-
Notifications
You must be signed in to change notification settings - Fork 14.3k
Make deny canonical for filesystem permission entries
#23493
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changes from all commits
File filter
Filter by extension
Conversations
Jump to
Diff view
Diff view
There are no files selected for viewing
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -817,13 +817,23 @@ | |
| "type": "object" | ||
| }, | ||
| "FileSystemAccessMode": { | ||
| "description": "Access mode for a filesystem entry.\n\nWhen two equally specific entries target the same path, we compare these by conflict precedence rather than by capability breadth: `none` beats `write`, and `write` beats `read`.", | ||
| "enum": [ | ||
| "read", | ||
| "write", | ||
| "none" | ||
| ], | ||
| "type": "string" | ||
| "description": "Access mode for a filesystem entry.\n\nWhen two equally specific entries target the same path, we compare these by conflict precedence rather than by capability breadth: `deny` beats `write`, and `write` beats `read`.", | ||
| "oneOf": [ | ||
| { | ||
| "enum": [ | ||
| "read", | ||
| "write" | ||
| ], | ||
| "type": "string" | ||
| }, | ||
| { | ||
| "description": "`none` is a legacy input alias retained temporarily for compatibility.", | ||
| "enum": [ | ||
| "deny" | ||
|
Comment on lines
+831
to
+832
Contributor
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more.
For users who still have existing Useful? React with 👍 / 👎. |
||
| ], | ||
| "type": "string" | ||
| } | ||
|
Comment on lines
+821
to
+835
Collaborator
There was a problem hiding this comment. Choose a reason for hiding this commentThe reason will be displayed to describe this comment to others. Learn more. This codegen seems a bit unfortunate... |
||
| ] | ||
| }, | ||
| "FilesystemPermissionToml": { | ||
| "anyOf": [ | ||
|
|
||
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nonealias in v2 filesystem accessWhen an app-server client built against the previous v2 schema replies to
item/permissions/requestApproval(or sends an experimental additional-permissions payload) with an entry whoseaccessis still"none", this v2 enum now rejects the JSON before it can be converted to the core type that still has#[serde(alias = "none")]. Since the prior generated TypeScript exposed"none"as the valid value, mixed-version clients will fail permission approvals involving deny-read entries unless this wrapper enum also accepts the legacy alias onDeny.Useful? React with 👍 / 👎.