Merge remote-tracking branch 'origin/ui-2' into ui-2

js/src/DappRequests/Request/index.js

@@ -0,0 +1,17 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+export default from './request';

js/src/DappRequests/Request/request.js

@@ -0,0 +1,82 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import React from 'react';
+import PropTypes from 'prop-types';
+import { FormattedMessage } from 'react-intl';
+
+import { Button } from '@parity/ui';
+
+import DappsStore from '../../Dapps/dappsStore';
+
+export default function Request ({ appId, className, approveRequest, denyRequest, queueId, request: { from, method } }) {
+  const _onApprove = () => approveRequest(queueId, false);
+  const _onApproveAll = () => approveRequest(queueId, true);
+  const _onReject = () => denyRequest(queueId);
+
+  const app = DappsStore.get().getAppById(appId);
+
+  return (
+    <div className={ className }>
+      <FormattedMessage
+        id='dappRequests.request.info'
+        defaultMessage='Received request for {method} from {appName}'
+        values={ {
+          appName: app.name,
+          method
+        } }
+      />
+      <div>
+        <Button
+          label={
+            <FormattedMessage
+              id='dappRequests.request.buttons.approve'
+              defaultMessage='Approve'
+            />
+          }
+          onClick={ _onApprove }
+        />
+        <Button
+          label={
+            <FormattedMessage
+              id='dappRequests.request.buttons.approveAll'
+              defaultMessage='Approve All'
+            />
+          }
+          onClick={ _onApproveAll }
+        />
+        <Button
+          label={
+            <FormattedMessage
+              id='dappRequests.request.buttons.reject'
+              defaultMessage='Reject'
+            />
+          }
+          onClick={ _onReject }
+        />
+      </div>
+    </div>
+  );
+}
+
+Request.propTypes = {
+  appId: PropTypes.string.isRequired,
+  className: PropTypes.string,
+  approveRequest: PropTypes.func.isRequired,
+  denyRequest: PropTypes.func.isRequired,
+  queueId: PropTypes.number.isRequired,
+  request: PropTypes.object.isRequired
+};

js/src/DappRequests/dappRequests.css

@@ -0,0 +1,37 @@
+/* Copyright 2015-2017 Parity Technologies (UK) Ltd.
+/* This file is part of Parity.
+/*
+/* Parity is free software: you can redistribute it and/or modify
+/* it under the terms of the GNU General Public License as published by
+/* the Free Software Foundation, either version 3 of the License, or
+/* (at your option) any later version.
+/*
+/* Parity is distributed in the hope that it will be useful,
+/* but WITHOUT ANY WARRANTY; without even the implied warranty of
+/* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+/* GNU General Public License for more details.
+/*
+/* You should have received a copy of the GNU General Public License
+/* along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+*/
+
+.requests {
+  background: #f80;
+  color: white;
+  position: fixed;
+  left: 0;
+  right: 0;
+  top: 0;
+  z-index: 760; /* sits above requests */
+
+  .request {
+    align-items: center;
+    display: flex;
+    justify-content: flex-end;
+    padding: 0.5em;
+
+    > span {
+      margin-right: 1em;
+    }
+  }
+}

js/src/DappRequests/dappRequests.js

@@ -0,0 +1,50 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import { observer } from 'mobx-react';
+import React from 'react';
+
+import Request from './Request';
+import Store from './store';
+import styles from './dappRequests.css';
+
+function DappRequests () {
+  const store = Store.get();
+
+  if (!store || !store.hasRequests) {
+    return null;
+  }
+
+  return (
+    <div className={ styles.requests }>
+      {
+        store.squashedRequests.map(({ appId, queueId, request: { data } }) => (
+          <Request
+            appId={ appId }
+            className={ styles.request }
+            approveRequest={ store.approveRequest }
+            denyRequest={ store.rejectRequest }
+            key={ queueId }
+            queueId={ queueId }
+            request={ data }
+          />
+        ))
+      }
+    </div>
+  );
+}
+
+export default observer(DappRequests);

js/src/DappRequests/filteredRequests.js

@@ -0,0 +1,78 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+export default {
+  shell: {
+    methods: [
+      'shell_getApps',
+      'shell_getFilteredMethods',
+      'shell_getMethodPermissions',
+      'shell_setAppVisibility',
+      'shell_setMethodPermissions'
+    ]
+  },
+  accountsView: {
+    methods: [
+      'parity_accountsInfo',
+      'parity_allAccountsInfo'
+    ]
+  },
+  accountsCreate: {
+    methods: [
+      'parity_generateSecretPhrase',
+      'parity_importGethAccounts',
+      'parity_listGethAccounts',
+      'parity_newAccountFromPhrase',
+      'parity_newAccountFromSecret',
+      'parity_newAccountFromWallet',
+      'parity_phraseToAddress'
+    ]
+  },
+  accountsEdit: {
+    methods: [
+      'parity_setAccountName',
+      'parity_setAccountMeta'
+    ]
+  },
+  upgrade: {
+    methods: [
+      'parity_consensusCapability',
+      'parity_executeUpgrade',
+      'parity_upgradeReady',
+      'parity_versionInfo'
+    ]
+  },
+  vaults: {
+    methods: [
+      'parity_changeVault',
+      'parity_changeVaultPassword',
+      'parity_closeVault',
+      'parity_getVaultMeta',
+      'parity_listVaults',
+      'parity_listOpenedVaults',
+      'parity_newVault',
+      'parity_openVault',
+      'parity_setVaultMeta'
+    ]
+  },
+  other: {
+    methods: [
+      'parity_checkRequest',
+      'parity_hashContent',
+      'parity_localTransactions'
+    ]
+  }
+};

js/src/DappRequests/index.js

@@ -0,0 +1,28 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import Store from './store';
+
+function setupProviderFilters (provider) {
+  return Store.create(provider);
+}
+
+export default from './dappRequests';
+
+export {
+  Store,
+  setupProviderFilters
+};

js/src/DappRequests/store.js

@@ -0,0 +1,278 @@
+// Copyright 2015-2017 Parity Technologies (UK) Ltd.
+// This file is part of Parity.
+
+// Parity is free software: you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation, either version 3 of the License, or
+// (at your option) any later version.
+
+// Parity is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+
+// You should have received a copy of the GNU General Public License
+// along with Parity.  If not, see <http://www.gnu.org/licenses/>.
+
+import { flatten } from 'lodash';
+import { action, computed, observable } from 'mobx';
+import store from 'store';
+
+import { sha3 } from '@parity/api/util/sha3';
+
+import VisibleStore from '../Dapps/dappsStore';
+import filteredRequests from './filteredRequests';
+
+const LS_PERMISSIONS = '_parity::dapps::methods';
+
+let nextQueueId = 0;
+
+export default class Store {
+  @observable permissions = {};
+  @observable requests = [];
+  @observable tokens = {};
+
+  constructor (provider) {
+    this.provider = provider;
+    this.permissions = store.get(LS_PERMISSIONS) || {};
+
+    window.addEventListener('message', this.receiveMessage, false);
+  }
+
+  @computed get hasRequests () {
+    return this.requests.length !== 0;
+  }
+
+  @computed get squashedRequests () {
+    const duplicates = {};
+
+    return this.requests.filter(({ request: { data: { method, token } } }) => {
+      const section = this.getFilteredSectionName(method);
+      const id = `${token}:${section}`;
+
+      if (!duplicates[id]) {
+        duplicates[id] = true;
+        return true;
+      }
+
+      return false;
+    });
+  }
+
+  @action createToken = (appId) => {
+    const token = sha3(`${appId}:${Date.now()}`);
+
+    this.tokens = Object.assign({}, this.tokens, {
+      [token]: appId
+    });
+
+    return token;
+  }
+
+  @action removeRequest = (_queueId) => {
+    this.requests = this.requests.filter(({ queueId }) => queueId !== _queueId);
+  }
+
+  @action queueRequest = (request) => {
+    const appId = this.tokens[request.data.from];
+    let queueId = ++nextQueueId;
+
+    this.requests = this.requests.concat([{ appId, queueId, request }]);
+  }
+
+  @action addTokenPermission = (method, token) => {
+    const id = `${method}:${this.tokens[token]}`;
+
+    this.permissions = Object.assign({}, this.permissions, {
+      [id]: true
+    });
+    this.savePermissions();
+  }
+
+  @action approveSingleRequest = ({ queueId, request: { data, source } }) => {
+    this.removeRequest(queueId);
+    if (data.api) {
+      this.executePubsubCall(data, source);
+    } else {
+      this.executeMethodCall(data, source);
+    }
+  }
+
+  @action approveRequest = (queueId, approveAll) => {
+    const queued = this.findRequest(queueId);
+
+    if (approveAll) {
+      const { request: { data: { method, token, params } } } = queued;
+
+      this.getFilteredSection(method || params[0]).methods.forEach((m) => {
+        this.addTokenPermission(m, token);
+        this.findMatchingRequests(m, token).forEach(this.approveSingleRequest);
+      });
+    } else {
+      this.approveSingleRequest(queued);
+    }
+  }
+
+  @action rejectRequest = (queueId) => {
+    const { request: { data: { id, method, token }, source } } = this.findRequest(queueId);
+
+    this.removeRequest(queueId);
+    source.postMessage({
+      error: `Method ${method} not allowed`,
+      id,
+      from: 'shell',
+      result: null,
+      token
+    }, '*');
+  }
+
+  @action setPermissions = (_permissions) => {
+    const permissions = {};
+
+    Object.keys(_permissions).forEach((id) => {
+      permissions[id] = !!_permissions[id];
+    });
+
+    this.permissions = Object.assign({}, this.permissions, permissions);
+    this.savePermissions();
+
+    return true;
+  }
+
+  hasTokenPermission = (method, token) => {
+    return this.hasAppPermission(method, this.tokens[token]);
+  }
+
+  hasAppPermission = (method, appId) => {
+    return this.permissions[`${method}:${appId}`] || false;
+  }
+
+  savePermissions = () => {
+    store.set(LS_PERMISSIONS, this.permissions);
+  }
+
+  findRequest (_queueId) {
+    return this.requests.find(({ queueId }) => queueId === _queueId);
+  }
+
+  findMatchingRequests (_method, _token) {
+    return this.requests.filter(({ request: { data: { method, token, params } } }) => (method === _method || (params && params[0] === _method)) && token === _token);
+  }
+
+  _methodCallbackPost = (id, source, token) => {
+    return (error, result) => {
+      source.postMessage({
+        error: error
+          ? error.message
+          : null,
+        id,
+        from: 'shell',
+        result,
+        token
+      }, '*');
+    };
+  }
+
+  executePubsubCall = ({ api, id, token, params }, source) => {
+    const callback = this._methodCallbackPost(id, source, token);
+
+    // TODO: enable security pubsub
+    this.provider.subscribe(api, callback, params).then((v, e) => {
+      console.log('Error and result', v, e);
+      this._methodCallbackPost(id, source, token)(null, v);
+    });
+  }
+
+  executeMethodCall = ({ id, from, method, params, token }, source) => {
+    const visibleStore = VisibleStore.get();
+    const callback = this._methodCallbackPost(id, source, token);
+
+    switch (method) {
+      case 'shell_getApps':
+        const [displayAll] = params;
+
+        return callback(null, displayAll
+          ? visibleStore.allApps.slice()
+          : visibleStore.visibleApps.slice()
+        );
+
+      case 'shell_getFilteredMethods':
+        return callback(null, flatten(
+          Object
+            .keys(filteredRequests)
+            .map((key) => filteredRequests[key].methods)
+        ));
+
+      case 'shell_getMethodPermissions':
+        return callback(null, this.permissions);
+
+      case 'shell_setAppVisibility':
+        const [appId, visibility] = params;
+
+        return callback(null, visibility
+          ? visibleStore.showApp(appId)
+          : visibleStore.hideApp(appId)
+        );
+
+      case 'shell_setMethodPermissions':
+        const [permissions] = params;
+
+        return callback(null, this.setPermissions(permissions));
+
+      default:
+        return this.provider.send(method, params, callback);
+    }
+  }
+
+  getFilteredSectionName = (method) => {
+    return Object.keys(filteredRequests).find((key) => {
+      return filteredRequests[key].methods.includes(method);
+    });
+  }
+
+  getFilteredSection = (method) => {
+    return filteredRequests[this.getFilteredSectionName(method)];
+  }
+
+  receiveMessage = ({ data, origin, source }) => {
+    if (!data) {
+      return;
+    }
+
+    const { from, method, token, params, api, subId, id } = data;
+
+    if (!from || from === 'shell' || from !== token) {
+      return;
+    }
+
+    if ((method && this.getFilteredSection(method) && !this.hasTokenPermission(method, token)) ||
+        (api && this.getFilteredSection(params[0]) && !this.hasTokenPermission(method, token))) {
+      this.queueRequest({ data, origin, source });
+      return;
+    }
+    if (api) {
+      console.log('apiCall', data);
+      this.executePubsubCall(data, source);
+    } else if (subId) {
+      subId === '*'
+        ? this.provider.unsubscribeAll().then(v => this._methodCallbackPost(id, source, token)(null, v))
+        : this.provider.unsubscribe(subId).then(v => this._methodCallbackPost(id, source, token)(null, v));
+    } else {
+      this.executeMethodCall(data, source);
+    }
+  }
+
+  static instance = null;
+
+  static create (provider) {
+    if (!Store.instance) {
+      Store.instance = new Store(provider, {});
+    }
+
+    return Store.instance;
+  }
+
+  static get () {
+    return Store.instance;
+  }
+}