diff options
| author | erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-15 23:02:30 +0000 |
|---|---|---|
| committer | erikkay@chromium.org <erikkay@chromium.org@0039d316-1c4b-4281-b951-d872f2087c98> | 2010-07-15 23:02:30 +0000 |
| commit | 9d098779ae0342c1bf8db56d0bacbb57c3858215 (patch) | |
| tree | 46910fb4d4a673c3189fefa409a90949bca25c03 /chrome/renderer/extensions | |
| parent | d059d8c29df1a83966a5a890b50b7bf226b6bdab (diff) | |
| download | chromium_src-9d098779ae0342c1bf8db56d0bacbb57c3858215.zip chromium_src-9d098779ae0342c1bf8db56d0bacbb57c3858215.tar.gz chromium_src-9d098779ae0342c1bf8db56d0bacbb57c3858215.tar.bz2 | |
Added accessor for permissions map. NaCl needs this in order to look up
a nacl permission.
BUG=45881
TEST=None
Review URL: http://codereview.chromium.org/2941011
git-svn-id: svn://svn.chromium.org/chrome/trunk/src@52566 0039d316-1c4b-4281-b951-d872f2087c98
Diffstat (limited to 'chrome/renderer/extensions')
| -rw-r--r-- | chrome/renderer/extensions/extension_process_bindings.cc | 61 | ||||
| -rw-r--r-- | chrome/renderer/extensions/extension_process_bindings.h | 8 |
2 files changed, 51 insertions, 18 deletions
diff --git a/chrome/renderer/extensions/extension_process_bindings.cc b/chrome/renderer/extensions/extension_process_bindings.cc index 0e1d179..f999e54 100644 --- a/chrome/renderer/extensions/extension_process_bindings.cc +++ b/chrome/renderer/extensions/extension_process_bindings.cc @@ -71,6 +71,23 @@ const char* kExtensionDeps[] = { ExtensionApiTestV8Extension::kName, }; +// A list of the API packages which have no associated permission. +// TODO(erikkay) It might be nice if for consistency we could merge these with +// the permissions list, or at least have them in one place. +const char* kNonPermissionExtensionPackages[] = { + "extension", + // TODO(erikkay): We're inconsistent about the the package name in the events + // for pageAction and browserAction. + "pageAction", + "pageActions", + "browserAction", + "browserActions", + "contextMenus", // TODO(asargent) remove when the permission is added + "i18n", + "devtools", + "test" +}; + struct SingletonData { std::set<std::string> function_names_; PageActionIdMap page_action_ids_; @@ -646,27 +663,36 @@ void ExtensionProcessBindings::SetHostPermissions( } } -// Given a name like "tabs.onConnect", return the permission name required -// to access that API ("tabs" in this example). -static std::string GetPermissionName(const std::string& function_name) { - size_t first_dot = function_name.find('.'); - std::string permission_name = function_name.substr(0, first_dot); - if (permission_name == "windows") - return "tabs"; // windows and tabs are the same permission. - return permission_name; -} - // static bool ExtensionProcessBindings::CurrentContextHasPermission( const std::string& function_name) { std::string extension_id = ExtensionImpl::ExtensionIdForCurrentContext(); + return HasPermission(extension_id, function_name); +} + +// static +bool ExtensionProcessBindings::HasPermission(const std::string& extension_id, + const std::string& permission) { + std::string permission_name = permission; + + // See if this is a function or event name first and strip out the package. + // Functions will be of the form package.function + // Events will be of the form package/id or package.optional.stuff + size_t separator = permission.find_first_of("./"); + if (separator != std::string::npos) + permission_name = permission.substr(0, separator); + + // windows and tabs are the same permission. + if (permission_name == "windows") + permission_name = Extension::kTabPermission; + + for (size_t i = 0; i < arraysize(kNonPermissionExtensionPackages); ++i) + if (permission_name == kNonPermissionExtensionPackages[i]) + return true; + PermissionsMap& permissions_map = *GetPermissionsMap(extension_id); - std::string permission_name = GetPermissionName(function_name); PermissionsMap::iterator it = permissions_map.find(permission_name); - - // We explicitly check if the permission entry is present and false, because - // some APIs do not have a required permission entry (ie, "chrome.extension"). - return (it == permissions_map.end() || it->second); + return (it != permissions_map.end() && it->second); } // static @@ -674,10 +700,9 @@ v8::Handle<v8::Value> ExtensionProcessBindings::ThrowPermissionDeniedException( const std::string& function_name) { static const char kMessage[] = - "You do not have permission to use 'chrome.%s'. Be sure to declare" + "You do not have permission to use '%s'. Be sure to declare" " in your manifest what permissions you need."; - std::string permission_name = GetPermissionName(function_name); - std::string error_msg = StringPrintf(kMessage, permission_name.c_str()); + std::string error_msg = StringPrintf(kMessage, function_name.c_str()); return v8::ThrowException(v8::Exception::Error( v8::String::New(error_msg.c_str()))); diff --git a/chrome/renderer/extensions/extension_process_bindings.h b/chrome/renderer/extensions/extension_process_bindings.h index e95e737..784a902 100644 --- a/chrome/renderer/extensions/extension_process_bindings.h +++ b/chrome/renderer/extensions/extension_process_bindings.h @@ -58,6 +58,14 @@ class ExtensionProcessBindings { // context in scope. static bool CurrentContextHasPermission(const std::string& function_name); + // Checks whether |permission| is enabled for |extension_id|. |permission| + // may be a raw permission name (from Extension::kPermissionNames), a + // function name (e.g. "tabs.create") or an event name (e.g. "contextMenus/id" + // or "devtools.tabid.name"). + // TODO(erikkay) We should standardize the naming scheme for our events. + static bool HasPermission(const std::string& extension_id, + const std::string& permission); + // Throw a V8 exception indicating that permission to access function_name was // denied. Must be called with a valid V8 context in scope. static v8::Handle<v8::Value> ThrowPermissionDeniedException( |