[discussion] Move permissions to core

[calavera]

Deno's permission sub-system is one of the features that make this project stand against other runtimes. The code to control permissions currently lives in the CLI.

I think it'd be very interesting to make them part of the core, or move them to a separated crate. That way, people working on plugins, or using Deno as an embedded runtime could control the permissions too without having to rely on the CLI.

[kitsonk]

The "problem" is that cli is the only place where the operations exist that need to leverage the permissions...

What could be abstracted to the core is a permission "system" which allows registration, enablement, and assertion of permissions, but not the actual permissions themselves, because they only come into existence in the CLI. I know there is a plan to break the ops out into crates themselves, so that would seem to me to be a logical refactoring at that point.

[bartlomieju]

With work on op crates in progress (#2180 #6906) we had to face this issue. @kitsonk is right that permissions are cli only concept and we might end up exposing trait/interface in op crates to check permissions, the actual implementation will still live in cli/.