Take 2 at implementing activeTab.

chrome/common/extensions/extension.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/extension.h"
 
 #include "base/base64.h"
 #include "base/basictypes.h"
 #include "base/command_line.h"
 #include "base/file_path.h"
@@ skipping 3370 matching lines @@
   if (browser_action())
     ++num_surfaces;
 
   if (is_app())
     ++num_surfaces;
 
   return num_surfaces > 1;
 }
 
 bool Extension::CanExecuteScriptOnPage(const GURL& page_url,
+                                       int tab_id,
                                        const UserScript* script,
                                        std::string* error) const {
   base::AutoLock auto_lock(runtime_data_lock_);
   // The gallery is special-cased as a restricted URL for scripting to prevent
   // access to special JS bindings we expose to the gallery (and avoid things
   // like extensions removing the "report abuse" link).
   // TODO(erikkay): This seems like the wrong test.  Shouldn't we we testing
   // against the store app extent?
   GURL store_url(extension_urls::GetWebstoreLaunchURL());
   if ((page_url.host() == store_url.host()) &&
       !CanExecuteScriptEverywhere() &&
       !CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kAllowScriptingGallery)) {
     if (error)
       *error = errors::kCannotScriptGallery;
     return false;
   }
 
   if (page_url.SchemeIs(chrome::kChromeUIScheme) &&
       !CanExecuteScriptEverywhere())
     return false;
 
+  // If a tab ID is specified, try the tab-specific permissions.
+  if (tab_id >= 0) {
+    const URLPatternSet* tab_permissions =
+        runtime_data_.GetTabSpecificHostPermissions(tab_id);
+    if (tab_permissions &&
+        tab_permissions->MatchesSecurityOrigin(page_url)) {
+      return true;
+    }
+  }
+
   // If a script is specified, use its matches.
   if (script)
     return script->MatchesURL(page_url);
 
   // Otherwise, see if this extension has permission to execute script
   // programmatically on pages.
   if (runtime_data_.GetActivePermissions()->HasExplicitAccessToOrigin(
           page_url))
     return true;
 
@@ skipping 42 matching lines @@
        it != whitelist->end(); ++it) {
     if (id() == *it) {
       return true;
     }
   }
 
   return false;
 }
 
 bool Extension::CanCaptureVisiblePage(const GURL& page_url,
+                                      int tab_id,
                                       std::string *error) const {
+  if (tab_id >= 0) {
+    const URLPatternSet* tab = GetTabSpecificHostPermissions(tab_id);
+    if (tab && tab->MatchesSecurityOrigin(page_url))
+      return true;
+  }
+
   if (HasHostPermission(page_url) || page_url.GetOrigin() == url())
     return true;
 
   if (error) {
     *error = ExtensionErrorUtils::FormatErrorMessage(errors::kCannotAccessPage,
                                                      page_url.spec());
   }
   return false;
 }
 
@@ skipping 155 matching lines @@
       script_badge_->SetIcon(kDefaultTabId, icon);
 
     std::string title = browser_action()->GetTitle(kDefaultTabId);
     if (!title.empty())
       script_badge_->SetTitle(kDefaultTabId, title);
   }
 
   return script_badge_.get();
 }
 
+const URLPatternSet* Extension::GetTabSpecificHostPermissions(
+    int tab_id) const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  return runtime_data_.GetTabSpecificHostPermissions(tab_id);
+}
+
+void Extension::SetTabSpecificHostPermissions(
+    int tab_id,
+    const URLPatternSet& permissions) const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  runtime_data_.SetTabSpecificHostPermissions(tab_id, permissions);
+}
+
+void Extension::ClearTabSpecificHostPermissions(int tab_id) const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  runtime_data_.ClearTabSpecificHostPermissions(tab_id);
+}
+
+const URLPatternSet* Extension::GetActiveHostPermissionsForAllTabs() const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  return runtime_data_.GetActiveHostPermissionsForAllTabs();
+}
+
+void Extension::GetAllTabSpecificHostPermissions(
+    std::map<int, URLPatternSet>* out) const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  runtime_data_.GetAllTabSpecificHostPermissions(out);
+}
+
+void Extension::SetAllTabSpecificHostPermissions(
+    const std::map<int, URLPatternSet>& origins) const {
+  base::AutoLock auto_lock(runtime_data_lock_);
+  runtime_data_.SetAllTabSpecificHostPermissions(origins);
+}
+
 bool Extension::CheckPlatformAppFeatures(std::string* utf8_error) {
   if (!is_platform_app())
     return true;
 
   if (!CommandLine::ForCurrentProcess()->HasSwitch(
       switches::kEnablePlatformApps)) {
     *utf8_error = errors::kPlatformAppFlagRequired;
     return false;
   }
 
@@ skipping 23 matching lines @@
 Extension::RuntimeData::~RuntimeData() {}
 
 scoped_refptr<const ExtensionPermissionSet>
     Extension::RuntimeData::GetActivePermissions() const {
   return active_permissions_;
 }
 
 void Extension::RuntimeData::SetActivePermissions(
     const ExtensionPermissionSet* active) {
   active_permissions_ = active;
+  active_host_permissions_for_all_tabs_.reset();
+}
+
+const URLPatternSet*
+    Extension::RuntimeData::GetTabSpecificHostPermissions(int tab_id) const {
+  CHECK_GE(tab_id, 0);
+  TabHostPermissionsMap::const_iterator it =
+      tab_specific_host_permissions_.find(tab_id);
+  return (it != tab_specific_host_permissions_.end()) ? it->second.get() : NULL;
+}
+
+void Extension::RuntimeData::SetTabSpecificHostPermissions(
+    int tab_id,
+    const URLPatternSet& hosts) {
+  CHECK_GE(tab_id, 0);
+  tab_specific_host_permissions_[tab_id] =
+      make_linked_ptr(new URLPatternSet(hosts));
+
+  // If we're tracking the active host permissions for all tabs, update it.
+  if (active_host_permissions_for_all_tabs_.get()) {
+    scoped_ptr<URLPatternSet> updated(new URLPatternSet());
+    URLPatternSet::CreateUnion(*active_host_permissions_for_all_tabs_,
+                               hosts,
+                               updated.get());
+    active_host_permissions_for_all_tabs_ = updated.Pass();
+  }
+}
+
+void Extension::RuntimeData::ClearTabSpecificHostPermissions(int tab_id) {
+  CHECK_GE(tab_id, 0);
+  tab_specific_host_permissions_.erase(tab_id);
+  active_host_permissions_for_all_tabs_.reset();
+}
+
+const URLPatternSet*
+    Extension::RuntimeData::GetActiveHostPermissionsForAllTabs() const {
+  if (active_host_permissions_for_all_tabs_.get())
+    return active_host_permissions_for_all_tabs_.get();
+
+  if (tab_specific_host_permissions_.empty())
+    return &active_permissions_->explicit_hosts();
+
+  // Compute and cache the union of all tab specific permissions. The union
+  // operation for ExtensionPermissionSet is O(n), so the naive union
+  // implementation would be O(n^2). Try to be smarter and do it in O(nlog(n)).
+  std::vector<linked_ptr<const URLPatternSet> > all;

[Aaron Boodman, 2012/06/08 05:31:30]

Consider moving this into a method of URLPatternSet.

[not at google - send to devlin, 2012/06/12 20:40:51]

Done.

+  for (TabHostPermissionsMap::const_iterator it =
+           tab_specific_host_permissions_.begin();
+       it != tab_specific_host_permissions_.end(); ++it) {
+    all.push_back(it->second);
+  }
+
+  for (size_t skip = 1; skip < all.size(); skip *= 2) {
+    for (size_t i = 0; i < all.size() - skip; i += skip) {

[Aaron Boodman, 2012/06/08 05:31:30]

(all.size() - skip) for clarity.

[not at google - send to devlin, 2012/06/12 20:40:51]

ok.

+      URLPatternSet* u = new URLPatternSet();
+      URLPatternSet::CreateUnion(*all[i], *all[i + skip], u);
+      all[i] = make_linked_ptr(u);
+    }
+  }
+
+  active_host_permissions_for_all_tabs_.reset(new URLPatternSet());
+  URLPatternSet::CreateUnion(
+      *all[0],
+      active_permissions_->explicit_hosts(),
+      active_host_permissions_for_all_tabs_.get());
+  return active_host_permissions_for_all_tabs_.get();
+}
+
+void Extension::RuntimeData::GetAllTabSpecificHostPermissions(
+    std::map<int, URLPatternSet>* out) const {
+  for (TabHostPermissionsMap::const_iterator it =
+           tab_specific_host_permissions_.begin();
+       it != tab_specific_host_permissions_.end(); ++it) {
+    (*out)[it->first] = *it->second;

[Aaron Boodman, 2012/06/08 05:31:30]

You aren't saving much by passing an out param because the URLPatternSets are
still copied by value. I would say just return by value. Many compilers optimize
it away, anyway.

[not at google - send to devlin, 2012/06/12 20:40:51]

Done.

+  }
+}
+
+void Extension::RuntimeData::SetAllTabSpecificHostPermissions(
+    const std::map<int, URLPatternSet>& in) {
+  tab_specific_host_permissions_.clear();
+  active_host_permissions_for_all_tabs_.reset();
+
+  for (std::map<int, URLPatternSet>::const_iterator it = in.begin();
+       it != in.end(); ++it) {
+    tab_specific_host_permissions_[it->first].reset(
+        new URLPatternSet(it->second));
+  }
 }
 
 UnloadedExtensionInfo::UnloadedExtensionInfo(
     const Extension* extension,
     extension_misc::UnloadedExtensionReason reason)
   : reason(reason),
     already_disabled(false),
     extension(extension) {}
 
 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo(
     const Extension* extension,
     const ExtensionPermissionSet* permissions,
     Reason reason)
     : reason(reason),
       extension(extension),
       permissions(permissions) {}
 
 }   // namespace extensions