m/metamask-extension
1
0
Fork 0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-11-22 09:57:02 +01:00
Code

Fence snaps endowments and permissions for stable/flask (#18847)

Browse Source 
* Fence snaps endowments and permissions for stable/flask

* Fix lint

* Fix tests

* Actually fix tests

* Fix another test
This commit is contained in:
Frederik Bolding 2023-05-02 14:51:16 +02:00 committed by GitHub
parent 88ae10418b
commit 4d015de43e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 42 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
app/scripts/controllers/permissions/snaps/snap-permissions.test.js
View File

@ -1,6 +1,7 @@
import { import {
EndowmentPermissions, EndowmentPermissions,
RestrictedMethods, RestrictedMethods,
ExcludedSnapEndowments,
} from '../../../../../shared/constants/permissions'; } from '../../../../../shared/constants/permissions';
import { import {
buildSnapEndowmentSpecifications, buildSnapEndowmentSpecifications,
@ -39,6 +40,13 @@ describe('buildSnapEndowmentSpecifications', () => {
it('creates valid permission specification objects', () => { it('creates valid permission specification objects', () => {
expect( expect(
Object.keys(buildSnapEndowmentSpecifications()).sort(), Object.keys(buildSnapEndowmentSpecifications()).sort(),
).toStrictEqual(Object.keys(EndowmentPermissions).sort()); ).toStrictEqual(
Object.keys(EndowmentPermissions)
.filter(
(targetKey) =>
!Object.keys(ExcludedSnapEndowments).includes(targetKey),
)
.sort(),
);
}); });
}); });

10
shared/constants/permissions.test.js
View File

@ -9,13 +9,15 @@ import {
describe('EndowmentPermissions', () => { describe('EndowmentPermissions', () => {
it('has the expected permission keys', () => { it('has the expected permission keys', () => {
// Since long-running is fenced out this causes problems with the test, we re-add it here.
expect(Object.keys(EndowmentPermissions).sort()).toStrictEqual( expect(Object.keys(EndowmentPermissions).sort()).toStrictEqual(
Object.keys(endowmentPermissionBuilders) [
.filter( 'endowment:long-running',
...Object.keys(endowmentPermissionBuilders).filter(
(targetKey) => (targetKey) =>
!Object.keys(ExcludedSnapEndowments).includes(targetKey), !Object.keys(ExcludedSnapEndowments).includes(targetKey),
) ),
.sort(), ].sort(),
); );
}); });
}); });

26
shared/constants/permissions.ts
View File

@ -17,29 +17,5 @@ export const RestrictedMethods = Object.freeze({
} as const); } as const);
///: BEGIN:ONLY_INCLUDE_IN(snaps) ///: BEGIN:ONLY_INCLUDE_IN(snaps)
/** export * from './snaps/permissions';
* Exclude permissions by code fencing them to avoid any potential usage of excluded permissions at runtime. See: https://github.com/MetaMask/metamask-extension/pull/17321#pullrequestreview-1287014285.
* This is a fix for https://github.com/MetaMask/snaps-monorepo/issues/1103 and https://github.com/MetaMask/snaps-monorepo/issues/990.
* TODO: Disable endowment:long-running and eth_account in stable.
*/
export const EndowmentPermissions = Object.freeze({
'endowment:network-access': 'endowment:network-access',
'endowment:transaction-insight': 'endowment:transaction-insight',
'endowment:cronjob': 'endowment:cronjob',
'endowment:ethereum-provider': 'endowment:ethereum-provider',
'endowment:rpc': 'endowment:rpc',
'endowment:long-running': 'endowment:long-running',
'endowment:webassembly': 'endowment:webassembly',
} as const);
// Methods / permissions in external packages that we are temporarily excluding.
export const ExcludedSnapPermissions = Object.freeze({
eth_accounts:
'eth_accounts is disabled. For more information please see https://github.com/MetaMask/snaps-monorepo/issues/990.',
});
export const ExcludedSnapEndowments = Object.freeze({
'endowment:keyring':
'This endowment is still in development therefore not available.',
});
///: END:ONLY_INCLUDE_IN ///: END:ONLY_INCLUDE_IN

26
shared/constants/snaps/permissions.ts Normal file
View File

@ -0,0 +1,26 @@
export const EndowmentPermissions = Object.freeze({
'endowment:network-access': 'endowment:network-access',
'endowment:transaction-insight': 'endowment:transaction-insight',
'endowment:cronjob': 'endowment:cronjob',
'endowment:ethereum-provider': 'endowment:ethereum-provider',
'endowment:rpc': 'endowment:rpc',
'endowment:webassembly': 'endowment:webassembly',
///: BEGIN:ONLY_INCLUDE_IN(build-flask)
'endowment:long-running': 'endowment:long-running',
///: END:ONLY_INCLUDE_IN
} as const);
// Methods / permissions in external packages that we are temporarily excluding.
export const ExcludedSnapPermissions = Object.freeze({
eth_accounts:
'eth_accounts is disabled. For more information please see https://github.com/MetaMask/snaps-monorepo/issues/990.',
});
export const ExcludedSnapEndowments = Object.freeze({
'endowment:keyring':
'This endowment is still in development therefore not available.',
///: BEGIN:ONLY_INCLUDE_IN(build-main)
'endowment:long-running':
'endowment:long-running is deprecated. For more information please see https://github.com/MetaMask/snaps-monorepo/issues/945.',
///: END:ONLY_INCLUDE_IN
});