Use deno permission prompts for installed version

Question

Use deno permission prompts for installed version

grebaldi opened this issue 3 years ago · comments

The Problem

Think about #22. When a user installs a Deno program via deno install, they are forced to then and there decide what permissions that program is supposed to have. Since the context in which strawman will be used differs greatly between use-cases, the exact permissions are not known at install-time. Users would have to do something like:

deno install --unstable --allow-net --allow-read --allow-write https://deno.land/x/strawman@1.0.0-alpha.1/something/something.ts

--allow-net --allow-read --allow-write are very broad permissions and since strawman allows to execute arbitrary code via snapshot templates this could potentially break Deno's security model.

The Solution

Both, the start and rc commands require permissions to operate. Those permissions can be directly derived from the given parameters.

Deno provides so-called Permission APIs. One one side, you can use those APIs to ask questions about given permissions. Interesting for us though is that you can also prompt for permissions:

https://deno.land/manual@v1.20.1/runtime/permission_apis#request-permissions

Since we can derive all permissions needed from the given parameters of each command, we can use the Deno.permissions.request API to prompt for permissions if they haven't been granted yet.

This way, strawman can be installed without any permissions at all (Unfortunately, the --unstable flag still needs to be granted regardless).

Acceptance Criteria

strawman prompts for net permissions on its own host when those weren't explicitly passed when running strawman start
strawman prompts for net permissions on the procied host when those weren't explicitly passed when running strawman start
strawman prompts for read permissions on the snapshot directory when those weren't explicitly passed when running strawman start
strawman prompts for write permissions on the snapshot directory when those weren't explicitly passed when running strawman start
strawman prompts for net permissions on its own host when those weren't explicitly passed when running strawman rc

Henrik Radandt · Answer 1 · Mon Mar 21 2022 16:08:04 GMT+0800 (China Standard Time)

Hi @grebaldi, maybe I misunderstood something, but when I run a deno script without permission flags, I'm already being prompted for permission.

Wilhelm Behncke · Answer 2 · Mon Mar 21 2022 16:23:09 GMT+0800 (China Standard Time)

That's interesting :) Looks like new behavior. What deno version did you run this on?

Henrik Radandt · Answer 3 · Mon Mar 21 2022 16:38:56 GMT+0800 (China Standard Time)

deno 1.20.1 (release, x86_64-unknown-linux-gnu)
v8 10.0.139.6
typescript 4.6.2

Have run it at gitpod.

André König · Answer 4 · Mon Mar 21 2022 20:04:32 GMT+0800 (China Standard Time)

@grebaldi, jap, can confirm that this is a new feature since 1.20.0.

Wilhelm Behncke · Answer 5 · Mon Mar 21 2022 21:10:42 GMT+0800 (China Standard Time)

Well, then it looks like Deno's done that job for us 😄

I'll close this then.