refactor: improve GatorPermissionsController permission storage and syncronisation#7847
Merged
jeffsmale90 merged 6 commits intomainfrom Feb 12, 2026
Merged
Conversation
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
7684e9e to
f1dd835
Compare
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storage
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
3 times, most recently
from
93b4ebd to
212df20
Compare
![cursor[bot]](https://avatars.githubusercontent.com/in/1210556?s=60&v=4){kind=small}
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
5a1282e to
bbeffdd
Compare
packages/gator-permissions-controller/src/GatorPermissionsController.test.ts
Outdated
Show resolved
Hide resolved
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
bbeffdd to
9fbbbd0
Compare
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storageGatorPermissionsController permission syncronisation and storage
jeffsmale90
changed the title
GatorPermissionsController permission syncronisation and storageGatorPermissionsController permission storage and syncronisation
…ermission storage - Replace `gatorPermissionsMapSerialized` state with `grantedPermissions` array (`PermissionInfoWithMetadata[]`) - Change `GatorPermissionsController` constructor to accept `config` object - Replaced `isGatorPermissionsEnabled` with `enabledPermissionTypes` property and removed related `GatorPermissionsNotEnabledError` - Updated `fetchAndUpdateGatorPermissions` to be parameterless - Replace `getPendingRevocations` with `isPendingRevocation(permissionContext);` as an interim change to moving revocation entirely internal to the controller - Add `executeSnapRpc` utility function to handle Snap RPC requests - Drop custom permission support from types, mocks, and mock tests - Add test coverage for specific controller error types
- adds 'initialize()' function that will fetch data if none is available, or if no syncronisation has occurred recently - multiple calls to 'fetchAndUpdateGatorPermissions()' will no longer trigger additional queries
jeffsmale90
force-pushed
the
feat/refactor-gator-permissions-controller
branch
from
d17bc58 to
eca7605
Compare
mj-kiwi
reviewed
Feb 10, 2026
| */ | ||
| isGatorPermissionsEnabled: boolean; | ||
|
|
||
| supportedPermissionTypes: SupportedPermissionType[]; |
There was a problem hiding this comment.
Should supportedPermissionTypes be non-empty? It might be safer to enforce this at the type level to prevent invalid states.(e.g. [SupportedPermissionType, ...SupportedPermissionType[]])
Contributor
Author
There was a problem hiding this comment.
I think it's valid to have no supported permission types - this would effectively mean Advanced Permissions is not enabled (which is the case up until now in main dist).
mj-kiwi
previously approved these changes
Feb 11, 2026
mj-kiwi
previously approved these changes
Feb 11, 2026
GuillaumeRx
reviewed
Feb 11, 2026
Comment on lines
+13
to
+20
| - Constructor requires `config` with `supportedPermissionTypes`; optional `gatorPermissionsProviderSnapId` and `state`; enable/disable flow removed | ||
| - Adds `initialize()` function that performs a syncronisation process if required when the controller is first initialized | ||
| - State: `grantedPermissions` (array of `PermissionInfoWithMetadata`) replaces `gatorPermissionsMapSerialized`; `isGatorPermissionsEnabled` removed | ||
| - `fetchAndUpdateGatorPermissions()` no longer accepts parameters | ||
| - `getPendingRevocations` / `pendingRevocations` getter replaced by `isPendingRevocation(permissionContext)`; list on `state.pendingRevocations` | ||
| - Messenger: removed `EnableGatorPermissions` and `DisableGatorPermissions` actions; added `isPendingRevocation` action | ||
| - Removed exports: `serializeGatorPermissionsMap`, `deserializeGatorPermissionsMap`, `GatorPermissionsNotEnabledError`, `CustomPermission`, `PermissionTypesWithCustom`, `PermissionResponseSanitized`, `StoredGatorPermissionSanitized`, `GatorPermissionsMap`, `SupportedGatorPermissionType`, `GatorPermissionsMapByPermissionType`, `GatorPermissionsListByPermissionTypeAndChainId`, `GatorPermissionsControllerErrorCode.GatorPermissionsNotEnabled` | ||
| - Added exports: `GatorPermissionsControllerConfig`, `PermissionInfo`, `PermissionInfoWithMetadata`, `SupportedPermissionType` |
Contributor
There was a problem hiding this comment.
This is really verbose for a changelog entry. Maybe worth synthesizing more.
Contributor
Author
There was a problem hiding this comment.
Good call - there's a lot of change in there! I've tried to make this more concise.
mj-kiwi
approved these changes
Feb 12, 2026
| - Replaces `gatorPermissionsMapSerialized` with `grantedPermissions` property in internal state, replaces related types, and utility functions | ||
| - `fetchAndUpdateGatorPermissions()` no longer accepts parameters and resolves to `void` | ||
| - `getPendingRevocations` / `pendingRevocations` getter replaced by `isPendingRevocation(permissionContext)`; list on `state.pendingRevocations` | ||
| - Bump `@metamask/transaction-controller` from `^62.11.0` to `^62.17.0` ([#7775](https://github.com/MetaMask/core/pull/7775), [#7802](https://github.com/MetaMask/core/pull/7802), [#7832](https://github.com/MetaMask/core/pull/7832), [#7854](https://github.com/MetaMask/core/pull/7854), [#7872](https://github.com/MetaMask/core/pull/7872)), ([#7897](https://github.com/MetaMask/core/pull/7897))>>>>>>> Stashed changes |
There was a problem hiding this comment.
Git conflict marker accidentally left in CHANGELOG
High Severity
Line 18 ends with >>>>>>> Stashed changes, a git stash conflict marker that was accidentally committed. This will render visibly in the published changelog and signals an incomplete merge resolution.
Contributor
Author
There was a problem hiding this comment.
I'll fix this in the release PR
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Explanation
Makes the following changes to the
GatorPermissionsControllerto improve storage and syncronisation of permissions data with Profile Sync service:supportedPermissionTypesand optionalgatorPermissionsProviderSnapIdandmaxSyncIntervalMs.lastSyncedTimestamp(default -1); set when a sync completes successfully soinitialize()can decide when to sync again.initialize()call after construction; triggers a sync if no sync has run yet or cached data is older than the configured interval.fetchAndUpdateGatorPermissions()now returnsPromise<void>; callers should read from controller state. Concurrent calls share the same in-flight sync and no longer trigger duplicate operations.GatorPermissionsMapJSON-serialized state (and related types and utils); permissions are now stored in state as a simple array. Sync is done by calling the gator permissions Snap via RPC.enableGatorPermissions()/disableGatorPermissions()and related actions; the controller is used as the single source for gator permissions when instantiated.Checklist
Note
Medium Risk
Breaking API/state-shape changes and new sync caching logic can affect downstream consumers and initial data freshness if integration assumptions differ.
Overview
Refactors
GatorPermissionsControllerto be config-driven and to store permissions as a flatstate.grantedPermissionsarray (sanitized for UI) instead of a serializedGatorPermissionsMap.Adds
initialize()withlastSyncedTimestamp+ configurablemaxSyncIntervalMsto control when an initial/stale sync happens, and changesfetchAndUpdateGatorPermissions()to returnPromise<void>while deduplicating concurrent sync calls.Removes
enableGatorPermissions/disableGatorPermissions, related actions/types/utils, and drops public support for “custom” permission types; introducesexecuteSnapRpcand updates docs/tests accordingly (including new error unit tests).Written by Cursor Bugbot for commit 993b214. This will update automatically on new commits. Configure here.