Bug 1037662 - Grant Firefox Accounts (FxA) access to web payment providers r=ferjm

2014-07-28 11:06:00 -07:00 · 2014-07-28 11:06:00 -07:00 · 17eb5415ac
--- a/dom/payment/Payment.jsm
+++ b/dom/payment/Payment.jsm
@ -198,6 +198,18 @@ let PaymentManager =  {
      }
    }

+#ifdef MOZ_B2G
+    let appsService = Cc["@mozilla.org/AppsService;1"]
+                        .getService(Ci.nsIAppsService);
+    let systemAppId = Ci.nsIScriptSecurityManager.NO_APP_ID;
+
+    try {
+      let manifestURL = Services.prefs.getCharPref("b2g.system_manifest_url");
+      systemAppId = appsService.getAppLocalIdByManifestURL(manifestURL);
+      this.LOG("System app id=" + systemAppId);
+    } catch(e) {}
+#endif
+
    // Now register the payment providers.
    for (let i in nums) {
      let branch = prefService
@ -211,12 +223,28 @@ let PaymentManager =  {
        if (type in this.registeredProviders) {
          continue;
        }
-        this.registeredProviders[type] = {
+        let provider = this.registeredProviders[type] = {
          name: branch.getCharPref("name"),
          uri: branch.getCharPref("uri"),
          description: branch.getCharPref("description"),
          requestMethod: branch.getCharPref("requestMethod")
        };
+
+#ifdef MOZ_B2G
+        // Let this payment provider access the firefox-accounts API when
+        // it's loaded in the trusted UI.
+        if (systemAppId != Ci.nsIScriptSecurityManager.NO_APP_ID) {
+          this.LOG("Granting firefox-accounts permission to " + provider.uri);
+          let uri = Services.io.newURI(provider.uri, null, null);
+          let principal = Services.scriptSecurityManager
+                            .getAppCodebasePrincipal(uri, systemAppId, true);
+
+          Services.perms.addFromPrincipal(principal, "firefox-accounts",
+                                          Ci.nsIPermissionManager.ALLOW_ACTION,
+                                          Ci.nsIPermissionManager.EXPIRE_SESSION);
+        }
+#endif
+
        if (this._debug) {
          this.LOG("Registered Payment Providers: " +
                    JSON.stringify(this.registeredProviders[type]));
--- a/dom/payment/moz.build
+++ b/dom/payment/moz.build
@ -6,7 +6,7 @@

 DIRS += ['interfaces']

-EXTRA_JS_MODULES += [
+EXTRA_PP_JS_MODULES += [
    'Payment.jsm',
 ]