The Tor Browser / file comparison
comparison: netwerk/base/public/nsIPermissionManager.idl
netwerk/base/public/nsIPermissionManager.idl
- branch
- TOR_BUG_9701
- changeset 15
- b8a032363ba2
equal
deleted
inserted
replaced
| -1:000000000000 | 0:41664b31fab5 |
|---|---|
| 1 /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ | |
| 2 /* This Source Code Form is subject to the terms of the Mozilla Public | |
| 3 * License, v. 2.0. If a copy of the MPL was not distributed with this | |
| 4 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ | |
| 5 | |
| 6 /** | |
| 7 * This file contains an interface to the Permission Manager, | |
| 8 * used to persistenly store permissions for different object types (cookies, | |
| 9 * images etc) on a site-by-site basis. | |
| 10 * | |
| 11 * This service broadcasts the following notification when the permission list | |
| 12 * is changed: | |
| 13 * | |
| 14 * topic : "perm-changed" (PERM_CHANGE_NOTIFICATION) | |
| 15 * broadcast whenever the permission list changes in some way. there | |
| 16 * are four possible data strings for this notification; one | |
| 17 * notification will be broadcast for each change, and will involve | |
| 18 * a single permission. | |
| 19 * subject: an nsIPermission interface pointer representing the permission object | |
| 20 * that changed. | |
| 21 * data : "deleted" | |
| 22 * a permission was deleted. the subject is the deleted permission. | |
| 23 * "added" | |
| 24 * a permission was added. the subject is the added permission. | |
| 25 * "changed" | |
| 26 * a permission was changed. the subject is the new permission. | |
| 27 * "cleared" | |
| 28 * the entire permission list was cleared. the subject is null. | |
| 29 */ | |
| 30 | |
| 31 #include "nsISupports.idl" | |
| 32 | |
| 33 interface nsIURI; | |
| 34 interface nsIObserver; | |
| 35 interface nsIPrincipal; | |
| 36 interface nsIDOMWindow; | |
| 37 interface nsIPermission; | |
| 38 interface nsISimpleEnumerator; | |
| 39 | |
| 40 [scriptable, uuid(c9fec678-f194-43c9-96b0-7bd9dbdd6bb0)] | |
| 41 interface nsIPermissionManager : nsISupports | |
| 42 { | |
| 43 /** | |
| 44 * Predefined return values for the testPermission method and for | |
| 45 * the permission param of the add method | |
| 46 * NOTE: UNKNOWN_ACTION (0) is reserved to represent the | |
| 47 * default permission when no entry is found for a host, and | |
| 48 * should not be used by consumers to indicate otherwise. | |
| 49 */ | |
| 50 const uint32_t UNKNOWN_ACTION = 0; | |
| 51 const uint32_t ALLOW_ACTION = 1; | |
| 52 const uint32_t DENY_ACTION = 2; | |
| 53 const uint32_t PROMPT_ACTION = 3; | |
| 54 | |
| 55 /** | |
| 56 * Predefined expiration types for permissions. Permissions can be permanent | |
| 57 * (never expire), expire at the end of the session, or expire at a specified | |
| 58 * time. Permissions that expire at the end of a session may also have a | |
| 59 * specified expiration time. | |
| 60 */ | |
| 61 const uint32_t EXPIRE_NEVER = 0; | |
| 62 const uint32_t EXPIRE_SESSION = 1; | |
| 63 const uint32_t EXPIRE_TIME = 2; | |
| 64 | |
| 65 /** | |
| 66 * Add permission information for a given URI and permission type. This | |
| 67 * operation will cause the type string to be registered if it does not | |
| 68 * currently exist. If a permission already exists for a given type, it | |
| 69 * will be modified. | |
| 70 * | |
| 71 * @param uri the uri to add the permission for | |
| 72 * @param type a case-sensitive ASCII string, identifying the consumer. | |
| 73 * Consumers should choose this string to be unique, with | |
| 74 * respect to other consumers. | |
| 75 * @param permission an integer representing the desired action (e.g. allow | |
| 76 * or deny). The interpretation of this number is up to the | |
| 77 * consumer, and may represent different actions for different | |
| 78 * types. Consumers may use one of the enumerated permission | |
| 79 * actions defined above, for convenience. | |
| 80 * NOTE: UNKNOWN_ACTION (0) is reserved to represent the | |
| 81 * default permission when no entry is found for a host, and | |
| 82 * should not be used by consumers to indicate otherwise. | |
| 83 * @param expiretype a constant defining whether this permission should | |
| 84 * never expire (EXPIRE_NEVER), expire at the end of the | |
| 85 * session (EXPIRE_SESSION), or expire at a specified time | |
| 86 * (EXPIRE_TIME). | |
| 87 * @param expiretime an integer representation of when this permission | |
| 88 * should be forgotten (milliseconds since Jan 1 1970 0:00:00). | |
| 89 */ | |
| 90 void add(in nsIURI uri, | |
| 91 in string type, | |
| 92 in uint32_t permission, | |
| 93 [optional] in uint32_t expireType, | |
| 94 [optional] in int64_t expireTime); | |
| 95 | |
| 96 /** | |
| 97 * Add permission information for a given principal. | |
| 98 * It is internally calling the other add() method using the nsIURI from the | |
| 99 * principal. | |
| 100 * Passing a system principal will be a no-op because they will always be | |
| 101 * granted permissions. | |
| 102 */ | |
| 103 void addFromPrincipal(in nsIPrincipal principal, in string typed, | |
| 104 in uint32_t permission, | |
| 105 [optional] in uint32_t expireType, | |
| 106 [optional] in int64_t expireTime); | |
| 107 | |
| 108 /** | |
| 109 * Remove permission information for a given host string and permission type. | |
| 110 * The host string represents the exact entry in the permission list (such as | |
| 111 * obtained from the enumerator), not a URI which that permission might apply | |
| 112 * to. | |
| 113 * | |
| 114 * @param host the host to remove the permission for | |
| 115 * @param type a case-sensitive ASCII string, identifying the consumer. | |
| 116 * The type must have been previously registered using the | |
| 117 * add() method. | |
| 118 */ | |
| 119 void remove(in AUTF8String host, | |
| 120 in string type); | |
| 121 | |
| 122 /** | |
| 123 * Remove permission information for a given principal. | |
| 124 * This is internally calling remove() with the host from the principal's URI. | |
| 125 * Passing system principal will be a no-op because we never add them to the | |
| 126 * database. | |
| 127 */ | |
| 128 void removeFromPrincipal(in nsIPrincipal principal, in string type); | |
| 129 | |
| 130 /** | |
| 131 * Clear permission information for all websites. | |
| 132 */ | |
| 133 void removeAll(); | |
| 134 | |
| 135 /** | |
| 136 * Test whether a website has permission to perform the given action. | |
| 137 * @param uri the uri to be tested | |
| 138 * @param type a case-sensitive ASCII string, identifying the consumer | |
| 139 * @param return see add(), param permission. returns UNKNOWN_ACTION when | |
| 140 * there is no stored permission for this uri and / or type. | |
| 141 */ | |
| 142 uint32_t testPermission(in nsIURI uri, | |
| 143 in string type); | |
| 144 | |
| 145 /** | |
| 146 * Test whether the principal has the permission to perform a given action. | |
| 147 * System principals will always have permissions granted. | |
| 148 */ | |
| 149 uint32_t testPermissionFromPrincipal(in nsIPrincipal principal, | |
| 150 in string type); | |
| 151 | |
| 152 /** | |
| 153 * Test whether the principal associated with the window's document has the | |
| 154 * permission to perform a given action. System principals will always | |
| 155 * have permissions granted. | |
| 156 */ | |
| 157 uint32_t testPermissionFromWindow(in nsIDOMWindow window, | |
| 158 in string type); | |
| 159 | |
| 160 /** | |
| 161 * Test whether a website has permission to perform the given action. | |
| 162 * This requires an exact hostname match, subdomains are not a match. | |
| 163 * @param uri the uri to be tested | |
| 164 * @param type a case-sensitive ASCII string, identifying the consumer | |
| 165 * @param return see add(), param permission. returns UNKNOWN_ACTION when | |
| 166 * there is no stored permission for this uri and / or type. | |
| 167 */ | |
| 168 uint32_t testExactPermission(in nsIURI uri, | |
| 169 in string type); | |
| 170 | |
| 171 /** | |
| 172 * See testExactPermission() above. | |
| 173 * System principals will always have permissions granted. | |
| 174 */ | |
| 175 uint32_t testExactPermissionFromPrincipal(in nsIPrincipal principal, | |
| 176 in string type); | |
| 177 | |
| 178 /** | |
| 179 * Test whether a website has permission to perform the given action | |
| 180 * ignoring active sessions. | |
| 181 * System principals will always have permissions granted. | |
| 182 * | |
| 183 * @param principal the principal | |
| 184 * @param type a case-sensitive ASCII string, identifying the consumer | |
| 185 * @param return see add(), param permission. returns UNKNOWN_ACTION when | |
| 186 * there is no stored permission for this uri and / or type. | |
| 187 */ | |
| 188 uint32_t testExactPermanentPermission(in nsIPrincipal principal, | |
| 189 in string type); | |
| 190 | |
| 191 /** | |
| 192 * Get the permission object associated with the given principal and action. | |
| 193 * @param principal The principal | |
| 194 * @param type A case-sensitive ASCII string identifying the consumer | |
| 195 * @param exactHost If true, only the specific host will be matched, | |
| 196 * @see testExactPermission. If false, subdomains will | |
| 197 * also be searched, @see testPermission. | |
| 198 * @returns The matching permission object, or null if no matching object | |
| 199 * was found. No matching object is equivalent to UNKNOWN_ACTION. | |
| 200 * @note Clients in general should prefer the test* methods unless they | |
| 201 * need to know the specific stored details. | |
| 202 * @note This method will always return null for the system principal. | |
| 203 */ | |
| 204 nsIPermission getPermissionObject(in nsIPrincipal principal, | |
| 205 in string type, | |
| 206 in boolean exactHost); | |
| 207 | |
| 208 /** | |
| 209 * Increment or decrement our "refcount" of an app id. | |
| 210 * | |
| 211 * We use this refcount to determine an app's lifetime. When an app's | |
| 212 * refcount goes to 0, we clear the permissions given to the app which are | |
| 213 * set to expire at the end of its session. | |
| 214 */ | |
| 215 void addrefAppId(in unsigned long appId); | |
| 216 void releaseAppId(in unsigned long appId); | |
| 217 | |
| 218 /** | |
| 219 * Allows enumeration of all stored permissions | |
| 220 * @return an nsISimpleEnumerator interface that allows access to | |
| 221 * nsIPermission objects | |
| 222 */ | |
| 223 readonly attribute nsISimpleEnumerator enumerator; | |
| 224 | |
| 225 /** | |
| 226 * Remove all permissions associated with a given app id. | |
| 227 * @param aAppId The appId of the app | |
| 228 * @param aBrowserOnly Whether we should remove permissions associated with | |
| 229 * a browser element (true) or all permissions (false). | |
| 230 */ | |
| 231 void removePermissionsForApp(in unsigned long appId, | |
| 232 in boolean browserOnly); | |
| 233 | |
| 234 /** | |
| 235 * If the current permission is set to expire, reset the expiration time. If | |
| 236 * there is no permission or the current permission does not expire, this | |
| 237 * method will silently return. | |
| 238 * | |
| 239 * @param sessionExpiretime an integer representation of when this permission | |
| 240 * should be forgotten (milliseconds since | |
| 241 * Jan 1 1970 0:00:00), if it is currently | |
| 242 * EXPIRE_SESSION. | |
| 243 * @param sessionExpiretime an integer representation of when this permission | |
| 244 * should be forgotten (milliseconds since | |
| 245 * Jan 1 1970 0:00:00), if it is currently | |
| 246 * EXPIRE_TIME. | |
| 247 */ | |
| 248 void updateExpireTime(in nsIPrincipal principal, | |
| 249 in string type, | |
| 250 in boolean exactHost, | |
| 251 in uint64_t sessionExpireTime, | |
| 252 in uint64_t persistentExpireTime); | |
| 253 }; | |
| 254 | |
| 255 %{ C++ | |
| 256 #define NS_PERMISSIONMANAGER_CONTRACTID "@mozilla.org/permissionmanager;1" | |
| 257 | |
| 258 #define PERM_CHANGE_NOTIFICATION "perm-changed" | |
| 259 %} |
