michael@0: /* -*- Mode: C++; tab-width: 2; indent-tabs-mode: nil; c-basic-offset: 2 -*- */ michael@0: /* This Source Code Form is subject to the terms of the Mozilla Public michael@0: * License, v. 2.0. If a copy of the MPL was not distributed with this michael@0: * file, You can obtain one at http://mozilla.org/MPL/2.0/. */ michael@0: michael@0: /** michael@0: * This file contains an interface to the Permission Manager, michael@0: * used to persistenly store permissions for different object types (cookies, michael@0: * images etc) on a site-by-site basis. michael@0: * michael@0: * This service broadcasts the following notification when the permission list michael@0: * is changed: michael@0: * michael@0: * topic : "perm-changed" (PERM_CHANGE_NOTIFICATION) michael@0: * broadcast whenever the permission list changes in some way. there michael@0: * are four possible data strings for this notification; one michael@0: * notification will be broadcast for each change, and will involve michael@0: * a single permission. michael@0: * subject: an nsIPermission interface pointer representing the permission object michael@0: * that changed. michael@0: * data : "deleted" michael@0: * a permission was deleted. the subject is the deleted permission. michael@0: * "added" michael@0: * a permission was added. the subject is the added permission. michael@0: * "changed" michael@0: * a permission was changed. the subject is the new permission. michael@0: * "cleared" michael@0: * the entire permission list was cleared. the subject is null. michael@0: */ michael@0: michael@0: #include "nsISupports.idl" michael@0: michael@0: interface nsIURI; michael@0: interface nsIObserver; michael@0: interface nsIPrincipal; michael@0: interface nsIDOMWindow; michael@0: interface nsIPermission; michael@0: interface nsISimpleEnumerator; michael@0: michael@0: [scriptable, uuid(c9fec678-f194-43c9-96b0-7bd9dbdd6bb0)] michael@0: interface nsIPermissionManager : nsISupports michael@0: { michael@0: /** michael@0: * Predefined return values for the testPermission method and for michael@0: * the permission param of the add method michael@0: * NOTE: UNKNOWN_ACTION (0) is reserved to represent the michael@0: * default permission when no entry is found for a host, and michael@0: * should not be used by consumers to indicate otherwise. michael@0: */ michael@0: const uint32_t UNKNOWN_ACTION = 0; michael@0: const uint32_t ALLOW_ACTION = 1; michael@0: const uint32_t DENY_ACTION = 2; michael@0: const uint32_t PROMPT_ACTION = 3; michael@0: michael@0: /** michael@0: * Predefined expiration types for permissions. Permissions can be permanent michael@0: * (never expire), expire at the end of the session, or expire at a specified michael@0: * time. Permissions that expire at the end of a session may also have a michael@0: * specified expiration time. michael@0: */ michael@0: const uint32_t EXPIRE_NEVER = 0; michael@0: const uint32_t EXPIRE_SESSION = 1; michael@0: const uint32_t EXPIRE_TIME = 2; michael@0: michael@0: /** michael@0: * Add permission information for a given URI and permission type. This michael@0: * operation will cause the type string to be registered if it does not michael@0: * currently exist. If a permission already exists for a given type, it michael@0: * will be modified. michael@0: * michael@0: * @param uri the uri to add the permission for michael@0: * @param type a case-sensitive ASCII string, identifying the consumer. michael@0: * Consumers should choose this string to be unique, with michael@0: * respect to other consumers. michael@0: * @param permission an integer representing the desired action (e.g. allow michael@0: * or deny). The interpretation of this number is up to the michael@0: * consumer, and may represent different actions for different michael@0: * types. Consumers may use one of the enumerated permission michael@0: * actions defined above, for convenience. michael@0: * NOTE: UNKNOWN_ACTION (0) is reserved to represent the michael@0: * default permission when no entry is found for a host, and michael@0: * should not be used by consumers to indicate otherwise. michael@0: * @param expiretype a constant defining whether this permission should michael@0: * never expire (EXPIRE_NEVER), expire at the end of the michael@0: * session (EXPIRE_SESSION), or expire at a specified time michael@0: * (EXPIRE_TIME). michael@0: * @param expiretime an integer representation of when this permission michael@0: * should be forgotten (milliseconds since Jan 1 1970 0:00:00). michael@0: */ michael@0: void add(in nsIURI uri, michael@0: in string type, michael@0: in uint32_t permission, michael@0: [optional] in uint32_t expireType, michael@0: [optional] in int64_t expireTime); michael@0: michael@0: /** michael@0: * Add permission information for a given principal. michael@0: * It is internally calling the other add() method using the nsIURI from the michael@0: * principal. michael@0: * Passing a system principal will be a no-op because they will always be michael@0: * granted permissions. michael@0: */ michael@0: void addFromPrincipal(in nsIPrincipal principal, in string typed, michael@0: in uint32_t permission, michael@0: [optional] in uint32_t expireType, michael@0: [optional] in int64_t expireTime); michael@0: michael@0: /** michael@0: * Remove permission information for a given host string and permission type. michael@0: * The host string represents the exact entry in the permission list (such as michael@0: * obtained from the enumerator), not a URI which that permission might apply michael@0: * to. michael@0: * michael@0: * @param host the host to remove the permission for michael@0: * @param type a case-sensitive ASCII string, identifying the consumer. michael@0: * The type must have been previously registered using the michael@0: * add() method. michael@0: */ michael@0: void remove(in AUTF8String host, michael@0: in string type); michael@0: michael@0: /** michael@0: * Remove permission information for a given principal. michael@0: * This is internally calling remove() with the host from the principal's URI. michael@0: * Passing system principal will be a no-op because we never add them to the michael@0: * database. michael@0: */ michael@0: void removeFromPrincipal(in nsIPrincipal principal, in string type); michael@0: michael@0: /** michael@0: * Clear permission information for all websites. michael@0: */ michael@0: void removeAll(); michael@0: michael@0: /** michael@0: * Test whether a website has permission to perform the given action. michael@0: * @param uri the uri to be tested michael@0: * @param type a case-sensitive ASCII string, identifying the consumer michael@0: * @param return see add(), param permission. returns UNKNOWN_ACTION when michael@0: * there is no stored permission for this uri and / or type. michael@0: */ michael@0: uint32_t testPermission(in nsIURI uri, michael@0: in string type); michael@0: michael@0: /** michael@0: * Test whether the principal has the permission to perform a given action. michael@0: * System principals will always have permissions granted. michael@0: */ michael@0: uint32_t testPermissionFromPrincipal(in nsIPrincipal principal, michael@0: in string type); michael@0: michael@0: /** michael@0: * Test whether the principal associated with the window's document has the michael@0: * permission to perform a given action. System principals will always michael@0: * have permissions granted. michael@0: */ michael@0: uint32_t testPermissionFromWindow(in nsIDOMWindow window, michael@0: in string type); michael@0: michael@0: /** michael@0: * Test whether a website has permission to perform the given action. michael@0: * This requires an exact hostname match, subdomains are not a match. michael@0: * @param uri the uri to be tested michael@0: * @param type a case-sensitive ASCII string, identifying the consumer michael@0: * @param return see add(), param permission. returns UNKNOWN_ACTION when michael@0: * there is no stored permission for this uri and / or type. michael@0: */ michael@0: uint32_t testExactPermission(in nsIURI uri, michael@0: in string type); michael@0: michael@0: /** michael@0: * See testExactPermission() above. michael@0: * System principals will always have permissions granted. michael@0: */ michael@0: uint32_t testExactPermissionFromPrincipal(in nsIPrincipal principal, michael@0: in string type); michael@0: michael@0: /** michael@0: * Test whether a website has permission to perform the given action michael@0: * ignoring active sessions. michael@0: * System principals will always have permissions granted. michael@0: * michael@0: * @param principal the principal michael@0: * @param type a case-sensitive ASCII string, identifying the consumer michael@0: * @param return see add(), param permission. returns UNKNOWN_ACTION when michael@0: * there is no stored permission for this uri and / or type. michael@0: */ michael@0: uint32_t testExactPermanentPermission(in nsIPrincipal principal, michael@0: in string type); michael@0: michael@0: /** michael@0: * Get the permission object associated with the given principal and action. michael@0: * @param principal The principal michael@0: * @param type A case-sensitive ASCII string identifying the consumer michael@0: * @param exactHost If true, only the specific host will be matched, michael@0: * @see testExactPermission. If false, subdomains will michael@0: * also be searched, @see testPermission. michael@0: * @returns The matching permission object, or null if no matching object michael@0: * was found. No matching object is equivalent to UNKNOWN_ACTION. michael@0: * @note Clients in general should prefer the test* methods unless they michael@0: * need to know the specific stored details. michael@0: * @note This method will always return null for the system principal. michael@0: */ michael@0: nsIPermission getPermissionObject(in nsIPrincipal principal, michael@0: in string type, michael@0: in boolean exactHost); michael@0: michael@0: /** michael@0: * Increment or decrement our "refcount" of an app id. michael@0: * michael@0: * We use this refcount to determine an app's lifetime. When an app's michael@0: * refcount goes to 0, we clear the permissions given to the app which are michael@0: * set to expire at the end of its session. michael@0: */ michael@0: void addrefAppId(in unsigned long appId); michael@0: void releaseAppId(in unsigned long appId); michael@0: michael@0: /** michael@0: * Allows enumeration of all stored permissions michael@0: * @return an nsISimpleEnumerator interface that allows access to michael@0: * nsIPermission objects michael@0: */ michael@0: readonly attribute nsISimpleEnumerator enumerator; michael@0: michael@0: /** michael@0: * Remove all permissions associated with a given app id. michael@0: * @param aAppId The appId of the app michael@0: * @param aBrowserOnly Whether we should remove permissions associated with michael@0: * a browser element (true) or all permissions (false). michael@0: */ michael@0: void removePermissionsForApp(in unsigned long appId, michael@0: in boolean browserOnly); michael@0: michael@0: /** michael@0: * If the current permission is set to expire, reset the expiration time. If michael@0: * there is no permission or the current permission does not expire, this michael@0: * method will silently return. michael@0: * michael@0: * @param sessionExpiretime an integer representation of when this permission michael@0: * should be forgotten (milliseconds since michael@0: * Jan 1 1970 0:00:00), if it is currently michael@0: * EXPIRE_SESSION. michael@0: * @param sessionExpiretime an integer representation of when this permission michael@0: * should be forgotten (milliseconds since michael@0: * Jan 1 1970 0:00:00), if it is currently michael@0: * EXPIRE_TIME. michael@0: */ michael@0: void updateExpireTime(in nsIPrincipal principal, michael@0: in string type, michael@0: in boolean exactHost, michael@0: in uint64_t sessionExpireTime, michael@0: in uint64_t persistentExpireTime); michael@0: }; michael@0: michael@0: %{ C++ michael@0: #define NS_PERMISSIONMANAGER_CONTRACTID "@mozilla.org/permissionmanager;1" michael@0: michael@0: #define PERM_CHANGE_NOTIFICATION "perm-changed" michael@0: %}