Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Define a permission store (closes #384) #390

Merged
merged 20 commits into from
Dec 9, 2022
Merged
Changes from 8 commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
152 changes: 143 additions & 9 deletions index.html
Original file line number Diff line number Diff line change
Expand Up @@ -278,6 +278,71 @@ <h3>
reset because its [=permission/lifetime=] has expired.
</p>
</section>
<section>
<h3>
Permission Store
</h3>
<p>
The user agent maintains a single <dfn class="export">permission store</dfn> which is a [=/list=] of [=permission store entries=].
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</p>
<p>
The user agent MAY remove [=entries=] from the [=permission store=] when their respective [=permission=]'s [=permission/lifetime=] has expired.
</p>
<p>
A <dfn class="export" data-local-lt="entry">permission store entry</dfn> is a [=tuple=] of {{PermissionDescriptor}} <dfn class="export" data-dfn-for="permission store entry">descriptor</dfn>, [=permission key=] <dfn class="export" data-dfn-for="permission store entry">key</dfn>, and [=permission/state=] <dfn class="export" data-dfn-for="permission store entry">state</dfn>.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</p>
<p>
To <dfn class="export">get a permission store entry</dfn> given a {{PermissionDescriptor}} |descriptor| and [=permission key=] |key|, run these steps:
johannhof marked this conversation as resolved.
Show resolved Hide resolved
<ol class="algorithm">
<li>
If the user agent's [=permission store=] [=list/contains=] an [=entry=] whose [=permission store entry/descriptor=] is |descriptor|, and whose [=permission store entry/key=] [=permission key/is equal to=] |key| given |descriptor|, return that entry.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>
Return null.
miketaylr marked this conversation as resolved.
Show resolved Hide resolved
</li>
</ol>
</p>
<p>
To <dfn class="export">set a permission store entry</dfn> given a {{PermissionDescriptor}} |descriptor|, a [=permission key=] |key|, and a [=permission/state=] |state|, run these steps:
<ol class="algorithm">
<li>
Let |newEntry| be a new [=permission store entry=] whose [=permission store entry/descriptor=] is |descriptor|, and whose [=permission store entry/key=] [=permission key/is equal to=] |key| given |descriptor|, and whose [=permission store entry/state=] is |state|.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>
If the user agent's [=permission store=] [=list/contains=] an [=entry=] whose [=permission store entry/descriptor=] is |descriptor|, and whose [=permission store entry/key=] [=permission key/is equal to=] |key| given |descriptor|, [=list/replace=] that entry with |newEntry| and abort these steps.
</li>
<li>
[=list/Append=] |newEntry| to the user agent's [=permission store=].
</li>
</ol>
</p>
<p>
To <dfn class="export">remove a permission store entry</dfn> given a {{PermissionDescriptor}} |descriptor| and [=permission key=] |key|, run these steps:
<ol class="algorithm">
<li>
[=list/Remove=] the [=entry=] whose [=permission store entry/descriptor=] is |descriptor|, and whose [=permission store entry/key=] [=permission key/is equal to=] |key| given |descriptor|, from the user agent's [=permission store=].
</li>
</ol>
</p>
<p>
A <dfn class="export">permission key</dfn> has the type returned by the feature's [=powerful feature/permission key generation algorithm=].
johannhof marked this conversation as resolved.
Show resolved Hide resolved
<aside class="note">
Powerful features may override the key generation algorithm to specify a custom permission key.
This is useful for features that want to restrict permissions based on additional context,
such as double-keying on both the embedded origin and the top-level origin.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</aside>
</p>
<p>
To determine whether a [=permission key=] |key1| <dfn class="export" for="permission key">is equal to</dfn> a [=permission key=] |key2|, given a {{PermissionDescriptor}} |descriptor|, run the following steps:
<ol class="algorithm">
<li>
Return the result of running |descriptor|'s {{PermissionDescriptor/name}}'s [=powerful feature/permission key comparison algorithm=], passing |key1| and |key2|.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
</ol>
</p>

</p>
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</section>
<section>
<h2>
Powerful features
Expand Down Expand Up @@ -501,6 +566,54 @@ <h2>
</li>
</ol>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission key generation algorithm</dfn>:
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</dt>
<dd>
<p>
Takes an [=environment settings object=], and returns a new [=permission key=].
If unspecified, this defaults to the <a>default permission key generation algorithm</a>.
A feature that specifies a custom [=powerful feature/permission key generation algorithm=] MUST also specify a
[=powerful feature/permission key comparison algorithm=].
</p>
<p>
The <dfn class="export">default permission key generation algorithm</dfn>,
given an [=environment settings object=] |settings|, runs the following steps:
</p>
<ol class="algorithm">
<li>
Return |settings|'s [=environment/top-level origin=].
</li>
</ol>
<aside class="note" title="Permission Delegation">
Most powerful features grant permission to the top-level origin and delegate access to the requesting document via Permissions Policy.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
This is known as permission delegation.
</aside>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission key comparison algorithm</dfn>:
</dt>
<dd>
<p>
Takes two [=permission keys=] and returns a boolean that shows whether the two keys are equal.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
If unspecified, this defaults to the <a>default permission key comparison algorithm</a>.
</p>
<p>
The <dfn class="export">default permission key comparison algorithm</dfn>,
given [=permission keys=] |key1| and |key2|, runs the following steps:
</p>
<ol class="algorithm">
<li>
If |key1| is not an [=origin=] or |key2| is not an [=origin=] return false.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>
If |key1| is not [=same origin=] with |key2| return false.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>
Return true.
</li>
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</ol>
</dd>
<dt>
A <dfn data-dfn-for="powerful feature" class="export">permission revocation
algorithm</dfn>:
Expand All @@ -509,7 +622,7 @@ <h2>
<p>
Takes no arguments. Updates any other parts of the implementation that need to be kept
in sync with changes in the results of <a>permission states</a> or [=powerful
feature/extra permission data=], and then [=react to the user revoking permission=].
feature/extra permission data=].
</p>
<p>
If unspecified, this defaults to running [=react to the user revoking permission=].
Expand Down Expand Up @@ -628,9 +741,11 @@ <h3 id="reading-current-states">
</li>
</ol>
</li>
<li>If there was a previous invocation of this algorithm with the same |descriptor| and
|settings|, returning |previousResult|, and the user agent has not received <a>new
information about the user's intent</a> since that invocation, return |previousResult|.
<li>Let |key| be the result of [=powerful feature/permission key generation algorithm|generating a permission key=] with |settings|.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>Let |entry| be the result of [=get a permission store entry|getting a permission store entry=] with |descriptor| and |key|.
</li>
<li>If |entry| is not null, return a {{PermissionState}} enum value from |entry|'s [=permission store entry/state=] and |entry|'s [=permission store entry/descriptor=]'s {{PermissionDescriptor/name}}.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
</li>
<li>Return the {{PermissionState}} enum value that represents the permission state of
|feature|, taking into account any [=powerful feature/permission state constraints=] for
Expand Down Expand Up @@ -662,8 +777,8 @@ <h3 id="requesting-more-permission">
<li>Ask the user for <a>express permission</a> for the calling algorithm to use the
<a>powerful feature</a> described by |descriptor|.
</li>
<li>If the user gives [=express permission=] to use the powerful feature, return
{{PermissionState/"granted"}}; otherwise return {{PermissionState/"denied"}}. The user's
<li>If the user gives [=express permission=] to use the powerful feature, set |current state| to
{{PermissionState/"granted"}}; otherwise to {{PermissionState/"denied"}}. The user's
interaction may provide <a>new information about the user's intent</a> for the
[=origin=].
<p class="note">
Expand All @@ -672,6 +787,16 @@ <h3 id="requesting-more-permission">
this framework.
</p>
</li>
<li>
Let |key| be the result of [=powerful feature/permission key generation algorithm|generating a permission key=] with the [=current settings object=].
</li>
<li>
[=Queue a task=] on the [=current settings object=]'s [=environment settings
object/responsible event loop=] to [=set a permission store entry=] with |descriptor|, |key|, and |current state|.
</li>
<li>
Return |current state|.
</li>
</ol>
<p>
As a shorthand, <a>requesting permission to use</a> a {{DOMString}} |name|, is the same
Expand Down Expand Up @@ -734,12 +859,21 @@ <h3 id="reacting-to-revocation">
</h3>
<p>
When the user agent learns that the user no longer intends to grant permission to use a
<a>feature</a>, <dfn>react to the user revoking permission</dfn> by running these steps:
feature described by the {{PermissionDescriptor}} |descriptor| in the context
described by the [=permission key=] |key|, <dfn>react to the user revoking permission</dfn>
by running these steps:
</p>
<ol class="algorithm">
<li>
<a>Queue a global task</a> on the [=user interaction task source=] to run that
feature's [=powerful feature/permission revocation algorithm=].
<a>Queue a global task</a> on the [=user interaction task source=] to:.
johannhof marked this conversation as resolved.
Show resolved Hide resolved
<ol>
<li>
Run |descriptor|'s {{PermissionDescriptor/name}}'s [=powerful feature/permission revocation algorithm=].
</li>
<li>
[=Remove a permission store entry=] with |descriptor| and |key|.
</li>
</ol>
</li>
</ol>
</section>
Expand Down