Add m-esr52 at 52.6.0

1 files changed, 200 insertions, 0 deletions

diff --git a/dom/permission/PermissionSettings.jsm b/dom/permission/PermissionSettings.jsm
new file mode 100644
index 000000000..bfd37394d
--- /dev/null
+++ b/dom/permission/PermissionSettings.jsm
@@ -0,0 +1,200 @@
+/* This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+ * You can obtain one at http://mozilla.org/MPL/2.0/. */
+
+"use strict";
+
+function debug(s) {
+  //dump("-*- PermissionSettings Module: " + s + "\n");
+}
+
+const Cu = Components.utils;
+const Cc = Components.classes;
+const Ci = Components.interfaces;
+
+this.EXPORTED_SYMBOLS = ["PermissionSettingsModule"];
+
+Cu.import("resource://gre/modules/XPCOMUtils.jsm");
+Cu.import("resource://gre/modules/Services.jsm");
+Cu.import("resource://gre/modules/PermissionsTable.jsm");
+
+XPCOMUtils.defineLazyServiceGetter(this, "ppmm",
+                                   "@mozilla.org/parentprocessmessagemanager;1",
+                                   "nsIMessageListenerManager");
+
+XPCOMUtils.defineLazyServiceGetter(this,
+                                   "appsService",
+                                   "@mozilla.org/AppsService;1",
+                                   "nsIAppsService");
+
+this.PermissionSettingsModule = {
+  init: function init() {
+    debug("Init");
+    ppmm.addMessageListener("PermissionSettings:AddPermission", this);
+    Services.obs.addObserver(this, "profile-before-change", false);
+  },
+
+
+  _isChangeAllowed: function(aPrincipal, aPermName, aAction) {
+    // Bug 812289:
+    // Change is allowed from a child process when all of the following
+    // conditions stand true:
+    //   * the action isn't "unknown" (so the change isn't a delete) if the app
+    //     is installed
+    //   * the permission already exists on the database
+    //   * the permission is marked as explicit on the permissions table
+    // Note that we *have* to check the first two conditions here because
+    // permissionManager doesn't know if it's being called as a result of
+    // a parent process or child process request. We could check
+    // if the permission is actually explicit (and thus modifiable) or not
+    // on permissionManager also but we currently don't.
+    let perm =
+      Services.perms.testExactPermissionFromPrincipal(aPrincipal,aPermName);
+    let isExplicit = isExplicitInPermissionsTable(aPermName, aPrincipal.appStatus);
+
+    return (aAction === "unknown" &&
+            aPrincipal.appStatus === Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) ||
+           (aAction !== "unknown" &&
+            (perm !== Ci.nsIPermissionManager.UNKNOWN_ACTION) &&
+            isExplicit);
+  },
+
+  addPermission: function addPermission(aData, aCallbacks) {
+
+    this._internalAddPermission(aData, true, aCallbacks);
+
+  },
+
+
+  _internalAddPermission: function _internalAddPermission(aData, aAllowAllChanges, aCallbacks) {
+    // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm.
+    let app;
+    let principal;
+    // Test if app is cached (signed streamable package) or installed via DOMApplicationRegistry
+    if (aData.isCachedPackage) {
+      // If the app is from packaged web app, the origin includes origin attributes already.
+      principal =
+        Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(aData.origin);
+      app = {localId: principal.appId};
+    } else {
+      app = appsService.getAppByManifestURL(aData.manifestURL);
+      let uri = Services.io.newURI(aData.origin, null, null);
+      principal =
+        Services.scriptSecurityManager.createCodebasePrincipal(uri,
+                                                               {appId: app.localId,
+                                                                inIsolatedMozBrowser: aData.browserFlag});
+    }
+
+    let action;
+    switch (aData.value)
+    {
+      case "unknown":
+        action = Ci.nsIPermissionManager.UNKNOWN_ACTION;
+        break;
+      case "allow":
+        action = Ci.nsIPermissionManager.ALLOW_ACTION;
+        break;
+      case "deny":
+        action = Ci.nsIPermissionManager.DENY_ACTION;
+        break;
+      case "prompt":
+        action = Ci.nsIPermissionManager.PROMPT_ACTION;
+        break;
+      default:
+        dump("Unsupported PermisionSettings Action: " + aData.value +"\n");
+        action = Ci.nsIPermissionManager.UNKNOWN_ACTION;
+    }
+
+    if (aAllowAllChanges ||
+        this._isChangeAllowed(principal, aData.type, aData.value)) {
+      debug("add: " + aData.origin + " " + app.localId + " " + action);
+      Services.perms.addFromPrincipal(principal, aData.type, action);
+      return true;
+    } else {
+      debug("add Failure: " + aData.origin + " " + app.localId + " " + action);
+      return false; // This isn't currently used, see comment on setPermission
+    }
+  },
+
+  getPermission: function getPermission(aPermName, aManifestURL, aOrigin, aBrowserFlag, aIsCachedPackage) {
+    // TODO: Bug 1196644 - Add signPKg parameter into PermissionSettings.jsm
+    debug("getPermission: " + aPermName + ", " + aManifestURL + ", " + aOrigin);
+    let principal;
+    // Test if app is cached (signed streamable package) or installed via DOMApplicationRegistry
+    if (aIsCachedPackage) {
+      // If the app is from packaged web app, the origin includes origin attributes already.
+      principal =
+        Services.scriptSecurityManager.createCodebasePrincipalFromOrigin(aOrigin);
+    } else {
+      let uri = Services.io.newURI(aOrigin, null, null);
+      let appID = appsService.getAppLocalIdByManifestURL(aManifestURL);
+      principal =
+        Services.scriptSecurityManager.createCodebasePrincipal(uri,
+                                                               {appId: appID,
+                                                                inIsolatedMozBrowser: aBrowserFlag});
+    }
+    let result = Services.perms.testExactPermissionFromPrincipal(principal, aPermName);
+    switch (result)
+    {
+      case Ci.nsIPermissionManager.UNKNOWN_ACTION:
+        return "unknown";
+      case Ci.nsIPermissionManager.ALLOW_ACTION:
+        return "allow";
+      case Ci.nsIPermissionManager.DENY_ACTION:
+        return "deny";
+      case Ci.nsIPermissionManager.PROMPT_ACTION:
+        return "prompt";
+      default:
+        dump("Unsupported PermissionSettings Action!\n");
+        return "unknown";
+    }
+  },
+
+  removePermission: function removePermission(aPermName, aManifestURL, aOrigin, aBrowserFlag, aIsCachedPackage) {
+    let data = {
+      type: aPermName,
+      origin: aOrigin,
+      manifestURL: aManifestURL,
+      value: "unknown",
+      browserFlag: aBrowserFlag,
+      isCachedPackage: aIsCachedPackage
+    };
+    this._internalAddPermission(data, true);
+  },
+
+  observe: function observe(aSubject, aTopic, aData) {
+    ppmm.removeMessageListener("PermissionSettings:AddPermission", this);
+    Services.obs.removeObserver(this, "profile-before-change");
+    ppmm = null;
+  },
+
+  receiveMessage: function receiveMessage(aMessage) {
+    debug("PermissionSettings::receiveMessage " + aMessage.name);
+    let mm = aMessage.target;
+    let msg = aMessage.data;
+
+    let result;
+    switch (aMessage.name) {
+      case "PermissionSettings:AddPermission":
+        let success = false;
+        let errorMsg =
+              " from a content process with no 'permissions' privileges.";
+        if (mm.assertPermission("permissions")) {
+          success = this._internalAddPermission(msg, false);
+          if (!success) {
+            // Just kill the calling process
+            mm.assertPermission("permissions-modify-implicit");
+            errorMsg = " had an implicit permission change. Child process killed.";
+          }
+        }
+
+        if (!success) {
+          Cu.reportError("PermissionSettings message " + msg.type + errorMsg);
+          return null;
+        }
+        break;
+    }
+  }
+}
+
+PermissionSettingsModule.init();