local xstate = 'Xstate'
|
||||
|
||||
setup(function()
|
||||
helpers.mkdir_p(xstate .. pathsep .. (is_os('win') and 'nvim-data' or 'nvim'))
|
||||
end)
|
||||
|
||||
teardown(function()
|
||||
helpers.rmdir(xstate)
|
||||
end)
|
||||
|
||||
before_each(function()
|
||||
helpers.write_file('test_file', 'test')
|
||||
end)
|
||||
|
||||
after_each(function()
|
||||
os.remove('test_file')
|
||||
end)
|
||||
|
||||
it('returns error when passing both path and bufnr', function()
|
||||
eq('path and bufnr are mutually exclusive',
|
||||
pcall_err(exec_lua, [[vim.secure.trust({action='deny', bufnr=0, path='test_file'})]]))
|
||||
end)
|
||||
|
||||
it('trust then deny then remove a file using bufnr', function()
|
||||
local cwd = funcs.getcwd()
|
||||
local hash = funcs.sha256(helpers.read_file('test_file'))
|
||||
local full_path = cwd .. pathsep .. 'test_file'
|
||||
|
||||
command('edit test_file')
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
|
||||
local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('%s %s', hash, full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', bufnr=0})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('! %s', full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', bufnr=0})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq('', vim.trim(trust))
|
||||
end)
|
||||
|
||||
it('deny then trust then remove a file using bufnr', function()
|
||||
local cwd = funcs.getcwd()
|
||||
local hash = funcs.sha256(helpers.read_file('test_file'))
|
||||
local full_path = cwd .. pathsep .. 'test_file'
|
||||
|
||||
command('edit test_file')
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', bufnr=0})}]]))
|
||||
local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('! %s', full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('%s %s', hash, full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', bufnr=0})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq('', vim.trim(trust))
|
||||
end)
|
||||
|
||||
it('trust using bufnr then deny then remove a file using path', function()
|
||||
local cwd = funcs.getcwd()
|
||||
local hash = funcs.sha256(helpers.read_file('test_file'))
|
||||
local full_path = cwd .. pathsep .. 'test_file'
|
||||
|
||||
command('edit test_file')
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
|
||||
local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('%s %s', hash, full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', path='test_file'})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('! %s', full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', path='test_file'})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq('', vim.trim(trust))
|
||||
end)
|
||||
|
||||
it('deny then trust then remove a file using bufnr', function()
|
||||
local cwd = funcs.getcwd()
|
||||
local hash = funcs.sha256(helpers.read_file('test_file'))
|
||||
local full_path = cwd .. pathsep .. 'test_file'
|
||||
|
||||
command('edit test_file')
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='deny', path='test_file'})}]]))
|
||||
local trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('! %s', full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq(string.format('%s %s', hash, full_path), vim.trim(trust))
|
||||
|
||||
eq({true, full_path}, exec_lua([[return {vim.secure.trust({action='remove', path='test_file'})}]]))
|
||||
trust = helpers.read_file(funcs.stdpath('state') .. pathsep .. 'trust')
|
||||
eq('', vim.trim(trust))
|
||||
end)
|
||||
|
||||
it('trust returns error when buffer not associated to file', function()
|
||||
command('new')
|
||||
eq({false, 'buffer is not associated with a file'},
|
||||
exec_lua([[return {vim.secure.trust({action='allow', bufnr=0})}]]))
|
||||
end)
|
||||
end)
|
||||
end)
|
||||
|
||||
Reference in New Issue
Block a user