Bug 883420 - Add an API to set a new expireTime for an existing permission, r=ehsan sr=mounir

2013-06-24 08:51:07 -04:00 · 2013-06-24 08:51:07 -04:00 · f80b28d0a3
--- a/extensions/cookie/nsPermissionManager.cpp
+++ b/extensions/cookie/nsPermissionManager.cpp
@ -1806,3 +1806,59 @@ nsPermissionManager::ReleaseAppId(uint32_t aAppId)

  return NS_OK;
 }
+
+NS_IMETHODIMP
+nsPermissionManager::UpdateExpireTime(nsIPrincipal* aPrincipal,
+                                     const char* aType,
+                                     bool aExactHostMatch,
+                                     uint64_t aSessionExpireTime,
+                                     uint64_t aPersistentExpireTime)
+{
+  NS_ENSURE_ARG_POINTER(aPrincipal);
+  NS_ENSURE_ARG_POINTER(aType);
+
+  uint64_t nowms = PR_Now() / 1000;
+  if (aSessionExpireTime < nowms || aPersistentExpireTime < nowms) {
+    return NS_ERROR_INVALID_ARG;
+  }
+
+  if (nsContentUtils::IsSystemPrincipal(aPrincipal)) {
+    return NS_OK;
+  }
+
+  nsAutoCString host;
+  nsresult rv = GetHostForPrincipal(aPrincipal, host);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  int32_t typeIndex = GetTypeIndex(aType, false);
+  // If type == -1, the type isn't known,
+  // so just return NS_OK
+  if (typeIndex == -1) return NS_OK;
+
+  uint32_t appId;
+  rv = aPrincipal->GetAppId(&appId);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  bool isInBrowserElement;
+  rv = aPrincipal->GetIsInBrowserElement(&isInBrowserElement);
+  NS_ENSURE_SUCCESS(rv, rv);
+
+  PermissionHashKey* entry = GetPermissionHashKey(host, appId, isInBrowserElement,
+                                                  typeIndex, aExactHostMatch);
+  if (!entry) {
+    return NS_OK;
+  }
+
+  int32_t idx = entry->GetPermissionIndex(typeIndex);
+  if (-1 == idx) {
+    return NS_OK;
+  }
+
+  PermissionEntry& perm = entry->GetPermissions()[idx];
+  if (perm.mExpireType == EXPIRE_TIME) {
+    perm.mExpireTime = aPersistentExpireTime;
+  } else if (perm.mExpireType == EXPIRE_SESSION && perm.mExpireTime != 0) {
+    perm.mExpireTime = aSessionExpireTime;
+  }
+  return NS_OK;
+}
--- a/extensions/cookie/test/unit/test_permmanager_expiration.js
+++ b/extensions/cookie/test/unit/test_permmanager_expiration.js
@ -40,10 +40,20 @@ function do_run_test() {
  // add a permission without expiration
  pm.addFromPrincipal(principal, "test/expiration-perm-nexp", 1, pm.EXPIRE_NEVER, 0);

+  // add a permission for renewal
+  pm.addFromPrincipal(principal, "test/expiration-perm-renewable", 1, pm.EXPIRE_TIME, now + 100);
+  pm.addFromPrincipal(principal, "test/expiration-session-renewable", 1, pm.EXPIRE_SESSION, now + 100);
+
+  // And immediately renew them with longer timeouts
+  pm.updateExpireTime(principal, "test/expiration-perm-renewable", true, now + 100, now + 1e6);
+  pm.updateExpireTime(principal, "test/expiration-session-renewable", true, now + 1e6, now + 100);
+
  // check that the second two haven't expired yet
  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-exp3"));
  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-exp3"));
  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-nexp"));
+  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-renewable"));
+  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-renewable"));

  // ... and the first one has
  do_timeout(10, continue_test);
@ -63,6 +73,10 @@ function do_run_test() {
  do_check_null(pm.getPermissionObject(principal, "test/expiration-perm-exp2", false));
  do_check_null(pm.getPermissionObject(principal, "test/expiration-session-exp2", false));

+  // Check that the renewable permissions actually got renewed
+  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-renewable"));
+  do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-renewable"));
+
  do_finish_generator_test(test_generator);
 }

--- a/netwerk/base/public/nsIPermissionManager.idl
+++ b/netwerk/base/public/nsIPermissionManager.idl
@ -37,7 +37,7 @@ interface nsIPrincipal;
 interface nsIDOMWindow;
 interface nsIPermission;

-[scriptable, uuid(f75e0a32-04cd-4ed4-ad2d-d08ca92bb98e)]
+[scriptable, uuid(c9fec678-f194-43c9-96b0-7bd9dbdd6bb0)]
 interface nsIPermissionManager : nsISupports
 {
  /**
@ -230,6 +230,26 @@ interface nsIPermissionManager : nsISupports
   */
  void removePermissionsForApp(in unsigned long appId,
                               in boolean browserOnly);
+
+  /**
+   * If the current permission is set to expire, reset the expiration time. If
+   * there is no permission or the current permission does not expire, this
+   * method will silently return.
+   *
+   * @param sessionExpiretime  an integer representation of when this permission
+   *                           should be forgotten (milliseconds since
+   *                           Jan 1 1970 0:00:00), if it is currently
+   *                           EXPIRE_SESSION.
+   * @param sessionExpiretime  an integer representation of when this permission
+   *                           should be forgotten (milliseconds since
+   *                           Jan 1 1970 0:00:00), if it is currently
+   *                           EXPIRE_TIME.
+   */
+  void updateExpireTime(in nsIPrincipal principal,
+                        in string type,
+                        in boolean exactHost,
+                        in uint64_t sessionExpireTime,
+                        in uint64_t persistentExpireTime);
 };

 %{ C++