Permissions
In order to ensure your Loop is executing in a secure manner, you must declare which network URL domains, file system path globs, and aptitudes your Loop will use.

Overview

Attempts to access a file path, url, or aptitude which have not been added to your permissions will fail.
Permissions are declared inside of the Loop package.json within a ldk/permissions json object. The included Webpack configuration also allows Loop Authors to configure alternate permissions for different development environments.
See the Environment Permissions guide for more details
Example permissions object in the package.json:
1
"ldk": {
2
"permissions": {
3
"clipboard": {},
4
"filesystem": {
5
"pathGlobs": [
6
{
7
"value": "/some/path/something.txt"
8
}
9
]
10
},
11
"network": {
12
"urlDomains": [
13
{
14
"value": "*.google.com"
15
}
16
]
17
},
18
"window": {}
19
}
20
},
Copied!

Network Permissions

Supports any domain URL reference and domain wildcards.
1
"ldk": {
2
"network": {
3
"urlDomains": [
4
{
5
"value": string
6
}
7
]
8
}
9
}
Copied!

Examples

Example Strings
"*.google.com"
"github.com/"
"en.wikipedia.org"

Filesystem Permissions

Supports any filesystem path and path wildcards.
When you include filesystem permissions, you have access to the Loop's working directory by default. You will automatically have access to any subdirectories, and files within it. If your Loop only needs access to its working folder, provide an empty object:
1
{
2
"ldk": {
3
"permissions": {
4
"filesystem": {}
5
}
6
}
7
}
Copied!
To specify other locations, use the following syntax:
1
"ldk": {
2
"filesystem": {
3
"pathGlobs": [
4
{
5
"value": string
6
}
7
]
8
}
9
}
Copied!

Examples

1
{
2
"ldk": {
3
"permissions": {
4
"filesystem": {
5
"pathGlobs": [
6
{
7
// Provides access to all files in the /tmp directory that have a .txt extension.
8
"value": "/tmp/*.txt"
9
},
10
{
11
// Provides access to all directories and files under the /tmp directory.
12
"value": "/tmp/**"
13
},
14
{
15
// Provides access to all files with .txt extensions in the /tmp directory or any of its subdirectories.
16
"value": "/tmp/**/*.txt"
17
},
18
{
19
// Provides access to all files with .txt extensions in any subdirectory of /tmp.
20
"value": "/tmp/*/*.txt"
21
}
22
]
23
}
24
}
25
}
26
}
Copied!

Code Usage

To access a file or directory inside the working directory, provide a relative path:
1
const csvContents = await ldk.filesystem.readFile('./my-file.csv');
Copied!
  • Your Loop can do whatever it wants in this directory, but it cannot destroy its working directory. For example filesystem.remove("./") will fail.
  • All relative paths are allowed as long as they resolve to something in the working directory
  • File paths which refer to parent directories (example: ../) must be specifically provided if not within the working directory.
  • Shutting down or updating a Loop does not delete the working directory or its contents.
  • Other Loops will not be able to access this directory

Aptitude Permissions

Simply provide the Aptitude name.

Examples

1
"ldk": {
2
"clipboard": {},
3
"process": {}
4
}
Copied!
Valid Options
"clipboard"
"cursor"
"keyboard"
"process"
"search"
"ui"
"user"
"vault"
"whisper"
"window"
Last modified 2mo ago