feat: add plugin permission system

default-plugins/strider/src/main.rs

@@ -19,6 +19,9 @@ register_worker!(
 
 impl ZellijPlugin for State {
     fn load(&mut self) {
+        // Example
+        request_permission(&[PermissionType::KeyboardInput]);
+
         refresh_directory(self);
         self.search_state.loading = true;
         subscribe(&[
@@ -29,6 +32,7 @@ impl ZellijPlugin for State {
             EventType::FileSystemCreate,
             EventType::FileSystemUpdate,
             EventType::FileSystemDelete,
+            EventType::PermissionRequestResult,
         ]);
         post_message_to(
             "file_name_search",
@@ -53,6 +57,9 @@ impl ZellijPlugin for State {
         };
         self.ev_history.push_back((event.clone(), Instant::now()));
         match event {
+            Event::PermissionRequestResult(_) => {
+                should_render = true;
+            },
             Event::Timer(_elapsed) => {
                 if self.search_state.loading {
                     set_timeout(0.5);

zellij-server/src/panes/plugin_pane.rs

@@ -1,18 +1,19 @@
-use std::collections::HashMap;
+use std::collections::{HashMap, HashSet};
 use std::time::Instant;
 
 use crate::output::{CharacterChunk, SixelImageChunk};
 use crate::panes::{grid::Grid, sixel::SixelImageStore, LinkHandler, PaneId};
 use crate::plugins::PluginInstruction;
 use crate::pty::VteBytes;
-use crate::tab::Pane;
+use crate::tab::{AdjustedInput, Pane};
 use crate::ui::{
     loading_indication::LoadingIndication,
     pane_boundaries_frame::{FrameParams, PaneFrame},
 };
 use crate::ClientId;
 use std::cell::RefCell;
 use std::rc::Rc;
+use zellij_utils::data::{PermissionType, PluginPermission};
 use zellij_utils::pane_size::{Offset, SizeInPixels};
 use zellij_utils::position::Position;
 use zellij_utils::{
@@ -25,6 +26,15 @@ use zellij_utils::{
     vte,
 };
 
+macro_rules! style {
+    ($fg:expr) => {
+        ansi_term::Style::new().fg(match $fg {
+            PaletteColor::Rgb((r, g, b)) => ansi_term::Color::RGB(r, g, b),
+            PaletteColor::EightBit(color) => ansi_term::Color::Fixed(color),
+        })
+    };
+}
+
 macro_rules! get_or_create_grid {
     ($self:ident, $client_id:ident) => {{
         let rows = $self.get_content_rows();
@@ -73,6 +83,7 @@ pub(crate) struct PluginPane {
     pane_frame_color_override: Option<(PaletteColor, Option<String>)>,
     invoked_with: Option<Run>,
     loading_indication: LoadingIndication,
+    requesting_permissions: Option<PluginPermission>,
     debug: bool,
 }
 
@@ -121,6 +132,7 @@ impl PluginPane {
             pane_frame_color_override: None,
             invoked_with,
             loading_indication,
+            requesting_permissions: None,
             debug,
         };
         for client_id in currently_connected_clients {
@@ -181,6 +193,14 @@ impl Pane for PluginPane {
     }
     fn handle_plugin_bytes(&mut self, client_id: ClientId, bytes: VteBytes) {
         self.set_client_should_render(client_id, true);
+
+        let mut vte_bytes = bytes;
+        if let Some(plugin_permission) = &self.requesting_permissions {
+            vte_bytes = self
+                .display_request_permission_message(plugin_permission)
+                .into();
+        }
+
         let grid = get_or_create_grid!(self, client_id);
 
         // this is part of the plugin contract, whenever we update the plugin and call its render function, we delete the existing viewport
@@ -193,14 +213,30 @@ impl Pane for PluginPane {
             .vte_parsers
             .entry(client_id)
             .or_insert_with(|| vte::Parser::new());
-        for &byte in &bytes {
+
+        for &byte in &vte_bytes {
             vte_parser.advance(grid, byte);
         }
+
         self.should_render.insert(client_id, true);
     }
     fn cursor_coordinates(&self) -> Option<(usize, usize)> {
         None
     }
+    fn adjust_input_to_terminal(&mut self, input_bytes: Vec<u8>) -> Option<AdjustedInput> {
+        if let Some(requesting_permissions) = &self.requesting_permissions {
+            let permissions = requesting_permissions.permissions.clone();
+            match input_bytes.as_slice() {
+                // Y or y
+                &[89] | &[121] => Some(AdjustedInput::PermissionRequestResult(permissions, true)),
+                // N or n
+                &[78] | &[110] => Some(AdjustedInput::PermissionRequestResult(permissions, false)),
+                _ => None,
+            }
+        } else {
+            Some(AdjustedInput::WriteBytesToTerminal(input_bytes))
+        }
+    }
     fn position_and_size(&self) -> PaneGeom {
         self.geom
     }
@@ -233,6 +269,9 @@ impl Pane for PluginPane {
     fn set_selectable(&mut self, selectable: bool) {
         self.selectable = selectable;
     }
+    fn set_plugin_permissions(&mut self, permissions: Option<PluginPermission>) {
+        self.requesting_permissions = permissions;
+    }
     fn render(
         &mut self,
         client_id: Option<ClientId>,
@@ -595,4 +634,25 @@ impl PluginPane {
             self.handle_plugin_bytes(client_id, bytes.clone());
         }
     }
+    fn display_request_permission_message(&self, plugin_permission: &PluginPermission) -> String {
+        let cyan = style!(self.terminal_emulator_colors.borrow().cyan).bold();
+
+        let mut messages = String::new();
+        let permissions: HashSet<PermissionType> =
+            plugin_permission.permissions.clone().into_iter().collect();
+
+        messages.push_str(&format!(
+            "Plugin {} would like permission to:",
+            cyan.paint(&plugin_permission.name),
+        ));
+        permissions.iter().enumerate().for_each(|(i, p)| {
+            messages.push_str(&format!("\n\r{}. {}", i + 1, p));
+        });
+
+        messages.push_str(&format!(
+            "\n\r\n\rWould you like to grant these permissions? (y/n)"
+        ));
+
+        messages
+    }
 }

zellij-server/src/plugins/mod.rs

@@ -18,11 +18,13 @@ use crate::{pty::PtyInstruction, thread_bus::Bus, ClientId, ServerInstruction};
 use wasm_bridge::WasmBridge;
 
 use zellij_utils::{
-    data::{Event, EventType, PluginCapabilities},
+    consts::ZELLIJ_PLUGIN_PERMISSIONS_FILE,
+    data::{Event, EventType, PermissionType, PluginCapabilities},
     errors::{prelude::*, ContextType, PluginContext},
     input::{
         command::TerminalAction,
         layout::{FloatingPaneLayout, Layout, Run, RunPlugin, RunPluginLocation, TiledPaneLayout},
+        permission::GrantedPermission,
         plugins::PluginsConfig,
     },
     ipc::ClientAttributes,
@@ -79,6 +81,7 @@ pub enum PluginInstruction {
         String, // serialized payload
     ),
     PluginSubscribedToEvents(PluginId, ClientId, HashSet<EventType>),
+    PermissionRequestResult(PluginId, Option<ClientId>, Vec<PermissionType>, bool),
     Exit,
 }
 
@@ -105,6 +108,9 @@ impl From<&PluginInstruction> for PluginContext {
             PluginInstruction::PluginSubscribedToEvents(..) => {
                 PluginContext::PluginSubscribedToEvents
             },
+            PluginInstruction::PermissionRequestResult(..) => {
+                PluginContext::PermissionRequestResult
+            },
         }
     }
 }
@@ -126,11 +132,21 @@ pub(crate) fn plugin_thread_main(
     let plugin_dir = data_dir.join("plugins/");
     let plugin_global_data_dir = plugin_dir.join("data");
 
+    let granted_permission =
+        match fs::read_to_string(plugin_dir.join(ZELLIJ_PLUGIN_PERMISSIONS_FILE)) {
+            Ok(s) => match GrantedPermission::from_string(s) {
+                Ok(p) => p,
+                Err(_) => GrantedPermission::default(),
+            },
+            Err(_) => GrantedPermission::default(),
+        };
+
     let mut wasm_bridge = WasmBridge::new(
         plugins,
         bus.senders.clone(),
         store,
         plugin_dir,
+        granted_permission,
         path_to_default_shell,
         zellij_cwd,
         capabilities,
@@ -286,6 +302,25 @@ pub(crate) fn plugin_thread_main(
                     }
                 }
             },
+            PluginInstruction::PermissionRequestResult(
+                plugin_id,
+                client_id,
+                permissions,
+                result,
+            ) => {
+                let permissions = if result { permissions } else { Vec::new() };
+                match wasm_bridge.caching_plugin_permissions(plugin_id, client_id, permissions) {
+                    Ok(_) => {},
+                    Err(e) => log::error!("{}", e),
+                }
+
+                let updates = vec![(
+                    Some(plugin_id),
+                    client_id,
+                    Event::PermissionRequestResult(result),
+                )];
+                wasm_bridge.update_plugins(updates)?;
+            },
             PluginInstruction::Exit => {
                 wasm_bridge.cleanup();
                 break;