140 lines
3.1 KiB
Go
140 lines
3.1 KiB
Go
package ui
|
|
|
|
import (
|
|
"os"
|
|
"path/filepath"
|
|
"sync"
|
|
"sync/atomic"
|
|
|
|
"github.com/safing/portmaster/base/api"
|
|
"github.com/safing/portmaster/base/log"
|
|
"github.com/safing/portmaster/base/utils"
|
|
"github.com/safing/portmaster/service/mgr"
|
|
"github.com/spkg/zipfs"
|
|
)
|
|
|
|
// UI serves the user interface files.
|
|
type UI struct {
|
|
mgr *mgr.Manager
|
|
instance instance
|
|
|
|
archives map[string]*zipfs.FileSystem
|
|
archivesLock sync.RWMutex
|
|
|
|
upgradeLock atomic.Bool
|
|
}
|
|
|
|
// New returns a new UI module.
|
|
func New(instance instance) (*UI, error) {
|
|
m := mgr.New("UI")
|
|
ui := &UI{
|
|
mgr: m,
|
|
instance: instance,
|
|
|
|
archives: make(map[string]*zipfs.FileSystem),
|
|
}
|
|
|
|
if err := ui.registerAPIEndpoints(); err != nil {
|
|
return nil, err
|
|
}
|
|
if err := ui.registerRoutes(); err != nil {
|
|
return nil, err
|
|
}
|
|
|
|
return ui, nil
|
|
}
|
|
|
|
func (ui *UI) Manager() *mgr.Manager {
|
|
return ui.mgr
|
|
}
|
|
|
|
// Start starts the module.
|
|
func (ui *UI) Start() error {
|
|
// Create a dummy directory to which processes change their working directory
|
|
// to. Currently this includes the App and the Notifier. The aim is protect
|
|
// all other directories and increase compatibility should any process want
|
|
// to read or write something to the current working directory. This can also
|
|
// be useful in the future to dump data to for debugging. The permission used
|
|
// may seem dangerous, but proper permission on the parent directory provide
|
|
// (some) protection.
|
|
// Processes must _never_ read from this directory.
|
|
execDir := filepath.Join(ui.instance.DataDir(), "exec")
|
|
err := os.MkdirAll(execDir, 0o0777) //nolint:gosec // This is intentional.
|
|
if err != nil {
|
|
log.Warningf("ui: failed to create safe exec dir: %s", err)
|
|
}
|
|
|
|
// Ensure directory permission
|
|
err = utils.EnsureDirectory(execDir, utils.PublicWriteExecPermission)
|
|
if err != nil {
|
|
log.Warningf("ui: failed to set permissions to directory %s: %s", execDir, err)
|
|
}
|
|
|
|
return nil
|
|
}
|
|
|
|
// Stop stops the module.
|
|
func (ui *UI) Stop() error {
|
|
return nil
|
|
}
|
|
|
|
func (ui *UI) getArchive(name string) (archive *zipfs.FileSystem, ok bool) {
|
|
ui.archivesLock.RLock()
|
|
defer ui.archivesLock.RUnlock()
|
|
|
|
archive, ok = ui.archives[name]
|
|
return
|
|
}
|
|
|
|
func (ui *UI) setArchive(name string, archive *zipfs.FileSystem) {
|
|
ui.archivesLock.Lock()
|
|
defer ui.archivesLock.Unlock()
|
|
|
|
ui.archives[name] = archive
|
|
}
|
|
|
|
// CloseArchives closes all open archives.
|
|
func (ui *UI) CloseArchives() {
|
|
if ui == nil {
|
|
return
|
|
}
|
|
|
|
ui.archivesLock.Lock()
|
|
defer ui.archivesLock.Unlock()
|
|
|
|
// Close archives.
|
|
for _, archive := range ui.archives {
|
|
if err := archive.Close(); err != nil {
|
|
ui.mgr.Warn("failed to close ui archive", "err", err)
|
|
}
|
|
}
|
|
|
|
// Reset map.
|
|
clear(ui.archives)
|
|
}
|
|
|
|
// EnableUpgradeLock enables the upgrade lock and closes all open archives.
|
|
func (ui *UI) EnableUpgradeLock() {
|
|
if ui == nil {
|
|
return
|
|
}
|
|
|
|
ui.upgradeLock.Store(true)
|
|
ui.CloseArchives()
|
|
}
|
|
|
|
// DisableUpgradeLock disables the upgrade lock.
|
|
func (ui *UI) DisableUpgradeLock() {
|
|
if ui == nil {
|
|
return
|
|
}
|
|
|
|
ui.upgradeLock.Store(false)
|
|
}
|
|
|
|
type instance interface {
|
|
DataDir() string
|
|
API() *api.API
|
|
GetBinaryUpdateFile(name string) (path string, err error)
|
|
}
|