跳到内容
Tauri
指南 参考 博客 发布

命令作用域

作用域是定义 Tauri 命令的(不)允许行为的一种细粒度方式。

作用域分为 allowdeny 作用域,其中 deny 始终取代 allow 作用域。

作用域类型需要是任何 serde 可序列化类型。这些类型通常是插件特定的。对于在 Tauri 应用程序中实现的范围命令,作用域类型需要在应用程序中定义,然后在命令实现中强制执行。

例如,Fs 插件允许您使用作用域来允许或拒绝某些目录和文件,而 http 插件使用作用域来过滤允许访问的 URL。

作用域传递给命令,处理或正确强制执行由命令本身实现。

示例

这些示例取自 Fs 插件权限

此插件中所有命令的作用域类型都是字符串,其中包含 glob 兼容路径。

plugins/fs/permissions/autogenerated/base-directories/applocaldata.toml
[[permission]]
identifier = "scope-applocaldata-recursive"
description = '''
This scope recursive access to the complete `$APPLOCALDATA` folder,
including sub directories and files.
'''


[[permission.scope.allow]]
path = "$APPLOCALDATA/**"
plugins/fs/permissions/deny-webview-data.toml
[[permission]]
identifier = "deny-webview-data-linux"
description = '''
This denies read access to the
`$APPLOCALDATA` folder on linux as the webview data and
configuration values are stored here.
Allowing access can lead to sensitive information disclosure and
should be well considered.
'''
platforms = ["linux"]


[[scope.deny]]
path = "$APPLOCALDATA/**"


[[permission]]
identifier = "deny-webview-data-windows"
description = '''
This denies read access to the
`$APPLOCALDATA/EBWebView` folder on windows as the webview data and
configuration values are stored here.
Allowing access can lead to sensitive information disclosure and
should be well considered.
'''
platforms = ["windows"]


[[scope.deny]]
path = "$APPLOCALDATA/EBWebView/**"

上述作用域可用于允许访问 APPLOCALDATA 文件夹,同时阻止访问 Windows 上的 EBWebView 子文件夹,其中包含敏感的 webview 数据。

这些可以合并到一个集合中,这减少了重复配置,并使任何查看应用程序配置的人更容易理解。

首先,拒绝作用域合并到 deny-default

plugins/fs/permissions/deny-default.toml
[[set]]
identifier = "deny-default"
description = '''
This denies access to dangerous Tauri relevant files and
folders by default.
'''
permissions = ["deny-webview-data-linux", "deny-webview-data-windows"]

之后,拒绝和允许作用域合并

[[set]]
identifier = "scope-applocaldata-reasonable"
description = '''
This scope set allows access to the `APPLOCALDATA` folder and
subfolders except for linux,
while it denies access to dangerous Tauri relevant files and
folders by default on windows.
'''
permissions = ["scope-applocaldata-recursive", "deny-default"]

这些作用域可以用于所有命令,通过扩展插件的全局作用域,或者仅用于选定的命令,当它们与权限内启用的命令结合使用时。

APPLOCALDATA 中文件的合理只读文件访问可能如下所示

[[set]]
identifier = "read-files-applocaldata"
description = '''
This set allows file read access to the `APPLOCALDATA` folder and
subfolders except for linux,
while it denies access to dangerous Tauri relevant files and
folders by default on windows.'''
permissions = ["scope-applocaldata-reasonable", "allow-read-file"]

这些示例仅突出显示作用域功能本身。每个插件或应用程序开发者都需要根据其用例考虑合理的作用域组合。

© 2025 Tauri 贡献者。CC-BY / MIT