Closed Bug 1189517 Opened 10 years ago Closed 8 years ago

allow OpenMobile ACL to get additional permissions

Categories

(Firefox OS Graveyard :: General, defect)

Product:
Firefox OS Graveyard
Component:
General
Platform:
ARM
Gonk (Firefox OS)
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

(Not tracked)

Status:
RESOLVED WONTFIX

People

(Reporter: bwalker, Assigned: fabrice, NeedInfo)

References

Details

Attachments

(3 files, 2 obsolete files)

acl-permission.patch v2
1.80 KB, patch
Details | Diff | Splinter Review
Updated permissions patch
1.59 KB, patch
Details | Diff | Splinter Review
acl-permissions.patch
1.72 KB, patch
Details | Diff | Splinter Review
No description provided.
Blocks: 1169474
Attached patch acl-permission.patch (obsolete) — Splinter Review
Assignee: nobody → fabrice
Attachment #8641370 - Flags: review?(ptheriault)
Comment on attachment 8641370 [details] [diff] [review] acl-permission.patch Fine with me.
Attachment #8641370 - Flags: review?(ptheriault) → review+
Thanks for the patch. How do we test this? Which component should we replace on the phone? libxul? others?
Flags: needinfo?(ptheriault)
Flags: needinfo?(fabrice.desre)
Flags: needinfo?(bwalker)
omni.ja
I applied this patch, rebuilt, did "make reset-gaia", then tried to run the following app. I get an error "TypeError: navigator.mozMobileConnections is undefined". What am I misssing? function start() { console.log("Starting..."); cnx = navigator.mozMobileConnections[0]; console.log("The voice operator is " + cnx.voice.network.longName); if (cnx.voice.connected) { console.log("The signal has a strength of " + (+cnx.voice.relSignalStrength) + "%"); } else { console.log("The state of the connection is: " + cnx.voice.state); } } window.onload = start;
I should add that I have the following permissions set in manifest.webapp: "permissions": { "tcp-socket" : { "description" : "Create TCP sockets and communicate over them." }, "device-storage:sdcard": { "access": "readwrite", "description": "blah" }, "moz-mobileconnection" : { "description" : "Access state of mobile connection(s)" } }
Attached file application.zip (obsolete) —
Here is the app that I was using to test the moz-mobileconnection permission.
Okay, I got this working. Turns out you need to update both libxul.so and omni.ja
Jim, Does it mean that now the ACL-enabled apps with get data connection? Could you also try if you can get the IMEI number referring to the code here: https://github.com/mozilla-b2g/gaia/blob/9dfedd7d35da00fa9b08dcffc3ab4f47da54e4f0/apps/settings/js/panels/about_more_info/device_info.js#L46 Thanks, Didem
Summary: allow OpenMobile ACL to read mobile connection status → allow OpenMobile ACL to get additional permissions
This patch should give you all the permissions you need. Note that I change the permission name to "moz-external-app" so you will have to update your manifest.
Attachment #8641370 - Attachment is obsolete: true
Flags: needinfo?(fabrice.desre)
Do we need additional permissions for these? Lock Screen Gallery Contacts Alarm Storage
Flags: needinfo?(fabrice.desre)
I thought we covered this all in the meeting, didn't we. Here are my notes from the meeting: Lock Screen: There is no lock screen API, for that reason Fabrice gave you access to settings api with edit permission. Gallery and Storage: there is no Gallery API, there is Devices Storage API and it is privileged. See here: https://developer.mozilla.org/en-US/docs/Web/API/Device_Storage_API Contact sync: Bill confirms that the pseudo code he gave you only requires privileged APIs. Alarm API is privileged: https://developer.mozilla.org/en-US/docs/Web/API/Alarm_API But we can't know if your use case requires any other api.
Using the supplied patch and suggested code I was indeed able to get the IMEI via the mobileconnection API.
This patch adds the "bluetooth" permission to "moz-external-app". This is all that we anticipate we need at this time.
Attachment #8641781 - Attachment is obsolete: true
(In reply to Jim Paradis from comment #14) > Created attachment 8642588 [details] [diff] [review] > Updated permissions patch > > This patch adds the "bluetooth" permission to "moz-external-app". This is > all that we anticipate we need at this time. Jim, do you need bluetooth for WhatsApp?
Flags: needinfo?(bwalker) → needinfo?(jparadis)
Bill, While the current version of WhatsApp does not require bluetooth, it may in the future as other apps may, so adding this permission future proofs ACL.
Flags: needinfo?(jparadis)
Uploading App with this permission to Marketplace results in: `moz-external-app` is not a recognized element within a Web App Manifest Need to add this permission to Marketplace.
Flags: needinfo?(mpillard)
Just a note that I created 1192131 to track the review of the usage of certified permissions. The security model for certified permissions is such that the code using these permissions needs to be reviewed. I think it would be better to do this review prior to launching if timelines permit.
Flags: needinfo?(ptheriault)
moz-external-app permission in Markeplace will be handled by bug 1192080.
Flags: needinfo?(mpillard)
new updated patch with the settings-api permissions.
As of August 17, the permission patch table is updated to include two additional permissions: "settings-api-read" and settings-api-write" The hidden app workaround for the sms verification requires this update in the permission table. Please use the patch named: "acl-permissions.patch" for this. The direct link to the patch is here: https://bug1189517.bmoattachments.org/attachment.cgi?id=8649048
Firefox OS is not being worked on
Status: NEW → RESOLVED
Closed: 8 years ago
Resolution: --- → WONTFIX
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: