diff options
10 files changed, 65 insertions, 25 deletions
diff --git a/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc b/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc index 110a069..e64f4d5 100644 --- a/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc +++ b/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc @@ -90,12 +90,8 @@ TEST(MediaGalleriesPermissionTest, BadValues) { scoped_ptr<APIPermission> permission(permission_info->CreateAPIPermission()); - // Empty - scoped_ptr<base::ListValue> value(new base::ListValue()); - CheckFromValue(permission.get(), value.get(), false); - // copyTo and delete without read - value.reset(new base::ListValue()); + scoped_ptr<base::ListValue> value(new base::ListValue()); value->AppendString(MediaGalleriesPermission::kCopyToPermission); CheckFromValue(permission.get(), value.get(), false); @@ -281,6 +277,15 @@ TEST(MediaGalleriesPermissionTest, ToFromValue) { ASSERT_TRUE(vtmp); ASSERT_TRUE(permission2->FromValue(vtmp.get(), NULL, NULL)); EXPECT_TRUE(permission1->Equal(permission2.get())); + + value.reset(new base::ListValue()); + // without sub-permission + ASSERT_TRUE(permission1->FromValue(NULL, NULL, NULL)); + + vtmp = permission1->ToValue(); + ASSERT_TRUE(vtmp); + ASSERT_TRUE(permission2->FromValue(vtmp.get(), NULL, NULL)); + EXPECT_TRUE(permission1->Equal(permission2.get())); } } // namespace diff --git a/extensions/common/permissions/media_galleries_permission.h b/extensions/common/permissions/media_galleries_permission.h index 870a0a9..40a2277 100644 --- a/extensions/common/permissions/media_galleries_permission.h +++ b/extensions/common/permissions/media_galleries_permission.h @@ -21,6 +21,10 @@ namespace extensions { // 'delete' <tertiary-access> // <tertiary-access> // := 'copyTo' | 'copyTo' <tertiary-access> +// An example of a line for mediaGalleries permissions in a manifest file: +// {"mediaGalleries": "read delete"}, +// We also allow a permission without any sub-permissions: +// "mediaGalleries", class MediaGalleriesPermission : public SetDisjunctionPermission<MediaGalleriesPermissionData, MediaGalleriesPermission> { diff --git a/extensions/common/permissions/set_disjunction_permission.h b/extensions/common/permissions/set_disjunction_permission.h index 0e97e9d..ce1c6ee 100644 --- a/extensions/common/permissions/set_disjunction_permission.h +++ b/extensions/common/permissions/set_disjunction_permission.h @@ -105,9 +105,14 @@ class SetDisjunctionPermission : public APIPermission { data_set_.clear(); const base::ListValue* list = NULL; - if (!value || !value->GetAsList(&list) || list->GetSize() == 0) { + if (!value) { + // treat null as an empty list. + return true; + } + + if (!value->GetAsList(&list)) { if (error) - *error = "NULL or empty permission list"; + *error = "Cannot parse the permission list. It's not a list."; return false; } diff --git a/extensions/common/permissions/socket_permission.cc b/extensions/common/permissions/socket_permission.cc index c2ca223..a8e5c18 100644 --- a/extensions/common/permissions/socket_permission.cc +++ b/extensions/common/permissions/socket_permission.cc @@ -38,6 +38,21 @@ SocketPermission::SocketPermission(const APIPermissionInfo* info) SocketPermission::~SocketPermission() {} +bool SocketPermission::FromValue( + const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) { + bool parsed_ok = SetDisjunctionPermission< + SocketPermissionData, SocketPermission>::FromValue(value, error, + unhandled_permissions); + if (parsed_ok && data_set_.empty()) { + if (error) + *error = "NULL or empty permission list"; + return false; + } + return parsed_ok; +} + PermissionIDSet SocketPermission::GetPermissions() const { PermissionIDSet ids; SocketPermissionEntrySet entries = ExtractSocketEntries(data_set_); diff --git a/extensions/common/permissions/socket_permission.h b/extensions/common/permissions/socket_permission.h index 01be06c..590ed5d 100644 --- a/extensions/common/permissions/socket_permission.h +++ b/extensions/common/permissions/socket_permission.h @@ -30,6 +30,12 @@ class SocketPermission ~SocketPermission() override; + // SetDisjunctionPermission overrides. + bool FromValue(const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) override; + + // APIPermission overrides PermissionIDSet GetPermissions() const override; }; diff --git a/extensions/common/permissions/usb_device_permission.cc b/extensions/common/permissions/usb_device_permission.cc index ab279b6..fd94783 100644 --- a/extensions/common/permissions/usb_device_permission.cc +++ b/extensions/common/permissions/usb_device_permission.cc @@ -25,6 +25,21 @@ UsbDevicePermission::UsbDevicePermission(const APIPermissionInfo* info) UsbDevicePermission::~UsbDevicePermission() {} +bool UsbDevicePermission::FromValue( + const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) { + bool parsed_ok = + SetDisjunctionPermission<UsbDevicePermissionData, UsbDevicePermission>:: + FromValue(value, error, unhandled_permissions); + if (parsed_ok && data_set_.empty()) { + if (error) + *error = "NULL or empty permission list"; + return false; + } + return parsed_ok; +} + PermissionIDSet UsbDevicePermission::GetPermissions() const { PermissionIDSet ids; diff --git a/extensions/common/permissions/usb_device_permission.h b/extensions/common/permissions/usb_device_permission.h index 7cba580..2658011 100644 --- a/extensions/common/permissions/usb_device_permission.h +++ b/extensions/common/permissions/usb_device_permission.h @@ -30,6 +30,11 @@ class UsbDevicePermission explicit UsbDevicePermission(const APIPermissionInfo* info); ~UsbDevicePermission() override; + // SetDisjunctionPermission overrides. + bool FromValue(const base::Value* value, + std::string* error, + std::vector<std::string>* unhandled_permissions) override; + // APIPermission overrides PermissionIDSet GetPermissions() const override; }; diff --git a/ui/file_manager/audio_player/manifest.json b/ui/file_manager/audio_player/manifest.json index 30bca62..c5e89fe 100644 --- a/ui/file_manager/audio_player/manifest.json +++ b/ui/file_manager/audio_player/manifest.json @@ -24,12 +24,7 @@ "fileSystem": ["requestFileSystem", "write"] }, "fullscreen", - { - // TODO(ryoh): we do not need any permissions to use getMetadata, - // but mediaGalleriesAPI requires nonempty list, - // or treated as invalid permission requests. - "mediaGalleries": ["we don't need any permissions"] - }, + "mediaGalleries", "mediaPlayerPrivate", "power", "storage", diff --git a/ui/file_manager/file_manager/manifest.json b/ui/file_manager/file_manager/manifest.json index 6c2606e..58222b4 100644 --- a/ui/file_manager/file_manager/manifest.json +++ b/ui/file_manager/file_manager/manifest.json @@ -36,12 +36,7 @@ "https://drive.google.com/", "https://www.google-analytics.com/", "launcherSearchProvider", - { - // TODO(ryoh): we do not need any permissions to use getMetadata, - // but mediaGalleriesAPI requires nonempty list, - // or treated as invalid permission requests. - "mediaGalleries": ["we don't need any permissions"] - }, + "mediaGalleries", "mediaPlayerPrivate", "metricsPrivate", "notifications", diff --git a/ui/file_manager/gallery/manifest.json b/ui/file_manager/gallery/manifest.json index 7ae2b22..d67cda1 100644 --- a/ui/file_manager/gallery/manifest.json +++ b/ui/file_manager/gallery/manifest.json @@ -28,12 +28,7 @@ "fileSystem": ["requestFileSystem", "write"] }, "fullscreen", - { - // TODO(ryoh): we do not need any permissions to use getMetadata, - // but mediaGalleriesAPI requires nonempty list, - // or treated as invalid permission requests. - "mediaGalleries": ["we don't need any permissions"] - }, + "mediaGalleries", "metricsPrivate", "storage", "webview" |