diff options
author | asargent@chromium.org <asargent@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-16 06:49:10 +0000 |
---|---|---|
committer | asargent@chromium.org <asargent@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2011-11-16 06:49:10 +0000 |
commit | fe0eca5c30281ae58cef01593f0e4aab7fd560f2 (patch) | |
tree | 5534b3c82eb38ad680180a3de46761084c8afffc /chrome/browser/extensions/extension_management_api_browsertest.cc | |
parent | 8b700ec91c40bcc8031e48bd7d82c4b5024733f7 (diff) | |
download | chromium_src-fe0eca5c30281ae58cef01593f0e4aab7fd560f2.zip chromium_src-fe0eca5c30281ae58cef01593f0e4aab7fd560f2.tar.gz chromium_src-fe0eca5c30281ae58cef01593f0e4aab7fd560f2.tar.bz2 |
Fix for management API related to escalated permissions disabled extensions
The general approach is to require user gesture and put up the confirmation UI if an extension wants to re-enable a disabled-due-to-permissions-escalation extension.
Also added some new infrastructure for making this easier to test.
BUG=102579
TEST=See bug
Review URL: http://codereview.chromium.org/8423069
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@110264 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/browser/extensions/extension_management_api_browsertest.cc')
-rw-r--r-- | chrome/browser/extensions/extension_management_api_browsertest.cc | 87 |
1 files changed, 86 insertions, 1 deletions
diff --git a/chrome/browser/extensions/extension_management_api_browsertest.cc b/chrome/browser/extensions/extension_management_api_browsertest.cc index e6a7c11..808b137 100644 --- a/chrome/browser/extensions/extension_management_api_browsertest.cc +++ b/chrome/browser/extensions/extension_management_api_browsertest.cc @@ -1,9 +1,21 @@ -// Copyright (c) 2010 The Chromium Authors. All rights reserved. +// Copyright (c) 2011 The Chromium Authors. All rights reserved. // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. +#include "base/stringprintf.h" #include "chrome/browser/extensions/extension_browsertest.h" +#include "chrome/browser/extensions/extension_function_test_utils.h" +#include "chrome/browser/extensions/extension_install_dialog.h" +#include "chrome/browser/extensions/extension_management_api.h" +#include "chrome/browser/extensions/extension_management_api_constants.h" +#include "chrome/browser/extensions/extension_service.h" #include "chrome/browser/extensions/extension_test_message_listener.h" +#include "chrome/browser/profiles/profile.h" +#include "chrome/browser/ui/browser.h" +#include "chrome/common/chrome_notification_types.h" + +namespace keys = extension_management_api_constants; +namespace util = extension_function_test_utils; class ExtensionManagementApiBrowserTest : public ExtensionBrowserTest {}; @@ -43,3 +55,76 @@ IN_PROC_BROWSER_TEST_F(ExtensionManagementApiBrowserTest, test_data_dir_.AppendASCII("management/launch_app_from_background"))); ASSERT_TRUE(listener1.WaitUntilSatisfied()); } + +class ExtensionManagementApiEscalationTest : public ExtensionBrowserTest { + protected: + // The id of the permissions escalation test extension we use. + static const char kId[]; + + virtual void SetUpOnMainThread() OVERRIDE { + ExtensionService* service = browser()->profile()->GetExtensionService(); + + // Install low-permission version of the extension. + ASSERT_TRUE(InstallExtension( + test_data_dir_.AppendASCII("permissions-low-v1.crx"), 1)); + EXPECT_TRUE(service->GetExtensionById(kId, false) != NULL); + + // Update to a high-permission version - it should get disabled. + EXPECT_TRUE(UpdateExtension( + kId, test_data_dir_.AppendASCII("permissions-high-v2.crx"), -1)); + EXPECT_TRUE(service->GetExtensionById(kId, false) == NULL); + EXPECT_TRUE(service->GetExtensionById(kId, true) != NULL); + EXPECT_TRUE( + service->extension_prefs()->DidExtensionEscalatePermissions(kId)); + } + + void ReEnable(bool user_gesture, const std::string& expected_error) { + scoped_refptr<SetEnabledFunction> function(new SetEnabledFunction); + if (user_gesture) + function->set_user_gesture(true); + bool response = util::RunAsyncFunction( + function.get(), + base::StringPrintf("[\"%s\", true]", kId), + browser(), + util::NONE); + if (expected_error.empty()) { + EXPECT_EQ(true, response); + } else { + EXPECT_EQ(false, response); + EXPECT_EQ(expected_error, function->GetError()); + } + } + +}; + +const char ExtensionManagementApiEscalationTest::kId[] = + "pgdpcfcocojkjfbgpiianjngphoopgmo"; + +IN_PROC_BROWSER_TEST_F(ExtensionManagementApiEscalationTest, + DisabledReason) { + scoped_ptr<base::Value> result( + util::RunFunctionAndReturnResult(new GetExtensionByIdFunction(), + base::StringPrintf("[\"%s\"]", kId), + browser())); + ASSERT_TRUE(result.get() != NULL); + ASSERT_TRUE(result->IsType(base::Value::TYPE_DICTIONARY)); + base::DictionaryValue* dict = + static_cast<base::DictionaryValue*>(result.get()); + std::string reason; + EXPECT_TRUE(dict->GetStringASCII(keys::kDisabledReasonKey, &reason)); + EXPECT_EQ(reason, std::string(keys::kDisabledReasonPermissionsIncrease)); +} + +IN_PROC_BROWSER_TEST_F(ExtensionManagementApiEscalationTest, + ReEnable) { + // Expect an error about no gesture. + ReEnable(false, keys::kGestureNeededForEscalationError); + + // Expect an error that user cancelled the dialog. + SetExtensionInstallDialogAutoConfirmForTests(false); + ReEnable(true, keys::kUserDidNotReEnableError); + + // This should succeed when user accepts dialog. + SetExtensionInstallDialogAutoConfirmForTests(true); + ReEnable(true, ""); +} |