Verifies app updates have same permissions as previously installed versions

2026-02-09 06:43:25 +01:00 · 2023-05-15 15:13:13 -05:00
parent ee410605e8
commit fd89f35246
3 changed files with 72 additions and 17 deletions
--- a/Apps/AppManager.swift
+++ b/Apps/AppManager.swift
@@ -988,12 +988,18 @@ private extension AppManager
                switch operation
                {
-                case .install(let app), .update(let app):
+                case .install(let app):
-                    let installProgress = self._install(app, operation: operation, group: group) { (result) in
+                    let installProgress = self._install(app, operation: operation, group: group, reviewPermissions: .all) { (result) in
                        self.finish(operation, result: result, group: group, progress: progress)
                    }
                    progress?.addChild(installProgress, withPendingUnitCount: 80)
                case .update(let app):
                    let updateProgress = self._install(app, operation: operation, group: group, reviewPermissions: .added) { (result) in
                        self.finish(operation, result: result, group: group, progress: progress)
                    }
                    progress?.addChild(updateProgress, withPendingUnitCount: 80)
                case .activate(let app) where UserDefaults.standard.isLegacyDeactivationSupported: fallthrough
                case .refresh(let app):
                    // Check if backup app is installed in place of real app.
@@ -1258,11 +1264,6 @@ private extension AppManager
            {
                let app = try result.get()
                context.app = app
                if cacheApp
                {
                    try FileManager.default.copyItem(at: app.fileURL, to: InstalledApp.fileURL(for: app), shouldReplace: true)
                }
            }
            catch
            {
@@ -1273,12 +1274,21 @@ private extension AppManager
        /* Verify App */
-        let verifyOperation = VerifyAppOperation(context: context)
+        let verifyOperation = VerifyAppOperation(permissionsMode: permissionReviewMode, context: context)
        verifyOperation.resultHandler = { (result) in
-            switch result
+            do
            {
-            case .failure(let error): context.error = error
+                try result.get()
-            case .success: break
+                
                // Wait until we've finished verifying app before caching it.
                if let app = context.app, cacheApp
                {
                    try FileManager.default.copyItem(at: app.fileURL, to: InstalledApp.fileURL(for: app), shouldReplace: true)
                }
            }
            catch
            {
                context.error = error
            }
        }
        verifyOperation.addDependency(downloadOperation)
--- a/AltStore/Operations/VerificationError.swift
+++ b/AltStore/Operations/VerificationError.swift
@@ -25,6 +25,7 @@ extension VerificationError
        case mismatchedVersion = 4
        case undeclaredPermissions = 6
        case addedPermissions = 7
    }
    static func mismatchedBundleIdentifiers(sourceBundleID: String, app: ALTApplication) -> VerificationError {
@@ -46,6 +47,10 @@ extension VerificationError
    static func undeclaredPermissions(_ permissions: [any ALTAppPermission], app: AppProtocol) -> VerificationError {
        VerificationError(code: .undeclaredPermissions, app: app, permissions: permissions)
    }
    static func addedPermissions(_ permissions: [any ALTAppPermission], app: AppProtocol) -> VerificationError {
        VerificationError(code: .addedPermissions, app: app, permissions: permissions)
    }
 }
 struct VerificationError: ALTLocalizedError
@@ -142,6 +147,10 @@ struct VerificationError: ALTLocalizedError
        case .undeclaredPermissions:
            let appName = self.$app.name ?? NSLocalizedString("The app", comment: "")
            return String(format: NSLocalizedString("%@ requires additional permissions not specified by the source.", comment: ""), appName)
        case .addedPermissions:
            let appName = self.$app.name ?? NSLocalizedString("The app", comment: "")
            return String(format: NSLocalizedString("%@ requires more permissions than the version that is already installed.", comment: ""), appName)
        }
    }
--- a/AltStore/Operations/VerifyAppOperation.swift
+++ b/AltStore/Operations/VerifyAppOperation.swift
@@ -104,14 +104,27 @@ private extension ALTEntitlement
    ]
 }
 extension VerifyAppOperation
 {
    enum PermissionReviewMode
    {
        case none
        case all
        case added
    }
 }
@objc(VerifyAppOperation)
 final class VerifyAppOperation: ResultOperation<Void>
 {
    let permissionsMode: PermissionReviewMode
    let context: InstallAppOperationContext
    var verificationHandler: ((VerificationError) -> Bool)?
-    init(context: InstallAppOperationContext)
+    init(permissionsMode: PermissionReviewMode, context: InstallAppOperationContext)
    {
        self.permissionsMode = permissionsMode
        self.context = context
        super.init()
@@ -155,11 +168,7 @@ final class VerifyAppOperation: ResultOperation<Void>
                    try await self.verifyHash(of: app, at: ipaURL, matches: appVersion)
                    try await self.verifyDownloadedVersion(of: app, matches: appVersion)
-                    
+                    try await self.verifyPermissions(of: app, match: appVersion)
                    if let storeApp = await self.context.$appVersion.app
                    {
                        try await self.verifyPermissions(of: app, match: storeApp)
                    }
                    self.finish(.success(()))
                }
@@ -199,6 +208,33 @@ private extension VerifyAppOperation
        guard version == app.version else { throw VerificationError.mismatchedVersion(app.version, expectedVersion: version, app: app) }
    }
    func verifyPermissions(of app: ALTApplication, @AsyncManaged match appVersion: AppVersion) async throws
    {
        guard self.permissionsMode != .none else { return }
        guard let storeApp = await $appVersion.app else { throw OperationError.invalidParameters }
        // Verify source permissions match first.
        let allPermissions = try await self.verifyPermissions(of: app, match: storeApp)
        switch self.permissionsMode
        {
        case .none, .all: break
        case .added:
            let installedAppURL = InstalledApp.fileURL(for: app)
            guard let previousApp = ALTApplication(fileURL: installedAppURL) else { throw OperationError.appNotFound(name: app.name) }
            var previousEntitlements = Set(previousApp.entitlements.keys)
            for appExtension in previousApp.appExtensions
            {
                previousEntitlements.formUnion(appExtension.entitlements.keys)
            }
            // Make sure all entitlements already exist in previousApp.
            let addedEntitlements = Array(allPermissions.lazy.compactMap { $0 as? ALTEntitlement }.filter { !previousEntitlements.contains($0) })
            guard addedEntitlements.isEmpty else { throw VerificationError.addedPermissions(addedEntitlements, app: appVersion) }
        }
    }
    @discardableResult
    func verifyPermissions(of app: ALTApplication, @AsyncManaged match storeApp: StoreApp) async throws -> [any ALTAppPermission]
    {