From 887e09337f0cbf3de6b7d11fb3699f3395af0422 Mon Sep 17 00:00:00 2001
From: CUB3D <callumthom11@gmail.com>
Date: Fri, 29 May 2020 04:29:15 +0100
Subject: [PATCH] core: Add dummy impl of System.security

---
 core/src/avm1/globals.rs                 |  1 +
 core/src/avm1/globals/system.rs          | 24 ++++++-
 core/src/avm1/globals/system_security.rs | 90 ++++++++++++++++++++++++
 3 files changed, 114 insertions(+), 1 deletion(-)
 create mode 100644 core/src/avm1/globals/system_security.rs

diff --git a/core/src/avm1/globals.rs b/core/src/avm1/globals.rs
index d61260e62..17aabae4b 100644
--- a/core/src/avm1/globals.rs
+++ b/core/src/avm1/globals.rs
@@ -32,6 +32,7 @@ pub(crate) mod system_capabilities;
 pub(crate) mod system;
 pub(crate) mod text_field;
 pub(crate) mod system_ime;
+pub(crate) mod system_security;
 mod text_format;
 mod xml;
 
diff --git a/core/src/avm1/globals/system.rs b/core/src/avm1/globals/system.rs
index 9d30351dd..172fde9f0 100644
--- a/core/src/avm1/globals/system.rs
+++ b/core/src/avm1/globals/system.rs
@@ -9,6 +9,25 @@ use std::convert::TryFrom;
 use crate::avm1::function::Executable;
 use enumset::{EnumSet, EnumSetType};
 
+/// Available type of sandbox for a given SWF
+pub enum SandboxType {
+    Remote,
+    LocalWithFile,
+    LocalWithNetwork,
+    LocalTrusted
+}
+
+impl SandboxType {
+    pub fn get_sandbox_name(&self) -> &str {
+        match self {
+            SandboxType::Remote => "remote",
+            SandboxType::LocalWithFile => "localWithFile",
+            SandboxType::LocalWithNetwork => "localWithNetwork",
+            SandboxType::LocalTrusted => "localTrusted",
+        }
+    }
+}
+
 /// The available host operating systems
 pub enum OperatingSystem {
     WindowsXp,
@@ -213,6 +232,8 @@ pub struct SystemProperties {
     pub manufacturer: Manufacturer,
     /// The os of the host
     pub os: OperatingSystem,
+    /// The type of the player sandbox
+    pub sandbox_type: SandboxType,
 }
 
 impl SystemProperties {
@@ -281,6 +302,7 @@ impl Default for SystemProperties {
             //TODO: default to current
             manufacturer: Manufacturer::Linux,
             os: OperatingSystem::Linux,
+            sandbox_type: SandboxType::LocalTrusted,
         }
     }
 }
@@ -412,7 +434,7 @@ pub fn create<'gc>(
     system.define_value(
         gc_context,
         "security",
-        Value::Undefined,
+        crate::avm1::globals::system_security::create(gc_context, proto, fn_proto).into(),
         DontDelete | ReadOnly | DontEnum,
     );
 
diff --git a/core/src/avm1/globals/system_security.rs b/core/src/avm1/globals/system_security.rs
new file mode 100644
index 000000000..5c7f8d91a
--- /dev/null
+++ b/core/src/avm1/globals/system_security.rs
@@ -0,0 +1,90 @@
+use crate::avm1::object::Object;
+use crate::avm1::property::Attribute::{DontDelete, DontEnum, ReadOnly};
+use crate::avm1::{ScriptObject, TObject, Avm1, Value, Error};
+use gc_arena::MutationContext;
+use std::convert::Into;
+use crate::context::UpdateContext;
+use crate::avm1::return_value::ReturnValue;
+use crate::avm1::function::Executable;
+
+fn allow_domain<'gc>(
+    _avm: &mut Avm1<'gc>,
+    _context: &mut UpdateContext<'_, 'gc, '_>,
+    _this: Object<'gc>,
+    _args: &[Value<'gc>],
+) -> Result<ReturnValue<'gc>, Error> {
+    log::warn!("system.allowDomain() not implemented");
+    Ok(Value::Undefined.into())
+}
+
+fn allow_insecure_domain<'gc>(
+    _avm: &mut Avm1<'gc>,
+    _context: &mut UpdateContext<'_, 'gc, '_>,
+    _this: Object<'gc>,
+    _args: &[Value<'gc>],
+) -> Result<ReturnValue<'gc>, Error> {
+    log::warn!("system.allowInsecureDomain() not implemented");
+    Ok(Value::Undefined.into())
+}
+
+fn load_policy_file<'gc>(
+    _avm: &mut Avm1<'gc>,
+    _context: &mut UpdateContext<'_, 'gc, '_>,
+    _this: Object<'gc>,
+    _args: &[Value<'gc>],
+) -> Result<ReturnValue<'gc>, Error> {
+    log::warn!("system.allowInsecureDomain() not implemented");
+    Ok(Value::Undefined.into())
+}
+
+fn get_sandbox_type<'gc>(
+    _avm: &mut Avm1<'gc>,
+    context: &mut UpdateContext<'_, 'gc, '_>,
+    _this: Object<'gc>,
+    _args: &[Value<'gc>],
+) -> Result<ReturnValue<'gc>, Error> {
+    Ok(context.system.sandbox_type.get_sandbox_name().into())
+}
+
+
+pub fn create<'gc>(
+    gc_context: MutationContext<'gc, '_>,
+    proto: Option<Object<'gc>>,
+    fn_proto: Option<Object<'gc>>,
+) -> Object<'gc> {
+    let mut security = ScriptObject::object(gc_context, proto);
+
+    security.force_set_function(
+        "allowDomain",
+        allow_domain,
+        gc_context,
+        DontDelete | ReadOnly | DontEnum,
+        fn_proto
+    );
+
+    security.force_set_function(
+        "allowInsecureDomain",
+        allow_insecure_domain,
+        gc_context,
+        DontDelete | ReadOnly | DontEnum,
+        fn_proto
+    );
+
+    security.force_set_function(
+        "loadPolicyFile",
+        load_policy_file,
+        gc_context,
+        DontDelete | ReadOnly | DontEnum,
+        fn_proto
+    );
+
+    security.add_property(
+        gc_context,
+        "sandboxType",
+        Executable::Native(get_sandbox_type),
+        None,
+        DontDelete | ReadOnly | DontEnum,
+    );
+
+    security.into()
+}