diff --git a/extensions/configuration-editing/src/settingsDocumentHelper.ts b/extensions/configuration-editing/src/settingsDocumentHelper.ts index 21d62659e80..b467b68343b 100644 --- a/extensions/configuration-editing/src/settingsDocumentHelper.ts +++ b/extensions/configuration-editing/src/settingsDocumentHelper.ts @@ -60,11 +60,11 @@ export class SettingsDocument { return provideInstalledExtensionProposals(alreadyConfigured, `: [\n\t"ui"\n]`, range, true); } - // security.workspace.trust.extensionRequest - if (location.path[0] === 'security.workspace.trust.extensionRequest' && location.path.length === 2 && location.isAtPropertyKey) { + // security.workspace.trust.extensionUntrustedSupport + if (location.path[0] === 'security.workspace.trust.extensionUntrustedSupport' && location.path.length === 2 && location.isAtPropertyKey) { let alreadyConfigured: string[] = []; try { - alreadyConfigured = Object.keys(parse(this.document.getText())['security.workspace.trust.extensionRequest']); + alreadyConfigured = Object.keys(parse(this.document.getText())['security.workspace.trust.extensionUntrustedSupport']); } catch (e) {/* ignore error */ } return provideWorkspaceTrustExtensionProposals(alreadyConfigured, range); } diff --git a/src/vs/base/common/product.ts b/src/vs/base/common/product.ts index a1b386590bc..51c44798c59 100644 --- a/src/vs/base/common/product.ts +++ b/src/vs/base/common/product.ts @@ -20,9 +20,9 @@ export type ConfigurationSyncStore = { authenticationProviders: IStringDictionary<{ scopes: string[] }> }; -export type ExtensionWorkspaceTrustRequest = { - readonly default?: 'never' | 'onStart' | 'onDemand', - readonly override?: 'never' | 'onStart' | 'onDemand' +export type ExtensionUntrustedWorkspaceSupport = { + readonly default?: boolean | 'limited', + readonly override?: boolean | 'limited' }; export interface IProductConfiguration { @@ -121,7 +121,7 @@ export interface IProductConfiguration { readonly extensionKind?: { readonly [extensionId: string]: ('ui' | 'workspace' | 'web')[]; }; readonly extensionSyncedKeys?: { readonly [extensionId: string]: string[]; }; readonly extensionAllowedProposedApi?: readonly string[]; - readonly extensionWorkspaceTrustRequest?: { readonly [extensionId: string]: ExtensionWorkspaceTrustRequest }; + readonly extensionUntrustedWorkspaceSupport?: { readonly [extensionId: string]: ExtensionUntrustedWorkspaceSupport }; readonly extensionSupportsVirtualWorkspace?: { readonly [extensionId: string]: { default?: boolean, override?: boolean } }; readonly msftInternalDomains?: string[]; diff --git a/src/vs/platform/extensions/common/extensions.ts b/src/vs/platform/extensions/common/extensions.ts index fb75c28b7a3..6d0fd7a0cf0 100644 --- a/src/vs/platform/extensions/common/extensions.ts +++ b/src/vs/platform/extensions/common/extensions.ts @@ -163,9 +163,14 @@ export interface IExtensionContributions { startEntries?: IStartEntry[]; } +export interface IExtensionCapabilities { + virtualWorkspaces?: boolean; + untrustedWorkspaces?: ExtensionUntrustedWorkspaceSupport; +} + export type ExtensionKind = 'ui' | 'workspace' | 'web'; -export type ExtensionWorkspaceTrustRequestType = 'never' | 'onStart' | 'onDemand'; -export type ExtensionWorkspaceTrust = { request: 'never'; } | { request: 'onStart', description: string } | { request: 'onDemand', description: string, requiredForConfigurations?: string[] }; +export type ExtensionUntrustedWorkpaceSupportType = boolean | 'limited'; +export type ExtensionUntrustedWorkspaceSupport = { supported: true; } | { supported: false, description: string } | { supported: 'limited', description: string, restrictedConfigurations?: string[] }; export function isIExtensionIdentifier(thing: any): thing is IExtensionIdentifier { return thing @@ -222,7 +227,7 @@ export interface IExtensionManifest { readonly enableProposedApi?: boolean; readonly api?: string; readonly scripts?: { [key: string]: string; }; - readonly workspaceTrust?: ExtensionWorkspaceTrust; + readonly capabilities?: IExtensionCapabilities; readonly supportsVirtualWorkspace?: boolean; } diff --git a/src/vs/workbench/api/common/configurationExtensionPoint.ts b/src/vs/workbench/api/common/configurationExtensionPoint.ts index 928eebebce9..0ef1866fb55 100644 --- a/src/vs/workbench/api/common/configurationExtensionPoint.ts +++ b/src/vs/workbench/api/common/configurationExtensionPoint.ts @@ -170,7 +170,7 @@ configurationExtPoint.setHandler((extensions, { added, removed }) => { validateProperties(configuration, extension); configuration.id = node.id || extension.description.identifier.value; - configuration.extensionInfo = { id: extension.description.identifier.value, requireTrustForConfigurations: extension.description.workspaceTrust?.request === 'onDemand' ? extension.description.workspaceTrust?.requiredForConfigurations : undefined }; + configuration.extensionInfo = { id: extension.description.identifier.value, requireTrustForConfigurations: extension.description.capabilities?.untrustedWorkspaces?.supported === 'limited' ? extension.description.capabilities?.untrustedWorkspaces?.restrictedConfigurations : undefined }; configuration.title = configuration.title || extension.description.displayName || extension.description.identifier.value; configurations.push(configuration); return configurations; diff --git a/src/vs/workbench/contrib/extensions/browser/extensionsList.ts b/src/vs/workbench/contrib/extensions/browser/extensionsList.ts index 1dcc14dcc56..d9aadc6c9f5 100644 --- a/src/vs/workbench/contrib/extensions/browser/extensionsList.ts +++ b/src/vs/workbench/contrib/extensions/browser/extensionsList.ts @@ -205,14 +205,14 @@ export class Renderer implements IPagedRenderer { data.author.textContent = extension.publisherDisplayName; data.description.textContent = extension.description; - if (extension.local?.manifest.workspaceTrust?.request) { - const trustRequirement = extension.local.manifest.workspaceTrust; - const requestType = this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest); - if (requestType !== 'never' && trustRequirement.request !== 'never') { - data.workspaceTrustDescription.textContent = trustRequirement.description; - } else if (requestType === 'onStart') { + if (extension.local?.manifest.capabilities?.untrustedWorkspaces?.supported) { + const untrustedWorkspaceCapability = extension.local.manifest.capabilities.untrustedWorkspaces; + const untrustedWorkspaceSupported = this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest); + if (untrustedWorkspaceSupported !== true && untrustedWorkspaceCapability.supported !== true) { + data.workspaceTrustDescription.textContent = untrustedWorkspaceCapability.description; + } else if (untrustedWorkspaceSupported === false) { data.workspaceTrustDescription.textContent = localize('onStartDefaultText', "A trusted workspace is required to enable this extension."); - } else if (requestType === 'onDemand') { + } else if (untrustedWorkspaceSupported === 'limited') { data.workspaceTrustDescription.textContent = localize('onDemandDefaultText', "Some features require a trusted workspace."); } } diff --git a/src/vs/workbench/contrib/extensions/browser/extensionsViews.ts b/src/vs/workbench/contrib/extensions/browser/extensionsViews.ts index 95b2a5d2baa..52942f5eade 100644 --- a/src/vs/workbench/contrib/extensions/browser/extensionsViews.ts +++ b/src/vs/workbench/contrib/extensions/browser/extensionsViews.ts @@ -561,15 +561,15 @@ export class ExtensionsListView extends ViewPane { value = value.replace(/@trustRequired/g, '').replace(/@sort:(\w+)(-\w*)?/g, '').trim().toLowerCase(); - const result = local.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) !== 'never' && (extension.name.toLowerCase().indexOf(value) > -1 || extension.displayName.toLowerCase().indexOf(value) > -1)); + const result = local.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) !== true && (extension.name.toLowerCase().indexOf(value) > -1 || extension.displayName.toLowerCase().indexOf(value) > -1)); if (onStartOnly) { - const onStartExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) === 'onStart'); + const onStartExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) === false); return this.sortExtensions(onStartExtensions, options); } if (onDemandOnly) { - const onDemandExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.local.manifest) === 'onDemand'); + const onDemandExtensions = result.filter(extension => extension.local && this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.local.manifest) === 'limited'); return this.sortExtensions(onDemandExtensions, options); } diff --git a/src/vs/workbench/contrib/workspace/browser/workspace.contribution.ts b/src/vs/workbench/contrib/workspace/browser/workspace.contribution.ts index 60ffd579341..6c6c005fb79 100644 --- a/src/vs/workbench/contrib/workspace/browser/workspace.contribution.ts +++ b/src/vs/workbench/contrib/workspace/browser/workspace.contribution.ts @@ -27,7 +27,7 @@ import { IStatusbarEntry, IStatusbarEntryAccessor, IStatusbarService, StatusbarA import { IEditorRegistry, Extensions as EditorExtensions, EditorDescriptor } from 'vs/workbench/browser/editor'; import { WorkspaceTrustEditor } from 'vs/workbench/contrib/workspace/browser/workspaceTrustEditor'; import { WorkspaceTrustEditorInput } from 'vs/workbench/services/workspaces/browser/workspaceTrustEditorInput'; -import { isWorkspaceTrustEnabled, WorkspaceTrustContext, WORKSPACE_TRUST_ENABLED, WORKSPACE_TRUST_EXTENSION_REQUEST } from 'vs/workbench/services/workspaces/common/workspaceTrust'; +import { isWorkspaceTrustEnabled, WorkspaceTrustContext, WORKSPACE_TRUST_ENABLED, WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT } from 'vs/workbench/services/workspaces/common/workspaceTrust'; import { EditorInput, Extensions as EditorInputExtensions, IEditorInputSerializer, IEditorInputFactoryRegistry } from 'vs/workbench/common/editor'; import { ITelemetryService } from 'vs/platform/telemetry/common/telemetry'; import { IWorkspaceContextService } from 'vs/platform/workspace/common/workspace'; @@ -403,9 +403,9 @@ Registry.as(ConfigurationExtensions.Configuration) included: !isWeb, description: localize('workspace.trust.description', "Controls whether or not workspace trust is enabled within VS Code."), }, - [WORKSPACE_TRUST_EXTENSION_REQUEST]: { + [WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT]: { type: 'object', - markdownDescription: localize('security.workspace.trust.extensionRequest', "Override the workspace trust request of an extension. Extensions using `never` will always be enabled. Extensions using `onDemand` will always be enabled, and the extension will request for workspace trust only when necessary. Extensions using `onStart` will only be enabled only when the workspace is trusted."), + markdownDescription: localize('security.workspace.trust.extensionUntrustedSupport', "Override the untrusted workpace support of an extension. Extensions using `true` will always be enabled. Extensions using `limited` will always be enabled, and the extension will hide functionality that requires trust. Extensions using `false` will only be enabled only when the workspace is trusted."), patternProperties: { '([a-z0-9A-Z][a-z0-9\-A-Z]*)\\.([a-z0-9A-Z][a-z0-9\-A-Z]*)$': { type: 'object', @@ -414,15 +414,15 @@ Registry.as(ConfigurationExtensions.Configuration) type: 'string', enum: ['never', 'onDemand', 'onStart'], enumDescriptions: [ - localize('security.workspace.trust.extensionRequest.request.never', "Extension will always be enabled."), - localize('security.workspace.trust.extensionRequest.request.onDemand', "Extension will always be enabled, and the extension will request for workspace trust only when necessary."), - localize('security.workspace.trust.extensionRequest.request.onStart', "Extension will only be enabled only when the workspace is trusted."), + localize('security.workspace.trust.extensionUntrustedSupport.supported.true', "Extension will always be enabled."), + localize('security.workspace.trust.extensionUntrustedSupport.supported.limited', "Extension will always be enabled, and the extension will hide functionality requiring trust."), + localize('security.workspace.trust.extensionUntrustedSupport.supported.false', "Extension will only be enabled only when the workspace is trusted."), ], - description: localize('security.workspace.trust.extensionRequest.request', "Defines the workspace trust request setting for the extension."), + description: localize('security.workspace.trust.extensionUntrustedSupport.supported', "Defines the untrusted workspace support setting for the extension."), }, 'version': { type: 'string', - description: localize('security.workspace.trust.extensionRequest.version', "Defines the version of the extension for which the override should be applied. If not specified, the override will be applied independent of the extension version."), + description: localize('security.workspace.trust.extensionUntrustedSupport.version', "Defines the version of the extension for which the override should be applied. If not specified, the override will be applied independent of the extension version."), } } } @@ -549,7 +549,7 @@ class WorkspaceTrustTelemetryContribution extends Disposable implements IWorkben this.telemetryService.publicLog2('workspaceTrustRequested', { modal: options.modal, workspaceId: this.workspaceContextService.getWorkspace().id, - extensions: (await this.extensionService.getExtensions()).filter(ext => !!ext.workspaceTrust).map(ext => ext.identifier.value) + extensions: (await this.extensionService.getExtensions()).filter(ext => !!ext.capabilities?.untrustedWorkspaces).map(ext => ext.identifier.value) }); } } diff --git a/src/vs/workbench/contrib/workspace/browser/workspaceTrustEditor.ts b/src/vs/workbench/contrib/workspace/browser/workspaceTrustEditor.ts index db57abb7e2b..ba838c8a342 100644 --- a/src/vs/workbench/contrib/workspace/browser/workspaceTrustEditor.ts +++ b/src/vs/workbench/contrib/workspace/browser/workspaceTrustEditor.ts @@ -22,7 +22,7 @@ import { URI } from 'vs/base/common/uri'; import { localize } from 'vs/nls'; import { IContextMenuService } from 'vs/platform/contextview/browser/contextView'; import { IDialogService } from 'vs/platform/dialogs/common/dialogs'; -import { ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions'; +import { ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions'; import { IInstantiationService } from 'vs/platform/instantiation/common/instantiation'; import { IPromptChoiceWithMenu, Severity } from 'vs/platform/notification/common/notification'; import { Link } from 'vs/platform/opener/browser/link'; @@ -206,8 +206,8 @@ export class WorkspaceTrustEditor extends EditorPane { // Features List const installedExtensions = await this.instantiationService.invokeFunction(getInstalledExtensions); - const onDemandExtensionCount = this.getExtensionCountByTrustRequestType(installedExtensions, 'onDemand'); - const onStartExtensionCount = this.getExtensionCountByTrustRequestType(installedExtensions, 'onStart'); + const onDemandExtensionCount = this.getExtensionCountByUntrustedWorkspaceSupport(installedExtensions, 'limited'); + const onStartExtensionCount = this.getExtensionCountByUntrustedWorkspaceSupport(installedExtensions, false); this.renderAffectedFeatures(settingsRequiringTrustedWorkspaceCount, onDemandExtensionCount + onStartExtensionCount); @@ -220,8 +220,8 @@ export class WorkspaceTrustEditor extends EditorPane { this.rendering = false; } - private getExtensionCountByTrustRequestType(extensions: IExtensionStatus[], trustRequestType: ExtensionWorkspaceTrustRequestType): number { - const filtered = extensions.filter(ext => this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(ext.local.manifest) === trustRequestType); + private getExtensionCountByUntrustedWorkspaceSupport(extensions: IExtensionStatus[], trustRequestType: ExtensionUntrustedWorkpaceSupportType): number { + const filtered = extensions.filter(ext => this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(ext.local.manifest) === trustRequestType); const set = new Set(); for (const ext of filtered) { set.add(ext.identifier.id); diff --git a/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts b/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts index 5aad5397e18..017419fbb23 100644 --- a/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts +++ b/src/vs/workbench/services/extensionManagement/browser/extensionEnablementService.ts @@ -289,7 +289,7 @@ export class ExtensionEnablementService extends Disposable implements IWorkbench return false; } - return this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(extension.manifest) === 'onStart'; + return this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(extension.manifest) === false; } private _getEnablementState(identifier: IExtensionIdentifier): EnablementState { @@ -442,7 +442,7 @@ export class ExtensionEnablementService extends Disposable implements IWorkbench private async _getExtensionsByWorkspaceTrustRequirement(): Promise { const extensions = await this.extensionManagementService.getInstalled(); - return extensions.filter(e => this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(e.manifest) === 'onStart'); + return extensions.filter(e => this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(e.manifest) === false); } public async updateEnablementByWorkspaceTrustRequirement(): Promise { diff --git a/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts b/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts index 2bbab15fe30..e2b8fee9273 100644 --- a/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts +++ b/src/vs/workbench/services/extensionManagement/common/extensionManagementService.ts @@ -358,7 +358,7 @@ export class ExtensionManagementService extends Disposable implements IWorkbench } protected async checkForWorkspaceTrust(manifest: IExtensionManifest): Promise { - if (this.extensionManifestPropertiesService.getExtensionWorkspaceTrustRequestType(manifest) === 'onStart') { + if (this.extensionManifestPropertiesService.getExtensionUntrustedWorkspaceSupportType(manifest) === false) { const trustState = await this.workspaceTrustRequestService.requestWorkspaceTrust({ modal: true, message: localize('extensionInstallWorkspaceTrustMessage', "Enabling this extension requires a trusted workspace."), diff --git a/src/vs/workbench/services/extensions/common/extensionManifestPropertiesService.ts b/src/vs/workbench/services/extensions/common/extensionManifestPropertiesService.ts index cacab97b21b..b2933459581 100644 --- a/src/vs/workbench/services/extensions/common/extensionManifestPropertiesService.ts +++ b/src/vs/workbench/services/extensions/common/extensionManifestPropertiesService.ts @@ -4,16 +4,16 @@ *--------------------------------------------------------------------------------------------*/ import { IConfigurationService } from 'vs/platform/configuration/common/configuration'; -import { IExtensionManifest, ExtensionKind, ExtensionIdentifier, ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions'; +import { IExtensionManifest, ExtensionKind, ExtensionIdentifier, ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions'; import { ExtensionsRegistry } from 'vs/workbench/services/extensions/common/extensionsRegistry'; import { getGalleryExtensionId } from 'vs/platform/extensionManagement/common/extensionManagementUtil'; import { isNonEmptyArray } from 'vs/base/common/arrays'; import { IProductService } from 'vs/platform/product/common/productService'; import { createDecorator } from 'vs/platform/instantiation/common/instantiation'; import { registerSingleton } from 'vs/platform/instantiation/common/extensions'; -import { ExtensionWorkspaceTrustRequest } from 'vs/base/common/product'; +import { ExtensionUntrustedWorkspaceSupport } from 'vs/base/common/product'; import { Disposable } from 'vs/base/common/lifecycle'; -import { isWorkspaceTrustEnabled, WORKSPACE_TRUST_EXTENSION_REQUEST } from 'vs/workbench/services/workspaces/common/workspaceTrust'; +import { isWorkspaceTrustEnabled, WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT } from 'vs/workbench/services/workspaces/common/workspaceTrust'; export const IExtensionManifestPropertiesService = createDecorator('extensionManifestPropertiesService'); @@ -29,7 +29,7 @@ export interface IExtensionManifestPropertiesService { canExecuteOnWeb(manifest: IExtensionManifest): boolean; getExtensionKind(manifest: IExtensionManifest): ExtensionKind[]; - getExtensionWorkspaceTrustRequestType(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType; + getExtensionUntrustedWorkspaceSupportType(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType; canSupportVirtualWorkspace(manifest: IExtensionManifest): boolean; } @@ -44,8 +44,8 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE private _productVirtualWorkspaceSupportMap: Map | null = null; private _configuredVirtualWorkspaceSupportMap: Map | null = null; - private readonly _configuredExtensionWorkspaceTrustRequestMap: Map; - private readonly _productExtensionWorkspaceTrustRequestMap: Map; + private readonly _configuredExtensionWorkspaceTrustRequestMap: Map; + private readonly _productExtensionWorkspaceTrustRequestMap: Map; constructor( @IProductService private readonly productService: IProductService, @@ -54,17 +54,17 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE super(); // Workspace trust request type (settings.json) - this._configuredExtensionWorkspaceTrustRequestMap = new Map(); - const configuredExtensionWorkspaceTrustRequests = configurationService.inspect<{ [key: string]: { request: ExtensionWorkspaceTrustRequestType, version?: string } }>(WORKSPACE_TRUST_EXTENSION_REQUEST).userValue || {}; + this._configuredExtensionWorkspaceTrustRequestMap = new Map(); + const configuredExtensionWorkspaceTrustRequests = configurationService.inspect<{ [key: string]: { request: ExtensionUntrustedWorkpaceSupportType, version?: string } }>(WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT).userValue || {}; for (const id of Object.keys(configuredExtensionWorkspaceTrustRequests)) { this._configuredExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), configuredExtensionWorkspaceTrustRequests[id]); } // Workpace trust request type (products.json) - this._productExtensionWorkspaceTrustRequestMap = new Map(); - if (productService.extensionWorkspaceTrustRequest) { - for (const id of Object.keys(productService.extensionWorkspaceTrustRequest)) { - this._productExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), productService.extensionWorkspaceTrustRequest[id]); + this._productExtensionWorkspaceTrustRequestMap = new Map(); + if (productService.extensionUntrustedWorkspaceSupport) { + for (const id of Object.keys(productService.extensionUntrustedWorkspaceSupport)) { + this._productExtensionWorkspaceTrustRequestMap.set(ExtensionIdentifier.toKey(id), productService.extensionUntrustedWorkspaceSupport[id]); } } } @@ -121,10 +121,10 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE return this.deduceExtensionKind(manifest); } - getExtensionWorkspaceTrustRequestType(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType { + getExtensionUntrustedWorkspaceSupportType(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType { // Workspace trust feature is disabled, or extension has no entry point if (!isWorkspaceTrustEnabled(this.configurationService) || !manifest.main) { - return 'never'; + return true; } // Get extension workspace trust requirements from settings.json @@ -144,8 +144,8 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE } // Use extension manifest value if it exists - if (manifest.workspaceTrust?.request !== undefined) { - return manifest.workspaceTrust.request; + if (manifest.capabilities?.untrustedWorkspaces?.supported !== undefined) { + return manifest.capabilities.untrustedWorkspaces.supported; } // Use product.json default value if it exists @@ -153,7 +153,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE return productWorkspaceTrustRequest.default; } - return 'onStart'; + return false; } canSupportVirtualWorkspace(manifest: IExtensionManifest): boolean { @@ -285,7 +285,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE return this._configuredVirtualWorkspaceSupportMap.get(ExtensionIdentifier.toKey(extensionId)); } - private getConfiguredExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequestType | undefined { + private getConfiguredExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionUntrustedWorkpaceSupportType | undefined { const extensionId = getGalleryExtensionId(manifest.publisher, manifest.name); const extensionWorkspaceTrustRequest = this._configuredExtensionWorkspaceTrustRequestMap.get(ExtensionIdentifier.toKey(extensionId)); @@ -296,7 +296,7 @@ export class ExtensionManifestPropertiesService extends Disposable implements IE return undefined; } - private getProductExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionWorkspaceTrustRequest | undefined { + private getProductExtensionWorkspaceTrustRequest(manifest: IExtensionManifest): ExtensionUntrustedWorkspaceSupport | undefined { const extensionId = getGalleryExtensionId(manifest.publisher, manifest.name); return this._productExtensionWorkspaceTrustRequestMap.get(ExtensionIdentifier.toKey(extensionId)); } diff --git a/src/vs/workbench/services/extensions/test/common/extensionManifestPropertiesService.test.ts b/src/vs/workbench/services/extensions/test/common/extensionManifestPropertiesService.test.ts index 941d25e0557..c0894de1066 100644 --- a/src/vs/workbench/services/extensions/test/common/extensionManifestPropertiesService.test.ts +++ b/src/vs/workbench/services/extensions/test/common/extensionManifestPropertiesService.test.ts @@ -4,7 +4,7 @@ *--------------------------------------------------------------------------------------------*/ import * as assert from 'assert'; -import { IExtensionManifest, ExtensionKind, ExtensionWorkspaceTrustRequestType } from 'vs/platform/extensions/common/extensions'; +import { IExtensionManifest, ExtensionKind, ExtensionUntrustedWorkpaceSupportType } from 'vs/platform/extensions/common/extensions'; import { ExtensionManifestPropertiesService } from 'vs/workbench/services/extensions/common/extensionManifestPropertiesService'; import { TestConfigurationService } from 'vs/platform/configuration/test/common/testConfigurationService'; import { TestProductService } from 'vs/workbench/test/common/workbenchTestServices'; @@ -63,11 +63,11 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () => teardown(() => testObject.dispose()); - function assertWorkspaceTrustRequest(extensionMaifest: IExtensionManifest, expected: ExtensionWorkspaceTrustRequestType): void { + function assertUntrustedWorkspaceSupport(extensionMaifest: IExtensionManifest, expected: ExtensionUntrustedWorkpaceSupportType): void { testObject = instantiationService.createInstance(ExtensionManifestPropertiesService); - const workspaceTrustRequest = testObject.getExtensionWorkspaceTrustRequestType(extensionMaifest); + const untrustedWorkspaceSupport = testObject.getExtensionUntrustedWorkspaceSupportType(extensionMaifest); - assert.strictEqual(workspaceTrustRequest, expected); + assert.strictEqual(untrustedWorkspaceSupport, expected); } function getExtensionManifest(properties: any = {}): IExtensionManifest { @@ -78,7 +78,7 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () => instantiationService.stub(IProductService, >{}); const extensionMaifest = getExtensionManifest(); - assertWorkspaceTrustRequest(extensionMaifest, 'never'); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when workspace trust is disabled', async () => { @@ -86,23 +86,23 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () => await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { enabled: false } } }); const extensionMaifest = getExtensionManifest({ main: './out/extension.js' }); - assertWorkspaceTrustRequest(extensionMaifest, 'never'); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when override exists in settings.json', async () => { instantiationService.stub(IProductService, >{}); - await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionRequest: { 'pub.a': { request: 'never' } } } } }); - const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } }); - assertWorkspaceTrustRequest(extensionMaifest, 'never'); + await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionUntrustedSupport: { 'pub.a': { supported: true } } } } }); + const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } }); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when override for the version exists in settings.json', async () => { instantiationService.stub(IProductService, >{}); - await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionRequest: { 'pub.a': { request: 'never', version: '1.0.0' } } } } }); - const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } }); - assertWorkspaceTrustRequest(extensionMaifest, 'never'); + await testConfigurationService.setUserConfiguration('security', { workspace: { trust: { extensionUntrustedSupport: { 'pub.a': { supported: true, version: '1.0.0' } } } } }); + const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } }); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when override for a different version exists in settings.json', async () => { @@ -112,39 +112,39 @@ suite('ExtensionManifestPropertiesService - ExtensionWorkspaceTrustType', () => workspace: { trust: { enabled: true, - extensionRequest: { 'pub.a': { request: 'never', version: '2.0.0' } } + extensionUntrustedSupport: { 'pub.a': { supported: true, version: '2.0.0' } } } } }); - const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } }); - assertWorkspaceTrustRequest(extensionMaifest, 'onDemand'); + const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } }); + assertUntrustedWorkspaceSupport(extensionMaifest, 'limited'); }); test('test extension workspace trust request when default exists in product.json', () => { - instantiationService.stub(IProductService, >{ extensionWorkspaceTrustRequest: { 'pub.a': { default: 'never' } } }); + instantiationService.stub(IProductService, >{ extensionUntrustedWorkspaceSupport: { 'pub.a': { default: true } } }); const extensionMaifest = getExtensionManifest({ main: './out/extension.js' }); - assertWorkspaceTrustRequest(extensionMaifest, 'never'); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when override exists in product.json', () => { - instantiationService.stub(IProductService, >{ extensionWorkspaceTrustRequest: { 'pub.a': { override: 'onDemand' } } }); + instantiationService.stub(IProductService, >{ extensionUntrustedWorkspaceSupport: { 'pub.a': { override: 'limited' } } }); - const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'never' } }); - assertWorkspaceTrustRequest(extensionMaifest, 'onDemand'); + const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: true } } }); + assertUntrustedWorkspaceSupport(extensionMaifest, 'limited'); }); test('test extension workspace trust request when value exists in package.json', () => { instantiationService.stub(IProductService, >{}); - const extensionMaifest = getExtensionManifest({ main: './out/extension.js', workspaceTrust: { request: 'onDemand' } }); - assertWorkspaceTrustRequest(extensionMaifest, 'onDemand'); + const extensionMaifest = getExtensionManifest({ main: './out/extension.js', capabilities: { untrustedWorkspaces: { supported: 'limited' } } }); + assertUntrustedWorkspaceSupport(extensionMaifest, true); }); test('test extension workspace trust request when no value exists in package.json', () => { instantiationService.stub(IProductService, >{}); const extensionMaifest = getExtensionManifest({ main: './out/extension.js' }); - assertWorkspaceTrustRequest(extensionMaifest, 'onStart'); + assertUntrustedWorkspaceSupport(extensionMaifest, false); }); }); diff --git a/src/vs/workbench/services/workspaces/common/workspaceTrust.ts b/src/vs/workbench/services/workspaces/common/workspaceTrust.ts index e4e5102bc43..c539e5baa77 100644 --- a/src/vs/workbench/services/workspaces/common/workspaceTrust.ts +++ b/src/vs/workbench/services/workspaces/common/workspaceTrust.ts @@ -19,7 +19,7 @@ import { isSingleFolderWorkspaceIdentifier, toWorkspaceIdentifier } from 'vs/pla import { IUriIdentityService } from 'vs/workbench/services/uriIdentity/common/uriIdentity'; export const WORKSPACE_TRUST_ENABLED = 'security.workspace.trust.enabled'; -export const WORKSPACE_TRUST_EXTENSION_REQUEST = 'security.workspace.trust.extensionRequest'; +export const WORKSPACE_TRUST_EXTENSION_UNTRUSTED_SUPPORT = 'security.workspace.trust.extensionUntrustedSupport'; export const WORKSPACE_TRUST_STORAGE_KEY = 'content.trust.model.key'; export const WorkspaceTrustContext = {