Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[bug] Unhandled Promise Rejection for $TEMP: path not allowed on the configured scope #6256

Closed
gormlabenz opened this issue Feb 13, 2023 · 7 comments
Labels
platform: macOS priority: 1 high status: needs triage This issue needs to triage, applied to new issues type: bug

Comments

@gormlabenz
Copy link

Describe the bug

The problem occurs when opening a file from the BaseDirectory.Temp . Other directories work.
I tried different configurations, the only one that works is a wildcard.

   "fs": {
        "readFile": true,
        "scope": [
          "$TEMP/test.txt",
          "$TEMP/*/**",
          "$TEMP/**",
          "$TEMP/*",
          "$TEMP/",
          "$TEMP",
          "**", // <- wildcard is the only one that works
      }
 readBinaryFile(fileNameInputEl.value, { dir: BaseDirectory.Temp }).then(
      (data) => {
        console.log(data)
      }
    )

image

Reproduction

I created a repository for reproduction: https://github.com/gormlabenz/tauri-temp-bug

  1. Add "$TEMP/**" to scope
 "fs": {
        "readFile": true,
        "scope": [
          "$TEMP/**",
        ]
      }
  1. Open file from 'BaseDirectory.Temp'
    readBinaryFile(filename, { dir: BaseDirectory.Temp }).then(
      (data) => {
        console.log(data)
      }
    )

Expected behavior

Shouldn't fail when opening file from BaseDirectory.Temp

Platform and versions

Environment
› OS: Mac OS 13.1.0 X64
› Node.js: 16.15.0
› npm: 9.3.1
› pnpm: 7.27.0
› yarn: 1.22.19
› rustup: 1.25.1
› rustc: 1.63.0
› cargo: 1.63.0
› Rust toolchain: stable-x86_64-apple-darwin

Packages
› @tauri-apps/cli [NPM]: 1.2.3

Stack trace

[Error] Unhandled Promise Rejection: path not allowed on the configured scope: /var/folders/8s/xvw_7jh940d8n4cmn3wj5n8w0000gn/T/test.txt
	promiseEmptyOnRejected
	promiseReactionJob

Additional context

No response

@gormlabenz gormlabenz added status: needs triage This issue needs to triage, applied to new issues type: bug labels Feb 13, 2023
@gormlabenz gormlabenz changed the title [bug] Unhandled Promise Rejection fpr $TEMP: path not allowed on the configured scope [bug] Unhandled Promise Rejection for $TEMP: path not allowed on the configured scope Feb 13, 2023
@RealHeart
Copy link

RealHeart commented Feb 28, 2023

I have the same problem

scope:

{
    "$TEMP/AMCL",
    "$TEMP/AMCL/**"
}

code:

const tempDir = await resolve(await tempdir(), 'AMCL')
if (!(await exists(tempDir))) await createDir(tempDir)

error:

Uncaught (in promise) path not allowed on the configured scope: C:\Users\zhenxin\AppData\Local\Temp\AMCL

tauri info:

EnvironmentOS: Windows 10.0.22621 X64Webview2: 110.0.1587.56MSVC: 
      - Visual Studio ���ɹ��� 2022
   Node.js: 18.13.0npm: Not installed!
   pnpm: 7.27.1yarn: Not installed!
   rustup: 1.25.2rustc: 1.67.1cargo: 1.67.1
   Rust toolchain: stable-x86_64-pc-windows-msvc 

Packages
   @tauri-apps/cli [NPM]: 1.2.3
   @tauri-apps/api [NPM]: tauri-apps
   tauri [RUST]: 1.2.4,
   tauri-build [RUST]: 1.2.1,
   tao [RUST]: 0.15.8,
   wry [RUST]: 0.23.4,

Appframework: Vue.jsbundler: Vite

App directory structure
  ├─ .git
  ├─ .github
  ├─ .vscode
  ├─ dist
  ├─ node_modules
  ├─ public
  ├─ scripts
  ├─ src
  └─ src-tauri

@korneliuszw
Copy link

I'm sure the problem happens because on MacO std::env::temp_dir() returns path starting with /var, but /var is a symbolic link to /private/var. I took a look at the source code and I don't see any canonicalization of paths parsed from config. But we canonicalize paths received from API. The tokenizer then compares /var/... to /private/var/.., which of course is not a match.
Can someone confirm whether the /var is always a symlink? If so, should it canonicalize every path parsed from the configuration, or just TEMP? I was facing the same issue so I can try to fix this bug, if someone confirms the /var symlink.

korneliuszw added a commit to korneliuszw/tauri that referenced this issue Mar 31, 2023
@MagicMajky
Copy link

MagicMajky commented Sep 20, 2023

I have the same issue on windows.

None of the following work only wildcard does.

      "fs": {
        "readFile": true,
        "writeFile": true,
        "createDir": true,
        "exists": true,
        "scope": [
          "$TEMP/**/*",
          "$TEMP/**"
        ]
      }
// example code that throws error
    import { tempdir } from '@tauri-apps/api/os';
    import { getName } from '@tauri-apps/api/app';
    import { createDir } from "@tauri-apps/api/fs";
    const tmpDir:string = await tempdir();
    const appName:string = await getName();
    const tmpDirPath:string = await join(tmpDir, appName);
    await createDir(tmpDirPath);
     
     path not allowed on the configured scope: C:\Users\my_user\AppData\Local\Temp\appName

Is there atleast a workournd for this other than using wildcard and exposing the whole filesystem?

@github-project-automation github-project-automation bot moved this to 📬Proposal in Roadmap Sep 26, 2023
@A-afflatus
Copy link

I am using macOS as well, and the same issue is troubling me.

@ospfranco
Copy link

Also ran into this trying to write a temp file:

await fs.writeBinaryFile(name, contents, {
  dir: fs.BaseDirectory.Temp,
});

Gives

[2024-04-18][06:16:23][ERROR][log@http://localhost:1420/node_modules/.cache/.vite/deps/tauri-plugin-log.js:18:20] [ChatInput] Failed to write file path not allowed on the configured scope: /var/folders/y1/960q4z0x7h992hvtm995pk9w0000gn/T/Screenshot 2024-04-12 at 20.17.34.png

Any idea if this can be patched?

@0x-jerry
Copy link

Confirmed on mac OS 14.3.1, /var is linked to private/var.

image

@0x-jerry
Copy link

Take a look at the source code

fn push_pattern<P: AsRef<Path>, F: Fn(&str) -> Result<Pattern, glob::PatternError>>(
list: &mut HashSet<Pattern>,
pattern: P,
f: F,
) -> crate::Result<()> {
let path: PathBuf = pattern.as_ref().components().collect();
list.insert(f(&path.to_string_lossy())?);
#[cfg(windows)]
{
if let Ok(p) = std::fs::canonicalize(&path) {
list.insert(f(&p.to_string_lossy())?);
} else {
list.insert(f(&format!("\\\\?\\{}", path.display()))?);
}
}
Ok(())
}

When adding a permission pattern, it will try to canonicalize the path only on Windows.

pub fn is_allowed<P: AsRef<Path>>(&self, path: P) -> bool {
let path = path.as_ref();
let path = if !path.exists() {
crate::Result::Ok(path.to_path_buf())
} else {
std::fs::canonicalize(path).map_err(Into::into)
};

When checking permissions, the first time called writeFile will work, because the file does not exist, it will check the path directly, but when calling writeFile again with the same path, because the file exists, it will canonicalize the path then checking the canonicalized path, which doesn't work.

lucasfernog pushed a commit that referenced this issue Jun 4, 2024
* fix: check temp path permission on mac os

* chore: format code
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
platform: macOS priority: 1 high status: needs triage This issue needs to triage, applied to new issues type: bug
Projects
Status: 📬Proposal
Development

No branches or pull requests

9 participants