From fe6907f48cfe5da87ea3c7183da810a79ac1fd71 Mon Sep 17 00:00:00 2001 From: Mounir Lamouri Date: Sun, 15 Jul 2012 18:35:47 -0700 Subject: [PATCH] Bug 769597 - IndexedDB should use nsIPermissionManager with principals. r=sicking --- dom/indexedDB/CheckPermissionsHelper.cpp | 28 +++++++++--------- dom/indexedDB/CheckPermissionsHelper.h | 4 --- dom/indexedDB/CheckQuotaHelper.cpp | 36 +++++++++--------------- dom/indexedDB/CheckQuotaHelper.h | 1 - dom/indexedDB/IDBFactory.cpp | 3 +- 5 files changed, 28 insertions(+), 44 deletions(-) diff --git a/dom/indexedDB/CheckPermissionsHelper.cpp b/dom/indexedDB/CheckPermissionsHelper.cpp index c7d503702ed3..0b9569f560ac 100644 --- a/dom/indexedDB/CheckPermissionsHelper.cpp +++ b/dom/indexedDB/CheckPermissionsHelper.cpp @@ -45,8 +45,7 @@ namespace { inline PRUint32 -GetIndexedDBPermissions(const nsACString& aASCIIOrigin, - nsIDOMWindow* aWindow) +GetIndexedDBPermissions(nsIDOMWindow* aWindow) { NS_ASSERTION(NS_IsMainThread(), "Wrong thread!"); @@ -74,17 +73,15 @@ GetIndexedDBPermissions(const nsACString& aASCIIOrigin, return PERMISSION_DENIED; } - nsCOMPtr uri; - nsresult rv = NS_NewURI(getter_AddRefs(uri), aASCIIOrigin); - NS_ENSURE_SUCCESS(rv, PERMISSION_DENIED); - nsCOMPtr permissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); NS_ENSURE_TRUE(permissionManager, PERMISSION_DENIED); PRUint32 permission; - rv = permissionManager->TestPermission(uri, PERMISSION_INDEXEDDB, - &permission); + nsresult rv = + permissionManager->TestPermissionFromPrincipal(sop->GetPrincipal(), + PERMISSION_INDEXEDDB, + &permission); NS_ENSURE_SUCCESS(rv, PERMISSION_DENIED); return permission; @@ -103,7 +100,7 @@ CheckPermissionsHelper::Run() PRUint32 permission = mHasPrompted ? mPromptResult : - GetIndexedDBPermissions(mASCIIOrigin, mWindow); + GetIndexedDBPermissions(mWindow); nsresult rv; if (mHasPrompted) { @@ -113,16 +110,17 @@ CheckPermissionsHelper::Run() // we cannot set the permission from the child). if (permission != PERMISSION_PROMPT && IndexedDatabaseManager::IsMainProcess()) { - nsCOMPtr uri; - rv = NS_NewURI(getter_AddRefs(uri), mASCIIOrigin); - NS_ENSURE_SUCCESS(rv, rv); - nsCOMPtr permissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); NS_ENSURE_STATE(permissionManager); - rv = permissionManager->Add(uri, PERMISSION_INDEXEDDB, permission, - nsIPermissionManager::EXPIRE_NEVER, 0); + nsCOMPtr sop = do_QueryInterface(mWindow); + NS_ENSURE_TRUE(sop, NS_ERROR_FAILURE); + + rv = permissionManager->AddFromPrincipal(sop->GetPrincipal(), + PERMISSION_INDEXEDDB, permission, + nsIPermissionManager::EXPIRE_NEVER, + 0); NS_ENSURE_SUCCESS(rv, rv); } } diff --git a/dom/indexedDB/CheckPermissionsHelper.h b/dom/indexedDB/CheckPermissionsHelper.h index 4d012edcf655..e43a42176d94 100644 --- a/dom/indexedDB/CheckPermissionsHelper.h +++ b/dom/indexedDB/CheckPermissionsHelper.h @@ -31,11 +31,9 @@ public: CheckPermissionsHelper(OpenDatabaseHelper* aHelper, nsIDOMWindow* aWindow, - const nsACString& aASCIIOrigin, bool aForDeletion) : mHelper(aHelper), mWindow(aWindow), - mASCIIOrigin(aASCIIOrigin), // If we're trying to delete the database, we should never prompt the user. // Anything that would prompt is translated to denied. mPromptAllowed(!aForDeletion), @@ -43,13 +41,11 @@ public: mPromptResult(0) { NS_ASSERTION(aHelper, "Null pointer!"); - NS_ASSERTION(!aASCIIOrigin.IsEmpty(), "Empty origin!"); } private: nsRefPtr mHelper; nsCOMPtr mWindow; - nsCString mASCIIOrigin; bool mPromptAllowed; bool mHasPrompted; PRUint32 mPromptResult; diff --git a/dom/indexedDB/CheckQuotaHelper.cpp b/dom/indexedDB/CheckQuotaHelper.cpp index f1d789ba7eb2..181c162a83d6 100644 --- a/dom/indexedDB/CheckQuotaHelper.cpp +++ b/dom/indexedDB/CheckQuotaHelper.cpp @@ -35,8 +35,7 @@ namespace { inline PRUint32 -GetQuotaPermissions(const nsACString& aASCIIOrigin, - nsIDOMWindow* aWindow) +GetQuotaPermissions(nsIDOMWindow* aWindow) { NS_ASSERTION(NS_IsMainThread(), "Wrong thread!"); @@ -47,17 +46,15 @@ GetQuotaPermissions(const nsACString& aASCIIOrigin, return nsIPermissionManager::ALLOW_ACTION; } - nsCOMPtr uri; - nsresult rv = NS_NewURI(getter_AddRefs(uri), aASCIIOrigin); - NS_ENSURE_SUCCESS(rv, nsIPermissionManager::DENY_ACTION); - nsCOMPtr permissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); NS_ENSURE_TRUE(permissionManager, nsIPermissionManager::DENY_ACTION); PRUint32 permission; - rv = permissionManager->TestPermission(uri, PERMISSION_INDEXEDDB_UNLIMITED, - &permission); + nsresult rv = + permissionManager->TestPermissionFromPrincipal(sop->GetPrincipal(), + PERMISSION_INDEXEDDB_UNLIMITED, + &permission); NS_ENSURE_SUCCESS(rv, nsIPermissionManager::DENY_ACTION); return permission; @@ -142,14 +139,9 @@ CheckQuotaHelper::Run() nsresult rv = NS_OK; - if (mASCIIOrigin.IsEmpty()) { - rv = IndexedDatabaseManager::GetASCIIOriginFromWindow(mWindow, - mASCIIOrigin); - } - if (NS_SUCCEEDED(rv)) { if (!mHasPrompted) { - mPromptResult = GetQuotaPermissions(mASCIIOrigin, mWindow); + mPromptResult = GetQuotaPermissions(mWindow); } if (mHasPrompted) { @@ -159,17 +151,17 @@ CheckQuotaHelper::Run() // we cannot set the permission from the child). if (mPromptResult != nsIPermissionManager::UNKNOWN_ACTION && XRE_GetProcessType() == GeckoProcessType_Default) { - nsCOMPtr uri; - rv = NS_NewURI(getter_AddRefs(uri), mASCIIOrigin); - NS_ENSURE_SUCCESS(rv, rv); - + nsCOMPtr sop = do_QueryInterface(mWindow); + NS_ENSURE_TRUE(sop, NS_ERROR_FAILURE); + nsCOMPtr permissionManager = do_GetService(NS_PERMISSIONMANAGER_CONTRACTID); NS_ENSURE_STATE(permissionManager); - - rv = permissionManager->Add(uri, PERMISSION_INDEXEDDB_UNLIMITED, - mPromptResult, - nsIPermissionManager::EXPIRE_NEVER, 0); + + rv = permissionManager->AddFromPrincipal(sop->GetPrincipal(), + PERMISSION_INDEXEDDB_UNLIMITED, + mPromptResult, + nsIPermissionManager::EXPIRE_NEVER, 0); NS_ENSURE_SUCCESS(rv, rv); } } diff --git a/dom/indexedDB/CheckQuotaHelper.h b/dom/indexedDB/CheckQuotaHelper.h index 52adba45b55f..3a4abf947414 100644 --- a/dom/indexedDB/CheckQuotaHelper.h +++ b/dom/indexedDB/CheckQuotaHelper.h @@ -42,7 +42,6 @@ public: private: nsPIDOMWindow* mWindow; - nsCString mASCIIOrigin; mozilla::Mutex& mMutex; mozilla::CondVar mCondVar; PRUint32 mPromptResult; diff --git a/dom/indexedDB/IDBFactory.cpp b/dom/indexedDB/IDBFactory.cpp index 4606daa763ff..55a1831cc75d 100644 --- a/dom/indexedDB/IDBFactory.cpp +++ b/dom/indexedDB/IDBFactory.cpp @@ -509,7 +509,6 @@ IDBFactory::OpenCommon(const nsAString& aName, NS_ASSERTION(mWindow || mOwningObject, "Must have one of these!"); nsCOMPtr window; - nsCOMPtr sgo; JSObject* scriptOwner = nsnull; if (mWindow) { @@ -535,7 +534,7 @@ IDBFactory::OpenCommon(const nsAString& aName, NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR); nsRefPtr permissionHelper = - new CheckPermissionsHelper(openHelper, window, mASCIIOrigin, aDeleting); + new CheckPermissionsHelper(openHelper, window, aDeleting); IndexedDatabaseManager* mgr = IndexedDatabaseManager::Get(); NS_ASSERTION(mgr, "This should never be null!");