Bug 915629 - Chrome doesn't need to check the indexedDB permission. r=bent
authorJan Varga <jan.varga@gmail.com>
Fri, 13 Sep 2013 13:19:25 +0200
changeset 147012 3c809ee6b5afe93085b92ea438fcf875ee3227b6
parent 147011 488c99b5d53141e7d3b348c95fc84857e9bc4b2b
child 147013 5c3ca75fd097718a9cb36aff773b2cff87f5cf5a
push id25283
push userryanvm@gmail.com
push dateFri, 13 Sep 2013 20:07:11 +0000
treeherdermozilla-central@7dbdc0fbda87 [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersbent
bugs915629
milestone26.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 915629 - Chrome doesn't need to check the indexedDB permission. r=bent
dom/indexedDB/CheckPermissionsHelper.cpp
dom/indexedDB/IDBFactory.cpp
dom/indexedDB/OpenDatabaseHelper.cpp
--- a/dom/indexedDB/CheckPermissionsHelper.cpp
+++ b/dom/indexedDB/CheckPermissionsHelper.cpp
@@ -14,62 +14,51 @@
 #include "nsIPrincipal.h"
 #include "nsIScriptObjectPrincipal.h"
 #include "nsIURI.h"
 
 #include "CheckQuotaHelper.h"
 #include "nsContentUtils.h"
 #include "nsNetUtil.h"
 #include "nsThreadUtils.h"
-#include "mozilla/Preferences.h"
 #include "mozilla/Services.h"
 
 #include "IndexedDatabaseManager.h"
 
 #define PERMISSION_INDEXEDDB "indexedDB"
-#define PREF_INDEXEDDB_ENABLED "dom.indexedDB.enabled"
 #define TOPIC_PERMISSIONS_PROMPT "indexedDB-permissions-prompt"
 #define TOPIC_PERMISSIONS_RESPONSE "indexedDB-permissions-response"
 
 // This is a little confusing, but our default behavior (UNKNOWN_ACTION) is to
 // allow access without a prompt. If the "indexedDB" permission is set to
 // ALLOW_ACTION then we will issue a prompt before allowing access. Otherwise
 // (DENY_ACTION) we deny access.
 #define PERMISSION_ALLOWED nsIPermissionManager::UNKNOWN_ACTION
 #define PERMISSION_DENIED nsIPermissionManager::DENY_ACTION
 #define PERMISSION_PROMPT nsIPermissionManager::ALLOW_ACTION
 
 USING_INDEXEDDB_NAMESPACE
 using namespace mozilla::services;
 using mozilla::dom::quota::CheckQuotaHelper;
-using mozilla::Preferences;
 
 namespace {
 
 inline
 uint32_t
 GetIndexedDBPermissions(nsIDOMWindow* aWindow)
 {
   NS_ASSERTION(NS_IsMainThread(), "Wrong thread!");
 
-  if (!Preferences::GetBool(PREF_INDEXEDDB_ENABLED)) {
-    return PERMISSION_DENIED;
-  }
-
-  // No window here means chrome access.
-  if (!aWindow) {
-    return PERMISSION_ALLOWED;
-  }
+  NS_ASSERTION(aWindow, "Chrome shouldn't check the permission!");
 
   nsCOMPtr<nsIScriptObjectPrincipal> sop(do_QueryInterface(aWindow));
   NS_ENSURE_TRUE(sop, nsIPermissionManager::DENY_ACTION);
 
-  if (nsContentUtils::IsSystemPrincipal(sop->GetPrincipal())) {
-    return PERMISSION_ALLOWED;
-  }
+  NS_ASSERTION(!nsContentUtils::IsSystemPrincipal(sop->GetPrincipal()),
+               "Chrome windows shouldn't check the permission!");
 
   nsCOMPtr<nsIWebNavigation> webNav = do_GetInterface(aWindow);
   nsCOMPtr<nsILoadContext> loadContext = do_QueryInterface(webNav);
   if (loadContext && loadContext->UsePrivateBrowsing()) {
     // TODO Support private browsing indexedDB?
     NS_WARNING("IndexedDB may not be used while in private browsing mode!");
     return PERMISSION_DENIED;
   }
--- a/dom/indexedDB/IDBFactory.cpp
+++ b/dom/indexedDB/IDBFactory.cpp
@@ -16,16 +16,17 @@
 #include <algorithm>
 #include "mozilla/dom/ContentParent.h"
 #include "mozilla/dom/ContentChild.h"
 #include "mozilla/dom/IDBFactoryBinding.h"
 #include "mozilla/dom/PBrowserChild.h"
 #include "mozilla/dom/quota/OriginOrPatternString.h"
 #include "mozilla/dom/quota/QuotaManager.h"
 #include "mozilla/dom/TabChild.h"
+#include "mozilla/Preferences.h"
 #include "mozilla/storage.h"
 #include "nsComponentManagerUtils.h"
 #include "nsCharSeparatedTokenizer.h"
 #include "nsContentUtils.h"
 #include "nsCxPusher.h"
 #include "nsDOMClassInfoID.h"
 #include "nsGlobalWindow.h"
 #include "nsHashKeys.h"
@@ -41,26 +42,29 @@
 #include "IDBEvents.h"
 #include "IDBKeyRange.h"
 #include "IndexedDatabaseManager.h"
 #include "Key.h"
 #include "ProfilerHelpers.h"
 
 #include "ipc/IndexedDBChild.h"
 
+#define PREF_INDEXEDDB_ENABLED "dom.indexedDB.enabled"
+
 USING_INDEXEDDB_NAMESPACE
 USING_QUOTA_NAMESPACE
 
 using mozilla::dom::ContentChild;
 using mozilla::dom::ContentParent;
 using mozilla::dom::IDBOpenDBOptions;
 using mozilla::dom::NonNull;
 using mozilla::dom::Optional;
 using mozilla::dom::TabChild;
 using mozilla::ErrorResult;
+using mozilla::Preferences;
 
 namespace {
 
 struct ObjectStoreInfoMap
 {
   ObjectStoreInfoMap()
   : id(INT64_MIN), info(nullptr) { }
 
@@ -597,32 +601,43 @@ IDBFactory::OpenInternal(const nsAString
     nsRefPtr<OpenDatabaseHelper> openHelper =
       new OpenDatabaseHelper(request, aName, aGroup, aASCIIOrigin, aVersion,
                              aPersistenceType, aDeleting, mContentParent,
                              aPrivilege);
 
     rv = openHelper->Init();
     NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
 
-    if (aPersistenceType == PERSISTENCE_TYPE_PERSISTENT) {
-      nsRefPtr<CheckPermissionsHelper> permissionHelper =
-        new CheckPermissionsHelper(openHelper, window);
-
-      QuotaManager* quotaManager = QuotaManager::Get();
-      NS_ASSERTION(quotaManager, "This should never be null!");
-
-      rv = quotaManager->
-        WaitForOpenAllowed(OriginOrPatternString::FromOrigin(aASCIIOrigin),
-                           Nullable<PersistenceType>(aPersistenceType),
-                           openHelper->Id(), permissionHelper);
+    if (!Preferences::GetBool(PREF_INDEXEDDB_ENABLED)) {
+      openHelper->SetError(NS_ERROR_DOM_INDEXEDDB_NOT_ALLOWED_ERR);
+      rv = openHelper->WaitForOpenAllowed();
     }
     else {
-      NS_ASSERTION(aPersistenceType == PERSISTENCE_TYPE_TEMPORARY, "Huh?");
+      StoragePrivilege openerPrivilege;
+      rv = QuotaManager::GetInfoFromWindow(window, nullptr, nullptr,
+                                           &openerPrivilege, nullptr);
+      NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
+
+      if (openerPrivilege != Chrome &&
+          aPersistenceType == PERSISTENCE_TYPE_PERSISTENT) {
+        nsRefPtr<CheckPermissionsHelper> permissionHelper =
+          new CheckPermissionsHelper(openHelper, window);
 
-      rv = openHelper->WaitForOpenAllowed();
+        QuotaManager* quotaManager = QuotaManager::Get();
+        NS_ASSERTION(quotaManager, "This should never be null!");
+
+        rv = quotaManager->
+          WaitForOpenAllowed(OriginOrPatternString::FromOrigin(aASCIIOrigin),
+                             Nullable<PersistenceType>(aPersistenceType),
+                             openHelper->Id(), permissionHelper);
+      }
+      else {
+        // Chrome and temporary storage doesn't need to check the permission.
+        rv = openHelper->WaitForOpenAllowed();
+      }
     }
     NS_ENSURE_SUCCESS(rv, NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
   }
   else if (aDeleting) {
     nsCOMPtr<nsIAtom> databaseId =
       QuotaManager::GetStorageId(aPersistenceType, aASCIIOrigin, aName);
     NS_ENSURE_TRUE(databaseId, NS_ERROR_DOM_INDEXEDDB_UNKNOWN_ERR);
 
--- a/dom/indexedDB/OpenDatabaseHelper.cpp
+++ b/dom/indexedDB/OpenDatabaseHelper.cpp
@@ -1732,17 +1732,18 @@ OpenDatabaseHelper::DispatchToIOThread()
   NS_ASSERTION(quotaManager, "This should never be null!");
 
   return Dispatch(quotaManager->IOThread());
 }
 
 nsresult
 OpenDatabaseHelper::RunImmediately()
 {
-  NS_ASSERTION(mState == eCreated, "We've already been dispatched?");
+  NS_ASSERTION(mState == eCreated || mState == eOpenPending,
+               "We've already been dispatched?");
   NS_ASSERTION(NS_FAILED(mResultCode),
                "Should only be short-circuiting if we failed!");
   NS_ASSERTION(NS_IsMainThread(), "All hell is about to break lose!");
 
   mState = eFiringEvents;
 
   return this->Run();
 }
@@ -2163,16 +2164,20 @@ NS_IMETHODIMP
 OpenDatabaseHelper::Run()
 {
   NS_ASSERTION(mState != eCreated, "Dispatch was not called?!?");
 
   if (NS_IsMainThread()) {
     PROFILER_MAIN_THREAD_LABEL("IndexedDB", "OpenDatabaseHelper::Run");
 
     if (mState == eOpenPending) {
+      if (NS_FAILED(mResultCode)) {
+        return RunImmediately();
+      }
+
       return DispatchToIOThread();
     }
 
     // If we need to queue up a SetVersionHelper, do that here.
     if (mState == eSetVersionPending) {
       nsresult rv = StartSetVersion();
 
       if (NS_SUCCEEDED(rv)) {