corysanin/tubestation
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
45eb7e06ce8e4fc8f25de6d1b5214425f0bfe599
tubestation/dom/permission/PermissionUtils.cpp
Andrea Marchesini 45eb7e06ce Bug 1193373 - Support Permissions API in Worker Context, r=manuel,webidl,asuth,smaug 
This commit exposes the Permissions API to DOM Workers. It achieves this goal
by introducing a thread-safe bridge between `PermissionStatus` and the
`PermissionObserver`: the `PermissionStatusSink` object.

Actors:
- The `PermissionObserver` is a main-thread-only singleton that monitors
  permission change events and propagates the notification to the right sink
  objects.
- The `PermissionStatus` is the DOM object exposed to the global. It's not
  thread-safe.
- The `PermissionStatusSink` is the new bridge introduced by this commit.

The `PermissionStatusSink` lifetime:
- This object is kept alive on the current thread by the `PermissionStatus` and
  on the main thread by the `PermissionObserver`.
- The `PermissionStatus` creates the object on its creation thread. When
  `PermissionStatus` object is released (or disconnected from the owner, it
  disentangles itself from the `PermissionStatusSink`. The disentangle
  operation triggers the un-registration procedure from the
  `PermissionObserver` on the main thread.
- A weak `WorkerRef` is used to monitor the worker's lifetime.

Permission change notification:
- When the  `PermissionObserver` is notified for a permission-change event, it
  notifies all the `PermissionStatusSink`. This happens on the main thread (see
  `MaybeUpdatedByOnMainThread` and `MaybeUpdatedByNotifyOnlyOnMainThread`).
- Using `MozPromise`, the `PermissionStatusSink` computes the permission action
  (`PermissionChangedOnMainThread`) on the main thread, then informs the
  parent `PermissionStatus` object on its creation thread.
- The `PermissionStatus` object converts the action to the DOM
  `PermissionState` and dispatches an event.

Differential Revision: https://phabricator.services.mozilla.com/D224594
2024-10-11 06:53:48 +00:00

93 lines
3.1 KiB
C++
Raw Blame History

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
/* vim: set ts=8 sts=2 et sw=2 tw=80: */
/* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this file,
* You can obtain one at http://mozilla.org/MPL/2.0/. */
#include "PermissionUtils.h"
#include "mozilla/dom/Document.h"
#include "nsIPermissionManager.h"
namespace mozilla::dom {
static const nsLiteralCString kPermissionTypes[] = {
// clang-format off
"geo"_ns,
"desktop-notification"_ns,
// Alias `push` to `desktop-notification`.
"desktop-notification"_ns,
"persistent-storage"_ns,
// "midi" is the only public permission but internally we have both "midi"
// and "midi-sysex" (and yes, this is confusing).
"midi"_ns,
"storage-access"_ns,
"screen-wake-lock"_ns,
"camera"_ns,
"microphone"_ns
// clang-format on
};
const size_t kPermissionNameCount = ContiguousEnumSize<PermissionName>::value;
static_assert(MOZ_ARRAY_LENGTH(kPermissionTypes) == kPermissionNameCount,
"kPermissionTypes and PermissionName count should match");
const nsLiteralCString& PermissionNameToType(PermissionName aName) {
MOZ_ASSERT((size_t)aName < ArrayLength(kPermissionTypes));
return kPermissionTypes[static_cast<size_t>(aName)];
}
Maybe<PermissionName> TypeToPermissionName(const nsACString& aType) {
// Annoyingly, "midi-sysex" is an internal permission. The public permission
// name is "midi" so we have to special-case it here...
if (aType.Equals("midi-sysex"_ns)) {
return Some(PermissionName::Midi);
}
// "storage-access" permissions are also annoying and require a special case.
if (StringBeginsWith(aType, "3rdPartyStorage^"_ns) ||
StringBeginsWith(aType, "3rdPartyFrameStorage^"_ns)) {
return Some(PermissionName::Storage_access);
}
for (size_t i = 0; i < ArrayLength(kPermissionTypes); ++i) {
if (kPermissionTypes[i].Equals(aType)) {
return Some(static_cast<PermissionName>(i));
}
}
return Nothing();
}
PermissionState ActionToPermissionState(uint32_t aAction, PermissionName aName,
nsIGlobalObject* aGlobal) {
MOZ_ASSERT(aGlobal);
switch (aAction) {
case nsIPermissionManager::ALLOW_ACTION:
return PermissionState::Granted;
case nsIPermissionManager::DENY_ACTION:
return PermissionState::Denied;
case nsIPermissionManager::PROMPT_ACTION:
if ((aName == PermissionName::Camera ||
aName == PermissionName::Microphone) &&
!aGlobal->ShouldResistFingerprinting(RFPTarget::MediaDevices)) {
// A persisted PROMPT_ACTION means the user chose "Always Ask"
// which shows as "granted" to prevent websites from priming the
// user to escalate permission any further.
// Revisit if https://github.com/w3c/permissions/issues/414 reopens.
//
// This feature is not offered in resist-fingerprinting mode.
return PermissionState::Granted;
}
return PermissionState::Prompt;
default:
return PermissionState::Prompt;
}
}
} // namespace mozilla::dom
Reference in New Issue View Git Blame Copy Permalink