extensions/permissions/test/unit/test_permmanager_expiration.js


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189

/* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */

// Test that permissions with specific expiry times behave as expected.
var test_generator = do_run_test();

function run_test() {
  do_test_pending();
  test_generator.next();
}

function continue_test() {
  do_run_generator(test_generator);
}

function* do_run_test() {
  let pm = Services.perms;
  let permURI = NetUtil.newURI("http://example.com");
  let principal = Services.scriptSecurityManager.createContentPrincipal(
    permURI,
    {}
  );

  let now = Number(Date.now());

  // add a permission with *now* expiration
  pm.addFromPrincipal(
    principal,
    "test/expiration-perm-exp",
    1,
    pm.EXPIRE_TIME,
    now
  );
  pm.addFromPrincipal(
    principal,
    "test/expiration-session-exp",
    1,
    pm.EXPIRE_SESSION,
    now
  );

  // add a permission with future expiration (100 milliseconds)
  pm.addFromPrincipal(
    principal,
    "test/expiration-perm-exp2",
    1,
    pm.EXPIRE_TIME,
    now + 100
  );
  pm.addFromPrincipal(
    principal,
    "test/expiration-session-exp2",
    1,
    pm.EXPIRE_SESSION,
    now + 100
  );

  // add a permission with future expiration (1000 seconds)
  pm.addFromPrincipal(
    principal,
    "test/expiration-perm-exp3",
    1,
    pm.EXPIRE_TIME,
    now + 1e6
  );
  pm.addFromPrincipal(
    principal,
    "test/expiration-session-exp3",
    1,
    pm.EXPIRE_SESSION,
    now + 1e6
  );

  // add a permission without expiration
  pm.addFromPrincipal(
    principal,
    "test/expiration-perm-nexp",
    1,
    pm.EXPIRE_NEVER,
    0
  );

  // check that the second two haven't expired yet
  Assert.equal(
    1,
    pm.testPermissionFromPrincipal(principal, "test/expiration-perm-exp3")
  );
  Assert.equal(
    1,
    pm.testPermissionFromPrincipal(principal, "test/expiration-session-exp3")
  );
  Assert.equal(
    1,
    pm.testPermissionFromPrincipal(principal, "test/expiration-perm-nexp")
  );
  Assert.equal(1, pm.getAllWithTypePrefix("test/expiration-perm-exp3").length);
  Assert.equal(
    1,
    pm.getAllWithTypePrefix("test/expiration-session-exp3").length
  );
  Assert.equal(1, pm.getAllWithTypePrefix("test/expiration-perm-nexp").length);
  Assert.equal(5, pm.getAllForPrincipal(principal).length);

  // ... and the first one has
  do_timeout(10, continue_test);
  yield;
  Assert.equal(
    0,
    pm.testPermissionFromPrincipal(principal, "test/expiration-perm-exp")
  );
  Assert.equal(
    0,
    pm.testPermissionFromPrincipal(principal, "test/expiration-session-exp")
  );

  // ... and that the short-term one will
  do_timeout(200, continue_test);
  yield;
  Assert.equal(
    0,
    pm.testPermissionFromPrincipal(principal, "test/expiration-perm-exp2")
  );
  Assert.equal(
    0,
    pm.testPermissionFromPrincipal(principal, "test/expiration-session-exp2")
  );
  Assert.equal(0, pm.getAllWithTypePrefix("test/expiration-perm-exp2").length);
  Assert.equal(
    0,
    pm.getAllWithTypePrefix("test/expiration-session-exp2").length
  );

  Assert.equal(3, pm.getAllForPrincipal(principal).length);

  // Check that .getPermission returns a matching result
  Assert.equal(
    null,
    pm.getPermissionObject(principal, "test/expiration-perm-exp", false)
  );
  Assert.equal(
    null,
    pm.getPermissionObject(principal, "test/expiration-session-exp", false)
  );
  Assert.equal(
    null,
    pm.getPermissionObject(principal, "test/expiration-perm-exp2", false)
  );
  Assert.equal(
    null,
    pm.getPermissionObject(principal, "test/expiration-session-exp2", false)
  );

  // Add a persistent permission for private browsing
  let principalPB = Services.scriptSecurityManager.createContentPrincipal(
    permURI,
    { privateBrowsingId: 1 }
  );
  pm.addFromPrincipal(
    principalPB,
    "test/expiration-session-pb",
    pm.ALLOW_ACTION
  );

  // The permission should be set to session expiry
  let perm = pm.getPermissionObject(
    principalPB,
    "test/expiration-session-pb",
    true
  );
  Assert.equal(perm.expireType, pm.EXPIRE_SESSION);

  // Add a persistent permission for private browsing using
  // addFromPrincipalAndPersistInPrivateBrowsing
  pm.addFromPrincipalAndPersistInPrivateBrowsing(
    principalPB,
    "test/expiration-session-pb",
    pm.ALLOW_ACTION
  );

  // The permission should be set to never expire
  perm = pm.getPermissionObject(
    principalPB,
    "test/expiration-session-pb",
    true
  );
  Assert.equal(perm.expireType, pm.EXPIRE_NEVER);

  do_finish_generator_test(test_generator);
}