Restrinct net and write permissions in conract-related commands (#10)

* Allow net in general case

* Deny write access outside ./ in general cas

* Restrict net access in contract-related commands

* Allow net access in uploadToURL()

build/main.js

@@ -72,6 +72,9 @@ function isURL(arg) {
 function isValidKey(key) {
   return !/[\x00-\x1f\x7f\t\\/]/.test(key);
 }
+async function revokeNet() {
+  await Deno.permissions.revoke({ name: "net" });
+}
 var init_utils = __esm({
   "src/utils.ts"() {
     "use strict";
@@ -257,13 +260,15 @@ function uploadToURL(filepath, url) {
   });
 }
 async function uploadToDir(filepath, dir) {
+  await revokeNet();
   const buffer = Deno.readFileSync(filepath);
   const hash2 = blake32Hash(buffer);
   const destination = path.join(dir, hash2);
   await Deno.writeFile(destination, buffer);
   return destination;
 }
 async function uploadToSQLite(filepath, sqlitedb) {
+  await revokeNet();
   const { initStorage: initStorage3, writeData: writeData3 } = await Promise.resolve().then(() => (init_database_sqlite(), database_sqlite_exports));
   initStorage3({ dirname: path.dirname(sqlitedb), filename: path.basename(sqlitedb) });
   const buffer = await Deno.readFile(filepath);
@@ -481,7 +486,9 @@ var helpDict = {
 
 // src/manifest.ts
 init_deps();
+init_utils();
 async function manifest(args) {
+  await revokeNet();
   const parsedArgs = flags.parse(args);
   const [_keyFile, contractFile] = parsedArgs._;
   const parsedFilepath = path.parse(contractFile);
@@ -531,6 +538,7 @@ var backends2 = {
   sqlite: await Promise.resolve().then(() => (init_database_sqlite(), database_sqlite_exports))
 };
 async function migrate(args) {
+  await revokeNet();
   const parsedArgs = flags.parse(args);
   const { from, to, out } = parsedArgs;
   const src = path.resolve(String(parsedArgs._[0]) ?? ".");

deno.json

@@ -1,6 +1,6 @@
 {
   "tasks": {
-    "chel": "deno task build && deno run --import-map=./vendor/import_map.json --allow-read=. --allow-write build/main.js",
+    "chel": "deno task build && deno run --import-map=./vendor/import_map.json --allow-net --allow-read=. --allow-write=. build/main.js",
     "lint": "standard ./src",
     "vendor": "deno vendor -f src/main.ts scripts/compile.ts",
     "compile": "deno run --import-map=./vendor/import_map.json --no-remote --allow-run --allow-read=. --allow-write=./dist scripts/compile.ts",

src/manifest.ts

@@ -7,12 +7,13 @@
 
 import { flags, path, colors } from './deps.ts'
 import { hash } from './hash.ts'
+import { revokeNet } from './utils.ts'
 
 // import { writeAllSync } from "https://deno.land/std@0.141.0/streams/mod.ts"
 
 export async function manifest (args: string[]) {
+  await revokeNet()
   const parsedArgs = flags.parse(args)
-  // console.log(parsedArgs)
   const [_keyFile, contractFile] = parsedArgs._
   const parsedFilepath = path.parse(contractFile as string)
   const { name: contractName, base: contractBasename, dir: contractDir } = parsedFilepath

src/migrate.ts

@@ -2,14 +2,15 @@
 // chel migrate --from fs --to sqlite --out ./database.db ./data
 
 import { colors, flags, path } from './deps.ts'
-import { exit, isDir, isFile, isNotHashKey, isValidKey } from './utils.ts'
+import { exit, isDir, isFile, isNotHashKey, isValidKey, revokeNet } from './utils.ts'
 
 const backends = {
   fs: await import('./database-fs.ts'),
   sqlite: await import('./database-sqlite.ts')
 }
 
 export async function migrate(args: string[]) {
+  await revokeNet()
   const parsedArgs = flags.parse(args)
 
   const { from, to, out } = parsedArgs

src/upload.ts

@@ -1,14 +1,10 @@
 'use strict'
 
 import { path, colors } from './deps.ts'
-import { blake32Hash, isDir } from './utils.ts'
+import { blake32Hash, isDir, revokeNet } from './utils.ts'
 
 // chel upload <url-or-dir-or-sqlitedb> <file1> [<file2> [<file3> ...]]
 
-// TODO: use Deno.permissions.request(...) to request permissions to the specific URL
-//       https://deno.land/manual/runtime/permission_apis
-//       and use this everywhere so that we protect against malicious contracts
-
 export async function upload (args: string[], internal = false) {
   const [urlOrDirOrSqliteFile, ...files] = args
   if (files.length === 0) throw new Error(`missing files!`)
@@ -47,6 +43,7 @@ function uploadToURL (filepath: string, url: string): Promise<string> {
 }
 
 async function uploadToDir (filepath: string, dir: string) {
+  await revokeNet()
   const buffer = Deno.readFileSync(filepath)
   const hash = blake32Hash(buffer)
   const destination = path.join(dir, hash)
@@ -55,6 +52,7 @@ async function uploadToDir (filepath: string, dir: string) {
 }
 
 async function uploadToSQLite (filepath: string, sqlitedb: string) {
+  await revokeNet()
   const { initStorage, writeData } = await import('./database-sqlite.ts')
   initStorage({dirname: path.dirname(sqlitedb), filename: path.basename(sqlitedb)})
   const buffer = await Deno.readFile(filepath)

src/utils.ts

@@ -61,3 +61,7 @@ export function isValidKey (key: string): boolean {
   // deno-lint-ignore no-control-regex
   return !/[\x00-\x1f\x7f\t\\/]/.test(key)
 }
+
+export async function revokeNet () {
+  await Deno.permissions.revoke({ name: 'net' })
+}