diff --git a/ui/src/gear/docket/lib.ts b/ui/src/gear/docket/lib.ts index 5f445644..8d479f5a 100644 --- a/ui/src/gear/docket/lib.ts +++ b/ui/src/gear/docket/lib.ts @@ -35,6 +35,16 @@ export const scryAllyTreaties = (ship: string): Scry => ({ path: `/treaties/${ship}` }); +export const scryPassport = (ship: string, desk: string): Scry => ({ + app: 'treaty', + path: `/passport/${ship}/${desk}` +}); + +export const scrySeal = (ship: string, desk: string): Scry => ({ + app: 'treaty', + path: `/seal/${ship}/${desk}` +}); + /** * Uninstall a desk, and remove docket */ diff --git a/ui/src/gear/docket/types.ts b/ui/src/gear/docket/types.ts index c35399b5..eb3fd7f8 100644 --- a/ui/src/gear/docket/types.ts +++ b/ui/src/gear/docket/types.ts @@ -1,4 +1,5 @@ import { Cass } from '../hood'; +import { Seal } from '../permissions'; export type DeskStatus = 'active' | 'suspended'; export type DocketHref = DocketHrefSite | DocketHrefGlob; @@ -54,6 +55,8 @@ export interface Treaty extends Docket { desk: string; cass: Cass; hash: string; + bill: string[]; + seal: Seal; } export interface Charges { diff --git a/ui/src/gear/index.ts b/ui/src/gear/index.ts index 9e87d9af..32fc330a 100644 --- a/ui/src/gear/index.ts +++ b/ui/src/gear/index.ts @@ -12,7 +12,5 @@ export * as docket from './docket'; export * from './docket'; export * as utils from './utils'; export * from './utils'; - -// TODO: Userspace Permissions -// export * from './permissions'; -// export * as permissions from './permissions'; +export * from './permissions'; +export * as permissions from './permissions'; diff --git a/ui/src/gear/permissions/index.ts b/ui/src/gear/permissions/index.ts new file mode 100644 index 00000000..e06143cf --- /dev/null +++ b/ui/src/gear/permissions/index.ts @@ -0,0 +1,2 @@ +export * from './lib'; +export * from './types'; diff --git a/ui/src/gear/permissions/lib.ts b/ui/src/gear/permissions/lib.ts new file mode 100644 index 00000000..89881710 --- /dev/null +++ b/ui/src/gear/permissions/lib.ts @@ -0,0 +1,34 @@ +import { Poke } from "@urbit/http-api"; +import { ApprovePermsPoke, DenyPermsPoke, Passport, PokePerm, Seal } from "./types"; +import api from "@/api"; + +export function approvePerms(desk: string, perms: PokePerm[]): Poke { + return { + app: 'helm', + mark: 'helm-hope', + json: { + desk, + perms + } + }; +} + +export function denyPerms(desk: string, perms: PokePerm[]): Poke { + return { + app: 'helm', + mark: 'helm-curb', + json: { + desk, + perms + } + }; +} + +export async function sealToPassport(seal: Seal) { + return await api.thread({ + inputMark: "json", + outputMark: "json", + threadName: "get-passport", + body: seal + }); +} diff --git a/ui/src/gear/permissions/types.ts b/ui/src/gear/permissions/types.ts new file mode 100644 index 00000000..f202e44d --- /dev/null +++ b/ui/src/gear/permissions/types.ts @@ -0,0 +1,355 @@ +/** + * A jammed noun representing a permission. base64 encoded. Not consumed by + * the frontend. Used when querying for passport or when approving / denying + * perms. + */ +type Perm = string; + +export type Seal = Perm[]; + +/** + * Passport-formatted permissions + */ + +/** + * Permission summary + */ +interface Pes { + desc: string; + // TODO: per tinnus, "have" is meant to say whether the app already has all / + // any of / none of the perms in question but currently it doesn't, it just + // always says "nil". + have: string; + pers: Perm[]; + warn: string | null; +} + +/** + * Permission bucket + */ +interface Kind { + nom: string; + pes: Pes[]; + // TODO: add a field to indicate which icon to render in the modal +} + +interface KindPerm { + kind: Kind; +} + +interface NodePerm { + node: Pes; +} + +export type PassportPerm = KindPerm | NodePerm; +export type AppPerm = { + app: string; + pes: Pes[]; +} + +/** + * Per lib/perms.hoon, Passport is intended for consumption by permission + * management frontends. + */ +export interface Passport { + /** + * Categorized perms + */ + rad: PassportPerm[]; + /** + * Dangerous perms + */ + sys: PassportPerm[]; + /** + * All apps perms + */ + any: PassportPerm[]; + /** + * Unknown app perms + */ + new: PassportPerm[]; + /** + * Specific app perms + */ + app: AppPerm[]; +} + +/** + * The following perms are used for the poke to approve or deny perms + * on a desk. + * + * See: pers, perm-gall, perm-arvo in lull.hoon + */ + +/** + * shared types from lull.hoon + */ + +type Spur = string; + +interface Burr { + desk: string | null; + spur: Spur; +} + +interface Spar { + care: string | null; + burr: Burr; +} + +/** + * perm-arvo in lull.hoon + */ + +/** + * Ames + */ + +interface AmesDebugPerm { + debug: null; +} + +interface AmesBlockPerm { + block: null; +} + +interface AmesOrderPerm { + ship: string | null; + path: string; +} + +interface AmesWhackPerm { + ship: string | null; + path: string; +} + +type AmesPerm = { + ames: AmesDebugPerm | AmesBlockPerm | AmesOrderPerm | AmesWhackPerm; +} + +/** + * Behn + */ + +interface BehnTimerPerm { + timer: null; +} + +type BehnPerm = { + behn: BehnTimerPerm; +} + +/** + * Clay + */ + +interface ClayMountPerm { + mount: null; +} + +interface ClayCredsPerm { + creds: null; +} + +interface ClayLabelPerm { + desk: string | null; +} + +interface ClayWritePerm { + burr: Burr; +} + +interface ClayLocalPerm { + spar: Spar; +} + +interface ClayPeersPerm { + spar: Spar; +} + +interface ClayPermsPerm { + desk: string | null; +} + +interface ClayPleadPerm { + desk: string | null; +} + +interface ClayLivenPerm { + desk: string | null; +} + +interface ClayPulsePerm { + pulse: null; +} + +interface ClayGravePerm { + ship: string | null; + desk: string | null; +} + +type ClayPerm = { + clay: ClayMountPerm | ClayCredsPerm | ClayLabelPerm | ClayWritePerm | ClayLocalPerm | ClayPeersPerm | ClayPermsPerm | ClayPleadPerm | ClayLivenPerm | ClayPulsePerm | ClayGravePerm; +} + +/** + * Dill + */ + +interface DillViewsPerm { + views: null; +} + +interface DillInputPerm { + input: null; +} + +interface DillPrintPerm { + print: null; +} + +interface DillExtraPerm { + extra: null; +} + +type DillPerm = { + dill: DillViewsPerm | DillInputPerm | DillPrintPerm | DillExtraPerm; +} + +/** + * Eyre + */ + +interface EyreServePerm { + serve: null; +} + +interface EyreCertsPerm { + certs: null; +} + +interface EyrePermsPerm { + perms: null; +} + +type EyrePerm = { + eyre: EyreServePerm | EyreCertsPerm | EyrePermsPerm; +} + +/** + * Fine + */ + +// No %fine perms yet + +/** + * Gall + */ + +interface GallClearPerm { + dude: string | null; +} + +interface GallGuardPerm { + guard: null; +} + +type GallPerm = { + gall: GallClearPerm | GallGuardPerm; +} + +/** + * Iris + */ + +interface IrisFetchPerm { + fetch: null; +} + +type IrisPerm = { + iris: IrisFetchPerm; +} + +/** + * Jael + */ + +interface JaelMoonsPerm { + moons: null; +} + +interface JaelPrickPerm { + prick: null; +} + +interface JaelCreakPerm { + creak: null; +} + +interface JaelLoginPerm { + login: null; +} + +interface JaelBreakPerm { + break: null; +} + +type JaelPerm = JaelMoonsPerm | JaelPrickPerm | JaelCreakPerm | JaelLoginPerm | JaelLoginPerm | JaelBreakPerm; + +/** + * Khan + */ + +interface KhanTreadPerm { + tread: null; +} + +type KhanPerm = KhanTreadPerm; + +type ArvoPerm = AmesPerm | BehnPerm | ClayPerm | DillPerm | EyrePerm | GallPerm | IrisPerm | JaelPerm | KhanPerm; + +/** + * perm-gall in lull.hoon + */ + +interface AgentWritePerm { + write: { + jump: boolean; + dude: string | null; + } +} + +interface AgentWatchPerm { + watch: { + jump: boolean; + dude: string | null; + path: string; + } +} + +interface AgentReadsPerm { + reads: { + vane: string; + spar: Spar; + } +} + +interface AgentPressPerm { + press: { + spur: Spur; + } +} + +type InterAgentPerm = AgentWritePerm | AgentWatchPerm | AgentReadsPerm | AgentPressPerm; + +export type PokePerm = ArvoPerm | InterAgentPerm; + +export interface ApprovePermsPoke { + desk: string; + perms: PokePerm[]; +} + +export interface DenyPermsPoke { + desk: string; + perms: PokePerm[]; +}