Bug 470455 - test_database_sync_embed_visits.js leaks, r=sdwilsh
[wine-gecko.git] / caps / src / nsSecurityManagerFactory.cpp
bloba4a17415cc41bfc690c6c167e0ad501a61e9b00d
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /* ***** BEGIN LICENSE BLOCK *****
3 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
5 * The contents of this file are subject to the Mozilla Public License Version
6 * 1.1 (the "License"); you may not use this file except in compliance with
7 * the License. You may obtain a copy of the License at
8 * http://www.mozilla.org/MPL/
10 * Software distributed under the License is distributed on an "AS IS" basis,
11 * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
12 * for the specific language governing rights and limitations under the
13 * License.
15 * The Original Code is mozilla.org code.
17 * The Initial Developer of the Original Code is
18 * Netscape Communications Corporation.
19 * Portions created by the Initial Developer are Copyright (C) 1998
20 * the Initial Developer. All Rights Reserved.
22 * Contributor(s):
24 * Alternatively, the contents of this file may be used under the terms of
25 * either of the GNU General Public License Version 2 or later (the "GPL"),
26 * or the GNU Lesser General Public License Version 2.1 or later (the "LGPL"),
27 * in which case the provisions of the GPL or the LGPL are applicable instead
28 * of those above. If you wish to allow use of your version of this file only
29 * under the terms of either the GPL or the LGPL, and not to allow others to
30 * use your version of this file under the terms of the MPL, indicate your
31 * decision by deleting the provisions above and replace them with the notice
32 * and other provisions required by the GPL or the LGPL. If you do not delete
33 * the provisions above, a recipient may use your version of this file under
34 * the terms of any one of the MPL, the GPL or the LGPL.
36 * ***** END LICENSE BLOCK ***** */
37 /*Factory for internal browser security resource managers*/
39 #include "nsCOMPtr.h"
40 #include "nsIModule.h"
41 #include "nsIGenericFactory.h"
42 #include "nsIScriptSecurityManager.h"
43 #include "nsScriptSecurityManager.h"
44 #include "nsIPrincipal.h"
45 #include "nsPrincipal.h"
46 #include "nsSystemPrincipal.h"
47 #include "nsNullPrincipal.h"
48 #include "nsIScriptNameSpaceManager.h"
49 #include "nsIScriptExternalNameSet.h"
50 #include "nsIScriptContext.h"
51 #include "nsICategoryManager.h"
52 #include "nsXPIDLString.h"
53 #include "nsCOMPtr.h"
54 #include "nsIServiceManager.h"
55 #include "nsString.h"
56 #include "nsPrefsCID.h"
57 #include "nsNetCID.h"
58 #include "nsIClassInfoImpl.h"
60 ///////////////////////
61 // nsSecurityNameSet //
62 ///////////////////////
64 #define NS_SECURITYNAMESET_CID \
65 { 0x7c02eadc, 0x76, 0x4d03, \
66 { 0x99, 0x8d, 0x80, 0xd7, 0x79, 0xc4, 0x85, 0x89 } }
67 #define NS_SECURITYNAMESET_CONTRACTID "@mozilla.org/security/script/nameset;1"
69 class nsSecurityNameSet : public nsIScriptExternalNameSet
71 public:
72 nsSecurityNameSet();
73 virtual ~nsSecurityNameSet();
75 NS_DECL_ISUPPORTS
77 NS_IMETHOD InitializeNameSet(nsIScriptContext* aScriptContext);
80 nsSecurityNameSet::nsSecurityNameSet()
84 nsSecurityNameSet::~nsSecurityNameSet()
88 NS_IMPL_ISUPPORTS1(nsSecurityNameSet, nsIScriptExternalNameSet)
90 static char *
91 getStringArgument(JSContext *cx, JSObject *obj, PRUint16 argNum, uintN argc, jsval *argv)
93 if (argc <= argNum || !JSVAL_IS_STRING(argv[argNum])) {
94 JS_ReportError(cx, "String argument expected");
95 return nsnull;
99 * We don't want to use JS_ValueToString because we want to be able
100 * to have an object to represent a target in subsequent versions.
102 JSString *str = JSVAL_TO_STRING(argv[argNum]);
103 if (!str)
104 return nsnull;
106 return JS_GetStringBytes(str);
109 static void
110 getUTF8StringArgument(JSContext *cx, JSObject *obj, PRUint16 argNum,
111 uintN argc, jsval *argv, nsCString& aRetval)
113 if (argc <= argNum || !JSVAL_IS_STRING(argv[argNum])) {
114 JS_ReportError(cx, "String argument expected");
115 aRetval.Truncate();
116 return;
120 * We don't want to use JS_ValueToString because we want to be able
121 * to have an object to represent a target in subsequent versions.
123 JSString *str = JSVAL_TO_STRING(argv[argNum]);
124 if (!str) {
125 aRetval.Truncate();
126 return;
129 PRUnichar *data = (PRUnichar*)JS_GetStringChars(str);
130 CopyUTF16toUTF8(data, aRetval);
133 static JSBool
134 netscape_security_isPrivilegeEnabled(JSContext *cx, JSObject *obj, uintN argc,
135 jsval *argv, jsval *rval)
137 JSBool result = JS_FALSE;
138 char *cap = getStringArgument(cx, obj, 0, argc, argv);
139 if (cap) {
140 nsresult rv;
141 nsCOMPtr<nsIScriptSecurityManager> securityManager =
142 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
143 if (NS_SUCCEEDED(rv)) {
144 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
146 rv = securityManager->IsCapabilityEnabled(cap, &result);
147 if (NS_FAILED(rv))
148 result = JS_FALSE;
151 *rval = BOOLEAN_TO_JSVAL(result);
152 return JS_TRUE;
156 static JSBool
157 netscape_security_enablePrivilege(JSContext *cx, JSObject *obj, uintN argc,
158 jsval *argv, jsval *rval)
160 char *cap = getStringArgument(cx, obj, 0, argc, argv);
161 if (!cap)
162 return JS_FALSE;
164 nsresult rv;
165 nsCOMPtr<nsIScriptSecurityManager> securityManager =
166 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
167 if (NS_FAILED(rv))
168 return JS_FALSE;
170 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
172 rv = securityManager->EnableCapability(cap);
173 if (NS_FAILED(rv))
174 return JS_FALSE;
175 return JS_TRUE;
178 static JSBool
179 netscape_security_disablePrivilege(JSContext *cx, JSObject *obj, uintN argc,
180 jsval *argv, jsval *rval)
182 char *cap = getStringArgument(cx, obj, 0, argc, argv);
183 if (!cap)
184 return JS_FALSE;
186 nsresult rv;
187 nsCOMPtr<nsIScriptSecurityManager> securityManager =
188 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
189 if (NS_FAILED(rv))
190 return JS_FALSE;
192 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
194 rv = securityManager->DisableCapability(cap);
195 if (NS_FAILED(rv))
196 return JS_FALSE;
197 return JS_TRUE;
200 static JSBool
201 netscape_security_revertPrivilege(JSContext *cx, JSObject *obj, uintN argc,
202 jsval *argv, jsval *rval)
204 char *cap = getStringArgument(cx, obj, 0, argc, argv);
205 if (!cap)
206 return JS_FALSE;
208 nsresult rv;
209 nsCOMPtr<nsIScriptSecurityManager> securityManager =
210 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
211 if (NS_FAILED(rv))
212 return JS_FALSE;
214 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
216 rv = securityManager->RevertCapability(cap);
217 if (NS_FAILED(rv))
218 return JS_FALSE;
219 return JS_TRUE;
222 static JSBool
223 netscape_security_setCanEnablePrivilege(JSContext *cx, JSObject *obj, uintN argc,
224 jsval *argv, jsval *rval)
226 if (argc < 2) return JS_FALSE;
227 nsCAutoString principalFingerprint;
228 getUTF8StringArgument(cx, obj, 0, argc, argv, principalFingerprint);
229 char *cap = getStringArgument(cx, obj, 1, argc, argv);
230 if (principalFingerprint.IsEmpty() || !cap)
231 return JS_FALSE;
233 nsresult rv;
234 nsCOMPtr<nsIScriptSecurityManager> securityManager =
235 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
236 if (NS_FAILED(rv))
237 return JS_FALSE;
239 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
241 rv = securityManager->SetCanEnableCapability(principalFingerprint, cap,
242 nsIPrincipal::ENABLE_GRANTED);
243 if (NS_FAILED(rv))
244 return JS_FALSE;
245 return JS_TRUE;
248 static JSBool
249 netscape_security_invalidate(JSContext *cx, JSObject *obj, uintN argc,
250 jsval *argv, jsval *rval)
252 nsCAutoString principalFingerprint;
253 getUTF8StringArgument(cx, obj, 0, argc, argv, principalFingerprint);
254 if (principalFingerprint.IsEmpty())
255 return JS_FALSE;
257 nsresult rv;
258 nsCOMPtr<nsIScriptSecurityManager> securityManager =
259 do_GetService(NS_SCRIPTSECURITYMANAGER_CONTRACTID, &rv);
260 if (NS_FAILED(rv))
261 return JS_FALSE;
263 // NS_ASSERTION(cx == GetCurrentContext(), "unexpected context");
265 rv = securityManager->SetCanEnableCapability(principalFingerprint,
266 nsPrincipal::sInvalid,
267 nsIPrincipal::ENABLE_GRANTED);
268 if (NS_FAILED(rv))
269 return JS_FALSE;
270 return JS_TRUE;
273 static JSFunctionSpec PrivilegeManager_static_methods[] = {
274 { "isPrivilegeEnabled", netscape_security_isPrivilegeEnabled, 1,0,0},
275 { "enablePrivilege", netscape_security_enablePrivilege, 1,0,0},
276 { "disablePrivilege", netscape_security_disablePrivilege, 1,0,0},
277 { "revertPrivilege", netscape_security_revertPrivilege, 1,0,0},
278 //-- System Cert Functions
279 { "setCanEnablePrivilege", netscape_security_setCanEnablePrivilege,
280 2,0,0},
281 { "invalidate", netscape_security_invalidate, 1,0,0},
282 {nsnull,nsnull,0,0,0}
286 * "Steal" calls to netscape.security.PrivilegeManager.enablePrivilege,
287 * et. al. so that code that worked with 4.0 can still work.
289 NS_IMETHODIMP
290 nsSecurityNameSet::InitializeNameSet(nsIScriptContext* aScriptContext)
292 JSContext *cx = (JSContext *) aScriptContext->GetNativeContext();
293 JSObject *global = JS_GetGlobalObject(cx);
296 * Find Object.prototype's class by walking up the global object's
297 * prototype chain.
299 JSObject *obj = global;
300 JSObject *proto;
301 JSAutoRequest ar(cx);
302 while ((proto = JS_GetPrototype(cx, obj)) != nsnull)
303 obj = proto;
304 JSClass *objectClass = JS_GET_CLASS(cx, obj);
306 jsval v;
307 if (!JS_GetProperty(cx, global, "netscape", &v))
308 return NS_ERROR_FAILURE;
309 JSObject *securityObj;
310 if (JSVAL_IS_OBJECT(v)) {
312 * "netscape" property of window object exists; must be LiveConnect
313 * package. Get the "security" property.
315 obj = JSVAL_TO_OBJECT(v);
316 if (!JS_GetProperty(cx, obj, "security", &v) || !JSVAL_IS_OBJECT(v))
317 return NS_ERROR_FAILURE;
318 securityObj = JSVAL_TO_OBJECT(v);
319 } else {
320 /* define netscape.security object */
321 obj = JS_DefineObject(cx, global, "netscape", objectClass, nsnull, 0);
322 if (obj == nsnull)
323 return NS_ERROR_FAILURE;
324 securityObj = JS_DefineObject(cx, obj, "security", objectClass,
325 nsnull, 0);
326 if (securityObj == nsnull)
327 return NS_ERROR_FAILURE;
330 /* Define PrivilegeManager object with the necessary "static" methods. */
331 obj = JS_DefineObject(cx, securityObj, "PrivilegeManager", objectClass,
332 nsnull, 0);
333 if (obj == nsnull)
334 return NS_ERROR_FAILURE;
336 return JS_DefineFunctions(cx, obj, PrivilegeManager_static_methods)
337 ? NS_OK
338 : NS_ERROR_FAILURE;
343 NS_GENERIC_FACTORY_CONSTRUCTOR(nsPrincipal)
344 NS_GENERIC_FACTORY_CONSTRUCTOR(nsSecurityNameSet)
345 NS_GENERIC_FACTORY_SINGLETON_CONSTRUCTOR(nsSystemPrincipal,
346 nsScriptSecurityManager::SystemPrincipalSingletonConstructor)
347 NS_GENERIC_FACTORY_CONSTRUCTOR_INIT(nsNullPrincipal, Init)
349 NS_DECL_CLASSINFO(nsPrincipal)
350 NS_DECL_CLASSINFO(nsSystemPrincipal)
351 NS_DECL_CLASSINFO(nsNullPrincipal)
353 static NS_IMETHODIMP
354 Construct_nsIScriptSecurityManager(nsISupports *aOuter, REFNSIID aIID,
355 void **aResult)
357 if (!aResult)
358 return NS_ERROR_NULL_POINTER;
359 *aResult = nsnull;
360 if (aOuter)
361 return NS_ERROR_NO_AGGREGATION;
362 nsScriptSecurityManager *obj = nsScriptSecurityManager::GetScriptSecurityManager();
363 if (!obj)
364 return NS_ERROR_OUT_OF_MEMORY;
365 if (NS_FAILED(obj->QueryInterface(aIID, aResult)))
366 return NS_ERROR_FAILURE;
367 return NS_OK;
370 static NS_METHOD
371 RegisterSecurityNameSet(nsIComponentManager *aCompMgr,
372 nsIFile *aPath,
373 const char *registryLocation,
374 const char *componentType,
375 const nsModuleComponentInfo *info)
377 nsresult rv = NS_OK;
379 nsCOMPtr<nsICategoryManager> catman =
380 do_GetService(NS_CATEGORYMANAGER_CONTRACTID, &rv);
382 if (NS_FAILED(rv))
383 return rv;
385 nsXPIDLCString previous;
386 rv = catman->AddCategoryEntry(JAVASCRIPT_GLOBAL_STATIC_NAMESET_CATEGORY,
387 "PrivilegeManager",
388 NS_SECURITYNAMESET_CONTRACTID,
389 PR_TRUE, PR_TRUE, getter_Copies(previous));
390 NS_ENSURE_SUCCESS(rv, rv);
392 rv = catman->AddCategoryEntry("app-startup", "Script Security Manager",
393 "service," NS_SCRIPTSECURITYMANAGER_CONTRACTID,
394 PR_TRUE, PR_TRUE,
395 getter_Copies(previous));
396 NS_ENSURE_SUCCESS(rv, rv);
398 return rv;
402 static const nsModuleComponentInfo capsComponentInfo[] =
404 { NS_SCRIPTSECURITYMANAGER_CLASSNAME,
405 NS_SCRIPTSECURITYMANAGER_CID,
406 NS_SCRIPTSECURITYMANAGER_CONTRACTID,
407 Construct_nsIScriptSecurityManager,
408 RegisterSecurityNameSet,
409 nsnull,
410 nsnull,
411 nsnull,
412 nsnull,
413 nsnull,
414 nsIClassInfo::MAIN_THREAD_ONLY
417 { NS_SCRIPTSECURITYMANAGER_CLASSNAME,
418 NS_SCRIPTSECURITYMANAGER_CID,
419 NS_GLOBAL_PREF_SECURITY_CHECK,
420 Construct_nsIScriptSecurityManager,
421 RegisterSecurityNameSet,
422 nsnull,
423 nsnull,
424 nsnull,
425 nsnull,
426 nsnull,
427 nsIClassInfo::MAIN_THREAD_ONLY
430 { NS_SCRIPTSECURITYMANAGER_CLASSNAME,
431 NS_SCRIPTSECURITYMANAGER_CID,
432 NS_GLOBAL_CHANNELEVENTSINK_CONTRACTID,
433 Construct_nsIScriptSecurityManager,
434 RegisterSecurityNameSet,
435 nsnull,
436 nsnull,
437 nsnull,
438 nsnull,
439 nsnull,
440 nsIClassInfo::MAIN_THREAD_ONLY
445 { NS_PRINCIPAL_CLASSNAME,
446 NS_PRINCIPAL_CID,
447 NS_PRINCIPAL_CONTRACTID,
448 nsPrincipalConstructor,
449 nsnull,
450 nsnull,
451 nsnull,
452 NS_CI_INTERFACE_GETTER_NAME(nsPrincipal),
453 nsnull,
454 &NS_CLASSINFO_NAME(nsPrincipal),
455 nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO
458 { NS_SYSTEMPRINCIPAL_CLASSNAME,
459 NS_SYSTEMPRINCIPAL_CID,
460 NS_SYSTEMPRINCIPAL_CONTRACTID,
461 nsSystemPrincipalConstructor,
462 nsnull,
463 nsnull,
464 nsnull,
465 NS_CI_INTERFACE_GETTER_NAME(nsSystemPrincipal),
466 nsnull,
467 &NS_CLASSINFO_NAME(nsSystemPrincipal),
468 nsIClassInfo::SINGLETON | nsIClassInfo::MAIN_THREAD_ONLY |
469 nsIClassInfo::EAGER_CLASSINFO
472 { NS_NULLPRINCIPAL_CLASSNAME,
473 NS_NULLPRINCIPAL_CID,
474 NS_NULLPRINCIPAL_CONTRACTID,
475 nsNullPrincipalConstructor,
476 nsnull,
477 nsnull,
478 nsnull,
479 NS_CI_INTERFACE_GETTER_NAME(nsNullPrincipal),
480 nsnull,
481 &NS_CLASSINFO_NAME(nsNullPrincipal),
482 nsIClassInfo::MAIN_THREAD_ONLY | nsIClassInfo::EAGER_CLASSINFO
485 { "Security Script Name Set",
486 NS_SECURITYNAMESET_CID,
487 NS_SECURITYNAMESET_CONTRACTID,
488 nsSecurityNameSetConstructor,
489 nsnull,
490 nsnull,
491 nsnull,
492 nsnull,
493 nsnull,
494 nsnull,
495 nsIClassInfo::MAIN_THREAD_ONLY
500 void
501 CapsModuleDtor(nsIModule* thisModules)
503 nsScriptSecurityManager::Shutdown();
506 NS_IMPL_NSGETMODULE_WITH_DTOR(nsSecurityManagerModule, capsComponentInfo,
507 CapsModuleDtor)