Use deno permission prompts for installed version
grebaldi opened this issue · comments
The Problem
Think about #22. When a user installs a Deno program via deno install
, they are forced to then and there decide what permissions that program is supposed to have. Since the context in which strawman
will be used differs greatly between use-cases, the exact permissions are not known at install-time. Users would have to do something like:
deno install --unstable --allow-net --allow-read --allow-write https://deno.land/x/strawman@1.0.0-alpha.1/something/something.ts
--allow-net --allow-read --allow-write
are very broad permissions and since strawman
allows to execute arbitrary code via snapshot templates this could potentially break Deno's security model.
The Solution
Both, the start
and rc
commands require permissions to operate. Those permissions can be directly derived from the given parameters.
Deno provides so-called Permission APIs. One one side, you can use those APIs to ask questions about given permissions. Interesting for us though is that you can also prompt for permissions:
https://deno.land/manual@v1.20.1/runtime/permission_apis#request-permissions
Since we can derive all permissions needed from the given parameters of each command, we can use the Deno.permissions.request
API to prompt for permissions if they haven't been granted yet.
This way, strawman
can be installed without any permissions at all (Unfortunately, the --unstable
flag still needs to be granted regardless).
Acceptance Criteria
-
strawman
prompts fornet
permissions on its own host when those weren't explicitly passed when runningstrawman start
-
strawman
prompts fornet
permissions on the procied host when those weren't explicitly passed when runningstrawman start
-
strawman
prompts forread
permissions on the snapshot directory when those weren't explicitly passed when runningstrawman start
-
strawman
prompts forwrite
permissions on the snapshot directory when those weren't explicitly passed when runningstrawman start
-
strawman
prompts fornet
permissions on its own host when those weren't explicitly passed when runningstrawman rc
Hi @grebaldi, maybe I misunderstood something, but when I run a deno script without permission flags, I'm already being prompted for permission.
That's interesting :) Looks like new behavior. What deno version did you run this on?
deno 1.20.1 (release, x86_64-unknown-linux-gnu)
v8 10.0.139.6
typescript 4.6.2
Have run it at gitpod.
@grebaldi, jap, can confirm that this is a new feature since 1.20.0
.
Well, then it looks like Deno's done that job for us 😄
I'll close this then.