MetaMask · abretonc7s · Feb 14, 2025 · Feb 14, 2025 · Feb 14, 2025 · Feb 14, 2025
@@ -58,6 +58,8 @@ const ApprovalTagUrl = ({
       title = prefixUrlWithProtocol(origin);
     } else if (url) {
       title = prefixUrlWithProtocol(getHost(url));
+    } else if (origin) {
+      title = prefixUrlWithProtocol(getHost(origin)); 
     } else {
       title = '';
     }

@@ -13,6 +13,8 @@ import {
 import BTC from '../../images/bitcoin-logo.png';
 import SOL from '../../images/solana-logo.png';
 
+export const EVM_IDENTIFIER = 'eip155';
+
 // Image imports for React Native rendering
 export const MULTICHAIN_TOKEN_IMAGES = {
   [BtcScope.Mainnet]: BTC,

@@ -0,0 +1,165 @@
+import {
+  getPermittedAccounts,
+  getPermittedChains,
+  switchActiveAccounts,
+} from './index';
+import { errorCodes as rpcErrorCodes } from '@metamask/rpc-errors';
+import { RestrictedMethods, CaveatTypes } from './constants';
+import { PermissionKeys } from './specifications';
+import ImportedEngine from '../Engine';
+
+// Mock dependencies
+jest.mock('../Engine', () => ({
+  context: {
+    PermissionController: {
+      executeRestrictedMethod: jest.fn(),
+      getCaveat: jest.fn(),
+      updateCaveat: jest.fn(),
+    },
+    AccountsController: {
+      getSelectedAccount: jest.fn(),
+    },
+  },
+}));
+
+// Type assertion for mocked Engine
+const Engine = ImportedEngine as jest.Mocked<any>;
+
+// Mock normalizeOrigin from wc-utils
+jest.mock('../WalletConnect/wc-utils', () => ({
+  normalizeOrigin: jest.fn((hostname) => hostname),
+}));
+
+describe('Permission Management Functions', () => {
+  beforeEach(() => {
+    jest.clearAllMocks();
+  });
+
+  describe('getPermittedAccounts', () => {
+    it('returns accounts from PermissionController for external hostname', async () => {
+      const hostname = 'example.com';
+      Engine.context.PermissionController.executeRestrictedMethod.mockResolvedValue([
+        '0xabc',
+        '0xdef',
+      ]);
+
+      const result = await getPermittedAccounts(hostname);
+
+      expect(Engine.context.PermissionController.executeRestrictedMethod).toHaveBeenCalledWith(
+        hostname,
+        RestrictedMethods.eth_accounts,
+      );
+      expect(result).toEqual(['0xabc', '0xdef']);
+    });
+
+    it('returns empty array on unauthorized error', async () => {
+      const hostname = 'example.com';
+      Engine.context.PermissionController.executeRestrictedMethod.mockRejectedValue({
+        code: rpcErrorCodes.provider.unauthorized,
+      });
+
+      const result = await getPermittedAccounts(hostname);
+
+      expect(result).toEqual([]);
+    });
+
+    it('throws on unexpected error', async () => {
+      const hostname = 'example.com';
+      const error = new Error('Unexpected error');
+      Engine.context.PermissionController.executeRestrictedMethod.mockRejectedValue(error);
+
+      await expect(getPermittedAccounts(hostname)).rejects.toThrow(error);
+    });
+  });
+
+  describe('getPermittedChains', () => {
+    it('returns formatted chains from caveat', async () => {
+      const hostname = 'example.com';
+      Engine.context.PermissionController.getCaveat.mockReturnValue({
+        value: ['1', '2', 'invalid'],
+      });
+
+      const result = await getPermittedChains(hostname);
+
+      expect(Engine.context.PermissionController.getCaveat).toHaveBeenCalledWith(
+        hostname,
+        PermissionKeys.permittedChains,
+        CaveatTypes.restrictNetworkSwitching,
+      );
+      expect(result).toEqual(['eip155:1', 'eip155:2']); // Should filter out 'invalid'
+    });
+
+    it('returns empty array if no caveat exists', async () => {
+      const hostname = 'example.com';
+      Engine.context.PermissionController.getCaveat.mockReturnValue(undefined);
+
+      const result = await getPermittedChains(hostname);
+
+      expect(result).toEqual([]);
+    });
+
+    it('returns empty array if caveat value is not an array', async () => {
+      const hostname = 'example.com';
+      Engine.context.PermissionController.getCaveat.mockReturnValue({
+        value: 'not-an-array',
+      });
+
+      const result = await getPermittedChains(hostname);
+
+      expect(result).toEqual([]);
+    });
+  });
+
+  describe('switchActiveAccounts', () => {
+    it('reorders accounts to make the specified account active', () => {
+      const hostname = 'example.com';
+      const accAddress = '0xdef';
+      Engine.context.PermissionController.getCaveat.mockReturnValue({
+        value: ['0xabc', '0xdef', '0x123'],
+      });
+
+      switchActiveAccounts(hostname, accAddress);
+
+      expect(Engine.context.PermissionController.getCaveat).toHaveBeenCalledWith(
+        hostname,
+        RestrictedMethods.eth_accounts,
+        CaveatTypes.restrictReturnedAccounts,
+      );
+      expect(Engine.context.PermissionController.updateCaveat).toHaveBeenCalledWith(
+        hostname,
+        RestrictedMethods.eth_accounts,
+        CaveatTypes.restrictReturnedAccounts,
+        ['0xdef', '0xabc', '0x123'],
+      );
+    });
+
+    it('throws if account is not permitted', () => {
+      const hostname = 'example.com';
+      const accAddress = '0x999';
+      Engine.context.PermissionController.getCaveat.mockReturnValue({
+        value: ['0xabc', '0xdef'],
+      });
+
+      expect(() => switchActiveAccounts(hostname, accAddress)).toThrow(
+        `eth_accounts permission for hostname "${hostname}" does not permit "${accAddress} account".`,
+      );
+    });
+
+    it('handles duplicates by ensuring uniqueness', () => {
+      const hostname = 'example.com';
+      const accAddress = '0xdef';
+      Engine.context.PermissionController.getCaveat.mockReturnValue({
+        value: ['0xabc', '0xdef', '0xdef'],
+      });
+
+      switchActiveAccounts(hostname, accAddress);
+
+      expect(Engine.context.PermissionController.updateCaveat).toHaveBeenCalledWith(
+        hostname,
+        RestrictedMethods.eth_accounts,
+        CaveatTypes.restrictReturnedAccounts,
+        ['0xdef', '0xabc'],
+      );
+    });
+  });
+});
@@ -4,6 +4,9 @@ import ImportedEngine from '../Engine';
 import Logger from '../../util/Logger';
 import { getUniqueList } from '../../util/general';
 import TransactionTypes from '../TransactionTypes';
+import { PermissionKeys } from './specifications';
+import { normalizeOrigin } from '../WalletConnect/wc-utils';
+import { EVM_IDENTIFIER } from '../Multichain/constants';
 
 const INTERNAL_ORIGINS = [process.env.MM_FOX_CODE, TransactionTypes.MMM];
 
@@ -215,3 +218,28 @@ export const getPermittedAccounts = async (
     throw error;
   }
 };
+
+/**
+ * Get permitted chains for the given the host.
+ *
+ * @param hostname - Subject to check if permissions exists. Ex: A Dapp is a subject.
+ * @returns An array containing permitted chains for the specified host.
+ */
+export const getPermittedChains = async (hostname: string): Promise<string[]> => {
+  const { PermissionController } = Engine.context;
+  const caveat = PermissionController.getCaveat(
+    normalizeOrigin(hostname),
+    PermissionKeys.permittedChains,
+    CaveatTypes.restrictNetworkSwitching
+  );
+
+  if (Array.isArray(caveat?.value)) {
+    const chains = caveat.value
+      .filter((item: unknown): item is string => typeof item === 'string' && !isNaN(parseInt(item)))
+      .map((chainId: string) => `${EVM_IDENTIFIER}:${parseInt(chainId)}`);
+
+    return chains;
+  }
+
+  return [];
+};
@@ -24,7 +24,7 @@ import NotificationManager from '../NotificationManager';
 import { msBetweenDates, msToHours } from '../../util/date';
 import { addTransaction } from '../../util/transaction-controller';
 import URL from 'url-parse';
-import parseWalletConnectUri from './wc-utils';
+import { parseWalletConnectUri } from './wc-utils';
 import { store } from '../../store';
 import { selectChainId } from '../../selectors/networkController';
 import ppomUtil from '../../../app/lib/ppom/ppom-util';