diff options
| author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
|---|---|---|
| committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-28 14:29:10 +0000 |
| commit | 2aa4a82499d4becd2284cdb482213d541b8804dd (patch) | |
| tree | b80bf8bf13c3766139fbacc530efd0dd9d54394c /dom/permission | |
| parent | Initial commit. (diff) | |
| download | firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.tar.xz firefox-2aa4a82499d4becd2284cdb482213d541b8804dd.zip | |
Adding upstream version 86.0.1.upstream/86.0.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'dom/permission')
| -rw-r--r-- | dom/permission/PermissionObserver.cpp | 115 | ||||
| -rw-r--r-- | dom/permission/PermissionObserver.h | 47 | ||||
| -rw-r--r-- | dom/permission/PermissionStatus.cpp | 134 | ||||
| -rw-r--r-- | dom/permission/PermissionStatus.h | 58 | ||||
| -rw-r--r-- | dom/permission/PermissionUtils.cpp | 56 | ||||
| -rw-r--r-- | dom/permission/PermissionUtils.h | 25 | ||||
| -rw-r--r-- | dom/permission/Permissions.cpp | 169 | ||||
| -rw-r--r-- | dom/permission/Permissions.h | 54 | ||||
| -rw-r--r-- | dom/permission/moz.build | 26 | ||||
| -rw-r--r-- | dom/permission/tests/.eslintrc.js | 5 | ||||
| -rw-r--r-- | dom/permission/tests/file_empty.html | 2 | ||||
| -rw-r--r-- | dom/permission/tests/mochitest.ini | 11 | ||||
| -rw-r--r-- | dom/permission/tests/test_cross_origin_iframe.html | 251 | ||||
| -rw-r--r-- | dom/permission/tests/test_permissions_api.html | 209 |
14 files changed, 1162 insertions, 0 deletions
diff --git a/dom/permission/PermissionObserver.cpp b/dom/permission/PermissionObserver.cpp new file mode 100644 index 0000000000..47e1a23918 --- /dev/null +++ b/dom/permission/PermissionObserver.cpp @@ -0,0 +1,115 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "PermissionObserver.h" + +#include "mozilla/dom/PermissionStatus.h" +#include "mozilla/Services.h" +#include "mozilla/UniquePtr.h" +#include "nsIObserverService.h" +#include "nsIPermission.h" +#include "PermissionUtils.h" + +namespace mozilla::dom { + +namespace { +PermissionObserver* gInstance = nullptr; +} // namespace + +NS_IMPL_ISUPPORTS(PermissionObserver, nsIObserver, nsISupportsWeakReference) + +PermissionObserver::PermissionObserver() { MOZ_ASSERT(!gInstance); } + +PermissionObserver::~PermissionObserver() { + MOZ_ASSERT(mSinks.IsEmpty()); + MOZ_ASSERT(gInstance == this); + + gInstance = nullptr; +} + +/* static */ +already_AddRefed<PermissionObserver> PermissionObserver::GetInstance() { + RefPtr<PermissionObserver> instance = gInstance; + if (!instance) { + instance = new PermissionObserver(); + + nsCOMPtr<nsIObserverService> obs = services::GetObserverService(); + if (NS_WARN_IF(!obs)) { + return nullptr; + } + + nsresult rv = obs->AddObserver(instance, "perm-changed", true); + if (NS_WARN_IF(NS_FAILED(rv))) { + return nullptr; + } + + gInstance = instance; + } + + return instance.forget(); +} + +void PermissionObserver::AddSink(PermissionStatus* aSink) { + MOZ_ASSERT(aSink); + MOZ_ASSERT(!mSinks.Contains(aSink)); + + mSinks.AppendElement(aSink); +} + +void PermissionObserver::RemoveSink(PermissionStatus* aSink) { + MOZ_ASSERT(aSink); + MOZ_ASSERT(mSinks.Contains(aSink)); + + mSinks.RemoveElement(aSink); +} + +void PermissionObserver::Notify(PermissionName aName, + nsIPrincipal& aPrincipal) { + for (auto* sink : mSinks) { + if (sink->mName != aName) { + continue; + } + + nsCOMPtr<nsIPrincipal> sinkPrincipal = sink->GetPrincipal(); + if (NS_WARN_IF(!sinkPrincipal) || !aPrincipal.Equals(sinkPrincipal)) { + continue; + } + + sink->PermissionChanged(); + } +} + +NS_IMETHODIMP +PermissionObserver::Observe(nsISupports* aSubject, const char* aTopic, + const char16_t* aData) { + MOZ_ASSERT(!strcmp(aTopic, "perm-changed")); + + if (mSinks.IsEmpty()) { + return NS_OK; + } + + nsCOMPtr<nsIPermission> perm = do_QueryInterface(aSubject); + if (!perm) { + return NS_OK; + } + + nsCOMPtr<nsIPrincipal> principal; + perm->GetPrincipal(getter_AddRefs(principal)); + if (!principal) { + return NS_OK; + } + + nsAutoCString type; + perm->GetType(type); + Maybe<PermissionName> permission = TypeToPermissionName(type); + if (permission) { + Notify(permission.value(), *principal); + } + + return NS_OK; +} + +} // namespace mozilla::dom diff --git a/dom/permission/PermissionObserver.h b/dom/permission/PermissionObserver.h new file mode 100644 index 0000000000..9d461e92bf --- /dev/null +++ b/dom/permission/PermissionObserver.h @@ -0,0 +1,47 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_PermissionObserver_h_ +#define mozilla_dom_PermissionObserver_h_ + +#include "mozilla/dom/PermissionsBinding.h" + +#include "nsIObserver.h" +#include "nsIPrincipal.h" +#include "nsTArray.h" +#include "nsWeakReference.h" + +namespace mozilla { +namespace dom { + +class PermissionStatus; + +// Singleton that watches for perm-changed notifications in order to notify +// PermissionStatus objects. +class PermissionObserver final : public nsIObserver, + public nsSupportsWeakReference { + public: + NS_DECL_ISUPPORTS + NS_DECL_NSIOBSERVER + + static already_AddRefed<PermissionObserver> GetInstance(); + + void AddSink(PermissionStatus* aObs); + void RemoveSink(PermissionStatus* aObs); + + private: + PermissionObserver(); + virtual ~PermissionObserver(); + + void Notify(PermissionName aName, nsIPrincipal& aPrincipal); + + nsTArray<PermissionStatus*> mSinks; +}; + +} // namespace dom +} // namespace mozilla + +#endif diff --git a/dom/permission/PermissionStatus.cpp b/dom/permission/PermissionStatus.cpp new file mode 100644 index 0000000000..37b3e31e7e --- /dev/null +++ b/dom/permission/PermissionStatus.cpp @@ -0,0 +1,134 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/dom/PermissionStatus.h" +#include "mozilla/PermissionDelegateHandler.h" + +#include "mozilla/AsyncEventDispatcher.h" +#include "mozilla/Permission.h" +#include "mozilla/Services.h" +#include "nsIPermissionManager.h" +#include "PermissionObserver.h" +#include "PermissionUtils.h" + +namespace mozilla::dom { + +/* static */ +already_AddRefed<PermissionStatus> PermissionStatus::Create( + nsPIDOMWindowInner* aWindow, PermissionName aName, ErrorResult& aRv) { + RefPtr<PermissionStatus> status = new PermissionStatus(aWindow, aName); + aRv = status->Init(); + if (NS_WARN_IF(aRv.Failed())) { + return nullptr; + } + + return status.forget(); +} + +PermissionStatus::PermissionStatus(nsPIDOMWindowInner* aWindow, + PermissionName aName) + : DOMEventTargetHelper(aWindow), + mName(aName), + mState(PermissionState::Denied) { + KeepAliveIfHasListenersFor(u"change"_ns); +} + +nsresult PermissionStatus::Init() { + mObserver = PermissionObserver::GetInstance(); + if (NS_WARN_IF(!mObserver)) { + return NS_ERROR_FAILURE; + } + + mObserver->AddSink(this); + + nsresult rv = UpdateState(); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + + return NS_OK; +} + +PermissionStatus::~PermissionStatus() { + if (mObserver) { + mObserver->RemoveSink(this); + } +} + +JSObject* PermissionStatus::WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) { + return PermissionStatus_Binding::Wrap(aCx, this, aGivenProto); +} + +nsresult PermissionStatus::UpdateState() { + nsCOMPtr<nsPIDOMWindowInner> window = GetOwner(); + if (NS_WARN_IF(!window)) { + return NS_ERROR_FAILURE; + } + + RefPtr<Document> document = window->GetExtantDoc(); + if (NS_WARN_IF(!document)) { + return NS_ERROR_FAILURE; + } + + uint32_t action = nsIPermissionManager::DENY_ACTION; + + PermissionDelegateHandler* permissionHandler = + document->GetPermissionDelegateHandler(); + if (NS_WARN_IF(!permissionHandler)) { + return NS_ERROR_FAILURE; + } + + nsresult rv = permissionHandler->GetPermissionForPermissionsAPI( + PermissionNameToType(mName), &action); + if (NS_WARN_IF(NS_FAILED(rv))) { + return rv; + } + + mState = ActionToPermissionState(action); + return NS_OK; +} + +already_AddRefed<nsIPrincipal> PermissionStatus::GetPrincipal() const { + nsCOMPtr<nsPIDOMWindowInner> window = GetOwner(); + if (NS_WARN_IF(!window)) { + return nullptr; + } + + Document* doc = window->GetExtantDoc(); + if (NS_WARN_IF(!doc)) { + return nullptr; + } + + nsCOMPtr<nsIPrincipal> principal = + Permission::ClonePrincipalForPermission(doc->NodePrincipal()); + NS_ENSURE_TRUE(principal, nullptr); + + return principal.forget(); +} + +void PermissionStatus::PermissionChanged() { + auto oldState = mState; + UpdateState(); + if (mState != oldState) { + RefPtr<AsyncEventDispatcher> eventDispatcher = + new AsyncEventDispatcher(this, u"change"_ns, CanBubble::eNo); + eventDispatcher->PostDOMEvent(); + } +} + +void PermissionStatus::DisconnectFromOwner() { + IgnoreKeepAliveIfHasListenersFor(u"change"_ns); + + if (mObserver) { + mObserver->RemoveSink(this); + mObserver = nullptr; + } + + DOMEventTargetHelper::DisconnectFromOwner(); +} + +} // namespace mozilla::dom diff --git a/dom/permission/PermissionStatus.h b/dom/permission/PermissionStatus.h new file mode 100644 index 0000000000..106efb42c9 --- /dev/null +++ b/dom/permission/PermissionStatus.h @@ -0,0 +1,58 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_PermissionStatus_h_ +#define mozilla_dom_PermissionStatus_h_ + +#include "mozilla/dom/PermissionsBinding.h" +#include "mozilla/dom/PermissionStatusBinding.h" +#include "mozilla/DOMEventTargetHelper.h" + +namespace mozilla { +namespace dom { + +class PermissionObserver; + +class PermissionStatus final : public DOMEventTargetHelper { + friend class PermissionObserver; + + public: + static already_AddRefed<PermissionStatus> Create(nsPIDOMWindowInner* aWindow, + PermissionName aName, + ErrorResult& aRv); + + JSObject* WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) override; + + PermissionState State() const { return mState; } + + IMPL_EVENT_HANDLER(change) + + void DisconnectFromOwner() override; + + private: + ~PermissionStatus(); + + PermissionStatus(nsPIDOMWindowInner* aWindow, PermissionName aName); + + nsresult Init(); + + nsresult UpdateState(); + + already_AddRefed<nsIPrincipal> GetPrincipal() const; + + void PermissionChanged(); + + PermissionName mName; + PermissionState mState; + + RefPtr<PermissionObserver> mObserver; +}; + +} // namespace dom +} // namespace mozilla + +#endif // mozilla_dom_permissionstatus_h_ diff --git a/dom/permission/PermissionUtils.cpp b/dom/permission/PermissionUtils.cpp new file mode 100644 index 0000000000..f0541d4927 --- /dev/null +++ b/dom/permission/PermissionUtils.cpp @@ -0,0 +1,56 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "PermissionUtils.h" +#include "nsIPermissionManager.h" + +namespace mozilla::dom { + +static const nsLiteralCString kPermissionTypes[] = { + // clang-format off + "geo"_ns, + "desktop-notification"_ns, + // Alias `push` to `desktop-notification`. + "desktop-notification"_ns, + "persistent-storage"_ns + // clang-format on +}; + +const size_t kPermissionNameCount = PermissionNameValues::Count; + +static_assert(MOZ_ARRAY_LENGTH(kPermissionTypes) == kPermissionNameCount, + "kPermissionTypes and PermissionName count should match"); + +const nsLiteralCString& PermissionNameToType(PermissionName aName) { + MOZ_ASSERT((size_t)aName < ArrayLength(kPermissionTypes)); + return kPermissionTypes[static_cast<size_t>(aName)]; +} + +Maybe<PermissionName> TypeToPermissionName(const nsACString& aType) { + for (size_t i = 0; i < ArrayLength(kPermissionTypes); ++i) { + if (kPermissionTypes[i].Equals(aType)) { + return Some(static_cast<PermissionName>(i)); + } + } + + return Nothing(); +} + +PermissionState ActionToPermissionState(uint32_t aAction) { + switch (aAction) { + case nsIPermissionManager::ALLOW_ACTION: + return PermissionState::Granted; + + case nsIPermissionManager::DENY_ACTION: + return PermissionState::Denied; + + default: + case nsIPermissionManager::PROMPT_ACTION: + return PermissionState::Prompt; + } +} + +} // namespace mozilla::dom diff --git a/dom/permission/PermissionUtils.h b/dom/permission/PermissionUtils.h new file mode 100644 index 0000000000..e1f8ac8206 --- /dev/null +++ b/dom/permission/PermissionUtils.h @@ -0,0 +1,25 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_PermissionUtils_h_ +#define mozilla_dom_PermissionUtils_h_ + +#include "mozilla/dom/PermissionsBinding.h" +#include "mozilla/dom/PermissionStatusBinding.h" +#include "mozilla/Maybe.h" + +namespace mozilla { +namespace dom { + +const nsLiteralCString& PermissionNameToType(PermissionName aName); +Maybe<PermissionName> TypeToPermissionName(const nsACString& aType); + +PermissionState ActionToPermissionState(uint32_t aAction); + +} // namespace dom +} // namespace mozilla + +#endif diff --git a/dom/permission/Permissions.cpp b/dom/permission/Permissions.cpp new file mode 100644 index 0000000000..48a7717973 --- /dev/null +++ b/dom/permission/Permissions.cpp @@ -0,0 +1,169 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#include "mozilla/dom/Permissions.h" + +#include "mozilla/dom/ContentChild.h" +#include "mozilla/dom/Document.h" +#include "mozilla/dom/PermissionMessageUtils.h" +#include "mozilla/dom/PermissionsBinding.h" +#include "mozilla/dom/PermissionStatus.h" +#include "mozilla/dom/Promise.h" +#include "mozilla/Services.h" +#include "nsIPermissionManager.h" +#include "PermissionUtils.h" + +namespace mozilla::dom { + +NS_INTERFACE_MAP_BEGIN_CYCLE_COLLECTION(Permissions) + NS_WRAPPERCACHE_INTERFACE_MAP_ENTRY + NS_INTERFACE_MAP_ENTRY(nsISupports) +NS_INTERFACE_MAP_END + +NS_IMPL_CYCLE_COLLECTING_ADDREF(Permissions) +NS_IMPL_CYCLE_COLLECTING_RELEASE(Permissions) + +NS_IMPL_CYCLE_COLLECTION_WRAPPERCACHE(Permissions, mWindow) + +Permissions::Permissions(nsPIDOMWindowInner* aWindow) : mWindow(aWindow) {} + +Permissions::~Permissions() = default; + +JSObject* Permissions::WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) { + return Permissions_Binding::Wrap(aCx, this, aGivenProto); +} + +namespace { + +already_AddRefed<PermissionStatus> CreatePermissionStatus( + JSContext* aCx, JS::Handle<JSObject*> aPermission, + nsPIDOMWindowInner* aWindow, ErrorResult& aRv) { + PermissionDescriptor permission; + JS::Rooted<JS::Value> value(aCx, JS::ObjectOrNullValue(aPermission)); + if (NS_WARN_IF(!permission.Init(aCx, value))) { + aRv.NoteJSContextException(aCx); + return nullptr; + } + + switch (permission.mName) { + case PermissionName::Geolocation: + case PermissionName::Notifications: + case PermissionName::Push: + case PermissionName::Persistent_storage: + return PermissionStatus::Create(aWindow, permission.mName, aRv); + + default: + MOZ_ASSERT_UNREACHABLE("Unhandled type"); + aRv.Throw(NS_ERROR_NOT_IMPLEMENTED); + return nullptr; + } +} + +} // namespace + +already_AddRefed<Promise> Permissions::Query(JSContext* aCx, + JS::Handle<JSObject*> aPermission, + ErrorResult& aRv) { + if (!mWindow) { + aRv.Throw(NS_ERROR_UNEXPECTED); + return nullptr; + } + + RefPtr<PermissionStatus> status = + CreatePermissionStatus(aCx, aPermission, mWindow, aRv); + if (NS_WARN_IF(aRv.Failed())) { + MOZ_ASSERT(!status); + return nullptr; + } + + MOZ_ASSERT(status); + RefPtr<Promise> promise = Promise::Create(mWindow->AsGlobal(), aRv); + if (NS_WARN_IF(aRv.Failed())) { + return nullptr; + } + + promise->MaybeResolve(status); + return promise.forget(); +} + +/* static */ +nsresult Permissions::RemovePermission(nsIPrincipal* aPrincipal, + const nsACString& aPermissionType) { + MOZ_ASSERT(XRE_IsParentProcess()); + + nsCOMPtr<nsIPermissionManager> permMgr = services::GetPermissionManager(); + if (NS_WARN_IF(!permMgr)) { + return NS_ERROR_FAILURE; + } + + return permMgr->RemoveFromPrincipal(aPrincipal, aPermissionType); +} + +already_AddRefed<Promise> Permissions::Revoke(JSContext* aCx, + JS::Handle<JSObject*> aPermission, + ErrorResult& aRv) { + if (!mWindow) { + aRv.Throw(NS_ERROR_UNEXPECTED); + return nullptr; + } + + PermissionDescriptor permission; + JS::Rooted<JS::Value> value(aCx, JS::ObjectOrNullValue(aPermission)); + if (NS_WARN_IF(!permission.Init(aCx, value))) { + aRv.NoteJSContextException(aCx); + return nullptr; + } + + RefPtr<Promise> promise = Promise::Create(mWindow->AsGlobal(), aRv); + if (NS_WARN_IF(aRv.Failed())) { + return nullptr; + } + + nsCOMPtr<Document> document = mWindow->GetExtantDoc(); + if (!document) { + promise->MaybeReject(NS_ERROR_UNEXPECTED); + return promise.forget(); + } + + nsCOMPtr<nsIPermissionManager> permMgr = services::GetPermissionManager(); + if (NS_WARN_IF(!permMgr)) { + promise->MaybeReject(NS_ERROR_FAILURE); + return promise.forget(); + } + + const nsLiteralCString& permissionType = + PermissionNameToType(permission.mName); + + nsresult rv; + if (XRE_IsParentProcess()) { + rv = RemovePermission(document->NodePrincipal(), permissionType); + } else { + // Permissions can't be removed from the content process. Send a message + // to the parent; `ContentParent::RecvRemovePermission` will call + // `RemovePermission`. + ContentChild::GetSingleton()->SendRemovePermission( + IPC::Principal(document->NodePrincipal()), permissionType, &rv); + } + + if (NS_WARN_IF(NS_FAILED(rv))) { + promise->MaybeReject(rv); + return promise.forget(); + } + + RefPtr<PermissionStatus> status = + CreatePermissionStatus(aCx, aPermission, mWindow, aRv); + if (NS_WARN_IF(aRv.Failed())) { + MOZ_ASSERT(!status); + return nullptr; + } + + MOZ_ASSERT(status); + promise->MaybeResolve(status); + return promise.forget(); +} + +} // namespace mozilla::dom diff --git a/dom/permission/Permissions.h b/dom/permission/Permissions.h new file mode 100644 index 0000000000..7642f6c0f5 --- /dev/null +++ b/dom/permission/Permissions.h @@ -0,0 +1,54 @@ +/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ +/* vim: set ts=8 sts=2 et sw=2 tw=80: */ +/* This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this file, + * You can obtain one at http://mozilla.org/MPL/2.0/. */ + +#ifndef mozilla_dom_Permissions_h_ +#define mozilla_dom_Permissions_h_ + +#include "nsISupports.h" +#include "nsPIDOMWindow.h" +#include "nsWrapperCache.h" + +namespace mozilla { + +class ErrorResult; + +namespace dom { + +class Promise; + +class Permissions final : public nsISupports, public nsWrapperCache { + public: + NS_DECL_CYCLE_COLLECTING_ISUPPORTS + NS_DECL_CYCLE_COLLECTION_SCRIPT_HOLDER_CLASS(Permissions) + + explicit Permissions(nsPIDOMWindowInner* aWindow); + + nsPIDOMWindowInner* GetParentObject() const { return mWindow; } + + JSObject* WrapObject(JSContext* aCx, + JS::Handle<JSObject*> aGivenProto) override; + + already_AddRefed<Promise> Query(JSContext* aCx, + JS::Handle<JSObject*> aPermission, + ErrorResult& aRv); + + static nsresult RemovePermission(nsIPrincipal* aPrincipal, + const nsACString& aPermissionType); + + already_AddRefed<Promise> Revoke(JSContext* aCx, + JS::Handle<JSObject*> aPermission, + ErrorResult& aRv); + + private: + ~Permissions(); + + nsCOMPtr<nsPIDOMWindowInner> mWindow; +}; + +} // namespace dom +} // namespace mozilla + +#endif // mozilla_dom_permissions_h_ diff --git a/dom/permission/moz.build b/dom/permission/moz.build new file mode 100644 index 0000000000..bdceaba05f --- /dev/null +++ b/dom/permission/moz.build @@ -0,0 +1,26 @@ +# -*- Mode: python; indent-tabs-mode: nil; tab-width: 40 -*- +# vim: set filetype=python: +# This Source Code Form is subject to the terms of the Mozilla Public +# License, v. 2.0. If a copy of the MPL was not distributed with this +# file, You can obtain one at http://mozilla.org/MPL/2.0/. + +with Files("**"): + BUG_COMPONENT = ("Core", "DOM: Core & HTML") + +EXPORTS.mozilla.dom += [ + "Permissions.h", + "PermissionStatus.h", +] + +UNIFIED_SOURCES += [ + "PermissionObserver.cpp", + "Permissions.cpp", + "PermissionStatus.cpp", + "PermissionUtils.cpp", +] + +MOCHITEST_MANIFESTS += ["tests/mochitest.ini"] + +FINAL_LIBRARY = "xul" + +include("/ipc/chromium/chromium-config.mozbuild") diff --git a/dom/permission/tests/.eslintrc.js b/dom/permission/tests/.eslintrc.js new file mode 100644 index 0000000000..845ed3f013 --- /dev/null +++ b/dom/permission/tests/.eslintrc.js @@ -0,0 +1,5 @@ +"use strict"; + +module.exports = { + extends: ["plugin:mozilla/mochitest-test"], +}; diff --git a/dom/permission/tests/file_empty.html b/dom/permission/tests/file_empty.html new file mode 100644 index 0000000000..15648ec5aa --- /dev/null +++ b/dom/permission/tests/file_empty.html @@ -0,0 +1,2 @@ +<h1>I'm just a support file</h1> +<p>I get loaded to do permission testing.</p> diff --git a/dom/permission/tests/mochitest.ini b/dom/permission/tests/mochitest.ini new file mode 100644 index 0000000000..fb631736f6 --- /dev/null +++ b/dom/permission/tests/mochitest.ini @@ -0,0 +1,11 @@ +[DEFAULT] +support-files = + file_empty.html +prefs = + dom.security.featurePolicy.header.enabled=true + dom.security.featurePolicy.webidl.enabled=true + +[test_cross_origin_iframe.html] +fail-if = xorigin +[test_permissions_api.html] +skip-if = xorigin # Hangs diff --git a/dom/permission/tests/test_cross_origin_iframe.html b/dom/permission/tests/test_cross_origin_iframe.html new file mode 100644 index 0000000000..321c3aaf08 --- /dev/null +++ b/dom/permission/tests/test_cross_origin_iframe.html @@ -0,0 +1,251 @@ +<!-- + Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ +--> +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="utf-8"> + <title>Test for Permissions API</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css"> +</head> + +<body> + <pre id="test"></pre> + <script type="application/javascript"> + /*globals SpecialPowers, SimpleTest, is, ok, */ + 'use strict'; + + function setPermission(type, allow) { + return new Promise(resolve => { + SpecialPowers.popPermissions(() => { + SpecialPowers.pushPermissions( + [{ type, allow, context: document }], + resolve + ); + }); + }); + } + + function checkPermission(aIFrame, aExpectedState, aName) { + return SpecialPowers.spawn( + aIFrame, + [{name: aName, expectedState: aExpectedState}], + async aInput => { + try { + let result = await content.navigator + .permissions + .query({ name: aInput.name }); + is( + SpecialPowers.wrap(result).state, + aInput.expectedState, + `correct state for '${aInput.name}'` + ); + } catch (e) { + ok(false, `query should not have rejected for '${aInput.name}'`) + } + } + ); + } + + function createIframe(aId, aAllow) { + return new Promise((resolve) => { + const iframe = document.createElement('iframe'); + iframe.id = aId; + iframe.src = 'https://example.org/tests/dom/permission/tests/file_empty.html'; + if (aAllow) { + iframe.allow = aAllow; + } + iframe.onload = () => resolve(iframe); + document.body.appendChild(iframe); + }); + } + + function removeIframe(aId) { + return new Promise((resolve) => { + document.body.removeChild(document.getElementById(aId)); + resolve(); + }); + } + + const { + UNKNOWN_ACTION, + PROMPT_ACTION, + ALLOW_ACTION, + DENY_ACTION + } = SpecialPowers.Ci.nsIPermissionManager; + + const tests = [ + { + id: 'query navigation top unknown', + top: UNKNOWN_ACTION, + name: 'geolocation', + type: 'geo', + expected: 'denied', + }, + { + id: 'query notifications top unknown', + top: UNKNOWN_ACTION, + name: 'notifications', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query push top unknown', + top: UNKNOWN_ACTION, + name: 'push', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query persistent-storage unknown', + top: UNKNOWN_ACTION, + name: 'persistent-storage', + type: 'persistent-storage', + expected: 'denied', + }, + { + id: 'query navigation top prompt', + top: PROMPT_ACTION, + name: 'geolocation', + type: 'geo', + expected: 'denied', + }, + { + id: 'query notifications top prompt', + top: PROMPT_ACTION, + name: 'notifications', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query push top prompt', + top: PROMPT_ACTION, + name: 'push', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query persistent-storage top prompt', + top: PROMPT_ACTION, + name: 'persistent-storage', + type: 'persistent-storage', + expected: 'denied', + }, + { + id: 'query navigation top denied', + top: DENY_ACTION, + name: 'geolocation', + type: 'geo', + expected: 'denied', + }, + { + id: 'query notifications top denied', + top: DENY_ACTION, + name: 'notifications', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query push top denied', + top: DENY_ACTION, + name: 'push', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query persistent-storage top denied', + top: DENY_ACTION, + name: 'persistent-storage', + type: 'persistent-storage', + expected: 'denied', + }, + { + id: 'query navigation top granted', + top: ALLOW_ACTION, + name: 'geolocation', + type: 'geo', + expected: 'denied', + }, + { + id: 'query notifications top granted', + top: ALLOW_ACTION, + name: 'notifications', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query push top granted', + top: ALLOW_ACTION, + name: 'push', + type: 'desktop-notification', + expected: 'denied', + }, + { + id: 'query persistent-storage top granted', + top: ALLOW_ACTION, + name: 'persistent-storage', + type: 'persistent-storage', + expected: 'denied', + }, + { + id: 'query navigation top denied, iframe has allow attribute', + top: DENY_ACTION, + allow: 'geolocation', + name: 'geolocation', + type: 'geo', + expected: 'denied', + }, + { + id: 'query navigation top granted, iframe has allow attribute', + top: ALLOW_ACTION, + allow: 'geolocation', + name: 'geolocation', + type: 'geo', + expected: 'granted', + }, + { + id: 'query navigation top prompt, iframe has allow attribute', + top: PROMPT_ACTION, + allow: 'geolocation', + name: 'geolocation', + type: 'geo', + expected: 'prompt', + }, + { + id: 'query navigation top unknown, iframe has allow attribute', + top: UNKNOWN_ACTION, + allow: 'geolocation', + name: 'geolocation', + type: 'geo', + expected: 'prompt', + }, + + ]; + + SimpleTest.waitForExplicitFinish(); + + async function nextTest() { + if (tests.length == 0) { + SimpleTest.finish(); + return; + } + + let test = tests.shift(); + await setPermission(test.type, test.top) + .then(() => createIframe(test.id, test.allow)) + .then(iframe => checkPermission(iframe, test.expected, test.name)) + .then(() => removeIframe(test.id)); + + SimpleTest.executeSoon(nextTest); + } + + SpecialPowers.pushPrefEnv({"set": [ + ["permissions.delegation.enabled", true], + ]}).then(nextTest); + </script> +</body> + +</html> diff --git a/dom/permission/tests/test_permissions_api.html b/dom/permission/tests/test_permissions_api.html new file mode 100644 index 0000000000..1edf2ca60b --- /dev/null +++ b/dom/permission/tests/test_permissions_api.html @@ -0,0 +1,209 @@ +<!-- + Any copyright is dedicated to the Public Domain. + http://creativecommons.org/publicdomain/zero/1.0/ +--> +<!DOCTYPE HTML> +<html> + +<head> + <meta charset="utf-8"> + <title>Test for Permissions API</title> + <script src="/tests/SimpleTest/SimpleTest.js"></script> + <link rel="stylesheet" href="/tests/SimpleTest/test.css"> +</head> + +<body> + <pre id="test"></pre> + <script type="application/javascript"> + /*globals SpecialPowers, SimpleTest, is, ok, */ + 'use strict'; + + const { + UNKNOWN_ACTION, + PROMPT_ACTION, + ALLOW_ACTION, + DENY_ACTION + } = SpecialPowers.Ci.nsIPermissionManager; + + SimpleTest.waitForExplicitFinish(); + + const PERMISSIONS = [{ + name: 'geolocation', + type: 'geo' + }, { + name: 'notifications', + type: 'desktop-notification' + }, { + name: 'push', + type: 'desktop-notification' + }, { + name: 'persistent-storage', + type: 'persistent-storage' + }, ]; + + const UNSUPPORTED_PERMISSIONS = [ + 'foobarbaz', // Not in spec, for testing only. + 'midi', + ]; + + // Create a closure, so that tests are run on the correct window object. + function createPermissionTester(aWindow) { + return { + setPermissions(allow) { + const permissions = PERMISSIONS.map(({ type }) => { + return { + type, + allow, + 'context': aWindow.document + }; + }); + return new Promise((resolve) => { + SpecialPowers.popPermissions(() => { + SpecialPowers.pushPermissions(permissions, resolve); + }); + }); + }, + revokePermissions() { + const promisesToRevoke = PERMISSIONS.map(({ name }) => { + return aWindow.navigator.permissions + .revoke({ name }) + .then( + ({ state }) => is(state, 'prompt', `correct state for '${name}'`), + () => ok(false, `revoke should not have rejected for '${name}'`) + ); + }); + return Promise.all(promisesToRevoke); + }, + revokeUnsupportedPermissions() { + const promisesToRevoke = UNSUPPORTED_PERMISSIONS.map(({ name }) => { + return aWindow.navigator.permissions + .revoke({ name }) + .then( + () => ok(false, `revoke should not have resolved for '${name}'`), + error => is(error.name, 'TypeError', `revoke should have thrown TypeError for '${name}'`) + ); + }); + return Promise.all(promisesToRevoke); + }, + checkPermissions(state) { + const promisesToQuery = PERMISSIONS.map(({ name }) => { + return aWindow.navigator.permissions + .query({ name }) + .then( + () => is(state, state, `correct state for '${name}'`), + () => ok(false, `query should not have rejected for '${name}'`) + ); + }); + return Promise.all(promisesToQuery); + }, + checkUnsupportedPermissions() { + const promisesToQuery = UNSUPPORTED_PERMISSIONS.map(({ name }) => { + return aWindow.navigator.permissions + .query({ name }) + .then( + () => ok(false, `query should not have resolved for '${name}'`), + error => { + is(error.name, 'TypeError', + `query should have thrown TypeError for '${name}'`); + } + ); + }); + return Promise.all(promisesToQuery); + }, + promiseStateChanged(name, state) { + return aWindow.navigator.permissions + .query({ name }) + .then(status => { + return new Promise( resolve => { + status.onchange = () => { + status.onchange = null; + is(status.state, state, `state changed for '${name}'`); + resolve(); + }; + }); + }, + () => ok(false, `query should not have rejected for '${name}'`)); + }, + testStatusOnChange() { + return new Promise((resolve) => { + SpecialPowers.popPermissions(() => { + const permission = 'geolocation'; + const promiseGranted = this.promiseStateChanged(permission, 'granted'); + this.setPermissions(ALLOW_ACTION); + promiseGranted.then(async () => { + const promisePrompt = this.promiseStateChanged(permission, 'prompt'); + await SpecialPowers.popPermissions(); + return promisePrompt; + }).then(resolve); + }); + }); + }, + testInvalidQuery() { + return aWindow.navigator.permissions + .query({ name: 'invalid' }) + .then( + () => ok(false, 'invalid query should not have resolved'), + () => ok(true, 'invalid query should have rejected') + ); + }, + testInvalidRevoke() { + return aWindow.navigator.permissions + .revoke({ name: 'invalid' }) + .then( + () => ok(false, 'invalid revoke should not have resolved'), + () => ok(true, 'invalid revoke should have rejected') + ); + }, + }; + } + + function enablePrefs() { + const ops = { + 'set': [ + ['dom.permissions.revoke.enable', true], + ], + }; + return SpecialPowers.pushPrefEnv(ops); + } + + function createIframe() { + return new Promise((resolve) => { + const iframe = document.createElement('iframe'); + iframe.src = 'file_empty.html'; + iframe.onload = () => resolve(iframe.contentWindow); + document.body.appendChild(iframe); + }); + } + + window.onload = () => { + enablePrefs() + .then(createIframe) + .then(createPermissionTester) + .then((tester) => { + return tester + .checkUnsupportedPermissions() + .then(() => tester.setPermissions(UNKNOWN_ACTION)) + .then(() => tester.checkPermissions('prompt')) + .then(() => tester.setPermissions(PROMPT_ACTION)) + .then(() => tester.checkPermissions('prompt')) + .then(() => tester.setPermissions(ALLOW_ACTION)) + .then(() => tester.checkPermissions('granted')) + .then(() => tester.setPermissions(DENY_ACTION)) + .then(() => tester.checkPermissions('denied')) + .then(() => tester.testStatusOnChange()) + .then(() => tester.testInvalidQuery()) + .then(() => tester.revokeUnsupportedPermissions()) + .then(() => tester.revokePermissions()) + .then(() => tester.checkPermissions('prompt')) + .then(() => tester.testInvalidRevoke()); + }) + .then(SimpleTest.finish) + .catch((e) => { + ok(false, `Unexpected error ${e}`); + SimpleTest.finish(); + }); + }; + </script> +</body> + +</html> |