Magic-Mirror/gecko-dev
1
0
Fork 0
mirror of https://github.com/mozilla/gecko-dev.git synced 2024-10-08 19:04:45 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Bug 776668 - Split permission for Settings/Contacts access into ReadOnly and ReadWrite variants. r=ddahl

Browse Source
This commit is contained in:
Gregor Wagner 2012-10-31 17:26:05 -07:00
parent 4b7833d1f9
commit 2a2e8cf318
10 changed files with 81 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
dom/contacts/ContactManager.js
View File

@ -439,6 +439,24 @@ ContactManager.prototype = {
askPermission: function (aAccess, aRequest, aAllowCallback, aCancelCallback) {
if (DEBUG) debug("askPermission for contacts");
let access;
switch(aAccess) {
case "create":
access = "create";
break;
case "update":
case "remove":
access = "write";
break;
case "find":
case "getSimContacts":
case "listen":
access = "read";
break;
default:
access = "unknown";
}
let requestID = this.getRequestId({
request: aRequest,
allow: function() {
@ -456,7 +474,7 @@ ContactManager.prototype = {
let principal = this._window.document.nodePrincipal;
cpmm.sendAsyncMessage("PermissionPromptHelper:AskPermission", {
type: "contacts",
access: aAccess,
access: access,
requestID: requestID,
origin: principal.origin,
appID: principal.appId,
@ -508,7 +526,7 @@ ContactManager.prototype = {
this._setMetaData(newContact, aContact);
if (DEBUG) debug("send: " + JSON.stringify(newContact));
request = this.createRequest();
let options = { contact: newContact };
let options = { contact: newContact, reason: reason };
let allowCallback = function() {
cpmm.sendAsyncMessage("Contact:Save", {requestID: this.getRequestId({request: request, reason: reason}), options: options});
}.bind(this)

30
dom/contacts/fallback/ContactService.jsm
View File

@ -67,6 +67,15 @@ this.DOMContactManager = {
this._db = null;
},
assertPermission: function(aMessage, aPerm) {
if (!aMessage.target.assertPermission(aPerm)) {
Cu.reportError("Contacts message " + msg.name +
" from a content process with no" + aPerm + " privileges.");
return false;
}
return true;
},
receiveMessage: function(aMessage) {
if (DEBUG) debug("Fallback DOMContactManager::receiveMessage " + aMessage.name);
let mm = aMessage.target;
@ -112,6 +121,9 @@ this.DOMContactManager = {
switch (aMessage.name) {
case "Contacts:Find":
if (!this.assertPermission(aMessage, "contacts-read")) {
return null;
}
let result = new Array();
this._db.find(
function(contacts) {
@ -134,6 +146,15 @@ this.DOMContactManager = {
msg.options.findOptions);
break;
case "Contact:Save":
if (msg.options.reason === "create") {
if (!this.assertPermission(aMessage, "contacts-create")) {
return null;
}
} else {
if (!this.assertPermission(aMessage, "contacts-write")) {
return null;
}
}
this._db.saveContact(
msg.options.contact,
function() { mm.sendAsyncMessage("Contact:Save:Return:OK", { requestID: msg.requestID, contactID: msg.options.contact.id }); }.bind(this),
@ -141,6 +162,9 @@ this.DOMContactManager = {
);
break;
case "Contact:Remove":
if (!this.assertPermission(aMessage, "contacts-write")) {
return null;
}
this._db.removeContact(
msg.options.id,
function() { mm.sendAsyncMessage("Contact:Remove:Return:OK", { requestID: msg.requestID, contactID: msg.options.id }); }.bind(this),
@ -148,12 +172,18 @@ this.DOMContactManager = {
);
break;
case "Contacts:Clear":
if (!this.assertPermission(aMessage, "contacts-write")) {
return null;
}
this._db.clear(
function() { mm.sendAsyncMessage("Contacts:Clear:Return:OK", { requestID: msg.requestID }); }.bind(this),
function(aErrorMsg) { mm.sendAsyncMessage("Contacts:Clear:Return:KO", { requestID: msg.requestID, errorMsg: aErrorMsg }); }.bind(this)
);
break;
case "Contacts:GetSimContacts":
if (!this.assertPermission(aMessage, "contacts-read")) {
return null;
}
mRIL.getICCContacts(
msg.options.contactType,
function (aErrorMsg, aType, aContacts) {

4
dom/contacts/tests/test_contacts_basics.html
View File

@ -29,7 +29,9 @@ if (!SpecialPowers.getBoolPref("dom.mozContacts.enabled")) {
SpecialPowers.setBoolPref("dom.mozContacts.enabled", true);
}
SpecialPowers.addPermission("contacts", true, document);
SpecialPowers.addPermission("contacts-write", true, document);
SpecialPowers.addPermission("contacts-read", true, document);
SpecialPowers.addPermission("contacts-create", true, document);
// For Sorting
var c1 = {

10
dom/contacts/tests/test_contacts_blobs.html
View File

@ -29,7 +29,9 @@ if (!SpecialPowers.getBoolPref("dom.mozContacts.enabled")) {
SpecialPowers.setBoolPref("dom.mozContacts.enabled", true);
}
SpecialPowers.addPermission("contacts", true, document);
SpecialPowers.addPermission("contacts-write", true, document);
SpecialPowers.addPermission("contacts-read", true, document);
SpecialPowers.addPermission("contacts-create", true, document);
var utils = SpecialPowers.getDOMWindowUtils(window);
@ -109,7 +111,6 @@ function onFailure() {
function verifyBlob(blob1, blob2, isLast)
{
dump("islast? " + isLast + "\n");
is(blob1 instanceof SpecialPowers.Ci.nsIDOMBlob, true,
"Instance of nsIDOMBlob");
is(blob1 instanceof SpecialPowers.Ci.nsIDOMFile,
@ -174,7 +175,6 @@ var steps = [
ok(true, "Adding contact with photo");
createResult1 = new mozContact();
createResult1.init(properties1);
dump("CreateResult1: " + JSON.stringify(createResult1));
req = navigator.mozContacts.save(createResult1);
req.onsuccess = function () {
ok(createResult1.id, "The contact now has an ID.");
@ -201,7 +201,6 @@ var steps = [
ok(true, "Adding contact with 2 photos");
createResult1 = new mozContact();
createResult1.init(properties2);
dump("CreateResult1: " + JSON.stringify(createResult1));
req = navigator.mozContacts.save(createResult1);
req.onsuccess = function () {
ok(createResult1.id, "The contact now has an ID.");
@ -228,7 +227,6 @@ var steps = [
ok(true, "Adding photo as String");
createResult1 = new mozContact();
createResult1.init({name: "asdf", photo: ["xyz"]});
dump("CreateResult1: " + JSON.stringify(createResult1));
req = navigator.mozContacts.save(createResult1);
req.onsuccess = function () {
ok(createResult1.id, "The contact now has an ID.");
@ -242,7 +240,6 @@ var steps = [
ok(true, "Adding photo as String");
createResult1 = new mozContact();
createResult1.init({name: "jkl", photo: "xyz"});
dump("CreateResult1: " + JSON.stringify(createResult1));
req = navigator.mozContacts.save(createResult1);
req.onsuccess = function () {
ok(createResult1.id, "The contact now has an ID.");
@ -270,7 +267,6 @@ var steps = [
ok(true, "Adding photo as Object");
createResult1 = new mozContact();
createResult1.init({photo: [{}]});
dump("CreateResult1: " + JSON.stringify(createResult1));
req = navigator.mozContacts.save(createResult1);
req.onsuccess = function () {
ok(createResult1.id, "The contact now has an ID.");

2
dom/contacts/tests/test_contacts_events.html
View File

@ -19,6 +19,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=764667
/** Test for Bug 764667 **/
SpecialPowers.addPermission("contacts-read", true, document);
var e = new MozContactChangeEvent("contactchanged", {contactID: "123", reason: "create"});
ok(e, "Should have contactsChange event!");
is(e.contactID, "123", "ID should be 123.");

3
dom/permission/PermissionPromptHelper.jsm
View File

@ -71,8 +71,9 @@ this.PermissionPromptHelper = {
let uri = Services.io.newURI(msg.origin, null, null);
principal =
secMan.getAppCodebasePrincipal(uri, msg.appID, msg.browserFlag);
let access = msg.access ? msg.type + "-" + msg.access : msg.type;
let perm =
permissionManager.testExactPermissionFromPrincipal(principal, msg.type);
permissionManager.testExactPermissionFromPrincipal(principal, access);
installedPerms.push(perm);
}

5
dom/settings/SettingsChangeNotifier.jsm
View File

@ -80,6 +80,11 @@ this.SettingsChangeNotifier = {
let mm = aMessage.target;
switch (aMessage.name) {
case "Settings:Changed":
if (!aMessage.target.assertPermission("settings-write")) {
Cu.reportError("Settings message " + msg.name +
" from a content process with no 'settings-write' privileges.");
return null;
}
this.broadcastMessage("Settings:Change:Return:OK",
{ key: msg.key, value: msg.value });
Services.obs.notifyObservers(this, kMozSettingsChangedObserverTopic,

19
dom/settings/SettingsManager.js
View File

@ -152,7 +152,7 @@ SettingsLock.prototype = {
throw Components.results.NS_ERROR_ABORT;
}
if (this._settingsManager.hasPrivileges) {
if (this._settingsManager.hasReadPrivileges) {
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
this._requests.enqueue({ request: req, intent:"get", name: aName });
this.createTransactionAndProcess();
@ -169,7 +169,7 @@ SettingsLock.prototype = {
throw Components.results.NS_ERROR_ABORT;
}
if (this._settingsManager.hasPrivileges) {
if (this._settingsManager.hasWritePrivileges) {
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
debug("send: " + JSON.stringify(aSettings));
this._requests.enqueue({request: req, intent: "set", settings: aSettings});
@ -187,7 +187,7 @@ SettingsLock.prototype = {
throw Components.results.NS_ERROR_ABORT;
}
if (this._settingsManager.hasPrivileges) {
if (this._settingsManager.hasWritePrivileges) {
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
this._requests.enqueue({ request: req, intent: "clear"});
this.createTransactionAndProcess();
@ -237,7 +237,7 @@ SettingsManager.prototype = {
},
set onsettingchange(aCallback) {
if (this.hasPrivileges) {
if (this.hasReadPrivileges) {
if (!this._onsettingchange) {
cpmm.sendAsyncMessage("Settings:RegisterForMessages");
}
@ -334,9 +334,14 @@ SettingsManager.prototype = {
let util = aWindow.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIDOMWindowUtils);
this.innerWindowID = util.currentInnerWindowID;
let perm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings");
this.hasPrivileges = perm == Ci.nsIPermissionManager.ALLOW_ACTION;
debug("has privileges :" + this.hasPrivileges);
let readPerm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings-read");
let writePerm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings-write");
this.hasReadPrivileges = readPerm == Ci.nsIPermissionManager.ALLOW_ACTION;
this.hasWritePrivileges = writePerm == Ci.nsIPermissionManager.ALLOW_ACTION;
if (!this.hasReadPrivileges && !this.hasWritePrivileges) {
Cu.reportError("NO SETTINGS PERMISSION FOR: " + aWindow.document.nodePrincipal.origin + "\n");
}
},
observe: function(aSubject, aTopic, aData) {

3
dom/settings/tests/test_settings_basics.html
View File

@ -24,7 +24,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id={678695}
var comp = SpecialPowers.wrap(SpecialPowers.Components);
comp.utils.import("resource://gre/modules/SettingsChangeNotifier.jsm");
SpecialPowers.setBoolPref("dom.mozSettings.enabled", true);
SpecialPowers.addPermission("settings", true, document);
SpecialPowers.addPermission("settings-read", true, document);
SpecialPowers.addPermission("settings-write", true, document);
function onUnwantedSuccess() {
ok(false, "onUnwantedSuccess: shouldn't get here");

3
dom/settings/tests/test_settings_onsettingchange.html
View File

@ -24,7 +24,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id={678695}
var comp = SpecialPowers.wrap(Components);
comp.utils.import("resource://gre/modules/SettingsChangeNotifier.jsm");
SpecialPowers.setBoolPref("dom.mozSettings.enabled", true);
SpecialPowers.addPermission("settings", true, document);
SpecialPowers.addPermission("settings-write", true, document);
SpecialPowers.addPermission("settings-read", true, document);
var screenBright = {"screen.brightness": 0.7};