Bug 1584648 - Port bug 1402957: Replace TestPermission with TestPermissionFromOrigin in tests. rs=bustage-fix
authorJorg K <jorgk@jorgk.com>
Sat, 28 Sep 2019 03:30:18 +0200
changeset 36986 c0cad9e5c5c58dffc88981bae4951a44b871947f
parent 36985 376a47f13cc2b1bc19bb4f52ec9d1f0fd000e0b6
child 36987 9e2a8322e4068b2040b9483ff26849c2d0a86752
push id395
push userclokep@gmail.com
push dateMon, 02 Dec 2019 19:38:57 +0000
reviewersbustage-fix
bugs1584648, 1402957
Bug 1584648 - Port bug 1402957: Replace TestPermission with TestPermissionFromOrigin in tests. rs=bustage-fix
mail/base/content/mailWindowOverlay.js
mail/base/modules/MailMigrator.jsm
mail/components/enterprisepolicies/Policies.jsm
mail/test/mozmill/content-policy/test-general-content-policy.js
mailnews/base/test/unit/test_accountMigration.js
mailnews/base/util/mailnewsMigrator.js
--- a/mail/base/content/mailWindowOverlay.js
+++ b/mail/base/content/mailWindowOverlay.js
@@ -3533,17 +3533,21 @@ function onRemoteContentOptionsShowing(a
 /**
  * Add privileges to display remote content for the given uri.
  *
  * @param aUriSpec |String| uri for the site to add permissions for.
  * @param aReload  Reload the message display after allowing the URI.
  */
 function allowRemoteContentForURI(aUriSpec, aReload = true) {
   let uri = Services.io.newURI(aUriSpec);
-  Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
+  Services.perms.addFromPrincipal(
+    Services.scriptSecurityManager.createContentPrincipal(uri, {}),
+    "image",
+    Services.perms.ALLOW_ACTION
+  );
   if (aReload) {
     ReloadMessage();
   }
 }
 
 /**
  * Add privileges to display remote content for the given uri.
  *
--- a/mail/base/modules/MailMigrator.jsm
+++ b/mail/base/modules/MailMigrator.jsm
@@ -269,23 +269,32 @@ var MailMigrator = {
             "select origin,permission from moz_perms where " +
               // Avoid 'like' here which needs to be escaped.
               "substr(origin, 1, 28)='chrome://messenger/content/?';"
           );
           try {
             while (statement.executeStep()) {
               let origin = statement.getUTF8String(0);
               let permission = statement.getInt32(1);
-              Services.perms.remove(Services.io.newURI(origin), "image");
+              Services.perms.removeFromPrincipal(
+                Services.scriptSecurityManager.createContentPrincipal(
+                  Services.io.newURI(origin),
+                  {}
+                ),
+                "image"
+              );
               origin = origin.replace(
                 "chrome://messenger/content/?",
                 "chrome://messenger/content/"
               );
-              Services.perms.add(
-                Services.io.newURI(origin),
+              Services.perms.addFromPrincipal(
+                Services.scriptSecurityManager.createContentPrincipal(
+                  Services.io.newURI(origin),
+                  {}
+                ),
                 "image",
                 permission
               );
             }
           } finally {
             statement.finalize();
           }
 
--- a/mail/components/enterprisepolicies/Policies.jsm
+++ b/mail/components/enterprisepolicies/Policies.jsm
@@ -501,31 +501,31 @@ function setDefaultPref(prefName, prefVa
  *        The list of URLs to be set as DENY_ACTION for the chosen permission.
  */
 function addAllowDenyPermissions(permissionName, allowList, blockList) {
   allowList = allowList || [];
   blockList = blockList || [];
 
   for (let origin of allowList) {
     try {
-      Services.perms.add(
-        Services.io.newURI(origin.href),
+      Services.perms.addFromPrincipal(
+        Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin),
         permissionName,
         Ci.nsIPermissionManager.ALLOW_ACTION,
         Ci.nsIPermissionManager.EXPIRE_POLICY
       );
     } catch (ex) {
       log.error(`Added by default for ${permissionName} permission in the permission
       manager - ${origin.href}`);
     }
   }
 
   for (let origin of blockList) {
-    Services.perms.add(
-      Services.io.newURI(origin.href),
+    Services.perms.addFromPrincipal(
+      Services.scriptSecurityManager.createContentPrincipalFromOrigin(origin),
       permissionName,
       Ci.nsIPermissionManager.DENY_ACTION,
       Ci.nsIPermissionManager.EXPIRE_POLICY
     );
   }
 }
 
 /**
--- a/mail/test/mozmill/content-policy/test-general-content-policy.js
+++ b/mail/test/mozmill/content-policy/test-general-content-policy.js
@@ -31,17 +31,16 @@ var {
 } = ChromeUtils.import("resource://testing-common/mozmill/ComposeHelpers.jsm");
 var { open_content_tab_with_url } = ChromeUtils.import(
   "resource://testing-common/mozmill/ContentTabHelpers.jsm"
 );
 var {
   assert_equals,
   assert_nothing_selected,
   assert_selected_and_displayed,
-  assert_true,
   be_in_folder,
   close_message_window,
   create_folder,
   mc,
   open_message_from_file,
   open_selected_message,
   plan_for_message_display,
   select_click_row,
@@ -136,16 +135,41 @@ var msgBodyStart =
   '<body bgcolor="#ffffff" text="#000000">\n';
 
 var msgBodyEnd = "</body>\n</html>\n";
 
 function setupModule(module) {
   folder = create_folder("generalContentPolicy");
 }
 
+// We can't call it test since that it would be run as subtest.
+function checkPermission(aURI) {
+  let principal = Services.scriptSecurityManager.createContentPrincipal(
+    aURI,
+    {}
+  );
+  return Services.perms.testPermissionFromPrincipal(principal, "image");
+}
+
+function addPermission(aURI, aAllowDeny) {
+  let principal = Services.scriptSecurityManager.createContentPrincipal(
+    aURI,
+    {}
+  );
+  return Services.perms.addFromPrincipal(principal, "image", aAllowDeny);
+}
+
+function removePermission(aURI) {
+  let principal = Services.scriptSecurityManager.createContentPrincipal(
+    aURI,
+    {}
+  );
+  return Services.perms.removeFromPrincipal(principal, "image");
+}
+
 function addToFolder(aSubject, aBody, aFolder) {
   let msgId =
     Cc["@mozilla.org/uuid-generator;1"]
       .getService(Ci.nsIUUIDGenerator)
       .generateUUID() + "@mozillamessaging.invalid";
 
   let source =
     "From - Sat Nov  1 12:39:54 2008\n" +
@@ -420,20 +444,18 @@ function checkAllowForSenderWithPerms(te
     {},
     {}
   );
   let authorEmailAddress = addresses.value[0];
 
   let uri = Services.io.newURI(
     "chrome://messenger/content/email=" + authorEmailAddress
   );
-  Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
-  assert_true(
-    Services.perms.testPermission(uri, "image") == Services.perms.ALLOW_ACTION
-  );
+  addPermission(uri, Services.perms.ALLOW_ACTION);
+  assert_equals(checkPermission(uri), Services.perms.ALLOW_ACTION);
 
   // select the newly created message
   let msgHdr = select_click_row(gMsgNo);
 
   assert_equals(msgDbHdr, msgHdr);
   assert_selected_and_displayed(gMsgNo);
 
   // Now check that the content hasn't been blocked
@@ -445,20 +467,18 @@ function checkAllowForSenderWithPerms(te
     throw new Error(
       `${
         test.type
       } has been unexpectedly blocked for sender=${authorEmailAddress}`
     );
   }
 
   // Clean up after ourselves, and make sure that worked as expected.
-  Services.perms.remove(uri, "image");
-  assert_true(
-    Services.perms.testPermission(uri, "image") == Services.perms.UNKNOWN_ACTION
-  );
+  removePermission(uri);
+  assert_equals(checkPermission(uri), Services.perms.UNKNOWN_ACTION);
 
   ++gMsgNo;
 }
 
 /**
  * Check remote content is not blocked for a hosts with permissions.
  */
 function checkAllowForHostsWithPerms(test) {
@@ -476,20 +496,18 @@ function checkAllowForHostsWithPerms(tes
   let src = mc.window.content.document.getElementById("testelement").src;
 
   if (!src.startsWith("http")) {
     // Just test http in this test.
     return;
   }
 
   let uri = Services.io.newURI(src);
-  Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
-  assert_true(
-    Services.perms.testPermission(uri, "image") == Services.perms.ALLOW_ACTION
-  );
+  addPermission(uri, Services.perms.ALLOW_ACTION);
+  assert_equals(checkPermission(uri), Services.perms.ALLOW_ACTION);
 
   // Click back one msg, then the original again, which should now allow loading.
   select_click_row(gMsgNo - 1);
   // Select the newly created message.
   msgHdr = select_click_row(gMsgNo);
   assert_equals(msgDbHdr, msgHdr);
   assert_selected_and_displayed(gMsgNo);
 
@@ -502,20 +520,18 @@ function checkAllowForHostsWithPerms(tes
     )
   ) {
     throw new Error(
       test.type + " has been unexpectedly blocked for url=" + uri.spec
     );
   }
 
   // Clean up after ourselves, and make sure that worked as expected.
-  Services.perms.remove(uri, "image");
-  assert_true(
-    Services.perms.testPermission(uri, "image") == Services.perms.UNKNOWN_ACTION
-  );
+  removePermission(uri);
+  assert_equals(checkPermission(uri), Services.perms.UNKNOWN_ACTION);
 
   ++gMsgNo;
 }
 
 function test_generalContentPolicy() {
   be_in_folder(folder);
 
   assert_nothing_selected();
@@ -534,34 +550,28 @@ function test_generalContentPolicy() {
       if (i == 0) {
         // Now check that image is visible after site is whitelisted.
         // We do the first test which is the one with the image.
 
         // Add the site to the whitelist.
         let src = mc.window.content.document.getElementById("testelement").src;
 
         let uri = Services.io.newURI(src);
-        Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
-        assert_equals(
-          Services.perms.testPermission(uri, "image"),
-          Services.perms.ALLOW_ACTION
-        );
+        addPermission(uri, Services.perms.ALLOW_ACTION);
+        assert_equals(checkPermission(uri), Services.perms.ALLOW_ACTION);
 
         // Check allowed in reply window
         checkComposeWindow(TESTS[i], true, true);
 
         // Check allowed in forward window
         checkComposeWindow(TESTS[i], false, true);
 
         // Clean up after ourselves, and make sure that worked as expected.
-        Services.perms.remove(uri, "image");
-        assert_equals(
-          Services.perms.testPermission(uri, "image"),
-          Services.perms.UNKNOWN_ACTION
-        );
+        removePermission(uri);
+        assert_equals(checkPermission(uri), Services.perms.UNKNOWN_ACTION);
       }
 
       // Check denied in standalone message window
       checkStandaloneMessageWindow(TESTS[i], false);
 
       // Now allow the remote content and check result
       allowRemoteContentAndCheck(TESTS[i]);
     }
--- a/mailnews/base/test/unit/test_accountMigration.js
+++ b/mailnews/base/test/unit/test_accountMigration.js
@@ -9,16 +9,24 @@
 
 var { migrateMailnews } = ChromeUtils.import(
   "resource:///modules/mailnewsMigrator.js"
 );
 
 /* import-globals-from ../../../test/resources/abSetup.js */
 load("../../../resources/abSetup.js");
 
+function testPermission(aURI) {
+  let principal = Services.scriptSecurityManager.createContentPrincipal(
+    aURI,
+    {}
+  );
+  return Services.perms.testPermissionFromPrincipal(principal, "image");
+}
+
 function run_test() {
   // Set up some basic accounts with limited prefs - enough to satisfy the
   // migrator.
   Services.prefs.setCharPref("mail.account.account1.server", "server1");
   Services.prefs.setCharPref("mail.account.account2.server", "server2");
 
   // Server1 has nothing set.
 
@@ -39,28 +47,19 @@ function run_test() {
     "chrome://messenger/content/email=yes2@test.invalid"
   );
   let uriDisallowed = Services.io.newURI(
     "chrome://messenger/content/email=no@test.invalid"
   );
 
   // Check that this email that according to the ab data has (had!)
   // remote content premissions, has no premissions pre migration.
-  Assert.equal(
-    Services.perms.testPermission(uriAllowed, "image"),
-    Services.perms.UNKNOWN_ACTION
-  );
-  Assert.equal(
-    Services.perms.testPermission(uriAllowed2, "image"),
-    Services.perms.UNKNOWN_ACTION
-  );
-  Assert.equal(
-    Services.perms.testPermission(uriDisallowed, "image"),
-    Services.perms.UNKNOWN_ACTION
-  );
+  Assert.equal(testPermission(uriAllowed), Services.perms.UNKNOWN_ACTION);
+  Assert.equal(testPermission(uriAllowed2), Services.perms.UNKNOWN_ACTION);
+  Assert.equal(testPermission(uriDisallowed), Services.perms.UNKNOWN_ACTION);
 
   // Set default charsets to an encoding no longer supported: VISCII.
   let charset = Cc["@mozilla.org/pref-localizedstring;1"].createInstance(
     Ci.nsIPrefLocalizedString
   );
   charset.data = "VISCII";
   Services.prefs.setComplexValue(
     "mailnews.send_default_charset",
@@ -106,28 +105,19 @@ function run_test() {
   // smtp1 has nothing set.
 
   // smtp2 has useSecAuth set to true, auth_method unset
   Services.prefs.setBoolPref("mail.smtpserver.smtp2.useSecAuth", true);
 
   // Migration should now have added permissions for the address that had them
   // and not for the one that didn't have them.
   Assert.ok(Services.prefs.getIntPref("mail.ab_remote_content.migrated") > 0);
-  Assert.equal(
-    Services.perms.testPermission(uriAllowed, "image"),
-    Services.perms.ALLOW_ACTION
-  );
-  Assert.equal(
-    Services.perms.testPermission(uriAllowed2, "image"),
-    Services.perms.ALLOW_ACTION
-  );
-  Assert.equal(
-    Services.perms.testPermission(uriDisallowed, "image"),
-    Services.perms.UNKNOWN_ACTION
-  );
+  Assert.equal(testPermission(uriAllowed), Services.perms.ALLOW_ACTION);
+  Assert.equal(testPermission(uriAllowed2), Services.perms.ALLOW_ACTION);
+  Assert.equal(testPermission(uriDisallowed), Services.perms.UNKNOWN_ACTION);
 
   // Migration should have cleared the charset user pref values.
   Assert.ok(Services.prefs.getIntPref("mail.default_charsets.migrated") > 0);
   Assert.ok(!Services.prefs.prefHasUserValue("mailnews.send_default_charset"));
   Assert.ok(!Services.prefs.prefHasUserValue("mailnews.view_default_charset"));
 
   // Now migrate the prefs
   migrateMailnews();
--- a/mailnews/base/util/mailnewsMigrator.js
+++ b/mailnews/base/util/mailnewsMigrator.js
@@ -162,17 +162,21 @@ function MigrateABRemoteContentSettings(
 
   // Search through all of our local address books looking for a match.
   let enumerator = MailServices.ab.directories;
   while (enumerator.hasMoreElements()) {
     let migrateAddress = function(aEmail) {
       let uri = Services.io.newURI(
         "chrome://messenger/content/email=" + aEmail
       );
-      Services.perms.add(uri, "image", Services.perms.ALLOW_ACTION);
+      Services.perms.addFromPrincipal(
+        Services.scriptSecurityManager.createContentPrincipal(uri, {}),
+        "image",
+        Services.perms.ALLOW_ACTION
+      );
     };
 
     let addrbook = enumerator.getNext().QueryInterface(Ci.nsIAbDirectory);
     try {
       // If it's a read-only book, don't try to find a card as we we could never
       // have set the AllowRemoteContent property.
       if (addrbook.readOnly) {
         continue;