diff options
author | ryoh <ryoh@chromium.org> | 2016-02-14 18:14:19 -0800 |
---|---|---|
committer | Commit bot <commit-bot@chromium.org> | 2016-02-15 02:15:31 +0000 |
commit | f2076791a3ed010fcacba4bb4e14bc2844c6813e (patch) | |
tree | ac8c6d0b73a52de9b4be631d1afa27c93f215de9 /extensions | |
parent | ee522d4758a5084b46311b802d6791e7e5953c31 (diff) | |
download | chromium_src-f2076791a3ed010fcacba4bb4e14bc2844c6813e.zip chromium_src-f2076791a3ed010fcacba4bb4e14bc2844c6813e.tar.gz chromium_src-f2076791a3ed010fcacba4bb4e14bc2844c6813e.tar.bz2 |
introduce a permission without sub-permissions in mediaGalleries API
We use mediaGalleries.getMetadata API to fetch media metadata in our Files.app(Chrome OS FileManager).
We pass the blob object(~binary data) to the API,
so we don't need any permissions.
This API has "read" permission, but this permission means "reading files in the MediaGallery", but we don't read it - the blob objects we pass is from filesystem, not from MediaGallery.
We need "empty" permissions, but if we pass a empty list as permissions, it causes permission error and the app doesn't start at all.
In this patch, I introduce a permission without sub-permissions,
and you can specify this permission in a manifest file like:
> "mediaGalleries",
https://developer.chrome.com/apps/mediaGalleries
BUG=581614
Review URL: https://codereview.chromium.org/1643183002
Cr-Commit-Position: refs/heads/master@{#375400}
Diffstat (limited to 'extensions')
6 files changed, 52 insertions, 2 deletions
diff --git a/extensions/common/permissions/media_galleries_permission.h b/extensions/common/permissions/media_galleries_permission.h index 870a0a9..40a2277 100644 --- a/extensions/common/permissions/media_galleries_permission.h +++ b/extensions/common/permissions/media_galleries_permission.h @@ -21,6 +21,10 @@ namespace extensions { // 'delete' <tertiary-access> // <tertiary-access> // := 'copyTo' | 'copyTo' <tertiary-access> +// An example of a line for mediaGalleries permissions in a manifest file: +// {"mediaGalleries": "read delete"}, +// We also allow a permission without any sub-permissions: +// "mediaGalleries", class MediaGalleriesPermission : public SetDisjunctionPermission<MediaGalleriesPermissionData, MediaGalleriesPermission> { diff --git a/extensions/common/permissions/set_disjunction_permission.h b/extensions/common/permissions/set_disjunction_permission.h index 0e97e9d..ce1c6ee 100644 --- a/extensions/common/permissions/set_disjunction_permission.h +++ b/extensions/common/permissions/set_disjunction_permission.h @@ -105,9 +105,14 @@ class SetDisjunctionPermission : public APIPermission { data_set_.clear(); const base::ListValue* list = NULL; - if (!value || !value->GetAsList(&list) || list->GetSize() == 0) { + if (!value) { + // treat null as an empty list. + return true; + } + + if (!value->GetAsList(&list)) { if (error) - *error = "NULL or empty permission list"; + *error = "Cannot parse the permission list. It's not a list."; return false; } diff --git a/extensions/common/permissions/socket_permission.cc b/extensions/common/permissions/socket_permission.cc index c2ca223..a8e5c18 100644 --- a/extensions/common/permissions/socket_permission.cc +++ b/extensions/common/permissions/socket_permission.cc @@ -38,6 +38,21 @@ SocketPermission::SocketPermission(const APIPermissionInfo* info) SocketPermission::~SocketPermission() {} +bool SocketPermission::FromValue( + const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) { + bool parsed_ok = SetDisjunctionPermission< + SocketPermissionData, SocketPermission>::FromValue(value, error, + unhandled_permissions); + if (parsed_ok && data_set_.empty()) { + if (error) + *error = "NULL or empty permission list"; + return false; + } + return parsed_ok; +} + PermissionIDSet SocketPermission::GetPermissions() const { PermissionIDSet ids; SocketPermissionEntrySet entries = ExtractSocketEntries(data_set_); diff --git a/extensions/common/permissions/socket_permission.h b/extensions/common/permissions/socket_permission.h index 01be06c..590ed5d 100644 --- a/extensions/common/permissions/socket_permission.h +++ b/extensions/common/permissions/socket_permission.h @@ -30,6 +30,12 @@ class SocketPermission ~SocketPermission() override; + // SetDisjunctionPermission overrides. + bool FromValue(const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) override; + + // APIPermission overrides PermissionIDSet GetPermissions() const override; }; diff --git a/extensions/common/permissions/usb_device_permission.cc b/extensions/common/permissions/usb_device_permission.cc index ab279b6..fd94783 100644 --- a/extensions/common/permissions/usb_device_permission.cc +++ b/extensions/common/permissions/usb_device_permission.cc @@ -25,6 +25,21 @@ UsbDevicePermission::UsbDevicePermission(const APIPermissionInfo* info) UsbDevicePermission::~UsbDevicePermission() {} +bool UsbDevicePermission::FromValue( + const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) { + bool parsed_ok = + SetDisjunctionPermission<UsbDevicePermissionData, UsbDevicePermission>:: + FromValue(value, error, unhandled_permissions); + if (parsed_ok && data_set_.empty()) { + if (error) + *error = "NULL or empty permission list"; + return false; + } + return parsed_ok; +} + PermissionIDSet UsbDevicePermission::GetPermissions() const { PermissionIDSet ids; diff --git a/extensions/common/permissions/usb_device_permission.h b/extensions/common/permissions/usb_device_permission.h index 7cba580..2658011 100644 --- a/extensions/common/permissions/usb_device_permission.h +++ b/extensions/common/permissions/usb_device_permission.h @@ -30,6 +30,11 @@ class UsbDevicePermission explicit UsbDevicePermission(const APIPermissionInfo* info); ~UsbDevicePermission() override; + // SetDisjunctionPermission overrides. + bool FromValue(const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) override; + // APIPermission overrides PermissionIDSet GetPermissions() const override; }; |