search

trifectatechfoundation / sudo-rs

A memory safe implementation of sudo and su.
Other
2.88k stars 77 forks source link

sudo: refactor CLI validation #789

Closed japaric closed 10 months ago

japaric commented 11 months ago

this PR makes sudo's CLI validation more strict.

now the flags associated to different actions (e.g. run, list, validate) are encoded using structs.

this eliminates the possibility of an unrelated flag, e.g. --user, making into the execution of an action, e.g. --remove-timestamp

diagnostics are now more helpful as they point out what the conflicting flags are

$ sudo --remove-timestamp -u root
--remove-timestamp conflicts with --user

fixes #788 fixes #787 closes #774

this is best reviewed on a commit by commit basis

we could make do without the 'move crate::cli into crate::sudo' commit but that module being in the root of the crate was bothering me

I would like to refactor the Context API and avoid the OptionsForContext struct but I held off for this particular PR

codecov[bot] commented 10 months ago

Codecov Report

Attention: 117 lines in your changes are missing coverage. Please review.

Comparison is base (870d15b) 55.88% compared to head (9d04eb6) 56.71%.

Additional details and impacted files ```diff @@ Coverage Diff @@ ## main #789 +/- ## ========================================== + Coverage 55.88% 56.71% +0.82% ========================================== Files 74 74 Lines 9968 10338 +370 ========================================== + Hits 5571 5863 +292 - Misses 4397 4475 +78 ``` | [Files](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety) | Coverage Δ | | |---|---|---| | [src/common/resolve.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL2NvbW1vbi9yZXNvbHZlLnJz) | `94.30% <100.00%> (ø)` | | | [src/sudo/cli/help.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vY2xpL2hlbHAucnM=) | `0.00% <ø> (ø)` | | | [src/sudo/env/environment.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vZW52L2Vudmlyb25tZW50LnJz) | `85.49% <ø> (ø)` | | | [src/sudo/env/tests.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vZW52L3Rlc3RzLnJz) | `99.11% <100.00%> (ø)` | | | [src/sudo/env/wildcard\_match.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vZW52L3dpbGRjYXJkX21hdGNoLnJz) | `93.33% <ø> (ø)` | | | [src/sudo/cli/tests.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vY2xpL3Rlc3RzLnJz) | `99.72% <99.32%> (ø)` | | | [src/common/context.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL2NvbW1vbi9jb250ZXh0LnJz) | `89.79% <80.00%> (+5.70%)` | :arrow_up: | | [src/sudo/pipeline/list.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vcGlwZWxpbmUvbGlzdC5ycw==) | `0.00% <0.00%> (ø)` | | | [src/sudo/mod.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vbW9kLnJz) | `0.00% <0.00%> (ø)` | | | [src/sudo/pipeline.rs](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety#diff-c3JjL3N1ZG8vcGlwZWxpbmUucnM=) | `0.00% <0.00%> (ø)` | | | ... and [1 more](https://app.codecov.io/gh/memorysafety/sudo-rs/pull/789?src=pr&el=tree-more&utm_medium=referral&utm_source=github&utm_content=comment&utm_campaign=pr+comments&utm_term=memorysafety) | |

:umbrella: View full report in Codecov by Sentry.
:loudspeaker: Have feedback on the report? Share it here.