Permissions
Permissions are descriptions of explicit privileges of commands.
It can enable commands to be accessible in the frontend of a Tauri application. It can map scopes to commands and defines which commands are enabled. Permissions can enable or deny certain commands, define scopes or combine both.
Permissions can be grouped as a set under a new identifier. This is called a permission set. This allows you to combine scope related permissions with command related permissions. It also allows to group or bundle operating specific permissions into more usable sets.
As a plugin developer you can ship multiple, pre-defined, well named permissions for all of your exposed commands.
As an application developer you can extend existing plugin permissions or define them for your own commands. They can be grouped or extended in a set to be re-used or to simplify the main configuration files later.
Permission Identifier
The permissions identifier is used to ensure that permissions can be re-used and have unique names.
<name>:default
Indicates the permission is the default for a plugin or application<name>:<command-name>
Indicates the permission is for an individual command
The plugin prefix tauri-plugin-
will be automatically prepended to the identifier of plugins
at compile time and is not required to be manually specified.
Identifiers are limited to ASCII lower case alphabetic characters [a-z]
and the maximum length
of the identifier is currently limited to 116
due to the following constants:
Configuration Files
Simplified example of an example Tauri plugin directory structure:
The default permission is handled in a special way, as it is automatically added to the application configuration, as long as the Tauri CLI is used to add plugins to a Tauri application.
For application developers the structure is similar:
Examples
Example permissions from the File System
plugin.
Example implementation extending above plugin permissions in your app:
© 2024 Tauri Contributors. CC-BY / MIT