PluginContext

[RohitKushvaha01]

No description provided.

[greptile-apps]

Greptile Overview

Greptile Summary

This PR introduces a new PluginContext system that provides isolated security contexts and permission management for plugins. The implementation adds a Cordova plugin that generates unique tokens for each plugin and tracks their permissions through a native Android bridge.

Key changes:

• New pluginContext Cordova plugin with token-based authentication system
• loadPlugin.js now generates a context object (ctx) passed to each plugin during initialization
• Replaced @com.foxdebug.acode.rk.auth plugin with the new pluginContext plugin in cordova.plugins list
• Token/permission stores changed from static to instance fields, addressing previous lifecycle concerns

Issues found:

• plugin.xml contains mismatched plugin name "Gatekeeper" (should be "PluginContext")
• package-lock.json has extraneous src/plugins/gatekeeper entry that needs removal
• disclosed HashSet blocks plugin reload attempts with TOKEN_ALREADY_ISSUED error
• Auth plugin removed from cordova.plugins but remains in devDependencies
• Minor: error not logged in catch block, typo in comment

Confidence Score: 2/5

• This PR has critical issues preventing plugin reloads and metadata inconsistencies that need resolution
• The plugin name mismatch in plugin.xml and the disclosed set blocking reload scenarios are functional issues that will cause runtime failures. The extraneous lockfile entry and auth plugin removal create dependency inconsistencies. While the core token/permission architecture is sound and the JSON stringification fix is correct, these blocking issues need to be addressed before merge.
• Pay close attention to src/plugins/pluginContext/plugin.xml (wrong name), src/plugins/pluginContext/src/android/Tee.java (reload blocking), and package-lock.json (extraneous entry)

Important Files Changed

Filename	Overview
package.json	Replaced auth plugin with plugincontext in cordova.plugins, devDeps updated correctly
package-lock.json	Contains extraneous src/plugins/gatekeeper entry that should not exist
src/lib/loadPlugin.js	Adds PluginContext.generate call passing stringified pluginJson correctly to ctx field
src/plugins/pluginContext/plugin.xml	Plugin XML has mismatched name 'Gatekeeper' instead of 'PluginContext'
src/plugins/pluginContext/src/android/Tee.java	Token/permission management implemented, static fields removed but stores still never cleared

Sequence Diagram

sequenceDiagram
    participant LP as loadPlugin.js
    participant PC as PluginContext.js
    participant Tee as Tee.java
    participant Plugin as Plugin Instance
    
    LP->>LP: Read plugin.json
    LP->>PC: generate(pluginId, JSON.stringify(pluginJson))
    PC->>Tee: requestToken(pluginId, pluginJson)
    
    alt Plugin Already Disclosed
        Tee-->>PC: Error: TOKEN_ALREADY_ISSUED
        PC-->>LP: return null
    else First Request
        Tee->>Tee: Generate UUID token
        Tee->>Tee: Parse permissions from pluginJson
        Tee->>Tee: Store token & permissions
        Tee->>Tee: Mark pluginId as disclosed
        Tee-->>PC: Return token (UUID)
        PC->>PC: Create _PluginContext(uuid)
        PC-->>LP: Return frozen context object
    end
    
    LP->>Plugin: initPlugin(pluginId, baseUrl, $page, {ctx, ...})
    
    Note over Plugin,Tee: Plugin can later check permissions
    Plugin->>PC: ctx.grantedPermission("permission-name")
    PC->>Tee: grantedPermission(token, permission)
    Tee->>Tee: Check permissionStore[token]
    Tee-->>PC: true/false
    PC-->>Plugin: Permission result

Loading

_{Last reviewed commit: 82d3271}

[greptile-apps]

_{8 files reviewed, 4 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Native expects string JSON

On Android, Tee.java reads args.getString(1) and then new JSONObject(pluginJson), so the second argument must be a JSON string. Here pluginJson is passed directly (it’s an object in loadPlugin.js), which will arrive natively as a non-JSON value and trigger INVALID_PLUGIN_JSON, causing generate() to return null.

Suggested change

	generate: async function (pluginId, pluginJson) {
	try {
	function requestToken(pluginId) {
	return new Promise((resolve, reject) => {
	exec(resolve, reject, "Tee", "requestToken", [
	pluginId,
	pluginJson,
	]);
	});
	exec(resolve, reject, "Tee", "requestToken", [
	pluginId,
	JSON.stringify(pluginJson),
	]);

[greptile-apps]

Plugin metadata mismatch

This plugin is plugincontext but the <name> is set to Gatekeeper, which will surface as the wrong plugin name in Cordova tooling/plugins list. This looks like a copy/paste error and should be renamed to match the actual plugin.

Suggested change

	<plugin xmlns="http://apache.org/cordova/ns/plugins/1.0" xmlns:android="http://schemas.android.com/apk/res/android" id="com.foxdebug.acode.rk.plugin.plugincontext" version="1.0.0">
	<name>Gatekeeper</name>
	<js-module name="PluginContext" src="www/PluginContext.js">
	<clobbers target="window.PluginContext" />
	</js-module>
	<name>PluginContext</name>

[greptile-apps]

Unrelated extraneous lockfile entry

This PR introduces an extraneous entry for src/plugins/gatekeeper, but there’s no corresponding dependency/plugin added in package.json. This will make installs non-reproducible across environments and should be removed from the lockfile (regenerate package-lock.json from a clean install) so only intentional dependencies are recorded.

[greptile-apps]

Additional Comments (1)

src/lib/loadPlugin.js
Undefined PluginContext

PluginContext.generate(...) is referenced here but PluginContext isn’t imported/defined in this module, so loading any plugin will throw ReferenceError: PluginContext is not defined at runtime. If this is intended to come from the Cordova clobber (window.PluginContext), it still needs to be referenced as window.PluginContext (and ideally gated until deviceready / plugin availability).

[RohitKushvaha01]

@greptileai

[greptile-apps]

_{8 files reviewed, 2 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

Plugin list inconsistency

cordova.plugins dropped the auth plugin entry while devDependencies still includes the local auth package. This makes the Cordova plugin list inconsistent with what gets installed, and can remove auth functionality unexpectedly. If auth is still required, add it back under cordova.plugins; otherwise remove the local auth dependency and update any consumers accordingly.

[greptile-apps]

Global static stores leak

tokenStore, disclosed, and permissionStore are static and never cleared. In a Cordova WebView, plugins can be installed/uninstalled or reloaded without a full process restart; these maps will retain old pluginIds/tokens/permissions and can cause TOKEN_ALREADY_ISSUED or stale permission results for later sessions. Consider scoping these stores to the plugin instance/lifecycle or providing a reset path tied to app/plugin reload.

[RohitKushvaha01]

@greptileai

[greptile-apps]

_{8 files reviewed, 3 comments}

_{Edit Code Review Agent Settings | Greptile}

[greptile-apps]

error object not logged in warning message

Suggested change

	console.warn(`PluginContext creation failed for pluginId ${pluginId}:`);
	console.warn(`PluginContext creation failed for pluginId ${pluginId}:`, err);

_{Note: If this suggestion doesn't match your team's coding style, reply to this and let me know. I'll remember it for next time!}

[greptile-apps]

typo: 'assined' should be 'assigned'

Suggested change

	//assined tokens
	//assigned tokens

[greptile-apps]

disclosed set never cleared, blocks plugin reload

The disclosed set prevents the same pluginId from requesting a token twice in this plugin instance's lifetime. If loadPlugin() is called again for the same plugin (reload scenario), this check will fail with TOKEN_ALREADY_ISSUED even though it's a legitimate reload request.