abi <abi/4.0>,

#
# This profile is for the signal-desktop/electron package in obs://network:im:signal
#

include <tunables/global>

@{BROWSER} = signal-desktop
@{APPNAME} = @{BROWSER}
@{APPDIR} = /usr/lib{,64,exec}/@{APPNAME}
@{BINARY_NAME} = @{BROWSER}
@{BINARY_PATH} = @{APPDIR}/@{BINARY_NAME}
@{SOCKET_PATH} = .org.chromium.Chromium
@{CONFIG_SUBDIR} = Signal
@{chromium_profile_name} = signal-desktop

profile signal-desktop-wrapper /usr/bin/signal-desktop {
  include <abstractions/base>
  include <abstractions/bash>
  include <abstractions/consoles>

  /usr/bin/signal-desktop r,
  /{usr/,}bin/bash rm,

  # can not clear env as we need that NODE_ENV variable
  /usr/bin/electron px -> signal-desktop-electron,
}

profile signal-desktop-electron {
  include <abstractions/electron-shell-wrapper>

  # TODO: if we get this to work we can move it to the abstraction
  #  /usr/lib{64,}/electron/electron px -> @{chromium_profile_name}
  /usr/lib{64,}/electron/electron px -> signal-desktop,
}

profile signal-desktop {
  include <abstractions/electron>

  /usr/lib{64,}/electron/electron px -> signal-desktop,
  /usr/lib64/electron/chrome_crashpad_handler px -> signal-desktop-chrash-handler,

  signal (receive) peer=signal-desktop-chrash-handler,

  audit deny /usr/bin/xdg-open x,

  /sys/fs/cgroup/user.slice/cpu.max r,

  audit /{usr/,}bin/xdg-settings px -> chromium-xdg-settings,

  include if exists <local/signal-desktop>
}

profile signal-desktop-chrash-handler {
  include <abstractions/chromium-crash-handler>

  signal receive  peer=signal-desktop,
  signal (send)   peer=signal-desktop,
  ptrace          peer=signal-desktop,
}