refactor: move deleted tauri APIs, prepare for next release (#355)

plugins/http/src/commands/mod.rs

@@ -1,4 +1,5 @@
 use tauri::{path::SafePathBuf, AppHandle, Runtime, State};
+use tauri_plugin_fs::FsExt;
 
 use crate::{ClientId, Http};
 
@@ -38,7 +39,6 @@ pub async fn request<R: Runtime>(
     client_id: ClientId,
     options: Box<HttpRequestBuilder>,
 ) -> super::Result<ResponseData> {
-    use crate::Manager;
     if http.scope.is_allowed(&options.url) {
         let client = http
             .clients
@@ -55,7 +55,12 @@ pub async fn request<R: Runtime>(
                     ..
                 } = value
                 {
-                    if SafePathBuf::new(path.clone()).is_err() || !app.fs_scope().is_allowed(path) {
+                    if SafePathBuf::new(path.clone()).is_err()
+                        || !app
+                            .try_fs_scope()
+                            .map(|s| s.is_allowed(path))
+                            .unwrap_or_default()
+                    {
                         return Err(crate::Error::PathNotAllowed(path.clone()));
                     }
                 }

plugins/http/src/config.rs

@@ -0,0 +1,19 @@
+use reqwest::Url;
+use serde::Deserialize;
+
+#[derive(Deserialize)]
+pub struct Config {
+    pub scope: HttpAllowlistScope,
+}
+
+/// HTTP API scope definition.
+/// It is a list of URLs that can be accessed by the webview when using the HTTP APIs.
+/// The scoped URL is matched against the request URL using a glob pattern.
+///
+/// Examples:
+/// - "https://**": allows all HTTPS urls
+/// - "https://*.github.com/tauri-apps/tauri": allows any subdomain of "github.com" with the "tauri-apps/api" path
+/// - "https://myapi.service.com/users/*": allows access to any URLs that begins with "https://myapi.service.com/users/"
+#[allow(rustdoc::bare_urls)]
+#[derive(Debug, Default, PartialEq, Eq, Clone, Deserialize)]
+pub struct HttpAllowlistScope(pub Vec<Url>);

plugins/http/src/lib.rs

@@ -1,3 +1,4 @@
+use config::{Config, HttpAllowlistScope};
 pub use reqwest as client;
 use tauri::{
     plugin::{Builder, TauriPlugin},
@@ -7,6 +8,7 @@ use tauri::{
 use std::{collections::HashMap, sync::Mutex};
 
 mod commands;
+mod config;
 mod error;
 mod scope;
 
@@ -33,18 +35,24 @@ impl<R: Runtime, T: Manager<R>> HttpExt<R> for T {
     }
 }
 
-pub fn init<R: Runtime>() -> TauriPlugin<R> {
-    Builder::new("http")
+pub fn init<R: Runtime>() -> TauriPlugin<R, Option<Config>> {
+    Builder::<R, Option<Config>>::new("http")
         .invoke_handler(tauri::generate_handler![
             commands::create_client,
             commands::drop_client,
             commands::request
         ])
-        .setup(|app, _api| {
+        .setup(|app, api| {
+            let default_scope = HttpAllowlistScope::default();
             app.manage(Http {
                 app: app.clone(),
                 clients: Default::default(),
-                scope: scope::Scope::new(&app.config().tauri.allowlist.http.scope),
+                scope: scope::Scope::new(
+                    api.config()
+                        .as_ref()
+                        .map(|c| &c.scope)
+                        .unwrap_or(&default_scope),
+                ),
             });
             Ok(())
         })

plugins/http/src/scope.rs

@@ -2,9 +2,9 @@
 // SPDX-License-Identifier: Apache-2.0
 // SPDX-License-Identifier: MIT
 
+use crate::config::HttpAllowlistScope;
 use glob::Pattern;
 use reqwest::Url;
-use tauri::utils::config::HttpAllowlistScope;
 
 /// Scope for filesystem access.
 #[derive(Debug, Clone)]
@@ -38,7 +38,7 @@ impl Scope {
 
 #[cfg(test)]
 mod tests {
-    use tauri::utils::config::HttpAllowlistScope;
+    use crate::config::HttpAllowlistScope;
 
     #[test]
     fn is_allowed() {