Bug 1165263 - Part 2: Update unit tests for nsPermissionManager to reflect new internals, r=ehsan

2015-06-16 15:28:58 -04:00 · 2015-06-16 15:28:58 -04:00 · 4e4701aa65
--- a/extensions/cookie/test/unit/test_permmanager_defaults.js
+++ b/extensions/cookie/test/unit/test_permmanager_defaults.js
@ -3,7 +3,9 @@
 // The origin we use in most of the tests.
 const TEST_ORIGIN = NetUtil.newURI("http://example.org");
 const TEST_ORIGIN_HTTPS = NetUtil.newURI("https://example.org");
 const TEST_ORIGIN_2 = NetUtil.newURI("http://example.com");
 const TEST_ORIGIN_3 = NetUtil.newURI("https://example2.com:8080");
 const TEST_PERMISSION = "test-permission";
 Components.utils.import("resource://gre/modules/Promise.jsm");
@ -35,8 +37,10 @@ add_task(function* do_test() {
  conv.writeString("# this is a comment\n");
  conv.writeString("\n"); // a blank line!
-  conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.spec + "\n");
+  conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.host + "\n");
-  conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN_2.spec + "\n");
+  conv.writeString("host\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN_2.host + "\n");
  conv.writeString("origin\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN_3.spec + "\n");
  conv.writeString("origin\t" + TEST_PERMISSION + "\t1\t" + TEST_ORIGIN.spec + "!appId=1000&inBrowser=1\n");
  ostream.close();
  // Set the preference used by the permission manager so the file is read.
@ -48,12 +52,29 @@ add_task(function* do_test() {
  // test the default permission was applied.
  let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN);
  let principalHttps = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_HTTPS);
  let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_2);
  let principal3 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_3);
  let principal4 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN, 1000, true);
  let principal5 = Services.scriptSecurityManager.getAppCodebasePrincipal(TEST_ORIGIN_3, 1000, true);
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal, TEST_PERMISSION));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principalHttps, TEST_PERMISSION));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal3, TEST_PERMISSION));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal4, TEST_PERMISSION));
  // Didn't add
  do_check_eq(Ci.nsIPermissionManager.UNKNOWN_ACTION,
              pm.testPermissionFromPrincipal(principal5, TEST_PERMISSION));
  // the permission should exist in the enumerator.
-  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION, findCapabilityViaEnum());
+  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION, findCapabilityViaEnum(TEST_ORIGIN));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION, findCapabilityViaEnum(TEST_ORIGIN_3));
  // but should not have been written to the DB
  yield checkCapabilityViaDB(null);
@ -62,6 +83,10 @@ add_task(function* do_test() {
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal, TEST_PERMISSION));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal3, TEST_PERMISSION));
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal4, TEST_PERMISSION));
  // Asking for this permission to be removed should result in that permission
  // having UNKNOWN_ACTION
@ -104,8 +129,6 @@ add_task(function* do_test() {
  // check default permissions and removeAllSince work as expected.
  pm.removeAll(); // ensure only defaults are there.
  let principal2 = Services.scriptSecurityManager.getNoAppCodebasePrincipal(TEST_ORIGIN_2);
  // default for both principals is allow.
  do_check_eq(Ci.nsIPermissionManager.ALLOW_ACTION,
              pm.testPermissionFromPrincipal(principal, TEST_PERMISSION));
@ -174,7 +197,7 @@ function checkCapabilityViaDB(expected, origin = TEST_ORIGIN, type = TEST_PERMIS
  let count = 0;
  let max = 20;
  let do_check = () => {
-    let got = findCapabilityViaDB(origin.host, type);
+    let got = findCapabilityViaDB(origin, type);
    if (got == expected) {
      // the do_check_eq() below will succeed - which is what we want.
      do_check_eq(got, expected, "The database has the expected value");
@ -198,7 +221,10 @@ function checkCapabilityViaDB(expected, origin = TEST_ORIGIN, type = TEST_PERMIS
 // use the DB to find the requested permission.   Returns the permission
 // value (ie, the "capability" in nsIPermission parlance) or null if it can't
 // be found.
-function findCapabilityViaDB(host = TEST_ORIGIN, type = TEST_PERMISSION) {
+function findCapabilityViaDB(origin = TEST_ORIGIN, type = TEST_PERMISSION) {
  let principal = Services.scriptSecurityManager.getNoAppCodebasePrincipal(origin);
  let originStr = principal.origin;
  let file = Services.dirsvc.get("ProfD", Ci.nsIFile);
  file.append("permissions.sqlite");
@ -208,8 +234,8 @@ function findCapabilityViaDB(host = TEST_ORIGIN, type = TEST_PERMISSION) {
  let connection = storage.openDatabase(file);
  let query = connection.createStatement(
-      "SELECT permission FROM moz_hosts WHERE host = :host AND type = :type");
+      "SELECT permission FROM moz_hosts WHERE origin = :origin AND type = :type");
-  query.bindByName("host", host);
+  query.bindByName("origin", originStr);
  query.bindByName("type", type);
  if (!query.executeStep()) {
--- a/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js
+++ b/extensions/cookie/test/unit/test_permmanager_load_invalid_entries.js
@ -121,7 +121,7 @@ function run_test() {
  // The schema should be upgraded to 4, and a 'modificationTime' column should
  // exist with all records having a value of 0.
-  do_check_eq(connection.schemaVersion, 4);
+  do_check_eq(connection.schemaVersion, 5);
  let select = connection.createStatement("SELECT modificationTime FROM moz_hosts")
  let numMigrated = 0;
--- a/extensions/cookie/test/unit/test_permmanager_mailto.js
+++ b/extensions/cookie/test/unit/test_permmanager_mailto.js
@ -1,42 +0,0 @@
 /* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */
 function run_test() {
  // initialize the permission manager service
  const kTestAddr = "test@example.org";
  const kType = "test-mailto";
  const kCapability = 1;
  // make a mailto: URI with parameters
  let uri = Services.io.newURI("mailto:" + kTestAddr + "?subject=test", null,
                               null);
  let origin = "mailto:" + kTestAddr;
  // add a permission entry for that URI
  Services.perms.add(uri, kType, kCapability);
  do_check_true(permission_exists(origin, kType, kCapability));
  // remove the permission, and make sure it was removed
  Services.perms.remove(uri, kType);
  do_check_false(permission_exists(origin, kType, kCapability));
  uri = Services.io.newURI("mailto:" + kTestAddr, null, null);
  Services.perms.add(uri, kType, kCapability);
  do_check_true(permission_exists(origin, kType, kCapability));
  Services.perms.remove(uri, kType);
  do_check_false(permission_exists(origin, kType, kCapability));
 }
 function permission_exists(aOrigin, aType, aCapability) {
  let e = Services.perms.enumerator;
  while (e.hasMoreElements()) {
    let perm = e.getNext().QueryInterface(Ci.nsIPermission);
    if (perm.principal.origin == aOrigin &&
        perm.type == aType &&
        perm.capability == aCapability) {
      return true;
    }
  }
  return false;
 }
--- a/extensions/cookie/test/unit/test_permmanager_matches.js
+++ b/extensions/cookie/test/unit/test_permmanager_matches.js
@ -34,10 +34,6 @@ function run_test() {
  let uri0 = NetUtil.newURI("http://google.com/search?q=foo#hashtag", null, null);
  let uri1 = NetUtil.newURI("http://hangouts.google.com/subdir", null, null);
  let uri2 = NetUtil.newURI("http://google.org/", null, null);
  // NOTE: These entries have different ports/schemes, but will be considered
  // the same right now (as permissions are based on host only). With bug 1165263
  // this will be fixed.
  let uri3 = NetUtil.newURI("https://google.com/some/random/subdirectory", null, null);
  let uri4 = NetUtil.newURI("https://hangouts.google.com/#!/hangout", null, null);
  let uri5 = NetUtil.newURI("http://google.com:8096/", null, null);
@ -88,41 +84,41 @@ function run_test() {
  pm.addFromPrincipal(uri0_2000_y, "test/matches", pm.ALLOW_ACTION);
  let perm_2000_y = pm.getPermissionObject(uri0_2000_y, "test/matches", true);
-  matches_always(perm_n_n, [uri0_n_n, uri3_n_n, uri5_n_n]);
+  matches_always(perm_n_n, [uri0_n_n]);
-  matches_weak(perm_n_n, [uri1_n_n, uri4_n_n]);
+  matches_weak(perm_n_n, [uri1_n_n]);
-  matches_never(perm_n_n, [uri2_n_n,
+  matches_never(perm_n_n, [uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
                           uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
                           uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
                           uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
                           uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
-  matches_always(perm_1000_n, [uri0_1000_n, uri3_1000_n, uri5_1000_n]);
+  matches_always(perm_1000_n, [uri0_1000_n]);
-  matches_weak(perm_1000_n, [uri1_1000_n, uri4_1000_n]);
+  matches_weak(perm_1000_n, [uri1_1000_n]);
-  matches_never(perm_1000_n, [uri2_1000_n,
+  matches_never(perm_1000_n, [uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
                              uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
-  matches_always(perm_1000_y, [uri0_1000_y, uri3_1000_y, uri5_1000_y]);
+  matches_always(perm_1000_y, [uri0_1000_y]);
-  matches_weak(perm_1000_y, [uri1_1000_y, uri4_1000_y]);
+  matches_weak(perm_1000_y, [uri1_1000_y]);
-  matches_never(perm_1000_y, [uri2_1000_y,
+  matches_never(perm_1000_y, [uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y,
                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
                              uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y]);
-  matches_always(perm_2000_n, [uri0_2000_n, uri3_2000_n, uri5_2000_n]);
+  matches_always(perm_2000_n, [uri0_2000_n]);
-  matches_weak(perm_2000_n, [uri1_2000_n, uri4_2000_n]);
+  matches_weak(perm_2000_n, [uri1_2000_n]);
-  matches_never(perm_2000_n, [uri2_2000_n,
+  matches_never(perm_2000_n, [uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
                              uri0_2000_y, uri1_2000_y, uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
                              uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
                              uri0_1000_y, uri1_1000_y, uri2_1000_y, uri3_1000_y, uri4_1000_y, uri5_1000_y]);
-  matches_always(perm_2000_y, [uri0_2000_y, uri3_2000_y, uri5_2000_y]);
+  matches_always(perm_2000_y, [uri0_2000_y]);
-  matches_weak(perm_2000_y, [uri1_2000_y, uri4_2000_y]);
+  matches_weak(perm_2000_y, [uri1_2000_y]);
-  matches_never(perm_2000_y, [uri2_2000_y,
+  matches_never(perm_2000_y, [uri2_2000_y, uri3_2000_y, uri4_2000_y, uri5_2000_y,
                              uri0_n_n, uri1_n_n, uri2_n_n, uri3_n_n, uri4_n_n, uri5_n_n,
                              uri0_2000_n, uri1_2000_n, uri2_2000_n, uri3_2000_n, uri4_2000_n, uri5_2000_n,
                              uri0_1000_n, uri1_1000_n, uri2_1000_n, uri3_1000_n, uri4_1000_n, uri5_1000_n,
--- a/extensions/cookie/test/unit/test_permmanager_matchesuri.js
+++ b/extensions/cookie/test/unit/test_permmanager_matchesuri.js
@ -70,23 +70,23 @@ function run_test() {
  {
    let perm = mk_permission(uri0);
-    matches_always(perm, [uri0, uri2, uri5, uri7]);
+    matches_always(perm, [uri0, uri2]);
-    matches_weak(perm, [uri1, uri4, uri6]);
+    matches_weak(perm, [uri1, uri4]);
-    matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri3, uri5, uri6, uri7, fileuri1, fileuri2, fileuri3]);
  }
  {
    let perm = mk_permission(uri1);
-    matches_always(perm, [uri1, uri6]);
+    matches_always(perm, [uri1]);
    matches_weak(perm, [uri4]);
-    matches_never(perm, [uri0, uri2, uri3, uri5, uri7, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri0, uri2, uri3, uri5, uri6, uri7, fileuri1, fileuri2, fileuri3]);
  }
  {
    let perm = mk_permission(uri2);
-    matches_always(perm, [uri0, uri2, uri5, uri7]);
+    matches_always(perm, [uri0, uri2]);
-    matches_weak(perm, [uri1, uri4, uri6]);
+    matches_weak(perm, [uri1, uri4]);
-    matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri3, uri5, uri6, uri7, fileuri1, fileuri2, fileuri3]);
  }
  {
@ -105,23 +105,23 @@ function run_test() {
  {
    let perm = mk_permission(uri5);
-    matches_always(perm, [uri0, uri2, uri5, uri7]);
+    matches_always(perm, [uri5, uri7]);
-    matches_weak(perm, [uri1, uri4, uri6]);
+    matches_weak(perm, [uri6]);
-    matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri0, uri1, uri2, uri3, uri4, fileuri1, fileuri2, fileuri3]);
  }
  {
    let perm = mk_permission(uri6);
-    matches_always(perm, [uri1, uri6]);
+    matches_always(perm, [uri6]);
-    matches_weak(perm, [uri4]);
+    matches_weak(perm, []);
-    matches_never(perm, [uri0, uri2, uri3, uri5, uri7, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri0, uri1, uri2, uri3, uri4, uri5, uri7, fileuri1, fileuri2, fileuri3]);
  }
  {
    let perm = mk_permission(uri7);
-    matches_always(perm, [uri0, uri2, uri5, uri7]);
+    matches_always(perm, [uri5, uri7]);
-    matches_weak(perm, [uri1, uri4, uri6]);
+    matches_weak(perm, [uri6]);
-    matches_never(perm, [uri3, fileuri1, fileuri2, fileuri3]);
+    matches_never(perm, [uri0, uri1, uri2, uri3, uri4, fileuri1, fileuri2, fileuri3]);
  }
  {
--- a/extensions/cookie/test/unit/test_permmanager_migrate_4-5.js
+++ b/extensions/cookie/test/unit/test_permmanager_migrate_4-5.js
@ -0,0 +1,162 @@
 /* Any copyright is dedicated to the Public Domain.
   http://creativecommons.org/publicdomain/zero/1.0/ */
 XPCOMUtils.defineLazyModuleGetter(this, "PlacesTestUtils",
                                  "resource://testing-common/PlacesTestUtils.jsm");
 let PERMISSIONS_FILE_NAME = "permissions.sqlite";
 function GetPermissionsFile(profile)
 {
  let file = profile.clone();
  file.append(PERMISSIONS_FILE_NAME);
  return file;
 }
 function run_test() {
  run_next_test();
 }
 add_task(function test() {
  /* Create and set up the permissions database */
  let profile = do_get_profile();
  let db = Services.storage.openDatabase(GetPermissionsFile(profile));
  db.schemaVersion = 4;
  db.executeSimpleSQL(
    "CREATE TABLE moz_hosts (" +
      " id INTEGER PRIMARY KEY" +
      ",host TEXT" +
      ",type TEXT" +
      ",permission INTEGER" +
      ",expireType INTEGER" +
      ",expireTime INTEGER" +
      ",modificationTime INTEGER" +
      ",appId INTEGER" +
      ",isInBrowserElement INTEGER" +
    ")");
  let stmtInsert = db.createStatement(
    "INSERT INTO moz_hosts (" +
      "id, host, type, permission, expireType, expireTime, modificationTime, appId, isInBrowserElement" +
    ") VALUES (" +
      ":id, :host, :type, :permission, :expireType, :expireTime, :modificationTime, :appId, :isInBrowserElement" +
    ")");
  let id = 0;
  function insertHost(host, type, permission, expireType, expireTime, modificationTime, appId, isInBrowserElement) {
    stmtInsert.bindByName("id", id++);
    stmtInsert.bindByName("host", host);
    stmtInsert.bindByName("type", type);
    stmtInsert.bindByName("permission", permission);
    stmtInsert.bindByName("expireType", expireType);
    stmtInsert.bindByName("expireTime", expireTime);
    stmtInsert.bindByName("modificationTime", modificationTime);
    stmtInsert.bindByName("appId", appId);
    stmtInsert.bindByName("isInBrowserElement", isInBrowserElement);
    try {
      stmtInsert.executeStep();
      stmtInsert.reset();
    } catch (e) {
      stmtInsert.reset();
      throw e;
    }
  }
  // Add some rows to the database
  insertHost("foo.com", "A", 1, 0, 0, 0, 0, false);
  insertHost("foo.com", "A", 1, 0, 0, 0, 1000, false);
  insertHost("foo.com", "A", 1, 0, 0, 0, 2000, true);
  insertHost("sub.foo.com", "B", 1, 0, 0, 0, 0, false);
  insertHost("subber.sub.foo.com", "B", 1, 0, 0, 0, 0, false);
  insertHost("bar.ca", "B", 1, 0, 0, 0, 0, false);
  insertHost("bar.ca", "B", 1, 0, 0, 0, 1000, false);
  insertHost("bar.ca", "A", 1, 0, 0, 0, 1000, true);
  insertHost("file:///some/path/to/file.html", "A", 1, 0, 0, 0, 0, false);
  insertHost("file:///another/file.html", "A", 1, 0, 0, 0, 0, false);
  insertHost("moz-nullprincipal:{8695105a-adbe-4e4e-8083-851faa5ca2d7}", "A", 1, 0, 0, 0, 0, false);
  insertHost("moz-nullprincipal:{12ahjksd-akjs-asd3-8393-asdu2189asdu}", "B", 1, 0, 0, 0, 0, false);
  insertHost("<file>", "A", 1, 0, 0, 0, 0, false);
  insertHost("<file>", "B", 1, 0, 0, 0, 0, false);
  // CLose the db connection
  stmtInsert.finalize();
  db.close();
  stmtInsert = null;
  db = null;
  let expected = [
    // The http:// entries under foo.com won't be inserted, as there are history entries for foo.com,
    // and http://foo.com or a subdomain are never visited.
    // However, permissions for subdomains of foo.com will be present for both http:// and https://,
    // as they do not apply to any entry in the history
    // ["http://foo.com", "A", 1, 0, 0],
    // ["http://foo.com!appId=1000", "A", 1, 0, 0],
    // ["http://foo.com!appId=2000&inBrowser=1", "A", 1, 0, 0],
    ["http://sub.foo.com", "B", 1, 0, 0],
    ["http://subber.sub.foo.com", "B", 1, 0, 0],
    ["https://foo.com", "A", 1, 0, 0],
    ["https://foo.com!appId=1000", "A", 1, 0, 0],
    ["https://foo.com!appId=2000&inBrowser=1", "A", 1, 0, 0],
    ["https://sub.foo.com", "B", 1, 0, 0],
    ["https://subber.sub.foo.com", "B", 1, 0, 0],
    // bar.ca will have both http:// and https:// for all entries, because the foo did the bar a favour
    ["http://bar.ca", "B", 1, 0, 0],
    ["https://bar.ca", "B", 1, 0, 0],
    ["http://bar.ca!appId=1000", "B", 1, 0, 0],
    ["https://bar.ca!appId=1000", "B", 1, 0, 0],
    ["http://bar.ca!appId=1000&inBrowser=1", "A", 1, 0, 0],
    ["https://bar.ca!appId=1000&inBrowser=1", "A", 1, 0, 0],
    ["file:///some/path/to/file.html", "A", 1, 0, 0],
    ["file:///another/file.html", "A", 1, 0, 0],
    // Because we put ftp://some.subdomain.of.foo.com:8000/some/subdirectory in the history, we should
    // also have these entries
    ["ftp://foo.com:8000", "A", 1, 0, 0],
    ["ftp://foo.com:8000!appId=1000", "A", 1, 0, 0],
    ["ftp://foo.com:8000!appId=2000&inBrowser=1", "A", 1, 0, 0],
  ];
  let found = expected.map((it) => 0);
  // Add some places to the places database
  yield PlacesTestUtils.addVisits(Services.io.newURI("https://foo.com/some/other/subdirectory", null, null));
  yield PlacesTestUtils.addVisits(Services.io.newURI("ftp://some.subdomain.of.foo.com:8000/some/subdirectory", null, null));
  // Force initialization of the nsPermissionManager
  let enumerator = Services.perms.enumerator;
  while (enumerator.hasMoreElements()) {
    let permission = enumerator.getNext().QueryInterface(Ci.nsIPermission);
    let isExpected = false;
    expected.forEach((it, i) => {
      if (permission.principal.origin == it[0] &&
          permission.type == it[1] &&
          permission.capability == it[2] &&
          permission.expireType == it[3] &&
          permission.expireTime == it[4]) {
        isExpected = true;
        found[i]++;
      }
    });
    do_check_true(isExpected,
                  "Permission " + (isExpected ? "should" : "shouldn't") +
                  " be in permission database: " +
                  permission.principal.origin + ", " +
                  permission.type + ", " +
                  permission.capability + ", " +
                  permission.expireType + ", " +
                  permission.expireTime);
  }
  found.forEach((count, i) => {
    do_check_true(count == 1, "Expected count = 1, got count = " + count + " for permission " + expected[i]);
  });
 });
--- a/extensions/cookie/test/unit/xpcshell.ini
+++ b/extensions/cookie/test/unit/xpcshell.ini
@ -30,10 +30,10 @@ skip-if = debug == true
 [test_permmanager_idn.js]
 [test_permmanager_subdomains.js]
 [test_permmanager_local_files.js]
 [test_permmanager_mailto.js]
 [test_permmanager_cleardata.js]
 [test_schema_2_migration.js]
 [test_schema_3_migration.js]
 [test_permmanager_removepermission.js]
 [test_permmanager_matchesuri.js]
 [test_permmanager_matches.js]
 [test_permmanager_migrate_4-5.js]