1  use std::{ffi::OsStr, path::Path};
 2  
 3  #[derive(Debug, Clone, Hash)]
 4  pub enum IsolationPath {
 5      File(Box<Path>),
 6      Directory(Box<Path>),
 7  }
 8  
 9  impl IsolationPath {
10      pub fn file<P: AsRef<OsStr>>(path: P) -> Self {
11          Self::File(Path::new(&path).to_path_buf().into_boxed_path())
12      }
13  
14      pub fn dir<P: AsRef<OsStr>>(path: P) -> Self {
15          Self::Directory(Path::new(&path).to_path_buf().into_boxed_path())
16      }
17  }
18  
19  #[derive(Debug, Clone, Hash)]
20  pub enum IsolationPathAction {
21      Deny,
22      AllowRead,
23      Allow,
24  }
25  
26  #[derive(Debug, Clone, Hash)]
27  pub enum IsolationAction {
28      Deny,
29      Allow,
30  }
31  
32  #[derive(Debug, Clone, Hash)]
33  pub struct IsolatationConfig {
34      pub network: IsolationAction,
35      pub path_rules: Vec<(IsolationPath, IsolationPathAction)>,
36  }
37  
38  impl IsolatationConfig {
39      pub fn new() -> Self {
40          Self {
41              network: IsolationAction::Deny,
42              path_rules: vec![],
43          }
44      }
45  }
46  
47  impl Default for IsolatationConfig {
48      fn default() -> Self {
49          Self::new()
50      }
51  }
52  
53  #[cfg(target_os = "macos")]
54  mod sandbox_exec;
55  
56  #[cfg(target_os = "macos")]
57  pub use sandbox_exec::*;