michael@0: /* Any copyright is dedicated to the Public Domain. michael@0: http://creativecommons.org/publicdomain/zero/1.0/ */ michael@0: michael@0: // Test that permissions work for file:// URIs (aka local files). michael@0: michael@0: function getPrincipalFromURIString(uriStr) michael@0: { michael@0: return Services.scriptSecurityManager.getNoAppCodebasePrincipal(NetUtil.newURI(uriStr)); michael@0: } michael@0: michael@0: function run_test() { michael@0: let pm = Services.perms; michael@0: michael@0: // If we add a permission to a file:// URI, the test should return true. michael@0: let principal = getPrincipalFromURIString("file:///foo/bar"); michael@0: pm.addFromPrincipal(principal, "test/local-files", pm.ALLOW_ACTION, 0, 0); michael@0: do_check_eq(pm.testPermissionFromPrincipal(principal, "test/local-files"), pm.ALLOW_ACTION); michael@0: michael@0: // Another file:// URI should have the same permission. michael@0: let witnessPrincipal = getPrincipalFromURIString("file:///bar/foo"); michael@0: do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: michael@0: // Giving "file:///" a permission shouldn't give it to all file:// URIs. michael@0: let rootPrincipal = getPrincipalFromURIString("file:///"); michael@0: pm.addFromPrincipal(rootPrincipal, "test/local-files", pm.ALLOW_ACTION, 0, 0); michael@0: do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: michael@0: // Giving "file://" a permission shouldn't give it to all file:// URIs. michael@0: let schemeRootPrincipal = getPrincipalFromURIString("file://"); michael@0: pm.addFromPrincipal(schemeRootPrincipal, "test/local-files", pm.ALLOW_ACTION, 0, 0); michael@0: do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: michael@0: // Giving 'node' a permission shouldn't give it to its 'children'. michael@0: let fileInDirPrincipal = getPrincipalFromURIString("file:///foo/bar/foobar.txt"); michael@0: do_check_eq(pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: michael@0: // Revert "file:///foo/bar" permission and check that it has been correctly taken into account. michael@0: pm.removeFromPrincipal(principal, "test/local-files"); michael@0: do_check_eq(pm.testPermissionFromPrincipal(principal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: do_check_eq(pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"), pm.UNKNOWN_ACTION); michael@0: michael@0: // Add the magic "" permission and make sure all "file://" now have the permission. michael@0: pm.addFromPrincipal(getPrincipalFromURIString("http://"), "test/local-files", pm.ALLOW_ACTION, 0, 0); michael@0: do_check_eq(pm.testPermissionFromPrincipal(principal, "test/local-files"), pm.ALLOW_ACTION); michael@0: do_check_eq(pm.testPermissionFromPrincipal(witnessPrincipal, "test/local-files"), pm.ALLOW_ACTION); michael@0: do_check_eq(pm.testPermissionFromPrincipal(fileInDirPrincipal, "test/local-files"), pm.ALLOW_ACTION); michael@0: }