From b04f34c6164d272a7a7999e433e5eb72ac59b7be Mon Sep 17 00:00:00 2001 From: RafaelGSS Date: Fri, 30 Jun 2023 11:06:16 -0300 Subject: [PATCH] permission: add debug log when inserting fs nodes Signed-off-by: RafaelGSS --- src/debug_utils.h | 3 ++- src/permission/fs_permission.cc | 47 +++++++++++++++++++++++++++++++++ src/permission/fs_permission.h | 2 -- 3 files changed, 49 insertions(+), 3 deletions(-) diff --git a/src/debug_utils.h b/src/debug_utils.h index c8371d392be896..31c929f122cd1f 100644 --- a/src/debug_utils.h +++ b/src/debug_utils.h @@ -50,7 +50,8 @@ void NODE_EXTERN_PRIVATE FWrite(FILE* file, const std::string& str); V(NGTCP2_DEBUG) \ V(SEA) \ V(WASI) \ - V(MKSNAPSHOT) + V(MKSNAPSHOT) \ + V(PERMISSION_MODEL) enum class DebugCategory : unsigned int { #define V(name) name, diff --git a/src/permission/fs_permission.cc b/src/permission/fs_permission.cc index 131300346d824a..7ae4a93fc4fcb4 100644 --- a/src/permission/fs_permission.cc +++ b/src/permission/fs_permission.cc @@ -1,5 +1,6 @@ #include "fs_permission.h" #include "base_object-inl.h" +#include "debug_utils-inl.h" #include "util.h" #include "v8.h" @@ -72,6 +73,46 @@ namespace node { namespace permission { +void PrintTree(FSPermission::RadixTree::Node* node, int spaces = 0) { + std::string whitespace(spaces, ' '); + + if (node == nullptr) { + return; + } + if (node->wildcard_child != nullptr) { + per_process::Debug(DebugCategory::PERMISSION_MODEL, + "%s Wildcard: %s\n", + whitespace, + node->prefix); + } else { + per_process::Debug(DebugCategory::PERMISSION_MODEL, + "%s Prefix: %s\n", + whitespace, + node->prefix); + if (node->children.size()) { + int child = 0; + for (const auto pair : node->children) { + ++child; + per_process::Debug(DebugCategory::PERMISSION_MODEL, + "%s Child(%s): %s\n", + whitespace, + child, + std::string(1, pair.first)); + PrintTree(pair.second, spaces + 2); + } + per_process::Debug(DebugCategory::PERMISSION_MODEL, + "%s End of tree - child(%s)\n", + whitespace, + child); + } else { + per_process::Debug(DebugCategory::PERMISSION_MODEL, + "%s End of tree: %s\n", + whitespace, + node->prefix); + } + } +} + // allow = '*' // allow = '/tmp/,/home/example.js' void FSPermission::Apply(const std::string& allow, PermissionScope scope) { @@ -175,6 +216,12 @@ void FSPermission::RadixTree::Insert(const std::string& path) { parent_node_prefix_len = i; } } + + if (UNLIKELY(per_process::enabled_debug_list.enabled( + DebugCategory::PERMISSION_MODEL))) { + per_process::Debug(DebugCategory::PERMISSION_MODEL, "Inserting %s\n", path); + PrintTree(root_node_); + } } } // namespace permission diff --git a/src/permission/fs_permission.h b/src/permission/fs_permission.h index 50e6f8e34f93e8..217d0a92d6ce71 100644 --- a/src/permission/fs_permission.h +++ b/src/permission/fs_permission.h @@ -18,8 +18,6 @@ class FSPermission final : public PermissionBase { void Apply(const std::string& allow, PermissionScope scope) override; bool is_granted(PermissionScope perm, const std::string_view& param) override; - // For debugging purposes, use the gist function to print the whole tree - // https://gist.github.com/RafaelGSS/5b4f09c559a54f53f9b7c8c030744d19 struct RadixTree { struct Node { std::string prefix;