Merge pull request #5689 from MetaMask/reject-cached-approval

EIP-1102: Clear approvals on rejection
feature/default_network_editable
Bruno Barbieri 6 years ago committed by GitHub
commit 68138e178e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
  1. 2
      app/scripts/contentscript.js
  2. 15
      app/scripts/controllers/provider-approval.js
  3. 4
      app/scripts/metamask-controller.js
  4. 25
      test/e2e/beta/drizzle.spec.js

@ -37,8 +37,10 @@ function injectScript (content) {
try { try {
const container = document.head || document.documentElement const container = document.head || document.documentElement
const scriptTag = document.createElement('script') const scriptTag = document.createElement('script')
scriptTag.setAttribute('async', false)
scriptTag.textContent = content scriptTag.textContent = content
container.insertBefore(scriptTag, container.children[0]) container.insertBefore(scriptTag, container.children[0])
container.removeChild(scriptTag)
} catch (e) { } catch (e) {
console.error('MetaMask script injection failed', e) console.error('MetaMask script injection failed', e)
} }

@ -54,7 +54,7 @@ class ProviderApprovalController {
_handleProviderRequest (origin, siteTitle, siteImage, force) { _handleProviderRequest (origin, siteTitle, siteImage, force) {
this.store.updateState({ providerRequests: [{ origin, siteTitle, siteImage }] }) this.store.updateState({ providerRequests: [{ origin, siteTitle, siteImage }] })
const isUnlocked = this.keyringController.memStore.getState().isUnlocked const isUnlocked = this.keyringController.memStore.getState().isUnlocked
if (!force && this.isApproved(origin) && this.caching && isUnlocked) { if (!force && this.approvedOrigins[origin] && this.caching && isUnlocked) {
this.approveProviderRequest(origin) this.approveProviderRequest(origin)
return return
} }
@ -67,9 +67,11 @@ class ProviderApprovalController {
* @param {string} origin - Origin of the window * @param {string} origin - Origin of the window
*/ */
_handleIsApproved (origin) { _handleIsApproved (origin) {
const isApproved = this.isApproved(origin) && this.caching this.platform && this.platform.sendMessage({
const caching = this.caching action: 'answer-is-approved',
this.platform && this.platform.sendMessage({ action: 'answer-is-approved', isApproved, caching }, { active: true }) isApproved: this.approvedOrigins[origin] && this.caching,
caching: this.caching,
}, { active: true })
} }
/** /**
@ -117,6 +119,7 @@ class ProviderApprovalController {
this.platform && this.platform.sendMessage({ action: 'reject-provider-request' }, { active: true }) this.platform && this.platform.sendMessage({ action: 'reject-provider-request' }, { active: true })
const providerRequests = requests.filter(request => request.origin !== origin) const providerRequests = requests.filter(request => request.origin !== origin)
this.store.updateState({ providerRequests }) this.store.updateState({ providerRequests })
delete this.approvedOrigins[origin]
} }
/** /**
@ -127,12 +130,12 @@ class ProviderApprovalController {
} }
/** /**
* Determines if a given origin has been approved * Determines if a given origin should have accounts exposed
* *
* @param {string} origin - Domain origin to check for approval status * @param {string} origin - Domain origin to check for approval status
* @returns {boolean} - True if the origin has been approved * @returns {boolean} - True if the origin has been approved
*/ */
isApproved (origin) { shouldExposeAccounts (origin) {
const privacyMode = this.preferencesController.getFeatureFlags().privacyMode const privacyMode = this.preferencesController.getFeatureFlags().privacyMode
return !privacyMode || this.approvedOrigins[origin] return !privacyMode || this.approvedOrigins[origin]
} }

@ -277,8 +277,8 @@ module.exports = class MetamaskController extends EventEmitter {
getAccounts: async ({ origin }) => { getAccounts: async ({ origin }) => {
// Expose no accounts if this origin has not been approved, preventing // Expose no accounts if this origin has not been approved, preventing
// account-requring RPC methods from completing successfully // account-requring RPC methods from completing successfully
const isApproved = this.providerApprovalController.isApproved(origin) const exposeAccounts = this.providerApprovalController.shouldExposeAccounts(origin)
if (origin !== 'MetaMask' && !isApproved) { return [] } if (origin !== 'MetaMask' && !exposeAccounts) { return [] }
const isUnlocked = this.keyringController.memStore.getState().isUnlocked const isUnlocked = this.keyringController.memStore.getState().isUnlocked
const selectedAddress = this.preferencesController.getSelectedAddress() const selectedAddress = this.preferencesController.getSelectedAddress()
// only show address if account is unlocked // only show address if account is unlocked

@ -19,6 +19,7 @@ const {
openNewPage, openNewPage,
verboseReportOnFailure, verboseReportOnFailure,
waitUntilXWindowHandles, waitUntilXWindowHandles,
switchToWindowWithTitle,
} = require('./helpers') } = require('./helpers')
describe('MetaMask', function () { describe('MetaMask', function () {
@ -266,17 +267,31 @@ describe('MetaMask', function () {
}) })
describe('Drizzle', () => { describe('Drizzle', () => {
it('should be able to detect our eth address', async () => { let windowHandles
let extension
let popup
let dapp
it('be able to connect the account', async () => {
await openNewPage(driver, 'http://127.0.0.1:3000/') await openNewPage(driver, 'http://127.0.0.1:3000/')
await delay(regularDelayMs) await delay(regularDelayMs)
await waitUntilXWindowHandles(driver, 2) await waitUntilXWindowHandles(driver, 3)
const windowHandles = await driver.getAllWindowHandles() windowHandles = await driver.getAllWindowHandles()
const dapp = windowHandles[1]
extension = windowHandles[0]
popup = await switchToWindowWithTitle(driver, 'MetaMask Notification', windowHandles)
dapp = windowHandles.find(handle => handle !== extension && handle !== popup)
await driver.switchTo().window(dapp)
await delay(regularDelayMs) await delay(regularDelayMs)
const approveButton = await findElement(driver, By.xpath(`//button[contains(text(), 'Connect')]`))
await approveButton.click()
})
it('should be able to detect our eth address', async () => {
// Check if address exposed
await driver.switchTo().window(dapp)
await delay(regularDelayMs)
const addressElement = await findElement(driver, By.css(`.pure-u-1-1 h4`)) const addressElement = await findElement(driver, By.css(`.pure-u-1-1 h4`))
const addressText = await addressElement.getText() const addressText = await addressElement.getText()

Loading…
Cancel
Save