diff --git a/dom/apps/src/PermissionsInstaller.jsm b/dom/apps/src/PermissionsInstaller.jsm index 4a27bfe73b8..2bfac4ddce4 100644 --- a/dom/apps/src/PermissionsInstaller.jsm +++ b/dom/apps/src/PermissionsInstaller.jsm @@ -90,8 +90,10 @@ this.PermissionsInstaller = { continue; } // Remove the deprecated permission - // TODO: use PermSettings.remove, see bug 793204 - this._setPermission(permName, "unknown", aApp); + PermissionSettingsModule.removePermission(permName, + aApp.manifestURL, + aApp.origin, + false); } } } diff --git a/dom/interfaces/permission/nsIDOMPermissionSettings.idl b/dom/interfaces/permission/nsIDOMPermissionSettings.idl index 5cf237d6db5..5505dbbd6d9 100644 --- a/dom/interfaces/permission/nsIDOMPermissionSettings.idl +++ b/dom/interfaces/permission/nsIDOMPermissionSettings.idl @@ -6,7 +6,7 @@ interface nsIDOMDOMRequest; -[scriptable, uuid(b3e3894e-b24e-4174-9c80-08115709615b)] +[scriptable, uuid(18390770-02ab-11e2-a21f-0800200c9a66)] interface nsIDOMPermissionSettings : nsISupports { DOMString get(in DOMString permission, in DOMString manifestURI, in DOMString origin, in bool browserFlag); @@ -14,4 +14,6 @@ interface nsIDOMPermissionSettings : nsISupports void set(in DOMString permission, in DOMString value, in DOMString manifestURI, in DOMString origin, in bool browserFlag); bool isExplicit(in DOMString permission, in DOMString manifestURI, in DOMString origin, in bool browserFlag); + + void remove(in DOMString permission, in DOMString manifestURI, in DOMString origin, in bool browserFlag); }; diff --git a/dom/permission/PermissionSettings.js b/dom/permission/PermissionSettings.js index 24ca607b820..f7ecc2ef2c1 100644 --- a/dom/permission/PermissionSettings.js +++ b/dom/permission/PermissionSettings.js @@ -21,7 +21,7 @@ var cpm = Cc["@mozilla.org/childprocessmessagemanager;1"].getService(Ci.nsISyncM // PermissionSettings const PERMISSIONSETTINGS_CONTRACTID = "@mozilla.org/permissionSettings;1"; -const PERMISSIONSETTINGS_CID = Components.ID("{18390770-02ab-11e2-a21f-0800200c9a66}"); +const PERMISSIONSETTINGS_CID = Components.ID("{cd2cf7a1-f4c1-487b-8c1b-1a71c7097431}"); const nsIDOMPermissionSettings = Ci.nsIDOMPermissionSettings; function PermissionSettings() @@ -81,13 +81,13 @@ PermissionSettings.prototype = { set: function set(aPermName, aPermValue, aManifestURL, aOrigin, aBrowserFlag) { debug("Set called with: " + aPermName + ", " + aManifestURL + ", " + - aOrigin + ", " + aPermValue + ", " + aBrowserFlag); - let currentPermValue = this.get(aPermName, aManifestURL, aOrigin, + aOrigin + ", " + aPermValue + ", " + aBrowserFlag); + let currentPermValue = this.get(aPermName, aManifestURL, aOrigin, aBrowserFlag); let action; // Check for invalid calls so that we throw an exception rather than get // killed by parent process - if (currentPermValue === "unknown" || + if (currentPermValue === "unknown" || aPermValue === "unknown" || !this.isExplicit(aPermName, aManifestURL, aOrigin, aBrowserFlag)) { let errorMsg = "PermissionSettings.js: '" + aPermName + "'" + @@ -106,6 +106,28 @@ PermissionSettings.prototype = { }); }, + remove: function remove(aPermName, aManifestURL, aOrigin, aBrowserFlag) { + let uri = Services.io.newURI(aOrigin, null, null); + let appID = appsService.getAppLocalIdByManifestURL(aManifestURL); + let principal = secMan.getAppCodebasePrincipal(uri, appID, aBrowserFlag); + + if (principal.appStatus !== Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED) { + let errorMsg = "PermissionSettings.js: '" + aOrigin + "'" + + " is installed, cannot remove permission '"+aPermName+"'."; + Cu.reportError(errorMsg); + throw new Components.Exception(errorMsg); + } + + // PermissionSettings.jsm handles delete when value is "unknown" + cpm.sendSyncMessage("PermissionSettings:AddPermission", { + type: aPermName, + origin: aOrigin, + manifestURL: aManifestURL, + value: "unknown", + browserFlag: aBrowserFlag + }); + }, + init: function init(aWindow) { debug("init"); diff --git a/dom/permission/PermissionSettings.jsm b/dom/permission/PermissionSettings.jsm index b701321ba1e..2064a4cdfa9 100644 --- a/dom/permission/PermissionSettings.jsm +++ b/dom/permission/PermissionSettings.jsm @@ -49,7 +49,8 @@ this.PermissionSettingsModule = { // Bug 812289: // Change is allowed from a child process when all of the following // conditions stand true: - // * the action isn't "unknown" (so the change isn't a delete) + // * the action isn't "unknown" (so the change isn't a delete) if the app + // is installed // * the permission already exists on the database // * the permission is marked as explicit on the permissions table // Note that we *have* to check the first two conditions ere because @@ -60,8 +61,12 @@ this.PermissionSettingsModule = { let perm = permissionManager.testExactPermissionFromPrincipal(aPrincipal,aPermName); let isExplicit = isExplicitInPermissionsTable(aPermName, aPrincipal.appStatus); - - return (aAction !== "unknown") && + + let deleteAllowed = true; + if (aAction === "unknown") + deleteAllowed = (aPrincipal.appStatus === Ci.nsIPrincipal.APP_STATUS_NOT_INSTALLED); + + return deleteAllowed && (perm !== Ci.nsIPermissionManager.UNKNOWN_ACTION) && isExplicit; }, @@ -132,6 +137,17 @@ this.PermissionSettingsModule = { } }, + removePermission: function removePermission(aPermName, aManifestURL, aOrigin, aBrowserFlag) { + let data = { + type: aPermName, + origin: aOrigin, + manifestURL: aManifestURL, + value: "unknown", + browserFlag: aBrowserFlag + }; + this._internalAddPermission(data, false); + }, + observe: function observe(aSubject, aTopic, aData) { ppmm.removeMessageListener("PermissionSettings:AddPermission", this); Services.obs.removeObserver(this, "profile-before-change"); @@ -147,11 +163,11 @@ this.PermissionSettingsModule = { switch (aMessage.name) { case "PermissionSettings:AddPermission": let success = false; - let errorMsg = + let errorMsg = " from a content process with no 'permissions' privileges."; if (mm.assertPermission("permissions")) { success = this._internalAddPermission(msg, false); - if (!success) { + if (!success) { // Just kill the calling process mm.assertPermission("permissions-modify-implicit"); errorMsg = " had an implicit permission change. Child process killed."; diff --git a/dom/permission/PermissionSettings.manifest b/dom/permission/PermissionSettings.manifest index a21276ae74d..5229dea655f 100644 --- a/dom/permission/PermissionSettings.manifest +++ b/dom/permission/PermissionSettings.manifest @@ -1,3 +1,3 @@ -component {18390770-02ab-11e2-a21f-0800200c9a66} PermissionSettings.js -contract @mozilla.org/permissionSettings;1 {18390770-02ab-11e2-a21f-0800200c9a66} +component {cd2cf7a1-f4c1-487b-8c1b-1a71c7097431} PermissionSettings.js +contract @mozilla.org/permissionSettings;1 {cd2cf7a1-f4c1-487b-8c1b-1a71c7097431} category JavaScript-navigator-property mozPermissionSettings @mozilla.org/permissionSettings;1 diff --git a/dom/permission/tests/test_permission_basics.html b/dom/permission/tests/test_permission_basics.html index eef84bdaa4b..38d0e4ffb40 100644 --- a/dom/permission/tests/test_permission_basics.html +++ b/dom/permission/tests/test_permission_basics.html @@ -31,7 +31,7 @@ var testCertApp = { SpecialPowers.addPermission("permissions", true, document); var comp = SpecialPowers.wrap(Components); -SpecialPowers.pushPrefEnv({ "set": [["dom.mozPermissionSettings.enabled", true]] }, +SpecialPowers.pushPrefEnv({ "set": [["dom.mozPermissionSettings.enabled", true]] }, function() { SpecialPowers.removePermission("permissions", document); }); @@ -66,7 +66,7 @@ function permissionTest() { // Erasing a permission, even an explicit one, is not allowed try { - mozPermissions.set(testPerm, "unknown", privAppManifest, originPriv, false); + mozPermissions.remove(testPerm, privAppManifest, originPriv, false); ok(false, "Erase explicit permission"); } catch (e) { ok(true, "Erase explicit permission");