1
0
mirror of https://github.com/kremalicious/metamask-extension.git synced 2024-12-01 13:47:06 +01:00
metamask-extension/ui/helpers/utils/permission.js
Maarten Zuidhoorn 01a3a5d2c1
[FLASK] Bump Snaps packages (#20230)
* Bump Snaps packages

* Add endowment:lifecycle-hooks permission

* Run yarn lint:fix

* Fix unit test

* Update LavaMoat policies

---------

Co-authored-by: MetaMask Bot <metamaskbot@users.noreply.github.com>
2023-07-28 11:52:32 +02:00

543 lines
16 KiB
JavaScript

import deepFreeze from 'deep-freeze-strict';
import React from 'react';
///: BEGIN:ONLY_INCLUDE_IN(snaps)
import { getRpcCaveatOrigins } from '@metamask/snaps-controllers';
import { SnapCaveatType } from '@metamask/snaps-utils';
import { isNonEmptyArray } from '@metamask/controller-utils';
///: END:ONLY_INCLUDE_IN
import classnames from 'classnames';
import {
RestrictedMethods,
///: BEGIN:ONLY_INCLUDE_IN(snaps)
EndowmentPermissions,
///: END:ONLY_INCLUDE_IN
} from '../../../shared/constants/permissions';
import Tooltip from '../../components/ui/tooltip';
import {
AvatarIcon,
///: BEGIN:ONLY_INCLUDE_IN(snaps)
Icon,
Text,
///: END:ONLY_INCLUDE_IN
IconName,
IconSize,
} from '../../components/component-library';
///: BEGIN:ONLY_INCLUDE_IN(snaps)
import { Color, FontWeight, IconColor } from '../constants/design-system';
import {
coinTypeToProtocolName,
getSnapDerivationPathName,
getSnapName,
} from './util';
///: END:ONLY_INCLUDE_IN
const UNKNOWN_PERMISSION = Symbol('unknown');
///: BEGIN:ONLY_INCLUDE_IN(snaps)
const RIGHT_INFO_ICON = (
<Icon name={IconName.Info} size={IconSize.Sm} color={IconColor.iconMuted} />
);
///: END:ONLY_INCLUDE_IN
function getLeftIcon(iconName) {
return (
<AvatarIcon
iconName={iconName}
size={IconSize.Sm}
iconProps={{
size: IconSize.Xs,
}}
/>
);
}
export const PERMISSION_DESCRIPTIONS = deepFreeze({
[RestrictedMethods.eth_accounts]: ({ t }) => ({
label: t('permission_ethereumAccounts'),
leftIcon: getLeftIcon(IconName.Eye),
rightIcon: null,
weight: 2,
}),
///: BEGIN:ONLY_INCLUDE_IN(snaps)
[RestrictedMethods.snap_dialog]: ({ t }) => ({
label: t('permission_dialog'),
description: t('permission_dialogDescription'),
leftIcon: IconName.Messages,
weight: 3,
}),
[RestrictedMethods.snap_notify]: ({ t }) => ({
label: t('permission_notifications'),
description: t('permission_notificationsDescription'),
leftIcon: IconName.Notification,
weight: 3,
}),
[RestrictedMethods.snap_getBip32PublicKey]: ({
t,
permissionValue,
targetSubjectMetadata,
}) =>
permissionValue.caveats[0].value.map(({ path, curve }, i) => {
const baseDescription = {
leftIcon: IconName.SecuritySearch,
weight: 1,
id: `public-key-access-bip32-${path
.join('-')
?.replace(/'/gu, 'h')}-${curve}-${i}`,
message: t('snapInstallWarningPublicKeyAccess', [
<Text
key="1"
color={Color.primaryDefault}
fontWeight={FontWeight.Medium}
as="span"
>
{getSnapName(targetSubjectMetadata?.origin, targetSubjectMetadata)}
</Text>,
<Text as="span" key="2" fontWeight={FontWeight.Medium}>
{getSnapDerivationPathName(path, curve) ??
`${path.join('/')} (${curve})`}
</Text>,
]),
};
const friendlyName = getSnapDerivationPathName(path, curve);
if (friendlyName) {
return {
...baseDescription,
label: t('permission_viewNamedBip32PublicKeys', [
<span className="permission-label-item" key={path.join('/')}>
{friendlyName}
</span>,
path.join('/'),
]),
description: t('permission_viewBip32PublicKeysDescription', [
<span
className="tooltip-label-item"
key={`description-${path.join('/')}`}
>
{friendlyName}
</span>,
path.join('/'),
]),
};
}
return {
...baseDescription,
label: t('permission_viewBip32PublicKeys', [
<span className="permission-label-item" key={path.join('/')}>
{path.join('/')}
</span>,
curve,
]),
description: t('permission_viewBip32PublicKeysDescription', [
<span
className="tooltip-label-item"
key={`description-${path.join('/')}`}
>
{path.join('/')}
</span>,
path.join('/'),
]),
};
}),
[RestrictedMethods.snap_getBip32Entropy]: ({
t,
permissionValue,
targetSubjectMetadata,
}) =>
permissionValue.caveats[0].value.map(({ path, curve }, i) => {
const baseDescription = {
leftIcon: IconName.Key,
weight: 1,
id: `key-access-bip32-${path
.join('-')
?.replace(/'/gu, 'h')}-${curve}-${i}`,
message: t('snapInstallWarningKeyAccess', [
<Text
key="1"
color={Color.primaryDefault}
fontWeight={FontWeight.Medium}
as="span"
>
{getSnapName(targetSubjectMetadata?.origin, targetSubjectMetadata)}
</Text>,
<Text as="span" key="2" fontWeight={FontWeight.Medium}>
{getSnapDerivationPathName(path, curve) ??
`${path.join('/')} (${curve})`}
</Text>,
]),
};
const friendlyName = getSnapDerivationPathName(path, curve);
if (friendlyName) {
return {
...baseDescription,
label: t('permission_manageNamedBip32Keys', [
<span className="permission-label-item" key={path.join('/')}>
{friendlyName}
</span>,
path.join('/'),
]),
description: t('permission_manageBip32KeysDescription', [
<span
className="tooltip-label-item"
key={`description-${path.join('/')}`}
>
{friendlyName}
</span>,
curve,
]),
};
}
return {
...baseDescription,
label: t('permission_manageBip32Keys', [
<span className="permission-label-item" key={path.join('/')}>
{path.join('/')}
</span>,
curve,
]),
description: t('permission_manageBip32KeysDescription', [
<span
className="tooltip-label-item"
key={`description-${path.join('/')}`}
>
{path.join('/')}
</span>,
curve,
]),
};
}),
[RestrictedMethods.snap_getBip44Entropy]: ({
t,
permissionValue,
targetSubjectMetadata,
}) =>
permissionValue.caveats[0].value.map(({ coinType }, i) => ({
label: t('permission_manageBip44Keys', [
<span className="permission-label-item" key={`coin-type-${coinType}`}>
{coinTypeToProtocolName(coinType) ||
t('unrecognizedProtocol', [coinType])}
</span>,
]),
description: t('permission_manageBip44KeysDescription', [
<span
className="tooltip-label-item"
key={`description-coin-type-${coinType}`}
>
{coinTypeToProtocolName(coinType) ||
t('unrecognizedProtocol', [coinType])}
</span>,
]),
leftIcon: IconName.Key,
weight: 1,
id: `key-access-bip44-${coinType}-${i}`,
message: t('snapInstallWarningKeyAccess', [
<Text
key="1"
color={Color.primaryDefault}
fontWeight={FontWeight.Medium}
as="span"
>
{getSnapName(targetSubjectMetadata?.origin, targetSubjectMetadata)}
</Text>,
<Text as="span" key="2" fontWeight={FontWeight.Medium}>
{coinTypeToProtocolName(coinType) ||
t('unrecognizedProtocol', [coinType])}
</Text>,
]),
})),
[RestrictedMethods.snap_getEntropy]: ({ t }) => ({
label: t('permission_getEntropy'),
description: t('permission_getEntropyDescription'),
leftIcon: IconName.SecurityKey,
weight: 3,
}),
[RestrictedMethods.snap_manageState]: ({ t }) => ({
label: t('permission_manageState'),
description: t('permission_manageStateDescription'),
leftIcon: IconName.AddSquare,
weight: 3,
}),
[RestrictedMethods.wallet_snap]: ({
t,
permissionValue,
targetSubjectMetadata,
}) => {
const snaps = permissionValue.caveats[0].value;
const baseDescription = {
leftIcon: getLeftIcon(IconName.Flash),
rightIcon: RIGHT_INFO_ICON,
};
return Object.keys(snaps).map((snapId) => {
const friendlyName = getSnapName(snapId, targetSubjectMetadata);
if (friendlyName) {
return {
...baseDescription,
label: t('permission_accessNamedSnap', [
<span className="permission-label-item" key={snapId}>
{friendlyName}
</span>,
]),
description: t('permission_accessSnapDescription', [friendlyName]),
};
}
return {
...baseDescription,
label: t('permission_accessSnap', [snapId]),
description: t('permission_accessSnapDescription', [snapId]),
};
});
},
[EndowmentPermissions['endowment:network-access']]: ({ t }) => ({
label: t('permission_accessNetwork'),
description: t('permission_accessNetworkDescription'),
leftIcon: IconName.Global,
weight: 2,
}),
[EndowmentPermissions['endowment:webassembly']]: ({ t }) => ({
label: t('permission_webAssembly'),
description: t('permission_webAssemblyDescription'),
leftIcon: IconName.DocumentCode,
rightIcon: null,
weight: 2,
}),
[EndowmentPermissions['endowment:long-running']]: ({ t }) => ({
label: t('permission_longRunning'),
description: t('permission_longRunningDescription'),
leftIcon: IconName.Link,
weight: 3,
}),
[EndowmentPermissions['endowment:transaction-insight']]: ({
t,
permissionValue,
}) => {
const baseDescription = {
leftIcon: IconName.Speedometer,
weight: 3,
};
const result = [
{
...baseDescription,
label: t('permission_transactionInsight'),
description: t('permission_transactionInsightDescription'),
},
];
if (
isNonEmptyArray(permissionValue.caveats) &&
permissionValue.caveats[0].type === SnapCaveatType.TransactionOrigin &&
permissionValue.caveats[0].value
) {
result.push({
...baseDescription,
label: t('permission_transactionInsightOrigin'),
description: t('permission_transactionInsightOriginDescription'),
leftIcon: IconName.Explore,
});
}
return result;
},
[EndowmentPermissions['endowment:cronjob']]: ({ t }) => ({
label: t('permission_cronjob'),
description: t('permission_cronjobDescription'),
leftIcon: IconName.Clock,
weight: 2,
}),
[EndowmentPermissions['endowment:ethereum-provider']]: ({
t,
targetSubjectMetadata,
}) => ({
label: t('permission_ethereumProvider'),
description: t('permission_ethereumProviderDescription'),
leftIcon: IconName.Ethereum,
weight: 2,
id: 'ethereum-provider-access',
message: t('ethereumProviderAccess', [targetSubjectMetadata?.origin]),
}),
[EndowmentPermissions['endowment:rpc']]: ({ t, permissionValue }) => {
const baseDescription = {
leftIcon: IconName.Hierarchy,
weight: 2,
};
const { snaps, dapps } = getRpcCaveatOrigins(permissionValue);
const results = [];
if (snaps) {
results.push({
...baseDescription,
label: t('permission_rpc', [t('otherSnaps')]),
description: t('permission_rpcDescription', [t('otherSnaps')]),
});
}
if (dapps) {
results.push({
...baseDescription,
label: t('permission_rpc', [t('websites')]),
description: t('permission_rpcDescription', [t('websites')]),
});
}
return results;
},
[EndowmentPermissions['endowment:lifecycle-hooks']]: ({ t }) => ({
label: t('permission_lifecycleHooks'),
description: t('permission_lifecycleHooksDescription'),
leftIcon: IconName.Hierarchy,
weight: 3,
}),
///: END:ONLY_INCLUDE_IN
///: BEGIN:ONLY_INCLUDE_IN(keyring-snaps)
[RestrictedMethods.snap_manageAccounts]: ({ t }) => ({
label: t('permission_manageAccounts'),
leftIcon: getLeftIcon(IconName.UserCircleAdd),
rightIcon: null,
weight: 3,
}),
///: END:ONLY_INCLUDE_IN
[UNKNOWN_PERMISSION]: ({ t, permissionName }) => ({
label: t('permission_unknown', [permissionName ?? 'undefined']),
leftIcon: getLeftIcon(IconName.Question),
rightIcon: null,
weight: 4,
}),
});
/**
* @typedef {object} PermissionLabelObject
* @property {string} label - The text label.
* @property {string} [description] - An optional description, shown when the
* `rightIcon` is hovered.
* @property {string} leftIcon - The left icon.
* @property {string} rightIcon - The right icon.
* @property {number} weight - The weight of the permission.
* @property {string} permissionName - The name of the permission.
* @property {string} permissionValue - The raw value of the permission.
*/
/**
* @typedef {object} PermissionDescriptionParamsObject
* @property {Function} t - The translation function.
* @property {string} permissionName - The name of the permission.
* @property {object} permissionValue - The permission object.
* @property {object} targetSubjectMetadata - Subject metadata.
*/
/**
* @param {PermissionDescriptionParamsObject} params - The permission description params object.
* @param {Function} params.t - The translation function.
* @param {string} params.permissionName - The name of the permission to request
* @param {object} params.permissionValue - The value of the permission to request
* @returns {PermissionLabelObject[]}
*/
export const getPermissionDescription = ({
t,
permissionName,
permissionValue,
targetSubjectMetadata,
}) => {
let value = PERMISSION_DESCRIPTIONS[UNKNOWN_PERMISSION];
if (Object.hasOwnProperty.call(PERMISSION_DESCRIPTIONS, permissionName)) {
value = PERMISSION_DESCRIPTIONS[permissionName];
}
const result = value({
t,
permissionName,
permissionValue,
targetSubjectMetadata,
});
if (!Array.isArray(result)) {
return [{ ...result, permissionName, permissionValue }];
}
return result.map((item) => ({
...item,
permissionName,
permissionValue,
}));
};
/**
* Get the weighted permissions from a permissions object. The weight is used to
* sort the permissions in the UI.
*
* @param {Function} t - The translation function
* @param {object} permissions - The permissions object.
* @param {object} targetSubjectMetadata - The subject metadata.
* @returns {PermissionLabelObject[]}
*/
export function getWeightedPermissions(t, permissions, targetSubjectMetadata) {
return Object.entries(permissions)
.reduce(
(target, [permissionName, permissionValue]) =>
target.concat(
getPermissionDescription({
t,
permissionName,
permissionValue,
targetSubjectMetadata,
}),
),
[],
)
.sort((left, right) => left.weight - right.weight);
}
/**
* Get the right icon for a permission. If a description is provided, the icon
* will be wrapped in a tooltip. Otherwise, the icon will be rendered as-is. If
* there's no right icon, this function will return null.
*
* If the weight is 1, the icon will be rendered with a warning color.
*
* @param {PermissionLabelObject} permission - The permission object.
* @param {JSX.Element | string} permission.rightIcon - The right icon.
* @param {string} permission.description - The description.
* @param {number} permission.weight - The weight.
* @returns {JSX.Element | null} The right icon, or null if there's no
* right icon.
*/
export function getRightIcon({ rightIcon, description, weight }) {
if (rightIcon && description) {
return (
<Tooltip
wrapperClassName={classnames(
'permission__tooltip-icon',
weight === 1 && 'permission__tooltip-icon__warning',
)}
html={<div>{description}</div>}
position="bottom"
>
{typeof rightIcon === 'string' ? (
<i className={rightIcon} />
) : (
rightIcon
)}
</Tooltip>
);
}
if (rightIcon) {
if (typeof rightIcon === 'string') {
return (
<i className={classnames(rightIcon, 'permission__tooltip-icon')} />
);
}
return rightIcon;
}
return null;
}