| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" | 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" | 8 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" |
| 9 #include "chrome/browser/extensions/extension_service.h" | 9 #include "chrome/browser/extensions/extension_service.h" |
| 10 #include "chrome/browser/extensions/permissions_updater.h" | 10 #include "chrome/browser/extensions/permissions_updater.h" |
| 11 #include "chrome/browser/profiles/profile.h" | 11 #include "chrome/browser/profiles/profile.h" |
| 12 #include "chrome/common/chrome_notification_types.h" | 12 #include "chrome/common/chrome_notification_types.h" |
| 13 #include "chrome/common/extensions/api/permissions.h" | 13 #include "chrome/common/extensions/api/permissions.h" |
| 14 #include "chrome/common/extensions/extension.h" | 14 #include "chrome/common/extensions/extension.h" |
| 15 #include "chrome/common/extensions/extension_error_utils.h" | 15 #include "chrome/common/extensions/extension_error_utils.h" |
| 16 #include "chrome/common/extensions/permissions/permissions_info.h" |
| 16 #include "chrome/common/extensions/url_pattern_set.h" | 17 #include "chrome/common/extensions/url_pattern_set.h" |
| 17 #include "googleurl/src/gurl.h" | 18 #include "googleurl/src/gurl.h" |
| 18 | 19 |
| 19 using extensions::api::permissions::Permissions; | 20 using extensions::api::permissions::Permissions; |
| 21 using extensions::APIPermission; |
| 22 using extensions::APIPermissionSet; |
| 23 using extensions::PermissionSet; |
| 24 using extensions::PermissionsInfo; |
| 20 using extensions::PermissionsUpdater; | 25 using extensions::PermissionsUpdater; |
| 21 | 26 |
| 22 namespace Contains = extensions::api::permissions::Contains; | 27 namespace Contains = extensions::api::permissions::Contains; |
| 23 namespace GetAll = extensions::api::permissions::GetAll; | 28 namespace GetAll = extensions::api::permissions::GetAll; |
| 24 namespace Remove = extensions::api::permissions::Remove; | 29 namespace Remove = extensions::api::permissions::Remove; |
| 25 namespace Request = extensions::api::permissions::Request; | 30 namespace Request = extensions::api::permissions::Request; |
| 26 namespace helpers = extensions::permissions_api_helpers; | 31 namespace helpers = extensions::permissions_api_helpers; |
| 27 | 32 |
| 28 namespace { | 33 namespace { |
| 29 | 34 |
| (...skipping 12 matching lines...) Expand all Loading... |
| 42 ABORT | 47 ABORT |
| 43 }; | 48 }; |
| 44 AutoConfirmForTest auto_confirm_for_tests = DO_NOT_SKIP; | 49 AutoConfirmForTest auto_confirm_for_tests = DO_NOT_SKIP; |
| 45 bool ignore_user_gesture_for_tests = false; | 50 bool ignore_user_gesture_for_tests = false; |
| 46 | 51 |
| 47 } // namespace | 52 } // namespace |
| 48 | 53 |
| 49 bool ContainsPermissionsFunction::RunImpl() { | 54 bool ContainsPermissionsFunction::RunImpl() { |
| 50 scoped_ptr<Contains::Params> params(Contains::Params::Create(*args_)); | 55 scoped_ptr<Contains::Params> params(Contains::Params::Create(*args_)); |
| 51 | 56 |
| 52 scoped_refptr<ExtensionPermissionSet> permissions = | 57 scoped_refptr<PermissionSet> permissions = |
| 53 helpers::UnpackPermissionSet(params->permissions, &error_); | 58 helpers::UnpackPermissionSet(params->permissions, &error_); |
| 54 if (!permissions.get()) | 59 if (!permissions.get()) |
| 55 return false; | 60 return false; |
| 56 | 61 |
| 57 result_.reset(Contains::Result::Create( | 62 result_.reset(Contains::Result::Create( |
| 58 GetExtension()->GetActivePermissions()->Contains(*permissions))); | 63 GetExtension()->GetActivePermissions()->Contains(*permissions))); |
| 59 return true; | 64 return true; |
| 60 } | 65 } |
| 61 | 66 |
| 62 bool GetAllPermissionsFunction::RunImpl() { | 67 bool GetAllPermissionsFunction::RunImpl() { |
| 63 scoped_ptr<Permissions> permissions = | 68 scoped_ptr<Permissions> permissions = |
| 64 helpers::PackPermissionSet(GetExtension()->GetActivePermissions()); | 69 helpers::PackPermissionSet(GetExtension()->GetActivePermissions()); |
| 65 result_.reset(GetAll::Result::Create(*permissions)); | 70 result_.reset(GetAll::Result::Create(*permissions)); |
| 66 return true; | 71 return true; |
| 67 } | 72 } |
| 68 | 73 |
| 69 bool RemovePermissionsFunction::RunImpl() { | 74 bool RemovePermissionsFunction::RunImpl() { |
| 70 scoped_ptr<Remove::Params> params(Remove::Params::Create(*args_)); | 75 scoped_ptr<Remove::Params> params(Remove::Params::Create(*args_)); |
| 71 EXTENSION_FUNCTION_VALIDATE(params.get()); | 76 EXTENSION_FUNCTION_VALIDATE(params.get()); |
| 72 | 77 |
| 73 scoped_refptr<ExtensionPermissionSet> permissions = | 78 scoped_refptr<PermissionSet> permissions = |
| 74 helpers::UnpackPermissionSet(params->permissions, &error_); | 79 helpers::UnpackPermissionSet(params->permissions, &error_); |
| 75 if (!permissions.get()) | 80 if (!permissions.get()) |
| 76 return false; | 81 return false; |
| 77 | 82 |
| 78 const extensions::Extension* extension = GetExtension(); | 83 const extensions::Extension* extension = GetExtension(); |
| 79 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 84 PermissionsInfo* info = PermissionsInfo::GetInstance(); |
| 80 | 85 |
| 81 // Make sure they're only trying to remove permissions supported by this API. | 86 // Make sure they're only trying to remove permissions supported by this API. |
| 82 ExtensionAPIPermissionSet apis = permissions->apis(); | 87 APIPermissionSet apis = permissions->apis(); |
| 83 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); | 88 for (APIPermissionSet::const_iterator i = apis.begin(); |
| 84 i != apis.end(); ++i) { | 89 i != apis.end(); ++i) { |
| 85 const ExtensionAPIPermission* api = info->GetByID(*i); | 90 const APIPermission* api = info->GetByID(*i); |
| 86 if (!api->supports_optional()) { | 91 if (!api->supports_optional()) { |
| 87 error_ = ExtensionErrorUtils::FormatErrorMessage( | 92 error_ = ExtensionErrorUtils::FormatErrorMessage( |
| 88 kNotWhitelistedError, api->name()); | 93 kNotWhitelistedError, api->name()); |
| 89 return false; | 94 return false; |
| 90 } | 95 } |
| 91 } | 96 } |
| 92 | 97 |
| 93 // Make sure we don't remove any required pemissions. | 98 // Make sure we don't remove any required pemissions. |
| 94 const ExtensionPermissionSet* required = extension->required_permission_set(); | 99 const PermissionSet* required = extension->required_permission_set(); |
| 95 scoped_refptr<ExtensionPermissionSet> intersection( | 100 scoped_refptr<PermissionSet> intersection( |
| 96 ExtensionPermissionSet::CreateIntersection(permissions.get(), required)); | 101 PermissionSet::CreateIntersection(permissions.get(), required)); |
| 97 if (!intersection->IsEmpty()) { | 102 if (!intersection->IsEmpty()) { |
| 98 error_ = kCantRemoveRequiredPermissionsError; | 103 error_ = kCantRemoveRequiredPermissionsError; |
| 99 result_.reset(Remove::Result::Create(false)); | 104 result_.reset(Remove::Result::Create(false)); |
| 100 return false; | 105 return false; |
| 101 } | 106 } |
| 102 | 107 |
| 103 PermissionsUpdater(profile()).RemovePermissions(extension, permissions.get()); | 108 PermissionsUpdater(profile()).RemovePermissions(extension, permissions.get()); |
| 104 result_.reset(Remove::Result::Create(true)); | 109 result_.reset(Remove::Result::Create(true)); |
| 105 return true; | 110 return true; |
| 106 } | 111 } |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 144 } | 149 } |
| 145 | 150 |
| 146 scoped_ptr<Request::Params> params(Request::Params::Create(*args_)); | 151 scoped_ptr<Request::Params> params(Request::Params::Create(*args_)); |
| 147 EXTENSION_FUNCTION_VALIDATE(params.get()); | 152 EXTENSION_FUNCTION_VALIDATE(params.get()); |
| 148 | 153 |
| 149 requested_permissions_ = | 154 requested_permissions_ = |
| 150 helpers::UnpackPermissionSet(params->permissions, &error_); | 155 helpers::UnpackPermissionSet(params->permissions, &error_); |
| 151 if (!requested_permissions_.get()) | 156 if (!requested_permissions_.get()) |
| 152 return false; | 157 return false; |
| 153 | 158 |
| 154 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 159 PermissionsInfo* info = PermissionsInfo::GetInstance(); |
| 155 ExtensionPrefs* prefs = profile()->GetExtensionService()->extension_prefs(); | 160 ExtensionPrefs* prefs = profile()->GetExtensionService()->extension_prefs(); |
| 156 | 161 |
| 157 // Make sure they're only requesting permissions supported by this API. | 162 // Make sure they're only requesting permissions supported by this API. |
| 158 ExtensionAPIPermissionSet apis = requested_permissions_->apis(); | 163 APIPermissionSet apis = requested_permissions_->apis(); |
| 159 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); | 164 for (APIPermissionSet::const_iterator i = apis.begin(); |
| 160 i != apis.end(); ++i) { | 165 i != apis.end(); ++i) { |
| 161 const ExtensionAPIPermission* api = info->GetByID(*i); | 166 const APIPermission* api = info->GetByID(*i); |
| 162 if (!api->supports_optional()) { | 167 if (!api->supports_optional()) { |
| 163 error_ = ExtensionErrorUtils::FormatErrorMessage( | 168 error_ = ExtensionErrorUtils::FormatErrorMessage( |
| 164 kNotWhitelistedError, api->name()); | 169 kNotWhitelistedError, api->name()); |
| 165 return false; | 170 return false; |
| 166 } | 171 } |
| 167 } | 172 } |
| 168 | 173 |
| 169 // The requested permissions must be defined as optional in the manifest. | 174 // The requested permissions must be defined as optional in the manifest. |
| 170 if (!GetExtension()->optional_permission_set()->Contains( | 175 if (!GetExtension()->optional_permission_set()->Contains( |
| 171 *requested_permissions_)) { | 176 *requested_permissions_)) { |
| 172 error_ = kNotInOptionalPermissionsError; | 177 error_ = kNotInOptionalPermissionsError; |
| 173 result_.reset(Request::Result::Create(false)); | 178 result_.reset(Request::Result::Create(false)); |
| 174 return false; | 179 return false; |
| 175 } | 180 } |
| 176 | 181 |
| 177 // We don't need to prompt the user if the requested permissions are a subset | 182 // We don't need to prompt the user if the requested permissions are a subset |
| 178 // of the granted permissions set. | 183 // of the granted permissions set. |
| 179 const ExtensionPermissionSet* granted = | 184 const PermissionSet* granted = |
| 180 prefs->GetGrantedPermissions(GetExtension()->id()); | 185 prefs->GetGrantedPermissions(GetExtension()->id()); |
| 181 if (granted && granted->Contains(*requested_permissions_)) { | 186 if (granted && granted->Contains(*requested_permissions_)) { |
| 182 PermissionsUpdater perms_updater(profile()); | 187 PermissionsUpdater perms_updater(profile()); |
| 183 perms_updater.AddPermissions(GetExtension(), requested_permissions_.get()); | 188 perms_updater.AddPermissions(GetExtension(), requested_permissions_.get()); |
| 184 result_.reset(Request::Result::Create(true)); | 189 result_.reset(Request::Result::Create(true)); |
| 185 SendResponse(true); | 190 SendResponse(true); |
| 186 return true; | 191 return true; |
| 187 } | 192 } |
| 188 | 193 |
| 189 // Filter out the granted permissions so we only prompt for new ones. | 194 // Filter out the granted permissions so we only prompt for new ones. |
| 190 requested_permissions_ = ExtensionPermissionSet::CreateDifference( | 195 requested_permissions_ = PermissionSet::CreateDifference( |
| 191 requested_permissions_.get(), granted); | 196 requested_permissions_.get(), granted); |
| 192 | 197 |
| 193 AddRef(); // Balanced in InstallUIProceed() / InstallUIAbort(). | 198 AddRef(); // Balanced in InstallUIProceed() / InstallUIAbort(). |
| 194 | 199 |
| 195 // We don't need to show the prompt if there are no new warnings, or if | 200 // We don't need to show the prompt if there are no new warnings, or if |
| 196 // we're skipping the confirmation UI. All extension types but INTERNAL | 201 // we're skipping the confirmation UI. All extension types but INTERNAL |
| 197 // are allowed to silently increase their permission level. | 202 // are allowed to silently increase their permission level. |
| 198 if (auto_confirm_for_tests == PROCEED || | 203 if (auto_confirm_for_tests == PROCEED || |
| 199 requested_permissions_->GetWarningMessages().size() == 0) { | 204 requested_permissions_->GetWarningMessages().size() == 0) { |
| 200 InstallUIProceed(); | 205 InstallUIProceed(); |
| 201 } else if (auto_confirm_for_tests == ABORT) { | 206 } else if (auto_confirm_for_tests == ABORT) { |
| 202 // Pretend the user clicked cancel. | 207 // Pretend the user clicked cancel. |
| 203 InstallUIAbort(true); | 208 InstallUIAbort(true); |
| 204 } else { | 209 } else { |
| 205 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); | 210 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); |
| 206 install_ui_.reset(new ExtensionInstallPrompt(GetCurrentBrowser())); | 211 install_ui_.reset(new ExtensionInstallPrompt(GetCurrentBrowser())); |
| 207 install_ui_->ConfirmPermissions( | 212 install_ui_->ConfirmPermissions( |
| 208 this, GetExtension(), requested_permissions_.get()); | 213 this, GetExtension(), requested_permissions_.get()); |
| 209 } | 214 } |
| 210 | 215 |
| 211 return true; | 216 return true; |
| 212 } | 217 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10649003:
Move each permission classes to its own files in extensions/permissions (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master