Add network-status socket permission.

chrome/common/extensions/permissions/socket_permission_data.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/permissions/socket_permission_data.h"
 
 #include <cstdlib>
 #include <sstream>
 #include <vector>
 
@@ skipping 15 matching lines @@
 const char kDot = '.';
 const char kWildcard[] = "*";
 const char kInvalid[] = "invalid";
 const char kTCPConnect[] = "tcp-connect";
 const char kTCPListen[] = "tcp-listen";
 const char kUDPBind[] = "udp-bind";
 const char kUDPSendTo[] = "udp-send-to";
 const char kUDPMulticastMembership[] = "udp-multicast-membership";
 const char kResolveHost[] = "resolve-host";
 const char kResolveProxy[] = "resolve-proxy";
+const char kNetworkState[] = "network-state";
 const int kWildcardPortNumber = 0;
 const int kInvalidPort = -1;
 
 SocketPermissionRequest::OperationType StringToType(const std::string& s) {
   if (s == kTCPConnect)
     return SocketPermissionRequest::TCP_CONNECT;
   if (s == kTCPListen)
     return SocketPermissionRequest::TCP_LISTEN;
   if (s == kUDPBind)
     return SocketPermissionRequest::UDP_BIND;
   if (s == kUDPSendTo)
     return SocketPermissionRequest::UDP_SEND_TO;
   if (s == kUDPMulticastMembership)
     return SocketPermissionRequest::UDP_MULTICAST_MEMBERSHIP;
   if (s == kResolveHost)
     return SocketPermissionRequest::RESOLVE_HOST;
   if (s == kResolveProxy)
     return SocketPermissionRequest::RESOLVE_PROXY;
+  if (s == kNetworkState)
+    return SocketPermissionRequest::NETWORK_STATE;
   return SocketPermissionRequest::NONE;
 }
 
 const char* TypeToString(SocketPermissionRequest::OperationType type) {
   switch (type) {
     case SocketPermissionRequest::TCP_CONNECT:
       return kTCPConnect;
     case SocketPermissionRequest::TCP_LISTEN:
       return kTCPListen;
     case SocketPermissionRequest::UDP_BIND:
       return kUDPBind;
     case SocketPermissionRequest::UDP_SEND_TO:
       return kUDPSendTo;
     case SocketPermissionRequest::UDP_MULTICAST_MEMBERSHIP:
       return kUDPMulticastMembership;
     case SocketPermissionRequest::RESOLVE_HOST:
       return kResolveHost;
     case SocketPermissionRequest::RESOLVE_PROXY:
       return kResolveProxy;
+    case SocketPermissionRequest::NETWORK_STATE:
+      return kNetworkState;
     default:
       return kInvalid;
   }
 }
 
 bool StartsOrEndsWithWhitespace(const std::string& str) {
   if (str.find_first_not_of(kWhitespaceASCII) != 0)
     return true;
   if (str.find_last_not_of(kWhitespaceASCII) != str.length() - 1)
     return true;
@@ skipping 90 matching lines @@
 }
 
 bool SocketPermissionData::FromValue(const base::Value* value) {
   std::string spec;
   if (!value->GetAsString(&spec))
     return false;
 
   return Parse(spec);
 }
 
+bool SocketPermissionData::IsAddressBoundType() const {
+  return pattern_.type == SocketPermissionRequest::TCP_CONNECT ||
+      pattern_.type == SocketPermissionRequest::TCP_LISTEN ||
+      pattern_.type == SocketPermissionRequest::UDP_BIND ||
+      pattern_.type == SocketPermissionRequest::UDP_SEND_TO;
+}
+
 SocketPermissionData::HostType SocketPermissionData::GetHostType() const {
   return pattern_.host.empty() ? SocketPermissionData::ANY_HOST :
          match_subdomains_     ? SocketPermissionData::HOSTS_IN_DOMAINS :
                                  SocketPermissionData::SPECIFIC_HOSTS;
 }
 
 const std::string SocketPermissionData::GetHost() const {
   return pattern_.host;
 }
 
@@ skipping 23 matching lines @@
     if (tokens.empty() || tokens.size() > 3)
       break;
 
     pattern_.type = StringToType(tokens[0]);
     if (pattern_.type == SocketPermissionRequest::NONE)
       break;
 
     if (tokens.size() == 1)
       return true;
 
-    // Multicast membership, resolve proxy and resolve host permission strings
-    // do not carry an address.
-    if (pattern_.type == SocketPermissionRequest::UDP_MULTICAST_MEMBERSHIP ||
-        pattern_.type == SocketPermissionRequest::RESOLVE_PROXY ||
-        pattern_.type == SocketPermissionRequest::RESOLVE_HOST)
+    // Return an error if address is specified for permissions that don't
+    // need it (such as 'resolve-host').
+    if (!IsAddressBoundType())
       break;
 
     pattern_.host = tokens[1];
     if (!pattern_.host.empty()) {
       if (StartsOrEndsWithWhitespace(pattern_.host))
         break;
       pattern_.host = StringToLowerASCII(pattern_.host);
 
       // The first component can optionally be '*' to match all subdomains.
       std::vector<std::string> host_components;
@@ skipping 25 matching lines @@
   return false;
 }
 
 const std::string& SocketPermissionData::GetAsString() const {
   if (!spec_.empty())
     return spec_;
 
   spec_.reserve(64);
   spec_.append(TypeToString(pattern_.type));
 
-  if (pattern_.type == SocketPermissionRequest::UDP_MULTICAST_MEMBERSHIP ||
-      pattern_.type == SocketPermissionRequest::RESOLVE_PROXY ||
-      pattern_.type == SocketPermissionRequest::RESOLVE_HOST)
+  if (!IsAddressBoundType())
     return spec_;
 
   if (match_subdomains_) {
     spec_.append(1, kColon).append(kWildcard);
     if (!pattern_.host.empty())
       spec_.append(1, kDot).append(pattern_.host);
   } else {
      spec_.append(1, kColon).append(pattern_.host);
   }
 
   if (pattern_.port == kWildcardPortNumber)
     spec_.append(1, kColon).append(kWildcard);
   else
     spec_.append(1, kColon).append(base::IntToString(pattern_.port));
 
   return spec_;
 }
 
 void SocketPermissionData::Reset() {
   pattern_.type = SocketPermissionRequest::NONE;
   pattern_.host.clear();
   match_subdomains_ = false;
   pattern_.port = kInvalidPort;
   spec_.clear();
 }
 
 }  // namespace extensions