Refactor PermissionsData pt1

extensions/common/permissions/permissions_data_unittest.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/strings/string16.h"
 #include "base/strings/utf_string_conversions.h"
@@ skipping 28 matching lines @@
 namespace {
 
 const char kAllHostsPermission[] = "*://*/*";
 
 bool CheckSocketPermission(
     scoped_refptr<Extension> extension,
     SocketPermissionRequest::OperationType type,
     const char* host,
     int port) {
   SocketPermission::CheckParam param(type, host, port);
-  return PermissionsData::CheckAPIPermissionWithParam(
-      extension.get(), APIPermission::kSocket, &param);
+  return PermissionsData::ForExtension(extension)
+      ->CheckAPIPermissionWithParam(APIPermission::kSocket, &param);
 }
 
 // Creates and returns an extension with the given |id|, |host_permissions|, and
 // manifest |location|.
 scoped_refptr<const Extension> GetExtensionWithHostPermission(
     const std::string& id,
     const std::string& host_permissions,
     Manifest::Location location) {
   ListBuilder permissions;
   if (!host_permissions.empty())
@@ skipping 13 matching lines @@
       .Build();
 }
 
 bool RequiresActionForScriptExecution(const std::string& extension_id,
                                       const std::string& host_permissions,
                                       Manifest::Location location) {
   scoped_refptr<const Extension> extension =
       GetExtensionWithHostPermission(extension_id,
                                      host_permissions,
                                      location);
-  return PermissionsData::RequiresActionForScriptExecution(
-      extension,
-      -1,  // Ignore tab id for these.
-      GURL::EmptyGURL());
+  return PermissionsData::ForExtension(extension)
+      ->RequiresActionForScriptExecution(extension,
+                                         -1,  // Ignore tab id for these.
+                                         GURL::EmptyGURL());
 }
 
 }  // namespace
 
 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
   scoped_refptr<Extension> extension;
   URLPatternSet hosts;
 
   extension = LoadManifest("effective_host_permissions", "empty.json");
   EXPECT_EQ(0u,
-            PermissionsData::GetEffectiveHostPermissions(extension.get())
-                .patterns().size());
+            PermissionsData::ForExtension(extension)
+                ->GetEffectiveHostPermissions()
+                .patterns()
+                .size());
   EXPECT_FALSE(hosts.MatchesURL(GURL("http://www.google.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions", "one_host.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
   EXPECT_FALSE(hosts.MatchesURL(GURL("https://www.google.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions",
                            "one_host_wildcard.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://foo.google.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions", "two_hosts.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions",
                            "https_not_considered.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("https://google.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions",
                            "two_content_scripts.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://google.com")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.reddit.com")));
   EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
       GURL("http://www.reddit.com")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://news.ycombinator.com")));
   EXPECT_TRUE(extension->GetActivePermissions()->HasEffectiveAccessToURL(
       GURL("http://news.ycombinator.com")));
-  EXPECT_FALSE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_FALSE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions", "all_hosts.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
   EXPECT_FALSE(hosts.MatchesURL(GURL("https://test/")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
-  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions", "all_hosts2.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://test/")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
-  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 
   extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
-  hosts = PermissionsData::GetEffectiveHostPermissions(extension.get());
+  hosts =
+      PermissionsData::ForExtension(extension)->GetEffectiveHostPermissions();
   EXPECT_FALSE(hosts.MatchesURL(GURL("http://test/")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("https://test/")));
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
-  EXPECT_TRUE(PermissionsData::HasEffectiveAccessToAllHosts(extension.get()));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasEffectiveAccessToAllHosts());
 }
 
 TEST(ExtensionPermissionsTest, SocketPermissions) {
   // Set feature current channel to appropriate value.
   ScopedCurrentChannel scoped_channel(chrome::VersionInfo::CHANNEL_DEV);
   scoped_refptr<Extension> extension;
   std::string error;
 
   extension = LoadManifest("socket_permissions", "empty.json");
   EXPECT_FALSE(CheckSocketPermission(extension,
@@ skipping 54 matching lines @@
                                      kAllHostsPermission,
                                      Manifest::INTERNAL);
   URLPatternSet allowed_hosts;
   allowed_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTPS, "https://www.google.com/*"));
   scoped_refptr<PermissionSet> tab_permissions(
       new PermissionSet(APIPermissionSet(),
                         ManifestPermissionSet(),
                         allowed_hosts,
                         URLPatternSet()));
-  PermissionsData::UpdateTabSpecificPermissions(extension, 0, tab_permissions);
-  EXPECT_FALSE(PermissionsData::RequiresActionForScriptExecution(
-      extension, 0, GURL("https://www.google.com/")));
+  PermissionsData::ForExtension(extension)
+      ->UpdateTabSpecificPermissions(0, tab_permissions);
+  EXPECT_FALSE(PermissionsData::ForExtension(extension)
+                   ->RequiresActionForScriptExecution(
+                       extension, 0, GURL("https://www.google.com/")));
 }
 
 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyAPIPermissions) {
   scoped_refptr<Extension> extension;
   extension = LoadManifest("permissions", "many-apis.json");
   std::vector<base::string16> warnings =
-      PermissionsData::GetPermissionMessageStrings(extension.get());
+      PermissionsData::ForExtension(extension)->GetPermissionMessageStrings();
   // Warning for "tabs" is suppressed by "history" permission.
   ASSERT_EQ(5u, warnings.size());
   EXPECT_EQ("Read and modify your data on api.flickr.com",
             UTF16ToUTF8(warnings[0]));
   EXPECT_EQ("Read and modify your bookmarks", UTF16ToUTF8(warnings[1]));
   EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[2]));
   EXPECT_EQ("Read and modify your browsing history", UTF16ToUTF8(warnings[3]));
   EXPECT_EQ("Manage your apps, extensions, and themes",
             UTF16ToUTF8(warnings[4]));
 }
 
 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHostsPermissions) {
   scoped_refptr<Extension> extension;
   extension = LoadManifest("permissions", "more-than-3-hosts.json");
   std::vector<base::string16> warnings =
-      PermissionsData::GetPermissionMessageStrings(extension.get());
+      PermissionsData::ForExtension(extension)->GetPermissionMessageStrings();
   std::vector<base::string16> warnings_details =
-      PermissionsData::GetPermissionMessageDetailsStrings(extension.get());
+      PermissionsData::ForExtension(extension)
+          ->GetPermissionMessageDetailsStrings();
   ASSERT_EQ(1u, warnings.size());
   ASSERT_EQ(1u, warnings_details.size());
   EXPECT_EQ("Read and modify your data on 5 websites",
             UTF16ToUTF8(warnings[0]));
   EXPECT_EQ("- www.a.com\n- www.b.com\n- www.c.com\n- www.d.com\n- www.e.com",
             UTF16ToUTF8(warnings_details[0]));
 }
 
 TEST(ExtensionPermissionsTest, GetPermissionMessages_LocationApiPermission) {
   scoped_refptr<Extension> extension;
   extension = LoadManifest("permissions",
                            "location-api.json",
                            Manifest::COMPONENT,
                            Extension::NO_FLAGS);
   std::vector<base::string16> warnings =
-      PermissionsData::GetPermissionMessageStrings(extension.get());
+      PermissionsData::ForExtension(extension)->GetPermissionMessageStrings();
   ASSERT_EQ(1u, warnings.size());
   EXPECT_EQ("Detect your physical location", UTF16ToUTF8(warnings[0]));
 }
 
 TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyHosts) {
   scoped_refptr<Extension> extension;
   extension = LoadManifest("permissions", "many-hosts.json");
   std::vector<base::string16> warnings =
-      PermissionsData::GetPermissionMessageStrings(extension.get());
+      PermissionsData::ForExtension(extension)->GetPermissionMessageStrings();
   ASSERT_EQ(1u, warnings.size());
   EXPECT_EQ(
       "Read and modify your data on encrypted.google.com and www.google.com",
       UTF16ToUTF8(warnings[0]));
 }
 
 TEST(ExtensionPermissionsTest, GetPermissionMessages_Plugins) {
   scoped_refptr<Extension> extension;
   extension = LoadManifest("permissions", "plugins.json");
   std::vector<base::string16> warnings =
-      PermissionsData::GetPermissionMessageStrings(extension.get());
+      PermissionsData::ForExtension(extension)->GetPermissionMessageStrings();
 // We don't parse the plugins key on Chrome OS, so it should not ask for any
 // permissions.
 #if defined(OS_CHROMEOS)
   ASSERT_EQ(0u, warnings.size());
 #else
   ASSERT_EQ(1u, warnings.size());
   EXPECT_EQ(
       "Read and modify all your data on your computer and the websites you "
       "visit",
       UTF16ToUTF8(warnings[0]));
@@ skipping 27 matching lines @@
     PermissionsData::SetPolicyDelegate(NULL);
   }
 
   bool AllowedScript(const Extension* extension, const GURL& url,
                      const GURL& top_url) {
     return AllowedScript(extension, url, top_url, -1);
   }
 
   bool AllowedScript(const Extension* extension, const GURL& url,
                      const GURL& top_url, int tab_id) {
-    return PermissionsData::CanExecuteScriptOnPage(
+    return PermissionsData::ForExtension(extension)->CanExecuteScriptOnPage(
         extension, url, top_url, tab_id, NULL, -1, NULL);
   }
 
   bool BlockedScript(const Extension* extension, const GURL& url,
                      const GURL& top_url) {
-    return !PermissionsData::CanExecuteScriptOnPage(
+    return !PermissionsData::ForExtension(extension)->CanExecuteScriptOnPage(
         extension, url, top_url, -1, NULL, -1, NULL);
   }
 
   bool Allowed(const Extension* extension, const GURL& url) {
     return Allowed(extension, url, -1);
   }
 
   bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
-    return (PermissionsData::CanExecuteScriptOnPage(
+    return (PermissionsData::ForExtension(extension)->CanExecuteScriptOnPage(
                 extension, url, url, tab_id, NULL, -1, NULL) &&
-            PermissionsData::CanCaptureVisiblePage(
-                extension, tab_id, NULL));
+            PermissionsData::ForExtension(extension)
+                ->CanCaptureVisiblePage(tab_id, NULL));
   }
 
   bool CaptureOnly(const Extension* extension, const GURL& url) {
     return CaptureOnly(extension, url, -1);
   }
 
   bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
-    return !PermissionsData::CanExecuteScriptOnPage(
-                extension, url, url, tab_id, NULL, -1, NULL) &&
-           PermissionsData::CanCaptureVisiblePage(extension, tab_id, NULL);
+    return !PermissionsData::ForExtension(extension)->CanExecuteScriptOnPage(
+               extension, url, url, tab_id, NULL, -1, NULL) &&
+           PermissionsData::ForExtension(extension)
+               ->CanCaptureVisiblePage(tab_id, NULL);
   }
 
   bool ScriptOnly(const Extension* extension, const GURL& url,
                   const GURL& top_url) {
     return ScriptOnly(extension, url, top_url, -1);
   }
 
   bool ScriptOnly(const Extension* extension, const GURL& url,
                   const GURL& top_url, int tab_id) {
     return AllowedScript(extension, url, top_url, tab_id) &&
-        !PermissionsData::CanCaptureVisiblePage(extension, tab_id, NULL);
+           !PermissionsData::ForExtension(extension)
+                ->CanCaptureVisiblePage(tab_id, NULL);
   }
 
   bool Blocked(const Extension* extension, const GURL& url) {
     return Blocked(extension, url, -1);
   }
 
   bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
-    return !(PermissionsData::CanExecuteScriptOnPage(
+    return !(PermissionsData::ForExtension(extension)->CanExecuteScriptOnPage(
                  extension, url, url, tab_id, NULL, -1, NULL) ||
-             PermissionsData::CanCaptureVisiblePage(
-                 extension, tab_id, NULL));
+             PermissionsData::ForExtension(extension)
+                 ->CanCaptureVisiblePage(tab_id, NULL));
   }
 
   bool ScriptAllowedExclusivelyOnTab(
       const Extension* extension,
       const std::set<GURL>& allowed_urls,
       int tab_id) {
     bool result = true;
     for (std::set<GURL>::iterator it = urls_.begin(); it != urls_.end(); ++it) {
       const GURL& url = *it;
       if (allowed_urls.count(url))
@@ skipping 40 matching lines @@
 
   // Test access to iframed content.
   GURL within_extension_url = extension->GetResourceURL("page.html");
   EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
   EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
   EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
   EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
   EXPECT_TRUE(BlockedScript(extension.get(), http_url, extension_url));
   EXPECT_TRUE(BlockedScript(extension.get(), https_url, extension_url));
 
+  EXPECT_FALSE(PermissionsData::ForExtension(extension)
+                   ->HasHostPermission(settings_url));
   EXPECT_FALSE(
-      PermissionsData::HasHostPermission(extension.get(), settings_url));
-  EXPECT_FALSE(PermissionsData::HasHostPermission(extension.get(), about_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+      PermissionsData::ForExtension(extension)->HasHostPermission(about_url));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasHostPermission(favicon_url));
 
   // Test * for scheme, which implies just the http/https schemes.
   extension = LoadManifestStrict("script_and_capture",
       "extension_wildcard.json");
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), https_url, https_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
@@ skipping 17 matching lines @@
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
 
   // Having chrome://favicon/* should not give you chrome://*
   extension = LoadManifestStrict("script_and_capture",
       "extension_chrome_favicon_wildcard.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasHostPermission(favicon_url));
 
   // Having http://favicon should not give you chrome://favicon
   extension = LoadManifestStrict("script_and_capture",
       "extension_http_favicon.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
 
   // Component extensions with <all_urls> should get everything.
   extension = LoadManifest("script_and_capture", "extension_component_all.json",
       Manifest::COMPONENT, Extension::NO_FLAGS);
   EXPECT_TRUE(Allowed(extension.get(), http_url));
   EXPECT_TRUE(Allowed(extension.get(), https_url));
   EXPECT_TRUE(Allowed(extension.get(), settings_url));
   EXPECT_TRUE(Allowed(extension.get(), about_url));
   EXPECT_TRUE(Allowed(extension.get(), favicon_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasHostPermission(favicon_url));
 
   // Component extensions should only get access to what they ask for.
   extension = LoadManifest("script_and_capture",
       "extension_component_google.json", Manifest::COMPONENT,
       Extension::NO_FLAGS);
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
   EXPECT_TRUE(Blocked(extension.get(), https_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), extension_url));
-  EXPECT_FALSE(
-      PermissionsData::HasHostPermission(extension.get(), settings_url));
+  EXPECT_FALSE(PermissionsData::ForExtension(extension)
+                   ->HasHostPermission(settings_url));
 }
 
 TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
   CommandLine::ForCurrentProcess()->AppendSwitch(
       switches::kExtensionsOnChromeURLs);
 
   scoped_refptr<Extension> extension;
 
   // Test <all_urls> for regular extensions.
   extension = LoadManifestStrict("script_and_capture",
       "extension_regular_all.json");
   EXPECT_TRUE(Allowed(extension.get(), http_url));
   EXPECT_TRUE(Allowed(extension.get(), https_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
   EXPECT_TRUE(Allowed(extension.get(), favicon_url));  // chrome:// requested
   EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
 
   // Test access to iframed content.
   GURL within_extension_url = extension->GetResourceURL("page.html");
   EXPECT_TRUE(AllowedScript(extension.get(), http_url, http_url_with_path));
   EXPECT_TRUE(AllowedScript(extension.get(), https_url, http_url_with_path));
   EXPECT_TRUE(AllowedScript(extension.get(), http_url, within_extension_url));
   EXPECT_TRUE(AllowedScript(extension.get(), https_url, within_extension_url));
   EXPECT_TRUE(BlockedScript(extension.get(), http_url, extension_url));
   EXPECT_TRUE(BlockedScript(extension.get(), https_url, extension_url));
 
-  EXPECT_FALSE(
-      PermissionsData::HasHostPermission(extension.get(), settings_url));
-  EXPECT_FALSE(PermissionsData::HasHostPermission(extension.get(), about_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+  const PermissionsData* permissions_data =
+      PermissionsData::ForExtension(extension);
+  EXPECT_FALSE(permissions_data->HasHostPermission(settings_url));
+  EXPECT_FALSE(permissions_data->HasHostPermission(about_url));
+  EXPECT_TRUE(permissions_data->HasHostPermission(favicon_url));
 
   // Test * for scheme, which implies just the http/https schemes.
   extension = LoadManifestStrict("script_and_capture",
       "extension_wildcard.json");
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), https_url, https_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
@@ skipping 15 matching lines @@
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url, favicon_url));
 
   // Having chrome://favicon/* should not give you chrome://*
   extension = LoadManifestStrict("script_and_capture",
       "extension_chrome_favicon_wildcard.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url, favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasHostPermission(favicon_url));
 
   // Having http://favicon should not give you chrome://favicon
   extension = LoadManifestStrict("script_and_capture",
       "extension_http_favicon.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
 
   // Component extensions with <all_urls> should get everything.
   extension = LoadManifest("script_and_capture", "extension_component_all.json",
       Manifest::COMPONENT, Extension::NO_FLAGS);
   EXPECT_TRUE(Allowed(extension.get(), http_url));
   EXPECT_TRUE(Allowed(extension.get(), https_url));
   EXPECT_TRUE(Allowed(extension.get(), settings_url));
   EXPECT_TRUE(Allowed(extension.get(), about_url));
   EXPECT_TRUE(Allowed(extension.get(), favicon_url));
-  EXPECT_TRUE(PermissionsData::HasHostPermission(extension.get(), favicon_url));
+  EXPECT_TRUE(
+      PermissionsData::ForExtension(extension)->HasHostPermission(favicon_url));
 
   // Component extensions should only get access to what they ask for.
   extension = LoadManifest("script_and_capture",
       "extension_component_google.json", Manifest::COMPONENT,
       Extension::NO_FLAGS);
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url, http_url));
   EXPECT_TRUE(Blocked(extension.get(), https_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), extension_url));
-  EXPECT_FALSE(
-      PermissionsData::HasHostPermission(extension.get(), settings_url));
+  EXPECT_FALSE(PermissionsData::ForExtension(extension)
+                   ->HasHostPermission(settings_url));
 }
 
 TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
   scoped_refptr<Extension> extension =
       LoadManifestStrict("script_and_capture", "tab_specific.json");
 
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
-                   .get());
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
-                   .get());
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 2)
-                   .get());
+  const PermissionsData* permissions_data =
+      PermissionsData::ForExtension(extension);
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1));
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(2));
 
   std::set<GURL> no_urls;
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 
   URLPatternSet allowed_hosts;
   allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
                                       http_url.spec()));
   std::set<GURL> allowed_urls;
   allowed_urls.insert(http_url);
   // http_url_with_path() will also be allowed, because Extension should be
   // considering the security origin of the URL not the URL itself, and
   // http_url is in allowed_hosts.
   allowed_urls.insert(http_url_with_path);
 
   {
     scoped_refptr<PermissionSet> permissions(
         new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
                           allowed_hosts, URLPatternSet()));
-    PermissionsData::UpdateTabSpecificPermissions(
-        extension.get(), 0, permissions);
+    permissions_data->UpdateTabSpecificPermissions(0, permissions);
     EXPECT_EQ(permissions->explicit_hosts(),
-              PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
+              permissions_data->GetTabSpecificPermissionsForTesting(0)
                   ->explicit_hosts());
   }
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 
-  PermissionsData::ClearTabSpecificPermissions(extension.get(), 0);
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
-                   .get());
+  permissions_data->ClearTabSpecificPermissions(0);
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 
   std::set<GURL> more_allowed_urls = allowed_urls;
   more_allowed_urls.insert(https_url);
   URLPatternSet more_allowed_hosts = allowed_hosts;
   more_allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
                                            https_url.spec()));
 
   {
     scoped_refptr<PermissionSet> permissions(
         new PermissionSet(APIPermissionSet(),  ManifestPermissionSet(),
                           allowed_hosts, URLPatternSet()));
-    PermissionsData::UpdateTabSpecificPermissions(
-        extension.get(), 0, permissions);
+    permissions_data->UpdateTabSpecificPermissions(0, permissions);
     EXPECT_EQ(permissions->explicit_hosts(),
-              PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
+              permissions_data->GetTabSpecificPermissionsForTesting(0)
                   ->explicit_hosts());
 
     permissions = new PermissionSet(APIPermissionSet(),
                                     ManifestPermissionSet(),
                                     more_allowed_hosts,
                                     URLPatternSet());
-    PermissionsData::UpdateTabSpecificPermissions(
-        extension.get(), 1, permissions);
+    permissions_data->UpdateTabSpecificPermissions(1, permissions);
     EXPECT_EQ(permissions->explicit_hosts(),
-              PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
+              permissions_data->GetTabSpecificPermissionsForTesting(1)
                   ->explicit_hosts());
   }
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), allowed_urls, 0));
   EXPECT_TRUE(
       ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 
-  PermissionsData::ClearTabSpecificPermissions(extension.get(), 0);
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 0)
-                   .get());
+  permissions_data->ClearTabSpecificPermissions(0);
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(0));
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
   EXPECT_TRUE(
       ScriptAllowedExclusivelyOnTab(extension.get(), more_allowed_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 
-  PermissionsData::ClearTabSpecificPermissions(extension.get(), 1);
-  EXPECT_FALSE(PermissionsData::GetTabSpecificPermissions(extension.get(), 1)
-                   .get());
+  permissions_data->ClearTabSpecificPermissions(1);
+  EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1));
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 }
 
 }  // namespace extensions