Bug 1603969 - Part 2: Update existing 'storageAccessAPI' permissions with granted origin used in them; r=baku

This permission manager migration drops the granted origin part of the
permission type.

Differential Revision: https://phabricator.services.mozilla.com/D57494

--HG--
extra : moz-landing-system : lando
This commit is contained in:
Ehsan Akhgari 2019-12-19 02:56:54 +00:00
parent 1ca91dd7ab
commit 77edf2c060
5 changed files with 220 additions and 7 deletions

View File

@ -256,7 +256,7 @@ const startupPhases = {
// bug 975996
path: "ProfD:permissions.sqlite",
condition: WIN || MAC,
fsync: 7,
fsync: 8,
read: 2,
stat: 1,
write: 10,
@ -265,9 +265,9 @@ const startupPhases = {
// bug 975996
path: "ProfD:permissions.sqlite-journal",
condition: WIN || MAC,
fsync: 7,
stat: 26,
write: 38,
fsync: 8,
stat: 28,
write: 40,
},
{
// bug 975996

View File

@ -882,7 +882,7 @@ void nsPermissionManager::Startup() {
// nsPermissionManager Implementation
#define PERMISSIONS_FILE_NAME "permissions.sqlite"
#define HOSTS_SCHEMA_VERSION 10
#define HOSTS_SCHEMA_VERSION 11
// Default permissions are read from a URL - this is the preference we read
// to find that URL. If not set, don't use any default permissions.
@ -1539,6 +1539,25 @@ nsresult nsPermissionManager::InitDB(bool aRemoveFile) {
MOZ_FALLTHROUGH;
case 9: {
rv = mDBConn->SetSchemaVersion(10);
NS_ENSURE_SUCCESS(rv, rv);
}
// fall through to the next upgrade
MOZ_FALLTHROUGH;
case 10: {
// Filter out the rows with storage access API permissions with a
// granted origin, and remove the granted origin part from the
// permission type.
rv = mDBConn->ExecuteSimpleSQL(NS_LITERAL_CSTRING(
"UPDATE moz_perms "
"SET type=SUBSTR(type, 0, INSTR(SUBSTR(type, INSTR(type, '^') + "
"1), '^') + INSTR(type, '^')) "
"WHERE INSTR(SUBSTR(type, INSTR(type, '^') + 1), '^') AND "
"SUBSTR(type, 0, 18) == \"storageAccessAPI^\";"));
NS_ENSURE_SUCCESS(rv, rv);
rv = mDBConn->SetSchemaVersion(HOSTS_SCHEMA_VERSION);
NS_ENSURE_SUCCESS(rv, rv);
}

View File

@ -223,9 +223,9 @@ function run_test() {
// Initialize the permission manager service
var pm = Services.perms;
// The schema should be upgraded to 10, and a 'modificationTime' column should
// The schema should be upgraded to 11, and a 'modificationTime' column should
// exist with all records having a value of 0.
Assert.equal(connection.schemaVersion, 10);
Assert.equal(connection.schemaVersion, 11);
let select = connection.createStatement(
"SELECT modificationTime FROM moz_perms"

View File

@ -0,0 +1,193 @@
/* Any copyright is dedicated to the Public Domain.
http://creativecommons.org/publicdomain/zero/1.0/ */
ChromeUtils.defineModuleGetter(
this,
"PlacesTestUtils",
"resource://testing-common/PlacesTestUtils.jsm"
);
var PERMISSIONS_FILE_NAME = "permissions.sqlite";
function GetPermissionsFile(profile) {
let file = profile.clone();
file.append(PERMISSIONS_FILE_NAME);
return file;
}
add_task(async function test() {
/* Create and set up the permissions database */
let profile = do_get_profile();
Services.prefs.setCharPref("permissions.manager.defaultsUrl", "");
let db = Services.storage.openDatabase(GetPermissionsFile(profile));
db.schemaVersion = 10;
let stmt6Insert = db.createStatement(
"INSERT INTO moz_perms (" +
"id, origin, type, permission, expireType, expireTime, modificationTime" +
") VALUES (" +
":id, :origin, :type, :permission, :expireType, :expireTime, :modificationTime" +
")"
);
let id = 0;
function insertOrigin(
origin,
type,
permission,
expireType,
expireTime,
modificationTime
) {
let thisId = id++;
stmt6Insert.bindByName("id", thisId);
stmt6Insert.bindByName("origin", origin);
stmt6Insert.bindByName("type", type);
stmt6Insert.bindByName("permission", permission);
stmt6Insert.bindByName("expireType", expireType);
stmt6Insert.bindByName("expireTime", expireTime);
stmt6Insert.bindByName("modificationTime", modificationTime);
try {
stmt6Insert.execute();
} finally {
stmt6Insert.reset();
}
return {
id: thisId,
origin,
type,
permission,
expireType,
expireTime,
modificationTime,
};
}
insertOrigin(
"https://foo.com",
"storageAccessAPI^https://foo.com",
2,
0,
0,
0
);
insertOrigin(
"http://foo.com",
"storageAccessAPI^https://bar.com^https://foo.com",
2,
0,
0,
0
);
insertOrigin(
"http://foo.com",
"storageAccessAPI^https://bar.com^https://baz.com",
2,
0,
0,
0
);
insertOrigin("http://foo.com^inBrowser=1", "A", 2, 0, 0, 0);
// CLose the db connection
stmt6Insert.finalize();
db.close();
db = null;
let expected = [
["https://foo.com", "storageAccessAPI^https://foo.com", 2, 0, 0, 0],
["http://foo.com", "storageAccessAPI^https://bar.com", 2, 0, 0, 0],
["http://foo.com", "storageAccessAPI^https://bar.com", 2, 0, 0, 0],
["http://foo.com^inBrowser=1", "A", 2, 0, 0, 0],
];
let found = expected.map(it => 0);
// Add some places to the places database
await PlacesTestUtils.addVisits(
Services.io.newURI("https://foo.com/some/other/subdirectory")
);
await PlacesTestUtils.addVisits(
Services.io.newURI("ftp://some.subdomain.of.foo.com:8000/some/subdirectory")
);
await PlacesTestUtils.addVisits(Services.io.newURI("ftp://127.0.0.1:8080"));
await PlacesTestUtils.addVisits(Services.io.newURI("https://localhost:8080"));
// This will force the permission-manager to reload the data.
Services.obs.notifyObservers(null, "testonly-reload-permissions-from-disk");
// Force initialization of the nsPermissionManager
for (let permission of Services.perms.all) {
let isExpected = false;
expected.forEach((it, i) => {
if (
permission.principal.origin == it[0] &&
permission.type == it[1] &&
permission.capability == it[2] &&
permission.expireType == it[3] &&
permission.expireTime == it[4]
) {
isExpected = true;
found[i]++;
}
});
Assert.ok(
isExpected,
"Permission " +
(isExpected ? "should" : "shouldn't") +
" be in permission database: " +
permission.principal.origin +
", " +
permission.type +
", " +
permission.capability +
", " +
permission.expireType +
", " +
permission.expireTime
);
}
found.forEach((count, i) => {
Assert.ok(
count == 1,
"Expected count = 1, got count = " +
count +
" for permission " +
expected[i]
);
});
// Check to make sure that all of the tables which we care about are present
{
db = Services.storage.openDatabase(GetPermissionsFile(profile));
Assert.ok(db.tableExists("moz_perms"));
Assert.ok(db.tableExists("moz_hosts"));
Assert.ok(!db.tableExists("moz_perms_v6"));
let mozHostsCount = db.createStatement("SELECT count(*) FROM moz_hosts");
try {
mozHostsCount.executeStep();
Assert.equal(mozHostsCount.getInt64(0), 0);
} finally {
mozHostsCount.finalize();
}
let mozPermsCount = db.createStatement("SELECT count(*) FROM moz_perms");
try {
mozPermsCount.executeStep();
Assert.equal(mozPermsCount.getInt64(0), expected.length);
} finally {
mozPermsCount.finalize();
}
db.close();
}
});

View File

@ -30,4 +30,5 @@ skip-if = debug == true
[test_permmanager_migrate_4-7_no_history.js]
[test_permmanager_migrate_7-8.js]
[test_permmanager_migrate_9-10.js]
[test_permmanager_migrate_10-11.js]
[test_permmanager_oa_strip.js]