1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-02 06:07:06 +01:00
Commit Graph

67 Commits

Author SHA1 Message Date
Erik Marks
955855b7d9 Fix manually connecting sites (#13320) 2022-01-18 11:05:14 -07:00
Mark Stacey
c17fa40114
Consolidate permission exports (#13012)
The permission-related modules are now all exported together in the
index of the `app/scripts/controllers/permissions` directory.
2021-12-08 07:07:35 -03:30
Erik Marks
31cf7c10a4
Permission System 2.0 (#12243)
# Permission System 2.0

## Background

This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.

With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.

Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.

The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.

## Changes in Detail

First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.

- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.

Reviewers should focus their attention on the following files:

- `app/scripts/`
  - `metamask-controller.js`
    - This is where most of the integration work for the new `PermissionController` occurs.
      Some functions that were internal to the original controller were moved here.
  - `controllers/permissions/`
    - `selectors.js`
      - These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
    - `specifications.js`
      - The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
        See the `PermissionController` readme for details.
  - `migrations/068.js`
    - The new state should be cross-referenced with the controllers that manage it.
      The accompanying tests should also be thoroughly reviewed.

Some files may appear new but have just moved and/or been renamed:

- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
  - This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
  - A truncated version of `test/mocks/permission-controller.js`.

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2021-12-06 19:16:49 -08:00
Dan Finlay
2df159841a
Add eth_feeHistory to safe method list (#11999)
So that we can expose this method to dapps.
2021-09-02 10:26:32 -07:00
Erik Marks
8a8ce3a0c0
@metamask/controllers@15.0.0 (#11975)
Adds the latest version of `@metamask/controllers`, and updates our usage of the `ApprovalController`, which has been migrated to `BaseControllerV2`. Of [the new `controllers` release](https://github.com/MetaMask/controllers/releases/tag/v15.0.0), only the `ApprovalController` migration should be breaking.

This is the first time we use events on the `ControllerMessenger` to update the badge, so I turned the messenger into a property on the main `MetaMaskController` in order to subscribe to events on it in `background.js`. I confirmed that the badge does indeed update during local QA.

As it turns out, [MetaMask/controllers#571](https://github.com/MetaMask/controllers/pull/571) was breaking for a single unit test case, which is now handled during setup and teardown for the related test suite (`metamask-controller.test.js`).
2021-08-31 12:27:13 -07:00
Erik Marks
e142bf0c5e
Fix _getPermittedAccounts type safety (#10819) 2021-04-05 11:32:46 -07:00
Brad Decker
5a233e4634
colocate tests in flat structure (#10655) 2021-03-16 16:00:08 -05:00
Erik Marks
a29fc51838
Ensure permission log will only store JSON-able data (#10524) 2021-03-10 11:50:06 -08:00
Shane
e3084b87cc
fix: manually connect accountsChanged (#10477)
fixes #9933
2021-02-19 09:48:49 -08:00
Erik Marks
76a2a9bb8b
@metamask/eslint config@5.0.0 (#10358)
* @metamask/eslint-config@5.0.0
* Update eslintrc and prettierrc
* yarn lint:fix
2021-02-04 10:15:23 -08:00
Thomas Huang
1dad4abfdc
Fix site metadata JSON-RPC handler (#10243)
* Fix getting the site metadata from the request origin params.

Regressed from inpage-provider ts migration the request. The property domainMetadata is now set as a params key for the request.

https://github.com/MetaMask/inpage-provider/blob/v7.0.0/src/siteMetadata.js#L19-L25
vs
https://github.com/MetaMask/inpage-provider/blob/main/src/siteMetadata.ts#L19-L27

* Change hardcoded mocked response of the request to the prod response.
2021-01-22 10:27:07 -08:00
Erik Marks
30ff153103
eth-rpc-errors@4.0.2 (#10226) 2021-01-20 22:06:41 -08:00
Erik Marks
90289ec22a
Further improve organization of constants (#10200) 2021-01-20 08:13:14 -08:00
Erik Marks
e05be40d92
@metamask/obs-store@5.0.0 (#10092) 2020-12-16 13:14:49 -08:00
Erik Marks
eeee8852cd
Add eth_getProof to safe methods (#10070)
`eth_getProof` is an unpermissioned, read-only RPC method for getting account-related Merkle proofs, specified here: https://eips.ethereum.org/EIPS/eip-1186

It's been supported by major Ethereum clients, and Infura, for some time. By adding it to the safe methods list, we enable this method for our users.
2020-12-14 15:21:15 -08:00
Erik Marks
8f40d03299
Add approval controller (#9401)
This PR introduces the new approval controller to the extension codebase. We use it for the permissions controller's pending approval functionality.

The approval controller sets us up for a new pattern of requesting and managing user confirmations in RPC methods. Along with the generic RPC method middleware, the approval controller will allow us to eliminate our message managers, and decouple various method handlers from our provider stack, making the implementations more portable between the extension and mobile.
2020-12-14 08:04:26 -08:00
Erik Marks
3bf94164ac
@metamask/inpage-provider@^8.0.0 (#8640)
* @metamask/inpage-provider@^8.0.0
* Replace public config store with JSON-RPC notifications
* Encapsulate notification permissioning in permissions controller
* Update prefix of certain internal RPC methods and notifications
* Add accounts to getProviderState
* Send accounts with isUnlocked notification (#10007)
* Rename provider streams, notify provider of stream failures (#10006)
2020-12-08 11:48:47 -08:00
Erik Marks
1da9ad77a4
json-rpc-engine@6.1.0 (#9922) 2020-12-02 11:41:24 -08:00
Mark Stacey
14d85b1332
Make JSDoc formatting more consistent (#9796)
A few inconsistencies in JSDoc formatting have been fixed throughout
the project. Many issues remain; these were just the few things that
were easy to fix with a regular expression.

The changes include:

* Using lower-case for primitive types, but capitalizing non-primitive
 types
* Separating the parameter identifier and the description with a dash
* Omitting a dash between the return type and the return description
* Ensuring the parameter type is first and the identifier is second (in
 a few places it was backwards)
* Using square brackets to denote when a parameter is optional, rather
 than putting "(optional)" in the parameter description
* Including a type and identifier with every parameter
* Fixing inconsistent spacing, except where it's used for alignment
* Remove incorrectly formatted `@deprecated` tags that reference non-
 existent properties
* Remove lone comment block without accompanying function

Additionally, one parameter was renamed for clarity.
2020-11-10 14:00:41 -03:30
Brad Decker
2ebf8756a4
[RFC] add prettier to eslint (#8595) 2020-11-02 17:41:28 -06:00
Mark Stacey
7d0a7ab301
Update @metamask/eslint-config to v4.1.0 (#9663)
`@metamask/eslint-config` has been updated to v4.1.0. This update
requires that we update `eslint` to v7 as well, which in turn requires
updating most `eslint`-related packages.

Most notably, `babel-eslint` was replaced with `@babel/eslint-parser`,
and `babel-eslint-plugin` was replaced by `@babel/eslint-plugin`. This
required renaming all the `babel/*` rules to `@babel/*`.

Most new or updated rules that resulted in lint errors have been
temporarily disabled. They will be fixed and re-enabled in subsequent
PRs.
2020-10-21 14:01:03 -02:30
Whymarrh Whitby
b6ccd22d6c
Update ESLint shared config to v3 (#9274)
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-08-19 13:57:05 -02:30
Whymarrh Whitby
c11888f287
Fix no-empty-function issues (#9216)
See [`no-empty-function`](https://eslint.org/docs/rules/no-empty-function) for more information.

This change enables `no-empty-function` and fixes the issues raised by the rule.
2020-08-14 09:17:02 -02:30
Whymarrh Whitby
a8863a3446
Fix consistent-return issues (#9192)
See [`consistent-return`](https://eslint.org/docs/rules/consistent-return) for more information.

This change enables `consistent-return` and fixes the issues raised by the rule.
2020-08-12 16:36:57 -02:30
Whymarrh Whitby
885125ad03
Fix no-case-declarations issues (#9191)
See [`no-case-declarations`](https://eslint.org/docs/rules/no-case-declarations) for more information.

This change enables `no-case-declarations` and fixes the issues raised by the rule.
2020-08-12 14:11:27 -02:30
Erik Marks
e5cb63eea2
Add web3 usage metrics, prepare for web3 removal (#9144)
* add web3 usage metrics

* move web3 metrics method to new middleware

* rename some methods, files, and exports
2020-08-07 12:28:23 -07:00
Whymarrh Whitby
e0cc84bbfa
Use async/await for getRestrictedMethods (#9099) 2020-07-29 19:50:20 -02:30
Whymarrh Whitby
68a64af5b3
Fix callback-return issues (#8996)
See [`callback-return`](https://eslint.org/docs/rules/callback-return) for more information.

This change enables `callback-return` and fixes the resulting issues.
2020-07-17 20:19:52 -02:30
Mark Stacey
01301087ea
Fix web3_clientVersion method (#8998)
This method was accidentally broken with the introduction of the
permissions controller, as this was missing from the list of safe
methods.

It is now included in the list of safe methods.

Fixes #8993
2020-07-15 15:34:10 -03:00
Whymarrh Whitby
4f0a205369
Use eslint@6.8.0 (#8978)
* Use eslint@6.8.0
* yarn lint:fix
2020-07-14 12:50:41 -02:30
Erik Marks
8bc02d4b5e
rpc-cap@3.0.0 (#8924)
* rpc-cap@3.0.0

* adapt use of rpc-cap for new major version
2020-07-05 12:49:22 -07:00
Erik Marks
04de9a92c5
Fix signing method bugs (#8833)
* update signTypedData validation

* update tests for new eth-json-rpc-middleware

* remove lowercasing of tx 'from' addresses
2020-06-23 09:12:11 -07:00
Mark Stacey
6ca18c3573
Fix handling of permissions of removed accounts (#8803)
Imported accounts can be removed, but the permissions controller is not
informed when this happens. Permissions are now removed as part of the
account removal process.

Additionally, the `getPermittedIdentitiesForCurrentTab` selector now
filters out any non-existent accounts, in case a render occurs in the
middle of an account removal.

This was resulting in a render crash upon opening the popup on a site
that was connected to the removed account.
2020-06-15 10:27:27 -03:00
Erik Marks
a84eedb7da
Permissions: Do not display HTTP/HTTPS URL schemes for unique hosts (#8768)
* only show URL.host in connected-accounts component

* strip scheme from URL for unique hosts

Co-authored-by: Mark Stacey <markjstacey@gmail.com>
2020-06-09 13:56:24 -07:00
Erik Marks
c8a995dd9b
Send accountsChanged notification for wallet_requestPermissions (#8742)
* emit accountsChanged for eth_accounts via wallet_requestPermissions

* add/update tests
2020-06-04 12:15:52 -07:00
Whymarrh Whitby
a75dcae9bb
Merge branch 'develop' into manual-connect 2020-05-28 07:20:26 -02:30
Brad Decker
34fb525ce5
Limit Dapp permissions to primary account (#8653) 2020-05-27 22:35:09 -05:00
Whymarrh Whitby
5b1608681c Manually connect via the full connect flow 2020-05-27 21:45:41 -02:30
Whymarrh Whitby
4802ed1df5
Localize permission descriptions (#8661) 2020-05-27 18:15:10 -02:30
Erik Marks
e0b31aa6a4
Restrict the size of the permissions metadata store (#8596)
* refactor add metadata functionality

* create pending site metadata cache

* remove metadata for domains w/o permissions if cache exceeds max size
2020-05-26 14:06:15 -07:00
Erik Marks
79d9209473
Open notification UI when eth_requestAccounts waits for unlock (#8508) 2020-05-05 07:03:21 -07:00
Dan J Miller
fda4c94670
Design improvements for the Connect flow (#8494)
* Design improvements for the Connect flow

* Make new-account-modal close a button

* Update e2e tests for auto select account on connect flow
2020-05-04 18:10:09 -02:30
Erik Marks
a2a51e78d1
Add PermissionsController.removePermittedAccount (#8354)
* add PermissionsController.removePermittedAccount and corresponding UI action

* remove eth_accounts permission on removing last account
2020-04-20 11:34:56 -07:00
Mark Stacey
15616a33ca
Add 'addPermittedAccount' method to permissions controller (#8344)
This method adds the given account to the given origin's list of
exposed accounts. This method is not yet used, but it will be in
subsequent PRs (e.g. #8312)

This method has been added to the background API, and a wrapper action
creator has been written as well.
2020-04-16 19:23:36 -03:00
Mark Stacey
c26d272649
Synchronously validate accounts (#8343)
Now that identities are available synchronously in the permissions
controller, accounts can be validated synchronously as well. Any
account the user wants to give permissions to should already be tracked
as an identity in the preferences controller.
2020-04-16 15:58:36 -03:00
Mark Stacey
63633635ab
Fix order of accounts in eth_accounts response (#8342)
* Fix order of accounts in `eth_accounts` response

The accounts returned by `eth_accounts` were in a fixed order - the
order in which the keyring returned them - rather than ordered with the
selected account first. The accounts returned by the `accountsChanged`
event were ordered with the selected account first, but the same order
wasn't used for `eth_accounts`.

We needed to store additional state in order to determine the correct
account order correctly on all dapps. We had only been storing the
current selected account, but since we also need to determine the
primary account per dapp (i.e. the last "selected" account among the
accounts exposed to that dapp), that wasn't enough.

A `lastSelected` property has been added to each identity in the
preferences controller to keep track of the last selected time. This
property is set to the current time (in milliseconds) whenever a new
selection is made. The accounts returned with `accountsChanged` and by
`eth_accounts` are both ordered by this property.

The `updatePermittedAccounts` function was merged with the internal
methods for responding to account selection, to keep things simpler. It
wasn't called externally anyway, so it wasn't needed in the public API.

* Remove caveat update upon change in selected account

The order of accounts in the caveat isn't meaningful, so the caveat
doesn't need to be updated when the accounts get re-ordered.

* Emit event regardless of account order

Now that we're no longer relying upon the caveat for the account order,
we also have no way of knowing if a particular account selection
resulted in a change in order or not. The notification is now emitted
whenever an exposed account is selected - even if the order stayed the
same.

The inpage provider currently caches the account order, so it can be
relied upon to ignore these redundant events. We were already emiting
redundant `accountsChanged` events in some cases anyway.
2020-04-16 15:20:01 -03:00
Mark Stacey
b2882aa778
Handle account selection on all domains that can view the selection (#8341)
Selecting a new account now results in all domains that can view this
change being notified. Previously only the dapp in the active tab was
being notified (though not correctly, as the `origin` was accidentally
set to the MetaMask chrome extension origin).

This handling of account selection has been moved into the background
to minimize the gap between account selection and the notification
being sent out. It's simpler for the UI to not be involved anyway.
2020-04-16 13:16:53 -03:00
Dan J Miller
d1e078b8de
Connect flow via popup (#8269)
* Connect screen popup redesign

* Open permission request in notification instead of tab

* Remove no longer user locales

* Update permissions unit test mock to accout for change of opts passed to permissions controller

* Lint fix

* Inline broken line svg in permission-page-container-content.component.js for faster loading

* Add back button to second screen on connect flow

* Add xOfY locale and use for the page count in the connect flow

* Lint fix for svgs permission-page-container-content.component.js

* Fix rebase error

* Lint fix

* Clean up styles on the connect-screen-into-popup branch

* Use closeCurrentWindow to close window on cancel when in full screen connect flow

* Handle errors in rejectPermissionsRequest

* Full screen styles for connect flow

* Lint fixed in permissions-connect and actions.js

* Redirect screen now shows metamask icon instead of users identicon

* Fix subtitle spacing in permissions-connect-header'

* Use window.close instead of closeCurrentWindow() in cancelPermissionsRequest

* Use permissions-connect-header__subtitle in permissions-connect-header.component
2020-04-07 16:08:15 -02:30
Erik Marks
6ba3b7e282
Add signTypedData_v4 to safe methods (#8265) 2020-03-31 16:54:16 -07:00
Erik Marks
2301d9980e
Wait for extension unlock before processing eth_requestAccounts (#8149)
* eth_requestAccounts: wait on unlock

return error on duplicate eth_requestAccounts
add getUnlockPromise mock to permissions unit tests

* only await unlock if already permitted

* add notification badge for wait on unlock

* fixup

* more fixup

* cleanup

* update keyring controller, us its unlock event

* move keyring update unlock logic to unlock event handler

* fix unit tests

* delete onUnlock handler

* fix eth-keyring-controller resolution

* update eth-keyring-controller
2020-03-23 09:25:55 -07:00