Bug 882911 - Add nsIProcessChecker.checkAppHasStatus. r=smaug

content/base/public/nsIMessageManager.idl

@@ -336,7 +336,7 @@ interface nsIFrameScriptLoader : nsISupports
   void removeDelayedFrameScript(in AString aURL);
 };
 
-[scriptable, builtinclass, uuid(134ccbf0-5c08-11e2-bcfd-0800200c9a66)]
+[scriptable, builtinclass, uuid(b37821ff-df79-44d4-821c-6d6ec4dfe1e9)]
 interface nsIProcessChecker : nsISupports
 {
 
@@ -384,4 +384,15 @@ interface nsIProcessChecker : nsISupports
 
   boolean assertAppHasPermission(in DOMString aPermission);
 
+  /**
+   * Return true iff the "remote" process' principal has an appStatus equal to
+   * |aStatus|.
+   *
+   * This interface only returns meaningful data when our content is
+   * in a separate process.  If it shares the same OS process as us,
+   * then applying this permission check doesn't add any security,
+   * though it doesn't hurt anything either.
+   */
+  boolean checkAppHasStatus(in unsigned short aStatus);
+
 };

content/base/src/nsFrameMessageManager.cpp

@@ -582,6 +582,24 @@ nsFrameMessageManager::AssertAppHasPermission(const nsAString& aPermission,
                                aHasPermission);
 }
 
+NS_IMETHODIMP
+nsFrameMessageManager::CheckAppHasStatus(unsigned short aStatus,
+                                         bool* aHasStatus)
+{
+  *aHasStatus = false;
+
+  // This API is only supported for message senders in the chrome process.
+  if (!mChrome || mIsBroadcaster) {
+    return NS_ERROR_NOT_IMPLEMENTED;
+  }
+  if (!mCallback) {
+    return NS_ERROR_NOT_AVAILABLE;
+  }
+  *aHasStatus = mCallback->CheckAppHasStatus(aStatus);
+
+  return NS_OK;
+}
+
 class MMListenerRemover
 {
 public:

content/base/src/nsFrameMessageManager.h

@@ -79,6 +79,11 @@ public:
     return false;
   }
 
+  virtual bool CheckAppHasStatus(unsigned short aStatus)
+  {
+    return false;
+  }
+
 protected:
   bool BuildClonedMessageDataForParent(ContentParent* aParent,
 				       const StructuredCloneData& aData,

dom/ipc/AppProcessChecker.cpp

@@ -64,6 +64,28 @@ AssertAppProcess(PBrowserParent* aActor,
   return aValid;
 }
 
+bool
+AssertAppStatus(PBrowserParent* aActor,
+                unsigned short aStatus)
+{
+  if (!aActor) {
+    NS_WARNING("Testing process capability for null actor");
+    return false;
+  }
+
+  TabParent* tab = static_cast<TabParent*>(aActor);
+  nsCOMPtr<mozIApplication> app = tab->GetOwnOrContainingApp();
+
+  if (app) {
+    unsigned short appStatus = 0;
+    if (NS_SUCCEEDED(app->GetAppStatus(&appStatus))) {
+      return appStatus == aStatus;
+    }
+  }
+
+  return false;
+}
+
 bool
 AssertAppProcess(PContentParent* aActor,
                  AssertAppProcessType aType,
@@ -79,6 +101,20 @@ AssertAppProcess(PContentParent* aActor,
   return false;
 }
 
+bool
+AssertAppStatus(PContentParent* aActor,
+                unsigned short aStatus)
+{
+  const InfallibleTArray<PBrowserParent*>& browsers =
+    aActor->ManagedPBrowserParent();
+  for (uint32_t i = 0; i < browsers.Length(); ++i) {
+    if (AssertAppStatus(browsers[i], aStatus)) {
+      return true;
+    }
+  }
+  return false;
+}
+
 bool
 AssertAppProcess(PHalParent* aActor,
                  AssertAppProcessType aType,

dom/ipc/AppProcessChecker.h

@@ -35,6 +35,10 @@ AssertAppProcess(mozilla::dom::PBrowserParent* aActor,
                  AssertAppProcessType aType,
                  const char* aCapability);
 
+bool
+AssertAppStatus(mozilla::dom::PBrowserParent* aActor,
+                unsigned short aStatus);
+
 /**
  * Return true iff any of the PBrowsers loaded in this content process
  * has the specified capability.  If this returns false, the process
@@ -45,6 +49,10 @@ AssertAppProcess(mozilla::dom::PContentParent* aActor,
                  AssertAppProcessType aType,
                  const char* aCapability);
 
+bool
+AssertAppStatus(mozilla::dom::PContentParent* aActor,
+                unsigned short aStatus);
+
 bool
 AssertAppProcess(mozilla::hal_sandbox::PHalParent* aActor,
                  AssertAppProcessType aType,
@@ -94,6 +102,13 @@ AssertAppHasPermission(T* aActor,
                           aPermission);
 }
 
+template<typename T>
+inline bool
+AssertAppHasStatus(T* aActor,
+                   unsigned short aStatus) {
+  return AssertAppStatus(aActor, aStatus);
+}
+
 } // namespace mozilla
 
 #endif // mozilla_AppProcessChecker_h

dom/ipc/ContentParent.cpp

@@ -2576,6 +2576,12 @@ ContentParent::CheckAppHasPermission(const nsAString& aPermission)
   return AssertAppHasPermission(this, NS_ConvertUTF16toUTF8(aPermission).get());
 }
 
+bool
+ContentParent::CheckAppHasStatus(unsigned short aStatus)
+{
+  return AssertAppHasStatus(this, aStatus);
+}
+
 bool
 ContentParent::RecvSystemMessageHandled()
 {

dom/ipc/ContentParent.h

@@ -115,6 +115,7 @@ public:
     virtual bool CheckPermission(const nsAString& aPermission) MOZ_OVERRIDE;
     virtual bool CheckManifestURL(const nsAString& aManifestURL) MOZ_OVERRIDE;
     virtual bool CheckAppHasPermission(const nsAString& aPermission) MOZ_OVERRIDE;
+    virtual bool CheckAppHasStatus(unsigned short aStatus) MOZ_OVERRIDE;
 
     /** Notify that a tab is beginning its destruction sequence. */
     void NotifyTabDestroying(PBrowserParent* aTab);