tor-browser

The Tor Browser
git clone https://git.dasho.dev/tor-browser.git
Log | Files | Refs | README | LICENSE

Permissions.sys.mjs (4288B)

      1 /* This Source Code Form is subject to the terms of the Mozilla Public
      2 * License, v. 2.0. If a copy of the MPL was not distributed with this file,
      3 * You can obtain one at http://mozilla.org/MPL/2.0/. */
      4 
      5 const lazy = {};
      6 
      7 ChromeUtils.defineESModuleGetters(lazy, {
      8  assert: "chrome://remote/content/shared/webdriver/Assert.sys.mjs",
      9  error: "chrome://remote/content/shared/webdriver/Errors.sys.mjs",
     10  pprint: "chrome://remote/content/shared/Format.sys.mjs",
     11 });
     12 
     13 /**
     14 * @typedef {string} PermissionState
     15 */
     16 
     17 /**
     18 * Enum of possible permission states supported by permission APIs.
     19 *
     20 * @readonly
     21 * @enum {PermissionState}
     22 */
     23 const PermissionState = {
     24  denied: "denied",
     25  granted: "granted",
     26  prompt: "prompt",
     27 };
     28 
     29 /** @namespace */
     30 export const permissions = {};
     31 
     32 /**
     33 * Get a permission type for the "storage-access" permission.
     34 *
     35 * @param {nsIURI} uri
     36 *     The URI to use for building the permission type.
     37 *
     38 * @returns {string} permissionType
     39 *    The permission type for the "storage-access" permission.
     40 */
     41 permissions.getStorageAccessPermissionsType = function (uri) {
     42  const thirdPartyPrincipalSite = Services.eTLD.getSite(uri);
     43  return "3rdPartyFrameStorage^" + thirdPartyPrincipalSite;
     44 };
     45 
     46 /**
     47 * Set a permission given a permission descriptor, a permission state,
     48 * an origin.
     49 *
     50 * @param {PermissionDescriptor} descriptor
     51 *     The descriptor of the permission which will be updated.
     52 * @param {string} state
     53 *     State of the permission. It can be `granted`, `denied` or `prompt`.
     54 * @param {string} origin
     55 *     The origin which is used as a target for permission update.
     56 * @param {string=} userContextId
     57 *     The internal id of the user context which should be used as a target
     58 *     for permission update.
     59 *
     60 * @throws {UnsupportedOperationError}
     61 *     If <var>state</var> has unsupported value.
     62 */
     63 permissions.set = function (descriptor, state, origin, userContextId) {
     64  let principal =
     65    Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin);
     66 
     67  if (userContextId) {
     68    principal = Services.scriptSecurityManager.principalWithOA(principal, {
     69      userContextId,
     70    });
     71  }
     72 
     73  switch (state) {
     74    case "granted": {
     75      Services.perms.addFromPrincipal(
     76        principal,
     77        descriptor.type,
     78        Services.perms.ALLOW_ACTION
     79      );
     80      return;
     81    }
     82    case "denied": {
     83      Services.perms.addFromPrincipal(
     84        principal,
     85        descriptor.type,
     86        Services.perms.DENY_ACTION
     87      );
     88      return;
     89    }
     90    case "prompt": {
     91      Services.perms.removeFromPrincipal(principal, descriptor.type);
     92      return;
     93    }
     94    default:
     95      throw new lazy.error.UnsupportedOperationError(
     96        "Unrecognized permission keyword for 'Set Permission' operation"
     97      );
     98  }
     99 };
    100 
    101 /**
    102 * Validate the permission descriptor.
    103 *
    104 * @param {PermissionDescriptor} descriptor
    105 *     The descriptor of the permission which will be validated.
    106 *
    107 * @throws {InvalidArgumentError}
    108 *     Raised if an argument is of an invalid type or value.
    109 * @throws {UnsupportedOperationError}
    110 *     If a permission with <var>descriptor</var> is not supported.
    111 */
    112 permissions.validateDescriptor = function (descriptor) {
    113  lazy.assert.object(
    114    descriptor,
    115    lazy.pprint`Expected "descriptor" to be an object, got ${descriptor}`
    116  );
    117  const permissionName = descriptor.name;
    118  lazy.assert.string(
    119    permissionName,
    120    lazy.pprint`Expected descriptor "name" to be a string, got ${permissionName}`
    121  );
    122 
    123  // Bug 1609427: PermissionDescriptor for "camera" and "microphone" are not yet implemented.
    124  if (["camera", "microphone"].includes(permissionName)) {
    125    throw new lazy.error.UnsupportedOperationError(
    126      `"descriptor.name" "${permissionName}" is currently unsupported`
    127    );
    128  }
    129 };
    130 
    131 /**
    132 * Validate the permission state.
    133 *
    134 * @param {PermissionState} state
    135 *     The state of the permission which will be validated.
    136 *
    137 * @throws {InvalidArgumentError}
    138 *     Raised if an argument is of an invalid type or value.
    139 */
    140 permissions.validateState = function (state) {
    141  const permissionStateTypes = Object.keys(PermissionState);
    142  lazy.assert.that(
    143    state => permissionStateTypes.includes(state),
    144    lazy.pprint`Expected "state" to be one of ${permissionStateTypes}, got ${state}`
    145  )(state);
    146 };