Skip to content

Commit

Permalink
Grant permitted chains permission on install/update
Browse files Browse the repository at this point in the history
  • Loading branch information
Mrtenz committed Aug 21, 2024
1 parent eebe6a6 commit 09bcf58
Show file tree
Hide file tree
Showing 3 changed files with 211 additions and 14 deletions.
2 changes: 2 additions & 0 deletions packages/snaps-controllers/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -57,11 +57,13 @@
"@metamask/base-controller": "^6.0.2",
"@metamask/json-rpc-engine": "^9.0.2",
"@metamask/json-rpc-middleware-stream": "^8.0.2",
"@metamask/network-controller": "^20.1.0",
"@metamask/object-multiplex": "^2.0.0",
"@metamask/permission-controller": "^11.0.0",
"@metamask/phishing-controller": "^10.1.1",
"@metamask/post-message-stream": "^8.1.0",
"@metamask/rpc-errors": "^6.3.1",
"@metamask/selected-network-controller": "^17.0.0",
"@metamask/snaps-registry": "^3.2.1",
"@metamask/snaps-rpc-methods": "workspace:^",
"@metamask/snaps-sdk": "workspace:^",
Expand Down
58 changes: 55 additions & 3 deletions packages/snaps-controllers/src/snaps/SnapController.ts
Original file line number Diff line number Diff line change
Expand Up @@ -4,6 +4,7 @@ import type {
} from '@metamask/approval-controller';
import type { RestrictedControllerMessenger } from '@metamask/base-controller';
import { BaseController } from '@metamask/base-controller';
import type { NetworkControllerGetNetworkClientByIdAction } from '@metamask/network-controller';
import type {
Caveat,
GetEndowments,
Expand All @@ -26,6 +27,7 @@ import type {
} from '@metamask/permission-controller';
import { SubjectType } from '@metamask/permission-controller';
import { rpcErrors } from '@metamask/rpc-errors';
import type { SelectedNetworkControllerGetNetworkClientIdForDomainAction } from '@metamask/selected-network-controller';
import type { BlockReason } from '@metamask/snaps-registry';
import {
WALLET_SNAP_PERMISSION_KEY,
Expand Down Expand Up @@ -556,7 +558,9 @@ export type AllowedActions =
| Update
| ResolveVersion
| CreateInterface
| GetInterface;
| GetInterface
| NetworkControllerGetNetworkClientByIdAction
| SelectedNetworkControllerGetNetworkClientIdForDomainAction;

export type AllowedEvents =
| ExecutionServiceEvents
Expand Down Expand Up @@ -3624,7 +3628,50 @@ export class SnapController extends BaseController<
}

/**
* Updates the permissions for a snap following an install, update or rollback.
* Get the permissions to grant to a Snap following an install, update or
* rollback.
*
* @param snapId - The snap ID.
* @param newPermissions - The new permissions to be granted.
* @returns The permissions to grant to the Snap.
*/
#getPermissionsToGrant(snapId: SnapId, newPermissions: RequestedPermissions) {
if (Object.keys(newPermissions).includes(SnapEndowments.EthereumProvider)) {
const networkClientId = this.messagingSystem.call(
'SelectedNetworkController:getNetworkClientIdForDomain',
snapId,
);

const { configuration } = this.messagingSystem.call(
'NetworkController:getNetworkClientById',
networkClientId,
);

// This needs to be assigned to have proper type inference.
const modifiedPermissions: RequestedPermissions = {
...newPermissions,
permittedChains: {
caveats: [
{
type: 'restrictNetworkSwitching',
value: [configuration.chainId],
},
],
date: Date.now(),
id: nanoid(),
invoker: snapId,
parentCapability: 'permittedChains',
},
};

return modifiedPermissions;
}

return newPermissions;
}

/**
* Update the permissions for a snap following an install, update or rollback.
*
* Grants newly requested permissions and revokes unused/revoked permissions.
*
Expand Down Expand Up @@ -3657,8 +3704,13 @@ export class SnapController extends BaseController<
}

if (isNonEmptyArray(Object.keys(newPermissions))) {
const approvedPermissions = this.#getPermissionsToGrant(
snapId,
newPermissions,
);

this.messagingSystem.call('PermissionController:grantPermissions', {
approvedPermissions: newPermissions,
approvedPermissions,
subject: { origin: snapId },
requestData,
});
Expand Down
165 changes: 154 additions & 11 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -4422,6 +4422,49 @@ __metadata:
languageName: node
linkType: hard

"@metamask/eth-block-tracker@npm:^9.0.3":
version: 9.0.3
resolution: "@metamask/eth-block-tracker@npm:9.0.3"
dependencies:
"@metamask/eth-json-rpc-provider": ^3.0.2
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^8.1.0
json-rpc-random-id: ^1.0.1
pify: ^5.0.0
checksum: edd3d59a0416752d90c8e2d8c10c31635dbe3eb323fcb054c401528afe4cbbb6a5a85aedd6ffee4a504d9779656bfab027f2274fd95981c90bf56b6f565dbca2
languageName: node
linkType: hard

"@metamask/eth-json-rpc-infura@npm:^9.1.0":
version: 9.1.0
resolution: "@metamask/eth-json-rpc-infura@npm:9.1.0"
dependencies:
"@metamask/eth-json-rpc-provider": ^2.1.0
"@metamask/json-rpc-engine": ^7.1.1
"@metamask/rpc-errors": ^6.0.0
"@metamask/utils": ^8.1.0
node-fetch: ^2.7.0
checksum: 58f2a6b6ce9c545c9210b2ab3f8c0946cc82ed02c82a096406d8c7146c89c1eba1a13e472048a6e252906dd5eb336e63238d9a5446407c1d46b1d6a40e2a64f4
languageName: node
linkType: hard

"@metamask/eth-json-rpc-middleware@npm:^12.1.1":
version: 12.1.2
resolution: "@metamask/eth-json-rpc-middleware@npm:12.1.2"
dependencies:
"@metamask/eth-block-tracker": ^9.0.3
"@metamask/eth-json-rpc-provider": ^3.0.2
"@metamask/eth-sig-util": ^7.0.0
"@metamask/json-rpc-engine": ^8.0.2
"@metamask/rpc-errors": ^6.0.0
"@metamask/utils": ^8.1.0
klona: ^2.0.6
pify: ^5.0.0
safe-stable-stringify: ^2.4.3
checksum: 0334fa8e51d73488e42e1cd663e90012f4055c5cd04cb4ff371ecb3552b82cd271f27a88ff0187ad23f195cfbbba467126711c08b20c1124083a706a85524a82
languageName: node
linkType: hard

"@metamask/eth-json-rpc-middleware@npm:^13.0.0":
version: 13.0.0
resolution: "@metamask/eth-json-rpc-middleware@npm:13.0.0"
Expand All @@ -4441,16 +4484,38 @@ __metadata:
languageName: node
linkType: hard

"@metamask/eth-json-rpc-provider@npm:^4.0.0":
version: 4.1.2
resolution: "@metamask/eth-json-rpc-provider@npm:4.1.2"
"@metamask/eth-json-rpc-provider@npm:^2.1.0":
version: 2.3.2
resolution: "@metamask/eth-json-rpc-provider@npm:2.3.2"
dependencies:
"@metamask/json-rpc-engine": ^7.3.2
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^8.3.0
checksum: e6731271aad3b972d85b9230c26d35a9b88722f3bd3024675ad2f568e634e9fdfef4717ef2892f3cc512d381cf17a4e20dbd5eb808ced765082bea3379ad6ddc
languageName: node
linkType: hard

"@metamask/eth-json-rpc-provider@npm:^3.0.2":
version: 3.0.2
resolution: "@metamask/eth-json-rpc-provider@npm:3.0.2"
dependencies:
"@metamask/json-rpc-engine": ^8.0.2
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^8.3.0
checksum: 0321eaad6fa205a9d3ddcfaf28e63c05291614893cb2e116151185a4acbd6bb6a508d6e556b3cb8bc4d3caef4bf0a638202d9b6bdc127fbcb81715eb2660a809
languageName: node
linkType: hard

"@metamask/eth-json-rpc-provider@npm:^4.0.0, @metamask/eth-json-rpc-provider@npm:^4.1.2":
version: 4.1.3
resolution: "@metamask/eth-json-rpc-provider@npm:4.1.3"
dependencies:
"@metamask/json-rpc-engine": ^9.0.2
"@metamask/rpc-errors": ^6.3.1
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^9.1.0
uuid: ^8.3.2
checksum: d7092ce64fc185796a0be3f339da1718e280159f06e8fdf29a002b4573abd0903219a527a4c5890952d5e66dbe56b5c3e53d42aa8a4bbc25acbdf6efadcff6ea
checksum: 788c1f983d8021a10922f414f7c5aa93f79e14000219bd5155f027c1964e73d08e931cb98749057f57fb4001441098724aedacbe2198ab5a0b28cc3fcb4d262d
languageName: node
linkType: hard

Expand Down Expand Up @@ -4881,6 +4946,28 @@ __metadata:
languageName: unknown
linkType: soft

"@metamask/json-rpc-engine@npm:^7.1.1, @metamask/json-rpc-engine@npm:^7.3.2":
version: 7.3.3
resolution: "@metamask/json-rpc-engine@npm:7.3.3"
dependencies:
"@metamask/rpc-errors": ^6.2.1
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^8.3.0
checksum: 7bab8b4d2341a6243ba451bc58283f0a6905b09f7257857859848a51a795444ca6899b1a6908b15f8ed236fb574ab85a630c9cb28d127ab52c4630e496c16006
languageName: node
linkType: hard

"@metamask/json-rpc-engine@npm:^8.0.2":
version: 8.0.2
resolution: "@metamask/json-rpc-engine@npm:8.0.2"
dependencies:
"@metamask/rpc-errors": ^6.2.1
"@metamask/safe-event-emitter": ^3.0.0
"@metamask/utils": ^8.3.0
checksum: c240d298ad503d93922a94a62cf59f0344b6d6644a523bc8ea3c0f321bea7172b89f2747a5618e2861b2e8152ae5086b76f391a10e4566529faa50b8850c051d
languageName: node
linkType: hard

"@metamask/json-rpc-engine@npm:^9.0.0, @metamask/json-rpc-engine@npm:^9.0.1, @metamask/json-rpc-engine@npm:^9.0.2":
version: 9.0.2
resolution: "@metamask/json-rpc-engine@npm:9.0.2"
Expand Down Expand Up @@ -5135,6 +5222,29 @@ __metadata:
languageName: unknown
linkType: soft

"@metamask/network-controller@npm:^20.1.0":
version: 20.1.0
resolution: "@metamask/network-controller@npm:20.1.0"
dependencies:
"@metamask/base-controller": ^6.0.2
"@metamask/controller-utils": ^11.0.2
"@metamask/eth-block-tracker": ^9.0.3
"@metamask/eth-json-rpc-infura": ^9.1.0
"@metamask/eth-json-rpc-middleware": ^12.1.1
"@metamask/eth-json-rpc-provider": ^4.1.2
"@metamask/eth-query": ^4.0.0
"@metamask/json-rpc-engine": ^9.0.2
"@metamask/rpc-errors": ^6.3.1
"@metamask/swappable-obj-proxy": ^2.2.0
"@metamask/utils": ^9.1.0
async-mutex: ^0.5.0
immer: ^9.0.6
loglevel: ^1.8.1
uuid: ^8.3.2
checksum: 41aa7f2cd693850b3f3ce3a0937b67bdca482bf573b1b96fa36cbf75728c3593c2082b2cd99497cf2cb182912f73e784a6cc8c4db0357bf452caa2d5890329c7
languageName: node
linkType: hard

"@metamask/network-example-snap@workspace:^, @metamask/network-example-snap@workspace:packages/examples/packages/network-access":
version: 0.0.0-use.local
resolution: "@metamask/network-example-snap@workspace:packages/examples/packages/network-access"
Expand Down Expand Up @@ -5337,7 +5447,7 @@ __metadata:
languageName: unknown
linkType: soft

"@metamask/rpc-errors@npm:^6.0.0, @metamask/rpc-errors@npm:^6.3.1":
"@metamask/rpc-errors@npm:^6.0.0, @metamask/rpc-errors@npm:^6.2.1, @metamask/rpc-errors@npm:^6.3.1":
version: 6.3.1
resolution: "@metamask/rpc-errors@npm:6.3.1"
dependencies:
Expand All @@ -5364,6 +5474,21 @@ __metadata:
languageName: node
linkType: hard

"@metamask/selected-network-controller@npm:^17.0.0":
version: 17.0.0
resolution: "@metamask/selected-network-controller@npm:17.0.0"
dependencies:
"@metamask/base-controller": ^6.0.2
"@metamask/json-rpc-engine": ^9.0.2
"@metamask/swappable-obj-proxy": ^2.2.0
"@metamask/utils": ^9.1.0
peerDependencies:
"@metamask/network-controller": ^20.0.0
"@metamask/permission-controller": ^11.0.0
checksum: 8ad6a64c4e51a7538e85b81065e1b2fc3648bc771f8406eafd2d53064b09739b2c6d1b2b6d6b1e8e17bad5400cee0206235f82cad4e51308263306d8fac32845
languageName: node
linkType: hard

"@metamask/signature-insights-example-snap@workspace:^, @metamask/signature-insights-example-snap@workspace:packages/examples/packages/signature-insights":
version: 0.0.0-use.local
resolution: "@metamask/signature-insights-example-snap@workspace:packages/examples/packages/signature-insights"
Expand Down Expand Up @@ -5562,11 +5687,13 @@ __metadata:
"@metamask/eslint-config-typescript": ^12.1.0
"@metamask/json-rpc-engine": ^9.0.2
"@metamask/json-rpc-middleware-stream": ^8.0.2
"@metamask/network-controller": ^20.1.0
"@metamask/object-multiplex": ^2.0.0
"@metamask/permission-controller": ^11.0.0
"@metamask/phishing-controller": ^10.1.1
"@metamask/post-message-stream": ^8.1.0
"@metamask/rpc-errors": ^6.3.1
"@metamask/selected-network-controller": ^17.0.0
"@metamask/snaps-registry": ^3.2.1
"@metamask/snaps-rpc-methods": "workspace:^"
"@metamask/snaps-sdk": "workspace:^"
Expand Down Expand Up @@ -6162,6 +6289,13 @@ __metadata:
languageName: node
linkType: hard

"@metamask/swappable-obj-proxy@npm:^2.2.0":
version: 2.2.0
resolution: "@metamask/swappable-obj-proxy@npm:2.2.0"
checksum: 343c95f72c96776980ef3e70600f7fa312be9a75683c132404a66ddd3c507abadee9c4deba1385246f73bded1938a7958e5a89fc407c19dfc352dd9b398e216f
languageName: node
linkType: hard

"@metamask/template-snap@npm:^0.7.0":
version: 0.7.0
resolution: "@metamask/template-snap@npm:0.7.0"
Expand Down Expand Up @@ -6255,7 +6389,7 @@ __metadata:
languageName: unknown
linkType: soft

"@metamask/utils@npm:^8.1.0, @metamask/utils@npm:^8.2.0, @metamask/utils@npm:^8.2.1":
"@metamask/utils@npm:^8.1.0, @metamask/utils@npm:^8.2.0, @metamask/utils@npm:^8.2.1, @metamask/utils@npm:^8.3.0":
version: 8.5.0
resolution: "@metamask/utils@npm:8.5.0"
dependencies:
Expand Down Expand Up @@ -9442,6 +9576,15 @@ __metadata:
languageName: node
linkType: hard

"async-mutex@npm:^0.5.0":
version: 0.5.0
resolution: "async-mutex@npm:0.5.0"
dependencies:
tslib: ^2.4.0
checksum: be1587f4875f3bb15e34e9fcce82eac2966daef4432c8d0046e61947fb9a1b95405284601bc7ce4869319249bc07c75100880191db6af11d1498931ac2a2f9ea
languageName: node
linkType: hard

"async@npm:^3.2.3, async@npm:^3.2.4":
version: 3.2.4
resolution: "async@npm:3.2.4"
Expand Down Expand Up @@ -16904,10 +17047,10 @@ __metadata:
languageName: node
linkType: hard

"loglevel@npm:^1.6.0":
version: 1.8.1
resolution: "loglevel@npm:1.8.1"
checksum: a1a62db40291aaeaef2f612334c49e531bff71cc1d01a2acab689ab80d59e092f852ab164a5aedc1a752fdc46b7b162cb097d8a9eb2cf0b299511106c29af61d
"loglevel@npm:^1.6.0, loglevel@npm:^1.8.1":
version: 1.9.1
resolution: "loglevel@npm:1.9.1"
checksum: e1c8586108c4d566122e91f8a79c8df728920e3a714875affa5120566761a24077ec8ec9e5fc388b022e39fc411ec6e090cde1b5775871241b045139771eeb06
languageName: node
linkType: hard

Expand Down Expand Up @@ -17822,7 +17965,7 @@ __metadata:
languageName: node
linkType: hard

"node-fetch@npm:^2.6.11, node-fetch@npm:^2.6.12":
"node-fetch@npm:^2.6.11, node-fetch@npm:^2.6.12, node-fetch@npm:^2.7.0":
version: 2.7.0
resolution: "node-fetch@npm:2.7.0"
dependencies:
Expand Down

0 comments on commit 09bcf58

Please sign in to comment.