void
DesktopNotification::HandleAlertServiceNotification(const char *aTopic)
{
if (NS_FAILED(CheckInnerWindowCorrectness())) {
return;
}
if (!strcmp("alertclickcallback", aTopic)) {
DispatchNotificationEvent(NS_LITERAL_STRING("click"));
} else if (!strcmp("alertfinished", aTopic)) {
DispatchNotificationEvent(NS_LITERAL_STRING("close"));
}
}
bool
sbSecurityMixin::GetPermissionForScopedName(const nsAString &aScopedName,
bool disableNotificationCheck)
{
LOG(( "sbSecurityMixin::GetPermissionForScopedName()"));
// If this instance was set to be privileged, skip the check
if (mPrivileged) {
return PR_TRUE;
}
bool allowed = PR_FALSE;
nsCOMPtr<nsIURI> codebase;
GetCodebase( getter_AddRefs(codebase) );
if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("internal:") ) ) {
if (!codebase) {
// internal stuff always allowed, should never be called from insecure code.
allowed = PR_TRUE;
} else {
// I think this is always a bad thing. It should represent calling of
// methods flagged as internal only being called by insecure code (not
// using system principal)
NS_WARNING("sbSecurityMixin::GetPermissionForScopedName() -- AHHH!!! Asked for internal with codebase");
return PR_FALSE;
}
}
// without a codebase we're either calling internal stuff or wrong.
if (!codebase)
return allowed;
// look up information about the scope
const struct Scope* scope = GetScopeForScopedName( aScopedName );
if (scope) {
// if the current scope is in the table then use the values in the table
// to get permission
allowed = GetPermission( codebase, scope );
}
else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("site:") ) ) {
// site library methods are always cleared
allowed = PR_TRUE;
}
else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("helper:") ) ) {
// helper classes always allowed
allowed = PR_TRUE;
}
else if ( StringBeginsWith( aScopedName, NS_LITERAL_STRING("classinfo:") ) ) {
// class info stuff always allowed - this might need to move above the codebase check.
allowed = PR_TRUE;
}
// if we found additional info about the scope, work out if there's a
// notification to fire
if ( scope && !disableNotificationCheck ) {
const char* notification =
allowed ? scope->allowed_notification : scope->blocked_notification;
LOG(( "sbSecurityMixin::GetPermissionsForScopedName() notification=%s",
notification ));
if ( strcmp(notification, sNotificationAlert) == 0 ) {
LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - ALERT" ));
// Launch a prompt asking the user if they want to do this action.
allowed =
sbRemotePlayer::GetUserApprovalForHost( codebase,
NS_LITERAL_STRING("rapi.media_add.request.title"),
NS_LITERAL_STRING("rapi.media_add.request.message"),
scope->name );
}
else if ( strcmp(notification, sNotificationStatus) == 0 ) {
LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - STATUS" ));
}
else if ( strcmp(notification, sNotificationHat) == 0 ) {
LOG(( "sbSecurityMixin::GetPermissionsForScopedName() - HAT" ));
// notification is not "none"
// we want to fire a notification, but does the user want a notification?
// get the prefs service
nsresult rv;
nsCOMPtr<nsIPrefBranch> prefService =
do_GetService( "@mozilla.org/preferences-service;1", &rv );
NS_ENSURE_SUCCESS( rv, allowed );
bool notify;
// look up the pref
nsCString prefKey("songbird.rapi.");
prefKey.Append(scope->name);
prefKey.AppendLiteral("_notify");
rv = prefService->GetBoolPref( prefKey.get(), ¬ify );
NS_ENSURE_SUCCESS( rv, allowed );
LOG(( "sbSecurityMixin::GetPermissionsForScopedName() pref value: %s",
notify?"true":"false" ));
// if the pref is true we should notify
if (notify) {
DispatchNotificationEvent(notification, scope, allowed);
}
}
}
return allowed;
}
