Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(722)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: extensions/common/permissions/permission_set.cc

Issue 51433002: Enable permission warnings from ManifestHandlers. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fix unit test and clang presubmit errors. Created 7 years, 1 month ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « extensions/common/permissions/permission_set.h ('k') | extensions/extensions.gyp » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright 2013 The Chromium Authors. All rights reserved. 1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "extensions/common/permissions/permission_set.h" 5 #include "extensions/common/permissions/permission_set.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <iterator> 8 #include <iterator>
9 #include <string> 9 #include <string>
10 10
(...skipping 20 matching lines...) Expand all
31 namespace extensions { 31 namespace extensions {
32 32
33 // 33 //
34 // PermissionSet 34 // PermissionSet
35 // 35 //
36 36
37 PermissionSet::PermissionSet() {} 37 PermissionSet::PermissionSet() {}
38 38
39 PermissionSet::PermissionSet( 39 PermissionSet::PermissionSet(
40 const APIPermissionSet& apis, 40 const APIPermissionSet& apis,
41 const ManifestPermissionSet& manifest_permissions,
41 const URLPatternSet& explicit_hosts, 42 const URLPatternSet& explicit_hosts,
42 const URLPatternSet& scriptable_hosts) 43 const URLPatternSet& scriptable_hosts)
43 : apis_(apis), 44 : apis_(apis),
45 manifest_permissions_(manifest_permissions),
44 scriptable_hosts_(scriptable_hosts) { 46 scriptable_hosts_(scriptable_hosts) {
45 AddPatternsAndRemovePaths(explicit_hosts, &explicit_hosts_); 47 AddPatternsAndRemovePaths(explicit_hosts, &explicit_hosts_);
46 InitImplicitPermissions(); 48 InitImplicitPermissions();
47 InitEffectiveHosts(); 49 InitEffectiveHosts();
48 } 50 }
49 51
50 // static 52 // static
51 PermissionSet* PermissionSet::CreateDifference( 53 PermissionSet* PermissionSet::CreateDifference(
52 const PermissionSet* set1, 54 const PermissionSet* set1,
53 const PermissionSet* set2) { 55 const PermissionSet* set2) {
54 scoped_refptr<PermissionSet> empty = new PermissionSet(); 56 scoped_refptr<PermissionSet> empty = new PermissionSet();
55 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; 57 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1;
56 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; 58 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2;
57 59
58 APIPermissionSet apis; 60 APIPermissionSet apis;
59 APIPermissionSet::Difference(set1_safe->apis(), set2_safe->apis(), &apis); 61 APIPermissionSet::Difference(set1_safe->apis(), set2_safe->apis(), &apis);
60 62
63 ManifestPermissionSet manifest_permissions;
64 ManifestPermissionSet::Difference(set1_safe->manifest_permissions(),
65 set2_safe->manifest_permissions(),
66 &manifest_permissions);
67
61 URLPatternSet explicit_hosts; 68 URLPatternSet explicit_hosts;
62 URLPatternSet::CreateDifference(set1_safe->explicit_hosts(), 69 URLPatternSet::CreateDifference(set1_safe->explicit_hosts(),
63 set2_safe->explicit_hosts(), 70 set2_safe->explicit_hosts(),
64 &explicit_hosts); 71 &explicit_hosts);
65 72
66 URLPatternSet scriptable_hosts; 73 URLPatternSet scriptable_hosts;
67 URLPatternSet::CreateDifference(set1_safe->scriptable_hosts(), 74 URLPatternSet::CreateDifference(set1_safe->scriptable_hosts(),
68 set2_safe->scriptable_hosts(), 75 set2_safe->scriptable_hosts(),
69 &scriptable_hosts); 76 &scriptable_hosts);
70 77
71 return new PermissionSet(apis, explicit_hosts, scriptable_hosts); 78 return new PermissionSet(apis, manifest_permissions,
79 explicit_hosts, scriptable_hosts);
72 } 80 }
73 81
74 // static 82 // static
75 PermissionSet* PermissionSet::CreateIntersection( 83 PermissionSet* PermissionSet::CreateIntersection(
76 const PermissionSet* set1, 84 const PermissionSet* set1,
77 const PermissionSet* set2) { 85 const PermissionSet* set2) {
78 scoped_refptr<PermissionSet> empty = new PermissionSet(); 86 scoped_refptr<PermissionSet> empty = new PermissionSet();
79 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; 87 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1;
80 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; 88 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2;
81 89
82 APIPermissionSet apis; 90 APIPermissionSet apis;
83 APIPermissionSet::Intersection(set1_safe->apis(), set2_safe->apis(), &apis); 91 APIPermissionSet::Intersection(set1_safe->apis(), set2_safe->apis(), &apis);
84 92
93 ManifestPermissionSet manifest_permissions;
94 ManifestPermissionSet::Intersection(set1_safe->manifest_permissions(),
95 set2_safe->manifest_permissions(),
96 &manifest_permissions);
97
85 URLPatternSet explicit_hosts; 98 URLPatternSet explicit_hosts;
86 URLPatternSet::CreateIntersection(set1_safe->explicit_hosts(), 99 URLPatternSet::CreateIntersection(set1_safe->explicit_hosts(),
87 set2_safe->explicit_hosts(), 100 set2_safe->explicit_hosts(),
88 &explicit_hosts); 101 &explicit_hosts);
89 102
90 URLPatternSet scriptable_hosts; 103 URLPatternSet scriptable_hosts;
91 URLPatternSet::CreateIntersection(set1_safe->scriptable_hosts(), 104 URLPatternSet::CreateIntersection(set1_safe->scriptable_hosts(),
92 set2_safe->scriptable_hosts(), 105 set2_safe->scriptable_hosts(),
93 &scriptable_hosts); 106 &scriptable_hosts);
94 107
95 return new PermissionSet(apis, explicit_hosts, scriptable_hosts); 108 return new PermissionSet(apis, manifest_permissions,
109 explicit_hosts, scriptable_hosts);
96 } 110 }
97 111
98 // static 112 // static
99 PermissionSet* PermissionSet::CreateUnion( 113 PermissionSet* PermissionSet::CreateUnion(
100 const PermissionSet* set1, 114 const PermissionSet* set1,
101 const PermissionSet* set2) { 115 const PermissionSet* set2) {
102 scoped_refptr<PermissionSet> empty = new PermissionSet(); 116 scoped_refptr<PermissionSet> empty = new PermissionSet();
103 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; 117 const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1;
104 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; 118 const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2;
105 119
106 APIPermissionSet apis; 120 APIPermissionSet apis;
107 APIPermissionSet::Union(set1_safe->apis(), set2_safe->apis(), &apis); 121 APIPermissionSet::Union(set1_safe->apis(), set2_safe->apis(), &apis);
108 122
123 ManifestPermissionSet manifest_permissions;
124 ManifestPermissionSet::Union(set1_safe->manifest_permissions(),
125 set2_safe->manifest_permissions(),
126 &manifest_permissions);
127
109 URLPatternSet explicit_hosts; 128 URLPatternSet explicit_hosts;
110 URLPatternSet::CreateUnion(set1_safe->explicit_hosts(), 129 URLPatternSet::CreateUnion(set1_safe->explicit_hosts(),
111 set2_safe->explicit_hosts(), 130 set2_safe->explicit_hosts(),
112 &explicit_hosts); 131 &explicit_hosts);
113 132
114 URLPatternSet scriptable_hosts; 133 URLPatternSet scriptable_hosts;
115 URLPatternSet::CreateUnion(set1_safe->scriptable_hosts(), 134 URLPatternSet::CreateUnion(set1_safe->scriptable_hosts(),
116 set2_safe->scriptable_hosts(), 135 set2_safe->scriptable_hosts(),
117 &scriptable_hosts); 136 &scriptable_hosts);
118 137
119 return new PermissionSet(apis, explicit_hosts, scriptable_hosts); 138 return new PermissionSet(apis, manifest_permissions,
139 explicit_hosts, scriptable_hosts);
120 } 140 }
121 141
122 bool PermissionSet::operator==( 142 bool PermissionSet::operator==(
123 const PermissionSet& rhs) const { 143 const PermissionSet& rhs) const {
124 return apis_ == rhs.apis_ && 144 return apis_ == rhs.apis_ &&
145 manifest_permissions_ == rhs.manifest_permissions_ &&
125 scriptable_hosts_ == rhs.scriptable_hosts_ && 146 scriptable_hosts_ == rhs.scriptable_hosts_ &&
126 explicit_hosts_ == rhs.explicit_hosts_; 147 explicit_hosts_ == rhs.explicit_hosts_;
127 } 148 }
128 149
129 bool PermissionSet::Contains(const PermissionSet& set) const { 150 bool PermissionSet::Contains(const PermissionSet& set) const {
130 return apis_.Contains(set.apis()) && 151 return apis_.Contains(set.apis()) &&
152 manifest_permissions_.Contains(set.manifest_permissions()) &&
131 explicit_hosts().Contains(set.explicit_hosts()) && 153 explicit_hosts().Contains(set.explicit_hosts()) &&
132 scriptable_hosts().Contains(set.scriptable_hosts()); 154 scriptable_hosts().Contains(set.scriptable_hosts());
133 } 155 }
134 156
135 std::set<std::string> PermissionSet::GetAPIsAsStrings() const { 157 std::set<std::string> PermissionSet::GetAPIsAsStrings() const {
136 std::set<std::string> apis_str; 158 std::set<std::string> apis_str;
137 for (APIPermissionSet::const_iterator i = apis_.begin(); 159 for (APIPermissionSet::const_iterator i = apis_.begin();
138 i != apis_.end(); ++i) { 160 i != apis_.end(); ++i) {
139 apis_str.insert(i->name()); 161 apis_str.insert(i->name());
140 } 162 }
141 return apis_str; 163 return apis_str;
142 } 164 }
143 165
144 bool PermissionSet::IsEmpty() const { 166 bool PermissionSet::IsEmpty() const {
145 // Not default if any host permissions are present. 167 // Not default if any host permissions are present.
146 if (!(explicit_hosts().is_empty() && scriptable_hosts().is_empty())) 168 if (!(explicit_hosts().is_empty() && scriptable_hosts().is_empty()))
147 return false; 169 return false;
148 170
149 // Or if it has no api permissions. 171 // Or if it has no api permissions.
150 return apis().empty(); 172 return apis().empty() && manifest_permissions().empty();
151 } 173 }
152 174
153 bool PermissionSet::HasAPIPermission( 175 bool PermissionSet::HasAPIPermission(
154 APIPermission::ID id) const { 176 APIPermission::ID id) const {
155 return apis().find(id) != apis().end(); 177 return apis().find(id) != apis().end();
156 } 178 }
157 179
158 bool PermissionSet::HasAPIPermission(const std::string& permission_name) const { 180 bool PermissionSet::HasAPIPermission(const std::string& permission_name) const {
159 const APIPermissionInfo* permission = 181 const APIPermissionInfo* permission =
160 PermissionsInfo::GetInstance()->GetByName(permission_name); 182 PermissionsInfo::GetInstance()->GetByName(permission_name);
(...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after
242 } 264 }
243 265
244 void PermissionSet::InitEffectiveHosts() { 266 void PermissionSet::InitEffectiveHosts() {
245 effective_hosts_.ClearPatterns(); 267 effective_hosts_.ClearPatterns();
246 268
247 URLPatternSet::CreateUnion( 269 URLPatternSet::CreateUnion(
248 explicit_hosts(), scriptable_hosts(), &effective_hosts_); 270 explicit_hosts(), scriptable_hosts(), &effective_hosts_);
249 } 271 }
250 272
251 } // namespace extensions 273 } // namespace extensions
OLDNEW
« no previous file with comments | « extensions/common/permissions/permission_set.h ('k') | extensions/extensions.gyp » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698