Add granular permission for clipboard-read/write

Previously, permissions for clipboard access could only be managed through the JavascriptCanAccessClipboard and JavascriptCanPaste settings. This change allows copy/paste to be handled the same way as notification and geolocation permissions. If both JavascriptCanAccessClipboard and JavascriptCanPaste are enabled, permissions will be granted unconditionally without a feature request being made. Fixes: QTBUG-77450 Change-Id: I383e27e244ced3d6b7988644e38d2307c6267f76 Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
author: Moss Heim <self@mossheim.net> 2023-12-13 13:39:16 +0100
committer: Moss Heim <moss.heim@qt.io> 2024-03-11 10:33:05 +0100
commit: fbb216fa3119d06f88744e18d3f4f53d64fcf523 (patch)
tree: 1f6c7cea4f33b2ac5cff000919ff0175768f9fd0 /tests
parent: 8064e40e070c2319dd87578bda5ad68b9abdbee0 (diff)
3 files changed, 154 insertions, 6 deletions
diff --git a/tests/auto/quick/publicapi/tst_publicapi.cpp b/tests/auto/quick/publicapi/tst_publicapi.cpp
index b828cfbaa..5efb5fcc8 100644
--- a/tests/auto/quick/publicapi/tst_publicapi.cpp
+++ b/tests/auto/quick/publicapi/tst_publicapi.cpp
@@ -531,6 +531,7 @@ static const QStringList expectedAPI = QStringList()
     << "QQuickWebEngineView.CertificateErrorDomain --> ErrorDomain"
     << "QQuickWebEngineView.ChangeTextDirectionLTR --> WebAction"
     << "QQuickWebEngineView.ChangeTextDirectionRTL --> WebAction"
+    << "QQuickWebEngineView.ClipboardReadWrite --> Feature"
     << "QQuickWebEngineView.Comm10E --> PrintedPageSizeId"
     << "QQuickWebEngineView.ConnectionErrorDomain --> ErrorDomain"
     << "QQuickWebEngineView.Copy --> WebAction"
diff --git a/tests/auto/quick/qquickwebengineview/tst_qquickwebengineview.cpp b/tests/auto/quick/qquickwebengineview/tst_qquickwebengineview.cpp
index b73716130..dbfa1cb33 100644
--- a/tests/auto/quick/qquickwebengineview/tst_qquickwebengineview.cpp
+++ b/tests/auto/quick/qquickwebengineview/tst_qquickwebengineview.cpp
@@ -1152,9 +1152,9 @@ void tst_QQuickWebEngineView::javascriptClipboard()
                 "if (result.state == 'prompt') accessPrompt = true;"
             "})"));
 
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessGranted").toBool(), copyResult);
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessDenied").toBool(), !javascriptCanAccessClipboard);
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessPrompt").toBool(), false);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessGranted").toBool(), javascriptCanAccessClipboard && javascriptCanPaste);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessDenied").toBool(), false);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessPrompt").toBool(), !javascriptCanAccessClipboard || !javascriptCanPaste);
 
     evaluateJavaScriptSync(view,
         QStringLiteral(
@@ -1168,9 +1168,9 @@ void tst_QQuickWebEngineView::javascriptClipboard()
                 "if (result.state == 'prompt') accessPrompt = true;"
             "})"));
 
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessGranted").toBool(), pasteResult);
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessDenied").toBool(), !javascriptCanAccessClipboard || !javascriptCanPaste);
-    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessPrompt").toBool(), false);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessGranted").toBool(), javascriptCanAccessClipboard && javascriptCanPaste);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessDenied").toBool(), false);
+    QTRY_COMPARE(evaluateJavaScriptSync(view, "accessPrompt").toBool(), !javascriptCanAccessClipboard || !javascriptCanPaste);
 }
 
 void tst_QQuickWebEngineView::setProfile() {
diff --git a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp
index bafba5951..a40b2a93d 100644
--- a/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp
+++ b/tests/auto/widgets/qwebenginepage/tst_qwebenginepage.cpp
@@ -234,6 +234,10 @@ private Q_SLOTS:
     void notificationPermission_data();
     void notificationPermission();
     void sendNotification();
+    void clipboardReadWritePermissionInitialState_data();
+    void clipboardReadWritePermissionInitialState();
+    void clipboardReadWritePermission_data();
+    void clipboardReadWritePermission();
     void contentsSize();
 
     void setLifecycleState();
@@ -3888,6 +3892,149 @@ void tst_QWebEnginePage::sendNotification()
     QTRY_VERIFY2(page.messages.contains("onclose"), page.messages.join("\n").toLatin1().constData());
 }
 
+static QString clipboardPermissionQuery(QString variableName, QString permissionName)
+{
+    return QString("var %1; navigator.permissions.query({ name:'%2' }).then((p) => { %1 = p.state; "
+                   "});")
+            .arg(variableName)
+            .arg(permissionName);
+}
+
+
+void tst_QWebEnginePage::clipboardReadWritePermissionInitialState_data()
+{
+    QTest::addColumn<bool>("canAccessClipboard");
+    QTest::addColumn<bool>("canPaste");
+    QTest::addColumn<QString>("permission");
+    QTest::newRow("access and paste should grant") << true << true << "granted";
+    QTest::newRow("no access should prompt") << false << true << "prompt";
+    QTest::newRow("no paste should prompt") << true << false << "prompt";
+    QTest::newRow("no access or paste should prompt") << false << false << "prompt";
+}
+
+void tst_QWebEnginePage::clipboardReadWritePermissionInitialState()
+{
+    QFETCH(bool, canAccessClipboard);
+    QFETCH(bool, canPaste);
+    QFETCH(QString, permission);
+
+    QWebEngineProfile otr;
+    QWebEngineView view(&otr);
+    QWebEnginePage &page = *view.page();
+    view.settings()->setAttribute(QWebEngineSettings::FocusOnNavigationEnabled, true);
+    page.settings()->setAttribute(QWebEngineSettings::JavascriptCanAccessClipboard,
+                                  canAccessClipboard);
+    page.settings()->setAttribute(QWebEngineSettings::JavascriptCanPaste, canPaste);
+
+    QSignalSpy spy(&page, &QWebEnginePage::loadFinished);
+    QUrl baseUrl("https://www.example.com/somepage.html");
+    page.setHtml(QString("<html><body>Test</body></html>"), baseUrl);
+    QTRY_COMPARE(spy.size(), 1);
+
+    evaluateJavaScriptSync(&page, clipboardPermissionQuery("readPermission", "clipboard-read"));
+    QCOMPARE(evaluateJavaScriptSync(&page, QStringLiteral("readPermission")), permission);
+    evaluateJavaScriptSync(&page, clipboardPermissionQuery("writePermission", "clipboard-write"));
+    QCOMPARE(evaluateJavaScriptSync(&page, QStringLiteral("writePermission")), permission);
+}
+
+void tst_QWebEnginePage::clipboardReadWritePermission_data()
+{
+    QTest::addColumn<bool>("canAccessClipboard");
+    QTest::addColumn<QWebEnginePage::PermissionPolicy>("initialPolicy");
+    QTest::addColumn<QString>("initialPermission");
+    QTest::addColumn<QWebEnginePage::PermissionPolicy>("requestPolicy");
+    QTest::addColumn<QString>("finalPermission");
+
+    QTest::newRow("noAccessGrantGrant")
+            << false << QWebEnginePage::PermissionGrantedByUser << "granted"
+            << QWebEnginePage::PermissionGrantedByUser << "granted";
+    QTest::newRow("noAccessGrantDeny")
+            << false << QWebEnginePage::PermissionGrantedByUser << "granted"
+            << QWebEnginePage::PermissionDeniedByUser << "denied";
+    QTest::newRow("noAccessDenyGrant")
+            << false << QWebEnginePage::PermissionDeniedByUser << "denied"
+            << QWebEnginePage::PermissionGrantedByUser << "granted";
+    QTest::newRow("noAccessDenyDeny") << false << QWebEnginePage::PermissionDeniedByUser << "denied"
+                                      << QWebEnginePage::PermissionDeniedByUser << "denied";
+    QTest::newRow("noAccessAskGrant") << false << QWebEnginePage::PermissionUnknown << "prompt"
+                                      << QWebEnginePage::PermissionGrantedByUser << "granted";
+
+    // All policies are ignored and overridden by setting JsCanAccessClipboard and JsCanPaste to
+    // true
+    QTest::newRow("accessGrantGrant")
+            << true << QWebEnginePage::PermissionGrantedByUser << "granted"
+            << QWebEnginePage::PermissionGrantedByUser << "granted";
+    QTest::newRow("accessDenyDeny") << true << QWebEnginePage::PermissionDeniedByUser << "granted"
+                                    << QWebEnginePage::PermissionDeniedByUser << "granted";
+    QTest::newRow("accessAskAsk") << true << QWebEnginePage::PermissionUnknown << "granted"
+                                  << QWebEnginePage::PermissionUnknown << "granted";
+}
+
+void tst_QWebEnginePage::clipboardReadWritePermission()
+{
+    QFETCH(bool, canAccessClipboard);
+    QFETCH(QWebEnginePage::PermissionPolicy, initialPolicy);
+    QFETCH(QString, initialPermission);
+    QFETCH(QWebEnginePage::PermissionPolicy, requestPolicy);
+    QFETCH(QString, finalPermission);
+
+    QWebEngineProfile otr;
+    QWebEngineView view(&otr);
+    QWebEnginePage &page = *view.page();
+    view.settings()->setAttribute(QWebEngineSettings::FocusOnNavigationEnabled, true);
+    page.settings()->setAttribute(QWebEngineSettings::JavascriptCanAccessClipboard,
+                                  canAccessClipboard);
+    page.settings()->setAttribute(QWebEngineSettings::JavascriptCanPaste, true);
+
+    QUrl baseUrl("https://www.example.com/somepage.html");
+
+    int permissionRequestCount = 0;
+    bool errorState = false;
+
+    // if JavascriptCanAccessClipboard is true, this never fires
+    connect(&page, &QWebEnginePage::featurePermissionRequested, &page,
+            [&](const QUrl &o, QWebEnginePage::Feature f) {
+                if (f != QWebEnginePage::ClipboardReadWrite)
+                    return;
+                if (o != baseUrl.url(QUrl::RemoveFilename)) {
+                    qWarning() << "Unexpected case. Can't proceed." << o;
+                    errorState = true;
+                    return;
+                }
+                permissionRequestCount++;
+                page.setFeaturePermission(o, f, requestPolicy);
+            });
+
+    page.setFeaturePermission(baseUrl, QWebEnginePage::ClipboardReadWrite, initialPolicy);
+
+    QSignalSpy spy(&page, &QWebEnginePage::loadFinished);
+    page.setHtml(QString("<html><body>Test</body></html>"), baseUrl);
+    QTRY_COMPARE(spy.size(), 1);
+
+    evaluateJavaScriptSync(&page, clipboardPermissionQuery("readPermission", "clipboard-read"));
+    QCOMPARE(evaluateJavaScriptSync(&page, QStringLiteral("readPermission")), initialPermission);
+    evaluateJavaScriptSync(&page, clipboardPermissionQuery("writePermission", "clipboard-write"));
+    QCOMPARE(evaluateJavaScriptSync(&page, QStringLiteral("writePermission")), initialPermission);
+
+    auto triggerRequest = [&page](QString variableName, QString apiCall)
+    {
+        auto js = QString("var %1; navigator.clipboard.%2.then((v) => { %1 = 'granted' }, (v) => { %1 = "
+                "'denied' });")
+            .arg(variableName)
+            .arg(apiCall);
+        evaluateJavaScriptSync(&page, js);
+    };
+
+    // permission is not 'remembered' from api standpoint, hence is not suppressed on explicit call
+    // from JS
+    triggerRequest("readState", "readText()");
+    QTRY_COMPARE(evaluateJavaScriptSync(&page, "readState"), finalPermission);
+    triggerRequest("writeState", "writeText('foo')");
+    QTRY_COMPARE(evaluateJavaScriptSync(&page, "writeState"), finalPermission);
+    QCOMPARE(permissionRequestCount, canAccessClipboard ? 0 : 2);
+    QVERIFY(!errorState);
+}
+
 void tst_QWebEnginePage::contentsSize()
 {
     m_view->resize(800, 600);
author	Moss Heim <self@mossheim.net>	2023-12-13 13:39:16 +0100
committer	Moss Heim <moss.heim@qt.io>	2024-03-11 10:33:05 +0100
commit	fbb216fa3119d06f88744e18d3f4f53d64fcf523 (patch)
tree	1f6c7cea4f33b2ac5cff000919ff0175768f9fd0 /tests
parent	8064e40e070c2319dd87578bda5ad68b9abdbee0 (diff)