From 36d22d82aa202bb199967e9512281e9a53db42c9 Mon Sep 17 00:00:00 2001
From: Daniel Baumann <daniel.baumann@progress-linux.org>
Date: Sun, 7 Apr 2024 21:33:14 +0200
Subject: Adding upstream version 115.7.0esr.

Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
---
 .../test/unit/test_permmanager_local_files.js      | 74 ++++++++++++++++++++++
 1 file changed, 74 insertions(+)
 create mode 100644 extensions/permissions/test/unit/test_permmanager_local_files.js

(limited to 'extensions/permissions/test/unit/test_permmanager_local_files.js')

diff --git a/extensions/permissions/test/unit/test_permmanager_local_files.js b/extensions/permissions/test/unit/test_permmanager_local_files.js
new file mode 100644
index 0000000000..389eb77916
--- /dev/null
+++ b/extensions/permissions/test/unit/test_permmanager_local_files.js
@@ -0,0 +1,74 @@
+/* Any copyright is dedicated to the Public Domain.
+   http://creativecommons.org/publicdomain/zero/1.0/ */
+
+// Test that permissions work for file:// URIs (aka local files).
+
+function getPrincipalFromURIString(uriStr) {
+  let uri = NetUtil.newURI(uriStr);
+  return Services.scriptSecurityManager.createContentPrincipal(uri, {});
+}
+
+function run_test() {
+  let pm = Services.perms;
+
+  // If we add a permission to a file:// URI, the test should return true.
+  let principal = getPrincipalFromURIString("file:///foo/bar");
+  pm.addFromPrincipal(principal, "test/local-files", pm.ALLOW_ACTION, 0, 0);
+  Assert.equal(
+    pm.testPermissionFromPrincipal(principal, "test/local-files"),
+    pm.ALLOW_ACTION
+  );
+
+  // Another file:// URI should have the same permission.
+  let witnessPrincipal = getPrincipalFromURIString("file:///bar/foo");
+  Assert.equal(
+    pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+
+  // Giving "file:///" a permission shouldn't give it to all file:// URIs.
+  let rootPrincipal = getPrincipalFromURIString("file:///");
+  pm.addFromPrincipal(rootPrincipal, "test/local-files", pm.ALLOW_ACTION, 0, 0);
+  Assert.equal(
+    pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+
+  // Giving "file://" a permission shouldn't give it to all file:// URIs.
+  let schemeRootPrincipal = getPrincipalFromURIString("file://");
+  pm.addFromPrincipal(
+    schemeRootPrincipal,
+    "test/local-files",
+    pm.ALLOW_ACTION,
+    0,
+    0
+  );
+  Assert.equal(
+    pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+
+  // Giving 'node' a permission shouldn't give it to its 'children'.
+  let fileInDirPrincipal = getPrincipalFromURIString(
+    "file:///foo/bar/foobar.txt"
+  );
+  Assert.equal(
+    pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+
+  // Revert "file:///foo/bar" permission and check that it has been correctly taken into account.
+  pm.removeFromPrincipal(principal, "test/local-files");
+  Assert.equal(
+    pm.testPermissionFromPrincipal(principal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+  Assert.equal(
+    pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+  Assert.equal(
+    pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"),
+    pm.UNKNOWN_ACTION
+  );
+}
-- 
cgit v1.2.3