Nix 2.26.3
Nix, the purely functional package manager; unstable internal interfaces
 
Loading...
Searching...
No Matches
filtering-source-accessor.hh
1#pragma once
2
3#include "source-path.hh"
4
5namespace nix {
6
12typedef std::function<RestrictedPathError(const CanonPath & path)> MakeNotAllowedError;
13
19struct FilteringSourceAccessor : SourceAccessor
20{
22 CanonPath prefix;
23 MakeNotAllowedError makeNotAllowedError;
24
25 FilteringSourceAccessor(const SourcePath & src, MakeNotAllowedError && makeNotAllowedError)
26 : next(src.accessor)
27 , prefix(src.path)
28 , makeNotAllowedError(std::move(makeNotAllowedError))
29 {
30 displayPrefix.clear();
31 }
32
33 std::optional<std::filesystem::path> getPhysicalPath(const CanonPath & path) override;
34
35 std::string readFile(const CanonPath & path) override;
36
37 bool pathExists(const CanonPath & path) override;
38
39 std::optional<Stat> maybeLstat(const CanonPath & path) override;
40
41 DirEntries readDirectory(const CanonPath & path) override;
42
43 std::string readLink(const CanonPath & path) override;
44
45 std::string showPath(const CanonPath & path) override;
46
51 void checkAccess(const CanonPath & path);
52
56 virtual bool isAllowed(const CanonPath & path) = 0;
57};
58
63struct AllowListSourceAccessor : public FilteringSourceAccessor
64{
68 virtual void allowPrefix(CanonPath prefix) = 0;
69
70 static ref<AllowListSourceAccessor> create(
72 std::set<CanonPath> && allowedPrefixes,
73 MakeNotAllowedError && makeNotAllowedError);
74
75 using FilteringSourceAccessor::FilteringSourceAccessor;
76};
77
81struct CachingFilteringSourceAccessor : FilteringSourceAccessor
82{
83 std::map<CanonPath, bool> cache;
84
85 using FilteringSourceAccessor::FilteringSourceAccessor;
86
87 bool isAllowed(const CanonPath & path) override;
88
89 virtual bool isAllowedUncached(const CanonPath & path) = 0;
90};
91
92}
Definition canon-path.hh:41
Definition ref.hh:15
std::optional< SourceAccessor::Stat > maybeLstat() const
std::optional< std::filesystem::path > getPhysicalPath() const
std::string readFile() const
std::string readLink() const
SourceAccessor::DirEntries readDirectory() const
bool pathExists() const
SourcePath.
Definition filtering-source-accessor.hh:64
virtual void allowPrefix(CanonPath prefix)=0
Definition filtering-source-accessor.hh:82
bool isAllowed(const CanonPath &path) override
Definition filtering-source-accessor.cc:89
virtual bool isAllowed(const CanonPath &path)=0
void checkAccess(const CanonPath &path)
Definition filtering-source-accessor.cc:50
Definition source-path.hh:22