search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
no bug - Bumping Firefox l10n changesets r=release a=l10n-bump DONTBUILD CLOSED TREE
[gecko.git] / extensions / permissions / PermissionManager.h
bloba92d583e4950dc1a1761de81750b2bf4873af85e
1 /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
2 /* vim: set ts=8 sts=2 et sw=2 tw=80: */
3 /* This Source Code Form is subject to the terms of the Mozilla Public
4 * License, v. 2.0. If a copy of the MPL was not distributed with this
5 * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
6
7 #ifndef mozilla_PermissionManager_h
8 #define mozilla_PermissionManager_h
9
10 #include "nsIPermissionManager.h"
11 #include "nsIAsyncShutdown.h"
12 #include "nsIObserver.h"
13 #include "nsWeakReference.h"
14 #include "nsCOMPtr.h"
15 #include "nsIURI.h"
16 #include "nsTHashtable.h"
17 #include "nsTArray.h"
18 #include "nsString.h"
19 #include "nsHashKeys.h"
20 #include "nsRefPtrHashtable.h"
21 #include "mozilla/Atomics.h"
22 #include "mozilla/Monitor.h"
23 #include "mozilla/MozPromise.h"
24 #include "mozilla/OriginAttributes.h"
25 #include "mozilla/StaticMutex.h"
26 #include "mozilla/ThreadBound.h"
27 #include "mozilla/Variant.h"
28 #include "mozilla/Vector.h"
29
30 #include <utility>
31
32 class mozIStorageConnection;
33 class mozIStorageStatement;
34 class nsIInputStream;
35 class nsIPermission;
36 class nsIPrefBranch;
37
38 namespace IPC {
39 struct Permission;
40 }
41
42 namespace mozilla {
43 class OriginAttributesPattern;
44
45 namespace dom {
46 class ContentChild;
47 } // namespace dom
48
49 ////////////////////////////////////////////////////////////////////////////////
50
51 class PermissionManager final : public nsIPermissionManager,
52 public nsIObserver,
53 public nsSupportsWeakReference,
54 public nsIAsyncShutdownBlocker {
55 friend class dom::ContentChild;
56
57 public:
58 class PermissionEntry {
59 public:
60 PermissionEntry(int64_t aID, uint32_t aType, uint32_t aPermission,
61 uint32_t aExpireType, int64_t aExpireTime,
62 int64_t aModificationTime)
63 : mID(aID),
64 mExpireTime(aExpireTime),
65 mModificationTime(aModificationTime),
66 mType(aType),
67 mPermission(aPermission),
68 mExpireType(aExpireType),
69 mNonSessionPermission(aPermission),
70 mNonSessionExpireType(aExpireType),
71 mNonSessionExpireTime(aExpireTime) {}
72
73 int64_t mID;
74 int64_t mExpireTime;
75 int64_t mModificationTime;
76 uint32_t mType;
77 uint32_t mPermission;
78 uint32_t mExpireType;
79 uint32_t mNonSessionPermission;
80 uint32_t mNonSessionExpireType;
81 uint32_t mNonSessionExpireTime;
82 };
83
84 /**
85 * PermissionKey is the key used by PermissionHashKey hash table.
86 */
87 class PermissionKey {
88 public:
89 static PermissionKey* CreateFromPrincipal(nsIPrincipal* aPrincipal,
90 bool aForceStripOA,
91 bool aScopeToSite,
92 nsresult& aResult);
93 static PermissionKey* CreateFromURI(nsIURI* aURI, nsresult& aResult);
94 static PermissionKey* CreateFromURIAndOriginAttributes(
95 nsIURI* aURI, const OriginAttributes* aOriginAttributes,
96 bool aForceStripOA, nsresult& aResult);
97
98 explicit PermissionKey(const nsACString& aOrigin)
99 : mOrigin(aOrigin), mHashCode(HashString(aOrigin)) {}
100
101 bool operator==(const PermissionKey& aKey) const {
102 return mOrigin.Equals(aKey.mOrigin);
103 }
104
105 PLDHashNumber GetHashCode() const { return mHashCode; }
106
107 NS_INLINE_DECL_THREADSAFE_REFCOUNTING(PermissionKey)
108
109 const nsCString mOrigin;
110 const PLDHashNumber mHashCode;
111
112 private:
113 // Default ctor shouldn't be used.
114 PermissionKey() = delete;
115
116 // Dtor shouldn't be used outside of the class.
117 ~PermissionKey(){};
118 };
119
120 class PermissionHashKey : public nsRefPtrHashKey<PermissionKey> {
121 public:
122 explicit PermissionHashKey(const PermissionKey* aPermissionKey)
123 : nsRefPtrHashKey<PermissionKey>(aPermissionKey) {}
124
125 PermissionHashKey(PermissionHashKey&& toCopy)
126 : nsRefPtrHashKey<PermissionKey>(std::move(toCopy)),
127 mPermissions(std::move(toCopy.mPermissions)) {}
128
129 bool KeyEquals(const PermissionKey* aKey) const {
130 return *aKey == *GetKey();
131 }
132
133 static PLDHashNumber HashKey(const PermissionKey* aKey) {
134 return aKey->GetHashCode();
135 }
136
137 // Force the hashtable to use the copy constructor when shuffling entries
138 // around, otherwise the Auto part of our AutoTArray won't be happy!
139 enum { ALLOW_MEMMOVE = false };
140
141 inline nsTArray<PermissionEntry>& GetPermissions() { return mPermissions; }
142 inline const nsTArray<PermissionEntry>& GetPermissions() const {
143 return mPermissions;
144 }
145
146 inline int32_t GetPermissionIndex(uint32_t aType) const {
147 for (uint32_t i = 0; i < mPermissions.Length(); ++i)
148 if (mPermissions[i].mType == aType) return i;
149
150 return -1;
151 }
152
153 inline PermissionEntry GetPermission(uint32_t aType) const {
154 for (uint32_t i = 0; i < mPermissions.Length(); ++i)
155 if (mPermissions[i].mType == aType) return mPermissions[i];
156
157 // unknown permission... return relevant data
158 return PermissionEntry(-1, aType, nsIPermissionManager::UNKNOWN_ACTION,
159 nsIPermissionManager::EXPIRE_NEVER, 0, 0);
160 }
161
162 private:
163 AutoTArray<PermissionEntry, 1> mPermissions;
164 };
165
166 // nsISupports
167 NS_DECL_THREADSAFE_ISUPPORTS
168 NS_DECL_NSIPERMISSIONMANAGER
169 NS_DECL_NSIOBSERVER
170 NS_DECL_NSIASYNCSHUTDOWNBLOCKER
171
172 PermissionManager();
173 static already_AddRefed<nsIPermissionManager> GetXPCOMSingleton();
174 static PermissionManager* GetInstance();
175 nsresult Init();
176
177 // enums for AddInternal()
178 enum OperationType {
179 eOperationNone,
180 eOperationAdding,
181 eOperationRemoving,
182 eOperationChanging,
183 eOperationReplacingDefault
184 };
185
186 enum DBOperationType { eNoDBOperation, eWriteToDB };
187
188 enum NotifyOperationType { eDontNotify, eNotify };
189
190 // Similar to TestPermissionFromPrincipal, except that it is used only for
191 // permissions which can never have default values.
192 nsresult TestPermissionWithoutDefaultsFromPrincipal(nsIPrincipal* aPrincipal,
193 const nsACString& aType,
194 uint32_t* aPermission);
195
196 nsresult LegacyTestPermissionFromURI(
197 nsIURI* aURI, const OriginAttributes* aOriginAttributes,
198 const nsACString& aType, uint32_t* aPermission);
199
200 nsresult RemovePermissionsWithAttributes(OriginAttributesPattern& aAttrs);
201
202 /**
203 * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
204 * permission keys.
205 *
206 * Get the permission key corresponding to the given Principal. This method is
207 * intentionally infallible, as we want to provide an permission key to every
208 * principal. Principals which don't have meaningful URIs with http://,
209 * https://, or ftp:// schemes are given the default "" Permission Key.
210 *
211 * @param aPrincipal The Principal which the key is to be extracted from.
212 * @param aForceStripOA Whether to force stripping the principals origin
213 * attributes prior to generating the key.
214 * @param aSiteScopePermissions Whether to prepare the key for permissions
215 * scoped to the Principal's site, rather than origin. These are looked
216 * up independently. Scoping of a permission is fully determined by its
217 * type and determined by calls to the function IsSiteScopedPermission.
218 * @param aKey A string which will be filled with the permission
219 * key.
220 */
221 static nsresult GetKeyForPrincipal(nsIPrincipal* aPrincipal,
222 bool aForceStripOA,
223 bool aSiteScopePermissions,
224 nsACString& aKey);
225
226 /**
227 * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
228 * permission keys.
229 *
230 * Get the permission key corresponding to the given Origin. This method is
231 * like GetKeyForPrincipal, except that it avoids creating a nsIPrincipal
232 * object when you already have access to an origin string.
233 *
234 * If this method is passed a nonsensical origin string it may produce a
235 * nonsensical permission key result.
236 *
237 * @param aOrigin The origin which the key is to be extracted from.
238 * @param aForceStripOA Whether to force stripping the origins attributes
239 * prior to generating the key.
240 * @param aSiteScopePermissions Whether to prepare the key for permissions
241 * scoped to the Principal's site, rather than origin. These are looked
242 * up independently. Scoping of a permission is fully determined by its
243 * type and determined by calls to the function IsSiteScopedPermission.
244 * @param aKey A string which will be filled with the permission
245 * key.
246 */
247 static nsresult GetKeyForOrigin(const nsACString& aOrigin, bool aForceStripOA,
248 bool aSiteScopePermissions, nsACString& aKey);
249
250 /**
251 * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
252 * permission keys.
253 *
254 * Get the permission key corresponding to the given Principal and type. This
255 * method is intentionally infallible, as we want to provide an permission key
256 * to every principal. Principals which don't have meaningful URIs with
257 * http://, https://, or ftp:// schemes are given the default "" Permission
258 * Key.
259 *
260 * This method is different from GetKeyForPrincipal in that it also takes
261 * permissions which must be sent down before loading a document into account.
262 *
263 * @param aPrincipal The Principal which the key is to be extracted from.
264 * @param aType The type of the permission to get the key for.
265 * @param aPermissionKey A string which will be filled with the permission
266 * key.
267 */
268 static nsresult GetKeyForPermission(nsIPrincipal* aPrincipal,
269 const nsACString& aType,
270 nsACString& aKey);
271
272 /**
273 * See `nsIPermissionManager::GetPermissionsWithKey` for more info on
274 * permission keys.
275 *
276 * Get all permissions keys which could correspond to the given principal.
277 * This method, like GetKeyForPrincipal, is infallible and should always
278 * produce at least one (key, origin) pair.
279 *
280 * Unlike GetKeyForPrincipal, this method also gets the keys for base domains
281 * of the given principal. All keys returned by this method must be available
282 * in the content process for a given URL to successfully have its permissions
283 * checked in the `aExactHostMatch = false` situation.
284 *
285 * @param aPrincipal The Principal which the key is to be extracted from.
286 * @return returns an array of (key, origin) pairs.
287 */
288 static nsTArray<std::pair<nsCString, nsCString>> GetAllKeysForPrincipal(
289 nsIPrincipal* aPrincipal);
290
291 // From ContentChild.
292 nsresult RemoveAllFromIPC();
293
294 /**
295 * Returns false if this permission manager wouldn't have the permission
296 * requested available.
297 *
298 * If aType is empty, checks that the permission manager would have all
299 * permissions available for the given principal.
300 */
301 bool PermissionAvailable(nsIPrincipal* aPrincipal, const nsACString& aType);
302
303 /**
304 * The content process doesn't have access to every permission. Instead, when
305 * LOAD_DOCUMENT_URI channels for http://, https://, and ftp:// URIs are
306 * opened, the permissions for those channels are sent down to the content
307 * process before the OnStartRequest message. Permissions for principals with
308 * other schemes are sent down at process startup.
309 *
310 * Permissions are keyed and grouped by "Permission Key"s.
311 * `PermissionManager::GetKeyForPrincipal` provides the mechanism for
312 * determining the permission key for a given principal.
313 *
314 * This method may only be called in the parent process. It fills the nsTArray
315 * argument with the IPC::Permission objects which have a matching origin.
316 *
317 * @param origin The origin to use to find the permissions of interest.
318 * @param key The key to use to find the permissions of interest. Only used
319 * when the origin argument is empty.
320 * @param perms An array which will be filled with the permissions which
321 * match the given origin.
322 */
323 bool GetPermissionsFromOriginOrKey(const nsACString& aOrigin,
324 const nsACString& aKey,
325 nsTArray<IPC::Permission>& aPerms);
326
327 /**
328 * See `PermissionManager::GetPermissionsWithKey` for more info on
329 * Permission keys.
330 *
331 * `SetPermissionsWithKey` may only be called in the Child process, and
332 * initializes the permission manager with the permissions for a given
333 * Permission key. marking permissions with that key as available.
334 *
335 * @param permissionKey The key for the permissions which have been sent
336 * over.
337 * @param perms An array with the permissions which match the given key.
338 */
339 void SetPermissionsWithKey(const nsACString& aPermissionKey,
340 nsTArray<IPC::Permission>& aPerms);
341
342 /**
343 * Add a callback which should be run when all permissions are available for
344 * the given nsIPrincipal. This method invokes the callback runnable
345 * synchronously when the permissions are already available. Otherwise the
346 * callback will be run asynchronously in SystemGroup when all permissions
347 * are available in the future.
348 *
349 * NOTE: This method will not request the permissions be sent by the parent
350 * process. This should only be used to wait for permissions which may not
351 * have arrived yet in order to ensure they are present.
352 *
353 * @param aPrincipal The principal to wait for permissions to be available
354 * for.
355 * @param aRunnable The runnable to run when permissions are available for
356 * the given principal.
357 */
358 void WhenPermissionsAvailable(nsIPrincipal* aPrincipal,
359 nsIRunnable* aRunnable);
360
361 /**
362 * Strip origin attributes for permissions, depending on permission isolation
363 * pref state.
364 * @param aForceStrip If true, strips user context and private browsing id,
365 * ignoring permission isolation prefs.
366 * @param aOriginAttributes object to strip.
367 */
368 static void MaybeStripOriginAttributes(bool aForceStrip,
369 OriginAttributes& aOriginAttributes);
370
371 private:
372 ~PermissionManager();
373 static StaticMutex sCreationMutex MOZ_UNANNOTATED;
374
375 /**
376 * Get all permissions for a given principal, which should not be isolated
377 * by user context or private browsing. The principal has its origin
378 * attributes stripped before perm db lookup. This is currently only affects
379 * the "cookie" permission.
380 * @param aPrincipal Used for creating the permission key.
381 * @param aSiteScopePermissions Used to specify whether to get strip perms for
382 * site scoped permissions (defined in IsSiteScopedPermission) or all other
383 * permissions. Also used to create the permission key.
384 */
385 nsresult GetStripPermsForPrincipal(nsIPrincipal* aPrincipal,
386 bool aSiteScopePermissions,
387 nsTArray<PermissionEntry>& aResult);
388
389 // Returns -1 on failure
390 int32_t GetTypeIndex(const nsACString& aType, bool aAdd);
391
392 // Returns whether the given combination of expire type and expire time are
393 // expired. Note that EXPIRE_SESSION only honors expireTime if it is nonzero.
394 bool HasExpired(uint32_t aExpireType, int64_t aExpireTime);
395
396 // Appends the permissions associated with this principal to aResult.
397 // If the onlySiteScopePermissions argument is true, the permissions searched
398 // are those for the site of the principal and only the permissions that are
399 // site-scoped are used.
400 nsresult GetAllForPrincipalHelper(nsIPrincipal* aPrincipal,
401 bool aSiteScopePermissions,
402 nsTArray<RefPtr<nsIPermission>>& aResult);
403
404 // Returns PermissionHashKey for a given { host, isInBrowserElement } tuple.
405 // This is not simply using PermissionKey because we will walk-up domains in
406 // case of |host| contains sub-domains. Returns null if nothing found. Also
407 // accepts host on the format "<foo>". This will perform an exact match lookup
408 // as the string doesn't contain any dots.
409 PermissionHashKey* GetPermissionHashKey(nsIPrincipal* aPrincipal,
410 uint32_t aType, bool aExactHostMatch);
411
412 // Returns PermissionHashKey for a given { host, isInBrowserElement } tuple.
413 // This is not simply using PermissionKey because we will walk-up domains in
414 // case of |host| contains sub-domains. Returns null if nothing found. Also
415 // accepts host on the format "<foo>". This will perform an exact match lookup
416 // as the string doesn't contain any dots.
417 PermissionHashKey* GetPermissionHashKey(
418 nsIURI* aURI, const OriginAttributes* aOriginAttributes, uint32_t aType,
419 bool aExactHostMatch);
420
421 // The int32_t is the type index, the nsresult is an early bail-out return
422 // code.
423 typedef Variant<int32_t, nsresult> TestPreparationResult;
424 TestPreparationResult CommonPrepareToTestPermission(
425 nsIPrincipal* aPrincipal, int32_t aTypeIndex, const nsACString& aType,
426 uint32_t* aPermission, uint32_t aDefaultPermission,
427 bool aDefaultPermissionIsValid, bool aExactHostMatch,
428 bool aIncludingSession);
429
430 // If aTypeIndex is passed -1, we try to inder the type index from aType.
431 nsresult CommonTestPermission(nsIPrincipal* aPrincipal, int32_t aTypeIndex,
432 const nsACString& aType, uint32_t* aPermission,
433 uint32_t aDefaultPermission,
434 bool aDefaultPermissionIsValid,
435 bool aExactHostMatch, bool aIncludingSession);
436
437 // If aTypeIndex is passed -1, we try to inder the type index from aType.
438 nsresult CommonTestPermission(nsIURI* aURI, int32_t aTypeIndex,
439 const nsACString& aType, uint32_t* aPermission,
440 uint32_t aDefaultPermission,
441 bool aDefaultPermissionIsValid,
442 bool aExactHostMatch, bool aIncludingSession);
443
444 nsresult CommonTestPermission(nsIURI* aURI,
445 const OriginAttributes* aOriginAttributes,
446 int32_t aTypeIndex, const nsACString& aType,
447 uint32_t* aPermission,
448 uint32_t aDefaultPermission,
449 bool aDefaultPermissionIsValid,
450 bool aExactHostMatch, bool aIncludingSession);
451
452 // Only one of aPrincipal or aURI is allowed to be passed in.
453 nsresult CommonTestPermissionInternal(
454 nsIPrincipal* aPrincipal, nsIURI* aURI,
455 const OriginAttributes* aOriginAttributes, int32_t aTypeIndex,
456 const nsACString& aType, uint32_t* aPermission, bool aExactHostMatch,
457 bool aIncludingSession);
458
459 nsresult OpenDatabase(nsIFile* permissionsFile);
460
461 void InitDB(bool aRemoveFile);
462 nsresult TryInitDB(bool aRemoveFile, nsIInputStream* aDefaultsInputStream);
463
464 void AddIdleDailyMaintenanceJob();
465 void RemoveIdleDailyMaintenanceJob();
466 void PerformIdleDailyMaintenance();
467
468 nsresult ImportLatestDefaults();
469 already_AddRefed<nsIInputStream> GetDefaultsInputStream();
470 void ConsumeDefaultsInputStream(nsIInputStream* aDefaultsInputStream,
471 const MonitorAutoLock& aProofOfLock);
472
473 nsresult CreateTable();
474 void NotifyObserversWithPermission(nsIPrincipal* aPrincipal,
475 const nsACString& aType,
476 uint32_t aPermission, uint32_t aExpireType,
477 int64_t aExpireTime,
478 int64_t aModificationTime,
479 const char16_t* aData);
480 void NotifyObservers(nsIPermission* aPermission, const char16_t* aData);
481
482 // Finalize all statements, close the DB and null it.
483 enum CloseDBNextOp {
484 eNone,
485 eRebuldOnSuccess,
486 eShutdown,
487 };
488 void CloseDB(CloseDBNextOp aNextOp);
489
490 nsresult RemoveAllInternal(bool aNotifyObservers);
491 nsresult RemoveAllFromMemory();
492
493 void UpdateDB(OperationType aOp, int64_t aID, const nsACString& aOrigin,
494 const nsACString& aType, uint32_t aPermission,
495 uint32_t aExpireType, int64_t aExpireTime,
496 int64_t aModificationTime);
497
498 /**
499 * This method removes all permissions modified after the specified time.
500 */
501 nsresult RemoveAllModifiedSince(int64_t aModificationTime);
502
503 template <class T>
504 nsresult RemovePermissionEntries(T aCondition);
505
506 template <class T>
507 nsresult GetPermissionEntries(T aCondition,
508 nsTArray<RefPtr<nsIPermission>>& aResult);
509
510 // This method must be called before doing any operation to be sure that the
511 // DB reading has been completed. This method is also in charge to complete
512 // the migrations if needed.
513 void EnsureReadCompleted();
514
515 nsresult AddInternal(nsIPrincipal* aPrincipal, const nsACString& aType,
516 uint32_t aPermission, int64_t aID, uint32_t aExpireType,
517 int64_t aExpireTime, int64_t aModificationTime,
518 NotifyOperationType aNotifyOperation,
519 DBOperationType aDBOperation,
520 const bool aIgnoreSessionPermissions = false,
521 const nsACString* aOriginString = nullptr,
522 const bool aAllowPersistInPrivateBrowsing = false);
523
524 void MaybeAddReadEntryFromMigration(const nsACString& aOrigin,
525 const nsCString& aType,
526 uint32_t aPermission,
527 uint32_t aExpireType, int64_t aExpireTime,
528 int64_t aModificationTime, int64_t aId);
529
530 nsCOMPtr<nsIAsyncShutdownClient> GetAsyncShutdownBarrier() const;
531
532 void MaybeCompleteShutdown();
533
534 nsRefPtrHashtable<nsCStringHashKey, GenericNonExclusivePromise::Private>
535 mPermissionKeyPromiseMap;
536
537 nsCOMPtr<nsIFile> mPermissionsFile;
538
539 // This monitor is used to ensure the database reading before any other
540 // operation. The reading of the database happens OMT. See |State| to know the
541 // steps of the database reading.
542 Monitor mMonitor MOZ_UNANNOTATED;
543
544 enum State {
545 // Initial state. The database has not been read yet.
546 // |TryInitDB| is called at startup time to read the database OMT.
547 // During the reading, |mReadEntries| will be populated with all the
548 // existing permissions.
549 eInitializing,
550
551 // At the end of the database reading, we are in this state. A runnable is
552 // executed to call |EnsureReadCompleted| on the main thread.
553 // |EnsureReadCompleted| processes |mReadEntries| and goes to the next
554 // state.
555 eDBInitialized,
556
557 // The permissions are fully read and any pending operation can proceed.
558 eReady,
559
560 // The permission manager has been terminated. No extra database operations
561 // will be allowed.
562 eClosed,
563 };
564 Atomic<State> mState;
565
566 // A single entry, from the database.
567 struct ReadEntry {
568 ReadEntry()
569 : mId(0),
570 mPermission(0),
571 mExpireType(0),
572 mExpireTime(0),
573 mModificationTime(0) {}
574
575 nsCString mOrigin;
576 nsCString mType;
577 int64_t mId;
578 uint32_t mPermission;
579 uint32_t mExpireType;
580 int64_t mExpireTime;
581 int64_t mModificationTime;
582
583 // true if this entry is the result of a migration.
584 bool mFromMigration;
585 };
586
587 // List of entries read from the database. It will be populated OMT and
588 // consumed on the main-thread.
589 // This array is protected by the monitor.
590 nsTArray<ReadEntry> mReadEntries;
591
592 // A single entry, from the database.
593 struct MigrationEntry {
594 MigrationEntry()
595 : mId(0),
596 mPermission(0),
597 mExpireType(0),
598 mExpireTime(0),
599 mModificationTime(0),
600 mIsInBrowserElement(false) {}
601
602 nsCString mHost;
603 nsCString mType;
604 int64_t mId;
605 uint32_t mPermission;
606 uint32_t mExpireType;
607 int64_t mExpireTime;
608 int64_t mModificationTime;
609
610 // Legacy, for migration.
611 bool mIsInBrowserElement;
612 };
613
614 // List of entries read from the database. It will be populated OMT and
615 // consumed on the main-thread. The migration entries will be converted to
616 // ReadEntry in |CompleteMigrations|.
617 // This array is protected by the monitor.
618 nsTArray<MigrationEntry> mMigrationEntries;
619
620 // A single entry from the defaults URL.
621 struct DefaultEntry {
622 DefaultEntry() : mOp(eImportMatchTypeHost), mPermission(0) {}
623
624 enum Op {
625 eImportMatchTypeHost,
626 eImportMatchTypeOrigin,
627 };
628
629 Op mOp;
630
631 nsCString mHostOrOrigin;
632 nsCString mType;
633 uint32_t mPermission;
634 };
635
636 // List of entries read from the default settings.
637 // This array is protected by the monitor.
638 nsTArray<DefaultEntry> mDefaultEntries;
639
640 nsresult Read(const MonitorAutoLock& aProofOfLock);
641 void CompleteRead();
642
643 void CompleteMigrations();
644
645 bool mMemoryOnlyDB;
646
647 nsTHashtable<PermissionHashKey> mPermissionTable;
648 // a unique, monotonically increasing id used to identify each database entry
649 int64_t mLargestID;
650
651 nsCOMPtr<nsIPrefBranch> mDefaultPrefBranch;
652
653 // NOTE: Ensure this is the last member since it has a large inline buffer.
654 // An array to store the strings identifying the different types.
655 Vector<nsCString, 512> mTypeArray;
656
657 nsCOMPtr<nsIThread> mThread;
658
659 struct ThreadBoundData {
660 nsCOMPtr<mozIStorageConnection> mDBConn;
661
662 nsCOMPtr<mozIStorageStatement> mStmtInsert;
663 nsCOMPtr<mozIStorageStatement> mStmtDelete;
664 nsCOMPtr<mozIStorageStatement> mStmtUpdate;
665 };
666 ThreadBound<ThreadBoundData> mThreadBoundData;
667
668 friend class DeleteFromMozHostListener;
669 friend class CloseDatabaseListener;
670 };
671
672 // {4F6B5E00-0C36-11d5-A535-0010A401EB10}
673 #define NS_PERMISSIONMANAGER_CID \
674 { \
675 0x4f6b5e00, 0xc36, 0x11d5, { \
676 0xa5, 0x35, 0x0, 0x10, 0xa4, 0x1, 0xeb, 0x10 \
677 } \
678 }
679
680 } // namespace mozilla
681
682 #endif // mozilla_PermissionManager_h