diff options
| author | Asher Gomez <ashersaupingomez@gmail.com> | 2023-08-03 21:19:19 +1000 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2023-08-03 13:19:19 +0200 |
| commit | 6fb7e8d93bb9fd8cdd81130a394ae6061930c4f6 (patch) | |
| tree | 2ec6dc2be234ef5a42023c1d75f1fc1316d80f06 /cli/tsc | |
| parent | db287e216dd752bfcb3484cbfd93225e8463c363 (diff) | |
feat(permissions): add "--deny-*" flags (#19070)
This commit adds new "--deny-*" permission flags. These are complimentary to
"--allow-*" flags.
These flags can be used to restrict access to certain resources, even if they
were granted using "--allow-*" flags or the "--allow-all" ("-A") flag.
Eg. specifying "--allow-read --deny-read" will result in a permission error,
while "--allow-read --deny-read=/etc" will allow read access to all FS but the
"/etc" directory.
Runtime permissions APIs ("Deno.permissions") were adjusted as well, mainly
by adding, a new "PermissionStatus.partial" field. This field denotes that
while permission might be granted to requested resource, it's only partial (ie.
a "--deny-*" flag was specified that excludes some of the requested resources).
Eg. specifying "--allow-read=foo/ --deny-read=foo/bar" and then querying for
permissions like "Deno.permissions.query({ name: "read", path: "foo/" })"
will return "PermissionStatus { state: "granted", onchange: null, partial: true }",
denoting that some of the subpaths don't have read access.
Closes #18804.
---------
Co-authored-by: Bartek IwaĆczuk <biwanczuk@gmail.com>
Co-authored-by: Nayeem Rahman <nayeemrmn99@gmail.com>
Diffstat (limited to 'cli/tsc')
| -rw-r--r-- | cli/tsc/dts/lib.deno.ns.d.ts | 34 |
1 files changed, 22 insertions, 12 deletions
diff --git a/cli/tsc/dts/lib.deno.ns.d.ts b/cli/tsc/dts/lib.deno.ns.d.ts index 1c8d9db63..436387eba 100644 --- a/cli/tsc/dts/lib.deno.ns.d.ts +++ b/cli/tsc/dts/lib.deno.ns.d.ts @@ -4403,9 +4403,12 @@ declare namespace Deno { * * @category Permissions */ - export type PermissionState = "granted" | "denied" | "prompt"; + export type PermissionState = + | "granted" + | "denied" + | "prompt"; - /** The permission descriptor for the `allow-run` permission, which controls + /** The permission descriptor for the `allow-run` and `deny-run` permissions, which controls * access to what sub-processes can be executed by Deno. The option `command` * allows scoping the permission to a specific executable. * @@ -4416,12 +4419,12 @@ declare namespace Deno { * @category Permissions */ export interface RunPermissionDescriptor { name: "run"; - /** The `allow-run` permission can be scoped to a specific executable, + /** An `allow-run` or `deny-run` permission can be scoped to a specific executable, * which would be relative to the start-up CWD of the Deno CLI. */ command?: string | URL; } - /** The permission descriptor for the `allow-read` permissions, which controls + /** The permission descriptor for the `allow-read` and `deny-read` permissions, which controls * access to reading resources from the local host. The option `path` allows * scoping the permission to a specific path (and if the path is a directory * any sub paths). @@ -4432,12 +4435,12 @@ declare namespace Deno { * @category Permissions */ export interface ReadPermissionDescriptor { name: "read"; - /** The `allow-read` permission can be scoped to a specific path (and if + /** An `allow-read` or `deny-read` permission can be scoped to a specific path (and if * the path is a directory, any sub paths). */ path?: string | URL; } - /** The permission descriptor for the `allow-write` permissions, which + /** The permission descriptor for the `allow-write` and `deny-write` permissions, which * controls access to writing to resources from the local host. The option * `path` allow scoping the permission to a specific path (and if the path is * a directory any sub paths). @@ -4448,12 +4451,12 @@ declare namespace Deno { * @category Permissions */ export interface WritePermissionDescriptor { name: "write"; - /** The `allow-write` permission can be scoped to a specific path (and if + /** An `allow-write` or `deny-write` permission can be scoped to a specific path (and if * the path is a directory, any sub paths). */ path?: string | URL; } - /** The permission descriptor for the `allow-net` permissions, which controls + /** The permission descriptor for the `allow-net` and `deny-net` permissions, which controls * access to opening network ports and connecting to remote hosts via the * network. The option `host` allows scoping the permission for outbound * connection to a specific host and port. @@ -4469,7 +4472,7 @@ declare namespace Deno { host?: string; } - /** The permission descriptor for the `allow-env` permissions, which controls + /** The permission descriptor for the `allow-env` and `deny-env` permissions, which controls * access to being able to read and write to the process environment variables * as well as access other information about the environment. The option * `variable` allows scoping the permission to a specific environment @@ -4482,7 +4485,7 @@ declare namespace Deno { variable?: string; } - /** The permission descriptor for the `allow-sys` permissions, which controls + /** The permission descriptor for the `allow-sys` and `deny-sys` permissions, which controls * access to sensitive host system information, which malicious code might * attempt to exploit. The option `kind` allows scoping the permission to a * specific piece of information. @@ -4502,7 +4505,7 @@ declare namespace Deno { | "gid"; } - /** The permission descriptor for the `allow-ffi` permissions, which controls + /** The permission descriptor for the `allow-ffi` and `deny-ffi` permissions, which controls * access to loading _foreign_ code and interfacing with it via the * [Foreign Function Interface API](https://deno.land/manual/runtime/ffi_api) * available in Deno. The option `path` allows scoping the permission to a @@ -4515,7 +4518,7 @@ declare namespace Deno { path?: string | URL; } - /** The permission descriptor for the `allow-hrtime` permission, which + /** The permission descriptor for the `allow-hrtime` and `deny-hrtime` permissions, which * controls if the runtime code has access to high resolution time. High * resolution time is considered sensitive information, because it can be used * by malicious code to gain information about the host that it might not @@ -4560,6 +4563,13 @@ declare namespace Deno { // deno-lint-ignore no-explicit-any onchange: ((this: PermissionStatus, ev: Event) => any) | null; readonly state: PermissionState; + /** + * Describes if permission is only granted partially, eg. an access + * might be granted to "/foo" directory, but denied for "/foo/bar". + * In such case this field will be set to `true` when querying for + * read permissions of "/foo" directory. + */ + readonly partial: boolean; addEventListener<K extends keyof PermissionStatusEventMap>( type: K, listener: ( |