Rojo Headless Plugin API Proposal #638
Comments
boatbomber
added
type: enhancement
|
I aim to have a security permissions layer as well, much like Roblox's own permission system. When a third party plugin attempts to use an API for the first time you will need to approve it first. This will hopefully mitigate a lot of potential abuse. |
|
I will also need to make it popup when something already exists at _G.Rojo, asking if you want this version to overwrite the existing version (will show you the versions and sources) so that you can have Rojo Boatly and Rojo simultaneously and control which one is exposing the API. |
|
This might seem obvious, but why not use a more dependable solution like a ModuleScript? Initial testing suggests that plugins share the state of ModuleScripts, so there doesn't seem to be a downside. If we were to put a ModuleScript somewhere in the data model, consumers would be able to require it and then use the API from there. It relies less on busywaiting to ensure The only downside I see is that we may introduce noise into someone's game, but I think I prefer that over use of I'm more than open to being told "that's unacceptable and I would hate it" but that's my opinion right now |
|
What makes that more dependable? Just seems like more work and cases to consider since you start dealing with Instances and DataModel stuff instead of just Lua environments. |
|
The reason I say it seems more dependable is because it's ordered. You can have a consumer use local function GetRojo()
local api = _G.Rojo
while not api do
task.wait()
api = _G.Rojo
end
return api
end
local Rojo = GetRojo()I think as a consumer I'd prefer it to be |
|
Yeah, that's a fair critique. I'm willing to rework it to be a ModuleScript if that's what people want. |
|
Done. Updated the docs as well. The suggested snippet is now: local Rojo = require(game:WaitForChild("Rojo", math.huge))
print(Rojo.API.Version) |
kennethloeffler
added
status: in-progress
Exposing a headless API into
gamewill be very valuable to the Rojo ecosystem. Users can make companion plugins, and we can even utilize it ourselves for one-time plugin injections forrojo open. See issues #321 and #305.Those are use cases and requests, and we've established there is demand and utility. Now, this issue is attempting to flesh out an execution of this idea. This is an ongoing discussion, not set in stone. Tell us about your use cases and desires so we can make this as valuable as possible!
Proposed interface:
Plugins and command bar all share the same module cache which allows us to put our interface into a ModuleScript that can be accessed by any plugin. Using the key
"Rojo"is easy to remember and follows branding.Functions
In order to use any of the Rojo APIs, you must first explicitly request them with this function. Users will be prompted to allow/deny each API, (this function will yield until the user responds) and then the function will return a dictionary where the keys are the requested APIs and the values are booleans which represent the access status (whether or not access was granted). The first argument must be your
pluginobject for security and reliability purposes, and the second argument is a list of APIs you're requesting access to.In order to keep our users safe from malicious plugins, RequestAccess must be the first function your plugin calls when using the Rojo API. Attempting to use an API without requesting it beforehand will throw an error. The only exceptions to this are
Rojo.API.VersionandRojo.API.ProtocolVersion, since those are useful in checking compatibility before anything else is done.Example Plugin:
Attempts to connect Rojo to the given host and port. Same behavior as the user clicking the Connect button (sync locking, etc., all behave the same).
Attempts to disconnect any active sync session.
Returns the value of the given setting.
Sets the value of the given setting.
Sends a Rojo notification that indicates it comes from a third-party plugin. Returns a function that dismisses the notification.
Returns the user's chosen host and port.
Returns a new ApiContext using the given baseUrl.
Properties (All read-only)
The Rojo plugin version. (Example:
{7, 2, 1})The Rojo plugin's protocol version.
Whether Rojo is currently connected to a serve session.
When
Rojo.API.Connectedistrue, this contains the address of the connected session.When
Rojo.API.Connectedistrue, this contains the project name of the connected session.Events
Fires when any property changes. Passes the name of the changed property and its new and old values.
Considering Please Discuss!
I am considering exposing the InstanceMap- the map of IDs to Instances. I don't know of any use cases though, it is only theoretically useful and feels potentially valuable. However, it's likely a decent chunk of work to do it safely (don't want third party plugins breaking things!) so unless there's a solid use case, it's not planned for this initial API.
The text was updated successfully, but these errors were encountered: