Verifies app updates have same permissions as previously installed versions

2026-02-10 15:23:27 +01:00 · 2023-05-15 15:13:13 -05:00
parent ee410605e8
commit fd89f35246
3 changed files with 72 additions and 17 deletions
--- a/AltStore/Operations/VerificationError.swift
+++ b/AltStore/Operations/VerificationError.swift
@@ -25,6 +25,7 @@ extension VerificationError
        case mismatchedVersion = 4
        
        case undeclaredPermissions = 6
+        case addedPermissions = 7
    }
    
    static func mismatchedBundleIdentifiers(sourceBundleID: String, app: ALTApplication) -> VerificationError {
@@ -46,6 +47,10 @@ extension VerificationError
    static func undeclaredPermissions(_ permissions: [any ALTAppPermission], app: AppProtocol) -> VerificationError {
        VerificationError(code: .undeclaredPermissions, app: app, permissions: permissions)
    }
+    
+    static func addedPermissions(_ permissions: [any ALTAppPermission], app: AppProtocol) -> VerificationError {
+        VerificationError(code: .addedPermissions, app: app, permissions: permissions)
+    }
 }

 struct VerificationError: ALTLocalizedError
@@ -142,6 +147,10 @@ struct VerificationError: ALTLocalizedError
        case .undeclaredPermissions:
            let appName = self.$app.name ?? NSLocalizedString("The app", comment: "")
            return String(format: NSLocalizedString("%@ requires additional permissions not specified by the source.", comment: ""), appName)
+            
+        case .addedPermissions:
+            let appName = self.$app.name ?? NSLocalizedString("The app", comment: "")
+            return String(format: NSLocalizedString("%@ requires more permissions than the version that is already installed.", comment: ""), appName)
        }
    }
    
--- a/AltStore/Operations/VerifyAppOperation.swift
+++ b/AltStore/Operations/VerifyAppOperation.swift
@@ -104,14 +104,27 @@ private extension ALTEntitlement
    ]
 }

+extension VerifyAppOperation
+{
+    enum PermissionReviewMode
+    {
+        case none
+        case all
+        case added
+    }
+}
+
@objc(VerifyAppOperation)
 final class VerifyAppOperation: ResultOperation<Void>
 {
+    let permissionsMode: PermissionReviewMode
    let context: InstallAppOperationContext
+    
    var verificationHandler: ((VerificationError) -> Bool)?
    
-    init(context: InstallAppOperationContext)
+    init(permissionsMode: PermissionReviewMode, context: InstallAppOperationContext)
    {
+        self.permissionsMode = permissionsMode
        self.context = context
        
        super.init()
@@ -155,11 +168,7 @@ final class VerifyAppOperation: ResultOperation<Void>
                    
                    try await self.verifyHash(of: app, at: ipaURL, matches: appVersion)
                    try await self.verifyDownloadedVersion(of: app, matches: appVersion)
-                    
-                    if let storeApp = await self.context.$appVersion.app
-                    {
-                        try await self.verifyPermissions(of: app, match: storeApp)
-                    }
+                    try await self.verifyPermissions(of: app, match: appVersion)
                    
                    self.finish(.success(()))
                }
@@ -199,6 +208,33 @@ private extension VerifyAppOperation
        guard version == app.version else { throw VerificationError.mismatchedVersion(app.version, expectedVersion: version, app: app) }
    }
    
+    func verifyPermissions(of app: ALTApplication, @AsyncManaged match appVersion: AppVersion) async throws
+    {
+        guard self.permissionsMode != .none else { return }
+        guard let storeApp = await $appVersion.app else { throw OperationError.invalidParameters }
+        
+        // Verify source permissions match first.
+        let allPermissions = try await self.verifyPermissions(of: app, match: storeApp)
+        
+        switch self.permissionsMode
+        {
+        case .none, .all: break
+        case .added:
+            let installedAppURL = InstalledApp.fileURL(for: app)
+            guard let previousApp = ALTApplication(fileURL: installedAppURL) else { throw OperationError.appNotFound(name: app.name) }
+            
+            var previousEntitlements = Set(previousApp.entitlements.keys)
+            for appExtension in previousApp.appExtensions
+            {
+                previousEntitlements.formUnion(appExtension.entitlements.keys)
+            }
+            
+            // Make sure all entitlements already exist in previousApp.
+            let addedEntitlements = Array(allPermissions.lazy.compactMap { $0 as? ALTEntitlement }.filter { !previousEntitlements.contains($0) })
+            guard addedEntitlements.isEmpty else { throw VerificationError.addedPermissions(addedEntitlements, app: appVersion) }
+        }
+    }
+    
    @discardableResult
    func verifyPermissions(of app: ALTApplication, @AsyncManaged match storeApp: StoreApp) async throws -> [any ALTAppPermission]
    {