infoAbout
infoAbout s&box newspaperLatest News published_with_changesChanges mapRoadmap monitoringMetrics
gamesGames
sports_esportsBrowse Games exploreDiscover Games
categoryWorkshop
sports_esportsGames landscapeMaps view_in_arModels textureMaterials apparelClothing constructionMore..
forumForum menu_bookLearn
docsDocumentation apiApi Reference schoolTutorials manage_searchCode Search
Secbox - Editor Anti-Malware
Released
by F4 Industries library
updated 9 days ago
822.6KB
thumb_down_alt0 favorite2 library_books0
homeDetailsnewspaperNewsreviewsReviewcodeSource
folder.obj
description__compiler_extra.cs
folderCode
descriptionMyLibraryComponent.cs
folderEditor
folderBridge
folderDto
descriptionApiInfo.cs
descriptionConcern.cs
descriptionDecision.cs
descriptionFinding.cs
descriptionRulePackInfo.cs
descriptionRuntimeSensorDtos.cs
descriptionScanReport.cs
descriptionSeverity.cs
descriptionCorePolicy.cs
descriptionDiagnosticsLog.cs
descriptionRuntimeMonitorBridge.cs
descriptionSecboxConfig.cs
descriptionSecboxCoreClient.cs
descriptionSecboxCoreLoader.cs
folderLifecycle
descriptionBootAudit.cs
descriptionInstallHook.cs
descriptionLibraryScanResult.cs
descriptionPackageLocator.cs
descriptionReflectionHelpers.cs
descriptionRuntimeMonitor.cs
descriptionRuntimeMonitorCoordinator.cs
descriptionSecboxBoot.cs
descriptionWelcomeDialogueTrigger.cs
folderTrust
descriptionPackageHasher.cs
descriptionPolicy.cs
descriptionTrustEntry.cs
descriptionTrustStore.cs
folderUI
descriptionAllowAllDialog.cs
descriptionConcernMapper.cs
descriptionFindingTranslator.cs
descriptionLibraryDetailPanel.cs
descriptionLibraryManagerInjector.cs
descriptionLibraryRowBadge.cs
descriptionMenuItems.cs
descriptionReviewDialog.cs
descriptionReviewWindow.cs
descriptionScanResultsWindow.cs
descriptionSecboxStatusPanel.cs
descriptionTrustManagerWindow.cs
descriptionWelcomeDialogue.cs
folderUnitTests
descriptionLibraryTest.cs
descriptionUnitTest.cs
descriptionMyLibraryComponent.cs
Editor/Trust/TrustStore.cs
using System;
using System.Collections.Generic;
using System.IO;
using System.Text.Json;
using System.Text.Json.Serialization;

namespace Sandbox.SecBox;

// JSON-backed trust store. Persists to <projectRoot>/.secbox/trust.json.
// Layout:
//   { "Policy": {...}, "Entries": [TrustEntry, ...] }
// Hand-editable (intentionally) so users can revoke or audit without UI.
public sealed class TrustStore
{
	const string Subfolder = ".secbox";
	const string FileName = "trust.json";

	static readonly JsonSerializerOptions JsonOpts = new()
	{
		WriteIndented = true,
		PropertyNamingPolicy = JsonNamingPolicy.CamelCase,
		Converters = { new JsonStringEnumConverter() },
		DefaultIgnoreCondition = JsonIgnoreCondition.WhenWritingNull,
	};

	public Policy Policy { get; set; } = new();
	public List<TrustEntry> Entries { get; set; } = new();

	// Bumped on every Save() so listeners (status panel) can detect changes
	// without rereading the file or comparing entry contents.
	static int _version;
	public static int Version => System.Threading.Volatile.Read( ref _version );

	[JsonIgnore]
	public string FilePath { get; private set; }

	public static TrustStore Load( string projectRoot )
	{
		var path = Path.Combine( projectRoot, Subfolder, FileName );
		if ( !File.Exists( path ) )
			return new TrustStore { FilePath = path };

		try
		{
			var json = File.ReadAllText( path );
			var store = JsonSerializer.Deserialize<TrustStore>( json, JsonOpts ) ?? new TrustStore();
			store.FilePath = path;
			store.Policy ??= new Policy();
			store.Entries ??= new List<TrustEntry>();
			return store;
		}
		catch ( Exception ex )
		{
			// Corrupt store: preserve the file under a sidecar name so user
			// can recover, return a fresh store rather than crashing.
			try { File.Move( path, path + $".corrupt-{DateTime.UtcNow:yyyyMMddHHmmss}", overwrite: true ); }
			catch { }
			global::Sandbox.Internal.GlobalGameNamespace.Log.Warning( $"[secbox] trust store unreadable ({ex.Message}); starting fresh" );
			return new TrustStore { FilePath = path };
		}
	}

	public void Save()
	{
		if ( string.IsNullOrEmpty( FilePath ) )
			throw new InvalidOperationException( "TrustStore.FilePath not set; call Load first or construct via Create()." );

		var dir = Path.GetDirectoryName( FilePath );
		if ( !string.IsNullOrEmpty( dir ) && !Directory.Exists( dir ) )
			Directory.CreateDirectory( dir );

		var json = JsonSerializer.Serialize( this, JsonOpts );
		File.WriteAllText( FilePath, json );
		System.Threading.Interlocked.Increment( ref _version );
	}

	// Look up by hash. The hash is the authoritative key.
	public TrustEntry Find( string contentHash )
	{
		for ( int i = 0; i < Entries.Count; i++ )
		{
			if ( Entries[i].ContentHash == contentHash )
				return Entries[i];
		}
		return null;
	}

	public TrustEntry Upsert( TrustEntry entry )
	{
		for ( int i = 0; i < Entries.Count; i++ )
		{
			if ( Entries[i].ContentHash == entry.ContentHash )
			{
				Entries[i] = entry;
				return entry;
			}
		}
		Entries.Add( entry );
		return entry;
	}

	public bool Remove( string contentHash )
	{
		for ( int i = 0; i < Entries.Count; i++ )
		{
			if ( Entries[i].ContentHash == contentHash )
			{
				Entries.RemoveAt( i );
				return true;
			}
		}
		return false;
	}
}