refactor: improve GatorPermissionsController permission storage and syncronisation
#7847
+852
−1,137
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
7684e9e to
f1dd835
Compare
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storage
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
3 times, most recently
from
93b4ebd to
212df20
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
5a1282e to
bbeffdd
Compare
packages/gator-permissions-controller/src/GatorPermissionsController.test.ts
Outdated
Show resolved
Hide resolved
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
bbeffdd to
9fbbbd0
Compare
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storageGatorPermissionsController permission syncronisation and storage
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storageGatorPermissionsController permission storage and syncronisation
…ermission storage - Replace `gatorPermissionsMapSerialized` state with `grantedPermissions` array (`PermissionInfoWithMetadata[]`) - Change `GatorPermissionsController` constructor to accept `config` object - Replaced `isGatorPermissionsEnabled` with `enabledPermissionTypes` property and removed related `GatorPermissionsNotEnabledError` - Updated `fetchAndUpdateGatorPermissions` to be parameterless - Replace `getPendingRevocations` with `isPendingRevocation(permissionContext);` as an interim change to moving revocation entirely internal to the controller - Add `executeSnapRpc` utility function to handle Snap RPC requests - Drop custom permission support from types, mocks, and mock tests - Add test coverage for specific controller error types
- adds 'initialize()' function that will fetch data if none is available, or if no syncronisation has occurred recently - multiple calls to 'fetchAndUpdateGatorPermissions()' will no longer trigger additional queries
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
d17bc58 to
eca7605
Compare
mj-kiwi
reviewed
Feb 10, 2026
| */ | ||
| isGatorPermissionsEnabled: boolean; | ||
|
|
||
| supportedPermissionTypes: SupportedPermissionType[]; |
There was a problem hiding this comment.
Should supportedPermissionTypes be non-empty? It might be safer to enforce this at the type level to prevent invalid states.(e.g. [SupportedPermissionType, ...SupportedPermissionType[]])
Contributor
Author
There was a problem hiding this comment.
I think it's valid to have no supported permission types - this would effectively mean Advanced Permissions is not enabled (which is the case up until now in main dist).
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Explanation
Makes the following changes to the
GatorPermissionsControllerto improve storage and syncronisation of permissions data with Profile Sync service:supportedPermissionTypesand optionalgatorPermissionsProviderSnapIdandmaxSyncIntervalMs.lastSyncedTimestamp(default -1); set when a sync completes successfully soinitialize()can decide when to sync again.initialize()call after construction; triggers a sync if no sync has run yet or cached data is older than the configured interval.fetchAndUpdateGatorPermissions()now returnsPromise<void>; callers should read from controller state. Concurrent calls share the same in-flight sync and no longer trigger duplicate operations.GatorPermissionsMapJSON-serialized state (and related types and utils); permissions are now stored in state as a simple array. Sync is done by calling the gator permissions Snap via RPC.enableGatorPermissions()/disableGatorPermissions()and related actions; the controller is used as the single source for gator permissions when instantiated.Checklist
Note
Medium Risk
Broad breaking API/state changes and a new sync/caching flow can affect downstream consumers and UI assumptions. Core logic changes are mostly localized to the controller and covered by updated tests, but integration updates are required.
Overview
BREAKING refactor of
GatorPermissionsControllerAPI and state. Construction now requires aconfig(includingsupportedPermissionTypes, optionalgatorPermissionsProviderSnapIdandmaxSyncIntervalMs), removes the enable/disable flow and related messenger actions, and introducesinitialize()to conditionally sync based on a persistedlastSyncedTimestamp.Permission storage is redesigned: the JSON
gatorPermissionsMapSerialized/map utilities and “custom” permission support are removed, replaced bystate.grantedPermissions(array ofPermissionInfoWithMetadatawith internal fields stripped).fetchAndUpdateGatorPermissions()no longer accepts params, returnsPromise<void>, dedupes concurrent calls via a shared in-flight promise, and uses a newexecuteSnapRpchelper to call the Snap.Revocation-related API is tightened: pending revocations are accessed via
state.pendingRevocationsplus a newisPendingRevocation(permissionContext)action (case-insensitive check), and post-revocation refresh now always uses the controller’s internal fetch. Docs/changelog and tests are updated accordingly, including new unit tests forexecuteSnapRpcand revised mocks/fixtures.Written by Cursor Bugbot for commit eca7605. This will update automatically on new commits. Configure here.