@metamask/permission-controller 10.0.0 → 10.0.1
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/CHANGELOG.md +12 -1
- package/dist/Caveat.js +3 -3
- package/dist/Caveat.mjs +2 -2
- package/dist/PermissionController.js +6 -6
- package/dist/PermissionController.mjs +5 -5
- package/dist/SubjectMetadataController.js +2 -2
- package/dist/SubjectMetadataController.mjs +1 -1
- package/dist/{chunk-3X6WO7UG.js → chunk-4YXP3WEE.js} +1 -1
- package/dist/{chunk-3X6WO7UG.js.map → chunk-4YXP3WEE.js.map} +1 -1
- package/dist/{chunk-RXC2KFRK.mjs → chunk-5NYMBY4A.mjs} +2 -2
- package/dist/{chunk-GHOOCGN3.js → chunk-6UCIDD5V.js} +4 -4
- package/dist/{chunk-RJKSCKTD.mjs → chunk-6V5UTS24.mjs} +2 -2
- package/dist/{chunk-4B6NOD2D.mjs → chunk-7WEYLBME.mjs} +7 -5
- package/dist/chunk-7WEYLBME.mjs.map +1 -0
- package/dist/{chunk-DV74ZDGD.js → chunk-AQ46ICF5.js} +5 -5
- package/dist/{chunk-RKDXFKNN.js → chunk-D7PWCWCC.js} +4 -4
- package/dist/{chunk-Y6GRGXOL.mjs → chunk-FVYYHAVF.mjs} +2 -2
- package/dist/{chunk-XM622CMP.js → chunk-HZPWUOQB.js} +3 -3
- package/dist/{chunk-C73QV75D.js → chunk-IPKS33XA.js} +5 -1
- package/dist/chunk-IPKS33XA.js.map +1 -0
- package/dist/{chunk-VM4LI55W.js → chunk-M5GM7UFU.js} +3 -3
- package/dist/{chunk-TBOKQ5NP.mjs → chunk-NOB77ENO.mjs} +3 -3
- package/dist/{chunk-I3DJ23QH.js → chunk-R56CBYD3.js} +61 -59
- package/dist/chunk-R56CBYD3.js.map +1 -0
- package/dist/{chunk-DUZPZORW.mjs → chunk-SKKQZ5E6.mjs} +2 -2
- package/dist/{chunk-W4CPVA4J.mjs → chunk-SPOFDHOW.mjs} +5 -1
- package/dist/chunk-SPOFDHOW.mjs.map +1 -0
- package/dist/{chunk-PTE4672I.js → chunk-TAK6LXU6.js} +1 -1
- package/dist/chunk-TAK6LXU6.js.map +1 -0
- package/dist/{chunk-AZUM6CBY.mjs → chunk-VHHS2FJX.mjs} +1 -1
- package/dist/chunk-VHHS2FJX.mjs.map +1 -0
- package/dist/{chunk-3R56AY2L.mjs → chunk-ZTBBRCDR.mjs} +1 -1
- package/dist/chunk-ZTBBRCDR.mjs.map +1 -0
- package/dist/errors.js +2 -2
- package/dist/errors.mjs +1 -1
- package/dist/index.js +10 -10
- package/dist/index.mjs +9 -9
- package/dist/permission-middleware.js +3 -3
- package/dist/permission-middleware.mjs +2 -2
- package/dist/rpc-methods/getPermissions.js +1 -1
- package/dist/rpc-methods/getPermissions.mjs +1 -1
- package/dist/rpc-methods/index.js +6 -6
- package/dist/rpc-methods/index.mjs +5 -5
- package/dist/rpc-methods/requestPermissions.js +4 -4
- package/dist/rpc-methods/requestPermissions.mjs +3 -3
- package/dist/rpc-methods/revokePermissions.js +4 -4
- package/dist/rpc-methods/revokePermissions.mjs +3 -3
- package/dist/tsconfig.build.tsbuildinfo +1 -1
- package/dist/types/PermissionController.d.ts.map +1 -1
- package/dist/types/SubjectMetadataController.d.ts.map +1 -1
- package/dist/types/errors.d.ts.map +1 -1
- package/dist/types/utils.d.ts.map +1 -1
- package/dist/utils.js +2 -2
- package/dist/utils.mjs +1 -1
- package/package.json +7 -7
- package/dist/chunk-3R56AY2L.mjs.map +0 -1
- package/dist/chunk-4B6NOD2D.mjs.map +0 -1
- package/dist/chunk-AZUM6CBY.mjs.map +0 -1
- package/dist/chunk-C73QV75D.js.map +0 -1
- package/dist/chunk-I3DJ23QH.js.map +0 -1
- package/dist/chunk-PTE4672I.js.map +0 -1
- package/dist/chunk-W4CPVA4J.mjs.map +0 -1
- /package/dist/{chunk-RXC2KFRK.mjs.map → chunk-5NYMBY4A.mjs.map} +0 -0
- /package/dist/{chunk-GHOOCGN3.js.map → chunk-6UCIDD5V.js.map} +0 -0
- /package/dist/{chunk-RJKSCKTD.mjs.map → chunk-6V5UTS24.mjs.map} +0 -0
- /package/dist/{chunk-DV74ZDGD.js.map → chunk-AQ46ICF5.js.map} +0 -0
- /package/dist/{chunk-RKDXFKNN.js.map → chunk-D7PWCWCC.js.map} +0 -0
- /package/dist/{chunk-Y6GRGXOL.mjs.map → chunk-FVYYHAVF.mjs.map} +0 -0
- /package/dist/{chunk-XM622CMP.js.map → chunk-HZPWUOQB.js.map} +0 -0
- /package/dist/{chunk-VM4LI55W.js.map → chunk-M5GM7UFU.js.map} +0 -0
- /package/dist/{chunk-TBOKQ5NP.mjs.map → chunk-NOB77ENO.mjs.map} +0 -0
- /package/dist/{chunk-DUZPZORW.mjs.map → chunk-SKKQZ5E6.mjs.map} +0 -0
|
@@ -3,10 +3,10 @@
|
|
|
3
3
|
var _chunkHRDKMOYSjs = require('./chunk-HRDKMOYS.js');
|
|
4
4
|
|
|
5
5
|
|
|
6
|
-
var
|
|
6
|
+
var _chunkHZPWUOQBjs = require('./chunk-HZPWUOQB.js');
|
|
7
7
|
|
|
8
8
|
|
|
9
|
-
var
|
|
9
|
+
var _chunk6UCIDD5Vjs = require('./chunk-6UCIDD5V.js');
|
|
10
10
|
|
|
11
11
|
|
|
12
12
|
var _chunkZ2XKIXLSjs = require('./chunk-Z2XKIXLS.js');
|
|
@@ -17,13 +17,13 @@ _chunkZ2XKIXLSjs.__export.call(void 0, rpc_methods_exports, {
|
|
|
17
17
|
handlers: () => handlers
|
|
18
18
|
});
|
|
19
19
|
var handlers = [
|
|
20
|
-
|
|
20
|
+
_chunkHZPWUOQBjs.requestPermissionsHandler,
|
|
21
21
|
_chunkHRDKMOYSjs.getPermissionsHandler,
|
|
22
|
-
|
|
22
|
+
_chunk6UCIDD5Vjs.revokePermissionsHandler
|
|
23
23
|
];
|
|
24
24
|
|
|
25
25
|
|
|
26
26
|
|
|
27
27
|
|
|
28
28
|
exports.handlers = handlers; exports.rpc_methods_exports = rpc_methods_exports;
|
|
29
|
-
//# sourceMappingURL=chunk-
|
|
29
|
+
//# sourceMappingURL=chunk-AQ46ICF5.js.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true});
|
|
2
2
|
|
|
3
3
|
|
|
4
|
-
var
|
|
4
|
+
var _chunk4YXP3WEEjs = require('./chunk-4YXP3WEE.js');
|
|
5
5
|
|
|
6
6
|
// src/Caveat.ts
|
|
7
7
|
var _utils = require('@metamask/utils');
|
|
@@ -17,10 +17,10 @@ function decorateWithCaveats(methodImplementation, permission, caveatSpecificati
|
|
|
17
17
|
for (const caveat of caveats) {
|
|
18
18
|
const specification = caveatSpecifications[caveat.type];
|
|
19
19
|
if (!specification) {
|
|
20
|
-
throw new (0,
|
|
20
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedCaveatTypeError)(caveat.type);
|
|
21
21
|
}
|
|
22
22
|
if (!isRestrictedMethodCaveatSpecification(specification)) {
|
|
23
|
-
throw new (0,
|
|
23
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatSpecificationMismatchError)(
|
|
24
24
|
specification,
|
|
25
25
|
"RestrictedMethod" /* RestrictedMethod */
|
|
26
26
|
);
|
|
@@ -34,4 +34,4 @@ function decorateWithCaveats(methodImplementation, permission, caveatSpecificati
|
|
|
34
34
|
|
|
35
35
|
|
|
36
36
|
exports.isRestrictedMethodCaveatSpecification = isRestrictedMethodCaveatSpecification; exports.decorateWithCaveats = decorateWithCaveats;
|
|
37
|
-
//# sourceMappingURL=chunk-
|
|
37
|
+
//# sourceMappingURL=chunk-D7PWCWCC.js.map
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
import {
|
|
2
2
|
invalidParams
|
|
3
|
-
} from "./chunk-
|
|
3
|
+
} from "./chunk-VHHS2FJX.mjs";
|
|
4
4
|
|
|
5
5
|
// src/rpc-methods/revokePermissions.ts
|
|
6
6
|
import {
|
|
@@ -31,4 +31,4 @@ async function revokePermissionsImplementation(req, res, _next, end, { revokePer
|
|
|
31
31
|
export {
|
|
32
32
|
revokePermissionsHandler
|
|
33
33
|
};
|
|
34
|
-
//# sourceMappingURL=chunk-
|
|
34
|
+
//# sourceMappingURL=chunk-FVYYHAVF.mjs.map
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true});
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _chunk4YXP3WEEjs = require('./chunk-4YXP3WEE.js');
|
|
4
4
|
|
|
5
5
|
// src/rpc-methods/requestPermissions.ts
|
|
6
6
|
var _controllerutils = require('@metamask/controller-utils');
|
|
@@ -14,7 +14,7 @@ var requestPermissionsHandler = {
|
|
|
14
14
|
async function requestPermissionsImplementation(req, res, _next, end, { requestPermissionsForOrigin }) {
|
|
15
15
|
const { params } = req;
|
|
16
16
|
if (!Array.isArray(params) || !_controllerutils.isPlainObject.call(void 0, params[0])) {
|
|
17
|
-
return end(
|
|
17
|
+
return end(_chunk4YXP3WEEjs.invalidParams.call(void 0, { data: { request: req } }));
|
|
18
18
|
}
|
|
19
19
|
const [requestedPermissions] = params;
|
|
20
20
|
const [grantedPermissions] = await requestPermissionsForOrigin(
|
|
@@ -27,4 +27,4 @@ async function requestPermissionsImplementation(req, res, _next, end, { requestP
|
|
|
27
27
|
|
|
28
28
|
|
|
29
29
|
exports.requestPermissionsHandler = requestPermissionsHandler;
|
|
30
|
-
//# sourceMappingURL=chunk-
|
|
30
|
+
//# sourceMappingURL=chunk-HZPWUOQB.js.map
|
|
@@ -41,10 +41,14 @@ var SubjectMetadataController = class _SubjectMetadataController extends _baseco
|
|
|
41
41
|
this.subjectCacheLimit = subjectCacheLimit;
|
|
42
42
|
this.subjectsWithoutPermissionsEncounteredSinceStartup = /* @__PURE__ */ new Set();
|
|
43
43
|
this.messagingSystem.registerActionHandler(
|
|
44
|
+
// TODO: Either fix this lint violation or explain why it's necessary to ignore.
|
|
45
|
+
// eslint-disable-next-line @typescript-eslint/restrict-template-expressions
|
|
44
46
|
`${this.name}:getSubjectMetadata`,
|
|
45
47
|
this.getSubjectMetadata.bind(this)
|
|
46
48
|
);
|
|
47
49
|
this.messagingSystem.registerActionHandler(
|
|
50
|
+
// TODO: Either fix this lint violation or explain why it's necessary to ignore.
|
|
51
|
+
// eslint-disable-next-line @typescript-eslint/restrict-template-expressions
|
|
48
52
|
`${this.name}:addSubjectMetadata`,
|
|
49
53
|
this.addSubjectMetadata.bind(this)
|
|
50
54
|
);
|
|
@@ -148,4 +152,4 @@ var SubjectMetadataController = class _SubjectMetadataController extends _baseco
|
|
|
148
152
|
|
|
149
153
|
|
|
150
154
|
exports.SubjectType = SubjectType; exports.SubjectMetadataController = SubjectMetadataController;
|
|
151
|
-
//# sourceMappingURL=chunk-
|
|
155
|
+
//# sourceMappingURL=chunk-IPKS33XA.js.map
|
|
@@ -0,0 +1 @@
|
|
|
1
|
+
{"version":3,"sources":["../src/SubjectMetadataController.ts"],"names":["SubjectType"],"mappings":";AAKA,SAAS,sBAAsB;AAS/B,IAAM,iBAAiB;AAQhB,IAAK,cAAL,kBAAKA,iBAAL;AACL,EAAAA,aAAA,eAAY;AACZ,EAAAA,aAAA,cAAW;AACX,EAAAA,aAAA,aAAU;AACV,EAAAA,aAAA,aAAU;AACV,EAAAA,aAAA,UAAO;AALG,SAAAA;AAAA,GAAA;AA2BZ,IAAM,gBAAgB;AAAA,EACpB,iBAAiB,EAAE,SAAS,MAAM,WAAW,MAAM;AACrD;AAEA,IAAM,eAA+C;AAAA,EACnD,iBAAiB,CAAC;AACpB;AAiDO,IAAM,4BAAN,MAAM,mCAAkC,eAI7C;AAAA,EAOA,YAAY;AAAA,IACV;AAAA,IACA;AAAA,IACA,QAAQ,CAAC;AAAA,EACX,GAAqC;AACnC,QAAI,CAAC,OAAO,UAAU,iBAAiB,KAAK,oBAAoB,GAAG;AACjE,YAAM,IAAI;AAAA,QACR,4DAA4D,iBAAiB;AAAA,MAC/E;AAAA,IACF;AAEA,UAAM,iBAAiB,CAAC,WAAmB;AACzC,aAAO,UAAU,KAAK,uCAAuC,MAAM;AAAA,IACrE;AAEA,UAAM;AAAA,MACJ,MAAM;AAAA,MACN,UAAU;AAAA,MACV;AAAA,MACA,OAAO;AAAA,QACL,GAAG,2BAA0B,gBAAgB,OAAO,cAAc;AAAA,MACpE;AAAA,IACF,CAAC;AAED,SAAK,wBAAwB;AAC7B,SAAK,oBAAoB;AACzB,SAAK,oDAAoD,oBAAI,IAAI;AAEjE,SAAK,gBAAgB;AAAA;AAAA;AAAA,MAGnB,GAAG,KAAK,IAAI;AAAA,MACZ,KAAK,mBAAmB,KAAK,IAAI;AAAA,IACnC;AAEA,SAAK,gBAAgB;AAAA;AAAA;AAAA,MAGnB,GAAG,KAAK,IAAI;AAAA,MACZ,KAAK,mBAAmB,KAAK,IAAI;AAAA,IACnC;AAAA,EACF;AAAA;AAAA;AAAA;AAAA;AAAA,EAMA,aAAmB;AACjB,SAAK,kDAAkD,MAAM;AAC7D,SAAK,OAAO,CAAC,gBAAgB;AAC3B,aAAO,EAAE,GAAG,aAAa;AAAA,IAC3B,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAcA,mBAAmB,UAAsC;AACvD,UAAM,EAAE,OAAO,IAAI;AACnB,UAAM,cAA+B;AAAA,MACnC,GAAG;AAAA,MACH,aAAa,SAAS,eAAe;AAAA,MACrC,SAAS,SAAS,WAAW;AAAA,MAC7B,MAAM,SAAS,QAAQ;AAAA,MACvB,aAAa,SAAS,eAAe;AAAA,IACvC;AAEA,QAAI,iBAAgC;AAGpC,QACE,KAAK,kDAAkD,QACvD,KAAK,mBACL;AACA,YAAM,eACJ,KAAK,kDACF,OAAO,EACP,KAAK,EAAE;AAEZ,WAAK,kDAAkD;AAAA,QACrD;AAAA,MACF;AAEA,UAAI,CAAC,KAAK,sBAAsB,YAAY,GAAG;AAC7C,yBAAiB;AAAA,MACnB;AAAA,IACF;AAEA,SAAK,kDAAkD,IAAI,MAAM;AAEjE,SAAK,OAAO,CAAC,eAAe;AAC1B,iBAAW,gBAAgB,MAAM,IAAI;AACrC,UAAI,OAAO,mBAAmB,UAAU;AACtC,eAAO,WAAW,gBAAgB,cAAc;AAAA,MAClD;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAQA,mBAAmB,QAAoD;AACrE,WAAO,KAAK,MAAM,gBAAgB,MAAM;AAAA,EAC1C;AAAA;AAAA;AAAA;AAAA,EAKA,oBAA0B;AACxB,SAAK,OAAO,CAAC,eAAe;AAE1B,aAAO,2BAA0B;AAAA,QAC/B;AAAA,QACA,KAAK;AAAA,MACP;AAAA,IACF,CAAC;AAAA,EACH;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA;AAAA,EAeA,OAAe,gBACb,OACA,gBACgC;AAChC,UAAM,EAAE,kBAAkB,CAAC,EAAE,IAAI;AAEjC,WAAO;AAAA,MACL,iBAAiB,OAAO,KAAK,eAAe,EAAE,OAE5C,CAAC,oBAAoB,WAAW;AAChC,YAAI,eAAe,MAAM,GAAG;AAC1B,6BAAmB,MAAM,IAAI,gBAAgB,MAAM;AAAA,QACrD;AACA,eAAO;AAAA,MACT,GAAG,CAAC,CAAC;AAAA,IACP;AAAA,EACF;AACF","sourcesContent":["import type {\n ControllerGetStateAction,\n ControllerStateChangeEvent,\n RestrictedControllerMessenger,\n} from '@metamask/base-controller';\nimport { BaseController } from '@metamask/base-controller';\nimport type { Json } from '@metamask/utils';\n\nimport type {\n GenericPermissionController,\n HasPermissions,\n PermissionSubjectMetadata,\n} from './PermissionController';\n\nconst controllerName = 'SubjectMetadataController';\n\ntype SubjectOrigin = string;\n\n/**\n * The different kinds of subjects that MetaMask may interact with, including\n * third parties and itself (e.g., when the background communicated with the UI).\n */\nexport enum SubjectType {\n Extension = 'extension',\n Internal = 'internal',\n Unknown = 'unknown',\n Website = 'website',\n Snap = 'snap',\n}\n\nexport type SubjectMetadata = PermissionSubjectMetadata & {\n [key: string]: Json;\n name: string | null;\n subjectType: SubjectType | null;\n extensionId: string | null;\n iconUrl: string | null;\n};\n\ntype SubjectMetadataToAdd = PermissionSubjectMetadata & {\n name?: string | null;\n subjectType?: SubjectType | null;\n extensionId?: string | null;\n iconUrl?: string | null;\n} & Record<string, Json>;\n\nexport type SubjectMetadataControllerState = {\n subjectMetadata: Record<SubjectOrigin, SubjectMetadata>;\n};\n\nconst stateMetadata = {\n subjectMetadata: { persist: true, anonymous: false },\n};\n\nconst defaultState: SubjectMetadataControllerState = {\n subjectMetadata: {},\n};\n\nexport type GetSubjectMetadataState = ControllerGetStateAction<\n typeof controllerName,\n SubjectMetadataControllerState\n>;\n\nexport type GetSubjectMetadata = {\n type: `${typeof controllerName}:getSubjectMetadata`;\n handler: (origin: SubjectOrigin) => SubjectMetadata | undefined;\n};\n\nexport type AddSubjectMetadata = {\n type: `${typeof controllerName}:addSubjectMetadata`;\n handler: (metadata: SubjectMetadataToAdd) => void;\n};\n\nexport type SubjectMetadataControllerActions =\n | GetSubjectMetadataState\n | GetSubjectMetadata\n | AddSubjectMetadata;\n\nexport type SubjectMetadataStateChange = ControllerStateChangeEvent<\n typeof controllerName,\n SubjectMetadataControllerState\n>;\n\nexport type SubjectMetadataControllerEvents = SubjectMetadataStateChange;\n\ntype AllowedActions = HasPermissions;\n\nexport type SubjectMetadataControllerMessenger = RestrictedControllerMessenger<\n typeof controllerName,\n SubjectMetadataControllerActions | AllowedActions,\n SubjectMetadataControllerEvents,\n AllowedActions['type'],\n never\n>;\n\ntype SubjectMetadataControllerOptions = {\n messenger: SubjectMetadataControllerMessenger;\n subjectCacheLimit: number;\n state?: Partial<SubjectMetadataControllerState>;\n};\n\n/**\n * A controller for storing metadata associated with permission subjects. More\n * or less, a cache.\n */\nexport class SubjectMetadataController extends BaseController<\n typeof controllerName,\n SubjectMetadataControllerState,\n SubjectMetadataControllerMessenger\n> {\n private readonly subjectCacheLimit: number;\n\n private readonly subjectsWithoutPermissionsEncounteredSinceStartup: Set<string>;\n\n private readonly subjectHasPermissions: GenericPermissionController['hasPermissions'];\n\n constructor({\n messenger,\n subjectCacheLimit,\n state = {},\n }: SubjectMetadataControllerOptions) {\n if (!Number.isInteger(subjectCacheLimit) || subjectCacheLimit < 1) {\n throw new Error(\n `subjectCacheLimit must be a positive integer. Received: \"${subjectCacheLimit}\"`,\n );\n }\n\n const hasPermissions = (origin: string) => {\n return messenger.call('PermissionController:hasPermissions', origin);\n };\n\n super({\n name: controllerName,\n metadata: stateMetadata,\n messenger,\n state: {\n ...SubjectMetadataController.getTrimmedState(state, hasPermissions),\n },\n });\n\n this.subjectHasPermissions = hasPermissions;\n this.subjectCacheLimit = subjectCacheLimit;\n this.subjectsWithoutPermissionsEncounteredSinceStartup = new Set();\n\n this.messagingSystem.registerActionHandler(\n // TODO: Either fix this lint violation or explain why it's necessary to ignore.\n // eslint-disable-next-line @typescript-eslint/restrict-template-expressions\n `${this.name}:getSubjectMetadata`,\n this.getSubjectMetadata.bind(this),\n );\n\n this.messagingSystem.registerActionHandler(\n // TODO: Either fix this lint violation or explain why it's necessary to ignore.\n // eslint-disable-next-line @typescript-eslint/restrict-template-expressions\n `${this.name}:addSubjectMetadata`,\n this.addSubjectMetadata.bind(this),\n );\n }\n\n /**\n * Clears the state of this controller. Also resets the cache of subjects\n * encountered since startup, so as to not prematurely reach the cache limit.\n */\n clearState(): void {\n this.subjectsWithoutPermissionsEncounteredSinceStartup.clear();\n this.update((_draftState) => {\n return { ...defaultState };\n });\n }\n\n /**\n * Stores domain metadata for the given origin (subject). Deletes metadata for\n * subjects without permissions in a FIFO manner once more than\n * {@link SubjectMetadataController.subjectCacheLimit} distinct origins have\n * been added since boot.\n *\n * In order to prevent a degraded user experience,\n * metadata is never deleted for subjects with permissions, since metadata\n * cannot yet be requested on demand.\n *\n * @param metadata - The subject metadata to store.\n */\n addSubjectMetadata(metadata: SubjectMetadataToAdd): void {\n const { origin } = metadata;\n const newMetadata: SubjectMetadata = {\n ...metadata,\n extensionId: metadata.extensionId || null,\n iconUrl: metadata.iconUrl || null,\n name: metadata.name || null,\n subjectType: metadata.subjectType || null,\n };\n\n let originToForget: string | null = null;\n // We only delete the oldest encountered subject from the cache, again to\n // ensure that the user's experience isn't degraded by missing icons etc.\n if (\n this.subjectsWithoutPermissionsEncounteredSinceStartup.size >=\n this.subjectCacheLimit\n ) {\n const cachedOrigin =\n this.subjectsWithoutPermissionsEncounteredSinceStartup\n .values()\n .next().value;\n\n this.subjectsWithoutPermissionsEncounteredSinceStartup.delete(\n cachedOrigin,\n );\n\n if (!this.subjectHasPermissions(cachedOrigin)) {\n originToForget = cachedOrigin;\n }\n }\n\n this.subjectsWithoutPermissionsEncounteredSinceStartup.add(origin);\n\n this.update((draftState) => {\n draftState.subjectMetadata[origin] = newMetadata;\n if (typeof originToForget === 'string') {\n delete draftState.subjectMetadata[originToForget];\n }\n });\n }\n\n /**\n * Gets the subject metadata for the given origin, if any.\n *\n * @param origin - The origin for which to get the subject metadata.\n * @returns The subject metadata, if any, or `undefined` otherwise.\n */\n getSubjectMetadata(origin: SubjectOrigin): SubjectMetadata | undefined {\n return this.state.subjectMetadata[origin];\n }\n\n /**\n * Deletes all subjects without permissions from the controller's state.\n */\n trimMetadataState(): void {\n this.update((draftState) => {\n // @ts-expect-error ts(2589)\n return SubjectMetadataController.getTrimmedState(\n draftState,\n this.subjectHasPermissions,\n );\n });\n }\n\n /**\n * Returns a new state object that only includes subjects with permissions.\n * This method is static because we want to call it in the constructor, before\n * the controller's state is initialized.\n *\n * @param state - The state object to trim.\n * @param hasPermissions - A function that returns a boolean indicating\n * whether a particular subject (identified by its origin) has any\n * permissions.\n * @returns The new state object. If the specified `state` object has no\n * subject metadata, the returned object will be equivalent to the default\n * state of this controller.\n */\n private static getTrimmedState(\n state: Partial<SubjectMetadataControllerState>,\n hasPermissions: SubjectMetadataController['subjectHasPermissions'],\n ): SubjectMetadataControllerState {\n const { subjectMetadata = {} } = state;\n\n return {\n subjectMetadata: Object.keys(subjectMetadata).reduce<\n Record<SubjectOrigin, SubjectMetadata>\n >((newSubjectMetadata, origin) => {\n if (hasPermissions(origin)) {\n newSubjectMetadata[origin] = subjectMetadata[origin];\n }\n return newSubjectMetadata;\n }, {}),\n };\n }\n}\n"]}
|
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true});
|
|
2
2
|
|
|
3
|
-
var
|
|
3
|
+
var _chunk4YXP3WEEjs = require('./chunk-4YXP3WEE.js');
|
|
4
4
|
|
|
5
5
|
// src/permission-middleware.ts
|
|
6
6
|
var _jsonrpcengine = require('@metamask/json-rpc-engine');
|
|
@@ -27,7 +27,7 @@ function getPermissionMiddlewareFactory({
|
|
|
27
27
|
params
|
|
28
28
|
);
|
|
29
29
|
if (result === void 0) {
|
|
30
|
-
res.error =
|
|
30
|
+
res.error = _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
31
31
|
`Request for method "${req.method}" returned undefined result.`,
|
|
32
32
|
{ request: req }
|
|
33
33
|
);
|
|
@@ -43,4 +43,4 @@ function getPermissionMiddlewareFactory({
|
|
|
43
43
|
|
|
44
44
|
|
|
45
45
|
exports.getPermissionMiddlewareFactory = getPermissionMiddlewareFactory;
|
|
46
|
-
//# sourceMappingURL=chunk-
|
|
46
|
+
//# sourceMappingURL=chunk-M5GM7UFU.js.map
|
|
@@ -3,10 +3,10 @@ import {
|
|
|
3
3
|
} from "./chunk-73M67Z5X.mjs";
|
|
4
4
|
import {
|
|
5
5
|
requestPermissionsHandler
|
|
6
|
-
} from "./chunk-
|
|
6
|
+
} from "./chunk-SKKQZ5E6.mjs";
|
|
7
7
|
import {
|
|
8
8
|
revokePermissionsHandler
|
|
9
|
-
} from "./chunk-
|
|
9
|
+
} from "./chunk-FVYYHAVF.mjs";
|
|
10
10
|
import {
|
|
11
11
|
__export
|
|
12
12
|
} from "./chunk-2L4QPE5A.mjs";
|
|
@@ -26,4 +26,4 @@ export {
|
|
|
26
26
|
handlers,
|
|
27
27
|
rpc_methods_exports
|
|
28
28
|
};
|
|
29
|
-
//# sourceMappingURL=chunk-
|
|
29
|
+
//# sourceMappingURL=chunk-NOB77ENO.mjs.map
|
|
@@ -1,7 +1,7 @@
|
|
|
1
1
|
"use strict";Object.defineProperty(exports, "__esModule", {value: true}); function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
|
|
2
2
|
|
|
3
3
|
|
|
4
|
-
var
|
|
4
|
+
var _chunkD7PWCWCCjs = require('./chunk-D7PWCWCC.js');
|
|
5
5
|
|
|
6
6
|
|
|
7
7
|
|
|
@@ -10,7 +10,7 @@ var _chunkRKDXFKNNjs = require('./chunk-RKDXFKNN.js');
|
|
|
10
10
|
var _chunkZH4MLSXXjs = require('./chunk-ZH4MLSXX.js');
|
|
11
11
|
|
|
12
12
|
|
|
13
|
-
var
|
|
13
|
+
var _chunkM5GM7UFUjs = require('./chunk-M5GM7UFU.js');
|
|
14
14
|
|
|
15
15
|
|
|
16
16
|
|
|
@@ -38,10 +38,10 @@ var _chunkVM4LI55Wjs = require('./chunk-VM4LI55W.js');
|
|
|
38
38
|
|
|
39
39
|
|
|
40
40
|
|
|
41
|
-
var
|
|
41
|
+
var _chunk4YXP3WEEjs = require('./chunk-4YXP3WEE.js');
|
|
42
42
|
|
|
43
43
|
|
|
44
|
-
var
|
|
44
|
+
var _chunkTAK6LXU6js = require('./chunk-TAK6LXU6.js');
|
|
45
45
|
|
|
46
46
|
|
|
47
47
|
|
|
@@ -150,6 +150,8 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
150
150
|
* @param rightCaveat - The right-hand caveat to merge.
|
|
151
151
|
* @returns The merged caveat and the diff between the two caveats.
|
|
152
152
|
*/
|
|
153
|
+
// TODO: Either fix this lint violation or explain why it's necessary to ignore.
|
|
154
|
+
// eslint-disable-next-line @typescript-eslint/naming-convention
|
|
153
155
|
_chunkZ2XKIXLSjs.__privateAdd.call(void 0, this, _mergeCaveat);
|
|
154
156
|
/**
|
|
155
157
|
* Accepts a permissions request that has been approved by the user. This
|
|
@@ -175,7 +177,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
175
177
|
...permissionSpecifications
|
|
176
178
|
});
|
|
177
179
|
this.registerMessageHandlers();
|
|
178
|
-
this.createPermissionMiddleware =
|
|
180
|
+
this.createPermissionMiddleware = _chunkM5GM7UFUjs.getPermissionMiddlewareFactory.call(void 0, {
|
|
179
181
|
executeRestrictedMethod: this._executeRestrictedMethod.bind(this),
|
|
180
182
|
getRestrictedMethod: this.getRestrictedMethod.bind(this),
|
|
181
183
|
isUnrestrictedMethod: this.unrestrictedMethods.has.bind(
|
|
@@ -241,12 +243,12 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
241
243
|
if (allowedCaveats) {
|
|
242
244
|
allowedCaveats.forEach((caveatType) => {
|
|
243
245
|
if (!_utils.hasProperty.call(void 0, caveatSpecifications, caveatType)) {
|
|
244
|
-
throw new (0,
|
|
246
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedCaveatTypeError)(caveatType);
|
|
245
247
|
}
|
|
246
248
|
const specification = caveatSpecifications[caveatType];
|
|
247
|
-
const isRestrictedMethodCaveat =
|
|
249
|
+
const isRestrictedMethodCaveat = _chunkD7PWCWCCjs.isRestrictedMethodCaveatSpecification.call(void 0, specification);
|
|
248
250
|
if (permissionType === "RestrictedMethod" /* RestrictedMethod */ && !isRestrictedMethodCaveat || permissionType === "Endowment" /* Endowment */ && isRestrictedMethodCaveat) {
|
|
249
|
-
throw new (0,
|
|
251
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatSpecificationMismatchError)(
|
|
250
252
|
specification,
|
|
251
253
|
permissionType
|
|
252
254
|
);
|
|
@@ -350,10 +352,10 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
350
352
|
* target name.
|
|
351
353
|
*/
|
|
352
354
|
getTypedPermissionSpecification(permissionType, targetName, requestingOrigin) {
|
|
353
|
-
const failureError = permissionType === "RestrictedMethod" /* RestrictedMethod */ ?
|
|
355
|
+
const failureError = permissionType === "RestrictedMethod" /* RestrictedMethod */ ? _chunk4YXP3WEEjs.methodNotFound.call(void 0,
|
|
354
356
|
targetName,
|
|
355
357
|
requestingOrigin ? { origin: requestingOrigin } : void 0
|
|
356
|
-
) : new (0,
|
|
358
|
+
) : new (0, _chunk4YXP3WEEjs.EndowmentPermissionDoesNotExistError)(
|
|
357
359
|
targetName,
|
|
358
360
|
requestingOrigin
|
|
359
361
|
);
|
|
@@ -445,7 +447,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
445
447
|
revokeAllPermissions(origin) {
|
|
446
448
|
this.update((draftState) => {
|
|
447
449
|
if (!draftState.subjects[origin]) {
|
|
448
|
-
throw new (0,
|
|
450
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedSubjectError)(origin);
|
|
449
451
|
}
|
|
450
452
|
delete draftState.subjects[origin];
|
|
451
453
|
});
|
|
@@ -474,12 +476,12 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
474
476
|
this.update((draftState) => {
|
|
475
477
|
Object.keys(subjectsAndPermissions).forEach((origin) => {
|
|
476
478
|
if (!_utils.hasProperty.call(void 0, draftState.subjects, origin)) {
|
|
477
|
-
throw new (0,
|
|
479
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedSubjectError)(origin);
|
|
478
480
|
}
|
|
479
481
|
subjectsAndPermissions[origin].forEach((target) => {
|
|
480
482
|
const { permissions } = draftState.subjects[origin];
|
|
481
483
|
if (!_utils.hasProperty.call(void 0, permissions, target)) {
|
|
482
|
-
throw new (0,
|
|
484
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionDoesNotExistError)(origin, target);
|
|
483
485
|
}
|
|
484
486
|
this.deletePermission(draftState.subjects, origin, target);
|
|
485
487
|
});
|
|
@@ -559,7 +561,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
559
561
|
getCaveat(origin, target, caveatType) {
|
|
560
562
|
const permission = this.getPermission(origin, target);
|
|
561
563
|
if (!permission) {
|
|
562
|
-
throw new (0,
|
|
564
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionDoesNotExistError)(origin, target);
|
|
563
565
|
}
|
|
564
566
|
return _chunkZH4MLSXXjs.findCaveat.call(void 0, permission, caveatType);
|
|
565
567
|
}
|
|
@@ -584,7 +586,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
584
586
|
*/
|
|
585
587
|
addCaveat(origin, target, caveatType, caveatValue) {
|
|
586
588
|
if (this.hasCaveat(origin, target, caveatType)) {
|
|
587
|
-
throw new (0,
|
|
589
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatAlreadyExistsError)(origin, target, caveatType);
|
|
588
590
|
}
|
|
589
591
|
this.setCaveat(origin, target, caveatType, caveatValue);
|
|
590
592
|
}
|
|
@@ -608,7 +610,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
608
610
|
*/
|
|
609
611
|
updateCaveat(origin, target, caveatType, caveatValue) {
|
|
610
612
|
if (!this.hasCaveat(origin, target, caveatType)) {
|
|
611
|
-
throw new (0,
|
|
613
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatDoesNotExistError)(origin, target, caveatType);
|
|
612
614
|
}
|
|
613
615
|
this.setCaveat(origin, target, caveatType, caveatValue);
|
|
614
616
|
}
|
|
@@ -634,11 +636,11 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
634
636
|
this.update((draftState) => {
|
|
635
637
|
const subject = draftState.subjects[origin];
|
|
636
638
|
if (!subject) {
|
|
637
|
-
throw new (0,
|
|
639
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedSubjectError)(origin);
|
|
638
640
|
}
|
|
639
641
|
const permission = subject.permissions[target];
|
|
640
642
|
if (!permission) {
|
|
641
|
-
throw new (0,
|
|
643
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionDoesNotExistError)(origin, target);
|
|
642
644
|
}
|
|
643
645
|
const caveat = {
|
|
644
646
|
type: caveatType,
|
|
@@ -745,10 +747,10 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
745
747
|
this.update((draftState) => {
|
|
746
748
|
const permission = draftState.subjects[origin]?.permissions[target];
|
|
747
749
|
if (!permission) {
|
|
748
|
-
throw new (0,
|
|
750
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionDoesNotExistError)(origin, target);
|
|
749
751
|
}
|
|
750
752
|
if (!permission.caveats) {
|
|
751
|
-
throw new (0,
|
|
753
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatDoesNotExistError)(origin, target, caveatType);
|
|
752
754
|
}
|
|
753
755
|
this.deleteCaveat(permission, caveatType, origin);
|
|
754
756
|
});
|
|
@@ -767,7 +769,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
767
769
|
*/
|
|
768
770
|
deleteCaveat(permission, caveatType, origin) {
|
|
769
771
|
if (!permission.caveats) {
|
|
770
|
-
throw new (0,
|
|
772
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatDoesNotExistError)(
|
|
771
773
|
origin,
|
|
772
774
|
permission.parentCapability,
|
|
773
775
|
caveatType
|
|
@@ -777,7 +779,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
777
779
|
(existingCaveat) => existingCaveat.type === caveatType
|
|
778
780
|
);
|
|
779
781
|
if (caveatIndex === -1) {
|
|
780
|
-
throw new (0,
|
|
782
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatDoesNotExistError)(
|
|
781
783
|
origin,
|
|
782
784
|
permission.parentCapability,
|
|
783
785
|
caveatType
|
|
@@ -920,13 +922,13 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
920
922
|
origin
|
|
921
923
|
);
|
|
922
924
|
if (!metadata || metadata.subjectType === null || !specification.subjectTypes.includes(metadata.subjectType)) {
|
|
923
|
-
throw specification.permissionType === "RestrictedMethod" /* RestrictedMethod */ ?
|
|
925
|
+
throw specification.permissionType === "RestrictedMethod" /* RestrictedMethod */ ? _chunk4YXP3WEEjs.methodNotFound.call(void 0, targetName, { origin }) : new (0, _chunk4YXP3WEEjs.EndowmentPermissionDoesNotExistError)(targetName, origin);
|
|
924
926
|
}
|
|
925
927
|
}
|
|
926
928
|
if (_utils.hasProperty.call(void 0, permission, "caveats")) {
|
|
927
929
|
const { caveats } = permission;
|
|
928
930
|
if (caveats !== null && !(Array.isArray(caveats) && caveats.length > 0)) {
|
|
929
|
-
throw new (0,
|
|
931
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidCaveatsPropertyError)(origin, targetName, caveats);
|
|
930
932
|
}
|
|
931
933
|
const seenCaveatTypes = /* @__PURE__ */ new Set();
|
|
932
934
|
caveats?.forEach((caveat) => {
|
|
@@ -934,10 +936,10 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
934
936
|
this.validateCaveat(caveat, origin, targetName);
|
|
935
937
|
}
|
|
936
938
|
if (!allowedCaveats?.includes(caveat.type)) {
|
|
937
|
-
throw new (0,
|
|
939
|
+
throw new (0, _chunk4YXP3WEEjs.ForbiddenCaveatError)(caveat.type, origin, targetName);
|
|
938
940
|
}
|
|
939
941
|
if (seenCaveatTypes.has(caveat.type)) {
|
|
940
|
-
throw new (0,
|
|
942
|
+
throw new (0, _chunk4YXP3WEEjs.DuplicateCaveatError)(caveat.type, origin, targetName);
|
|
941
943
|
}
|
|
942
944
|
seenCaveatTypes.add(caveat.type);
|
|
943
945
|
});
|
|
@@ -998,23 +1000,23 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
998
1000
|
*/
|
|
999
1001
|
validateCaveat(caveat, origin, target) {
|
|
1000
1002
|
if (!_controllerutils.isPlainObject.call(void 0, caveat)) {
|
|
1001
|
-
throw new (0,
|
|
1003
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidCaveatError)(caveat, origin, target);
|
|
1002
1004
|
}
|
|
1003
1005
|
if (Object.keys(caveat).length !== 2) {
|
|
1004
|
-
throw new (0,
|
|
1006
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidCaveatFieldsError)(caveat, origin, target);
|
|
1005
1007
|
}
|
|
1006
1008
|
if (typeof caveat.type !== "string") {
|
|
1007
|
-
throw new (0,
|
|
1009
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidCaveatTypeError)(caveat, origin, target);
|
|
1008
1010
|
}
|
|
1009
1011
|
const specification = this.getCaveatSpecification(caveat.type);
|
|
1010
1012
|
if (!specification) {
|
|
1011
|
-
throw new (0,
|
|
1013
|
+
throw new (0, _chunk4YXP3WEEjs.UnrecognizedCaveatTypeError)(caveat.type, origin, target);
|
|
1012
1014
|
}
|
|
1013
1015
|
if (!_utils.hasProperty.call(void 0, caveat, "value") || caveat.value === void 0) {
|
|
1014
|
-
throw new (0,
|
|
1016
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatMissingValueError)(caveat, origin, target);
|
|
1015
1017
|
}
|
|
1016
1018
|
if (!_controllerutils.isValidJson.call(void 0, caveat.value)) {
|
|
1017
|
-
throw new (0,
|
|
1019
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatInvalidJsonError)(caveat, origin, target);
|
|
1018
1020
|
}
|
|
1019
1021
|
specification.validator?.(caveat, origin, target);
|
|
1020
1022
|
}
|
|
@@ -1108,13 +1110,13 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1108
1110
|
this.validateRequestedPermissions(origin, newPermissions);
|
|
1109
1111
|
} catch (error) {
|
|
1110
1112
|
if (error instanceof Error) {
|
|
1111
|
-
throw new (0,
|
|
1113
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidMergedPermissionsError)(
|
|
1112
1114
|
origin,
|
|
1113
1115
|
error,
|
|
1114
1116
|
permissionDiffMap
|
|
1115
1117
|
);
|
|
1116
1118
|
}
|
|
1117
|
-
throw
|
|
1119
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0, "Unrecognized error type", { error });
|
|
1118
1120
|
}
|
|
1119
1121
|
const metadata = {
|
|
1120
1122
|
...options.metadata,
|
|
@@ -1154,13 +1156,13 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1154
1156
|
*/
|
|
1155
1157
|
validateRequestedPermissions(origin, requestedPermissions) {
|
|
1156
1158
|
if (!_controllerutils.isPlainObject.call(void 0, requestedPermissions)) {
|
|
1157
|
-
throw
|
|
1159
|
+
throw _chunk4YXP3WEEjs.invalidParams.call(void 0, {
|
|
1158
1160
|
message: `Requested permissions for origin "${origin}" is not a plain object.`,
|
|
1159
1161
|
data: { origin, requestedPermissions }
|
|
1160
1162
|
});
|
|
1161
1163
|
}
|
|
1162
1164
|
if (Object.keys(requestedPermissions).length === 0) {
|
|
1163
|
-
throw
|
|
1165
|
+
throw _chunk4YXP3WEEjs.invalidParams.call(void 0, {
|
|
1164
1166
|
message: `Permissions request for origin "${origin}" contains no permissions.`,
|
|
1165
1167
|
data: { requestedPermissions }
|
|
1166
1168
|
});
|
|
@@ -1168,10 +1170,10 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1168
1170
|
for (const targetName of Object.keys(requestedPermissions)) {
|
|
1169
1171
|
const permission = requestedPermissions[targetName];
|
|
1170
1172
|
if (!this.targetExists(targetName)) {
|
|
1171
|
-
throw
|
|
1173
|
+
throw _chunk4YXP3WEEjs.methodNotFound.call(void 0, targetName, { origin, requestedPermissions });
|
|
1172
1174
|
}
|
|
1173
1175
|
if (!_controllerutils.isPlainObject.call(void 0, permission) || permission.parentCapability !== void 0 && targetName !== permission.parentCapability) {
|
|
1174
|
-
throw
|
|
1176
|
+
throw _chunk4YXP3WEEjs.invalidParams.call(void 0, {
|
|
1175
1177
|
message: `Permissions request for origin "${origin}" contains invalid requested permission(s).`,
|
|
1176
1178
|
data: { origin, requestedPermissions }
|
|
1177
1179
|
});
|
|
@@ -1261,14 +1263,14 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1261
1263
|
failureHandlersList.map((failureHandler) => failureHandler(params))
|
|
1262
1264
|
);
|
|
1263
1265
|
} catch (error) {
|
|
1264
|
-
throw
|
|
1266
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0, "Unexpected error in side-effects", { error });
|
|
1265
1267
|
}
|
|
1266
1268
|
}
|
|
1267
1269
|
const reasons = rejectedHandlers.map((handler) => handler.reason);
|
|
1268
1270
|
reasons.forEach((reason) => {
|
|
1269
1271
|
console.error(reason);
|
|
1270
1272
|
});
|
|
1271
|
-
throw reasons.length > 1 ?
|
|
1273
|
+
throw reasons.length > 1 ? _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
1272
1274
|
"Multiple errors occurred during side-effects execution",
|
|
1273
1275
|
{ errors: reasons }
|
|
1274
1276
|
) : reasons[0];
|
|
@@ -1293,7 +1295,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1293
1295
|
validateApprovedPermissions(approvedRequest, originalMetadata) {
|
|
1294
1296
|
const { id, origin } = originalMetadata;
|
|
1295
1297
|
if (!_controllerutils.isPlainObject.call(void 0, approvedRequest) || !_controllerutils.isPlainObject.call(void 0, approvedRequest.metadata)) {
|
|
1296
|
-
throw
|
|
1298
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
1297
1299
|
`Approved permissions request for subject "${origin}" is invalid.`,
|
|
1298
1300
|
{ data: { approvedRequest } }
|
|
1299
1301
|
);
|
|
@@ -1303,13 +1305,13 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1303
1305
|
permissions
|
|
1304
1306
|
} = approvedRequest;
|
|
1305
1307
|
if (newId !== id) {
|
|
1306
|
-
throw
|
|
1308
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
1307
1309
|
`Approved permissions request for subject "${origin}" mutated its id.`,
|
|
1308
1310
|
{ originalId: id, mutatedId: newId }
|
|
1309
1311
|
);
|
|
1310
1312
|
}
|
|
1311
1313
|
if (newOrigin !== origin) {
|
|
1312
|
-
throw
|
|
1314
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
1313
1315
|
`Approved permissions request for subject "${origin}" mutated its origin.`,
|
|
1314
1316
|
{ originalOrigin: origin, mutatedOrigin: newOrigin }
|
|
1315
1317
|
);
|
|
@@ -1318,12 +1320,12 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1318
1320
|
this.validateRequestedPermissions(origin, permissions);
|
|
1319
1321
|
} catch (error) {
|
|
1320
1322
|
if (error instanceof Error) {
|
|
1321
|
-
throw
|
|
1323
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0,
|
|
1322
1324
|
`Invalid approved permissions request: ${error.message}`,
|
|
1323
1325
|
error instanceof _rpcerrors.JsonRpcError ? error.data : void 0
|
|
1324
1326
|
);
|
|
1325
1327
|
}
|
|
1326
|
-
throw
|
|
1328
|
+
throw _chunk4YXP3WEEjs.internalError.call(void 0, "Unrecognized error type", { error });
|
|
1327
1329
|
}
|
|
1328
1330
|
}
|
|
1329
1331
|
/**
|
|
@@ -1335,12 +1337,12 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1335
1337
|
async acceptPermissionsRequest(request) {
|
|
1336
1338
|
const { id } = request.metadata;
|
|
1337
1339
|
if (!this.hasApprovalRequest({ id })) {
|
|
1338
|
-
throw new (0,
|
|
1340
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionsRequestNotFoundError)(id);
|
|
1339
1341
|
}
|
|
1340
1342
|
if (Object.keys(request.permissions).length === 0) {
|
|
1341
1343
|
this._rejectPermissionsRequest(
|
|
1342
1344
|
id,
|
|
1343
|
-
|
|
1345
|
+
_chunk4YXP3WEEjs.invalidParams.call(void 0, {
|
|
1344
1346
|
message: "Must request at least one permission."
|
|
1345
1347
|
})
|
|
1346
1348
|
);
|
|
@@ -1365,9 +1367,9 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1365
1367
|
*/
|
|
1366
1368
|
async rejectPermissionsRequest(id) {
|
|
1367
1369
|
if (!this.hasApprovalRequest({ id })) {
|
|
1368
|
-
throw new (0,
|
|
1370
|
+
throw new (0, _chunk4YXP3WEEjs.PermissionsRequestNotFoundError)(id);
|
|
1369
1371
|
}
|
|
1370
|
-
this._rejectPermissionsRequest(id,
|
|
1372
|
+
this._rejectPermissionsRequest(id, _chunk4YXP3WEEjs.userRejectedRequest.call(void 0, ));
|
|
1371
1373
|
}
|
|
1372
1374
|
/**
|
|
1373
1375
|
* Checks whether the {@link ApprovalController} has a particular permissions
|
|
@@ -1414,7 +1416,7 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1414
1416
|
*/
|
|
1415
1417
|
async getEndowments(origin, targetName, requestData) {
|
|
1416
1418
|
if (!this.hasPermission(origin, targetName)) {
|
|
1417
|
-
throw
|
|
1419
|
+
throw _chunk4YXP3WEEjs.unauthorized.call(void 0, { data: { origin, targetName } });
|
|
1418
1420
|
}
|
|
1419
1421
|
return this.getTypedPermissionSpecification(
|
|
1420
1422
|
"Endowment" /* Endowment */,
|
|
@@ -1484,9 +1486,9 @@ var PermissionController = class extends _basecontroller.BaseController {
|
|
|
1484
1486
|
const { origin } = subject;
|
|
1485
1487
|
const permission = this.getPermission(origin, method);
|
|
1486
1488
|
if (!permission) {
|
|
1487
|
-
throw
|
|
1489
|
+
throw _chunk4YXP3WEEjs.unauthorized.call(void 0, { data: { origin, method } });
|
|
1488
1490
|
}
|
|
1489
|
-
return
|
|
1491
|
+
return _chunkD7PWCWCCjs.decorateWithCaveats.call(void 0,
|
|
1490
1492
|
methodImplementation,
|
|
1491
1493
|
permission,
|
|
1492
1494
|
this._caveatSpecifications
|
|
@@ -1497,7 +1499,7 @@ _expectGetCaveatMerger = new WeakSet();
|
|
|
1497
1499
|
expectGetCaveatMerger_fn = function(caveatType) {
|
|
1498
1500
|
const { merger } = this.getCaveatSpecification(caveatType);
|
|
1499
1501
|
if (merger === void 0) {
|
|
1500
|
-
throw new (0,
|
|
1502
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatMergerDoesNotExistError)(caveatType);
|
|
1501
1503
|
}
|
|
1502
1504
|
return merger;
|
|
1503
1505
|
};
|
|
@@ -1511,7 +1513,7 @@ applyGrantedPermissions_fn = function({
|
|
|
1511
1513
|
}) {
|
|
1512
1514
|
const { origin } = subject;
|
|
1513
1515
|
if (!origin || typeof origin !== "string") {
|
|
1514
|
-
throw new (0,
|
|
1516
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidSubjectIdentifierError)(origin);
|
|
1515
1517
|
}
|
|
1516
1518
|
const permissions = preserveExistingPermissions ? {
|
|
1517
1519
|
...this.getPermissions(origin)
|
|
@@ -1520,10 +1522,10 @@ applyGrantedPermissions_fn = function({
|
|
|
1520
1522
|
approvedPermissions
|
|
1521
1523
|
)) {
|
|
1522
1524
|
if (!this.targetExists(requestedTarget)) {
|
|
1523
|
-
throw
|
|
1525
|
+
throw _chunk4YXP3WEEjs.methodNotFound.call(void 0, requestedTarget);
|
|
1524
1526
|
}
|
|
1525
1527
|
if (approvedPermission.parentCapability !== void 0 && requestedTarget !== approvedPermission.parentCapability) {
|
|
1526
|
-
throw new (0,
|
|
1528
|
+
throw new (0, _chunk4YXP3WEEjs.InvalidApprovedPermissionError)(
|
|
1527
1529
|
origin,
|
|
1528
1530
|
requestedTarget,
|
|
1529
1531
|
approvedPermission
|
|
@@ -1587,7 +1589,7 @@ mergeIncrementalPermissions_fn = function(existingPermissions, incrementalReques
|
|
|
1587
1589
|
};
|
|
1588
1590
|
_mergePermission = new WeakSet();
|
|
1589
1591
|
mergePermission_fn = function(leftPermission, rightPermission) {
|
|
1590
|
-
const { caveatPairs, leftUniqueCaveats, rightUniqueCaveats } =
|
|
1592
|
+
const { caveatPairs, leftUniqueCaveats, rightUniqueCaveats } = _chunkTAK6LXU6js.collectUniqueAndPairedCaveats.call(void 0, leftPermission, rightPermission);
|
|
1591
1593
|
const [mergedCaveats, caveatDiffMap] = caveatPairs.reduce(
|
|
1592
1594
|
([caveats, diffMap], [leftCaveat, rightCaveat]) => {
|
|
1593
1595
|
const [newCaveat, diff] = _chunkZ2XKIXLSjs.__privateMethod.call(void 0, this, _mergeCaveat, mergeCaveat_fn).call(this, leftCaveat, rightCaveat);
|
|
@@ -1621,7 +1623,7 @@ mergePermission_fn = function(leftPermission, rightPermission) {
|
|
|
1621
1623
|
_mergeCaveat = new WeakSet();
|
|
1622
1624
|
mergeCaveat_fn = function(leftCaveat, rightCaveat) {
|
|
1623
1625
|
if (leftCaveat !== void 0 && leftCaveat.type !== rightCaveat.type) {
|
|
1624
|
-
throw new (0,
|
|
1626
|
+
throw new (0, _chunk4YXP3WEEjs.CaveatMergeTypeMismatchError)(leftCaveat.type, rightCaveat.type);
|
|
1625
1627
|
}
|
|
1626
1628
|
const merger = _chunkZ2XKIXLSjs.__privateMethod.call(void 0, this, _expectGetCaveatMerger, expectGetCaveatMerger_fn).call(this, rightCaveat.type);
|
|
1627
1629
|
if (leftCaveat === void 0) {
|
|
@@ -1676,4 +1678,4 @@ handleApprovedPermissions_fn = async function({
|
|
|
1676
1678
|
|
|
1677
1679
|
|
|
1678
1680
|
exports.CaveatMutatorOperation = CaveatMutatorOperation; exports.PermissionController = PermissionController;
|
|
1679
|
-
//# sourceMappingURL=chunk-
|
|
1681
|
+
//# sourceMappingURL=chunk-R56CBYD3.js.map
|