feat: package manager permissions when using API #218
Conversation
| export const allow = l10n.t('Allow'); | ||
| export const deny = l10n.t('Deny'); | ||
| export const ask = l10n.t('Ask'); | ||
| export const setPermissions = l10n.t('Set Permissions'); |
There was a problem hiding this comment.
| export const setPermissions = l10n.t('Set Permissions'); | |
| export const setPermissions = l10n.t('Update Permissions'); |
| export namespace PermissionsCommon { | ||
| export const allow = l10n.t('Allow'); | ||
| export const deny = l10n.t('Deny'); | ||
| export const ask = l10n.t('Ask'); |
There was a problem hiding this comment.
I'm not sure "Ask" is easily understandable in this context. I wonder if we should do something like "Always Ask" or "Confirm each time" at the tradeoff of having a slightly longer button title
There was a problem hiding this comment.
agreed- I also wanted this button to be explicit it was a long-term choice
| 'Set permissions for the extension {0} to install, upgrade, or uninstall packages from your Python environments', | ||
| extensionId, | ||
| ), | ||
| { | ||
| modal: true, | ||
| detail: currentPermission ? l10n.t('Current permission: {0}', currentPermission) : undefined, | ||
| }, | ||
| PermissionsCommon.ask, | ||
| PermissionsCommon.allow, | ||
| PermissionsCommon.deny, | ||
| ); |
There was a problem hiding this comment.
This scenario currently shows a "Cancel" option as well. Can we remove this in favor of the X on the dialog?
| setImmediate(async () => { | ||
| const response = await showWarningMessage( | ||
| l10n.t( | ||
| 'The extension `{0}` is not allowed to {1} packages into your Python environment.', |
There was a problem hiding this comment.
Suggest we update language to match "permissions"
| 'The extension `{0}` is not allowed to {1} packages into your Python environment.', | |
| 'The extension `{0}` is not permitted to {1} packages into your Python environment.', |
|
I had the same thought initially. I think for these general views we could say "requests permissions to make changes to packages in your environment."
Maybe we can say "Would you like to set permissions for {extension} to make changes to packages in your environment" and then the follow up prompts if a user selects "ask" are "the extension wants.....". So using set permissions vs the actual action that is being confirmed each time.
Ooh if would be cool if we could organize them similar to how we present environments i.e. a section for Allow, Deny, Ask and then no set permissions. A nice to have not necessarily a need to have IMO
I think this would be a good exploration but also a nice to have :) |
karthiknadig
force-pushed
the
permissions-flow1
branch
from
36ab28e to
f24dead
Compare
* ensure skip install is only shown when relevant * ensure delete env message is modal fixes microsoft#220
Bumps [tar-fs](https://github.com/mafintosh/tar-fs) from 2.1.1 to 2.1.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/mafintosh/tar-fs/commit/d97731b0e1b8a244ab859784b514cfcf5585ad3d"><code>d97731b</code></a> 2.1.2</li> <li><a href="https://github.com/mafintosh/tar-fs/commit/fd1634e869e7c5f85948e95eabdaa8451a085de5"><code>fd1634e</code></a> symlink tweak from main</li> <li>See full diff in <a href="https://github.com/mafintosh/tar-fs/compare/v2.1.1...v2.1.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/microsoft/vscode-python-environments/network/alerts). </details> Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
No description provided.