Bug 1596843 - Part 4: Remove some native only methods from nsIPermissionManager; r=baku

Differential Revision: https://phabricator.services.mozilla.com/D53240

--HG--
extra : moz-landing-system : lando

dom/ipc/ContentChild.cpp

@@ -3560,9 +3560,11 @@ nsresult ContentChild::AsyncOpenAnonymousTemporaryFile(
 
 mozilla::ipc::IPCResult ContentChild::RecvSetPermissionsWithKey(
     const nsCString& aPermissionKey, nsTArray<IPC::Permission>&& aPerms) {
-  nsCOMPtr<nsIPermissionManager> permissionManager =
+  RefPtr<nsPermissionManager> permManager = nsPermissionManager::GetInstance();
-      services::GetPermissionManager();
+  if (permManager) {
-  permissionManager->SetPermissionsWithKey(aPermissionKey, aPerms);
+    permManager->SetPermissionsWithKey(aPermissionKey, aPerms);
+  }
+
   return IPC_OK();
 }
 

dom/ipc/ContentParent.cpp

@@ -5500,7 +5500,10 @@ void ContentParent::EnsurePermissionsByKey(const nsCString& aKey) {
   // by this call to GetPermissionManager, and we've added the key to
   // mActivePermissionKeys, then the permission manager will send down a
   // SendAddPermission before receiving the SendSetPermissionsWithKey message.
-  nsCOMPtr<nsIPermissionManager> permManager = services::GetPermissionManager();
+  RefPtr<nsPermissionManager> permManager = nsPermissionManager::GetInstance();
+  if (!permManager) {
+    return;
+  }
 
   if (mActivePermissionKeys.Contains(aKey)) {
     return;
@@ -5508,12 +5511,9 @@ void ContentParent::EnsurePermissionsByKey(const nsCString& aKey) {
   mActivePermissionKeys.PutEntry(aKey);
 
   nsTArray<IPC::Permission> perms;
-  nsresult rv = permManager->GetPermissionsWithKey(aKey, perms);
+  if (permManager->GetPermissionsWithKey(aKey, perms)) {
-  if (NS_WARN_IF(NS_FAILED(rv))) {
+    Unused << SendSetPermissionsWithKey(aKey, perms);
-    return;
   }
-
-  Unused << SendSetPermissionsWithKey(aKey, perms);
 }
 
 bool ContentParent::NeedsPermissionsUpdate(

dom/serviceworkers/ServiceWorkerManager.cpp

@@ -63,6 +63,7 @@
 
 #include "nsContentUtils.h"
 #include "nsNetUtil.h"
+#include "nsPermissionManager.h"
 #include "nsProxyRelease.h"
 #include "nsQueryObject.h"
 #include "nsTArray.h"
@@ -2131,7 +2132,7 @@ void ServiceWorkerManager::DispatchFetchEvent(nsIInterceptedChannel* aChannel,
 
   MOZ_DIAGNOSTIC_ASSERT(serviceWorker);
 
-  nsCOMPtr<nsIRunnable> continueRunnable =
+  RefPtr<ContinueDispatchFetchEventRunnable> continueRunnable =
       new ContinueDispatchFetchEventRunnable(serviceWorker->WorkerPrivate(),
                                              aChannel, loadGroup,
                                              loadInfo->GetIsDocshellReload());
@@ -2141,10 +2142,14 @@ void ServiceWorkerManager::DispatchFetchEvent(nsIInterceptedChannel* aChannel,
   // wait for them if they have not.
   nsCOMPtr<nsIRunnable> permissionsRunnable = NS_NewRunnableFunction(
       "dom::ServiceWorkerManager::DispatchFetchEvent", [=]() {
-        nsCOMPtr<nsIPermissionManager> permMgr =
+        RefPtr<nsPermissionManager> permMgr =
-            services::GetPermissionManager();
+            nsPermissionManager::GetInstance();
-        MOZ_ALWAYS_SUCCEEDS(permMgr->WhenPermissionsAvailable(
+        if (permMgr) {
-            serviceWorker->Principal(), continueRunnable));
+          permMgr->WhenPermissionsAvailable(serviceWorker->Principal(),
+                                            continueRunnable);
+        } else {
+          continueRunnable->HandleError();
+        }
       });
 
   nsCOMPtr<nsIUploadChannel2> uploadChannel =

dom/workers/remoteworkers/RemoteWorkerChild.cpp

@@ -14,8 +14,8 @@
 #include "nsIConsoleReportCollector.h"
 #include "nsIInterfaceRequestor.h"
 #include "nsIPrincipal.h"
-#include "nsIPermissionManager.h"
 #include "nsNetUtil.h"
+#include "nsPermissionManager.h"
 #include "nsProxyRelease.h"
 #include "nsThreadUtils.h"
 #include "nsXULAppAPI.h"
@@ -474,10 +474,12 @@ nsresult RemoteWorkerChild::ExecWorkerOnMainThread(RemoteWorkerData&& aData) {
           }
         });
 
-    nsCOMPtr<nsIPermissionManager> permissionManager =
+    RefPtr<nsPermissionManager> permissionManager =
-        services::GetPermissionManager();
+        nsPermissionManager::GetInstance();
-    MOZ_ALWAYS_SUCCEEDS(
+    if (!permissionManager) {
-        permissionManager->WhenPermissionsAvailable(principal, r));
+      return NS_ERROR_FAILURE;
+    }
+    permissionManager->WhenPermissionsAvailable(principal, r);
   } else {
     if (NS_WARN_IF(!runnable->Dispatch())) {
       rv = NS_ERROR_FAILURE;

dom/workers/remoteworkers/moz.build

@@ -29,6 +29,7 @@ UNIFIED_SOURCES += [
 
 LOCAL_INCLUDES += [
     '/dom/serviceworkers',
+    '/extensions/permissions',
     '/xpcom/build',
 ]
 

extensions/permissions/nsContentBlocker.cpp

@@ -293,7 +293,7 @@ nsresult nsContentBlocker::TestPermission(nsIURI* aCurrentURI,
   // bother actually checking with the permission manager unless we have a
   // preload permission.
   uint32_t permission = nsIPermissionManager::UNKNOWN_ACTION;
-  if (mPermissionManager->GetHasPreloadPermissions()) {
+  if (mPermissionManager->HasPreloadPermissions()) {
     rv = mPermissionManager->LegacyTestPermissionFromURI(
         aCurrentURI, nullptr, kTypeString[aContentType - 1], &permission);
     NS_ENSURE_SUCCESS(rv, rv);

extensions/permissions/nsPermissionManager.cpp

@@ -2997,12 +2997,11 @@ void nsPermissionManager::UpdateDB(
   MOZ_ASSERT(NS_SUCCEEDED(rv));
 }
 
-NS_IMETHODIMP
+bool nsPermissionManager::GetPermissionsWithKey(
-nsPermissionManager::GetPermissionsWithKey(const nsACString& aPermissionKey,
+    const nsACString& aPermissionKey, nsTArray<IPC::Permission>& aPerms) {
-                                           nsTArray<IPC::Permission>& aPerms) {
   aPerms.Clear();
   if (NS_WARN_IF(XRE_IsContentProcess())) {
-    return NS_ERROR_NOT_AVAILABLE;
+    return false;
   }
 
   for (auto iter = mPermissionTable.Iter(); !iter.Done(); iter.Next()) {
@@ -3037,14 +3036,13 @@ nsPermissionManager::GetPermissionsWithKey(const nsACString& aPermissionKey,
     }
   }
 
-  return NS_OK;
+  return true;
 }
 
-NS_IMETHODIMP
+void nsPermissionManager::SetPermissionsWithKey(
-nsPermissionManager::SetPermissionsWithKey(const nsACString& aPermissionKey,
+    const nsACString& aPermissionKey, nsTArray<IPC::Permission>& aPerms) {
-                                           nsTArray<IPC::Permission>& aPerms) {
+  if (NS_WARN_IF(XRE_IsContentProcess())) {
-  if (NS_WARN_IF(XRE_IsParentProcess())) {
+    return;
-    return NS_ERROR_NOT_AVAILABLE;
   }
 
   RefPtr<GenericNonExclusivePromise::Private> promise;
@@ -3059,7 +3057,7 @@ nsPermissionManager::SetPermissionsWithKey(const nsACString& aPermissionKey,
   } else if (foundKey) {
     // NOTE: We shouldn't be sent two InitializePermissionsWithKey for the same
     // key, but it's possible.
-    return NS_OK;
+    return;
   }
   mPermissionKeyPromiseMap.Put(aPermissionKey, nullptr);
 
@@ -3087,7 +3085,6 @@ nsPermissionManager::SetPermissionsWithKey(const nsACString& aPermissionKey,
                 perm.expireTime, modificationTime, eNotify, eNoDBOperation,
                 true /* ignoreSessionPermissions */);
   }
-  return NS_OK;
 }
 
 /* static */
@@ -3217,14 +3214,13 @@ bool nsPermissionManager::PermissionAvailable(nsIPrincipal* aPrincipal,
   return true;
 }
 
-NS_IMETHODIMP
+void nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
-nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
+                                                   nsIRunnable* aRunnable) {
-                                              nsIRunnable* aRunnable) {
   MOZ_ASSERT(aRunnable);
 
   if (!XRE_IsContentProcess()) {
     aRunnable->Run();
-    return NS_OK;
+    return;
   }
 
   nsTArray<RefPtr<GenericNonExclusivePromise>> promises;
@@ -3250,7 +3246,7 @@ nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
   // sensitive.
   if (promises.IsEmpty()) {
     aRunnable->Run();
-    return NS_OK;
+    return;
   }
 
   auto* thread = SystemGroup::AbstractMainThreadFor(TaskCategory::Other);
@@ -3264,11 +3260,8 @@ nsPermissionManager::WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
                 "nsPermissionManager permission promise rejected. We're "
                 "probably shutting down.");
           });
-  return NS_OK;
 }
 
-NS_IMETHODIMP
+bool nsPermissionManager::HasPreloadPermissions() {
-nsPermissionManager::GetHasPreloadPermissions(bool* aResult) {
+  return sPreloadPermissionCount > 0;
-  *aResult = sPreloadPermissionCount > 0;
-  return NS_OK;
 }

extensions/permissions/nsPermissionManager.h

@@ -29,6 +29,10 @@
 #include "mozilla/Variant.h"
 #include "mozilla/Vector.h"
 
+namespace IPC {
+struct Permission;
+}
+
 namespace mozilla {
 class OriginAttributesPattern;
 }
@@ -290,6 +294,68 @@ class nsPermissionManager final : public nsIPermissionManager,
    */
   bool PermissionAvailable(nsIPrincipal* aPrincipal, const nsACString& aType);
 
+  /**
+   * The content process doesn't have access to every permission. Instead, when
+   * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
+   * opened, the permissions for those channels are sent down to the content
+   * process before the OnStartRequest message. Permissions for principals with
+   * other schemes are sent down at process startup.
+   *
+   * Permissions are keyed and grouped by "Permission Key"s.
+   * `nsPermissionManager::GetKeyForPrincipal` provides the mechanism for
+   * determining the permission key for a given principal.
+   *
+   * This method may only be called in the parent process. It fills the nsTArray
+   * argument with the IPC::Permission objects which have a matching permission
+   * key.
+   *
+   * @param permissionKey  The key to use to find the permissions of interest.
+   * @param perms  An array which will be filled with the permissions which
+   *               match the given permission key.
+   */
+  bool GetPermissionsWithKey(const nsACString& aPermissionKey,
+                             nsTArray<IPC::Permission>& aPerms);
+
+  /**
+   * See `nsPermissionManager::GetPermissionsWithKey` for more info on
+   * Permission keys.
+   *
+   * `SetPermissionsWithKey` may only be called in the Child process, and
+   * initializes the permission manager with the permissions for a given
+   * Permission key. marking permissions with that key as available.
+   *
+   * @param permissionKey  The key for the permissions which have been sent
+   * over.
+   * @param perms  An array with the permissions which match the given key.
+   */
+  void SetPermissionsWithKey(const nsACString& aPermissionKey,
+                             nsTArray<IPC::Permission>& aPerms);
+
+  /**
+   * Add a callback which should be run when all permissions are available for
+   * the given nsIPrincipal. This method invokes the callback runnable
+   * synchronously when the permissions are already available. Otherwise the
+   * callback will be run asynchronously in SystemGroup when all permissions
+   * are available in the future.
+   *
+   * NOTE: This method will not request the permissions be sent by the parent
+   * process. This should only be used to wait for permissions which may not
+   * have arrived yet in order to ensure they are present.
+   *
+   * @param aPrincipal The principal to wait for permissions to be available
+   * for.
+   * @param aRunnable  The runnable to run when permissions are available for
+   * the given principal.
+   */
+  void WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
+                                nsIRunnable* aRunnable);
+
+  /**
+   * True if any "preload" permissions are present. This is used to avoid making
+   * potentially expensive permissions checks in nsContentBlocker.
+   */
+  bool HasPreloadPermissions();
+
  private:
   virtual ~nsPermissionManager();
 

netwerk/base/nsIPermissionManager.idl

@@ -30,18 +30,8 @@
 
 #include "nsISupports.idl"
 
-interface nsIObserver;
 interface nsIPrincipal;
 interface nsIPermission;
-interface nsIRunnable;
-
-%{ C++
-namespace IPC {
-struct Permission;
-}
-#include "nsTArrayForwardDeclare.h"
-%}
-[ref] native IPCPermissionArrayRef(nsTArray<IPC::Permission>);
 
 [scriptable, builtinclass, uuid(4dcb3851-eba2-4e42-b236-82d2596fca22)]
 interface nsIPermissionManager : nsISupports
@@ -198,40 +188,6 @@ interface nsIPermissionManager : nsISupports
    */
   readonly attribute Array<nsIPermission> all;
 
-  /**
-   * The content process doesn't have access to every permission. Instead, when
-   * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
-   * opened, the permissions for those channels are sent down to the content
-   * process before the OnStartRequest message. Permissions for principals with
-   * other schemes are sent down at process startup.
-   *
-   * Permissions are keyed and grouped by "Permission Key"s.
-   * `nsPermissionManager::GetKeyForPrincipal` provides the mechanism for
-   * determining the permission key for a given principal.
-   *
-   * This method may only be called in the parent process. It fills the nsTArray
-   * argument with the IPC::Permission objects which have a matching permission
-   * key.
-   *
-   * @param permissionKey  The key to use to find the permissions of interest.
-   * @param perms  An array which will be filled with the permissions which
-   *               match the given permission key.
-   */
-  void getPermissionsWithKey(in ACString permissionKey, out IPCPermissionArrayRef perms);
-
-  /**
-   * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
-   * Permission keys.
-   *
-   * `SetPermissionsWithKey` may only be called in the Child process, and
-   * initializes the permission manager with the permissions for a given
-   * Permission key. marking permissions with that key as available.
-   *
-   * @param permissionKey  The key for the permissions which have been sent over.
-   * @param perms  An array with the permissions which match the given key.
-   */
-  void setPermissionsWithKey(in ACString permissionKey, in IPCPermissionArrayRef perms);
-
   /**
    * Broadcasts permissions for the given principal to all content processes.
    *
@@ -242,30 +198,6 @@ interface nsIPermissionManager : nsISupports
    * @param aPrincipal The principal to broadcast permissions for.
    */
   void broadcastPermissionsForPrincipalToAllContentProcesses(in nsIPrincipal aPrincipal);
-
-  /**
-   * Add a callback which should be run when all permissions are available for
-   * the given nsIPrincipal. This method invokes the callback runnable
-   * synchronously when the permissions are already available. Otherwise the
-   * callback will be run asynchronously in SystemGroup when all permissions
-   * are available in the future.
-   *
-   * NOTE: This method will not request the permissions be sent by the parent
-   * process. This should only be used to wait for permissions which may not
-   * have arrived yet in order to ensure they are present.
-   *
-   * @param aPrincipal The principal to wait for permissions to be available for.
-   * @param aRunnable  The runnable to run when permissions are available for the
-   *                   given principal.
-   */
-  void whenPermissionsAvailable(in nsIPrincipal aPrincipal,
-                                in nsIRunnable aRunnable);
-
-  /**
-   * True if any "preload" permissions are present. This is used to avoid making
-   * potentially expensive permissions checks in nsContentBlocker.
-   */
-  [infallible] readonly attribute boolean hasPreloadPermissions;
 };
 
 %{ C++