зеркало из https://github.com/mozilla/gecko-dev.git
Bug 883420 - Add an API to set a new expireTime for an existing permission, r=ehsan sr=mounir
This commit is contained in:
Родитель
b4f881480b
Коммит
f80b28d0a3
|
@ -1806,3 +1806,59 @@ nsPermissionManager::ReleaseAppId(uint32_t aAppId)
|
|||
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
NS_IMETHODIMP
|
||||
nsPermissionManager::UpdateExpireTime(nsIPrincipal* aPrincipal,
|
||||
const char* aType,
|
||||
bool aExactHostMatch,
|
||||
uint64_t aSessionExpireTime,
|
||||
uint64_t aPersistentExpireTime)
|
||||
{
|
||||
NS_ENSURE_ARG_POINTER(aPrincipal);
|
||||
NS_ENSURE_ARG_POINTER(aType);
|
||||
|
||||
uint64_t nowms = PR_Now() / 1000;
|
||||
if (aSessionExpireTime < nowms || aPersistentExpireTime < nowms) {
|
||||
return NS_ERROR_INVALID_ARG;
|
||||
}
|
||||
|
||||
if (nsContentUtils::IsSystemPrincipal(aPrincipal)) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
nsAutoCString host;
|
||||
nsresult rv = GetHostForPrincipal(aPrincipal, host);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
int32_t typeIndex = GetTypeIndex(aType, false);
|
||||
// If type == -1, the type isn't known,
|
||||
// so just return NS_OK
|
||||
if (typeIndex == -1) return NS_OK;
|
||||
|
||||
uint32_t appId;
|
||||
rv = aPrincipal->GetAppId(&appId);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
bool isInBrowserElement;
|
||||
rv = aPrincipal->GetIsInBrowserElement(&isInBrowserElement);
|
||||
NS_ENSURE_SUCCESS(rv, rv);
|
||||
|
||||
PermissionHashKey* entry = GetPermissionHashKey(host, appId, isInBrowserElement,
|
||||
typeIndex, aExactHostMatch);
|
||||
if (!entry) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
int32_t idx = entry->GetPermissionIndex(typeIndex);
|
||||
if (-1 == idx) {
|
||||
return NS_OK;
|
||||
}
|
||||
|
||||
PermissionEntry& perm = entry->GetPermissions()[idx];
|
||||
if (perm.mExpireType == EXPIRE_TIME) {
|
||||
perm.mExpireTime = aPersistentExpireTime;
|
||||
} else if (perm.mExpireType == EXPIRE_SESSION && perm.mExpireTime != 0) {
|
||||
perm.mExpireTime = aSessionExpireTime;
|
||||
}
|
||||
return NS_OK;
|
||||
}
|
||||
|
|
|
@ -40,10 +40,20 @@ function do_run_test() {
|
|||
// add a permission without expiration
|
||||
pm.addFromPrincipal(principal, "test/expiration-perm-nexp", 1, pm.EXPIRE_NEVER, 0);
|
||||
|
||||
// add a permission for renewal
|
||||
pm.addFromPrincipal(principal, "test/expiration-perm-renewable", 1, pm.EXPIRE_TIME, now + 100);
|
||||
pm.addFromPrincipal(principal, "test/expiration-session-renewable", 1, pm.EXPIRE_SESSION, now + 100);
|
||||
|
||||
// And immediately renew them with longer timeouts
|
||||
pm.updateExpireTime(principal, "test/expiration-perm-renewable", true, now + 100, now + 1e6);
|
||||
pm.updateExpireTime(principal, "test/expiration-session-renewable", true, now + 1e6, now + 100);
|
||||
|
||||
// check that the second two haven't expired yet
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-exp3"));
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-exp3"));
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-nexp"));
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-renewable"));
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-renewable"));
|
||||
|
||||
// ... and the first one has
|
||||
do_timeout(10, continue_test);
|
||||
|
@ -63,6 +73,10 @@ function do_run_test() {
|
|||
do_check_null(pm.getPermissionObject(principal, "test/expiration-perm-exp2", false));
|
||||
do_check_null(pm.getPermissionObject(principal, "test/expiration-session-exp2", false));
|
||||
|
||||
// Check that the renewable permissions actually got renewed
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-perm-renewable"));
|
||||
do_check_eq(1, pm.testPermissionFromPrincipal(principal, "test/expiration-session-renewable"));
|
||||
|
||||
do_finish_generator_test(test_generator);
|
||||
}
|
||||
|
||||
|
|
|
@ -37,7 +37,7 @@ interface nsIPrincipal;
|
|||
interface nsIDOMWindow;
|
||||
interface nsIPermission;
|
||||
|
||||
[scriptable, uuid(f75e0a32-04cd-4ed4-ad2d-d08ca92bb98e)]
|
||||
[scriptable, uuid(c9fec678-f194-43c9-96b0-7bd9dbdd6bb0)]
|
||||
interface nsIPermissionManager : nsISupports
|
||||
{
|
||||
/**
|
||||
|
@ -230,6 +230,26 @@ interface nsIPermissionManager : nsISupports
|
|||
*/
|
||||
void removePermissionsForApp(in unsigned long appId,
|
||||
in boolean browserOnly);
|
||||
|
||||
/**
|
||||
* If the current permission is set to expire, reset the expiration time. If
|
||||
* there is no permission or the current permission does not expire, this
|
||||
* method will silently return.
|
||||
*
|
||||
* @param sessionExpiretime an integer representation of when this permission
|
||||
* should be forgotten (milliseconds since
|
||||
* Jan 1 1970 0:00:00), if it is currently
|
||||
* EXPIRE_SESSION.
|
||||
* @param sessionExpiretime an integer representation of when this permission
|
||||
* should be forgotten (milliseconds since
|
||||
* Jan 1 1970 0:00:00), if it is currently
|
||||
* EXPIRE_TIME.
|
||||
*/
|
||||
void updateExpireTime(in nsIPrincipal principal,
|
||||
in string type,
|
||||
in boolean exactHost,
|
||||
in uint64_t sessionExpireTime,
|
||||
in uint64_t persistentExpireTime);
|
||||
};
|
||||
|
||||
%{ C++
|
||||
|
|
Загрузка…
Ссылка в новой задаче