signal-desktop/app/permissions.ts
2021-06-18 10:04:27 -07:00

88 lines
2.6 KiB
TypeScript

// Copyright 2018-2020 Signal Messenger, LLC
// SPDX-License-Identifier: AGPL-3.0-only
// The list of permissions is here:
// https://electronjs.org/docs/api/session#sessetpermissionrequesthandlerhandler
import { session as ElectronSession } from 'electron';
import { ConfigType } from './config';
const PERMISSIONS: Record<string, boolean> = {
// Allowed
fullscreen: true, // required to show videos in full-screen
notifications: true, // required to show OS notifications for new messages
// Off by default, can be enabled by user
media: false, // required for access to microphone and camera, used for voice notes and calling
// Not allowed
geolocation: false,
midiSysex: false,
openExternal: false, // we don't need this; we open links via 'will-navigate' event
pointerLock: false,
};
function _createPermissionHandler(
userConfig: ConfigType
): Parameters<typeof ElectronSession.prototype.setPermissionRequestHandler>[0] {
return (_webContents, permission, callback, details): void => {
// We default 'media' permission to false, but the user can override that for
// the microphone and camera.
if (permission === 'media') {
if (
details.mediaTypes?.includes('audio') ||
details.mediaTypes?.includes('video')
) {
if (
details.mediaTypes?.includes('audio') &&
userConfig.get('mediaPermissions')
) {
callback(true);
return;
}
if (
details.mediaTypes?.includes('video') &&
userConfig.get('mediaCameraPermissions')
) {
callback(true);
return;
}
callback(false);
return;
}
// If it doesn't have 'video' or 'audio', it's probably screenshare.
// TODO: DESKTOP-1611
callback(true);
return;
}
if (PERMISSIONS[permission]) {
console.log(`Approving request for permission '${permission}'`);
callback(true);
return;
}
console.log(`Denying request for permission '${permission}'`);
callback(false);
};
}
export function installPermissionsHandler({
session,
userConfig,
}: {
session: typeof ElectronSession;
userConfig: ConfigType;
}): void {
// Setting the permission request handler to null first forces any permissions to be
// requested again. Without this, revoked permissions might still be available if
// they've already been used successfully.
session.defaultSession.setPermissionRequestHandler(null);
session.defaultSession.setPermissionRequestHandler(
_createPermissionHandler(userConfig)
);
}