Use Deno permissions in your own CLI

If I create a CLI with Deno, can I somehow reuse or pass on the permissions?
> mycli --allow-read
> mycli --allow-read
DAH
Deno AI Helper66d ago
Yes, you can design your Deno CLI to accept permission flags and pass them on to the Deno runtime when executing scripts. The documentation mentions that Deno's permission system allows you to grant access to specific entities (like files or servers) rather than to everything, and you can use command-line flags to enable these permissions. For example, if your CLI needs to read from the file system, you can pass the --allow-read flag when invoking your CLI, and then your CLI can pass this flag to the Deno runtime when it runs a Deno script. Here's a simplified example of how you might handle this in your CLI:
# User invokes your CLI with a permission flag
> mycli --allow-read
# User invokes your CLI with a permission flag
> mycli --allow-read
In your CLI's code, you would need to parse the command-line arguments and include the appropriate permission flags when using Deno.run to execute a Deno script:
// mycli.ts
const { args } = Deno;

// You would parse the args to find permission flags like --allow-read
// For simplicity, let's assume args includes '--allow-read'

const cmd = [
"deno",
"run",
...args, // Include the permission flags passed to your CLI
"your_script.ts",
];

const process = Deno.run({ cmd });
await process.status();
// mycli.ts
const { args } = Deno;

// You would parse the args to find permission flags like --allow-read
// For simplicity, let's assume args includes '--allow-read'

const cmd = [
"deno",
"run",
...args, // Include the permission flags passed to your CLI
"your_script.ts",
];

const process = Deno.run({ cmd });
await process.status();
Remember that when you pass permission flags from your CLI to Deno scripts, you are effectively allowing those scripts to perform the operations permitted by those flags. It's important to handle permissions carefully to maintain the security of your application. 🦕 Always ensure that your CLI only requests the minimum permissions necessary for its operation, following the principle of least privilege.