# Permission System 2.0
## Background
This PR migrates the extension permission system to [the new `PermissionController`](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions).
The original permission system, based on [`rpc-cap`](https://github.com/MetaMask/rpc-cap), introduced [`ZCAP-LD`](https://w3c-ccg.github.io/zcap-ld/)-like permissions to our JSON-RPC stack.
We used it to [implement](https://github.com/MetaMask/metamask-extension/pull/7004) what we called "LoginPerSite" in [version 7.7.0](https://github.com/MetaMask/metamask-extension/releases/tag/v7.7.0) of the extension, which enabled the user to choose which accounts, if any, should be exposed to each dapp.
While that was a worthwhile feature in and of itself, we wanted a permission _system_ in order to enable everything we are going to with Snaps.
Unfortunately, the original permission system was difficult to use, and necessitated the creation of the original `PermissionsController` (note the "s"), which was more or less a wrapper for `rpc-cap`.
With this PR, we shake off the yoke of the original permission system, in favor of the modular, self-contained, ergonomic, and more mature permission system 2.0.
Note that [the `PermissionController` readme](https://github.com/MetaMask/snaps-skunkworks/tree/main/packages/controllers/src/permissions/README.md) explains how the new permission system works.
The `PermissionController` and `SubjectMetadataController` are currently shipped via `@metamask/snap-controllers`. This is a temporary state of affairs, and we'll move them to `@metamask/controllers` once they've landed in prod.
## Changes in Detail
First, the changes in this PR are not as big as they seem. Roughly half of the additions in this PR are fixtures in the test for the new migration (number 68), and a significant portion of the remaining ~2500 lines are due to find-and-replace changes in other test fixtures and UI files.
- The extension `PermissionsController` has been deleted, and completely replaced with the new `PermissionController` from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The original `PermissionsController` "domain metadata" functionality is now managed by the new `SubjectMetadataController`, also from [`@metamask/snap-controllers`](https://www.npmjs.com/package/@metamask/snap-controllers).
- The permission activity and history log controller has been renamed `PermissionLogController` and has its own top-level state key, but is otherwise functionally equivalent to the existing implementation.
- Migration number 68 has been added to account for the new state changes.
- The tests in `app/scripts/controllers/permissions` have been migrated from `mocha` to `jest`.
Reviewers should focus their attention on the following files:
- `app/scripts/`
- `metamask-controller.js`
- This is where most of the integration work for the new `PermissionController` occurs.
Some functions that were internal to the original controller were moved here.
- `controllers/permissions/`
- `selectors.js`
- These selectors are for `ControllerMessenger` selector subscriptions. The actual subscriptions occur in `metamask-controller.js`. See the `ControllerMessenger` implementation for details.
- `specifications.js`
- The caveat and permission specifications are required by the new `PermissionController`, and are used to specify the `eth_accounts` permission and its JSON-RPC method implementation.
See the `PermissionController` readme for details.
- `migrations/068.js`
- The new state should be cross-referenced with the controllers that manage it.
The accompanying tests should also be thoroughly reviewed.
Some files may appear new but have just moved and/or been renamed:
- `app/scripts/lib/rpc-method-middleware/handlers/request-accounts.js`
- This was previously implemented in `controllers/permissions/permissionsMethodMiddleware.js`.
- `test/mocks/permissions.js`
- A truncated version of `test/mocks/permission-controller.js`.
Co-authored-by: Mark Stacey <markjstacey@gmail.com>
A propType error was showing up during e2e tests with a `testDev`
build. It was caused by `process.env.IN_TEST` being treated as a
boolean, when in fact it is either the string `'true'` or a boolean.
`IN_TEST` has been updated to always be a boolean. `loose-envify` has
no trouble injecting boolean values, so there's no reason to treat this
as a string.
There were two propType errors in the signature request and signature
request footer components. A boolean was wrongly declared as a
function, and that same boolean was later declared with an invalid
propType (`PropTypes.boolean` rather than `PropTypes.bool`). Both
errors have been fixed.
* added npm icon
* added snaps-authorship-pill component and story
* updated npm icon
* added classname
* added comments
* changed label to an h7
* updated default label, removed unnecessary font-weight prop
* moved npm icon to flask/icons and added storybook file
* added hover/focus logic
* updated hover logic
* updated hover logic
* added authorship pill scss to app-components, removed unnecessary handlers
* removed npm icon, added font-awesome icon, added font-awesome brands to scss imports
* removed icons directory, updated scss file to use the proper color for npm icon, updated component with correct size and added class to change color
* fixed linter errors
* added link to pill and its story, changed title of story
* changed link to open in new tab, moved classname to root element and made it inline-block
* fixed proptype comment
* fixed linter error
* integration for tx decoding confirmation and history view
* upgrading @truffle/decoder to latest release 5.1.0
* Update acorn and colors patches
* feat: remove redundant styling
* feat: basic integration for nickname components
* feat: wiring functionality of adding new nickname
* feat: wire functionality of showing nickname modal
* feat: link the nickname popover with add/update popover
* feat: moving forward with address nicknames integration
* feat: fixing a bug related to passing chainId in addressBook
* feat: populating memo prop in addressbook entry
* feat: add explorer link
* feat: bug fixing update nickname component
* feat: fix proptypes
* feat: adding tooltip for copying nickname address
* featL fix styling for tx-details page
* feat: optimize code for error handling
* feat: limiting transaction decoding to tx with data
* feat: remove tree UI component
* feat: adding request to check for tx decoding supported networks
* feat: showing data hex component
* feat: fix react warnings
* feat: remove extra margin in tx decoding
* Remove unused package @truffle/source-map-utils
* Ensure messages get translated
* feat: link tx-decoding addresses with nicknames
* Omit value for boolean attributes
* Fix props reading in CopyRawData
* fix: fixing issue with transaltion
* Fix lint errors in TransactionDecoding
- Remove unused import
- Reorder imports
- Address conflict between caught `error` and error state flag by
renaming state flag to `hasError`
- Fix requestUrl identifier casing and use of template string
- Ensure `useEffect` gets passed the deps it needs
- Add scope braces around case statement where it's needed
- Omit literal `true` for boolean jsx attribute
- Refactor nested ternary as `if` statements
* fix: revert fetchWithCache modifications
* Fix linting for TransactionListItemDetails
- Remove unused import
- Fix import spacing
- Remove unused prop dereference
- Fix string interpolation for translated From/To
* Moving to popover pattern
* fix: sass color variable
* Omit value for boolean attribute
* Remove changes from modal.js
* fix: refactor nickname popovers
* Ensure const gets declared before it's used
* Fix linting for ConfirmTransactionBase
- Remove unused prop chainId
- Stop destructuring an unused field
* fix: refactor usage of nicknames popovers in send-content-container
* fix: remove extra prop updateAccountNicknameModal
* fix: refactor code for address.component
* fix: remove extra tooltip
* Ensure NicknamePopovers always returns component
* Fix linting for NicknamePopover component
- Fix useCallback deps
- Switch ternary to logical-or
* Fix linting for SenderToRecipient
... by fixing import order
* Remove unused addressCopied state
* Delete empty file
* fix: remove sender-to-recipient.container
* fix: refactor usage of nickname popovers in confirm-page-container
* fix: bug related to state variable
* Stylelint fix
* Lint fix
* Change "Total Amount" to "Total"
* Lint fix locales
* Update address-book.spec.js
* e2e test update
* Update e2e tests
* Fix issue where absence of function params in data hex tab would result in rendering a string
* Fix border radius, and width and height in small notification windows, of the update-nickname-popover
* Remove fake await
* Clean up
* Clean up
Co-authored-by: Alaa Hadad <alaahd@Alaas-MacBook-M1-Pro-14-inch.local>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
Co-authored-by: g. nicholas d'andrea <gnidan@trufflesuite.com>
* add storybook unit tests with CI integration
* fix command and fix casing for test
* change ci ordering for storybook tasks
* fix syntax error
* fix jest
* lint
* Add transaction-total-banner render test to Storybook (#12517)
* transaction-total-banner
* lint
* confirm to spec
* lint
* fix jest ocnfig for snapshot test failure
* support qr based signer
* add CSP for fire fox
* get QR Hardware wallet name from device
* fix qrHardware state missing in runtime
* support qr based signer sign transaction
* refine Request Signature modal ui
* remove feature toggle
* refine ui
* fix notification is closing even there is a pending qr hardware transaction
* add chinese translation, refine ui, fix qr process was breaking in some case
* support import accounts by pubkeys
* refine qr-based wallet ui and fix bugs
* update @keystonehq/metamask-airgapped-keyring to fix that the signing hd path was inconsistent in some edge case
* fix: avoid unnecessay navigation, fix ci
* refactor qr-hardware-popover with @zxing/browser
* update lavamoat policy, remove firefox CSP
* refine qr reader ui, ignore unnecessary warning display
* code refactor, use async functions insteads promise
Co-authored-by: Soralit <soralitria@gmail.com>
* If a transaction would revert/fail,
1. hide the gas estimate info.
2. Disable the confirm button.
3. All user to enable the confirm button anyways.
4. Do not show the default Transaction error message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Always return a value for hasSimulationError
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use primary button of action message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove hasSimulationError from getErrorKey
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move confirm anyways logic to base component.
Change message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Disable edit if there's simulation error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* hide confirm anyways button once clicked.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move Actionable Primary Action to flex-end
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix unit tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix nested ternary lint issues
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add !confirmAnyways to conditions to show GasDetails.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* ConfirmAnyways should be read from state
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename tryAnywayOption
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove await tick
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint issue fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes after rebase
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* description should show that it's content being tested.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* If a transaction would revert/fail,
1. hide the gas estimate info.
2. Disable the confirm button.
3. All user to enable the confirm button anyways.
4. Do not show the default Transaction error message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Always return a value for hasSimulationError
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Use primary button of action message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove hasSimulationError from getErrorKey
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move confirm anyways logic to base component.
Change message
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Disable edit if there's simulation error
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* hide confirm anyways button once clicked.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move Actionable Primary Action to flex-end
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix unit tests
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Fix nested ternary lint issues
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* add !confirmAnyways to conditions to show GasDetails.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* ConfirmAnyways should be read from state
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Rename tryAnywayOption
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Remove await tick
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint issue fix
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Lint fixes after rebase
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* description should show that it's content being tested.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* Move simulation fails message inline with gas details component (#12705)
* Move simulation fails message inline with gas details component
* Remove old unit tests
Co-authored-by: Dan Miller <danjm.com@gmail.com>
* lint fix
* use an XOR operation.
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
* The changes in this file are no longer needed because we hide the edit button now
Signed-off-by: Akintayo A. Olusegun <akintayo.segun@gmail.com>
Co-authored-by: Dan Miller <danjm.com@gmail.com>
Erik Marks
Jyoti Puri
Alex Donesky
Mark Stacey
Olaf Tomalka
Hassan Malik
George Marshall
Alaa Hadad
Dan J Miller
Niranjana Binoy
ryanml
Etienne Dusseault
Aaron Chen
Olusegun Akintayo