Bug 805178 - Device Storage - Application Permissions do not match that of the Permission Matrix [r=dougt]
☠☠ backed out by 82ce45ddd3ea ☠ ☠
authorFabrice Desré <fabrice@mozilla.com>
Fri, 26 Oct 2012 12:50:10 -0700
changeset 111692 487f6dcb3d85c322852a86f9417ae2b1a2ce9676
parent 111691 6332aa884dab4f516ecfdd3179c21fb5a782d61d
child 111693 6df89d8c6f2b717f86a33c50530af65ee6b72691
push id93
push usernmatsakis@mozilla.com
push dateWed, 31 Oct 2012 21:26:57 +0000
reviewersdougt
bugs805178
milestone19.0a1
Bug 805178 - Device Storage - Application Permissions do not match that of the Permission Matrix [r=dougt]
dom/apps/src/PermissionsInstaller.jsm
--- a/dom/apps/src/PermissionsInstaller.jsm
+++ b/dom/apps/src/PermissionsInstaller.jsm
@@ -39,16 +39,17 @@ function debug(aMsg) {
  * @returns Array
  **/
 function mapSuffixes(aPermName, aSuffixes)
 {
   return aSuffixes.map(function(suf) { return aPermName + "-" + suf; });
 }
 
 // Permissions Matrix: https://docs.google.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E#gid=0
+// Also, keep in sync with https://mxr.mozilla.org/mozilla-central/source/extensions/cookie/Permission.txt
 
 // Permissions that are implicit:
 // battery-status, network-information, vibration,
 // device-capabilities
 
 const PermissionsTable = { "resource-lock": {
                              app: ALLOW_ACTION,
                              privileged: ALLOW_ACTION,
@@ -82,34 +83,41 @@ const PermissionsTable = { "resource-loc
                            contacts: {
                              app: DENY_ACTION,
                              privileged: PROMPT_ACTION,
                              certified: ALLOW_ACTION,
                              access: ["read", "write", "create"]
                            },
                            "device-storage:apps": {
                              app: DENY_ACTION,
-                             privileged: ALLOW_ACTION,
-                             certified: ALLOW_ACTION
+                             privileged: PROMPT_ACTION,
+                             certified: ALLOW_ACTION,
+                             access: ["read", "write", "create"]
                            },
                            "device-storage:pictures": {
                              app: DENY_ACTION,
-                             privileged: ALLOW_ACTION,
+                             privileged: PROMPT_ACTION,
                              certified: ALLOW_ACTION,
                              access: ["read", "write", "create"]
                            },
                            "device-storage:videos": {
                              app: DENY_ACTION,
-                             privileged: ALLOW_ACTION,
+                             privileged: PROMPT_ACTION,
                              certified: ALLOW_ACTION,
                              access: ["read", "write", "create"]
                            },
                            "device-storage:music": {
                              app: DENY_ACTION,
-                             privileged: ALLOW_ACTION,
+                             privileged: PROMPT_ACTION,
+                             certified: ALLOW_ACTION,
+                             access: ["read", "write", "create"]
+                           },
+                           "device-storage:sdcard": {
+                             app: DENY_ACTION,
+                             privileged: PROMPT_ACTION,
                              certified: ALLOW_ACTION,
                              access: ["read", "write", "create"]
                            },
                            sms: {
                              app: DENY_ACTION,
                              privileged: DENY_ACTION,
                              certified: ALLOW_ACTION
                            },
@@ -268,17 +276,17 @@ for (let permName in PermissionsTable) {
  * @returns Array
  **/
 function expandPermissions(aPermName, aAccess) {
   if (!PermissionsTable[aPermName]) {
     Cu.reportError("PermissionsTable.jsm: expandPermissions: Unknown Permission: " + aPermName);
     throw new Error("PermissionsTable.jsm: expandPermissions: Unknown Permission: " + aPermName);
   }
 
-/* 
+/*
 Temporarily disabled in order to add access fields to gaia: See Bug 805646
   if (!aAccess && PermissionsTable[aPermName].access ||
       aAccess && !PermissionsTable[aPermName].access) {
     Cu.reportError("PermissionsTable.jsm: expandPermissions: Invalid Manifest : " +
                    aPermName + " " + aAccess + "\n");
     throw new Error("PermissionsTable.jsm: expandPermissions: Invalid Manifest");
   }
 */