mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 19:04:45 +00:00
Bug 776668 - Split permission for Settings/Contacts access into ReadOnly and ReadWrite variants. r=ddahl
This commit is contained in:
parent
4b7833d1f9
commit
2a2e8cf318
@ -439,6 +439,24 @@ ContactManager.prototype = {
|
||||
|
||||
askPermission: function (aAccess, aRequest, aAllowCallback, aCancelCallback) {
|
||||
if (DEBUG) debug("askPermission for contacts");
|
||||
let access;
|
||||
switch(aAccess) {
|
||||
case "create":
|
||||
access = "create";
|
||||
break;
|
||||
case "update":
|
||||
case "remove":
|
||||
access = "write";
|
||||
break;
|
||||
case "find":
|
||||
case "getSimContacts":
|
||||
case "listen":
|
||||
access = "read";
|
||||
break;
|
||||
default:
|
||||
access = "unknown";
|
||||
}
|
||||
|
||||
let requestID = this.getRequestId({
|
||||
request: aRequest,
|
||||
allow: function() {
|
||||
@ -456,7 +474,7 @@ ContactManager.prototype = {
|
||||
let principal = this._window.document.nodePrincipal;
|
||||
cpmm.sendAsyncMessage("PermissionPromptHelper:AskPermission", {
|
||||
type: "contacts",
|
||||
access: aAccess,
|
||||
access: access,
|
||||
requestID: requestID,
|
||||
origin: principal.origin,
|
||||
appID: principal.appId,
|
||||
@ -508,7 +526,7 @@ ContactManager.prototype = {
|
||||
this._setMetaData(newContact, aContact);
|
||||
if (DEBUG) debug("send: " + JSON.stringify(newContact));
|
||||
request = this.createRequest();
|
||||
let options = { contact: newContact };
|
||||
let options = { contact: newContact, reason: reason };
|
||||
let allowCallback = function() {
|
||||
cpmm.sendAsyncMessage("Contact:Save", {requestID: this.getRequestId({request: request, reason: reason}), options: options});
|
||||
}.bind(this)
|
||||
|
@ -67,6 +67,15 @@ this.DOMContactManager = {
|
||||
this._db = null;
|
||||
},
|
||||
|
||||
assertPermission: function(aMessage, aPerm) {
|
||||
if (!aMessage.target.assertPermission(aPerm)) {
|
||||
Cu.reportError("Contacts message " + msg.name +
|
||||
" from a content process with no" + aPerm + " privileges.");
|
||||
return false;
|
||||
}
|
||||
return true;
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
if (DEBUG) debug("Fallback DOMContactManager::receiveMessage " + aMessage.name);
|
||||
let mm = aMessage.target;
|
||||
@ -112,6 +121,9 @@ this.DOMContactManager = {
|
||||
|
||||
switch (aMessage.name) {
|
||||
case "Contacts:Find":
|
||||
if (!this.assertPermission(aMessage, "contacts-read")) {
|
||||
return null;
|
||||
}
|
||||
let result = new Array();
|
||||
this._db.find(
|
||||
function(contacts) {
|
||||
@ -134,6 +146,15 @@ this.DOMContactManager = {
|
||||
msg.options.findOptions);
|
||||
break;
|
||||
case "Contact:Save":
|
||||
if (msg.options.reason === "create") {
|
||||
if (!this.assertPermission(aMessage, "contacts-create")) {
|
||||
return null;
|
||||
}
|
||||
} else {
|
||||
if (!this.assertPermission(aMessage, "contacts-write")) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
this._db.saveContact(
|
||||
msg.options.contact,
|
||||
function() { mm.sendAsyncMessage("Contact:Save:Return:OK", { requestID: msg.requestID, contactID: msg.options.contact.id }); }.bind(this),
|
||||
@ -141,6 +162,9 @@ this.DOMContactManager = {
|
||||
);
|
||||
break;
|
||||
case "Contact:Remove":
|
||||
if (!this.assertPermission(aMessage, "contacts-write")) {
|
||||
return null;
|
||||
}
|
||||
this._db.removeContact(
|
||||
msg.options.id,
|
||||
function() { mm.sendAsyncMessage("Contact:Remove:Return:OK", { requestID: msg.requestID, contactID: msg.options.id }); }.bind(this),
|
||||
@ -148,12 +172,18 @@ this.DOMContactManager = {
|
||||
);
|
||||
break;
|
||||
case "Contacts:Clear":
|
||||
if (!this.assertPermission(aMessage, "contacts-write")) {
|
||||
return null;
|
||||
}
|
||||
this._db.clear(
|
||||
function() { mm.sendAsyncMessage("Contacts:Clear:Return:OK", { requestID: msg.requestID }); }.bind(this),
|
||||
function(aErrorMsg) { mm.sendAsyncMessage("Contacts:Clear:Return:KO", { requestID: msg.requestID, errorMsg: aErrorMsg }); }.bind(this)
|
||||
);
|
||||
break;
|
||||
case "Contacts:GetSimContacts":
|
||||
if (!this.assertPermission(aMessage, "contacts-read")) {
|
||||
return null;
|
||||
}
|
||||
mRIL.getICCContacts(
|
||||
msg.options.contactType,
|
||||
function (aErrorMsg, aType, aContacts) {
|
||||
|
@ -29,7 +29,9 @@ if (!SpecialPowers.getBoolPref("dom.mozContacts.enabled")) {
|
||||
SpecialPowers.setBoolPref("dom.mozContacts.enabled", true);
|
||||
}
|
||||
|
||||
SpecialPowers.addPermission("contacts", true, document);
|
||||
SpecialPowers.addPermission("contacts-write", true, document);
|
||||
SpecialPowers.addPermission("contacts-read", true, document);
|
||||
SpecialPowers.addPermission("contacts-create", true, document);
|
||||
|
||||
// For Sorting
|
||||
var c1 = {
|
||||
|
@ -29,7 +29,9 @@ if (!SpecialPowers.getBoolPref("dom.mozContacts.enabled")) {
|
||||
SpecialPowers.setBoolPref("dom.mozContacts.enabled", true);
|
||||
}
|
||||
|
||||
SpecialPowers.addPermission("contacts", true, document);
|
||||
SpecialPowers.addPermission("contacts-write", true, document);
|
||||
SpecialPowers.addPermission("contacts-read", true, document);
|
||||
SpecialPowers.addPermission("contacts-create", true, document);
|
||||
|
||||
var utils = SpecialPowers.getDOMWindowUtils(window);
|
||||
|
||||
@ -109,7 +111,6 @@ function onFailure() {
|
||||
|
||||
function verifyBlob(blob1, blob2, isLast)
|
||||
{
|
||||
dump("islast? " + isLast + "\n");
|
||||
is(blob1 instanceof SpecialPowers.Ci.nsIDOMBlob, true,
|
||||
"Instance of nsIDOMBlob");
|
||||
is(blob1 instanceof SpecialPowers.Ci.nsIDOMFile,
|
||||
@ -174,7 +175,6 @@ var steps = [
|
||||
ok(true, "Adding contact with photo");
|
||||
createResult1 = new mozContact();
|
||||
createResult1.init(properties1);
|
||||
dump("CreateResult1: " + JSON.stringify(createResult1));
|
||||
req = navigator.mozContacts.save(createResult1);
|
||||
req.onsuccess = function () {
|
||||
ok(createResult1.id, "The contact now has an ID.");
|
||||
@ -201,7 +201,6 @@ var steps = [
|
||||
ok(true, "Adding contact with 2 photos");
|
||||
createResult1 = new mozContact();
|
||||
createResult1.init(properties2);
|
||||
dump("CreateResult1: " + JSON.stringify(createResult1));
|
||||
req = navigator.mozContacts.save(createResult1);
|
||||
req.onsuccess = function () {
|
||||
ok(createResult1.id, "The contact now has an ID.");
|
||||
@ -228,7 +227,6 @@ var steps = [
|
||||
ok(true, "Adding photo as String");
|
||||
createResult1 = new mozContact();
|
||||
createResult1.init({name: "asdf", photo: ["xyz"]});
|
||||
dump("CreateResult1: " + JSON.stringify(createResult1));
|
||||
req = navigator.mozContacts.save(createResult1);
|
||||
req.onsuccess = function () {
|
||||
ok(createResult1.id, "The contact now has an ID.");
|
||||
@ -242,7 +240,6 @@ var steps = [
|
||||
ok(true, "Adding photo as String");
|
||||
createResult1 = new mozContact();
|
||||
createResult1.init({name: "jkl", photo: "xyz"});
|
||||
dump("CreateResult1: " + JSON.stringify(createResult1));
|
||||
req = navigator.mozContacts.save(createResult1);
|
||||
req.onsuccess = function () {
|
||||
ok(createResult1.id, "The contact now has an ID.");
|
||||
@ -270,7 +267,6 @@ var steps = [
|
||||
ok(true, "Adding photo as Object");
|
||||
createResult1 = new mozContact();
|
||||
createResult1.init({photo: [{}]});
|
||||
dump("CreateResult1: " + JSON.stringify(createResult1));
|
||||
req = navigator.mozContacts.save(createResult1);
|
||||
req.onsuccess = function () {
|
||||
ok(createResult1.id, "The contact now has an ID.");
|
||||
|
@ -19,6 +19,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id=764667
|
||||
|
||||
/** Test for Bug 764667 **/
|
||||
|
||||
SpecialPowers.addPermission("contacts-read", true, document);
|
||||
|
||||
var e = new MozContactChangeEvent("contactchanged", {contactID: "123", reason: "create"});
|
||||
ok(e, "Should have contactsChange event!");
|
||||
is(e.contactID, "123", "ID should be 123.");
|
||||
|
@ -71,8 +71,9 @@ this.PermissionPromptHelper = {
|
||||
let uri = Services.io.newURI(msg.origin, null, null);
|
||||
principal =
|
||||
secMan.getAppCodebasePrincipal(uri, msg.appID, msg.browserFlag);
|
||||
let access = msg.access ? msg.type + "-" + msg.access : msg.type;
|
||||
let perm =
|
||||
permissionManager.testExactPermissionFromPrincipal(principal, msg.type);
|
||||
permissionManager.testExactPermissionFromPrincipal(principal, access);
|
||||
installedPerms.push(perm);
|
||||
}
|
||||
|
||||
|
@ -80,6 +80,11 @@ this.SettingsChangeNotifier = {
|
||||
let mm = aMessage.target;
|
||||
switch (aMessage.name) {
|
||||
case "Settings:Changed":
|
||||
if (!aMessage.target.assertPermission("settings-write")) {
|
||||
Cu.reportError("Settings message " + msg.name +
|
||||
" from a content process with no 'settings-write' privileges.");
|
||||
return null;
|
||||
}
|
||||
this.broadcastMessage("Settings:Change:Return:OK",
|
||||
{ key: msg.key, value: msg.value });
|
||||
Services.obs.notifyObservers(this, kMozSettingsChangedObserverTopic,
|
||||
|
@ -152,7 +152,7 @@ SettingsLock.prototype = {
|
||||
throw Components.results.NS_ERROR_ABORT;
|
||||
}
|
||||
|
||||
if (this._settingsManager.hasPrivileges) {
|
||||
if (this._settingsManager.hasReadPrivileges) {
|
||||
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
|
||||
this._requests.enqueue({ request: req, intent:"get", name: aName });
|
||||
this.createTransactionAndProcess();
|
||||
@ -169,7 +169,7 @@ SettingsLock.prototype = {
|
||||
throw Components.results.NS_ERROR_ABORT;
|
||||
}
|
||||
|
||||
if (this._settingsManager.hasPrivileges) {
|
||||
if (this._settingsManager.hasWritePrivileges) {
|
||||
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
|
||||
debug("send: " + JSON.stringify(aSettings));
|
||||
this._requests.enqueue({request: req, intent: "set", settings: aSettings});
|
||||
@ -187,7 +187,7 @@ SettingsLock.prototype = {
|
||||
throw Components.results.NS_ERROR_ABORT;
|
||||
}
|
||||
|
||||
if (this._settingsManager.hasPrivileges) {
|
||||
if (this._settingsManager.hasWritePrivileges) {
|
||||
let req = Services.DOMRequest.createRequest(this._settingsManager._window);
|
||||
this._requests.enqueue({ request: req, intent: "clear"});
|
||||
this.createTransactionAndProcess();
|
||||
@ -237,7 +237,7 @@ SettingsManager.prototype = {
|
||||
},
|
||||
|
||||
set onsettingchange(aCallback) {
|
||||
if (this.hasPrivileges) {
|
||||
if (this.hasReadPrivileges) {
|
||||
if (!this._onsettingchange) {
|
||||
cpmm.sendAsyncMessage("Settings:RegisterForMessages");
|
||||
}
|
||||
@ -334,9 +334,14 @@ SettingsManager.prototype = {
|
||||
let util = aWindow.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIDOMWindowUtils);
|
||||
this.innerWindowID = util.currentInnerWindowID;
|
||||
|
||||
let perm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings");
|
||||
this.hasPrivileges = perm == Ci.nsIPermissionManager.ALLOW_ACTION;
|
||||
debug("has privileges :" + this.hasPrivileges);
|
||||
let readPerm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings-read");
|
||||
let writePerm = Services.perms.testExactPermissionFromPrincipal(aWindow.document.nodePrincipal, "settings-write");
|
||||
this.hasReadPrivileges = readPerm == Ci.nsIPermissionManager.ALLOW_ACTION;
|
||||
this.hasWritePrivileges = writePerm == Ci.nsIPermissionManager.ALLOW_ACTION;
|
||||
|
||||
if (!this.hasReadPrivileges && !this.hasWritePrivileges) {
|
||||
Cu.reportError("NO SETTINGS PERMISSION FOR: " + aWindow.document.nodePrincipal.origin + "\n");
|
||||
}
|
||||
},
|
||||
|
||||
observe: function(aSubject, aTopic, aData) {
|
||||
|
@ -24,7 +24,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id={678695}
|
||||
var comp = SpecialPowers.wrap(SpecialPowers.Components);
|
||||
comp.utils.import("resource://gre/modules/SettingsChangeNotifier.jsm");
|
||||
SpecialPowers.setBoolPref("dom.mozSettings.enabled", true);
|
||||
SpecialPowers.addPermission("settings", true, document);
|
||||
SpecialPowers.addPermission("settings-read", true, document);
|
||||
SpecialPowers.addPermission("settings-write", true, document);
|
||||
|
||||
function onUnwantedSuccess() {
|
||||
ok(false, "onUnwantedSuccess: shouldn't get here");
|
||||
|
@ -24,7 +24,8 @@ https://bugzilla.mozilla.org/show_bug.cgi?id={678695}
|
||||
var comp = SpecialPowers.wrap(Components);
|
||||
comp.utils.import("resource://gre/modules/SettingsChangeNotifier.jsm");
|
||||
SpecialPowers.setBoolPref("dom.mozSettings.enabled", true);
|
||||
SpecialPowers.addPermission("settings", true, document);
|
||||
SpecialPowers.addPermission("settings-write", true, document);
|
||||
SpecialPowers.addPermission("settings-read", true, document);
|
||||
|
||||
var screenBright = {"screen.brightness": 0.7};
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user