permission: handle end nodes with children cases (!48531) · Merge requests · Rodrigo Test / Test Group-nodejs / node

Rodrigo Muino Tomonari requested to merge github/fork/RafaelGSS/fix-leaf-node-perm-model into main Jun 23, 2023

When two paths overlaps, the permission model returns a false negative cause the Node* doesn't contain an empty child ("") to consider it as an end node. For instance, if you call --allow-fs-read=/home/index.js,/home/index.json and call process.permission.has for both paths, it will return false for the index.js since it will create the following radix tree:

Child /
  Prefix: /home/index.js
  Child o
    Prefix: on
    End of tree: on
  End of tree(c): /home/index.js
End of tree(c):

and if you invert the parameters order: --allow-fs-read=/home/index.json,/home/index.js it will create an empty child for "/home/index.js" indicating "end node".

To handle it I've included a new parameter to Node*: is_leaf.

Admin message

Admin message

permission: handle end nodes with children cases

Merge request reports