[Bug]: When using --allow-fs-write to execute a non-existent folder, creating subdirectories of that folder will fail about node HOT 17 CLOSED

Sometimes it's related to your terminal (such as zsh). Try wrapping it into quotes: --allow-fs-write="/Users/skypesky/workSpaces/javascript/github/temp/*"

from node.

Actually, thinking more about it... It's not a bug, temp never existed, so the system cannot identify if temp is supposed to be a folder or just a file temp.

I'm pretty sure if you try to create a file /Users/skypesky/workSpaces/javascript/github/temp it will work with success.

Hence, for non-existent folders you must add the wildcard: *.

But give then case:

 node --experimental-permission --allow-fs-write=$PWD/foo  --allow-fs-read=$PWD/test.js test.js

const { mkdir } = require('node:fs/promises');

(async () => {
    await mkdir('./foo/', { recursive: true });
    await mkdir('./foo/tmp/a/b/c/d', { recursive: true });
})();

The folder is created succesfully so it should word
PS: Accidentally closed

from node.

IIRC, when the permission model is being initialized, it implicitly adds wildcards to the end of paths that are (existing) directories. If $PWD/foo does not exist, no wildcard is implicitly added, so the permission model only allows access to the exact path $PWD/foo.

from node.

I'm going to close it as this is expected behaviour. Feel free to re-open if something is misleading.

from node.

Thanks for the explanation @tniessen @RafaelGSS I traced to is_granted method in fs_permission.cc and found out it was cached. I am thinking this probably should be documented in the Limitations and Known Issues section of the api/permissions doc? (👍 or 👎)

from node.

It's not a limitation as it's designed to work in that way. We could mention it on https://nodejs.org/api/permissions.html#file-system-permissions specifically on wildcard mention.

from node.

You have set allow-write to /Users/skypesky/workSpaces/javascript/github/temp and trying to write on
/Users/skypesky/workSpaces/javascript/github/tmp/ it's working as supposed, you need set write-permission to /Users/skypesky/workSpaces/javascript/github/tmp

from node.

@marco-ippolito
please ignore my spelling mistakes, this is indeed a bug, here is a screenshot.

from node.

does the folder temp exists?

from node.

• The temp folder does not exist! Specifically, I can actually create temp successfully, but I cannot create subfolders of temp.

const { mkdir } = require('node:fs/promises');

(async () => {

  await mkdir('/Users/skypesky/workSpaces/javascript/github/temp', { recursive: true }); // exec ok!
  await mkdir('/Users/skypesky/workSpaces/javascript/github/temp/a/b/c/d', { recursive: true }); // exec failed!!!
})();

from node.

does the folder temp exists? if not it wont work To create the folder temp you need to have write access in the parent directory for example: /Users/skypesky/workSpaces/javascript/github/

I do not want it to have the permission to write data in this folder on github, this is not what we intended.

from node.

I can reproduce, I confirm its a bug @RafaelGSS

node --experimental-permission --allow-fs-write=$PWD/foo  --allow-fs-read=$PWD/test.js test.js

const { mkdir } = require('node:fs/promises');

(async () => {
    await mkdir('./foo/', { recursive: true });
    await mkdir('./foo/tmp/a/b/c/d', { recursive: true });
})();

from node.

Meanwhile, can you try adding a * after temp? --allow-fs-write=/Users/skypesky/workSpaces/javascript/github/temp/*

Anyway, I'll fix it.

from node.

Just tested it this as well, if adding * after temp it will say no matches found: --allow-fs-write=/file path/

from node.

Thanks, it was my terminal (zsh), after adding * it works, it can create the folders recursively.

from node.

Actually, thinking more about it... It's not a bug, temp never existed, so the system cannot identify if temp is supposed to be a folder or just a file temp.

I'm pretty sure if you try to create a file /Users/skypesky/workSpaces/javascript/github/temp it will work with success.

Hence, for non-existent folders you must add the wildcard: *.

from node.

IIRC, when the permission model is being initialized, it implicitly adds wildcards to the end of paths that are (existing) directories. If $PWD/foo does not exist, no wildcard is implicitly added, so the permission model only allows access to the exact path $PWD/foo.

That's correct. If you created $PWD/foo folder during runtime, the permission model won't be able to identify if that's a folder and add the wildcard.

from node.