Morioh
Login
Nick FrankCold

Nick FrankCold

3 years ago

Coming right behind native support for TypeScript, probably the second-most liked new feature from Deno is the added security layer. As you probably already know, you need to specify which permissions you need to provide your code in order to execute it, otherwise, it’ll fail.

Now if you think about it, failing is usually not the best fallback for a piece of software, it’s definitely not the best UX we can provide our users and it’s not how we want to write software if we want people to adopt it. I mean, can you imagine your OS crashing and forcing you to restart the computer every time something goes unexpectedly? Well, you got me there, that was probably Microsoft’s UX pattern for a long time, but it’s not anymore, OK?!

My point is, given this new behavior we _n_eed to adopt now, thanks to Deno, I can see a potential new pattern for the back-end: Checking for Available Permissions or as I like to call it: CAP.

The point of CAP is that if you keep working like you’ve been working so far for your back-end projects, the moment someone tries to execute your code without enough permissions, the entire application will collapse. With the exception of HRTime (which limits the precision of the measurement), Deno is not gracefully downgrading the fact that you don’t have enough privileges to access one of the other features and directly throws exceptions of type PermissionDenied.

What if, instead of just crashing, your code could be able to check if you actually have been granted the permissions before trying to execute the code that requires them? Of course, there might be cases where you won’t be able to do anything without them and you’ll have to stop the execution, but in others you might be able to gracefully degrade the logic into something capable of still functioning. For example: maybe you haven’t been granted write permissions, so your logger module just outputs everything out into STDOUT. Perhaps ENV access wasn’t provided, yet you can try and read those values from a default config location.

As it currently stands, the code required for this pattern to work is experimental and it could potentially change in future updates, so you’ll have to use the --unstable flag to execute it. I’m referring of course to the API inside Deno.permissions .

#javascript #typescript #backend-development #deno

How to Check for Available Permissions in Deno

blog.bitsrc.io

How to Check for Available Permissions in Deno

Coming right behind native support for TypeScript, probably the second-most liked new feature from Deno is the added security layer. As you probably already know, you need to specify which permissions you need to provide your code in order to execute it, otherwise, it’ll fail. In this post, you'll see Checking for Available Permissions in Deno

2.70 GEEK