Bug 1129315 - require app processes update permissions after forked from nuwa. r=jdm

This commit is contained in:
Chih-Kai (Patrick) Wang 2015-03-12 16:53:22 +08:00
parent 2206ee253c
commit 7856bfc162
4 changed files with 60 additions and 22 deletions

View File

@ -531,6 +531,14 @@ InitOnContentProcessCreated()
return;
}
PostForkPreload();
nsCOMPtr<nsIPermissionManager> permManager =
services::GetPermissionManager();
MOZ_ASSERT(permManager, "Unable to get permission manager");
nsresult rv = permManager->RefreshPermission();
if (NS_FAILED(rv)) {
MOZ_ASSERT(false, "Failed updating permission in child process");
}
#endif
nsCOMPtr<nsISystemMessageCache> smc =

View File

@ -419,28 +419,8 @@ nsPermissionManager::Init()
}
if (IsChildProcess()) {
// Get the permissions from the parent process
InfallibleTArray<IPC::Permission> perms;
ChildProcess()->SendReadPermissions(&perms);
for (uint32_t i = 0; i < perms.Length(); i++) {
const IPC::Permission &perm = perms[i];
nsCOMPtr<nsIPrincipal> principal;
rv = GetPrincipal(perm.host, perm.appId, perm.isInBrowserElement, getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
// The child process doesn't care about modification times - it neither
// reads nor writes, nor removes them based on the date - so 0 (which
// will end up as now()) is fine.
uint64_t modificationTime = 0;
AddInternal(principal, perm.type, perm.capability, 0, perm.expireType,
perm.expireTime, modificationTime, eNotify, eNoDBOperation,
true /* ignoreSessionPermissions */);
}
// Stop here; we don't need the DB in the child process
return NS_OK;
return FetchPermissions();
}
// ignore failure here, since it's non-fatal (we can run fine without
@ -451,6 +431,18 @@ nsPermissionManager::Init()
return NS_OK;
}
NS_IMETHODIMP
nsPermissionManager::RefreshPermission() {
NS_ENSURE_TRUE(IsChildProcess(), NS_ERROR_FAILURE);
nsresult rv = RemoveAllFromMemory();
NS_ENSURE_SUCCESS(rv, rv);
rv = FetchPermissions();
NS_ENSURE_SUCCESS(rv, rv);
return NS_OK;
}
nsresult
nsPermissionManager::InitDB(bool aRemoveFile)
{
@ -2214,3 +2206,29 @@ nsPermissionManager::UpdateExpireTime(nsIPrincipal* aPrincipal,
}
return NS_OK;
}
nsresult
nsPermissionManager::FetchPermissions() {
MOZ_ASSERT(IsChildProcess(), "FetchPermissions can only be invoked in child process");
// Get the permissions from the parent process
InfallibleTArray<IPC::Permission> perms;
ChildProcess()->SendReadPermissions(&perms);
for (uint32_t i = 0; i < perms.Length(); i++) {
const IPC::Permission &perm = perms[i];
nsCOMPtr<nsIPrincipal> principal;
nsresult rv = GetPrincipal(perm.host, perm.appId,
perm.isInBrowserElement, getter_AddRefs(principal));
NS_ENSURE_SUCCESS(rv, rv);
// The child process doesn't care about modification times - it neither
// reads nor writes, nor removes them based on the date - so 0 (which
// will end up as now()) is fine.
uint64_t modificationTime = 0;
AddInternal(principal, perm.type, perm.capability, 0, perm.expireType,
perm.expireTime, modificationTime, eNotify, eNoDBOperation,
true /* ignoreSessionPermissions */);
}
return NS_OK;
}

View File

@ -312,6 +312,12 @@ private:
nsresult
RemoveAllModifiedSince(int64_t aModificationTime);
/**
* Retrieve permissions from chrome process.
*/
nsresult
FetchPermissions();
nsCOMPtr<nsIObserverService> mObserverService;
nsCOMPtr<nsIIDNService> mIDNService;

View File

@ -37,7 +37,7 @@ interface nsIDOMWindow;
interface nsIPermission;
interface nsISimpleEnumerator;
[scriptable, uuid(620d9b61-8997-4d13-aa64-ec03341dd75b)]
[scriptable, uuid(93a156f8-bcc8-4568-a214-389b073332dd)]
interface nsIPermissionManager : nsISupports
{
/**
@ -255,6 +255,12 @@ interface nsIPermissionManager : nsISupports
in boolean exactHost,
in uint64_t sessionExpireTime,
in uint64_t persistentExpireTime);
/**
* Remove all current permission settings and get permission settings from
* chrome process.
*/
void refreshPermission();
};
%{ C++