diff --git a/crates/nu-command/src/filesystem/cd.rs b/crates/nu-command/src/filesystem/cd.rs index 15d745980f..60300baaa6 100644 --- a/crates/nu-command/src/filesystem/cd.rs +++ b/crates/nu-command/src/filesystem/cd.rs @@ -272,27 +272,74 @@ fn have_permission(dir: impl AsRef) -> PermissionResult<'static> { } } +// NOTE: it's a re-export of https://github.com/ogham/rust-users crate +// we need to use it because the upstream pr isn't merged: https://github.com/ogham/rust-users/pull/45 +// once it's merged, we can remove this module +#[cfg(unix)] +mod nu_users { + use libc::c_int; + use std::ffi::{CString, OsStr}; + use std::os::unix::ffi::OsStrExt; + use users::{gid_t, Group}; + /// Returns groups for a provided user name and primary group id. + /// + /// # libc functions used + /// + /// - [`getgrouplist`](https://docs.rs/libc/*/libc/fn.getgrouplist.html) + /// + /// # Examples + /// + /// ```no_run + /// use users::get_user_groups; + /// + /// for group in get_user_groups("stevedore", 1001).expect("Error looking up groups") { + /// println!("User is a member of group #{} ({:?})", group.gid(), group.name()); + /// } + /// ``` + pub fn get_user_groups + ?Sized>( + username: &S, + gid: gid_t, + ) -> Option> { + // MacOS uses i32 instead of gid_t in getgrouplist for unknown reasons + #[cfg(all(unix, target_os = "macos"))] + let mut buff: Vec = vec![0; 1024]; + #[cfg(all(unix, not(target_os = "macos")))] + let mut buff: Vec = vec![0; 1024]; + let name = CString::new(username.as_ref().as_bytes()).expect("OsStr is guaranteed to be zero-free, which is the condition for CString::new to succeed"); + let mut count = buff.len() as c_int; + // MacOS uses i32 instead of gid_t in getgrouplist for unknown reasons + // SAFETY: + // int getgrouplist(const char *user, gid_t group, gid_t *groups, int *ngroups); + // + // `name` is valid CStr to be `const char*` for `user` + // every valid value will be accepted for `group` + // The capacity for `*groups` is passed in as `*ngroups` which is the buffer max length/capacity (as we initialize with 0) + // Following reads from `*groups`/`buff` will only happen after `buff.truncate(*ngroups)` + #[cfg(all(unix, target_os = "macos"))] + let res = + unsafe { libc::getgrouplist(name.as_ptr(), gid as i32, buff.as_mut_ptr(), &mut count) }; + #[cfg(all(unix, not(target_os = "macos")))] + let res = unsafe { libc::getgrouplist(name.as_ptr(), gid, buff.as_mut_ptr(), &mut count) }; + if res < 0 { + None + } else { + buff.truncate(count as usize); + buff.sort_unstable(); + buff.dedup(); + // allow trivial cast: on macos i is i32, on linux it's already gid_t + #[allow(trivial_numeric_casts)] + buff.into_iter() + .filter_map(|i| users::get_group_by_gid(i as gid_t)) + .collect::>() + .into() + } + } +} + #[cfg(unix)] fn any_group(current_user_gid: gid_t, owner_group: u32) -> bool { users::get_current_username() - .map(|name| { - users::get_user_groups(&name, current_user_gid) - .map(|mut groups| { - // Fixes https://github.com/ogham/rust-users/issues/44 - // If a user isn't in more than one group then this fix won't work, - // However its common for a user to be in more than one group, so this should work for most. - if groups.len() == 2 && groups[1].gid() == 0 { - // We have no way of knowing if this is due to the issue or the user is actually in the root group - // So we will assume they are in the root group and leave it. - // It's not the end of the world if we are wrong, they will just get a permission denied error once inside. - } else { - groups.pop(); - } - - groups - }) - .unwrap_or_default() - }) + .map(|name| nu_users::get_user_groups(&name, current_user_gid).unwrap_or_default()) .unwrap_or_default() .into_iter() .any(|group| group.gid() == owner_group)