Workbench icon indicating copy to clipboard operation
Workbench copied to clipboard

Published 20 hours ago verified publisher icon workbenchdev

Inform users when a permission is required for a demo

Open sonnyp opened this issue 1 year ago • 8 comments

Currently, Workbench is considered as "probably safe" by Flathub and GNOME Software.

The reason it is not considered "Safe" is because we require network and audio permission (via --socket=pulseaudio and --share=network. Those are not strictly required to use Workbench and are only needed for a handful of demos. In addition, we would also like to add a permission for gamepads https://github.com/workbenchdev/demos/pull/88

Eventually there will be portals for all of these things but until then we need static permissions.

Let's

  1. remove those permissions so that Workbench is considered safe
  2. add a mechanism for demos to advertise which permissions they need - maybe flatpak-finish-args: ["--socket=fallback-x11"] in main.json
  3. when a needed permission is not enabled, Workbench should show a dialog on "Run" to explain what this is about and how to enable the permission using flatpak overrides

Since overrides are permanent - it should be a one time thing only anyway.

sonnyp avatar Mar 23 '24 12:03 sonnyp

@bragefuglseth would you be interested in proposing a copy / design for 3?

sonnyp avatar Mar 23 '24 12:03 sonnyp

Hey, and sorry for the late response! I can have a shot at it if you can provide some textual content / an instruction set to be conveyed in the dialog. I'm not too knowledgeable on that stuff :smiley:

bragefuglseth avatar Mar 30 '24 22:03 bragefuglseth

@bragefuglseth the dialog would show when a user press "Run" on a demo that require static Flatpak permissions (not portal permissions) that aren't enabled for Workbench.

We can say something like:

"Permission(s) needed"

To run this project, additional permissions are needed for Workbench. Please run the following command in your terminal and restart Workbench

flatpak override --user --share=network --socket=pulseaudio --share=device re.sonny.Workbench.Devel

Here are screenshots of our current similar dialogs

image

image

sonnyp avatar Jul 02 '24 12:07 sonnyp

Sorry for the late response again! This is on my todo list.

bragefuglseth avatar Jul 09 '24 07:07 bragefuglseth

Any thoughts on this? I think it's nice to give a brief overview of what people are actually doing when running the command. The explanation can also serve as a useful introduction to the sandbox permission system for aspiring app developers. The descriptions may not be 100% accurate; you can change those as you see fit.

I imagine that the external link symbol would open the sandbox permissions documentation.

permissions

bragefuglseth avatar Jul 18 '24 16:07 bragefuglseth

I love it :)

--user isn't a permission so we just need the last 3

sonnyp avatar Jul 18 '24 16:07 sonnyp

I thought it would be nice to include to reassure people that it will only affect their account or whatever, but feel free to exclude it :slightly_smiling_face:

Here's the illustration SVG:

permissions

bragefuglseth avatar Jul 18 '24 16:07 bragefuglseth

@bragefuglseth: Thanks for redirecting me to the issue!

The problem is really asking to reduce protection. This shouldn't be asked from a (fully) sandboxed app at all. This shows bad practice for acquiring permissions that reduce the app sandbox.

To do this properly, a portal is needed. And, unfortunately, the proposed design, although nice and well done, is not good for a portal because of the words "Needed", "needs", "Please", which induce obligation.

Mikenux avatar Jul 19 '24 03:07 Mikenux