mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 19:04:45 +00:00
Bug 814226 - Permission checks for "webapps-manage" could probably be friendlier r=sicking
This commit is contained in:
parent
d94d7309be
commit
72faee30f7
@ -184,6 +184,10 @@ WebappsRegistry.prototype = {
|
||||
},
|
||||
|
||||
get mgmt() {
|
||||
if (!this.hasMgmtPrivilege) {
|
||||
return null;
|
||||
}
|
||||
|
||||
if (!this._mgmt)
|
||||
this._mgmt = new WebappsApplicationMgmt(this._window);
|
||||
return this._mgmt;
|
||||
@ -241,10 +245,19 @@ WebappsRegistry.prototype = {
|
||||
"Webapps:GetSelf:Return:OK",
|
||||
"Webapps:CheckInstalled:Return:OK" ]);
|
||||
|
||||
let util = this._window.QueryInterface(Ci.nsIInterfaceRequestor).getInterface(Ci.nsIDOMWindowUtils);
|
||||
let util = this._window.QueryInterface(Ci.nsIInterfaceRequestor)
|
||||
.getInterface(Ci.nsIDOMWindowUtils);
|
||||
this._id = util.outerWindowID;
|
||||
cpmm.sendAsyncMessage("Webapps:RegisterForMessages",
|
||||
["Webapps:Install:Return:OK"]);
|
||||
|
||||
let principal = aWindow.document.nodePrincipal;
|
||||
let perm = Services.perms
|
||||
.testExactPermissionFromPrincipal(principal, "webapps-manage");
|
||||
|
||||
// Only pages with the webapps-manage permission set can get access to
|
||||
// the mgmt object.
|
||||
this.hasMgmtPrivilege = perm == Ci.nsIPermissionManager.ALLOW_ACTION;
|
||||
},
|
||||
|
||||
classID: Components.ID("{fff440b3-fae2-45c1-bf03-3b5a2e432270}"),
|
||||
@ -590,16 +603,6 @@ WebappsApplication.prototype = {
|
||||
* mozIDOMApplicationMgmt object
|
||||
*/
|
||||
function WebappsApplicationMgmt(aWindow) {
|
||||
let principal = aWindow.document.nodePrincipal;
|
||||
let secMan = Cc["@mozilla.org/scriptsecuritymanager;1"].getService(Ci.nsIScriptSecurityManager);
|
||||
|
||||
let perm = principal == secMan.getSystemPrincipal()
|
||||
? Ci.nsIPermissionManager.ALLOW_ACTION
|
||||
: Services.perms.testExactPermissionFromPrincipal(principal, "webapps-manage");
|
||||
|
||||
//only pages with perm set can use some functions
|
||||
this.hasPrivileges = perm == Ci.nsIPermissionManager.ALLOW_ACTION;
|
||||
|
||||
this.initHelper(aWindow, ["Webapps:GetAll:Return:OK",
|
||||
"Webapps:GetAll:Return:KO",
|
||||
"Webapps:Uninstall:Return:OK",
|
||||
@ -656,8 +659,7 @@ WebappsApplicationMgmt.prototype = {
|
||||
getAll: function() {
|
||||
let request = this.createRequest();
|
||||
cpmm.sendAsyncMessage("Webapps:GetAll", { oid: this._id,
|
||||
requestID: this.getRequestId(request),
|
||||
hasPrivileges: this.hasPrivileges });
|
||||
requestID: this.getRequestId(request) });
|
||||
return request;
|
||||
},
|
||||
|
||||
@ -677,17 +679,11 @@ WebappsApplicationMgmt.prototype = {
|
||||
},
|
||||
|
||||
set oninstall(aCallback) {
|
||||
if (this.hasPrivileges)
|
||||
this._oninstall = aCallback;
|
||||
else
|
||||
throw new Components.Exception("Denied", Cr.NS_ERROR_FAILURE);
|
||||
this._oninstall = aCallback;
|
||||
},
|
||||
|
||||
set onuninstall(aCallback) {
|
||||
if (this.hasPrivileges)
|
||||
this._onuninstall = aCallback;
|
||||
else
|
||||
throw new Components.Exception("Denied", Cr.NS_ERROR_FAILURE);
|
||||
this._onuninstall = aCallback;
|
||||
},
|
||||
|
||||
receiveMessage: function(aMessage) {
|
||||
|
@ -787,10 +787,7 @@ this.DOMApplicationRegistry = {
|
||||
this.getNotInstalled(msg, mm);
|
||||
break;
|
||||
case "Webapps:GetAll":
|
||||
if (msg.hasPrivileges)
|
||||
this.getAll(msg, mm);
|
||||
else
|
||||
mm.sendAsyncMessage("Webapps:GetAll:Return:KO", msg);
|
||||
this.getAll(msg, mm);
|
||||
break;
|
||||
case "Webapps:InstallPackage":
|
||||
this.doInstallPackage(msg, mm);
|
||||
|
Loading…
Reference in New Issue
Block a user