Permissions
Permission system controls access to resources (e.g., file system, network, environment variables).
Request permissions explicitly, enhancing security and user trust.
Classes
An EventTarget returned from the Deno.permissions
API which can provide updates to any state changes of the permission.
Interfaces
The permission descriptor for the allow-env and deny-env permissions, which controls
access to being able to read and write to the process environment variables
as well as access other information about the environment. The option
variable allows scoping the permission to a specific environment
variable.
The permission descriptor for the allow-ffi and deny-ffi permissions, which controls
access to loading foreign code and interfacing with it via the
Foreign Function Interface API
available in Deno. The option path allows scoping the permission to a
specific path on the host.
The permission descriptor for the allow-import and deny-import permissions, which controls
access to importing from remote hosts via the network. The option host allows scoping the
permission for outbound connection to a specific host and port.
The permission descriptor for the allow-net and deny-net permissions, which controls
access to opening network ports and connecting to remote hosts via the
network. The option host allows scoping the permission for outbound
connection to a specific host and port.
The interface which defines what event types are supported by
PermissionStatus instances.
The permission descriptor for the allow-read and deny-read permissions, which controls
access to reading resources from the local host. The option path allows
scoping the permission to a specific path (and if the path is a directory
any sub paths).
The permission descriptor for the allow-run and deny-run permissions, which controls
access to what sub-processes can be executed by Deno. The option command
allows scoping the permission to a specific executable.
The permission descriptor for the allow-sys and deny-sys permissions, which controls
access to sensitive host system information, which malicious code might
attempt to exploit. The option kind allows scoping the permission to a
specific piece of information.
The permission descriptor for the allow-write and deny-write permissions, which
controls access to writing to resources from the local host. The option
path allow scoping the permission to a specific path (and if the path is
a directory any sub paths).
Type Aliases
Permission descriptors which define a permission and can be queried, requested, or revoked.
Variables
class Deno.Permissions
Deno's permission management API.
The class which provides the interface for the Deno.permissions
global instance and is based on the web platform
Permissions API,
though some proposed parts of the API which are useful in a server side
runtime context were removed or abandoned in the web platform specification
which is why it was chosen to locate it in the Deno namespace
instead.
By default, if the stdin/stdout is TTY for the Deno CLI (meaning it can
send and receive text), then the CLI will prompt the user to grant
permission when an un-granted permission is requested. This behavior can
be changed by using the --no-prompt command at startup. When prompting
the CLI will request the narrowest permission possible, potentially making
it annoying to the user. The permissions APIs allow the code author to
request a wider set of permissions at one time in order to provide a better
user experience.
Methods #
#query(desc: PermissionDescriptor): Promise<PermissionStatus> Resolves to the current status of a permission.
Note, if the permission is already granted, request() will not prompt
the user again, therefore query() is only necessary if you are going
to react differently existing permissions without wanting to modify them
or prompt the user to modify them.
const status = await Deno.permissions.query({ name: "read", path: "/etc" });
console.log(status.state);
Returns the current status of a permission.
Note, if the permission is already granted, request() will not prompt
the user again, therefore querySync() is only necessary if you are going
to react differently existing permissions without wanting to modify them
or prompt the user to modify them.
const status = Deno.permissions.querySync({ name: "read", path: "/etc" });
console.log(status.state);
#request(desc: PermissionDescriptor): Promise<PermissionStatus> Requests the permission, and resolves to the state of the permission.
If the permission is already granted, the user will not be prompted to grant the permission again.
const status = await Deno.permissions.request({ name: "env" });
if (status.state === "granted") {
console.log("'env' permission is granted.");
} else {
console.log("'env' permission is denied.");
}
Requests the permission, and returns the state of the permission.
If the permission is already granted, the user will not be prompted to grant the permission again.
const status = Deno.permissions.requestSync({ name: "env" });
if (status.state === "granted") {
console.log("'env' permission is granted.");
} else {
console.log("'env' permission is denied.");
}
#revoke(desc: PermissionDescriptor): Promise<PermissionStatus> Revokes a permission, and resolves to the state of the permission.
import { assert } from "jsr:@std/assert";
const status = await Deno.permissions.revoke({ name: "run" });
assert(status.state !== "granted")
Revokes a permission, and returns the state of the permission.
import { assert } from "jsr:@std/assert";
const status = Deno.permissions.revokeSync({ name: "run" });
assert(status.state !== "granted")
class Deno.PermissionStatus
An EventTarget returned from the Deno.permissions
API which can provide updates to any state changes of the permission.
Properties #
#onchange: ((this: PermissionStatus,ev: Event,) => any) | null Describes if permission is only granted partially, eg. an access
might be granted to "/foo" directory, but denied for "/foo/bar".
In such case this field will be set to true when querying for
read permissions of "/foo" directory.
#state: PermissionState Methods #
#addEventListener<K extends keyof PermissionStatusEventMap>(type: K,listener: (this: PermissionStatus,ev: PermissionStatusEventMap[K],) => any,options?: boolean | AddEventListenerOptions,): void #addEventListener(type: string,listener: EventListenerOrEventListenerObject,options?: boolean | AddEventListenerOptions,): void #removeEventListener<K extends keyof PermissionStatusEventMap>(type: K,listener: (this: PermissionStatus,ev: PermissionStatusEventMap[K],) => any,options?: boolean | EventListenerOptions,): void #removeEventListener(type: string,listener: EventListenerOrEventListenerObject,options?: boolean | EventListenerOptions,): void interface Deno.EnvPermissionDescriptor
The permission descriptor for the allow-env and deny-env permissions, which controls
access to being able to read and write to the process environment variables
as well as access other information about the environment. The option
variable allows scoping the permission to a specific environment
variable.
Properties #
interface Deno.FfiPermissionDescriptor
The permission descriptor for the allow-ffi and deny-ffi permissions, which controls
access to loading foreign code and interfacing with it via the
Foreign Function Interface API
available in Deno. The option path allows scoping the permission to a
specific path on the host.
Properties #
interface Deno.ImportPermissionDescriptor
The permission descriptor for the allow-import and deny-import permissions, which controls
access to importing from remote hosts via the network. The option host allows scoping the
permission for outbound connection to a specific host and port.
Properties #
Optional host string of the form "<hostname>[:<port>]". Examples:
"github.com" "deno.land:8080"
interface Deno.NetPermissionDescriptor
The permission descriptor for the allow-net and deny-net permissions, which controls
access to opening network ports and connecting to remote hosts via the
network. The option host allows scoping the permission for outbound
connection to a specific host and port.
Properties #
Optional host string of the form "<hostname>[:<port>]". Examples:
"github.com" "deno.land:8080"
interface Deno.PermissionOptionsObject
A set of options which can define the permissions within a test or worker context at a highly specific level.
Properties #
Specifies if the env permission should be requested or revoked.
If set to "inherit", the current env permission will be inherited.
If set to true, the global env permission will be requested.
If set to false, the global env permission will be revoked.
Specifies if the ffi permission should be requested or revoked.
If set to "inherit", the current ffi permission will be inherited.
If set to true, the global ffi permission will be requested.
If set to false, the global ffi permission will be revoked.
Specifies if the import permission should be requested or revoked.
If set to "inherit" the current import permission will be inherited.
If set to true, the global import permission will be requested.
If set to false, the global import permission will be revoked.
If set to Array<string>, the import permissions will be requested with the
specified domains.
Specifies if the net permission should be requested or revoked.
if set to "inherit", the current net permission will be inherited.
if set to true, the global net permission will be requested.
if set to false, the global net permission will be revoked.
if set to string[], the net permission will be requested with the
specified host strings with the format "<host>[:<port>].
Specifies if the read permission should be requested or revoked.
If set to "inherit", the current read permission will be inherited.
If set to true, the global read permission will be requested.
If set to false, the global read permission will be revoked.
If set to Array<string | URL>, the read permission will be requested with the
specified file paths.
Specifies if the run permission should be requested or revoked.
If set to "inherit", the current run permission will be inherited.
If set to true, the global run permission will be requested.
If set to false, the global run permission will be revoked.
Specifies if the sys permission should be requested or revoked.
If set to "inherit", the current sys permission will be inherited.
If set to true, the global sys permission will be requested.
If set to false, the global sys permission will be revoked.
Specifies if the write permission should be requested or revoked.
If set to "inherit", the current write permission will be inherited.
If set to true, the global write permission will be requested.
If set to false, the global write permission will be revoked.
If set to Array<string | URL>, the write permission will be requested with the
specified file paths.
interface Deno.PermissionStatusEventMap
The interface which defines what event types are supported by
PermissionStatus instances.
Properties #
interface Deno.ReadPermissionDescriptor
The permission descriptor for the allow-read and deny-read permissions, which controls
access to reading resources from the local host. The option path allows
scoping the permission to a specific path (and if the path is a directory
any sub paths).
Permission granted under allow-read only allows runtime code to attempt
to read, the underlying operating system may apply additional permissions.
Properties #
interface Deno.RunPermissionDescriptor
The permission descriptor for the allow-run and deny-run permissions, which controls
access to what sub-processes can be executed by Deno. The option command
allows scoping the permission to a specific executable.
Warning, in practice, allow-run is effectively the same as allow-all
in the sense that malicious code could execute any arbitrary code on the
host.
Properties #
interface Deno.SysPermissionDescriptor
The permission descriptor for the allow-sys and deny-sys permissions, which controls
access to sensitive host system information, which malicious code might
attempt to exploit. The option kind allows scoping the permission to a
specific piece of information.
Properties #
interface Deno.WritePermissionDescriptor
The permission descriptor for the allow-write and deny-write permissions, which
controls access to writing to resources from the local host. The option
path allow scoping the permission to a specific path (and if the path is
a directory any sub paths).
Permission granted under allow-write only allows runtime code to attempt
to write, the underlying operating system may apply additional permissions.
Properties #
type alias Deno.PermissionDescriptor
Permission descriptors which define a permission and can be queried, requested, or revoked.
View the specifics of the individual descriptors for more information about each permission kind.
Definition #
type alias Deno.PermissionName
The name of a privileged feature which needs permission.
Definition #
"run"
| "read"
| "write"
| "net"
| "env"
| "sys"
| "ffi" type alias Deno.PermissionOptions
Options which define the permissions within a test or worker context.
"inherit" ensures that all permissions of the parent process will be
applied to the test context. "none" ensures the test context has no
permissions. A PermissionOptionsObject provides a more specific
set of permissions to the test context.
Definition #
type alias Deno.PermissionState
The current status of the permission:
"granted"- the permission has been granted."denied"- the permission has been explicitly denied."prompt"- the permission has not explicitly granted nor denied.
Definition #
"granted"
| "denied"
| "prompt" variable Deno.permissions
Deno's permission management API.
It is a singleton instance of the Permissions object and is
based on the web platform
Permissions API,
though some proposed parts of the API which are useful in a server side
runtime context were removed or abandoned in the web platform specification
which is why it was chosen to locate it in the Deno namespace
instead.
By default, if the stdin/stdout is TTY for the Deno CLI (meaning it can
send and receive text), then the CLI will prompt the user to grant
permission when an un-granted permission is requested. This behavior can
be changed by using the --no-prompt command at startup. When prompting
the CLI will request the narrowest permission possible, potentially making
it annoying to the user. The permissions APIs allow the code author to
request a wider set of permissions at one time in order to provide a better
user experience.
Requesting already granted permissions will not prompt the user and will return that the permission was granted.
Querying
const status = await Deno.permissions.query({ name: "read", path: "/etc" });
console.log(status.state);
const status = Deno.permissions.querySync({ name: "read", path: "/etc" });
console.log(status.state);
Revoking
import { assert } from "jsr:@std/assert";
const status = await Deno.permissions.revoke({ name: "run" });
assert(status.state !== "granted")
import { assert } from "jsr:@std/assert";
const status = Deno.permissions.revokeSync({ name: "run" });
assert(status.state !== "granted")
Requesting
const status = await Deno.permissions.request({ name: "env" });
if (status.state === "granted") {
console.log("'env' permission is granted.");
} else {
console.log("'env' permission is denied.");
}
const status = Deno.permissions.requestSync({ name: "env" });
if (status.state === "granted") {
console.log("'env' permission is granted.");
} else {
console.log("'env' permission is denied.");
}