Enable permission warnings from ManifestHandlers.

extensions/common/permissions/api_permission_set.h

Index: extensions/common/permissions/api_permission_set.h
diff --git a/extensions/common/permissions/api_permission_set.h b/extensions/common/permissions/api_permission_set.h
index 9b6f26da35432ff80be0ff89bce6786d386117a8..29e7f654a1af2a6b7eb405cfef723b9c7afecfe7 100644
--- a/extensions/common/permissions/api_permission_set.h
+++ b/extensions/common/permissions/api_permission_set.h
@@ -168,6 +168,180 @@ class APIPermissionSet {
   APIPermissionMap map_;
 };
 
+
+// Represent the custom behavior of a top-level manifest entry contributing to
+// permission messages and storage.
+class ManifestPermission {

[Yoyo Zhou, 2013/11/09 01:15:30]

This has grown large enough to need its own file, separate from
api_permission_set.h

[rpaquay, 2013/11/11 18:37:35]

Agreed, I have been working on this in a follow up CL (along with unit tests and
set unification).

[Yoyo Zhou, 2013/11/12 02:39:29]

I think this is important enough that it should be done in this CL.

[rpaquay, 2013/11/12 21:40:31]

Done.

+ public:
+  // The manifest key this permission applies to.
+  virtual std::string name() const = 0;
+
+  // Same as name(), needed for compatibility with APIPermission.
+  virtual std::string id() const = 0;
+
+  // Returns true if this permission has any PermissionMessages.
+  virtual bool HasMessages() const = 0;
+
+  // Returns the localized permission messages of this permission.
+  virtual PermissionMessages GetMessages() const = 0;
+
+  // Parses the ManifestPermission from |value|. Returns false if error happens.
+  virtual bool FromValue(const base::Value* value) = 0;
+
+  // Stores this into a new created |value|.
+  virtual scoped_ptr<base::Value> ToValue() const = 0;
+
+  // Clones this.
+  virtual ManifestPermission* Clone() const = 0;
+
+  // Returns a new API permission which equals this - |rhs|.
+  virtual ManifestPermission* Diff(const ManifestPermission* rhs)
+      const = 0;
+
+  // Returns a new API permission which equals the union of this and |rhs|.
+  virtual ManifestPermission* Union(const ManifestPermission* rhs)
+      const = 0;
+
+  // Returns a new API permission which equals the intersect of this and |rhs|.
+  virtual ManifestPermission* Intersect(const ManifestPermission* rhs)
+      const = 0;
+
+  // Returns true if |rhs| is a subset of this.
+  virtual bool Contains(const ManifestPermission* rhs) const = 0;
+
+  // Returns true if |rhs| is equal to this.
+  virtual bool Equal(const ManifestPermission* rhs) const = 0;
+
+  // IPC functions
+  // Writes this into the given IPC message |m|.
+  virtual void Write(IPC::Message* m) const = 0;
+
+  // Reads from the given IPC message |m|.
+  virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0;
+
+  // Logs this permission.
+  virtual void Log(std::string* log) const = 0;
+};
+
+typedef std::map<std::string,
+  linked_ptr<ManifestPermission> > ManifestPermissionMap;
+
+class ManifestPermissionSet {

[Yoyo Zhou, 2013/11/09 01:15:30]

It looks like there is really a lot of duplicated code here. Can we templatize a
set of permissions (API or Manifest), as I mentioned in the last review?

[rpaquay, 2013/11/11 18:37:35]

Agreed. I have been working on this (along with unit tests) in a follow up CL.

[rpaquay, 2013/11/12 21:40:31]

The latest patchset (#5) addresses this to a large extent. The sub-classes are
still there, but they are very small now.

+ public:
+  class const_iterator :
+    public std::iterator<std::input_iterator_tag, const APIPermission*> {
+   public:
+    const_iterator(const ManifestPermissionMap::const_iterator& it);
+    const_iterator(const const_iterator& ids_it);
+
+    const_iterator& operator++() {
+      ++it_;
+      return *this;
+    }
+
+    const_iterator operator++(int) {
+      const_iterator tmp(it_++);
+      return tmp;
+    }
+
+    bool operator==(const const_iterator& rhs) const {
+      return it_ == rhs.it_;
+    }
+
+    bool operator!=(const const_iterator& rhs) const {
+      return it_ != rhs.it_;
+    }
+
+    const ManifestPermission* operator*() const {
+      return it_->second.get();
+    }
+
+    const ManifestPermission* operator->() const {
+      return it_->second.get();
+    }
+
+   private:
+    ManifestPermissionMap::const_iterator it_;
+  };
+
+  ManifestPermissionSet();
+
+  ManifestPermissionSet(const ManifestPermissionSet& set);
+
+  ~ManifestPermissionSet();
+
+  const_iterator begin() const {
+    return const_iterator(map().begin());
+  }
+
+  const_iterator end() const {
+    return map().end();
+  }
+
+  const_iterator find(std::string id) const {
+    return map().find(id);
+  }
+
+  const ManifestPermissionMap& map() const {
+    return map_;
+  }
+
+  ManifestPermissionMap& map() {
+    return map_;
+  }
+
+  void clear() {
+    map_.clear();
+  }
+
+  size_t count(std::string id) const {
+    return map().count(id);
+  }
+
+  bool empty() const {
+    return map().empty();
+  }
+
+  size_t erase(std::string id) {
+    return map().erase(id);
+  }
+
+  size_t size() const {
+    return map().size();
+  }
+
+  ManifestPermissionSet& operator=(const ManifestPermissionSet& rhs);
+
+  bool operator==(const ManifestPermissionSet& rhs) const;
+
+  bool operator!=(const ManifestPermissionSet& rhs) const {
+    return !operator==(rhs);
+  }
+
+  // Take ownership and insert |permission| into the set.
+  void insert(ManifestPermission* permission);
+
+  bool Contains(const ManifestPermissionSet& rhs) const;
+
+  static void Difference(
+      const ManifestPermissionSet& set1,
+      const ManifestPermissionSet& set2,
+      ManifestPermissionSet* set3);
+
+  static void Intersection(
+      const ManifestPermissionSet& set1,
+      const ManifestPermissionSet& set2,
+      ManifestPermissionSet* set3);
+
+  static void Union(
+      const ManifestPermissionSet& set1,
+      const ManifestPermissionSet& set2,
+      ManifestPermissionSet* set3);
+
+ private:
+  ManifestPermissionMap map_;
+};
+
 }  // namespace extensions
 
 #endif  // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_