brl/gnome-shell
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

extensionSystem: Always enforce disallowing extensions using sessionMode

Browse Source 
It's currently possible to circumvent the `sessionMode.allowExtensions`
property: For already enabled extensions one can call reloadExtension
via DBus, for new extensions it's possible by adding the extension to
the enabled-extensions gsettings key and setting the
disable-extension-version-validation key (which triggers a reload of
`this._enabledExtensions`) and then calling reloadExtension via DBus.

So to enforce `allowExtensions` while still allowing to update
extensions and keeping the extensionSystem synced with various gsettings
keys, replace the checks for `this._enabled` with simple checks for
`Main.sessionMode.allowExtensions` inside `_callExtensionInit()` and
`_callExtensionEnable()`.

The remaining checks for `this._enabled` are only small optimizations to
prevent running code on irrelevant sessionMode updates.

https://gitlab.gnome.org/GNOME/gnome-shell/merge_requests/96
This commit is contained in:
Jonas Dreßler 2019-09-11 20:24:17 +02:00 committed by Florian Müllner
parent 4c93ef39fa
commit 2a9e065cfb
1 changed files with 9 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
js/ui/extensionSystem.js
View File

@ -98,6 +98,9 @@ var ExtensionManager = class {
} }
_callExtensionEnable(uuid) { _callExtensionEnable(uuid) {
if (!Main.sessionMode.allowExtensions)
return;
let extension = this.lookup(uuid); let extension = this.lookup(uuid);
if (!extension) if (!extension)
return; return;
@ -302,6 +305,9 @@ var ExtensionManager = class {
} }
_callExtensionInit(uuid) { _callExtensionInit(uuid) {
if (!Main.sessionMode.allowExtensions)
return;
let extension = this.lookup(uuid); let extension = this.lookup(uuid);
if (!extension) if (!extension)
throw new Error("Extension was not properly created. Call createExtensionObject first"); throw new Error("Extension was not properly created. Call createExtensionObject first");
@ -385,9 +391,6 @@ var ExtensionManager = class {
_onEnabledExtensionsChanged() { _onEnabledExtensionsChanged() {
let newEnabledExtensions = this._getEnabledExtensions(); let newEnabledExtensions = this._getEnabledExtensions();
if (!this._enabled)
return;
// Find and enable all the newly enabled extensions: UUIDs found in the // Find and enable all the newly enabled extensions: UUIDs found in the
// new setting, but not in the old one. // new setting, but not in the old one.
newEnabledExtensions.filter( newEnabledExtensions.filter(
@ -426,11 +429,9 @@ var ExtensionManager = class {
this.reloadExtension(extension); this.reloadExtension(extension);
this._enabledExtensions = this._getEnabledExtensions(); this._enabledExtensions = this._getEnabledExtensions();
if (Main.sessionMode.allowExtensions) { this._enabledExtensions.forEach(uuid => {
this._enabledExtensions.forEach(uuid => { this._callExtensionEnable(uuid);
this._callExtensionEnable(uuid); });
});
}
} }
_loadExtensions() { _loadExtensions() {