An experiment in requesting permissions and some related fixes.

git-svn-id: https://www.unprompted.com/svn/projects/tildefriends/trunk@3937 ed5197a5-7fde-0310-b194-c3ffbd925b24
This commit is contained in:
Cory McWilliams 2022-07-27 00:27:10 +00:00
parent b2ecc24e85
commit f787eb077b
7 changed files with 108 additions and 11 deletions

View File

@ -141,6 +141,8 @@ function socket(request, response, client) {
if (process) {
core.enableStats(process, message.enabled);
}
} else if (message.action == 'permission') {
core.setPermission(process, message.id, message.granted);
} else {
if (process && process.eventHandlers['message']) {
await core.invoke(process.eventHandlers['message'], [message]);

View File

@ -24,6 +24,7 @@ const k_api = {
error: {args: ['error'], func: api_error},
localStorageSet: {args: ['key', 'value'], func: api_localStorageSet},
localStorageGet: {args: ['key'], func: api_localStorageGet},
requestPermission: {args: ['permission', 'id'], func: api_requestPermission},
};
window.addEventListener("keydown", function(event) {
@ -440,6 +441,22 @@ function api_localStorageGet(key, value) {
send({message: 'localStorage', key: key, value: window.localStorage.getItem('app:' + key)});
}
function api_requestPermission(permission, id) {
let permissions = document.getElementById('permissions');
let div = document.createElement('div');
div.appendChild(document.createTextNode(permission));
for (let action of ['allow', 'allow once', 'deny once', 'deny']) {
let button = document.createElement('button');
button.innerText = action;
button.onclick = function() {
send({action: 'permission', id: id, granted: action});
permissions.removeChild(div);
}
div.appendChild(button);
}
permissions.appendChild(div);
}
function receive(message) {
if (message && message.action == "session") {
setStatusMessage("🟢 Executing...", kStatusColor);

View File

@ -149,6 +149,8 @@ async function getProcessBlob(blobId, key, options) {
process.task = null;
delete gProcesses[key];
};
process.promises = {};
process.nextPromise = 1;
var imports = {
'core': {
'broadcast': broadcast.bind(process),
@ -172,6 +174,47 @@ async function getProcessBlob(blobId, key, options) {
'user': getUser(process, process),
'apps': user => getApps(user, process),
'getSockets': getSockets,
'permissionTest': function(permission) {
let id = process.nextPromise++;
let promise = new Promise(function(resolve, reject) {
process.promises[id] = {resolve: resolve, reject: reject};
});
let user = process?.credentials?.session?.name;
if (!user || !options?.packageOwner || !options?.packageName) {
process.promises[id].reject(false);
} else if (gGlobalSettings.userPermissions &&
gGlobalSettings.userPermissions[user] &&
gGlobalSettings.userPermissions[user][options.packageOwner] &&
gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName] &&
gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission] !== undefined) {
if (gGlobalSettings.userPermissions[user][options.packageOwner][options.packageName][permission]) {
process.promises[id].resolve(true);
} else {
process.promises[id].reject(false);
}
} else {
process.app.send({action: 'requestPermission', permission: permission, id: id});
promise.then(function(value) {
if (value == 'allow') {
storePermission(user, options.packageOwner, options.packageName, permission, true);
return true;
} else if (value == 'allow once') {
return true;
}
return false;
}).catch(function(value) {
if (value == 'deny') {
storePermission(user, options.packageOwner, options.packageName, permission, false);
return false;
} else if (value == 'deny once') {
return false;
}
return false;
});
}
return promise;
},
}
};
if (options.api) {
@ -646,10 +689,42 @@ loadSettings().then(function() {
exit(1);
});
function setPermission(process, id, allow) {
if (process.promises[id]) {
if (allow == 'allow' || allow == 'allow once') {
process.promises[id].resolve(allow);
} else {
process.promises[id].reject(allow);
}
delete process.promises[id];
}
}
function storePermission(user, packageOwner, packageName, permission, allow) {
if (!gGlobalSettings.userPermissions) {
gGlobalSettings.userPermissions = {};
}
if (!gGlobalSettings.userPermissions[user]) {
gGlobalSettings.userPermissions[user] = {};
}
if (!gGlobalSettings.userPermissions[user][packageOwner]) {
gGlobalSettings.userPermissions[user][packageOwner] = {};
}
if (!gGlobalSettings.userPermissions[user][packageOwner][packageName]) {
gGlobalSettings.userPermissions[user][packageOwner][packageName] = {};
}
if (gGlobalSettings.userPermissions[user][packageOwner][packageName][permission] !== allow) {
gGlobalSettings.userPermissions[user][packageOwner][packageName][permission] = allow;
print('STORE', JSON.stringify(gGlobalSettings));
setGlobalSettings(gGlobalSettings);
}
}
export {
gGlobalSettings as globalSettings,
setGlobalSettings,
enableStats,
invoke,
getSessionProcessBlob
getSessionProcessBlob,
setPermission,
};

View File

@ -16,6 +16,8 @@
<a accesskey="t" data-tip="Open performance trace." href="#" onclick="event.preventDefault(); trace()">trace</a>
<a accesskey="g" data-tip="Show graphs." href="#" onclick="event.preventDefault(); toggleStats()">stats</a>
<span id="status"></span>
<span id="requests"></span>
<span id="permissions"></span>
<span id="login"></span>
</div>
<div id="content" class="hbox" style="flex: 1 1; width: 100%">

View File

@ -270,7 +270,7 @@ static void _export_record_release_for_task(tf_task_t* task, taskid_t task_id)
}
}
void tf_task_send_error_to_parent(tf_task_t* task, JSValue error)
bool tf_task_send_error_to_parent(tf_task_t* task, JSValue error)
{
if (task && task->_parent)
{
@ -279,7 +279,9 @@ void tf_task_send_error_to_parent(tf_task_t* task, JSValue error)
tf_serialize_store(task, task->_parent, &buffer, &size, error);
tf_packetstream_send(tf_taskstub_get_stream(task->_parent), kTaskError, buffer, size);
tf_free(buffer);
return true;
}
return false;
}
static const char* _task_loadFile(const char* fileName)
@ -337,7 +339,10 @@ int tf_task_execute(tf_task_t* task, const char* fileName)
if (source)
{
JSValue result = JS_Eval(task->_context, source, strlen(source), fileName, JS_EVAL_TYPE_MODULE);
tf_util_report_error(task->_context, result);
if (tf_util_report_error(task->_context, result))
{
printf("Reported an error.\n");
}
if (!JS_IsError(task->_context, result) && !JS_IsException(result))
{
executed = true;

View File

@ -73,4 +73,4 @@ void tf_task_report_error(tf_task_t* task, JSValue error);
JSValue tf_try_get_typed_array_buffer(JSContext *ctx, JSValueConst obj, size_t *pbyte_offset, size_t *pbyte_length, size_t *pbytes_per_element);
uint8_t *tf_try_get_array_buffer(JSContext *ctx, size_t *psize, JSValueConst obj);
void tf_task_send_error_to_parent(tf_task_t* task, JSValue error);
bool tf_task_send_error_to_parent(tf_task_t* task, JSValue error);

View File

@ -123,20 +123,16 @@ bool tf_util_report_error(JSContext* context, JSValue value)
JS_FreeValue(context, stack);
tf_task_t* task = tf_task_get(context);
if (task)
if (!task || !tf_task_send_error_to_parent(task, value))
{
tf_task_send_error_to_parent(task, value);
js_std_dump_error(context);
}
is_error = true;
}
else if (JS_IsException(value))
{
tf_task_t* task = tf_task_get(context);
if (task)
{
tf_task_send_error_to_parent(task, value);
}
else
if (!task || !tf_task_send_error_to_parent(task, value))
{
js_std_dump_error(context);
}