Verifies app updates have same permissions as previously installed versions

2026-02-09 06:43:25 +01:00 · 2023-05-15 15:13:13 -05:00
parent ee410605e8
commit fd89f35246
3 changed files with 72 additions and 17 deletions
--- a/AltStore/Operations/VerifyAppOperation.swift
+++ b/AltStore/Operations/VerifyAppOperation.swift
@@ -104,14 +104,27 @@ private extension ALTEntitlement
    ]
 }

+extension VerifyAppOperation
+{
+    enum PermissionReviewMode
+    {
+        case none
+        case all
+        case added
+    }
+}
+
@objc(VerifyAppOperation)
 final class VerifyAppOperation: ResultOperation<Void>
 {
+    let permissionsMode: PermissionReviewMode
    let context: InstallAppOperationContext
+    
    var verificationHandler: ((VerificationError) -> Bool)?
    
-    init(context: InstallAppOperationContext)
+    init(permissionsMode: PermissionReviewMode, context: InstallAppOperationContext)
    {
+        self.permissionsMode = permissionsMode
        self.context = context
        
        super.init()
@@ -155,11 +168,7 @@ final class VerifyAppOperation: ResultOperation<Void>
                    
                    try await self.verifyHash(of: app, at: ipaURL, matches: appVersion)
                    try await self.verifyDownloadedVersion(of: app, matches: appVersion)
-                    
-                    if let storeApp = await self.context.$appVersion.app
-                    {
-                        try await self.verifyPermissions(of: app, match: storeApp)
-                    }
+                    try await self.verifyPermissions(of: app, match: appVersion)
                    
                    self.finish(.success(()))
                }
@@ -199,6 +208,33 @@ private extension VerifyAppOperation
        guard version == app.version else { throw VerificationError.mismatchedVersion(app.version, expectedVersion: version, app: app) }
    }
    
+    func verifyPermissions(of app: ALTApplication, @AsyncManaged match appVersion: AppVersion) async throws
+    {
+        guard self.permissionsMode != .none else { return }
+        guard let storeApp = await $appVersion.app else { throw OperationError.invalidParameters }
+        
+        // Verify source permissions match first.
+        let allPermissions = try await self.verifyPermissions(of: app, match: storeApp)
+        
+        switch self.permissionsMode
+        {
+        case .none, .all: break
+        case .added:
+            let installedAppURL = InstalledApp.fileURL(for: app)
+            guard let previousApp = ALTApplication(fileURL: installedAppURL) else { throw OperationError.appNotFound(name: app.name) }
+            
+            var previousEntitlements = Set(previousApp.entitlements.keys)
+            for appExtension in previousApp.appExtensions
+            {
+                previousEntitlements.formUnion(appExtension.entitlements.keys)
+            }
+            
+            // Make sure all entitlements already exist in previousApp.
+            let addedEntitlements = Array(allPermissions.lazy.compactMap { $0 as? ALTEntitlement }.filter { !previousEntitlements.contains($0) })
+            guard addedEntitlements.isEmpty else { throw VerificationError.addedPermissions(addedEntitlements, app: appVersion) }
+        }
+    }
+    
    @discardableResult
    func verifyPermissions(of app: ALTApplication, @AsyncManaged match storeApp: StoreApp) async throws -> [any ALTAppPermission]
    {