mirror of
https://github.com/denoland/deno.git
synced 2024-12-26 00:59:24 -05:00
6fb7e8d93b
This commit adds new "--deny-*" permission flags. These are complimentary to "--allow-*" flags. These flags can be used to restrict access to certain resources, even if they were granted using "--allow-*" flags or the "--allow-all" ("-A") flag. Eg. specifying "--allow-read --deny-read" will result in a permission error, while "--allow-read --deny-read=/etc" will allow read access to all FS but the "/etc" directory. Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly by adding, a new "PermissionStatus.partial" field. This field denotes that while permission might be granted to requested resource, it's only partial (ie. a "--deny-*" flag was specified that excludes some of the requested resources). Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for permissions like "Deno.permissions.query({ name: "read", path: "foo/" })" will return "PermissionStatus { state: "granted", onchange: null, partial: true }", denoting that some of the subpaths don't have read access. Closes #18804. --------- Co-authored-by: Bartek Iwańczuk <biwanczuk@gmail.com> Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
22 lines
1.5 KiB
JavaScript
22 lines
1.5 KiB
JavaScript
console.log(Deno.permissions.querySync({ name: "env" }));
|
|
console.log(Deno.permissions.querySync({ name: "env", variable: "FOO" }));
|
|
console.log(Deno.permissions.querySync({ name: "env", variable: "BAR" }));
|
|
console.log(Deno.permissions.querySync({ name: "read" }));
|
|
console.log(Deno.permissions.querySync({ name: "read", path: "/foo" }));
|
|
console.log(Deno.permissions.querySync({ name: "read", path: "/bar" }));
|
|
console.log(Deno.permissions.querySync({ name: "write" }));
|
|
console.log(Deno.permissions.querySync({ name: "write", path: "/foo" }));
|
|
console.log(Deno.permissions.querySync({ name: "write", path: "/bar" }));
|
|
console.log(Deno.permissions.querySync({ name: "ffi" }));
|
|
console.log(Deno.permissions.querySync({ name: "ffi", path: "/foo" }));
|
|
console.log(Deno.permissions.querySync({ name: "ffi", path: "/bar" }));
|
|
console.log(Deno.permissions.querySync({ name: "run" }));
|
|
console.log(Deno.permissions.querySync({ name: "run", command: "foo" }));
|
|
console.log(Deno.permissions.querySync({ name: "run", command: "bar" }));
|
|
console.log(Deno.permissions.querySync({ name: "sys" }));
|
|
console.log(Deno.permissions.querySync({ name: "sys", kind: "hostname" }));
|
|
console.log(Deno.permissions.querySync({ name: "sys", kind: "loadavg" }));
|
|
console.log(Deno.permissions.querySync({ name: "net" }));
|
|
console.log(Deno.permissions.querySync({ name: "net", host: "127.0.0.1" }));
|
|
console.log(Deno.permissions.querySync({ name: "net", host: "192.168.0.1" }));
|
|
console.log(Deno.permissions.querySync({ name: "hrtime" }));
|