mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-12-28 11:28:38 +00:00
331 lines
11 KiB
JavaScript
331 lines
11 KiB
JavaScript
/* This Source Code Form is subject to the terms of the Mozilla Public
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
|
|
* You can obtain one at http://mozilla.org/MPL/2.0/. */
|
|
|
|
"use strict";
|
|
|
|
const Ci = Components.interfaces;
|
|
const Cu = Components.utils;
|
|
|
|
Cu.import("resource://gre/modules/XPCOMUtils.jsm");
|
|
Cu.import("resource://gre/modules/Services.jsm");
|
|
Cu.import("resource://gre/modules/AppsUtils.jsm");
|
|
Cu.import("resource://gre/modules/PermissionsInstaller.jsm");
|
|
Cu.import("resource://gre/modules/PermissionsTable.jsm");
|
|
Cu.import("resource://gre/modules/PermissionSettings.jsm");
|
|
|
|
this.EXPORTED_SYMBOLS = ["SystemMessagePermissionsChecker",
|
|
"SystemMessagePermissionsTable",
|
|
"SystemMessagePrefixPermissionsTable"];
|
|
|
|
function debug(aStr) {
|
|
// dump("SystemMessagePermissionsChecker.jsm: " + aStr + "\n");
|
|
}
|
|
|
|
// This table maps system message to permission(s), indicating only
|
|
// the system messages granted by the page's permissions are allowed
|
|
// to be registered or sent to that page. Note the empty permission
|
|
// set means this type of system message is always permitted.
|
|
|
|
this.SystemMessagePermissionsTable = {
|
|
"activity": { },
|
|
"alarm": {
|
|
"alarms": []
|
|
},
|
|
"bluetooth-dialer-command": {
|
|
"telephony": []
|
|
},
|
|
"bluetooth-cancel": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-hid-status-changed": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-pairing-request": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-opp-transfer-complete": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-opp-update-progress": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-opp-receiving-file-confirmation": {
|
|
"bluetooth": []
|
|
},
|
|
"bluetooth-opp-transfer-start": {
|
|
"bluetooth": []
|
|
},
|
|
"cellbroadcast-received": {
|
|
"cellbroadcast": []
|
|
},
|
|
"connection": { },
|
|
"captive-portal": {
|
|
"wifi-manage": []
|
|
},
|
|
"dummy-system-message": { }, // for system message testing framework
|
|
"headset-button": { },
|
|
"icc-stkcommand": {
|
|
"settings": ["read", "write"]
|
|
},
|
|
"media-button": { },
|
|
"networkstats-alarm": {
|
|
"networkstats-manage": []
|
|
},
|
|
"notification": {
|
|
"desktop-notification": []
|
|
},
|
|
"push": {
|
|
"push": []
|
|
},
|
|
"push-register": {
|
|
"push": []
|
|
},
|
|
"sms-delivery-success": {
|
|
"sms": []
|
|
},
|
|
"sms-read-success": {
|
|
"sms": []
|
|
},
|
|
"sms-received": {
|
|
"sms": []
|
|
},
|
|
"sms-sent": {
|
|
"sms": []
|
|
},
|
|
"telephony-new-call": {
|
|
"telephony": []
|
|
},
|
|
"telephony-call-ended": {
|
|
"telephony": []
|
|
},
|
|
"ussd-received": {
|
|
"mobileconnection": []
|
|
},
|
|
"wappush-received": {
|
|
"wappush": []
|
|
},
|
|
"cdma-info-rec-received": {
|
|
"mobileconnection": []
|
|
},
|
|
"nfc-hci-event-transaction": {
|
|
"nfc-hci-events": []
|
|
},
|
|
"nfc-manager-tech-discovered": {
|
|
"nfc-manager": []
|
|
},
|
|
"nfc-manager-tech-lost": {
|
|
"nfc-manager": []
|
|
},
|
|
"nfc-manager-send-file": {
|
|
"nfc-manager": []
|
|
},
|
|
"nfc-powerlevel-change": {
|
|
"settings": ["read", "write"]
|
|
},
|
|
"wifip2p-pairing-request": { },
|
|
"first-run-with-sim": {
|
|
"settings": ["read", "write"]
|
|
}
|
|
};
|
|
|
|
// This table maps system message prefix to permission(s), indicating only
|
|
// the system messages with specified prefixes granted by the page's permissions
|
|
// are allowed to be registered or sent to that page. Note the empty permission
|
|
// set means this type of system message is always permitted.
|
|
//
|
|
// Note that this table is only used when the permission checker can't find a
|
|
// match in SystemMessagePermissionsTable listed above.
|
|
|
|
this.SystemMessagePrefixPermissionsTable = {
|
|
"datastore-update-": { },
|
|
};
|
|
|
|
this.SystemMessagePermissionsChecker = {
|
|
/**
|
|
* Return all the needed permission names for the given system message.
|
|
* @param string aSysMsgName
|
|
* The system messsage name.
|
|
* @returns object
|
|
* Format: { permName (string): permNamesWithAccess (string array), ... }
|
|
* Ex, { "settings": ["settings-read", "settings-write"], ... }.
|
|
* Note: an empty object will be returned if it's always permitted.
|
|
* @returns null
|
|
* Return and report error when any unexpected error is ecountered.
|
|
* Ex, when the system message we want to search is not included.
|
|
**/
|
|
getSystemMessagePermissions: function getSystemMessagePermissions(aSysMsgName) {
|
|
debug("getSystemMessagePermissions(): aSysMsgName: " + aSysMsgName);
|
|
|
|
let permNames = SystemMessagePermissionsTable[aSysMsgName];
|
|
if (permNames === undefined) {
|
|
// Try to look up in the prefix table.
|
|
for (let sysMsgPrefix in SystemMessagePrefixPermissionsTable) {
|
|
if (aSysMsgName.indexOf(sysMsgPrefix) === 0) {
|
|
permNames = SystemMessagePrefixPermissionsTable[sysMsgPrefix];
|
|
break;
|
|
}
|
|
}
|
|
|
|
if (permNames === undefined) {
|
|
debug("'" + aSysMsgName + "' is not associated with permissions. " +
|
|
"Please add them to the SystemMessage[Prefix]PermissionsTable.");
|
|
return null;
|
|
}
|
|
}
|
|
|
|
let object = { };
|
|
for (let permName in permNames) {
|
|
if (PermissionsTable[permName] === undefined) {
|
|
debug("'" + permName + "' for '" + aSysMsgName + "' is invalid. " +
|
|
"Please correct it in the SystemMessage[Prefix]PermissionsTable.");
|
|
return null;
|
|
}
|
|
|
|
// Construct a new permission name array by adding the access suffixes.
|
|
let access = permNames[permName];
|
|
if (!access || !Array.isArray(access)) {
|
|
debug("'" + permName + "' is not associated with access array. " +
|
|
"Please correct it in the SystemMessage[Prefix]PermissionsTable.");
|
|
return null;
|
|
}
|
|
object[permName] = appendAccessToPermName(permName, access);
|
|
}
|
|
return object
|
|
},
|
|
|
|
/**
|
|
* Check if the system message is permitted to be registered for the given
|
|
* app at start-up based on the permissions claimed in the app's manifest.
|
|
* @param string aSysMsgName
|
|
* The system messsage name.
|
|
* @param string aManifestURL
|
|
* The app's manifest URL.
|
|
* @param object aManifest
|
|
* The app's manifest.
|
|
* @returns bool
|
|
* Is permitted or not.
|
|
**/
|
|
isSystemMessagePermittedToRegister:
|
|
function isSystemMessagePermittedToRegister(aSysMsgName,
|
|
aManifestURL,
|
|
aManifest) {
|
|
debug("isSystemMessagePermittedToRegister(): " +
|
|
"aSysMsgName: " + aSysMsgName + ", " +
|
|
"aManifestURL: " + aManifestURL + ", " +
|
|
"aManifest: " + JSON.stringify(aManifest));
|
|
|
|
let permNames = this.getSystemMessagePermissions(aSysMsgName);
|
|
if (permNames === null) {
|
|
return false;
|
|
}
|
|
|
|
// Check to see if the 'webapp' is app/privileged/certified.
|
|
let appStatus;
|
|
switch (AppsUtils.getAppManifestStatus(aManifest)) {
|
|
case Ci.nsIPrincipal.APP_STATUS_CERTIFIED:
|
|
appStatus = "certified";
|
|
break;
|
|
case Ci.nsIPrincipal.APP_STATUS_PRIVILEGED:
|
|
appStatus = "privileged";
|
|
break;
|
|
case Ci.nsIPrincipal.APP_STATUS_INSTALLED:
|
|
appStatus = "app";
|
|
if (aManifest.type == "trusted") {
|
|
appStatus = "trusted";
|
|
}
|
|
break;
|
|
default:
|
|
throw new Error("SystemMessagePermissionsChecker.jsm: " +
|
|
"Cannot decide the app's status. Install cancelled.");
|
|
break;
|
|
}
|
|
|
|
// It's ok here to not pass the origin to ManifestHelper since we only
|
|
// need the permission property and that doesn't depend on uri resolution.
|
|
let newManifest = new ManifestHelper(aManifest, aManifestURL, aManifestURL);
|
|
|
|
for (let permName in permNames) {
|
|
// The app doesn't claim valid permissions for this sytem message.
|
|
if (!newManifest.permissions || !newManifest.permissions[permName]) {
|
|
debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
|
|
"Please add the permission for app: '" + aManifestURL + "'.");
|
|
return false;
|
|
}
|
|
let permValue = PermissionsTable[permName][appStatus];
|
|
if (permValue != Ci.nsIPermissionManager.PROMPT_ACTION &&
|
|
permValue != Ci.nsIPermissionManager.ALLOW_ACTION) {
|
|
debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
|
|
"Please add the permission for app: '" + aManifestURL + "'.");
|
|
return false;
|
|
}
|
|
|
|
// Compare the expanded permission names between the ones in
|
|
// app's manifest and the ones needed for system message.
|
|
let expandedPermNames =
|
|
expandPermissions(permName,
|
|
newManifest.permissions[permName].access);
|
|
|
|
let permNamesWithAccess = permNames[permName];
|
|
|
|
// Early return false as soon as any permission is not matched.
|
|
for (let idx in permNamesWithAccess) {
|
|
let index = expandedPermNames.indexOf(permNamesWithAccess[idx]);
|
|
if (index == -1) {
|
|
debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
|
|
"Please add the permission for app: '" + aOrigin + "'.");
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
// All the permissions needed for this system message are matched.
|
|
return true;
|
|
},
|
|
|
|
/**
|
|
* Check if the system message is permitted to be sent to the given
|
|
* app's page at run-time based on the current app's permissions.
|
|
* @param string aSysMsgName
|
|
* The system messsage name.
|
|
* @param string aPageURL
|
|
* The app's page URL.
|
|
* @param string aManifestURL
|
|
* The app's manifest URL.
|
|
* @returns bool
|
|
* Is permitted or not.
|
|
**/
|
|
isSystemMessagePermittedToSend:
|
|
function isSystemMessagePermittedToSend(aSysMsgName, aPageURL, aManifestURL) {
|
|
debug("isSystemMessagePermittedToSend(): " +
|
|
"aSysMsgName: " + aSysMsgName + ", " +
|
|
"aPageURL: " + aPageURL + ", " +
|
|
"aManifestURL: " + aManifestURL);
|
|
|
|
let permNames = this.getSystemMessagePermissions(aSysMsgName);
|
|
if (permNames === null) {
|
|
return false;
|
|
}
|
|
|
|
let pageURI = Services.io.newURI(aPageURL, null, null);
|
|
for (let permName in permNames) {
|
|
let permNamesWithAccess = permNames[permName];
|
|
|
|
// Early return false as soon as any permission is not matched.
|
|
for (let idx in permNamesWithAccess) {
|
|
if(PermissionSettingsModule.getPermission(permNamesWithAccess[idx],
|
|
aManifestURL,
|
|
pageURI.prePath,
|
|
false) != "allow") {
|
|
debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
|
|
"Please add the permission for app: '" + pageURI.prePath + "'.");
|
|
return false;
|
|
}
|
|
}
|
|
}
|
|
|
|
// All the permissions needed for this system message are matched.
|
|
return true;
|
|
}
|
|
};
|