Trait WebPermissions

pub trait WebPermissions:
    Debug
    + Send
    + Sync {
    // Required methods
    fn allow_hrtime(&self) -> bool;
    fn check_url(
        &self,
        url: &Url,
        api_name: &str,
    ) -> Result<(), PermissionDenied>;
    fn check_open<'a>(
        &self,
        resolved: bool,
        read: bool,
        write: bool,
        path: &'a Path,
        api_name: &str,
    ) -> Option<Cow<'a, Path>>;
    fn check_read<'a>(
        &self,
        p: &'a Path,
        api_name: Option<&str>,
    ) -> Result<Cow<'a, Path>, PermissionDenied>;
    fn check_read_all(
        &self,
        api_name: Option<&str>,
    ) -> Result<(), PermissionDenied>;
    fn check_read_blind(
        &self,
        p: &Path,
        display: &str,
        api_name: &str,
    ) -> Result<(), PermissionDenied>;
    fn check_write<'a>(
        &self,
        p: &'a Path,
        api_name: Option<&str>,
    ) -> Result<Cow<'a, Path>, PermissionDenied>;
    fn check_write_all(&self, api_name: &str) -> Result<(), PermissionDenied>;
    fn check_write_blind(
        &self,
        p: &Path,
        display: &str,
        api_name: &str,
    ) -> Result<(), PermissionDenied>;
    fn check_write_partial(
        &self,
        path: &str,
        api_name: &str,
    ) -> Result<PathBuf, PermissionDenied>;
    fn check_host(
        &self,
        host: &str,
        port: Option<u16>,
        api_name: &str,
    ) -> Result<(), PermissionDenied>;
    fn check_sys(
        &self,
        kind: SystemsPermissionKind,
        api_name: &str,
    ) -> Result<(), PermissionDenied>;
    fn check_env(&self, var: &str) -> Result<(), PermissionDenied>;
    fn check_exec(&self) -> Result<(), PermissionDenied>;
}

Available on crate feature web only.

Trait managing the permissions for the web related extensions

See DefaultWebPermissions for a default implementation that allows-all

Required Methods

fn allow_hrtime(&self) -> bool

Check if hrtime is allowed

If true, timers will be allowed to use high resolution time

fn check_url(&self, url: &Url, api_name: &str) -> Result<(), PermissionDenied>

Check if a URL is allowed to be used by fetch or websocket

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_open<'a>( &self, resolved: bool, read: bool, write: bool, path: &'a Path, api_name: &str, ) -> Option<Cow<'a, Path>>

Check if a path is allowed to be opened by fs

If the path is allowed, the returned path will be used instead

fn check_read<'a>( &self, p: &'a Path, api_name: Option<&str>, ) -> Result<Cow<'a, Path>, PermissionDenied>

Check if a path is allowed to be read by fetch or net

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_read_all(&self, api_name: Option<&str>) -> Result<(), PermissionDenied>

Check if all paths are allowed to be read by fs

Used by deno_fs for op_fs_symlink

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_read_blind( &self, p: &Path, display: &str, api_name: &str, ) -> Result<(), PermissionDenied>

Check if a path is allowed to be read by fs

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_write<'a>( &self, p: &'a Path, api_name: Option<&str>, ) -> Result<Cow<'a, Path>, PermissionDenied>

Check if a path is allowed to be written to by net

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_write_all(&self, api_name: &str) -> Result<(), PermissionDenied>

Check if all paths are allowed to be written to by fs

Used by deno_fs for op_fs_symlink

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_write_blind( &self, p: &Path, display: &str, api_name: &str, ) -> Result<(), PermissionDenied>

Check if a path is allowed to be written to by fs

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_write_partial( &self, path: &str, api_name: &str, ) -> Result<PathBuf, PermissionDenied>

Check if a path is allowed to be written to by fs

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_host( &self, host: &str, port: Option<u16>, api_name: &str, ) -> Result<(), PermissionDenied>

Check if a host is allowed to be connected to by net

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_sys( &self, kind: SystemsPermissionKind, api_name: &str, ) -> Result<(), PermissionDenied>

Check if a system operation is allowed

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_env(&self, var: &str) -> Result<(), PermissionDenied>

Check if an environment variable is allowed to be accessed

Used by remote KV store (deno_kv)

Errors

If an error is returned, the operation will be denied with the error message as the reason

fn check_exec(&self) -> Result<(), PermissionDenied>

Check if FFI execution is allowed

Errors

If an error is returned, the operation will be denied with the error message as the reason

Implementors

impl WebPermissions for AllowlistWebPermissions

impl WebPermissions for DefaultWebPermissions