void DesktopNotification::HandleAlertServiceNotification(const char *aTopic) { if (NS_FAILED(CheckInnerWindowCorrectness())) { return; } if (!strcmp("alertclickcallback", aTopic)) { DispatchNotificationEvent(NS_LITERAL_STRING("click")); } else if (!strcmp("alertfinished", aTopic)) { DispatchNotificationEvent(NS_LITERAL_STRING("close")); } }
bool sbSecurityMixin::GetPermissionForScopedName(const nsAString &aScopedName, bool disableNotificationCheck) { LOG(( "sbSecurityMixin::GetPermissionForScopedName()")); // If this instance was set to be privileged, skip the check if (mPrivileged) { return PR_TRUE; } bool allowed = PR_FALSE; nsCOMPtr<nsIURI> codebase; GetCodebase( getter_AddRefs(codebase) ); if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("internal:") ) ) { if (!codebase) { // internal stuff always allowed, should never be called from insecure code. allowed = PR_TRUE; } else { // I think this is always a bad thing. It should represent calling of // methods flagged as internal only being called by insecure code (not // using system principal) NS_WARNING("sbSecurityMixin::GetPermissionForScopedName() -- AHHH!!! Asked for internal with codebase"); return PR_FALSE; } } // without a codebase we're either calling internal stuff or wrong. if (!codebase) return allowed; // look up information about the scope const struct Scope* scope = GetScopeForScopedName( aScopedName ); if (scope) { // if the current scope is in the table then use the values in the table // to get permission allowed = GetPermission( codebase, scope ); } else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("site:") ) ) { // site library methods are always cleared allowed = PR_TRUE; } else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("helper:") ) ) { // helper classes always allowed allowed = PR_TRUE; } else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("classinfo:") ) ) { // class info stuff always allowed - this might need to move above the codebase check. allowed = PR_TRUE; } // if we found additional info about the scope, work out if there's a // notification to fire if ( scope && !disableNotificationCheck ) { const char* notification = allowed ? scope->allowed_notification : scope->blocked_notification; LOG(( "sbSecurityMixin::GetPermissionsForScopedName() notification=%s", notification )); if ( strcmp(notification, sNotificationAlert) == 0 ) { LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - ALERT" )); // Launch a prompt asking the user if they want to do this action. allowed = sbRemotePlayer::GetUserApprovalForHost( codebase, NS_LITERAL_STRING("rapi.media_add.request.title"), NS_LITERAL_STRING("rapi.media_add.request.message"), scope->name ); } else if ( strcmp(notification, sNotificationStatus) == 0 ) { LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - STATUS" )); } else if ( strcmp(notification, sNotificationHat) == 0 ) { LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - HAT" )); // notification is not "none" // we want to fire a notification, but does the user want a notification? // get the prefs service nsresult rv; nsCOMPtr<nsIPrefBranch> prefService = do_GetService( "@mozilla.org/preferences-service;1", &rv ); NS_ENSURE_SUCCESS( rv, allowed ); bool notify; // look up the pref nsCString prefKey("songbird.rapi."); prefKey.Append(scope->name); prefKey.AppendLiteral("_notify"); rv = prefService->GetBoolPref( prefKey.get(), ¬ify ); NS_ENSURE_SUCCESS( rv, allowed ); LOG(( "sbSecurityMixin::GetPermissionsForScopedName() pref value: %s", notify?"true":"false" )); // if the pref is true we should notify if (notify) { DispatchNotificationEvent(notification, scope, allowed); } } } return allowed; }