Bug 812289 - PermissionSettings doesn't enforce any restriction on permissions operations - Tests [r=fabrice]
authorAntonio M. Amaya <amac@tid.es>
Mon, 17 Dec 2012 17:38:40 +0100
changeset 125529 ba17dfaa86e991c6e5a7ec1ec6d8a5c77031bcd4
parent 125528 ec4945922e6291717cb2b72d629e5ff3e2d5037d
child 125530 287a7d7cf7f09fef3ddf43e39af48f9cb0a65593
child 125541 5c073841902c03fc02f3ec80a033286db62ed078
push id2151
push userlsblakk@mozilla.com
push dateTue, 19 Feb 2013 18:06:57 +0000
treeherdermozilla-beta@4952e88741ec [default view] [failures only]
perfherder[talos] [build metrics] [platform microbench] (compared to previous push)
reviewersfabrice
bugs812289
milestone20.0a1
first release with
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
last release without
nightly linux32
nightly linux64
nightly mac
nightly win32
nightly win64
Bug 812289 - PermissionSettings doesn't enforce any restriction on permissions operations - Tests [r=fabrice]
build/automation.py.in
dom/permission/tests/test_permission_basics.html
dom/permission/tests/unit/test_bug808734.js
--- a/build/automation.py.in
+++ b/build/automation.py.in
@@ -605,16 +605,32 @@ user_pref("camino.use_system_proxy_setti
       {
         'name': 'https_example_csp_privileged',
         'csp': "default-src *; script-src 'self'; object-src 'none'; style-src 'self' 'unsafe-inline'",
         'origin': 'https://example.com',
         'manifestURL': 'https://example.com/manifest_csp_priv.webapp',
         'description': 'https://example.com Privileged App with manifest policy',
         'appStatus': _APP_STATUS_PRIVILEGED
       }, 
+      {
+        'name': 'https_a_domain_certified',
+        'csp' : "",
+        'origin': 'https://acertified.com',
+        'manifestURL': 'https://acertified.com/manifest.webapp',
+        'description': 'https://acertified.com Certified App',
+        'appStatus': _APP_STATUS_CERTIFIED
+      }, 
+      {
+        'name': 'https_a_domain_privileged',
+        'csp': "",
+        'origin': 'https://aprivileged.com',
+        'manifestURL': 'https://aprivileged.com/manifest.webapp',
+        'description': 'https://aprivileged.com Privileged App ',
+        'appStatus': _APP_STATUS_PRIVILEGED
+      }, 
     ];
     self.setupTestApps(profileDir, apps)
 
   def addCommonOptions(self, parser):
     "Adds command-line options which are common to mochitest and reftest."
 
     parser.add_option("--setpref",
                       action = "append", type = "string",
--- a/dom/permission/tests/test_permission_basics.html
+++ b/dom/permission/tests/test_permission_basics.html
@@ -16,45 +16,83 @@ https://bugzilla.mozilla.org/show_bug.cg
 <div id="content" style="display: none">
 
 </div>
 <pre id="test">
 <script class="testbody" type="text/javascript">
 
 "use strict";
 
+var testPrivApp = {
+  'manifestURL' : 'https://aprivileged.com/manifest.webapp'
+};
+
+var testCertApp = {
+  'manifestURL' : 'https://acertified.com/manifest.webapp'
+};
+
 SpecialPowers.addPermission("permissions", true, document);
 var comp = SpecialPowers.wrap(Components);
 SpecialPowers.pushPrefEnv({ "set": [["dom.mozPermissionSettings.enabled", true]] }, 
                           function() {
                             SpecialPowers.removePermission("permissions", document);
                           });
 
 comp.utils.import("resource://gre/modules/PermissionSettings.jsm");
 var mozPermissions = window.navigator.mozPermissionSettings;
 
 function permissionTest() {
+  // Any permission explicit for privileged and implicit for certified serves
+  var testPerm = "geolocation";
+
+  // Simulate than the app request the permissions
+  SpecialPowers.addPermission(testPerm, true, testPrivApp);
+  SpecialPowers.addPermission(testPerm, true, testCertApp);
+
   if (gPermissionssEnabled) {
-    mozPermissions.set("a", "unknown", "http://examplemanifestURI.com", "http://origin.com", true);
-    var result = mozPermissions.get("a", "http://examplemanifestURI.com", "http://origin.com", true);
-    is(result, "unknown", "same result");
-    mozPermissions.set("a", "allow", "http://examplemanifestURI.com", "http://origin.com", true);
-    result = mozPermissions.get("a", "http://examplemanifestURI.com", "http://origin.com", true);
+    var certAppManifest = testCertApp.manifestURL;
+    var privAppManifest = testPrivApp.manifestURL;
+    var originPriv = "https://aprivileged.com";
+    var originCert = "https://acertified.com";
+
+    // Trying to make any change to implicit permissions should fail
+    try {
+      mozPermissions.set(testPerm, "allow", certAppManifest, originCert, false);
+      ok(false, "Change implicit permission");
+    } catch (e) {
+      ok(true, "Change implicit permission");
+    }
+
+    var result=mozPermissions.get(testPerm, certAppManifest, originCert, false);
     is(result, "allow", "same result");
-    mozPermissions.set("a", "deny", "http://examplemanifestURI.com", "http://origin.com", true);
-    result = mozPermissions.get("a", "http://examplemanifestURI.com", "http://origin.com", true);
-    is(result, "deny", "same result");
-    mozPermissions.set("a", "prompt", "http://examplemanifestURI.com", "http://origin.com", true);
-    result = mozPermissions.get("a", "http://examplemanifestURI.com", "http://origin.com", true);
-    is(result, "prompt", "same result");
+
+    // Erasing a permission, even an explicit one, is not allowed
+    try {
+      mozPermissions.set(testPerm, "unknown", privAppManifest, originPriv, false);
+      ok(false, "Erase explicit permission");
+    } catch (e) {
+      ok(true, "Erase explicit permission");
+    }
+
+    mozPermissions.set(testPerm, "allow", privAppManifest, originPriv, false);
+    result = mozPermissions.get(testPerm, privAppManifest, originPriv, false);
+    is(result, "allow", "Set to allow");
+    mozPermissions.set(testPerm, "deny", privAppManifest, originPriv, false);
+    result = mozPermissions.get(testPerm, privAppManifest, originPriv, false);
+    is(result, "deny", "Set to deny");
+    mozPermissions.set(testPerm, "prompt", privAppManifest, originPriv, false);
+    result = mozPermissions.get(testPerm, privAppManifest, originPriv, false);
+    is(result, "prompt", "Set to prompt");
     SimpleTest.finish();
   } else {
     is(mozPermissions, null, "mozPermissionSettings is null when not enabled.");
     SimpleTest.finish();
   }
+  SpecialPowers.removePermission(testPerm, testPrivApp);
+  SpecialPowers.removePermission(testPerm, testCertApp);
 }
 
 var gPermissionssEnabled = SpecialPowers.getBoolPref("dom.mozPermissionSettings.enabled");
 SimpleTest.waitForExplicitFinish();
 addLoadEvent(permissionTest);
 
 ok(true, "test passed");
 </script>
--- a/dom/permission/tests/unit/test_bug808734.js
+++ b/dom/permission/tests/unit/test_bug808734.js
@@ -46,16 +46,16 @@ function do_check_set_eq(a1, a2) {
 
   for (let i = 0; i < a1.length; ++i) {
     do_check_eq(a1[i], a2[i])
   }
 }
 
 function run_test() {
   var scope = {};
-  Cu.import("resource://gre/modules/PermissionsInstaller.jsm", scope);
+  Cu.import("resource://gre/modules/PermissionsTable.jsm", scope);
 
   for (var i = 0; i < gData.length; i++) {
     var perms = scope.expandPermissions(gData[i].permission,
                                         gData[i].access);
     do_check_set_eq(perms, gData[i].expected);
   }
 }