Bug 1195942 - System message registration fails for substituted permissions r=gwagner

2024-09-13 09:24:08 -07:00 · 2015-08-21 10:00:51 -07:00 · 2015-08-21 10:00:51 -07:00 · bc62703180
commit bc62703180
parent a6115b440d
2 changed files with 13 additions and 78 deletions
--- a/dom/apps/Webapps.jsm
+++ b/dom/apps/Webapps.jsm
@ -901,6 +901,7 @@ this.DOMApplicationRegistry = {
      if (SystemMessagePermissionsChecker
            .isSystemMessagePermittedToRegister(messageName,
                                                aApp.manifestURL,
+                                                aApp.origin,
                                                aManifest)) {
        msgmgr.registerPage(messageName, handlerPageURI, manifestURI);
      }
@ -956,6 +957,7 @@ this.DOMApplicationRegistry = {
      if (SystemMessagePermissionsChecker
            .isSystemMessagePermittedToRegister("connection",
                                                aApp.manifestURL,
+                                                aApp.origin,
                                                aManifest)) {
        msgmgr.registerPage("connection", handlerPageURI, manifestURI);
      }
@ -1057,6 +1059,7 @@ this.DOMApplicationRegistry = {
        if (SystemMessagePermissionsChecker
              .isSystemMessagePermittedToRegister("activity",
                                                  aApp.manifestURL,
+                                                  aApp.origin,
                                                  aManifest)) {
          msgmgr.registerPage("activity", launchPathURI, manifestURI);
        }
--- a/dom/messages/SystemMessagePermissionsChecker.jsm
+++ b/dom/messages/SystemMessagePermissionsChecker.jsm
@ -218,91 +218,23 @@ this.SystemMessagePermissionsChecker = {
   *        The system messsage name.
   * @param string aManifestURL
   *        The app's manifest URL.
+   * @param string aOrigin
+   *        The app's origin.
   * @param object aManifest
   *        The app's manifest.
   * @returns bool
   *        Is permitted or not.
   **/
-  isSystemMessagePermittedToRegister:
-    function isSystemMessagePermittedToRegister(aSysMsgName,
+  isSystemMessagePermittedToRegister: function (aSysMsgName,
                                                aManifestURL,
+                                                aOrigin,
                                                aManifest) {
-    debug("isSystemMessagePermittedToRegister(): " +
-          "aSysMsgName: " + aSysMsgName + ", " +
-          "aManifestURL: " + aManifestURL + ", " +
-          "aManifest: " + JSON.stringify(aManifest));
-
-    if (this.isDataStoreSystemMessage(aSysMsgName) &&
-        this.canDeliverDataStoreSystemMessage(aSysMsgName, aManifestURL)) {
-      return true;
-    }
-
-    let permNames = this.getSystemMessagePermissions(aSysMsgName);
-    if (permNames === null) {
-      return false;
-    }
-
-    // Check to see if the 'webapp' is app/privileged/certified.
-    let appStatus;
-    switch (AppsUtils.getAppManifestStatus(aManifest)) {
-    case Ci.nsIPrincipal.APP_STATUS_CERTIFIED:
-      appStatus = "certified";
-      break;
-    case Ci.nsIPrincipal.APP_STATUS_PRIVILEGED:
-      appStatus = "privileged";
-      break;
-    case Ci.nsIPrincipal.APP_STATUS_INSTALLED:
-      appStatus = "app";
-      if (aManifest.type == "trusted") {
-        appStatus = "trusted";
-      }
-      break;
-    default:
-      throw new Error("SystemMessagePermissionsChecker.jsm: " +
-                      "Cannot decide the app's status. Install cancelled.");
-      break;
-    }
-
-    // It's ok here to not pass the origin to ManifestHelper since we only
-    // need the permission property and that doesn't depend on uri resolution.
-    let newManifest = new ManifestHelper(aManifest, aManifestURL, aManifestURL);
-
-    for (let permName in permNames) {
-      // The app doesn't claim valid permissions for this sytem message.
-      if (!newManifest.permissions || !newManifest.permissions[permName]) {
-        debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
-              "Please add the permission for app: '" + aManifestURL + "'.");
-        return false;
-      }
-      let permValue = PermissionsTable[permName][appStatus];
-      if (permValue != Ci.nsIPermissionManager.PROMPT_ACTION &&
-          permValue != Ci.nsIPermissionManager.ALLOW_ACTION) {
-        debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
-              "Please add the permission for app: '" + aManifestURL + "'.");
-        return false;
-      }
-
-      // Compare the expanded permission names between the ones in
-      // app's manifest and the ones needed for system message.
-      let expandedPermNames =
-        expandPermissions(permName,
-                          newManifest.permissions[permName].access);
-
-      let permNamesWithAccess = permNames[permName];
-
-      // Early return false as soon as any permission is not matched.
-      for (let idx in permNamesWithAccess) {
-        let index = expandedPermNames.indexOf(permNamesWithAccess[idx]);
-        if (index == -1) {
-          debug("'" + aSysMsgName + "' isn't permitted by '" + permName + "'. " +
-                "Please add the permission for app: '" + aOrigin + "'.");
-          return false;
-        }
-      }
-    }
-
-    // All the permissions needed for this system message are matched.
-    return true;
+      // Test if the launch path of the app has the right permission.
+      let newManifest = new ManifestHelper(aManifest, aOrigin, aManifestURL);
+      let launchUrl = newManifest.fullLaunchPath();
+      return this.isSystemMessagePermittedToSend(aSysMsgName,
+                                                 launchUrl,
+                                                 aManifestURL);
  },

  /**