summaryrefslogtreecommitdiff
path: root/js/permissions.ts
diff options
context:
space:
mode:
Diffstat (limited to 'js/permissions.ts')
-rw-r--r--js/permissions.ts74
1 files changed, 74 insertions, 0 deletions
diff --git a/js/permissions.ts b/js/permissions.ts
new file mode 100644
index 000000000..6acb80b1f
--- /dev/null
+++ b/js/permissions.ts
@@ -0,0 +1,74 @@
+// Copyright 2018-2019 the Deno authors. All rights reserved. MIT license.
+import * as msg from "gen/msg_generated";
+import * as flatbuffers from "./flatbuffers";
+import * as dispatch from "./dispatch";
+import { assert } from "./util";
+
+/** Permissions as granted by the caller */
+export type Permissions = {
+ read: boolean;
+ write: boolean;
+ net: boolean;
+ env: boolean;
+ run: boolean;
+
+ // NOTE: Keep in sync with src/permissions.rs
+};
+
+export type Permission = keyof Permissions;
+
+/** Inspect granted permissions for the current program.
+ *
+ * if (Deno.permissions().read) {
+ * const file = await Deno.readFile("example.test");
+ * // ...
+ * }
+ */
+export function permissions(): Permissions {
+ const baseRes = dispatch.sendSync(...getReq())!;
+ assert(msg.Any.PermissionsRes === baseRes.innerType());
+ const res = new msg.PermissionsRes();
+ assert(baseRes.inner(res) != null);
+ // TypeScript cannot track assertion above, therefore not null assertion
+ return createPermissions(res);
+}
+
+/** Revoke a permission. When the permission was already revoked nothing changes
+ *
+ * if (Deno.permissions().read) {
+ * const file = await Deno.readFile("example.test");
+ * Deno.revokePermission('read');
+ * }
+ * Deno.readFile("example.test"); // -> error or permission prompt
+ */
+export function revokePermission(permission: Permission): void {
+ dispatch.sendSync(...revokeReq(permission));
+}
+
+function createPermissions(inner: msg.PermissionsRes): Permissions {
+ return {
+ read: inner.read(),
+ write: inner.write(),
+ net: inner.net(),
+ env: inner.env(),
+ run: inner.run()
+ };
+}
+
+function getReq(): [flatbuffers.Builder, msg.Any, flatbuffers.Offset] {
+ const builder = flatbuffers.createBuilder();
+ msg.Permissions.startPermissions(builder);
+ const inner = msg.Permissions.endPermissions(builder);
+ return [builder, msg.Any.Permissions, inner];
+}
+
+function revokeReq(
+ permission: string
+): [flatbuffers.Builder, msg.Any, flatbuffers.Offset] {
+ const builder = flatbuffers.createBuilder();
+ const permission_ = builder.createString(permission);
+ msg.PermissionRevoke.startPermissionRevoke(builder);
+ msg.PermissionRevoke.addPermission(builder, permission_);
+ const inner = msg.PermissionRevoke.endPermissionRevoke(builder);
+ return [builder, msg.Any.PermissionRevoke, inner];
+}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-27 13:21:46 +0000