Merge pull request #19395 from Microsoft/kieferrm/unsupportedSettings

workspaces can't override settings for executables

Merge pull request #19395 from Microsoft/kieferrm/unsupportedSettings
workspaces can't override settings for executables
07c1d8c1 · Kai Maetzel · GitHub · 289dbf77 · 5594b092 · 07c1d8c1
4 changed file
--- a/src/vs/platform/configuration/common/configurationRegistry.ts
+++ b/src/vs/platform/configuration/common/configurationRegistry.ts
@@ -261,32 +261,6 @@ function getDefaultValue(type: string | string[]): any {
 const configurationRegistry = new ConfigurationRegistry();
 Registry.add(Extensions.Configuration, configurationRegistry);

-export interface ISecurityConfiguration {
-	security: {
-		workspacesTrustedToSpecifyExecutables: { [path: string]: boolean }
-	};
-}
-
-configurationRegistry.registerConfiguration({
-	'id': 'Security',
-	'order': 5,
-	'title': nls.localize('securityConfigurationTitle', "Security"),
-	'type': 'object',
-	'properties': {
-		'security.workspacesTrustedToSpecifyExecutables': {
-			'type': 'object',
-			'description': nls.localize('security.workspacesTrustedToSpecifyExecutables', "Controls which workspaces are trusted to specify executables in their settings. This option can only be configured in the user settings."),
-			'default': {},
-			defaultSnippets: [{ body: '${1:workspace_path} : ${2:true}' }],
-			'additionalProperties': {
-				'type': 'boolean',
-				'description': nls.localize('exclude.boolean', "Path to a workspaces. Set to true or false to trust or distrust a workspace."),
-			}
-		}
-	}
-
-});
-
 const configurationExtPoint = ExtensionsRegistry.registerExtensionPoint<IConfigurationNode>('configuration', [], {
 	description: nls.localize('vscode.extension.contributes.configuration', 'Contributes configuration settings.'),
 	type: 'object',

--- a/src/vs/workbench/parts/preferences/browser/preferencesEditor.ts
+++ b/src/vs/workbench/parts/preferences/browser/preferencesEditor.ts
@@ -1384,7 +1384,7 @@ class UnTrustedWorkspaceSettingsRenderer extends Disposable {
 						startColumn: setting.keyRange.startColumn,
 						endLineNumber: setting.keyRange.endLineNumber,
 						endColumn: setting.keyRange.endColumn,
-						message: nls.localize('untrustedWorkspaceWithExectuables', "`{0}` specifies an executable. It is ignored because the workspace is untrusted. To mark a workspace as trusted, open the User settings and add workspace folder to `security.workspacesTrustedToSpecifyExecutables`", setting.key)
+						message: nls.localize('unsupportedWorkspaceSetting', "This setting must be a User Setting.")
 					});
 				}
 			}

--- a/src/vs/workbench/parts/trust/electron-browser/trust.contribution.ts
+++ b/src/vs/workbench/parts/trust/electron-browser/trust.contribution.ts
@@ -15,15 +15,14 @@ import { ILifecycleService } from 'vs/platform/lifecycle/common/lifecycle';
 import { IMessageService, Severity } from 'vs/platform/message/common/message';
 import { IPreferencesService } from 'vs/workbench/parts/preferences/common/preferences';
 import { IWorkspaceConfigurationService } from 'vs/workbench/services/configuration/common/configuration';
-import { IConfigurationEditingService, ConfigurationTarget } from 'vs/workbench/services/configuration/common/configurationEditing';
-import { IWorkspaceContextService } from 'vs/platform/workspace/common/workspace';
-import { IConfigurationService } from 'vs/platform/configuration/common/configuration';
-import baseplatform = require('vs/base/common/platform');
 import { ITelemetryService } from 'vs/platform/telemetry/common/telemetry';
+import { IStorageService, StorageScope } from 'vs/platform/storage/common/storage';
+


 class TrustContribution implements IWorkbenchContribution {

+	private static storageKey = 'workspace.settings.unsupported.warning';
 	private toDispose: IDisposable[] = [];
 	private isUntrusted = false;

@@ -32,82 +31,66 @@ class TrustContribution implements IWorkbenchContribution {
 		@IWorkspaceConfigurationService private workspaceConfigurationService: IWorkspaceConfigurationService,
 		@IPreferencesService private preferencesService: IPreferencesService,
 		@IMessageService private messageService: IMessageService,
-		@IWorkspaceContextService private workspaceContextService: IWorkspaceContextService,
-		@IConfigurationService private configurationService: IConfigurationService,
-		@IConfigurationEditingService private configurationEditingService: IConfigurationEditingService,
-		@ITelemetryService private telemetryService: ITelemetryService
+		@ITelemetryService private telemetryService: ITelemetryService,
+		@IStorageService private storageService: IStorageService
 	) {
 		lifecycleService.onShutdown(this.dispose, this);
-		this.toDispose.push(this.workspaceConfigurationService.onDidUpdateConfiguration(e => this.checkWorkspaceTrust()));
-		this.checkWorkspaceTrust();
+		this.toDispose.push(this.workspaceConfigurationService.onDidUpdateConfiguration(e => this.checkWorkspaceSettings()));
+		this.checkWorkspaceSettings();
 	}

 	getId(): string {
-		return 'trust';
+		return 'unsupportedWorkspaceSettings';
 	}

 	public dispose(): void {
 		this.toDispose = dispose(this.toDispose);
 	}

-	private checkWorkspaceTrust(): void {
-
+	private checkWorkspaceSettings(): void {
 		if (this.isUntrusted) {
 			return;
 		}

-		if (this.workspaceConfigurationService.isExplicitlyUntrusted()) {
-			this.isUntrusted = true;
-			return;
-		}
-
 		this.isUntrusted = this.workspaceConfigurationService.getUntrustedConfigurations().length > 0;
-		if (this.isUntrusted) {
-			this.showTrustWarning();
+		if (this.isUntrusted && !this.hasShownWarning()) {
+			this.showWarning();
 		}
 	}

-	private getWorkspaceTrustKey(): string {
-		let path = this.workspaceContextService.getWorkspace().resource.fsPath;
-		if (baseplatform.isWindows && path.length > 2) {
-			if (path.charAt(1) === ':') {
-				return path.charAt(0).toLocaleUpperCase().concat(path.substr(1));
-			}
-		}
-		return path;
+	private hasShownWarning(): boolean {
+		return this.storageService.getBoolean(TrustContribution.storageKey, StorageScope.WORKSPACE, false);
 	}

-	private updateTrustInUserSettings(trust: boolean, writeToBuffer: boolean, autoSave: boolean): TPromise<void> {
-		const key = 'security.workspacesTrustedToSpecifyExecutables';
-		const workspace = this.getWorkspaceTrustKey();
-
-		const value = this.configurationService.lookup(key).user || {};
-		value[workspace] = trust;
-
-		return this.configurationEditingService.writeConfiguration(ConfigurationTarget.USER, { key: key, value: value }, { writeToBuffer: writeToBuffer, autoSave: autoSave });
+	private rememberWarningWasShown(): void {
+		this.storageService.store(TrustContribution.storageKey, true, StorageScope.WORKSPACE);
 	}

-	private showTrustWarning(): void {
-		const message = nls.localize('untrustedWorkspace', "This workspace specifies executables. While the workspace is untrusted, these settings are being ignored.");
+	private showWarning(): void {
+		const message = nls.localize('unsupportedWorkspaceSettings', 'This workspace defines settings that must be User Settings.');

-		const openWorkspaceSettings = new Action('trust.openWorkspaceSettings', nls.localize('openWorkspaceSettings', 'Review Settings'), '', true, () => {
-			this.telemetryService.publicLog('workspace.trust.review');
-			return this.preferencesService.openWorkspaceSettings().then(() => false);
+		const openWorkspaceSettings = new Action('unsupportedWorkspaceSettings.openWorkspaceSettings', nls.localize('openWorkspaceSettings', 'Open Workspace Settings'), '', true, () => {
+			this.telemetryService.publicLog('workspace.settings.unsupported.review');
+			this.rememberWarningWasShown();
+			return this.preferencesService.openWorkspaceSettings();
 		});

-		const trustWorkspace = new Action('trust.trustWorkspace', nls.localize('trustWorkspace', 'Trust Workspace'), '', true, () => {
-			this.telemetryService.publicLog('workspace.trust.granted');
-			return this.updateTrustInUserSettings(true, true, false).then(() => this.preferencesService.openGlobalSettings());
+		const openDocumentation = new Action('unsupportedWorkspaceSettings.openDocumentation', nls.localize('openDocumentation', 'Learn More'), '', true, () => {
+			this.telemetryService.publicLog('workspace.settings.unsupported.documentation');
+			this.rememberWarningWasShown();
+			window.open('https://go.microsoft.com/fwlink/?linkid=839878'); // Don't change link.
+			return TPromise.as(true);
 		});

-		const noChange = new Action('trust.noChange', nls.localize('noChange', 'Do Not Trust Workspace'), '', true, () => {
-			this.telemetryService.publicLog('workspace.trust.rejected');
-			return this.updateTrustInUserSettings(false, true, true);
+		const close = new Action('unsupportedWorkspaceSettings.Close', nls.localize('close', 'Close'), '', true, () => {
+			this.telemetryService.publicLog('workspace.settings.unsupported.close');
+			this.rememberWarningWasShown();
+			return TPromise.as(true);
 		});

-		const actions = [openWorkspaceSettings, trustWorkspace, noChange];
+		const actions = [openWorkspaceSettings, openDocumentation, close];
 		this.messageService.show(Severity.Warning, { message, actions });
-		this.telemetryService.publicLog('workspace.trust.warning');
+		this.telemetryService.publicLog('workspace.settings.unsupported.warning');
 	}
 }


--- a/src/vs/workbench/services/configuration/node/configurationService.ts
+++ b/src/vs/workbench/services/configuration/node/configurationService.ts
@@ -25,8 +25,7 @@ import { IWorkspaceConfigurationValues, IWorkspaceConfigurationService, IWorkspa
 import { FileChangeType, FileChangesEvent } from 'vs/platform/files/common/files';
 import Event, { Emitter } from 'vs/base/common/event';
 import { Registry } from 'vs/platform/platform';
-import { IConfigurationRegistry, IConfigurationNode, Extensions, ISecurityConfiguration } from 'vs/platform/configuration/common/configurationRegistry';
-import baseplatform = require('vs/base/common/platform');
+import { IConfigurationRegistry, IConfigurationNode, Extensions } from 'vs/platform/configuration/common/configurationRegistry';


 interface IStat {
@@ -49,37 +48,11 @@ export class WorkspaceTrust implements IWorkspaceTrust {

 	constructor(private contextService: IWorkspaceContextService, private baseConfigurationService: BaseConfigurationService<any>) { }

-	private getWorkspaceTrustKey(): string {
-		const workspace = this.contextService.getWorkspace();
-		if (workspace) {
-			const path = workspace.resource.fsPath;
-			if (baseplatform.isWindows && path.length > 2) {
-				if (path.charAt(1) === ':') {
-					return path.charAt(0).toLocaleUpperCase().concat(path.substr(1));
-				}
-			}
-			return path;
-		}
-		return null;
-	}
-
 	public isTrusted(): boolean {
-		const workspaceTrustKey = this.getWorkspaceTrustKey();
-		if (workspaceTrustKey) {
-			const securityConfiguration = this.baseConfigurationService.getConfiguration<ISecurityConfiguration>();
-			const whiteList = securityConfiguration.security.workspacesTrustedToSpecifyExecutables;
-			return whiteList && whiteList[workspaceTrustKey];
-		}
 		return false;
 	}

 	public isExplicitlyUntrusted(): boolean {
-		const workspaceTrustKey = this.getWorkspaceTrustKey();
-		if (workspaceTrustKey) {
-			const securityConfiguration = this.baseConfigurationService.getConfiguration<ISecurityConfiguration>();
-			const whiteList = securityConfiguration.security.workspacesTrustedToSpecifyExecutables;
-			return whiteList && whiteList.hasOwnProperty(workspaceTrustKey) && !whiteList[workspaceTrustKey];
-		}
 		return false;
 	}