feat: dde-am resolve command to full path before execution

[yixinshark]

When executing commands via dde-am, resolve relative command names to their full path using QStandardPaths::findExecutable.

Log: dde-am resolve command to full path before execution
Pms: BUG-349699

Summary by Sourcery

Bug Fixes:

• Prevent dde-am from attempting to execute non-existent or relative commands by resolving them via QStandardPaths::findExecutable and failing fast if resolution fails.

[sourcery-ai]

Reviewer's Guide

This PR updates dde-am command execution so that command names are resolved to full executable paths before invocation, and aborts execution early when the command is invalid or not found.

Sequence diagram for command execution with full path resolution

sequenceDiagram
    participant Main as handleExecuteCommand
    participant Executor as CommandExecutor
    participant QPaths as QStandardPaths

    Main->>Executor: setProgram(program)
    alt program is empty
        Executor-->>Main: false
        Main-->>Main: return -1
    else program starts with slash
        Executor-->>Main: true
        Main->>Executor: setType(type)
        Main->>Executor: setArguments(arguments)
        Main-->>Main: proceed_with_execution
    else program is relative
        Executor->>QPaths: findExecutable(program)
        alt fullPath is empty
            QPaths-->>Executor: ""
            Executor-->>Main: false
            Main-->>Main: return -1
        else fullPath found
            QPaths-->>Executor: fullPath
            Executor-->>Main: true
            Main->>Executor: setType(type)
            Main->>Executor: setArguments(arguments)
            Main-->>Main: proceed_with_execution
        end
    end

Loading

Updated class diagram for CommandExecutor with resolving program path

classDiagram
    class CommandExecutor {
        - QString m_program
        + bool setProgram(QString program)
        + void setArguments(QStringList arguments)
        + void setType(QString type)
        + void setRunId(QString runId)
    }

Loading

File-Level Changes

Change	Details	Files
Resolve non-absolute command names to full paths before execution and fail fast on invalid commands.	Change CommandExecutor::setProgram to return a bool indicating success/failure instead of void Validate that the provided program string is non-empty and log a warning and fail when it is empty or the executable cannot be found Use QStandardPaths::findExecutable to resolve non-absolute command names to full filesystem paths and store the resolved path in m_program, logging a debug message on success Keep absolute paths unchanged when setting m_program	apps/dde-am/src/commandexecutor.cpp apps/dde-am/src/commandexecutor.h
Propagate command resolution failure to the CLI entrypoint and exit with an error code when resolution fails.	Update handleExecuteCommand to check the boolean result of CommandExecutor::setProgram Return -1 immediately from handleExecuteCommand when setProgram fails instead of proceeding with execution setup	apps/dde-am/src/main.cpp

---

Tips and commands

Interacting with Sourcery

• Trigger a new review: Comment @sourcery-ai review on the pull request.
• Continue discussions: Reply directly to Sourcery's review comments.
• Generate a GitHub issue from a review comment: Ask Sourcery to create an
  issue from a review comment by replying to it. You can also reply to a
  review comment with @sourcery-ai issue to create an issue from it.
• Generate a pull request title: Write @sourcery-ai anywhere in the pull
  request title to generate a title at any time. You can also comment
  @sourcery-ai title on the pull request to (re-)generate the title at any time.
• Generate a pull request summary: Write @sourcery-ai summary anywhere in
  the pull request body to generate a PR summary at any time exactly where you
  want it. You can also comment @sourcery-ai summary on the pull request to
  (re-)generate the summary at any time.
• Generate reviewer's guide: Comment @sourcery-ai guide on the pull
  request to (re-)generate the reviewer's guide at any time.
• Resolve all Sourcery comments: Comment @sourcery-ai resolve on the
  pull request to resolve all Sourcery comments. Useful if you've already
  addressed all the comments and don't want to see them anymore.
• Dismiss all Sourcery reviews: Comment @sourcery-ai dismiss on the pull
  request to dismiss all existing Sourcery reviews. Especially useful if you
  want to start fresh with a new review - don't forget to comment
  @sourcery-ai review to trigger a new review!

Customizing Your Experience

Access your dashboard to:

• Enable or disable review features such as the Sourcery-generated pull request
  summary, the reviewer's guide, and others.
• Change the review language.
• Add, remove or edit custom review instructions.
• Adjust other review settings.

Getting Help

• Contact our support team for questions or feedback.
• Visit our documentation for detailed guides and information.
• Keep in touch with the Sourcery team by following us on X/Twitter, LinkedIn or GitHub.

[sourcery-ai]

Hey - I've left some high level feedback:

• Since setProgram now returns bool, please double-check all existing call sites (including any outside this translation unit) to ensure they handle failure appropriately and that the changed signature doesn’t silently break other usages.
• Currently only non-absolute commands are validated via findExecutable; consider also checking that absolute paths actually point to an executable (e.g. with QFileInfo::isExecutable) to avoid attempting to run missing or non-executable files.

Prompt for AI Agents

Please address the comments from this code review:

## Overall Comments
- Since `setProgram` now returns `bool`, please double-check all existing call sites (including any outside this translation unit) to ensure they handle failure appropriately and that the changed signature doesn’t silently break other usages.
- Currently only non-absolute commands are validated via `findExecutable`; consider also checking that absolute paths actually point to an executable (e.g. with `QFileInfo::isExecutable`) to avoid attempting to run missing or non-executable files.

---

Sourcery is free for open source - if you like our reviews please consider sharing them ✨

• X
• Mastodon
• LinkedIn
• Facebook

_{Help me be more useful! Please click 👍 or 👎 on each comment and I'll use the feedback to improve your reviews.}

[deepin-ci-robot]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by: BLumia, yixinshark

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• debian/deepin/OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[deepin-ci-robot]

deepin pr auto review

这段代码的修改主要目的是为了增强命令执行的健壮性，确保 setProgram 方法接收到的程序路径是有效的、可执行的绝对路径。以下是对这段 diff 的详细审查和改进建议：

1. 语法与逻辑审查

• 基本逻辑：代码逻辑是正确的。它首先检查输入是否为空，然后判断是否为绝对路径。如果不是绝对路径，则使用 QStandardPaths::findExecutable 在系统 PATH 中查找。如果找不到，返回 false；如果找到了或者是绝对路径，则更新成员变量 m_program。
• 返回值：将返回值从 void 改为 bool 并在 main.cpp 中据此进行错误处理（返回 -1），这是一个很好的改进，使得调用者能够感知设置失败的情况。

2. 代码质量与规范

• 包含头文件：新增的 #include <QDir> 和 #include <QStandardPaths> 是必要的，符合规范。
• 日志输出：
  • 使用了 qWarning() 输出错误信息，使用 qDebug() 输出解析路径信息，符合 Qt 的日志规范。
  • 建议：在 main.cpp 中检测到 setProgram 返回 false 时，虽然代码返回了 -1，但没有向用户输出具体的错误信息（例如 "Error: Command not found"）。用户可能不知道程序为何退出。

3. 代码性能

• 路径解析开销：QStandardPaths::findExecutable 是一个相对较重的操作，因为它可能需要遍历 PATH 环境变量中的多个目录并进行文件系统访问。
  • 建议：如果 setProgram 在高频调用的热路径中，且传入的命令大部分已经是绝对路径，目前的逻辑（先 isAbsolutePath 判断）已经做了优化，避免了不必要的查找。性能方面是可以接受的。

4. 代码安全

• 路径注入风险：QStandardPaths::findExecutable 会根据系统的 PATH 环境变量查找。如果当前进程运行在受污染的环境下（例如 PATH 被恶意修改），可能会解析到错误的可执行文件。
  • 建议：如果这是一个安全敏感的应用（例如以 root 权限运行），建议限制搜索范围或严格校验解析出的路径是否位于预期的安全目录（如 /usr/bin, /bin）中。
• 空指针/崩溃风险：目前的代码对 program.isEmpty() 做了检查，避免了空字符串导致的潜在问题，安全性较好。

综合改进建议

针对 main.cpp 中的错误处理，建议增加用户可见的错误输出，提升用户体验。

修改建议代码 (apps/dde-am/src/main.cpp):

#include <QCoreApplication> // 确保包含此头文件以使用 exit() 或返回码
#include <QTextStream>       // 用于输出到控制台
#include <QDebug>

// ... (其他代码)

int handleExecuteCommand(const QCommandLineParser &parser,
                         const QCommandLineOption &executeOption,
                         const QCommandLineOption &typeOption,
                         const QCommandLineOption &envOption)
{
    CommandExecutor executor;
    QString cmd = parser.value(executeOption);
    
    if (!executor.setProgram(cmd)) {
        QTextStream(stderr) << "Error: Failed to execute command. "
                            << "The executable '" << cmd << "' was not found or is invalid.\n";
        return EXIT_FAILURE; // 使用标准宏定义通常比硬编码 -1 更好，或者保持 -1 也可以
    }

    if (parser.isSet(typeOption)) {
        executor.setType(parser.value(typeOption));
    }
    
    // ... (后续代码)

总结：
这段代码的修改在逻辑上是正确且必要的，有效地防止了因命令路径无效而导致的潜在崩溃或静默失败。主要的改进空间在于 main.cpp 中的错误反馈，以及根据应用的安全级别考虑是否需要更严格的路径白名单校验。

[yixinshark]

/forcemerge

[deepin-bot]

This pr force merged! (status: blocked)