firefox: add extension permissions (#7402)

Adds extension permissions as suggested in https://github.com/nix-community/home-manager/issues/7001. Adds the 'profiles.<name>.extensions.settings.<name>.permissions' to Firefox derivatives. If set, this option adds an assertion that fails if an extension package requests permissions that weren't added to the permissions option. In order to not require 'profiles.<name>.extensions.force' to be set when only permissions, but no extension settings were defined, the relevant assertions were changed. They now check whether any 'extensions.settings.<name>.settings' was set instead of checking whether 'extensions.settings' was set. --------- Co-authored-by: Robert Helgesson <robert@rycee.net> Co-authored-by: awwpotato <awwpotato@voidq.com>
2025-07-10 20:33:18 +00:00 · 2025-07-10 20:33:18 +00:00 · d52da303ef
commit d52da303ef
parent fb12dbbce3
3 changed files with 214 additions and 102 deletions
--- a/tests/modules/programs/firefox/common.nix
+++ b/tests/modules/programs/firefox/common.nix
@ -19,6 +19,7 @@ builtins.mapAttrs
    "${name}-profiles-containers-id-out-of-range" = ./profiles/containers/id-out-of-range.nix;
    "${name}-profiles-duplicate-ids" = ./profiles/duplicate-ids.nix;
    "${name}-profiles-extensions" = ./profiles/extensions;
+    "${name}-profiles-extensions-assertions" = ./profiles/extensions/assertions.nix;
    "${name}-profiles-overwrite" = ./profiles/overwrite;
    "${name}-profiles-search" = ./profiles/search;
    "${name}-profiles-settings" = ./profiles/settings;