From 85755a9c9dfead7954c7b9713ed2deeea8ee655d Mon Sep 17 00:00:00 2001 From: Fons van der Plas Date: Mon, 28 Oct 2024 09:24:48 +0100 Subject: [PATCH] Update packages without running --- frontend/components/Editor.js | 49 +++++++++++++++++++++-------------- frontend/components/Popup.js | 17 ++++++++---- src/webserver/Dynamic.jl | 5 ---- 3 files changed, 41 insertions(+), 30 deletions(-) diff --git a/frontend/components/Editor.js b/frontend/components/Editor.js index 2afb63b4e..2cc44e550 100644 --- a/frontend/components/Editor.js +++ b/frontend/components/Editor.js @@ -699,6 +699,24 @@ export class Editor extends Component { const { message } = await this.client.send("nbpkg_available_versions", { package_name: package_name }, { notebook_id: notebook_id }) return message }, + disable_safe_preview: async (maybe_confirm = false, notebook_state_mutator = (_) => {}) => { + const warn_about_untrusted_code = this.client.session_options?.security?.warn_about_untrusted_code ?? true + let source = this.state.notebook.metadata?.risky_file_source + + if ( + !warn_about_untrusted_code || + !maybe_confirm || + source == null || + confirm(`⚠️ Danger! Are you sure that you trust this file? \n\n${source}\n\nA malicious notebook can steal passwords and data.`) + ) { + await this.update_notebook((notebook) => { + delete notebook.metadata.risky_file_source + notebook_state_mutator(notebook) + }) + } else { + throw new Error("User did not confirm disabling safe preview") + } + }, } this.actions = { ...this.real_actions } @@ -1531,29 +1549,20 @@ The notebook file saves every time you run a cell.` ` } - const warn_about_untrusted_code = this.client.session_options?.security?.warn_about_untrusted_code ?? true - const restart = async (maybe_confirm = false) => { - let source = notebook.metadata?.risky_file_source - if ( - !warn_about_untrusted_code || - !maybe_confirm || - source == null || - confirm(`⚠️ Danger! Are you sure that you trust this file? \n\n${source}\n\nA malicious notebook can steal passwords and data.`) - ) { - await this.actions.update_notebook((notebook) => { - delete notebook.metadata.risky_file_source - }) - await this.client.send( - "restart_process", - {}, - { - notebook_id: notebook.notebook_id, - } - ) - } + await this.actions.disable_safe_preview(maybe_confirm) + // (the call above will throw if no permission is given) + await this.client.send( + "restart_process", + {}, + { + notebook_id: notebook.notebook_id, + } + ) } + const warn_about_untrusted_code = this.client.session_options?.security?.warn_about_untrusted_code ?? true + const restart_button = (text, maybe_confirm = false) => html` restart(maybe_confirm)}>${text}` diff --git a/frontend/components/Popup.js b/frontend/components/Popup.js index 316c37abd..3e2a27966 100644 --- a/frontend/components/Popup.js +++ b/frontend/components/Popup.js @@ -8,6 +8,7 @@ import { useDebouncedTruth } from "./RunArea.js" import { time_estimate, usePackageTimingData } from "../common/InstallTimeEstimate.js" import { pretty_long_time } from "./EditOrRunButton.js" import { useEventListener } from "../common/useEventListener.js" +import { ProcessStatus } from "../common/ProcessStatus.js" // This funny thing is a way to tell parcel to bundle these files.. // Eventually I'll write a plugin that is able to parse html`...`, but this is it for now. @@ -244,7 +245,7 @@ const PkgPopup = ({ notebook, recent_event, clear_recent_event, disable_input }) ` : null}
- ${recent_event?.is_disable_pkg || disable_input || notebook.nbpkg?.waiting_for_permission + ${recent_event?.is_disable_pkg || disable_input ? null : html` { - if (busy) { + onClick=${async (e) => { + e.preventDefault() + const safe_preview = notebook.nbpkg?.waiting_for_permission + if (busy && !safe_preview) { alert("Pkg is currently busy with other packages... come back later!") } else { if (confirm("Would you like to check for updates and install them? A backup of the notebook file will be created.")) { + if (safe_preview) { + await pluto_actions.disable_safe_preview(true, (notebook) => { + notebook.process_status = ProcessStatus.no_process + }) + } console.warn("Pkg.updating!") - pluto_actions.send("pkg_update", {}, { notebook_id: notebook.notebook_id }) + await pluto_actions.send("pkg_update", {}, { notebook_id: notebook.notebook_id }) } } - e.preventDefault() }} >⬆️`} diff --git a/src/webserver/Dynamic.jl b/src/webserver/Dynamic.jl index 5960c0ff7..a3b2a3b9a 100644 --- a/src/webserver/Dynamic.jl +++ b/src/webserver/Dynamic.jl @@ -243,11 +243,6 @@ const effects_of_changed_state = Dict( SessionActions.move(request.session, request.notebook, patch.value) return no_changes end, - "process_status" => function(; request::ClientRequest, patch::Firebasey.ReplacePatch) - newstatus = patch.value - - @info "Process status set by client" newstatus - end, "in_temp_dir" => function(; _...) no_changes end, "cell_inputs" => Dict( Wildcard() => function(cell_id, rest...; request::ClientRequest, patch::Firebasey.JSONPatch)