Bug 815565 (finalize-permissions)

Finalize permission model so it can be documented.

RESOLVED FIXED

Status

()

Core
DOM: Device Interfaces
RESOLVED FIXED
6 years ago
5 years ago

People

(Reporter: pauljt, Assigned: pauljt)

Tracking

(Blocks: 1 bug, {dev-doc-complete})

unspecified
x86
Gonk (Firefox OS)
dev-doc-complete
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(blocking-basecamp:-)

Details

I was going to update the MDN page on manifest permissions today, but first I wanted to lock down exactly permission strings will be used, since there are duplicates and differences in different places in the code which need to be harmonized.

The source of truth from a design perspective is this spreadsheet, which I have attempted to update today: https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E#gid=0

There are a number of issues (in yellow) though which I will raise bugs for since most require code changes one way or another.

For reference, the following document/files need to be harmonized:

* https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/PermissionsInstaller.jsm 
* https://mxr.mozilla.org/mozilla-central/source/extensions/cookie/Permission.txt
* http://hg.mozilla.org/gaia-l10n/en-US/file/e428ebd17a6e/shared/permissions/permissions.properties
* The actual permission checks in the varios Gecko APIs
* The permissions in the manifests

I'll raise dependent bugs for each of the issues so they can be resolved. 

But to summarize the issues I am aware of are:
- background vs backgroundservice (or do we even need this permission given bug 801351)
- bluetooth or mozBluetooth
- deprecated-hwvideo (what is this?)
- keyboard (this isnt used in gaia, but is in PermissionsInstaller)
- push (I assume this will be used in the future for push API, but maybe should be removed for now?)
- systemclock (maybe called time now)
- storage (what does this actually grant, and what is the security model)
- WiFi ( I think this is replaced by wifi-manage?)

Please comment/raise more bugs if there are other issues I've missed.
Disregard backgroundservice/background, gaia has changed to background service so that is what I am going with, I assume there is a bug somewhere that relates to this.
Depends on: 815572
Depends on: 815578
I'm actually going to put this in the nom queue cause we're finding loads of problems with this already (I just looked at some of the gaia code). If we don't do this, then we'll risk a lack of consistency in the permissions model (which is already evident).
blocking-basecamp: --- → ?

Updated

6 years ago
Alias: finalize-permissions

Updated

6 years ago
Depends on: 814293

Updated

6 years ago
QA Contact: jsmith

Updated

6 years ago
No longer depends on: 815578

Updated

6 years ago
Depends on: 816806

Updated

6 years ago
Depends on: 815098

Updated

6 years ago
Depends on: 817031

Updated

6 years ago
Depends on: 817034

Updated

6 years ago
No longer depends on: 816806

Comment 3

6 years ago
This looks like just a reminder to document - all the deps are process or nommed for triaged and will be dealt with.
blocking-basecamp: ? → -

Updated

6 years ago
Depends on: 817087
(In reply to JP Rosevear [:jpr] from comment #3)
> This looks like just a reminder to document - all the deps are process or
> nommed for triaged and will be dealt with.

Not necessarily only document. It's the investigation + documentation. But that's fine, I'll focus on the dependencies.

Updated

6 years ago
No longer depends on: 815098

Updated

6 years ago
Keywords: dev-doc-needed

Updated

6 years ago
Depends on: 818566

Updated

6 years ago
Depends on: 818583

Updated

6 years ago
Depends on: 818596

Updated

6 years ago
Depends on: 818599

Updated

6 years ago
Depends on: 818610

Updated

6 years ago
Blocks: 783741

Updated

6 years ago
Depends on: 818613

Updated

6 years ago
Depends on: 818616

Updated

6 years ago
No longer depends on: 818599

Updated

6 years ago
No longer depends on: 818610

Updated

6 years ago
No longer depends on: 818613

Updated

6 years ago
Depends on: 818705
Added comparison between PermissionsInstaller.jsm and the matrix to the second sheet of https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E#gid=0
Depends on: 818767

Updated

6 years ago
Depends on: 818945
Note that the permissions matrix is now finalized, with no outstanding information.

https://docs.google.com/a/mozilla.com/spreadsheet/ccc?key=0Akyz_Bqjgf5pdENVekxYRjBTX0dCXzItMnRyUU1RQ0E#gid=0
Depends on: 819136
Depends on: 819216
Depends on: 819218
Now that matrix is finalized, I have finished reconciliation between matrix and permission installer - see spreadsheet 2 in the matrix for specifics, or blocking bugs.

To summarize changes remaining for PermissionsInstaller.jsm:

audio: restrict channels per app type (819136)
camera: make certified only for v1 (818566)
desktop-notification: make available to all content (819218)
device-storage:apps : make certified only with restricitons (818583)
storage: allow apps to request this (819216)

Updated

6 years ago
No longer depends on: 818945
Depends on: 819884

Updated

6 years ago
No longer depends on: 817031

Updated

6 years ago
Depends on: 821961

Updated

6 years ago
No longer depends on: 817034

Updated

6 years ago
No longer depends on: 817087

Updated

6 years ago
Depends on: 824319

Updated

6 years ago
Depends on: 824421

Updated

6 years ago
Depends on: 827294

Updated

6 years ago
Depends on: 829572
Cleaning up my old bugs. This is long since complete and documented here: https://developer.mozilla.org/en-US/docs/Apps/App_permissions

To see the implementation detail, go here: https://mxr.mozilla.org/mozilla-central/source/dom/apps/src/PermissionsTable.jsm
Status: NEW → RESOLVED
Last Resolved: 5 years ago
Resolution: --- → FIXED
Keywords: dev-doc-needed → dev-doc-complete
You need to log in before you can comment on or make changes to this bug.