MindWorkAI/AI-Studio
MindWorkAI/AI-Studio
1
0
Fork 0
mirror of https://github.com/MindWorkAI/AI-Studio.git synced 2025-05-03 09:39:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Made internal plugin detection secure

Browse Source
This commit is contained in:
Thorsten Sommer 2025-03-27 20:52:30 +01:00
parent ff6cc82b6e
commit 3deed7f603
Signed by: tsommer
GPG Key ID: 371BBA77A02C0108
5 changed files with 15 additions and 18 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
app/MindWork AI Studio/Tools/PluginSystem/NoPlugin.cs
View File

@ -6,4 +6,4 @@ namespace AIStudio.Tools.PluginSystem;
/// Represents a plugin that could not be loaded. /// Represents a plugin that could not be loaded.
/// </summary> /// </summary>
/// <param name="parsingError">The error message that occurred while parsing the plugin.</param> /// <param name="parsingError">The error message that occurred while parsing the plugin.</param>
public sealed class NoPlugin(string parsingError) : PluginBase(LuaState.Create(), PluginType.NONE, parsingError); public sealed class NoPlugin(string parsingError) : PluginBase(false, LuaState.Create(), PluginType.NONE, parsingError);

10
app/MindWork AI Studio/Tools/PluginSystem/PluginBase.cs
View File

@ -8,12 +8,6 @@ namespace AIStudio.Tools.PluginSystem;
/// </summary> /// </summary>
public abstract partial class PluginBase : IPluginMetadata public abstract partial class PluginBase : IPluginMetadata
{ {
private static readonly Guid[] MANDATORY_INTERNAL_PLUGINS =
[
new("97dfb1ba-50c4-4440-8dfa-6575daf543c8"), // Language EN-US (base language)
new("43065dbc-78d0-45b7-92be-f14c2926e2dc"), // Language DE-DE
];
private readonly IReadOnlyCollection<string> baseIssues; private readonly IReadOnlyCollection<string> baseIssues;
protected readonly LuaState state; protected readonly LuaState state;
@ -75,7 +69,7 @@ public abstract partial class PluginBase : IPluginMetadata
/// </remarks> /// </remarks>
public bool IsValid => this is not NoPlugin && this.baseIssues.Count == 0 && this.pluginIssues.Count == 0; public bool IsValid => this is not NoPlugin && this.baseIssues.Count == 0 && this.pluginIssues.Count == 0;
protected PluginBase(LuaState state, PluginType type, string parseError = "") protected PluginBase(bool isInternal, LuaState state, PluginType type, string parseError = "")
{ {
this.state = state; this.state = state;
this.Type = type; this.Type = type;
@ -91,7 +85,7 @@ public abstract partial class PluginBase : IPluginMetadata
if(this.TryInitId(out var issue, out var id)) if(this.TryInitId(out var issue, out var id))
{ {
this.Id = id; this.Id = id;
this.IsInternal = MANDATORY_INTERNAL_PLUGINS.Contains(id); this.IsInternal = isInternal;
} }
else if(this is not NoPlugin) else if(this is not NoPlugin)
issues.Add(issue); issues.Add(issue);

10
app/MindWork AI Studio/Tools/PluginSystem/PluginFactory.Internal.cs
View File

@ -46,7 +46,7 @@ public static partial class PluginFactory
continue; continue;
} }
await CopyPluginFile(content, metaData); await CopyInternalPluginFile(content, metaData);
} }
} }
catch catch
@ -55,14 +55,14 @@ public static partial class PluginFactory
} }
} }
private static async Task CopyPluginFile(IFileInfo resourceInfo, InternalPluginData metaData) private static async Task CopyInternalPluginFile(IFileInfo resourceInfo, InternalPluginData metaData)
{ {
await using var inputStream = resourceInfo.CreateReadStream(); await using var inputStream = resourceInfo.CreateReadStream();
var pluginTypeBasePath = Path.Join(PLUGINS_ROOT, metaData.Type.GetDirectory()); var pluginTypeBasePath = Path.Join(INTERNAL_PLUGINS_ROOT, metaData.Type.GetDirectory());
if (!Directory.Exists(PLUGINS_ROOT)) if (!Directory.Exists(INTERNAL_PLUGINS_ROOT))
Directory.CreateDirectory(PLUGINS_ROOT); Directory.CreateDirectory(INTERNAL_PLUGINS_ROOT);
if (!Directory.Exists(pluginTypeBasePath)) if (!Directory.Exists(pluginTypeBasePath))
Directory.CreateDirectory(pluginTypeBasePath); Directory.CreateDirectory(pluginTypeBasePath);

9
app/MindWork AI Studio/Tools/PluginSystem/PluginFactory.cs
View File

@ -14,6 +14,8 @@ public static partial class PluginFactory
private static readonly string DATA_DIR = SettingsManager.DataDirectory!; private static readonly string DATA_DIR = SettingsManager.DataDirectory!;
private static readonly string PLUGINS_ROOT = Path.Join(DATA_DIR, "plugins"); private static readonly string PLUGINS_ROOT = Path.Join(DATA_DIR, "plugins");
private static readonly string INTERNAL_PLUGINS_ROOT = Path.Join(PLUGINS_ROOT, ".internal");
private static readonly List<IPluginMetadata> AVAILABLE_PLUGINS = []; private static readonly List<IPluginMetadata> AVAILABLE_PLUGINS = [];
@ -85,8 +87,8 @@ public static partial class PluginFactory
AVAILABLE_PLUGINS.Add(new PluginMetadata(plugin)); AVAILABLE_PLUGINS.Add(new PluginMetadata(plugin));
} }
} }
public static async Task<PluginBase> Load(string pluginPath, string code, CancellationToken cancellationToken = default) private static async Task<PluginBase> Load(string pluginPath, string code, CancellationToken cancellationToken = default)
{ {
if(ForbiddenPlugins.Check(code) is { IsForbidden: true } forbiddenState) if(ForbiddenPlugins.Check(code) is { IsForbidden: true } forbiddenState)
return new NoPlugin($"This plugin is forbidden: {forbiddenState.Message}"); return new NoPlugin($"This plugin is forbidden: {forbiddenState.Message}");
@ -126,9 +128,10 @@ public static partial class PluginFactory
if(type is PluginType.NONE) if(type is PluginType.NONE)
return new NoPlugin($"TYPE is not a valid plugin type. Valid types are: {CommonTools.GetAllEnumValues<PluginType>()}"); return new NoPlugin($"TYPE is not a valid plugin type. Valid types are: {CommonTools.GetAllEnumValues<PluginType>()}");
var isInternal = pluginPath.StartsWith(INTERNAL_PLUGINS_ROOT, StringComparison.OrdinalIgnoreCase);
return type switch return type switch
{ {
PluginType.LANGUAGE => new PluginLanguage(state, type), PluginType.LANGUAGE => new PluginLanguage(isInternal, state, type),
_ => new NoPlugin("This plugin type is not supported yet. Please try again with a future version of AI Studio.") _ => new NoPlugin("This plugin type is not supported yet. Please try again with a future version of AI Studio.")
}; };

2
app/MindWork AI Studio/Tools/PluginSystem/PluginLanguage.cs
View File

@ -8,7 +8,7 @@ public sealed class PluginLanguage : PluginBase, ILanguagePlugin
private ILanguagePlugin? baseLanguage; private ILanguagePlugin? baseLanguage;
public PluginLanguage(LuaState state, PluginType type) : base(state, type) public PluginLanguage(bool isInternal, LuaState state, PluginType type) : base(isInternal, state, type)
{ {
if (this.TryInitUITextContent(out var issue, out var readContent)) if (this.TryInitUITextContent(out var issue, out var readContent))
this.content = readContent; this.content = readContent;