Commit 68ad22a9 authored by trinity-1686a's avatar trinity-1686a
Browse files

remove dependancy 'users' on iOS

parent bab36d45
Loading
Loading
Loading
Loading
+3 −1
Original line number Diff line number Diff line
@@ -23,9 +23,11 @@ walkdir = { version = "2", optional = true }

[target.'cfg(unix)'.dependencies]
libc = "0.2"
users = "0.11"
once_cell = "1"

[target.'cfg(all(unix, not(target_os="ios")))'.dependencies]
users = "0.11"

[dev-dependencies]
anyhow = "1.0.23"
serde_json = "1.0.50"
+13 −3
Original line number Diff line number Diff line
@@ -166,6 +166,8 @@ impl<'a> super::Verifier<'a> {
    /// Check whether a given file has the correct ownership and permissions,
    /// and push errors into `errors` if not. Other inputs are as for
    /// `check_one`.
    ///
    /// On iOS, check permissions but assumes the owner is the current user.
    #[cfg(target_family = "unix")]
    fn check_permissions(
        &self,
@@ -178,10 +180,14 @@ impl<'a> super::Verifier<'a> {
        // always change the permissions of the object.  (If we're talking
        // about a directory, the owner cah change the permissions and owner
        // of anything in the directory.)

        #[cfg(not(target_os = "ios"))]
        {
            let uid = meta.uid();
            if uid != 0 && Some(uid) != self.mistrust.trust_user {
                errors.push(Error::BadOwner(path.into(), uid));
            }
        }

        // On Unix-like platforms, symlink permissions are ignored (and usually
        // not settable). Theoretically, the symlink owner shouldn't matter, but
@@ -190,6 +196,8 @@ impl<'a> super::Verifier<'a> {
            return;
        }

        // mut not used when compiling or iOS
        #[allow(unused_mut)]
        let mut forbidden_bits = if !self.readable_okay && path_type == PathType::Final {
            // If this is the target object, and it must not be readable, then
            // we forbid it to be group-rwx and all-rwx.
@@ -219,9 +227,11 @@ impl<'a> super::Verifier<'a> {
            }
        };
        // If we trust the GID, then we allow even more bits to be set.
        #[cfg(not(target_os = "ios"))]
        if self.mistrust.trust_group == Some(meta.gid()) {
            forbidden_bits &= !0o070;
        }

        let bad_bits = meta.mode() & forbidden_bits;
        if bad_bits != 0 {
            errors.push(Error::BadPermission(
+6 −6
Original line number Diff line number Diff line
@@ -283,7 +283,7 @@ mod dir;
mod disable;
mod err;
mod imp;
#[cfg(target_family = "unix")]
#[cfg(all(target_family = "unix", not(target_os = "ios")))]
mod user;

#[cfg(test)]
@@ -305,7 +305,7 @@ pub use err::Error;
/// A result type as returned by this crate
pub type Result<T> = std::result::Result<T, Error>;

#[cfg(target_family = "unix")]
#[cfg(all(target_family = "unix", not(target_os = "ios")))]
pub use user::{TrustedGroup, TrustedUser};

/// Configuration for verifying that a file or directory is really "private".
@@ -361,7 +361,7 @@ pub struct Mistrust {
    status: disable::Status,

    /// What user ID do we trust by default (if any?)
    #[cfg(target_family = "unix")]
    #[cfg(all(target_family = "unix", not(target_os = "ios")))]
    #[builder(
        setter(into),
        field(type = "TrustedUser", build = "self.trust_user.get_uid()?")
@@ -369,7 +369,7 @@ pub struct Mistrust {
    trust_user: Option<u32>,

    /// What group ID do we trust by default (if any?)
    #[cfg(target_family = "unix")]
    #[cfg(all(target_family = "unix", not(target_os = "ios")))]
    #[builder(
        setter(into),
        field(type = "TrustedGroup", build = "self.trust_group.get_gid()?")
@@ -400,7 +400,7 @@ impl MistrustBuilder {
    /// trusted.
    ///
    /// This option disables the default group-trust behavior as well.
    #[cfg(target_family = "unix")]
    #[cfg(all(target_family = "unix", not(target_os = "ios")))]
    pub fn trust_admin_only(&mut self) -> &mut Self {
        self.trust_user = TrustedUser::None;
        self.trust_group = TrustedGroup::None;
@@ -415,7 +415,7 @@ impl MistrustBuilder {
    /// With this option set, no group is trusted, and and any group-readable or
    /// group-writable objects are treated the same as world-readable and
    /// world-writable objects respectively.
    #[cfg(target_family = "unix")]
    #[cfg(all(target_family = "unix", not(target_os = "ios")))]
    pub fn trust_no_group_id(&mut self) -> &mut Self {
        self.trust_group = TrustedGroup::None;
        self