Closed
Bug 936723
Opened 11 years ago
Closed 11 years ago
[keyboard] don't allow user to enable keyboard apps that don't have required trust level
Categories
(Firefox OS Graveyard :: Gaia::Keyboard, defect)
Tracking
(blocking-b2g:koi+, b2g-v1.2 fixed)
People
(Reporter: djf, Assigned: rudyl)
Details
(Whiteboard: [3rd-party-keyboard])
Attachments
(1 file)
If I write a 3rd party keyboard and make it certified or privileged, it works.
But if it is just an unprivileged app, I can still see it in the settings app, and I can enable it. When I try to use it, the keyboard appears, but the app doesn't have permission to use the keyboard API, so I can't type anything.
Also: I can't switch to another keyboard because the keyboard switching API also requires a higher level of permissions. This means that I'm now trapped with a non-functional keyboard that I can't get rid of. (Until I realize I can go back to the settings app to disable it.)
I think we might want to block on this because the user can get themselves trapped.
Reporter | ||
Comment 1•11 years ago
|
||
Rudy and Corey: do you think this is something easy to fix in shared/js/keyboard_helper.js:getApps()?
blocking-b2g: --- → koi?
Flags: needinfo?(rlu)
Flags: needinfo?(gnarf37)
Comment 2•11 years ago
|
||
If whatever is needed is stored in the manifest, this is totally possible to fix inside getApps, yes.
Flags: needinfo?(gnarf37)
Reporter | ||
Comment 3•11 years ago
|
||
Corey: I think that you just have to check for "type":"certified" or "type":"privileged". Unless an app has one of those in its manifest, it will not be able to function as a keyboard and should not be listed.
Assignee | ||
Comment 5•11 years ago
|
||
I'll work on this.
Thanks for the heads-up.
Status: NEW → ASSIGNED
Flags: needinfo?(rlu)
Updated•11 years ago
|
Whiteboard: [3rd-party-keyboard]
Assignee | ||
Comment 6•11 years ago
|
||
This patch is to filter out the apps that does not have input permission or is not certified, nor privileged apps in shared/js/keyboard_helper.js.
Hi Corey,
Could you help review this part of code?
Thanks.
Attachment #832114 -
Flags: review?(gnarf37)
Assignee | ||
Comment 7•11 years ago
|
||
Comment on attachment 832114 [details] [review]
Patch V1 - pull request 13693
Patch updated to also modify system/js/app_install_manager.js.
Need Gary to review this part.
Thanks.
Attachment #832114 -
Flags: review?(gchen)
Comment 8•11 years ago
|
||
Comment on attachment 832114 [details] [review]
Patch V1 - pull request 13693
r=me with system/js/app_install_manager.js. part.
Thanks.
Attachment #832114 -
Flags: review?(gchen) → review+
Comment 9•11 years ago
|
||
Comment on attachment 832114 [details] [review]
Patch V1 - pull request 13693
r=me - Looks great! Thanks for handling this one Rudy!
Attachment #832114 -
Flags: review?(gnarf37) → review+
Assignee | ||
Comment 10•11 years ago
|
||
Merged,
https://github.com/mozilla-b2g/gaia/commit/c943970387dfc74c6c4e71a4e576424e593e8e97
Corey, Gary,
Thanks for the reviews.
Status: ASSIGNED → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Comment 11•11 years ago
|
||
Uplifted c943970387dfc74c6c4e71a4e576424e593e8e97 to:
v1.2: bbe813e70ab89c604d02f8cf483b08e953e3e79a
status-b2g-v1.2:
--- → fixed
You need to log in
before you can comment on or make changes to this bug.
Description
•