| Index: chrome/common/extensions/permissions/permissions_data_unittest.cc
|
| diff --git a/chrome/common/extensions/extension_unittest.cc b/chrome/common/extensions/permissions/permissions_data_unittest.cc
|
| similarity index 59%
|
| copy from chrome/common/extensions/extension_unittest.cc
|
| copy to chrome/common/extensions/permissions/permissions_data_unittest.cc
|
| index 11736259e966aea1ddc198fc96eeb1458eee22b1..832ccf808d5e173580832e0495d60fac54bacf1f 100644
|
| --- a/chrome/common/extensions/extension_unittest.cc
|
| +++ b/chrome/common/extensions/permissions/permissions_data_unittest.cc
|
| @@ -2,217 +2,90 @@
|
| // Use of this source code is governed by a BSD-style license that can be
|
| // found in the LICENSE file.
|
|
|
| +#include <vector>
|
| +
|
| #include "base/command_line.h"
|
| -#include "base/file_util.h"
|
| -#include "base/format_macros.h"
|
| -#include "base/path_service.h"
|
| -#include "base/stringprintf.h"
|
| -#include "base/strings/string_number_conversions.h"
|
| -#include "base/utf_string_conversions.h"
|
| -#include "chrome/common/chrome_paths.h"
|
| +#include "base/memory/ref_counted.h"
|
| +#include "base/string16.h"
|
| +#include "base/strings/utf_string_conversions.h"
|
| #include "chrome/common/chrome_switches.h"
|
| -#include "chrome/common/extensions/command.h"
|
| +#include "chrome/common/chrome_version_info.h"
|
| #include "chrome/common/extensions/extension.h"
|
| -#include "chrome/common/extensions/extension_file_util.h"
|
| #include "chrome/common/extensions/extension_manifest_constants.h"
|
| #include "chrome/common/extensions/extension_test_util.h"
|
| #include "chrome/common/extensions/features/feature.h"
|
| -#include "chrome/common/extensions/manifest.h"
|
| -#include "chrome/common/extensions/manifest_handlers/content_scripts_handler.h"
|
| #include "chrome/common/extensions/permissions/api_permission.h"
|
| #include "chrome/common/extensions/permissions/permission_set.h"
|
| +#include "chrome/common/extensions/permissions/permissions_data.h"
|
| #include "chrome/common/extensions/permissions/socket_permission.h"
|
| -#include "chrome/common/extensions/permissions/usb_device_permission.h"
|
| -#include "chrome/common/url_constants.h"
|
| +#include "content/public/common/socket_permission_request.h"
|
| #include "extensions/common/error_utils.h"
|
| -#include "extensions/common/extension_resource.h"
|
| #include "extensions/common/id_util.h"
|
| -#include "googleurl/src/gurl.h"
|
| -#include "net/base/mime_sniffer.h"
|
| -#include "net/dns/mock_host_resolver.h"
|
| -#include "skia/ext/image_operations.h"
|
| +#include "extensions/common/url_pattern_set.h"
|
| #include "testing/gtest/include/gtest/gtest.h"
|
| -#include "third_party/skia/include/core/SkBitmap.h"
|
| -#include "ui/gfx/codec/png_codec.h"
|
|
|
| using content::SocketPermissionRequest;
|
| using extension_test_util::LoadManifest;
|
| using extension_test_util::LoadManifestUnchecked;
|
| using extension_test_util::LoadManifestStrict;
|
|
|
| -namespace keys = extension_manifest_keys;
|
| -namespace values = extension_manifest_values;
|
| -namespace errors = extension_manifest_errors;
|
| -
|
| namespace extensions {
|
|
|
| -// We persist location values in the preferences, so this is a sanity test that
|
| -// someone doesn't accidentally change them.
|
| -TEST(ExtensionTest, LocationValuesTest) {
|
| - ASSERT_EQ(0, Manifest::INVALID_LOCATION);
|
| - ASSERT_EQ(1, Manifest::INTERNAL);
|
| - ASSERT_EQ(2, Manifest::EXTERNAL_PREF);
|
| - ASSERT_EQ(3, Manifest::EXTERNAL_REGISTRY);
|
| - ASSERT_EQ(4, Manifest::UNPACKED);
|
| - ASSERT_EQ(5, Manifest::COMPONENT);
|
| - ASSERT_EQ(6, Manifest::EXTERNAL_PREF_DOWNLOAD);
|
| - ASSERT_EQ(7, Manifest::EXTERNAL_POLICY_DOWNLOAD);
|
| - ASSERT_EQ(8, Manifest::COMMAND_LINE);
|
| -}
|
| -
|
| -TEST(ExtensionTest, LocationPriorityTest) {
|
| - for (int i = 0; i < Manifest::NUM_LOCATIONS; i++) {
|
| - Manifest::Location loc = static_cast<Manifest::Location>(i);
|
| -
|
| - // INVALID is not a valid location.
|
| - if (loc == Manifest::INVALID_LOCATION)
|
| - continue;
|
| -
|
| - // Comparing a location that has no rank will hit a CHECK. Do a
|
| - // compare with every valid location, to be sure each one is covered.
|
| -
|
| - // Check that no install source can override a componenet extension.
|
| - ASSERT_EQ(Manifest::COMPONENT,
|
| - Manifest::GetHigherPriorityLocation(Manifest::COMPONENT, loc));
|
| - ASSERT_EQ(Manifest::COMPONENT,
|
| - Manifest::GetHigherPriorityLocation(loc, Manifest::COMPONENT));
|
| -
|
| - // Check that any source can override a user install. This might change
|
| - // in the future, in which case this test should be updated.
|
| - ASSERT_EQ(loc,
|
| - Manifest::GetHigherPriorityLocation(Manifest::INTERNAL, loc));
|
| - ASSERT_EQ(loc,
|
| - Manifest::GetHigherPriorityLocation(loc, Manifest::INTERNAL));
|
| - }
|
| +namespace {
|
|
|
| - // Check a few interesting cases that we know can happen:
|
| - ASSERT_EQ(Manifest::EXTERNAL_POLICY_DOWNLOAD,
|
| - Manifest::GetHigherPriorityLocation(
|
| - Manifest::EXTERNAL_POLICY_DOWNLOAD,
|
| - Manifest::EXTERNAL_PREF));
|
| -
|
| - ASSERT_EQ(Manifest::EXTERNAL_PREF,
|
| - Manifest::GetHigherPriorityLocation(
|
| - Manifest::INTERNAL,
|
| - Manifest::EXTERNAL_PREF));
|
| -}
|
| -
|
| -TEST(ExtensionTest, GetResourceURLAndPath) {
|
| - scoped_refptr<Extension> extension = LoadManifestStrict("empty_manifest",
|
| - "empty.json");
|
| - EXPECT_TRUE(extension.get());
|
| -
|
| - EXPECT_EQ(extension->url().spec() + "bar/baz.js",
|
| - Extension::GetResourceURL(extension->url(), "bar/baz.js").spec());
|
| - EXPECT_EQ(extension->url().spec() + "baz.js",
|
| - Extension::GetResourceURL(extension->url(),
|
| - "bar/../baz.js").spec());
|
| - EXPECT_EQ(extension->url().spec() + "baz.js",
|
| - Extension::GetResourceURL(extension->url(), "../baz.js").spec());
|
| -
|
| - // Test that absolute-looking paths ("/"-prefixed) are pasted correctly.
|
| - EXPECT_EQ(extension->url().spec() + "test.html",
|
| - extension->GetResourceURL("/test.html").spec());
|
| -}
|
| -
|
| -TEST(ExtensionTest, GetAbsolutePathNoError) {
|
| - scoped_refptr<Extension> extension = LoadManifestStrict("absolute_path",
|
| - "absolute.json");
|
| - EXPECT_TRUE(extension.get());
|
| - std::string err;
|
| - std::vector<InstallWarning> warnings;
|
| - EXPECT_TRUE(extension_file_util::ValidateExtension(extension.get(),
|
| - &err, &warnings));
|
| - EXPECT_EQ(0U, warnings.size());
|
| -
|
| - EXPECT_EQ(extension->path().AppendASCII("test.html").value(),
|
| - extension->GetResource("test.html").GetFilePath().value());
|
| - EXPECT_EQ(extension->path().AppendASCII("test.js").value(),
|
| - extension->GetResource("test.js").GetFilePath().value());
|
| -}
|
| -
|
| -
|
| -TEST(ExtensionTest, IdIsValid) {
|
| - EXPECT_TRUE(Extension::IdIsValid("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"));
|
| - EXPECT_TRUE(Extension::IdIsValid("pppppppppppppppppppppppppppppppp"));
|
| - EXPECT_TRUE(Extension::IdIsValid("abcdefghijklmnopabcdefghijklmnop"));
|
| - EXPECT_TRUE(Extension::IdIsValid("ABCDEFGHIJKLMNOPABCDEFGHIJKLMNOP"));
|
| - EXPECT_FALSE(Extension::IdIsValid("abcdefghijklmnopabcdefghijklmno"));
|
| - EXPECT_FALSE(Extension::IdIsValid("abcdefghijklmnopabcdefghijklmnopa"));
|
| - EXPECT_FALSE(Extension::IdIsValid("0123456789abcdef0123456789abcdef"));
|
| - EXPECT_FALSE(Extension::IdIsValid("abcdefghijklmnopabcdefghijklmnoq"));
|
| - EXPECT_FALSE(Extension::IdIsValid("abcdefghijklmnopabcdefghijklmno0"));
|
| +bool CheckSocketPermission(
|
| + scoped_refptr<Extension> extension,
|
| + SocketPermissionRequest::OperationType type,
|
| + const char* host,
|
| + int port) {
|
| + SocketPermission::CheckParam param(type, host, port);
|
| + return PermissionsData::CheckAPIPermissionWithParam(
|
| + extension, APIPermission::kSocket, ¶m);
|
| }
|
|
|
| +} // namespace
|
|
|
| -// This test ensures that the mimetype sniffing code stays in sync with the
|
| -// actual crx files that we test other parts of the system with.
|
| -TEST(ExtensionTest, MimeTypeSniffing) {
|
| - base::FilePath path;
|
| - ASSERT_TRUE(PathService::Get(chrome::DIR_TEST_DATA, &path));
|
| - path = path.AppendASCII("extensions").AppendASCII("good.crx");
|
| -
|
| - std::string data;
|
| - ASSERT_TRUE(file_util::ReadFileToString(path, &data));
|
| -
|
| - std::string result;
|
| - EXPECT_TRUE(net::SniffMimeType(data.c_str(),
|
| - data.size(),
|
| - GURL("http://www.example.com/foo.crx"),
|
| - std::string(),
|
| - &result));
|
| - EXPECT_EQ(std::string(Extension::kMimeType), result);
|
| -
|
| - data.clear();
|
| - result.clear();
|
| - path = path.DirName().AppendASCII("bad_magic.crx");
|
| - ASSERT_TRUE(file_util::ReadFileToString(path, &data));
|
| - EXPECT_TRUE(net::SniffMimeType(data.c_str(),
|
| - data.size(),
|
| - GURL("http://www.example.com/foo.crx"),
|
| - std::string(),
|
| - &result));
|
| - EXPECT_EQ("application/octet-stream", result);
|
| -}
|
| -
|
| -TEST(ExtensionTest, EffectiveHostPermissions) {
|
| +TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
|
| scoped_refptr<Extension> extension;
|
| URLPatternSet hosts;
|
|
|
| extension = LoadManifest("effective_host_permissions", "empty.json");
|
| - EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size());
|
| + EXPECT_EQ(
|
| + 0u,
|
| + PermissionsData::GetEffectiveHostPermissions(
|
| + extension).patterns().size());
|
| EXPECT_FALSE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions", "one_host.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| EXPECT_FALSE(hosts.MatchesURL(GURL("https://www.google.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions",
|
| "one_host_wildcard.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://foo.google.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions", "two_hosts.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions",
|
| "https_not_considered.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("https://google.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions",
|
| "two_content_scripts.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
|
| EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
|
| @@ -220,39 +93,30 @@ TEST(ExtensionTest, EffectiveHostPermissions) {
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://news.ycombinator.com")));
|
| EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
|
| GURL("http://news.ycombinator.com")));
|
| - EXPECT_FALSE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions", "all_hosts.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
|
| EXPECT_FALSE(hosts.MatchesURL(GURL("https://test/")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| - EXPECT_TRUE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| - EXPECT_TRUE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
|
|
| extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
|
| - hosts = extension->GetEffectiveHostPermissions();
|
| + hosts = PermissionsData::GetEffectiveHostPermissions(extension);
|
| EXPECT_FALSE(hosts.MatchesURL(GURL("http://test/")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("https://test/")));
|
| EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
|
| - EXPECT_TRUE(extension->HasEffectiveAccessToAllHosts());
|
| + EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension));
|
| }
|
|
|
| -static bool CheckSocketPermission(scoped_refptr<Extension> extension,
|
| - SocketPermissionRequest::OperationType type,
|
| - const char* host,
|
| - int port) {
|
| - SocketPermission::CheckParam param(type, host, port);
|
| - return extension->CheckAPIPermissionWithParam(
|
| - APIPermission::kSocket, ¶m);
|
| -}
|
| -
|
| -TEST(ExtensionTest, SocketPermissions) {
|
| +TEST(ExtensionPermissionsTest, SocketPermissions) {
|
| // Set feature current channel to appropriate value.
|
| Feature::ScopedCurrentChannel scoped_channel(
|
| chrome::VersionInfo::CHANNEL_DEV);
|
| @@ -269,7 +133,7 @@ TEST(ExtensionTest, SocketPermissions) {
|
| &error);
|
| EXPECT_TRUE(extension == NULL);
|
| ASSERT_EQ(ErrorUtils::FormatErrorMessage(
|
| - errors::kInvalidPermission, "socket"), error);
|
| + extension_manifest_errors::kInvalidPermission, "socket"), error);
|
|
|
| extension = LoadManifest("socket_permissions", "socket2.json");
|
| EXPECT_TRUE(CheckSocketPermission(extension,
|
| @@ -289,7 +153,7 @@ TEST(ExtensionTest, SocketPermissions) {
|
|
|
| // This tests the API permissions with an empty manifest (one that just
|
| // specifies a name and a version and nothing else).
|
| -TEST(ExtensionTest, ApiPermissions) {
|
| +TEST(ExtensionPermissionsTest, ApiPermissions) {
|
| const struct {
|
| const char* permission_name;
|
| bool expect_success;
|
| @@ -334,10 +198,11 @@ TEST(ExtensionTest, ApiPermissions) {
|
| }
|
| }
|
|
|
| -TEST(ExtensionTest, GetPermissionMessages_ManyApiPermissions) {
|
| +TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyAPIPermissions) {
|
| scoped_refptr<Extension> extension;
|
| extension = LoadManifest("permissions", "many-apis.json");
|
| - std::vector<string16> warnings = extension->GetPermissionMessageStrings();
|
| + std::vector<string16> warnings =
|
| + PermissionsData::GetPermissionMessageStrings(extension);
|
| ASSERT_EQ(6u, warnings.size());
|
| EXPECT_EQ("Access your data on api.flickr.com",
|
| UTF16ToUTF8(warnings[0]));
|
| @@ -349,30 +214,33 @@ TEST(ExtensionTest, GetPermissionMessages_ManyApiPermissions) {
|
| UTF16ToUTF8(warnings[5]));
|
| }
|
|
|
| -TEST(ExtensionTest, GetPermissionMessages_LocationApiPermission) {
|
| +TEST(ExtensionPermissionsTest, GetPermissionMessages_LocationApiPermission) {
|
| scoped_refptr<Extension> extension;
|
| extension = LoadManifest("permissions",
|
| "location-api.json",
|
| Manifest::COMPONENT,
|
| Extension::NO_FLAGS);
|
| - std::vector<string16> warnings = extension->GetPermissionMessageStrings();
|
| + std::vector<string16> warnings =
|
| + PermissionsData::GetPermissionMessageStrings(extension);
|
| ASSERT_EQ(1u, warnings.size());
|
| EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[0]));
|
| }
|
|
|
| -TEST(ExtensionTest, GetPermissionMessages_ManyHosts) {
|
| +TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHosts) {
|
| scoped_refptr<Extension> extension;
|
| extension = LoadManifest("permissions", "many-hosts.json");
|
| - std::vector<string16> warnings = extension->GetPermissionMessageStrings();
|
| + std::vector<string16> warnings =
|
| + PermissionsData::GetPermissionMessageStrings(extension);
|
| ASSERT_EQ(1u, warnings.size());
|
| EXPECT_EQ("Access your data on encrypted.google.com and www.google.com",
|
| UTF16ToUTF8(warnings[0]));
|
| }
|
|
|
| -TEST(ExtensionTest, GetPermissionMessages_Plugins) {
|
| +TEST(ExtensionPermissionsTest, GetPermissionMessages_Plugins) {
|
| scoped_refptr<Extension> extension;
|
| extension = LoadManifest("permissions", "plugins.json");
|
| - std::vector<string16> warnings = extension->GetPermissionMessageStrings();
|
| + std::vector<string16> warnings =
|
| + PermissionsData::GetPermissionMessageStrings(extension);
|
| // We don't parse the plugins key on Chrome OS, so it should not ask for any
|
| // permissions.
|
| #if defined(OS_CHROMEOS)
|
| @@ -384,112 +252,32 @@ TEST(ExtensionTest, GetPermissionMessages_Plugins) {
|
| #endif
|
| }
|
|
|
| -TEST(ExtensionTest, WantsFileAccess) {
|
| - scoped_refptr<Extension> extension;
|
| - GURL file_url("file:///etc/passwd");
|
| -
|
| - // <all_urls> permission
|
| - extension = LoadManifest("permissions", "permissions_all_urls.json");
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| - extension = LoadManifest(
|
| - "permissions", "permissions_all_urls.json", Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_TRUE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| -
|
| - // file:///* permission
|
| - extension = LoadManifest("permissions", "permissions_file_scheme.json");
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| - extension = LoadManifest("permissions", "permissions_file_scheme.json",
|
| - Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_TRUE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| -
|
| - // http://* permission
|
| - extension = LoadManifest("permissions", "permissions_http_scheme.json");
|
| - EXPECT_FALSE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| - extension = LoadManifest("permissions", "permissions_http_scheme.json",
|
| - Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_FALSE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url, file_url, -1, NULL, NULL));
|
| -
|
| - // <all_urls> content script match
|
| - extension = LoadManifest("permissions", "content_script_all_urls.json");
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| - extension = LoadManifest("permissions", "content_script_all_urls.json",
|
| - Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_TRUE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| -
|
| - // file:///* content script match
|
| - extension = LoadManifest("permissions", "content_script_file_scheme.json");
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| - extension = LoadManifest("permissions", "content_script_file_scheme.json",
|
| - Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_TRUE(extension->wants_file_access());
|
| - EXPECT_TRUE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| -
|
| - // http://* content script match
|
| - extension = LoadManifest("permissions", "content_script_http_scheme.json");
|
| - EXPECT_FALSE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| - extension = LoadManifest("permissions", "content_script_http_scheme.json",
|
| - Extension::ALLOW_FILE_ACCESS);
|
| - EXPECT_FALSE(extension->wants_file_access());
|
| - EXPECT_FALSE(extension->CanExecuteScriptOnPage(
|
| - file_url,
|
| - file_url,
|
| - -1,
|
| - &ContentScriptsInfo::GetContentScripts(extension)[0],
|
| - NULL));
|
| -}
|
| +TEST(ExtensionPermissionsTest, OptionalOnlyPermission) {
|
| + // Set feature current channel to dev because the only permission that must
|
| + // be optional (usbDevices) is only available on dev channel.
|
| + Feature::ScopedCurrentChannel scoped_channel(
|
| + chrome::VersionInfo::CHANNEL_DEV);
|
|
|
| -TEST(ExtensionTest, ExtraFlags) {
|
| scoped_refptr<Extension> extension;
|
| - extension = LoadManifest("app", "manifest.json", Extension::FROM_WEBSTORE);
|
| - EXPECT_TRUE(extension->from_webstore());
|
| -
|
| - extension = LoadManifest("app", "manifest.json", Extension::FROM_BOOKMARK);
|
| - EXPECT_TRUE(extension->from_bookmark());
|
| + std::string error;
|
| + extension = LoadManifestUnchecked("optional_only_permission",
|
| + "manifest1.json",
|
| + Manifest::INTERNAL, Extension::NO_FLAGS,
|
| + &error);
|
| + EXPECT_TRUE(extension == NULL);
|
| + ASSERT_EQ(
|
| + ErrorUtils::FormatErrorMessage(
|
| + extension_manifest_errors::kPermissionMustBeOptional,
|
| + "usbDevices"),
|
| + error);
|
|
|
| - extension = LoadManifest("app", "manifest.json", Extension::NO_FLAGS);
|
| - EXPECT_FALSE(extension->from_bookmark());
|
| - EXPECT_FALSE(extension->from_webstore());
|
| + error.clear();
|
| + extension = LoadManifestUnchecked("optional_only_permission",
|
| + "manifest2.json",
|
| + Manifest::INTERNAL, Extension::NO_FLAGS,
|
| + &error);
|
| + EXPECT_TRUE(extension != NULL);
|
| + EXPECT_TRUE(error.empty());
|
| }
|
|
|
| // Base class for testing the CanExecuteScriptOnPage and CanCaptureVisiblePage
|
| @@ -519,12 +307,14 @@ class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
|
|
|
| bool AllowedScript(const Extension* extension, const GURL& url,
|
| const GURL& top_url) {
|
| - return extension->CanExecuteScriptOnPage(url, top_url, -1, NULL, NULL);
|
| + return PermissionsData::CanExecuteScriptOnPage(
|
| + extension, url, top_url, -1, NULL, NULL);
|
| }
|
|
|
| bool BlockedScript(const Extension* extension, const GURL& url,
|
| const GURL& top_url) {
|
| - return !extension->CanExecuteScriptOnPage(url, top_url, -1, NULL, NULL);
|
| + return !PermissionsData::CanExecuteScriptOnPage(
|
| + extension, url, top_url, -1, NULL, NULL);
|
| }
|
|
|
| bool Allowed(const Extension* extension, const GURL& url) {
|
| @@ -532,8 +322,10 @@ class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
|
| }
|
|
|
| bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
|
| - return (extension->CanExecuteScriptOnPage(url, url, tab_id, NULL, NULL) &&
|
| - extension->CanCaptureVisiblePage(url, tab_id, NULL));
|
| + return (PermissionsData::CanExecuteScriptOnPage(
|
| + extension, url, url, tab_id, NULL, NULL) &&
|
| + PermissionsData::CanCaptureVisiblePage(
|
| + extension, url, tab_id, NULL));
|
| }
|
|
|
| bool CaptureOnly(const Extension* extension, const GURL& url) {
|
| @@ -541,8 +333,9 @@ class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
|
| }
|
|
|
| bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
|
| - return !extension->CanExecuteScriptOnPage(url, url, tab_id, NULL, NULL) &&
|
| - extension->CanCaptureVisiblePage(url, tab_id, NULL);
|
| + return !PermissionsData::CanExecuteScriptOnPage(
|
| + extension, url, url, tab_id, NULL, NULL) &&
|
| + PermissionsData::CanCaptureVisiblePage(extension, url, tab_id, NULL);
|
| }
|
|
|
| bool Blocked(const Extension* extension, const GURL& url) {
|
| @@ -550,8 +343,10 @@ class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
|
| }
|
|
|
| bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
|
| - return !(extension->CanExecuteScriptOnPage(url, url, tab_id, NULL, NULL) ||
|
| - extension->CanCaptureVisiblePage(url, tab_id, NULL));
|
| + return !(PermissionsData::CanExecuteScriptOnPage(
|
| + extension, url, url, tab_id, NULL, NULL) ||
|
| + PermissionsData::CanCaptureVisiblePage(
|
| + extension, url, tab_id, NULL));
|
| }
|
|
|
| bool AllowedExclusivelyOnTab(
|
| @@ -612,9 +407,9 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
|
| EXPECT_TRUE(BlockedScript(extension, http_url, extension_url));
|
| EXPECT_TRUE(BlockedScript(extension, https_url, extension_url));
|
|
|
| - EXPECT_FALSE(extension->HasHostPermission(settings_url));
|
| - EXPECT_FALSE(extension->HasHostPermission(about_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, settings_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, about_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Test * for scheme, which implies just the http/https schemes.
|
| extension = LoadManifestStrict("script_and_capture",
|
| @@ -637,8 +432,11 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
|
| Manifest::INTERNAL, Extension::NO_FLAGS,
|
| &error);
|
| EXPECT_TRUE(extension == NULL);
|
| - EXPECT_EQ(ErrorUtils::FormatErrorMessage(
|
| - errors::kInvalidPermissionScheme, "chrome://*/"), error);
|
| + EXPECT_EQ(
|
| + ErrorUtils::FormatErrorMessage(
|
| + extension_manifest_errors::kInvalidPermissionScheme,
|
| + "chrome://*/"),
|
| + error);
|
|
|
| // Having chrome://favicon/* should not give you chrome://*
|
| extension = LoadManifestStrict("script_and_capture",
|
| @@ -646,7 +444,7 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
|
| EXPECT_TRUE(Blocked(extension, settings_url));
|
| EXPECT_TRUE(CaptureOnly(extension, favicon_url));
|
| EXPECT_TRUE(Blocked(extension, about_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Having http://favicon should not give you chrome://favicon
|
| extension = LoadManifestStrict("script_and_capture",
|
| @@ -662,7 +460,7 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
|
| EXPECT_TRUE(Allowed(extension, settings_url));
|
| EXPECT_TRUE(Allowed(extension, about_url));
|
| EXPECT_TRUE(Allowed(extension, favicon_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Component extensions should only get access to what they ask for.
|
| extension = LoadManifest("script_and_capture",
|
| @@ -675,7 +473,7 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
|
| EXPECT_TRUE(Blocked(extension, favicon_url));
|
| EXPECT_TRUE(Blocked(extension, about_url));
|
| EXPECT_TRUE(Blocked(extension, extension_url));
|
| - EXPECT_FALSE(extension->HasHostPermission(settings_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, settings_url));
|
| }
|
|
|
|
|
| @@ -705,9 +503,9 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
|
| EXPECT_TRUE(BlockedScript(extension, http_url, extension_url));
|
| EXPECT_TRUE(BlockedScript(extension, https_url, extension_url));
|
|
|
| - EXPECT_FALSE(extension->HasHostPermission(settings_url));
|
| - EXPECT_FALSE(extension->HasHostPermission(about_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, settings_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, about_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Test * for scheme, which implies just the http/https schemes.
|
| extension = LoadManifestStrict("script_and_capture",
|
| @@ -743,7 +541,7 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
|
| EXPECT_TRUE(Blocked(extension, settings_url));
|
| EXPECT_TRUE(Allowed(extension, favicon_url)); // chrome:// requested
|
| EXPECT_TRUE(Blocked(extension, about_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Having http://favicon should not give you chrome://favicon
|
| extension = LoadManifestStrict("script_and_capture",
|
| @@ -759,7 +557,7 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
|
| EXPECT_TRUE(Allowed(extension, settings_url));
|
| EXPECT_TRUE(Allowed(extension, about_url));
|
| EXPECT_TRUE(Allowed(extension, favicon_url));
|
| - EXPECT_TRUE(extension->HasHostPermission(favicon_url));
|
| + EXPECT_TRUE(PermissionsData::HasHostPermission(extension, favicon_url));
|
|
|
| // Component extensions should only get access to what they ask for.
|
| extension = LoadManifest("script_and_capture",
|
| @@ -772,16 +570,16 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
|
| EXPECT_TRUE(Blocked(extension, favicon_url));
|
| EXPECT_TRUE(Blocked(extension, about_url));
|
| EXPECT_TRUE(Blocked(extension, extension_url));
|
| - EXPECT_FALSE(extension->HasHostPermission(settings_url));
|
| + EXPECT_FALSE(PermissionsData::HasHostPermission(extension, settings_url));
|
| }
|
|
|
| TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
|
| scoped_refptr<Extension> extension =
|
| LoadManifestStrict("script_and_capture", "tab_specific.json");
|
|
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(0).get());
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(1).get());
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(2).get());
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 0).get());
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 1).get());
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 2).get());
|
|
|
| std::set<GURL> no_urls;
|
|
|
| @@ -802,17 +600,18 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
|
| {
|
| scoped_refptr<PermissionSet> permissions(
|
| new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
|
| - extension->UpdateTabSpecificPermissions(0, permissions);
|
| + PermissionsData::UpdateTabSpecificPermissions(extension, 0, permissions);
|
| EXPECT_EQ(permissions->explicit_hosts(),
|
| - extension->GetTabSpecificPermissions(0)->explicit_hosts());
|
| + PermissionsData::GetTabSpecificPermissions(
|
| + extension, 0)->explicit_hosts());
|
| }
|
|
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, allowed_urls, 0));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
|
|
|
| - extension->ClearTabSpecificPermissions(0);
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(0).get());
|
| + PermissionsData::ClearTabSpecificPermissions(extension, 0);
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 0).get());
|
|
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
|
| @@ -827,60 +626,37 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
|
| {
|
| scoped_refptr<PermissionSet> permissions(
|
| new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
|
| - extension->UpdateTabSpecificPermissions(0, permissions);
|
| + PermissionsData::UpdateTabSpecificPermissions(extension, 0, permissions);
|
| EXPECT_EQ(permissions->explicit_hosts(),
|
| - extension->GetTabSpecificPermissions(0)->explicit_hosts());
|
| + PermissionsData::GetTabSpecificPermissions(
|
| + extension, 0)->explicit_hosts());
|
|
|
| permissions = new PermissionSet(APIPermissionSet(),
|
| more_allowed_hosts,
|
| URLPatternSet());
|
| - extension->UpdateTabSpecificPermissions(1, permissions);
|
| + PermissionsData::UpdateTabSpecificPermissions(extension, 1, permissions);
|
| EXPECT_EQ(permissions->explicit_hosts(),
|
| - extension->GetTabSpecificPermissions(1)->explicit_hosts());
|
| + PermissionsData::GetTabSpecificPermissions(
|
| + extension, 1)->explicit_hosts());
|
| }
|
|
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, allowed_urls, 0));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, more_allowed_urls, 1));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
|
|
|
| - extension->ClearTabSpecificPermissions(0);
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(0).get());
|
| + PermissionsData::ClearTabSpecificPermissions(extension, 0);
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 0).get());
|
|
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, more_allowed_urls, 1));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
|
|
|
| - extension->ClearTabSpecificPermissions(1);
|
| - EXPECT_FALSE(extension->GetTabSpecificPermissions(1).get());
|
| + PermissionsData::ClearTabSpecificPermissions(extension, 1);
|
| + EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension, 1).get());
|
|
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
|
| EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
|
| }
|
|
|
| -TEST(ExtensionTest, OptionalOnlyPermission) {
|
| - // Set feature current channel to dev because the only permission that must
|
| - // be optional (usbDevices) is only available on dev channel.
|
| - Feature::ScopedCurrentChannel scoped_channel(
|
| - chrome::VersionInfo::CHANNEL_DEV);
|
| -
|
| - scoped_refptr<Extension> extension;
|
| - std::string error;
|
| - extension = LoadManifestUnchecked("optional_only_permission",
|
| - "manifest1.json",
|
| - Manifest::INTERNAL, Extension::NO_FLAGS,
|
| - &error);
|
| - EXPECT_TRUE(extension == NULL);
|
| - ASSERT_EQ(ErrorUtils::FormatErrorMessage(
|
| - errors::kPermissionMustBeOptional, "usbDevices"), error);
|
| -
|
| - error.clear();
|
| - extension = LoadManifestUnchecked("optional_only_permission",
|
| - "manifest2.json",
|
| - Manifest::INTERNAL, Extension::NO_FLAGS,
|
| - &error);
|
| - EXPECT_TRUE(extension != NULL);
|
| - EXPECT_TRUE(error.empty());
|
| -}
|
| -
|
| } // namespace extensions
|
|
|
Chromium Code Reviews
Issue 14651017:
Move RuntimeData and related permissions out of Extension class (Closed)
Base URL: http://git.chromium.org/chromium/src.git@dc_unref_permissions