2019-03-04 17:04:19 +01:00
|
|
|
// Copyright 2018-2019 the Deno authors. All rights reserved. MIT license.
|
|
|
|
import * as msg from "gen/msg_generated";
|
|
|
|
import * as flatbuffers from "./flatbuffers";
|
|
|
|
import * as dispatch from "./dispatch";
|
|
|
|
import { assert } from "./util";
|
|
|
|
|
|
|
|
/** Permissions as granted by the caller */
|
2019-03-10 04:30:38 +11:00
|
|
|
export interface Permissions {
|
2019-03-04 17:04:19 +01:00
|
|
|
read: boolean;
|
|
|
|
write: boolean;
|
|
|
|
net: boolean;
|
|
|
|
env: boolean;
|
|
|
|
run: boolean;
|
|
|
|
|
|
|
|
// NOTE: Keep in sync with src/permissions.rs
|
2019-03-10 04:30:38 +11:00
|
|
|
}
|
2019-03-04 17:04:19 +01:00
|
|
|
|
|
|
|
export type Permission = keyof Permissions;
|
|
|
|
|
2019-03-10 04:30:38 +11:00
|
|
|
function getReq(): [flatbuffers.Builder, msg.Any, flatbuffers.Offset] {
|
|
|
|
const builder = flatbuffers.createBuilder();
|
|
|
|
msg.Permissions.startPermissions(builder);
|
|
|
|
const inner = msg.Permissions.endPermissions(builder);
|
|
|
|
return [builder, msg.Any.Permissions, inner];
|
|
|
|
}
|
|
|
|
|
|
|
|
function createPermissions(inner: msg.PermissionsRes): Permissions {
|
|
|
|
return {
|
|
|
|
read: inner.read(),
|
|
|
|
write: inner.write(),
|
|
|
|
net: inner.net(),
|
|
|
|
env: inner.env(),
|
|
|
|
run: inner.run()
|
|
|
|
};
|
|
|
|
}
|
|
|
|
|
2019-03-04 17:04:19 +01:00
|
|
|
/** Inspect granted permissions for the current program.
|
|
|
|
*
|
|
|
|
* if (Deno.permissions().read) {
|
|
|
|
* const file = await Deno.readFile("example.test");
|
|
|
|
* // ...
|
|
|
|
* }
|
|
|
|
*/
|
|
|
|
export function permissions(): Permissions {
|
|
|
|
const baseRes = dispatch.sendSync(...getReq())!;
|
|
|
|
assert(msg.Any.PermissionsRes === baseRes.innerType());
|
|
|
|
const res = new msg.PermissionsRes();
|
|
|
|
assert(baseRes.inner(res) != null);
|
|
|
|
// TypeScript cannot track assertion above, therefore not null assertion
|
|
|
|
return createPermissions(res);
|
|
|
|
}
|
|
|
|
|
2019-03-10 04:30:38 +11:00
|
|
|
function revokeReq(
|
|
|
|
permission: string
|
|
|
|
): [flatbuffers.Builder, msg.Any, flatbuffers.Offset] {
|
|
|
|
const builder = flatbuffers.createBuilder();
|
|
|
|
const permission_ = builder.createString(permission);
|
|
|
|
msg.PermissionRevoke.startPermissionRevoke(builder);
|
|
|
|
msg.PermissionRevoke.addPermission(builder, permission_);
|
|
|
|
const inner = msg.PermissionRevoke.endPermissionRevoke(builder);
|
|
|
|
return [builder, msg.Any.PermissionRevoke, inner];
|
|
|
|
}
|
|
|
|
|
2019-03-04 17:04:19 +01:00
|
|
|
/** Revoke a permission. When the permission was already revoked nothing changes
|
|
|
|
*
|
|
|
|
* if (Deno.permissions().read) {
|
|
|
|
* const file = await Deno.readFile("example.test");
|
|
|
|
* Deno.revokePermission('read');
|
|
|
|
* }
|
|
|
|
* Deno.readFile("example.test"); // -> error or permission prompt
|
|
|
|
*/
|
|
|
|
export function revokePermission(permission: Permission): void {
|
|
|
|
dispatch.sendSync(...revokeReq(permission));
|
|
|
|
}
|