{ "$schema": "http://json-schema.org/draft-07/schema#", "title": "PermissionFile", "description": "Permission file that can define a default permission, a set of permissions or a list of inlined permissions.", "type": "object", "properties": { "default": { "description": "The default permission set for the plugin", "anyOf": [ { "$ref": "#/definitions/DefaultPermission" }, { "type": "null" } ] }, "set": { "description": "A list of permissions sets defined", "type": "array", "items": { "$ref": "#/definitions/PermissionSet" } }, "permission": { "description": "A list of inlined permissions", "default": [], "type": "array", "items": { "$ref": "#/definitions/Permission" } } }, "definitions": { "DefaultPermission": { "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.", "type": "object", "required": [ "permissions" ], "properties": { "version": { "description": "The version of the permission.", "type": [ "integer", "null" ], "format": "uint64", "minimum": 1.0 }, "description": { "description": "Human-readable description of what the permission does. Tauri convention is to use

headings in markdown content for Tauri documentation generation purposes.", "type": [ "string", "null" ] }, "permissions": { "description": "All permissions this set contains.", "type": "array", "items": { "type": "string" } } } }, "PermissionSet": { "description": "A set of direct permissions grouped together under a new name.", "type": "object", "required": [ "description", "identifier", "permissions" ], "properties": { "identifier": { "description": "A unique identifier for the permission.", "type": "string" }, "description": { "description": "Human-readable description of what the permission does.", "type": "string" }, "permissions": { "description": "All permissions this set contains.", "type": "array", "items": { "$ref": "#/definitions/PermissionKind" } } } }, "Permission": { "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.", "type": "object", "required": [ "identifier" ], "properties": { "version": { "description": "The version of the permission.", "type": [ "integer", "null" ], "format": "uint64", "minimum": 1.0 }, "identifier": { "description": "A unique identifier for the permission.", "type": "string" }, "description": { "description": "Human-readable description of what the permission does. Tauri internal convention is to use

headings in markdown content for Tauri documentation generation purposes.", "type": [ "string", "null" ] }, "commands": { "description": "Allowed or denied commands when using this permission.", "default": { "allow": [], "deny": [] }, "allOf": [ { "$ref": "#/definitions/Commands" } ] }, "scope": { "description": "Allowed or denied scoped when using this permission.", "allOf": [ { "$ref": "#/definitions/Scopes" } ] }, "platforms": { "description": "Target platforms this permission applies. By default all platforms are affected by this permission.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Target" } } } }, "Commands": { "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.", "type": "object", "properties": { "allow": { "description": "Allowed command.", "default": [], "type": "array", "items": { "type": "string" } }, "deny": { "description": "Denied command, which takes priority.", "default": [], "type": "array", "items": { "type": "string" } } } }, "Scopes": { "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```", "type": "object", "properties": { "allow": { "description": "Data that defines what is allowed by the scope.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Value" } }, "deny": { "description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Value" } } } }, "Value": { "description": "All supported ACL values.", "anyOf": [ { "description": "Represents a null JSON value.", "type": "null" }, { "description": "Represents a [`bool`].", "type": "boolean" }, { "description": "Represents a valid ACL [`Number`].", "allOf": [ { "$ref": "#/definitions/Number" } ] }, { "description": "Represents a [`String`].", "type": "string" }, { "description": "Represents a list of other [`Value`]s.", "type": "array", "items": { "$ref": "#/definitions/Value" } }, { "description": "Represents a map of [`String`] keys to [`Value`]s.", "type": "object", "additionalProperties": { "$ref": "#/definitions/Value" } } ] }, "Number": { "description": "A valid ACL number.", "anyOf": [ { "description": "Represents an [`i64`].", "type": "integer", "format": "int64" }, { "description": "Represents a [`f64`].", "type": "number", "format": "double" } ] }, "Target": { "description": "Platform target.", "oneOf": [ { "description": "MacOS.", "type": "string", "enum": [ "macOS" ] }, { "description": "Windows.", "type": "string", "enum": [ "windows" ] }, { "description": "Linux.", "type": "string", "enum": [ "linux" ] }, { "description": "Android.", "type": "string", "enum": [ "android" ] }, { "description": "iOS.", "type": "string", "enum": [ "iOS" ] } ] }, "PermissionKind": { "type": "string", "oneOf": [ { "description": "This allows full recursive read access to the complete application folders, files and subdirectories.", "type": "string", "const": "allow-app-read-recursive" }, { "description": "This allows full recursive write access to the complete application folders, files and subdirectories.", "type": "string", "const": "allow-app-write-recursive" }, { "description": "This allows non-recursive read access to the application folders.", "type": "string", "const": "allow-app-read" }, { "description": "This allows non-recursive write access to the application folders.", "type": "string", "const": "allow-app-write" }, { "description": "This allows full recursive read access to metadata of the application folders, including file listing and statistics.", "type": "string", "const": "allow-app-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the application folders, including file listing and statistics.", "type": "string", "const": "allow-app-meta" }, { "description": "This scope permits recursive access to the complete application folders, including sub directories and files.", "type": "string", "const": "scope-app-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the application folders.", "type": "string", "const": "scope-app" }, { "description": "This scope permits to list all files and folders in the application directories.", "type": "string", "const": "scope-app-index" }, { "description": "This allows full recursive read access to the complete `$APPCACHE` folder, files and subdirectories.", "type": "string", "const": "allow-appcache-read-recursive" }, { "description": "This allows full recursive write access to the complete `$APPCACHE` folder, files and subdirectories.", "type": "string", "const": "allow-appcache-write-recursive" }, { "description": "This allows non-recursive read access to the `$APPCACHE` folder.", "type": "string", "const": "allow-appcache-read" }, { "description": "This allows non-recursive write access to the `$APPCACHE` folder.", "type": "string", "const": "allow-appcache-write" }, { "description": "This allows full recursive read access to metadata of the `$APPCACHE` folder, including file listing and statistics.", "type": "string", "const": "allow-appcache-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$APPCACHE` folder, including file listing and statistics.", "type": "string", "const": "allow-appcache-meta" }, { "description": "This scope permits recursive access to the complete `$APPCACHE` folder, including sub directories and files.", "type": "string", "const": "scope-appcache-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$APPCACHE` folder.", "type": "string", "const": "scope-appcache" }, { "description": "This scope permits to list all files and folders in the `$APPCACHE`folder.", "type": "string", "const": "scope-appcache-index" }, { "description": "This allows full recursive read access to the complete `$APPCONFIG` folder, files and subdirectories.", "type": "string", "const": "allow-appconfig-read-recursive" }, { "description": "This allows full recursive write access to the complete `$APPCONFIG` folder, files and subdirectories.", "type": "string", "const": "allow-appconfig-write-recursive" }, { "description": "This allows non-recursive read access to the `$APPCONFIG` folder.", "type": "string", "const": "allow-appconfig-read" }, { "description": "This allows non-recursive write access to the `$APPCONFIG` folder.", "type": "string", "const": "allow-appconfig-write" }, { "description": "This allows full recursive read access to metadata of the `$APPCONFIG` folder, including file listing and statistics.", "type": "string", "const": "allow-appconfig-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$APPCONFIG` folder, including file listing and statistics.", "type": "string", "const": "allow-appconfig-meta" }, { "description": "This scope permits recursive access to the complete `$APPCONFIG` folder, including sub directories and files.", "type": "string", "const": "scope-appconfig-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$APPCONFIG` folder.", "type": "string", "const": "scope-appconfig" }, { "description": "This scope permits to list all files and folders in the `$APPCONFIG`folder.", "type": "string", "const": "scope-appconfig-index" }, { "description": "This allows full recursive read access to the complete `$APPDATA` folder, files and subdirectories.", "type": "string", "const": "allow-appdata-read-recursive" }, { "description": "This allows full recursive write access to the complete `$APPDATA` folder, files and subdirectories.", "type": "string", "const": "allow-appdata-write-recursive" }, { "description": "This allows non-recursive read access to the `$APPDATA` folder.", "type": "string", "const": "allow-appdata-read" }, { "description": "This allows non-recursive write access to the `$APPDATA` folder.", "type": "string", "const": "allow-appdata-write" }, { "description": "This allows full recursive read access to metadata of the `$APPDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-appdata-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$APPDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-appdata-meta" }, { "description": "This scope permits recursive access to the complete `$APPDATA` folder, including sub directories and files.", "type": "string", "const": "scope-appdata-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$APPDATA` folder.", "type": "string", "const": "scope-appdata" }, { "description": "This scope permits to list all files and folders in the `$APPDATA`folder.", "type": "string", "const": "scope-appdata-index" }, { "description": "This allows full recursive read access to the complete `$APPLOCALDATA` folder, files and subdirectories.", "type": "string", "const": "allow-applocaldata-read-recursive" }, { "description": "This allows full recursive write access to the complete `$APPLOCALDATA` folder, files and subdirectories.", "type": "string", "const": "allow-applocaldata-write-recursive" }, { "description": "This allows non-recursive read access to the `$APPLOCALDATA` folder.", "type": "string", "const": "allow-applocaldata-read" }, { "description": "This allows non-recursive write access to the `$APPLOCALDATA` folder.", "type": "string", "const": "allow-applocaldata-write" }, { "description": "This allows full recursive read access to metadata of the `$APPLOCALDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-applocaldata-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$APPLOCALDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-applocaldata-meta" }, { "description": "This scope permits recursive access to the complete `$APPLOCALDATA` folder, including sub directories and files.", "type": "string", "const": "scope-applocaldata-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$APPLOCALDATA` folder.", "type": "string", "const": "scope-applocaldata" }, { "description": "This scope permits to list all files and folders in the `$APPLOCALDATA`folder.", "type": "string", "const": "scope-applocaldata-index" }, { "description": "This allows full recursive read access to the complete `$APPLOG` folder, files and subdirectories.", "type": "string", "const": "allow-applog-read-recursive" }, { "description": "This allows full recursive write access to the complete `$APPLOG` folder, files and subdirectories.", "type": "string", "const": "allow-applog-write-recursive" }, { "description": "This allows non-recursive read access to the `$APPLOG` folder.", "type": "string", "const": "allow-applog-read" }, { "description": "This allows non-recursive write access to the `$APPLOG` folder.", "type": "string", "const": "allow-applog-write" }, { "description": "This allows full recursive read access to metadata of the `$APPLOG` folder, including file listing and statistics.", "type": "string", "const": "allow-applog-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$APPLOG` folder, including file listing and statistics.", "type": "string", "const": "allow-applog-meta" }, { "description": "This scope permits recursive access to the complete `$APPLOG` folder, including sub directories and files.", "type": "string", "const": "scope-applog-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$APPLOG` folder.", "type": "string", "const": "scope-applog" }, { "description": "This scope permits to list all files and folders in the `$APPLOG`folder.", "type": "string", "const": "scope-applog-index" }, { "description": "This allows full recursive read access to the complete `$AUDIO` folder, files and subdirectories.", "type": "string", "const": "allow-audio-read-recursive" }, { "description": "This allows full recursive write access to the complete `$AUDIO` folder, files and subdirectories.", "type": "string", "const": "allow-audio-write-recursive" }, { "description": "This allows non-recursive read access to the `$AUDIO` folder.", "type": "string", "const": "allow-audio-read" }, { "description": "This allows non-recursive write access to the `$AUDIO` folder.", "type": "string", "const": "allow-audio-write" }, { "description": "This allows full recursive read access to metadata of the `$AUDIO` folder, including file listing and statistics.", "type": "string", "const": "allow-audio-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$AUDIO` folder, including file listing and statistics.", "type": "string", "const": "allow-audio-meta" }, { "description": "This scope permits recursive access to the complete `$AUDIO` folder, including sub directories and files.", "type": "string", "const": "scope-audio-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$AUDIO` folder.", "type": "string", "const": "scope-audio" }, { "description": "This scope permits to list all files and folders in the `$AUDIO`folder.", "type": "string", "const": "scope-audio-index" }, { "description": "This allows full recursive read access to the complete `$CACHE` folder, files and subdirectories.", "type": "string", "const": "allow-cache-read-recursive" }, { "description": "This allows full recursive write access to the complete `$CACHE` folder, files and subdirectories.", "type": "string", "const": "allow-cache-write-recursive" }, { "description": "This allows non-recursive read access to the `$CACHE` folder.", "type": "string", "const": "allow-cache-read" }, { "description": "This allows non-recursive write access to the `$CACHE` folder.", "type": "string", "const": "allow-cache-write" }, { "description": "This allows full recursive read access to metadata of the `$CACHE` folder, including file listing and statistics.", "type": "string", "const": "allow-cache-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$CACHE` folder, including file listing and statistics.", "type": "string", "const": "allow-cache-meta" }, { "description": "This scope permits recursive access to the complete `$CACHE` folder, including sub directories and files.", "type": "string", "const": "scope-cache-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$CACHE` folder.", "type": "string", "const": "scope-cache" }, { "description": "This scope permits to list all files and folders in the `$CACHE`folder.", "type": "string", "const": "scope-cache-index" }, { "description": "This allows full recursive read access to the complete `$CONFIG` folder, files and subdirectories.", "type": "string", "const": "allow-config-read-recursive" }, { "description": "This allows full recursive write access to the complete `$CONFIG` folder, files and subdirectories.", "type": "string", "const": "allow-config-write-recursive" }, { "description": "This allows non-recursive read access to the `$CONFIG` folder.", "type": "string", "const": "allow-config-read" }, { "description": "This allows non-recursive write access to the `$CONFIG` folder.", "type": "string", "const": "allow-config-write" }, { "description": "This allows full recursive read access to metadata of the `$CONFIG` folder, including file listing and statistics.", "type": "string", "const": "allow-config-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$CONFIG` folder, including file listing and statistics.", "type": "string", "const": "allow-config-meta" }, { "description": "This scope permits recursive access to the complete `$CONFIG` folder, including sub directories and files.", "type": "string", "const": "scope-config-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$CONFIG` folder.", "type": "string", "const": "scope-config" }, { "description": "This scope permits to list all files and folders in the `$CONFIG`folder.", "type": "string", "const": "scope-config-index" }, { "description": "This allows full recursive read access to the complete `$DATA` folder, files and subdirectories.", "type": "string", "const": "allow-data-read-recursive" }, { "description": "This allows full recursive write access to the complete `$DATA` folder, files and subdirectories.", "type": "string", "const": "allow-data-write-recursive" }, { "description": "This allows non-recursive read access to the `$DATA` folder.", "type": "string", "const": "allow-data-read" }, { "description": "This allows non-recursive write access to the `$DATA` folder.", "type": "string", "const": "allow-data-write" }, { "description": "This allows full recursive read access to metadata of the `$DATA` folder, including file listing and statistics.", "type": "string", "const": "allow-data-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$DATA` folder, including file listing and statistics.", "type": "string", "const": "allow-data-meta" }, { "description": "This scope permits recursive access to the complete `$DATA` folder, including sub directories and files.", "type": "string", "const": "scope-data-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$DATA` folder.", "type": "string", "const": "scope-data" }, { "description": "This scope permits to list all files and folders in the `$DATA`folder.", "type": "string", "const": "scope-data-index" }, { "description": "This allows full recursive read access to the complete `$DESKTOP` folder, files and subdirectories.", "type": "string", "const": "allow-desktop-read-recursive" }, { "description": "This allows full recursive write access to the complete `$DESKTOP` folder, files and subdirectories.", "type": "string", "const": "allow-desktop-write-recursive" }, { "description": "This allows non-recursive read access to the `$DESKTOP` folder.", "type": "string", "const": "allow-desktop-read" }, { "description": "This allows non-recursive write access to the `$DESKTOP` folder.", "type": "string", "const": "allow-desktop-write" }, { "description": "This allows full recursive read access to metadata of the `$DESKTOP` folder, including file listing and statistics.", "type": "string", "const": "allow-desktop-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$DESKTOP` folder, including file listing and statistics.", "type": "string", "const": "allow-desktop-meta" }, { "description": "This scope permits recursive access to the complete `$DESKTOP` folder, including sub directories and files.", "type": "string", "const": "scope-desktop-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$DESKTOP` folder.", "type": "string", "const": "scope-desktop" }, { "description": "This scope permits to list all files and folders in the `$DESKTOP`folder.", "type": "string", "const": "scope-desktop-index" }, { "description": "This allows full recursive read access to the complete `$DOCUMENT` folder, files and subdirectories.", "type": "string", "const": "allow-document-read-recursive" }, { "description": "This allows full recursive write access to the complete `$DOCUMENT` folder, files and subdirectories.", "type": "string", "const": "allow-document-write-recursive" }, { "description": "This allows non-recursive read access to the `$DOCUMENT` folder.", "type": "string", "const": "allow-document-read" }, { "description": "This allows non-recursive write access to the `$DOCUMENT` folder.", "type": "string", "const": "allow-document-write" }, { "description": "This allows full recursive read access to metadata of the `$DOCUMENT` folder, including file listing and statistics.", "type": "string", "const": "allow-document-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$DOCUMENT` folder, including file listing and statistics.", "type": "string", "const": "allow-document-meta" }, { "description": "This scope permits recursive access to the complete `$DOCUMENT` folder, including sub directories and files.", "type": "string", "const": "scope-document-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$DOCUMENT` folder.", "type": "string", "const": "scope-document" }, { "description": "This scope permits to list all files and folders in the `$DOCUMENT`folder.", "type": "string", "const": "scope-document-index" }, { "description": "This allows full recursive read access to the complete `$DOWNLOAD` folder, files and subdirectories.", "type": "string", "const": "allow-download-read-recursive" }, { "description": "This allows full recursive write access to the complete `$DOWNLOAD` folder, files and subdirectories.", "type": "string", "const": "allow-download-write-recursive" }, { "description": "This allows non-recursive read access to the `$DOWNLOAD` folder.", "type": "string", "const": "allow-download-read" }, { "description": "This allows non-recursive write access to the `$DOWNLOAD` folder.", "type": "string", "const": "allow-download-write" }, { "description": "This allows full recursive read access to metadata of the `$DOWNLOAD` folder, including file listing and statistics.", "type": "string", "const": "allow-download-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$DOWNLOAD` folder, including file listing and statistics.", "type": "string", "const": "allow-download-meta" }, { "description": "This scope permits recursive access to the complete `$DOWNLOAD` folder, including sub directories and files.", "type": "string", "const": "scope-download-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$DOWNLOAD` folder.", "type": "string", "const": "scope-download" }, { "description": "This scope permits to list all files and folders in the `$DOWNLOAD`folder.", "type": "string", "const": "scope-download-index" }, { "description": "This allows full recursive read access to the complete `$EXE` folder, files and subdirectories.", "type": "string", "const": "allow-exe-read-recursive" }, { "description": "This allows full recursive write access to the complete `$EXE` folder, files and subdirectories.", "type": "string", "const": "allow-exe-write-recursive" }, { "description": "This allows non-recursive read access to the `$EXE` folder.", "type": "string", "const": "allow-exe-read" }, { "description": "This allows non-recursive write access to the `$EXE` folder.", "type": "string", "const": "allow-exe-write" }, { "description": "This allows full recursive read access to metadata of the `$EXE` folder, including file listing and statistics.", "type": "string", "const": "allow-exe-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$EXE` folder, including file listing and statistics.", "type": "string", "const": "allow-exe-meta" }, { "description": "This scope permits recursive access to the complete `$EXE` folder, including sub directories and files.", "type": "string", "const": "scope-exe-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$EXE` folder.", "type": "string", "const": "scope-exe" }, { "description": "This scope permits to list all files and folders in the `$EXE`folder.", "type": "string", "const": "scope-exe-index" }, { "description": "This allows full recursive read access to the complete `$FONT` folder, files and subdirectories.", "type": "string", "const": "allow-font-read-recursive" }, { "description": "This allows full recursive write access to the complete `$FONT` folder, files and subdirectories.", "type": "string", "const": "allow-font-write-recursive" }, { "description": "This allows non-recursive read access to the `$FONT` folder.", "type": "string", "const": "allow-font-read" }, { "description": "This allows non-recursive write access to the `$FONT` folder.", "type": "string", "const": "allow-font-write" }, { "description": "This allows full recursive read access to metadata of the `$FONT` folder, including file listing and statistics.", "type": "string", "const": "allow-font-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$FONT` folder, including file listing and statistics.", "type": "string", "const": "allow-font-meta" }, { "description": "This scope permits recursive access to the complete `$FONT` folder, including sub directories and files.", "type": "string", "const": "scope-font-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$FONT` folder.", "type": "string", "const": "scope-font" }, { "description": "This scope permits to list all files and folders in the `$FONT`folder.", "type": "string", "const": "scope-font-index" }, { "description": "This allows full recursive read access to the complete `$HOME` folder, files and subdirectories.", "type": "string", "const": "allow-home-read-recursive" }, { "description": "This allows full recursive write access to the complete `$HOME` folder, files and subdirectories.", "type": "string", "const": "allow-home-write-recursive" }, { "description": "This allows non-recursive read access to the `$HOME` folder.", "type": "string", "const": "allow-home-read" }, { "description": "This allows non-recursive write access to the `$HOME` folder.", "type": "string", "const": "allow-home-write" }, { "description": "This allows full recursive read access to metadata of the `$HOME` folder, including file listing and statistics.", "type": "string", "const": "allow-home-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$HOME` folder, including file listing and statistics.", "type": "string", "const": "allow-home-meta" }, { "description": "This scope permits recursive access to the complete `$HOME` folder, including sub directories and files.", "type": "string", "const": "scope-home-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$HOME` folder.", "type": "string", "const": "scope-home" }, { "description": "This scope permits to list all files and folders in the `$HOME`folder.", "type": "string", "const": "scope-home-index" }, { "description": "This allows full recursive read access to the complete `$LOCALDATA` folder, files and subdirectories.", "type": "string", "const": "allow-localdata-read-recursive" }, { "description": "This allows full recursive write access to the complete `$LOCALDATA` folder, files and subdirectories.", "type": "string", "const": "allow-localdata-write-recursive" }, { "description": "This allows non-recursive read access to the `$LOCALDATA` folder.", "type": "string", "const": "allow-localdata-read" }, { "description": "This allows non-recursive write access to the `$LOCALDATA` folder.", "type": "string", "const": "allow-localdata-write" }, { "description": "This allows full recursive read access to metadata of the `$LOCALDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-localdata-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$LOCALDATA` folder, including file listing and statistics.", "type": "string", "const": "allow-localdata-meta" }, { "description": "This scope permits recursive access to the complete `$LOCALDATA` folder, including sub directories and files.", "type": "string", "const": "scope-localdata-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$LOCALDATA` folder.", "type": "string", "const": "scope-localdata" }, { "description": "This scope permits to list all files and folders in the `$LOCALDATA`folder.", "type": "string", "const": "scope-localdata-index" }, { "description": "This allows full recursive read access to the complete `$LOG` folder, files and subdirectories.", "type": "string", "const": "allow-log-read-recursive" }, { "description": "This allows full recursive write access to the complete `$LOG` folder, files and subdirectories.", "type": "string", "const": "allow-log-write-recursive" }, { "description": "This allows non-recursive read access to the `$LOG` folder.", "type": "string", "const": "allow-log-read" }, { "description": "This allows non-recursive write access to the `$LOG` folder.", "type": "string", "const": "allow-log-write" }, { "description": "This allows full recursive read access to metadata of the `$LOG` folder, including file listing and statistics.", "type": "string", "const": "allow-log-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$LOG` folder, including file listing and statistics.", "type": "string", "const": "allow-log-meta" }, { "description": "This scope permits recursive access to the complete `$LOG` folder, including sub directories and files.", "type": "string", "const": "scope-log-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$LOG` folder.", "type": "string", "const": "scope-log" }, { "description": "This scope permits to list all files and folders in the `$LOG`folder.", "type": "string", "const": "scope-log-index" }, { "description": "This allows full recursive read access to the complete `$PICTURE` folder, files and subdirectories.", "type": "string", "const": "allow-picture-read-recursive" }, { "description": "This allows full recursive write access to the complete `$PICTURE` folder, files and subdirectories.", "type": "string", "const": "allow-picture-write-recursive" }, { "description": "This allows non-recursive read access to the `$PICTURE` folder.", "type": "string", "const": "allow-picture-read" }, { "description": "This allows non-recursive write access to the `$PICTURE` folder.", "type": "string", "const": "allow-picture-write" }, { "description": "This allows full recursive read access to metadata of the `$PICTURE` folder, including file listing and statistics.", "type": "string", "const": "allow-picture-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$PICTURE` folder, including file listing and statistics.", "type": "string", "const": "allow-picture-meta" }, { "description": "This scope permits recursive access to the complete `$PICTURE` folder, including sub directories and files.", "type": "string", "const": "scope-picture-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$PICTURE` folder.", "type": "string", "const": "scope-picture" }, { "description": "This scope permits to list all files and folders in the `$PICTURE`folder.", "type": "string", "const": "scope-picture-index" }, { "description": "This allows full recursive read access to the complete `$PUBLIC` folder, files and subdirectories.", "type": "string", "const": "allow-public-read-recursive" }, { "description": "This allows full recursive write access to the complete `$PUBLIC` folder, files and subdirectories.", "type": "string", "const": "allow-public-write-recursive" }, { "description": "This allows non-recursive read access to the `$PUBLIC` folder.", "type": "string", "const": "allow-public-read" }, { "description": "This allows non-recursive write access to the `$PUBLIC` folder.", "type": "string", "const": "allow-public-write" }, { "description": "This allows full recursive read access to metadata of the `$PUBLIC` folder, including file listing and statistics.", "type": "string", "const": "allow-public-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$PUBLIC` folder, including file listing and statistics.", "type": "string", "const": "allow-public-meta" }, { "description": "This scope permits recursive access to the complete `$PUBLIC` folder, including sub directories and files.", "type": "string", "const": "scope-public-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$PUBLIC` folder.", "type": "string", "const": "scope-public" }, { "description": "This scope permits to list all files and folders in the `$PUBLIC`folder.", "type": "string", "const": "scope-public-index" }, { "description": "This allows full recursive read access to the complete `$RESOURCE` folder, files and subdirectories.", "type": "string", "const": "allow-resource-read-recursive" }, { "description": "This allows full recursive write access to the complete `$RESOURCE` folder, files and subdirectories.", "type": "string", "const": "allow-resource-write-recursive" }, { "description": "This allows non-recursive read access to the `$RESOURCE` folder.", "type": "string", "const": "allow-resource-read" }, { "description": "This allows non-recursive write access to the `$RESOURCE` folder.", "type": "string", "const": "allow-resource-write" }, { "description": "This allows full recursive read access to metadata of the `$RESOURCE` folder, including file listing and statistics.", "type": "string", "const": "allow-resource-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$RESOURCE` folder, including file listing and statistics.", "type": "string", "const": "allow-resource-meta" }, { "description": "This scope permits recursive access to the complete `$RESOURCE` folder, including sub directories and files.", "type": "string", "const": "scope-resource-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$RESOURCE` folder.", "type": "string", "const": "scope-resource" }, { "description": "This scope permits to list all files and folders in the `$RESOURCE`folder.", "type": "string", "const": "scope-resource-index" }, { "description": "This allows full recursive read access to the complete `$RUNTIME` folder, files and subdirectories.", "type": "string", "const": "allow-runtime-read-recursive" }, { "description": "This allows full recursive write access to the complete `$RUNTIME` folder, files and subdirectories.", "type": "string", "const": "allow-runtime-write-recursive" }, { "description": "This allows non-recursive read access to the `$RUNTIME` folder.", "type": "string", "const": "allow-runtime-read" }, { "description": "This allows non-recursive write access to the `$RUNTIME` folder.", "type": "string", "const": "allow-runtime-write" }, { "description": "This allows full recursive read access to metadata of the `$RUNTIME` folder, including file listing and statistics.", "type": "string", "const": "allow-runtime-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$RUNTIME` folder, including file listing and statistics.", "type": "string", "const": "allow-runtime-meta" }, { "description": "This scope permits recursive access to the complete `$RUNTIME` folder, including sub directories and files.", "type": "string", "const": "scope-runtime-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$RUNTIME` folder.", "type": "string", "const": "scope-runtime" }, { "description": "This scope permits to list all files and folders in the `$RUNTIME`folder.", "type": "string", "const": "scope-runtime-index" }, { "description": "This allows full recursive read access to the complete `$TEMP` folder, files and subdirectories.", "type": "string", "const": "allow-temp-read-recursive" }, { "description": "This allows full recursive write access to the complete `$TEMP` folder, files and subdirectories.", "type": "string", "const": "allow-temp-write-recursive" }, { "description": "This allows non-recursive read access to the `$TEMP` folder.", "type": "string", "const": "allow-temp-read" }, { "description": "This allows non-recursive write access to the `$TEMP` folder.", "type": "string", "const": "allow-temp-write" }, { "description": "This allows full recursive read access to metadata of the `$TEMP` folder, including file listing and statistics.", "type": "string", "const": "allow-temp-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$TEMP` folder, including file listing and statistics.", "type": "string", "const": "allow-temp-meta" }, { "description": "This scope permits recursive access to the complete `$TEMP` folder, including sub directories and files.", "type": "string", "const": "scope-temp-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$TEMP` folder.", "type": "string", "const": "scope-temp" }, { "description": "This scope permits to list all files and folders in the `$TEMP`folder.", "type": "string", "const": "scope-temp-index" }, { "description": "This allows full recursive read access to the complete `$TEMPLATE` folder, files and subdirectories.", "type": "string", "const": "allow-template-read-recursive" }, { "description": "This allows full recursive write access to the complete `$TEMPLATE` folder, files and subdirectories.", "type": "string", "const": "allow-template-write-recursive" }, { "description": "This allows non-recursive read access to the `$TEMPLATE` folder.", "type": "string", "const": "allow-template-read" }, { "description": "This allows non-recursive write access to the `$TEMPLATE` folder.", "type": "string", "const": "allow-template-write" }, { "description": "This allows full recursive read access to metadata of the `$TEMPLATE` folder, including file listing and statistics.", "type": "string", "const": "allow-template-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$TEMPLATE` folder, including file listing and statistics.", "type": "string", "const": "allow-template-meta" }, { "description": "This scope permits recursive access to the complete `$TEMPLATE` folder, including sub directories and files.", "type": "string", "const": "scope-template-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$TEMPLATE` folder.", "type": "string", "const": "scope-template" }, { "description": "This scope permits to list all files and folders in the `$TEMPLATE`folder.", "type": "string", "const": "scope-template-index" }, { "description": "This allows full recursive read access to the complete `$VIDEO` folder, files and subdirectories.", "type": "string", "const": "allow-video-read-recursive" }, { "description": "This allows full recursive write access to the complete `$VIDEO` folder, files and subdirectories.", "type": "string", "const": "allow-video-write-recursive" }, { "description": "This allows non-recursive read access to the `$VIDEO` folder.", "type": "string", "const": "allow-video-read" }, { "description": "This allows non-recursive write access to the `$VIDEO` folder.", "type": "string", "const": "allow-video-write" }, { "description": "This allows full recursive read access to metadata of the `$VIDEO` folder, including file listing and statistics.", "type": "string", "const": "allow-video-meta-recursive" }, { "description": "This allows non-recursive read access to metadata of the `$VIDEO` folder, including file listing and statistics.", "type": "string", "const": "allow-video-meta" }, { "description": "This scope permits recursive access to the complete `$VIDEO` folder, including sub directories and files.", "type": "string", "const": "scope-video-recursive" }, { "description": "This scope permits access to all files and list content of top level directories in the `$VIDEO` folder.", "type": "string", "const": "scope-video" }, { "description": "This scope permits to list all files and folders in the `$VIDEO`folder.", "type": "string", "const": "scope-video-index" }, { "description": "Enables the copy_file command without any pre-configured scope.", "type": "string", "const": "allow-copy-file" }, { "description": "Denies the copy_file command without any pre-configured scope.", "type": "string", "const": "deny-copy-file" }, { "description": "Enables the create command without any pre-configured scope.", "type": "string", "const": "allow-create" }, { "description": "Denies the create command without any pre-configured scope.", "type": "string", "const": "deny-create" }, { "description": "Enables the exists command without any pre-configured scope.", "type": "string", "const": "allow-exists" }, { "description": "Denies the exists command without any pre-configured scope.", "type": "string", "const": "deny-exists" }, { "description": "Enables the fstat command without any pre-configured scope.", "type": "string", "const": "allow-fstat" }, { "description": "Denies the fstat command without any pre-configured scope.", "type": "string", "const": "deny-fstat" }, { "description": "Enables the ftruncate command without any pre-configured scope.", "type": "string", "const": "allow-ftruncate" }, { "description": "Denies the ftruncate command without any pre-configured scope.", "type": "string", "const": "deny-ftruncate" }, { "description": "Enables the lstat command without any pre-configured scope.", "type": "string", "const": "allow-lstat" }, { "description": "Denies the lstat command without any pre-configured scope.", "type": "string", "const": "deny-lstat" }, { "description": "Enables the mkdir command without any pre-configured scope.", "type": "string", "const": "allow-mkdir" }, { "description": "Denies the mkdir command without any pre-configured scope.", "type": "string", "const": "deny-mkdir" }, { "description": "Enables the open command without any pre-configured scope.", "type": "string", "const": "allow-open" }, { "description": "Denies the open command without any pre-configured scope.", "type": "string", "const": "deny-open" }, { "description": "Enables the read command without any pre-configured scope.", "type": "string", "const": "allow-read" }, { "description": "Denies the read command without any pre-configured scope.", "type": "string", "const": "deny-read" }, { "description": "Enables the read_dir command without any pre-configured scope.", "type": "string", "const": "allow-read-dir" }, { "description": "Denies the read_dir command without any pre-configured scope.", "type": "string", "const": "deny-read-dir" }, { "description": "Enables the read_file command without any pre-configured scope.", "type": "string", "const": "allow-read-file" }, { "description": "Denies the read_file command without any pre-configured scope.", "type": "string", "const": "deny-read-file" }, { "description": "Enables the read_text_file command without any pre-configured scope.", "type": "string", "const": "allow-read-text-file" }, { "description": "Denies the read_text_file command without any pre-configured scope.", "type": "string", "const": "deny-read-text-file" }, { "description": "Enables the read_text_file_lines command without any pre-configured scope.", "type": "string", "const": "allow-read-text-file-lines" }, { "description": "Denies the read_text_file_lines command without any pre-configured scope.", "type": "string", "const": "deny-read-text-file-lines" }, { "description": "Enables the read_text_file_lines_next command without any pre-configured scope.", "type": "string", "const": "allow-read-text-file-lines-next" }, { "description": "Denies the read_text_file_lines_next command without any pre-configured scope.", "type": "string", "const": "deny-read-text-file-lines-next" }, { "description": "Enables the remove command without any pre-configured scope.", "type": "string", "const": "allow-remove" }, { "description": "Denies the remove command without any pre-configured scope.", "type": "string", "const": "deny-remove" }, { "description": "Enables the rename command without any pre-configured scope.", "type": "string", "const": "allow-rename" }, { "description": "Denies the rename command without any pre-configured scope.", "type": "string", "const": "deny-rename" }, { "description": "Enables the seek command without any pre-configured scope.", "type": "string", "const": "allow-seek" }, { "description": "Denies the seek command without any pre-configured scope.", "type": "string", "const": "deny-seek" }, { "description": "Enables the stat command without any pre-configured scope.", "type": "string", "const": "allow-stat" }, { "description": "Denies the stat command without any pre-configured scope.", "type": "string", "const": "deny-stat" }, { "description": "Enables the truncate command without any pre-configured scope.", "type": "string", "const": "allow-truncate" }, { "description": "Denies the truncate command without any pre-configured scope.", "type": "string", "const": "deny-truncate" }, { "description": "Enables the unwatch command without any pre-configured scope.", "type": "string", "const": "allow-unwatch" }, { "description": "Denies the unwatch command without any pre-configured scope.", "type": "string", "const": "deny-unwatch" }, { "description": "Enables the watch command without any pre-configured scope.", "type": "string", "const": "allow-watch" }, { "description": "Denies the watch command without any pre-configured scope.", "type": "string", "const": "deny-watch" }, { "description": "Enables the write command without any pre-configured scope.", "type": "string", "const": "allow-write" }, { "description": "Denies the write command without any pre-configured scope.", "type": "string", "const": "deny-write" }, { "description": "Enables the write_file command without any pre-configured scope.", "type": "string", "const": "allow-write-file" }, { "description": "Denies the write_file command without any pre-configured scope.", "type": "string", "const": "deny-write-file" }, { "description": "Enables the write_text_file command without any pre-configured scope.", "type": "string", "const": "allow-write-text-file" }, { "description": "Denies the write_text_file command without any pre-configured scope.", "type": "string", "const": "deny-write-text-file" }, { "description": "This permissions allows to create the application specific directories.\n", "type": "string", "const": "create-app-specific-dirs" }, { "description": "This set of permissions describes the what kind of\nfile system access the `fs` plugin has enabled or denied by default.\n\n#### Granted Permissions\n\nThis default permission set enables read access to the\napplication specific directories (AppConfig, AppData, AppLocalData, AppCache,\nAppLog) and all files and sub directories created in it.\nThe location of these directories depends on the operating system,\nwhere the application is run.\n\nIn general these directories need to be manually created\nby the application at runtime, before accessing files or folders\nin it is possible.\n\nTherefore, it is also allowed to create all of these folders via\nthe `mkdir` command.\n\n#### Denied Permissions\n\nThis default permission set prevents access to critical components\nof the Tauri application by default.\nOn Windows the webview data folder access is denied.\n\n", "type": "string", "const": "default" }, { "description": "This denies access to dangerous Tauri relevant files and folders by default.", "type": "string", "const": "deny-default" }, { "description": "This denies read access to the\n`$APPLOCALDATA` folder on linux as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered.", "type": "string", "const": "deny-webview-data-linux" }, { "description": "This denies read access to the\n`$APPLOCALDATA/EBWebView` folder on windows as the webview data and configuration values are stored here.\nAllowing access can lead to sensitive information disclosure and should be well considered.", "type": "string", "const": "deny-webview-data-windows" }, { "description": "This enables all read related commands without any pre-configured accessible paths.", "type": "string", "const": "read-all" }, { "description": "This permission allows recursive read functionality on the application\nspecific base directories. \n", "type": "string", "const": "read-app-specific-dirs-recursive" }, { "description": "This enables directory read and file metadata related commands without any pre-configured accessible paths.", "type": "string", "const": "read-dirs" }, { "description": "This enables file read related commands without any pre-configured accessible paths.", "type": "string", "const": "read-files" }, { "description": "This enables all index or metadata related commands without any pre-configured accessible paths.", "type": "string", "const": "read-meta" }, { "description": "An empty permission you can use to modify the global scope.", "type": "string", "const": "scope" }, { "description": "This enables all write related commands without any pre-configured accessible paths.", "type": "string", "const": "write-all" }, { "description": "This enables all file write related commands without any pre-configured accessible paths.", "type": "string", "const": "write-files" } ] } } }