{ "$schema": "http://json-schema.org/draft-07/schema#", "title": "PermissionFile", "description": "Permission file that can define a default permission, a set of permissions or a list of inlined permissions.", "type": "object", "properties": { "default": { "description": "The default permission set for the plugin", "anyOf": [ { "$ref": "#/definitions/DefaultPermission" }, { "type": "null" } ] }, "set": { "description": "A list of permissions sets defined", "type": "array", "items": { "$ref": "#/definitions/PermissionSet" } }, "permission": { "description": "A list of inlined permissions", "default": [], "type": "array", "items": { "$ref": "#/definitions/Permission" } } }, "definitions": { "DefaultPermission": { "description": "The default permission set of the plugin.\n\nWorks similarly to a permission with the \"default\" identifier.", "type": "object", "required": [ "permissions" ], "properties": { "version": { "description": "The version of the permission.", "type": [ "integer", "null" ], "format": "uint64", "minimum": 1.0 }, "description": { "description": "Human-readable description of what the permission does. Tauri convention is to use

headings in markdown content for Tauri documentation generation purposes.", "type": [ "string", "null" ] }, "permissions": { "description": "All permissions this set contains.", "type": "array", "items": { "type": "string" } } } }, "PermissionSet": { "description": "A set of direct permissions grouped together under a new name.", "type": "object", "required": [ "description", "identifier", "permissions" ], "properties": { "identifier": { "description": "A unique identifier for the permission.", "type": "string" }, "description": { "description": "Human-readable description of what the permission does.", "type": "string" }, "permissions": { "description": "All permissions this set contains.", "type": "array", "items": { "$ref": "#/definitions/PermissionKind" } } } }, "Permission": { "description": "Descriptions of explicit privileges of commands.\n\nIt can enable commands to be accessible in the frontend of the application.\n\nIf the scope is defined it can be used to fine grain control the access of individual or multiple commands.", "type": "object", "required": [ "identifier" ], "properties": { "version": { "description": "The version of the permission.", "type": [ "integer", "null" ], "format": "uint64", "minimum": 1.0 }, "identifier": { "description": "A unique identifier for the permission.", "type": "string" }, "description": { "description": "Human-readable description of what the permission does. Tauri internal convention is to use

headings in markdown content for Tauri documentation generation purposes.", "type": [ "string", "null" ] }, "commands": { "description": "Allowed or denied commands when using this permission.", "default": { "allow": [], "deny": [] }, "allOf": [ { "$ref": "#/definitions/Commands" } ] }, "scope": { "description": "Allowed or denied scoped when using this permission.", "allOf": [ { "$ref": "#/definitions/Scopes" } ] }, "platforms": { "description": "Target platforms this permission applies. By default all platforms are affected by this permission.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Target" } } } }, "Commands": { "description": "Allowed and denied commands inside a permission.\n\nIf two commands clash inside of `allow` and `deny`, it should be denied by default.", "type": "object", "properties": { "allow": { "description": "Allowed command.", "default": [], "type": "array", "items": { "type": "string" } }, "deny": { "description": "Denied command, which takes priority.", "default": [], "type": "array", "items": { "type": "string" } } } }, "Scopes": { "description": "An argument for fine grained behavior control of Tauri commands.\n\nIt can be of any serde serializable type and is used to allow or prevent certain actions inside a Tauri command. The configured scope is passed to the command and will be enforced by the command implementation.\n\n## Example\n\n```json { \"allow\": [{ \"path\": \"$HOME/**\" }], \"deny\": [{ \"path\": \"$HOME/secret.txt\" }] } ```", "type": "object", "properties": { "allow": { "description": "Data that defines what is allowed by the scope.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Value" } }, "deny": { "description": "Data that defines what is denied by the scope. This should be prioritized by validation logic.", "type": [ "array", "null" ], "items": { "$ref": "#/definitions/Value" } } } }, "Value": { "description": "All supported ACL values.", "anyOf": [ { "description": "Represents a null JSON value.", "type": "null" }, { "description": "Represents a [`bool`].", "type": "boolean" }, { "description": "Represents a valid ACL [`Number`].", "allOf": [ { "$ref": "#/definitions/Number" } ] }, { "description": "Represents a [`String`].", "type": "string" }, { "description": "Represents a list of other [`Value`]s.", "type": "array", "items": { "$ref": "#/definitions/Value" } }, { "description": "Represents a map of [`String`] keys to [`Value`]s.", "type": "object", "additionalProperties": { "$ref": "#/definitions/Value" } } ] }, "Number": { "description": "A valid ACL number.", "anyOf": [ { "description": "Represents an [`i64`].", "type": "integer", "format": "int64" }, { "description": "Represents a [`f64`].", "type": "number", "format": "double" } ] }, "Target": { "description": "Platform target.", "oneOf": [ { "description": "MacOS.", "type": "string", "enum": [ "macOS" ] }, { "description": "Windows.", "type": "string", "enum": [ "windows" ] }, { "description": "Linux.", "type": "string", "enum": [ "linux" ] }, { "description": "Android.", "type": "string", "enum": [ "android" ] }, { "description": "iOS.", "type": "string", "enum": [ "iOS" ] } ] }, "PermissionKind": { "type": "string", "oneOf": [ { "description": "Enables the available_ports command without any pre-configured scope.", "type": "string", "const": "allow-available-ports" }, { "description": "Denies the available_ports command without any pre-configured scope.", "type": "string", "const": "deny-available-ports" }, { "description": "Enables the available_ports_direct command without any pre-configured scope.", "type": "string", "const": "allow-available-ports-direct" }, { "description": "Denies the available_ports_direct command without any pre-configured scope.", "type": "string", "const": "deny-available-ports-direct" }, { "description": "Enables the bytes_to_read command without any pre-configured scope.", "type": "string", "const": "allow-bytes-to-read" }, { "description": "Denies the bytes_to_read command without any pre-configured scope.", "type": "string", "const": "deny-bytes-to-read" }, { "description": "Enables the bytes_to_write command without any pre-configured scope.", "type": "string", "const": "allow-bytes-to-write" }, { "description": "Denies the bytes_to_write command without any pre-configured scope.", "type": "string", "const": "deny-bytes-to-write" }, { "description": "Enables the cancel_read command without any pre-configured scope.", "type": "string", "const": "allow-cancel-read" }, { "description": "Denies the cancel_read command without any pre-configured scope.", "type": "string", "const": "deny-cancel-read" }, { "description": "Enables the clear_break command without any pre-configured scope.", "type": "string", "const": "allow-clear-break" }, { "description": "Denies the clear_break command without any pre-configured scope.", "type": "string", "const": "deny-clear-break" }, { "description": "Enables the clear_buffer command without any pre-configured scope.", "type": "string", "const": "allow-clear-buffer" }, { "description": "Denies the clear_buffer command without any pre-configured scope.", "type": "string", "const": "deny-clear-buffer" }, { "description": "Enables the close command without any pre-configured scope.", "type": "string", "const": "allow-close" }, { "description": "Denies the close command without any pre-configured scope.", "type": "string", "const": "deny-close" }, { "description": "Enables the close_all command without any pre-configured scope.", "type": "string", "const": "allow-close-all" }, { "description": "Denies the close_all command without any pre-configured scope.", "type": "string", "const": "deny-close-all" }, { "description": "Enables the force_close command without any pre-configured scope.", "type": "string", "const": "allow-force-close" }, { "description": "Denies the force_close command without any pre-configured scope.", "type": "string", "const": "deny-force-close" }, { "description": "Enables the open command without any pre-configured scope.", "type": "string", "const": "allow-open" }, { "description": "Denies the open command without any pre-configured scope.", "type": "string", "const": "deny-open" }, { "description": "Enables the read command without any pre-configured scope.", "type": "string", "const": "allow-read" }, { "description": "Denies the read command without any pre-configured scope.", "type": "string", "const": "deny-read" }, { "description": "Enables the read_carrier_detect command without any pre-configured scope.", "type": "string", "const": "allow-read-carrier-detect" }, { "description": "Denies the read_carrier_detect command without any pre-configured scope.", "type": "string", "const": "deny-read-carrier-detect" }, { "description": "Enables the read_cd command without any pre-configured scope.", "type": "string", "const": "allow-read-cd" }, { "description": "Denies the read_cd command without any pre-configured scope.", "type": "string", "const": "deny-read-cd" }, { "description": "Enables the read_clear_to_send command without any pre-configured scope.", "type": "string", "const": "allow-read-clear-to-send" }, { "description": "Denies the read_clear_to_send command without any pre-configured scope.", "type": "string", "const": "deny-read-clear-to-send" }, { "description": "Enables the read_cts command without any pre-configured scope.", "type": "string", "const": "allow-read-cts" }, { "description": "Denies the read_cts command without any pre-configured scope.", "type": "string", "const": "deny-read-cts" }, { "description": "Enables the read_data_set_ready command without any pre-configured scope.", "type": "string", "const": "allow-read-data-set-ready" }, { "description": "Denies the read_data_set_ready command without any pre-configured scope.", "type": "string", "const": "deny-read-data-set-ready" }, { "description": "Enables the read_dsr command without any pre-configured scope.", "type": "string", "const": "allow-read-dsr" }, { "description": "Denies the read_dsr command without any pre-configured scope.", "type": "string", "const": "deny-read-dsr" }, { "description": "Enables the read_dtr command without any pre-configured scope.", "type": "string", "const": "allow-read-dtr" }, { "description": "Denies the read_dtr command without any pre-configured scope.", "type": "string", "const": "deny-read-dtr" }, { "description": "Enables the read_ri command without any pre-configured scope.", "type": "string", "const": "allow-read-ri" }, { "description": "Denies the read_ri command without any pre-configured scope.", "type": "string", "const": "deny-read-ri" }, { "description": "Enables the read_ring_indicator command without any pre-configured scope.", "type": "string", "const": "allow-read-ring-indicator" }, { "description": "Denies the read_ring_indicator command without any pre-configured scope.", "type": "string", "const": "deny-read-ring-indicator" }, { "description": "Enables the set_baud_rate command without any pre-configured scope.", "type": "string", "const": "allow-set-baud-rate" }, { "description": "Denies the set_baud_rate command without any pre-configured scope.", "type": "string", "const": "deny-set-baud-rate" }, { "description": "Enables the set_break command without any pre-configured scope.", "type": "string", "const": "allow-set-break" }, { "description": "Denies the set_break command without any pre-configured scope.", "type": "string", "const": "deny-set-break" }, { "description": "Enables the set_data_bits command without any pre-configured scope.", "type": "string", "const": "allow-set-data-bits" }, { "description": "Denies the set_data_bits command without any pre-configured scope.", "type": "string", "const": "deny-set-data-bits" }, { "description": "Enables the set_flow_control command without any pre-configured scope.", "type": "string", "const": "allow-set-flow-control" }, { "description": "Denies the set_flow_control command without any pre-configured scope.", "type": "string", "const": "deny-set-flow-control" }, { "description": "Enables the set_parity command without any pre-configured scope.", "type": "string", "const": "allow-set-parity" }, { "description": "Denies the set_parity command without any pre-configured scope.", "type": "string", "const": "deny-set-parity" }, { "description": "Enables the set_stop_bits command without any pre-configured scope.", "type": "string", "const": "allow-set-stop-bits" }, { "description": "Denies the set_stop_bits command without any pre-configured scope.", "type": "string", "const": "deny-set-stop-bits" }, { "description": "Enables the set_timeout command without any pre-configured scope.", "type": "string", "const": "allow-set-timeout" }, { "description": "Denies the set_timeout command without any pre-configured scope.", "type": "string", "const": "deny-set-timeout" }, { "description": "Enables the start_listening command without any pre-configured scope.", "type": "string", "const": "allow-start-listening" }, { "description": "Denies the start_listening command without any pre-configured scope.", "type": "string", "const": "deny-start-listening" }, { "description": "Enables the stop_listening command without any pre-configured scope.", "type": "string", "const": "allow-stop-listening" }, { "description": "Denies the stop_listening command without any pre-configured scope.", "type": "string", "const": "deny-stop-listening" }, { "description": "Enables the write command without any pre-configured scope.", "type": "string", "const": "allow-write" }, { "description": "Denies the write command without any pre-configured scope.", "type": "string", "const": "deny-write" }, { "description": "Enables the write_binary command without any pre-configured scope.", "type": "string", "const": "allow-write-binary" }, { "description": "Denies the write_binary command without any pre-configured scope.", "type": "string", "const": "deny-write-binary" }, { "description": "Enables the write_data_terminal_ready command without any pre-configured scope.", "type": "string", "const": "allow-write-data-terminal-ready" }, { "description": "Denies the write_data_terminal_ready command without any pre-configured scope.", "type": "string", "const": "deny-write-data-terminal-ready" }, { "description": "Enables the write_dtr command without any pre-configured scope.", "type": "string", "const": "allow-write-dtr" }, { "description": "Denies the write_dtr command without any pre-configured scope.", "type": "string", "const": "deny-write-dtr" }, { "description": "Enables the write_request_to_send command without any pre-configured scope.", "type": "string", "const": "allow-write-request-to-send" }, { "description": "Denies the write_request_to_send command without any pre-configured scope.", "type": "string", "const": "deny-write-request-to-send" }, { "description": "Enables the write_rts command without any pre-configured scope.", "type": "string", "const": "allow-write-rts" }, { "description": "Denies the write_rts command without any pre-configured scope.", "type": "string", "const": "deny-write-rts" }, { "description": "# Tauri `serialport` default permissions\n\nThis configuration file defines the default permissions granted\nto the serialport.\n\n### Granted Permissions\n\nThis default permission set enables all read-related commands and\nallows access to the `$APP` folder and sub directories created in it.\nThe location of the `$APP` folder depends on the operating system,\nwhere the application is run.\n\nIn general the `$APP` folder needs to be manually created\nby the application at runtime, before accessing files or folders\nin it is possible.\n\n### Denied Permissions\n\nThis default permission set prevents access to critical components\nof the Tauri application by default.\nOn Windows the webview data folder access is denied.\n\n", "type": "string", "const": "default" } ] } } }