From 608ce1e4426dc99f9924ff40b9ef0a46043b3dfd Mon Sep 17 00:00:00 2001
From: Sander <hey@sandydoo.me>
Date: Tue, 9 Jan 2024 23:30:19 +0000
Subject: [PATCH] daemon: add debugging logs to trusted user logic

---
 dist/main/index.js | 5 +++++
 src/main.ts        | 5 +++++
 2 files changed, 10 insertions(+)

diff --git a/dist/main/index.js b/dist/main/index.js
index 77c0ef09..cf4deb5b 100644
--- a/dist/main/index.js
+++ b/dist/main/index.js
@@ -7992,10 +7992,15 @@ function getUserConfigDirs() {
 async function isTrustedUser() {
     try {
         let user = os.userInfo().username;
+        core.debug(`Checking if user ${user} is trusted`);
         let userGroups = await execToVariable('id', ['-Gn', user], { silent: true }).then((str) => str.trim().split(' '));
+        core.debug(`User ${user} is in groups ${userGroups}`);
         let [trustedUsers, trustedGroups] = await fetchTrustedUsers().then(partitionUsersAndGroups);
+        core.debug(`Trusted users: ${trustedUsers}`);
+        core.debug(`Trusted groups: ${trustedGroups}`);
         // Chech if Nix is installed in single-user mode.
         let isStoreWritable = isWritable('/nix/store');
+        core.debug(`Is store writable: ${isStoreWritable}`);
         return isStoreWritable
             || trustedUsers.includes(user)
             || trustedGroups.some((group) => userGroups.includes(group));
diff --git a/src/main.ts b/src/main.ts
index 0a83235b..95255a59 100644
--- a/src/main.ts
+++ b/src/main.ts
@@ -310,12 +310,17 @@ function getUserConfigDirs(): string[] {
 async function isTrustedUser(): Promise<boolean> {
   try {
     let user = os.userInfo().username;
+    core.debug(`Checking if user ${user} is trusted`);
     let userGroups = await execToVariable('id', ['-Gn', user], { silent: true }).then((str) => str.trim().split(' '));
+    core.debug(`User ${user} is in groups ${userGroups}`);
 
     let [trustedUsers, trustedGroups] = await fetchTrustedUsers().then(partitionUsersAndGroups);
+    core.debug(`Trusted users: ${trustedUsers}`);
+    core.debug(`Trusted groups: ${trustedGroups}`);
 
     // Chech if Nix is installed in single-user mode.
     let isStoreWritable = isWritable('/nix/store');
+    core.debug(`Is store writable: ${isStoreWritable}`);
 
     return isStoreWritable
       || trustedUsers.includes(user)