summaryrefslogtreecommitdiffstats
path: root/chrome/common/extensions/permissions/permission_set_unittest.cc
diff options
context:
space:
mode:
Diffstat (limited to 'chrome/common/extensions/permissions/permission_set_unittest.cc')
-rw-r--r--chrome/common/extensions/permissions/permission_set_unittest.cc144
1 files changed, 88 insertions, 56 deletions
diff --git a/chrome/common/extensions/permissions/permission_set_unittest.cc b/chrome/common/extensions/permissions/permission_set_unittest.cc
index ef0610f..175b0f7 100644
--- a/chrome/common/extensions/permissions/permission_set_unittest.cc
+++ b/chrome/common/extensions/permissions/permission_set_unittest.cc
@@ -12,10 +12,13 @@
#include "chrome/common/extensions/extension.h"
#include "chrome/common/extensions/extension_test_util.h"
#include "chrome/common/extensions/features/feature_channel.h"
+#include "chrome/common/extensions/permissions/chrome_permission_message_provider.h"
+#include "chrome/common/extensions/permissions/permission_message_util.h"
#include "chrome/common/extensions/permissions/permission_set.h"
#include "chrome/common/extensions/permissions/permissions_data.h"
#include "chrome/common/extensions/permissions/socket_permission.h"
#include "extensions/common/error_utils.h"
+#include "extensions/common/permissions/permission_message_provider.h"
#include "extensions/common/permissions/permissions_info.h"
#include "testing/gtest/include/gtest/gtest.h"
@@ -565,7 +568,7 @@ TEST(PermissionsTest, CreateDifference) {
EXPECT_TRUE(set1->IsEmpty());
}
-TEST(PermissionsTest, HasLessPrivilegesThan) {
+TEST(PermissionsTest, IsPrivilegeIncrease) {
const struct {
const char* base_name;
bool expect_increase;
@@ -621,7 +624,8 @@ TEST(PermissionsTest, HasLessPrivilegesThan) {
Manifest::Type extension_type = old_extension->GetType();
EXPECT_EQ(kTests[i].expect_increase,
- old_p->HasLessPrivilegesThan(new_p.get(), extension_type))
+ PermissionMessageProvider::Get()->IsPrivilegeIncrease(
+ old_p.get(), new_p.get(), extension_type))
<< kTests[i].base_name;
}
}
@@ -769,7 +773,8 @@ TEST(PermissionsTest, FileSystemPermissionMessages) {
scoped_refptr<PermissionSet> permissions(
new PermissionSet(api_permissions, URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
- permissions->GetPermissionMessages(Manifest::TYPE_PLATFORM_APP);
+ PermissionMessageProvider::Get()->GetPermissionMessages(
+ permissions, Manifest::TYPE_PLATFORM_APP);
ASSERT_EQ(2u, messages.size());
std::sort(messages.begin(), messages.end());
std::set<PermissionMessage::ID> ids;
@@ -789,7 +794,8 @@ TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {
scoped_refptr<PermissionSet> permissions(
new PermissionSet(api_permissions, URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
- permissions->GetPermissionMessages(Manifest::TYPE_PLATFORM_APP);
+ PermissionMessageProvider::Get()->GetPermissionMessages(
+ permissions, Manifest::TYPE_PLATFORM_APP);
ASSERT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kFileSystemWriteDirectory, messages[0].id());
}
@@ -811,18 +817,25 @@ TEST(PermissionsTest, MergedFileSystemPermissionComparison) {
scoped_refptr<PermissionSet> write_directory_permissions(new PermissionSet(
write_directory_api_permissions, URLPatternSet(), URLPatternSet()));
- EXPECT_FALSE(write_directory_permissions->HasLessPrivilegesThan(
- write_permissions, Manifest::TYPE_PLATFORM_APP));
- EXPECT_FALSE(write_directory_permissions->HasLessPrivilegesThan(
- directory_permissions, Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(write_permissions->HasLessPrivilegesThan(
- directory_permissions, Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(write_permissions->HasLessPrivilegesThan(
- write_directory_permissions, Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(directory_permissions->HasLessPrivilegesThan(
- write_permissions, Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(directory_permissions->HasLessPrivilegesThan(
- write_directory_permissions, Manifest::TYPE_PLATFORM_APP));
+ const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
+ write_permissions,
+ Manifest::TYPE_PLATFORM_APP));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
+ directory_permissions,
+ Manifest::TYPE_PLATFORM_APP));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
+ directory_permissions,
+ Manifest::TYPE_PLATFORM_APP));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
+ write_directory_permissions,
+ Manifest::TYPE_PLATFORM_APP));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions,
+ write_permissions,
+ Manifest::TYPE_PLATFORM_APP));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions,
+ write_directory_permissions,
+ Manifest::TYPE_PLATFORM_APP));
}
TEST(PermissionsTest, GetWarningMessages_ManyHosts) {
@@ -858,11 +871,12 @@ TEST(PermissionsTest, GetWarningMessages_AudioVideo) {
// Both audio and video present.
scoped_refptr<Extension> extension =
LoadManifest("permissions", "audio-video.json");
+ const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
PermissionSet* set =
const_cast<PermissionSet*>(
extension->GetActivePermissions().get());
std::vector<string16> warnings =
- set->GetWarningMessages(extension->GetType());
+ provider->GetWarningMessages(set, extension->GetType());
EXPECT_FALSE(Contains(warnings, "Use your microphone"));
EXPECT_FALSE(Contains(warnings, "Use your camera"));
EXPECT_TRUE(Contains(warnings, "Use your microphone and camera"));
@@ -871,7 +885,7 @@ TEST(PermissionsTest, GetWarningMessages_AudioVideo) {
// Just audio present.
set->apis_.erase(APIPermission::kVideoCapture);
- warnings = set->GetWarningMessages(extension->GetType());
+ warnings = provider->GetWarningMessages(set, extension->GetType());
EXPECT_EQ(combined_size, warnings.size());
EXPECT_EQ(combined_index, IndexOf(warnings, "Use your microphone"));
EXPECT_FALSE(Contains(warnings, "Use your camera"));
@@ -880,7 +894,7 @@ TEST(PermissionsTest, GetWarningMessages_AudioVideo) {
// Just video present.
set->apis_.erase(APIPermission::kAudioCapture);
set->apis_.insert(APIPermission::kVideoCapture);
- warnings = set->GetWarningMessages(extension->GetType());
+ warnings = provider->GetWarningMessages(set, extension->GetType());
EXPECT_EQ(combined_size, warnings.size());
EXPECT_FALSE(Contains(warnings, "Use your microphone"));
EXPECT_FALSE(Contains(warnings, "Use your microphone and camera"));
@@ -901,9 +915,10 @@ TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {
// permissions do not cover all hosts.
scoped_refptr<Extension> extension =
LoadManifest("permissions", "web_request_com_host_permissions.json");
+ const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
const PermissionSet* set = extension->GetActivePermissions().get();
std::vector<string16> warnings =
- set->GetWarningMessages(extension->GetType());
+ provider->GetWarningMessages(set, extension->GetType());
EXPECT_TRUE(Contains(warnings, "Block parts of web pages"));
EXPECT_FALSE(Contains(warnings, "Access your data on all websites"));
@@ -912,7 +927,7 @@ TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {
extension =
LoadManifest("permissions", "web_request_all_host_permissions.json");
set = extension->GetActivePermissions().get();
- warnings = set->GetWarningMessages(extension->GetType());
+ warnings = provider->GetWarningMessages(set, extension->GetType());
EXPECT_FALSE(Contains(warnings, "Block parts of web pages"));
EXPECT_TRUE(Contains(warnings, "Access your data on all websites"));
}
@@ -1027,7 +1042,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
explicit_hosts.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1039,7 +1055,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
explicit_hosts.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1049,7 +1066,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
explicit_hosts.AddPattern(
URLPattern(URLPattern::SCHEME_HTTPS, "https://www.bar.com/path"));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1059,7 +1077,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
explicit_hosts.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.bar.com/pathypath"));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1075,7 +1094,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
expected.insert("bar.com");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1105,7 +1125,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
expected.insert("www.foo.xyzzy");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1117,7 +1138,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
expected.insert("*.google.com");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
{
@@ -1139,8 +1161,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
scoped_refptr<PermissionSet> perm_set(new PermissionSet(
empty_perms, explicit_hosts, scriptable_hosts));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(perm_set->effective_hosts(),
- true, true));
+ permission_message_util::GetDistinctHosts(
+ perm_set->effective_hosts(), true, true));
}
{
@@ -1154,7 +1176,8 @@ TEST(PermissionsTest, GetDistinctHosts) {
URLPattern(URLPattern::SCHEME_FILE, "file:///*"));
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
}
@@ -1176,7 +1199,8 @@ TEST(PermissionsTest, GetDistinctHosts_ComIsBestRcd) {
std::set<std::string> expected;
expected.insert("www.foo.com");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
TEST(PermissionsTest, GetDistinctHosts_NetIs2ndBestRcd) {
@@ -1196,7 +1220,8 @@ TEST(PermissionsTest, GetDistinctHosts_NetIs2ndBestRcd) {
std::set<std::string> expected;
expected.insert("www.foo.net");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
TEST(PermissionsTest, GetDistinctHosts_OrgIs3rdBestRcd) {
@@ -1215,7 +1240,8 @@ TEST(PermissionsTest, GetDistinctHosts_OrgIs3rdBestRcd) {
std::set<std::string> expected;
expected.insert("www.foo.org");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
TEST(PermissionsTest, GetDistinctHosts_FirstInListIs4thBestRcd) {
@@ -1233,11 +1259,13 @@ TEST(PermissionsTest, GetDistinctHosts_FirstInListIs4thBestRcd) {
std::set<std::string> expected;
expected.insert("www.foo.ca");
EXPECT_EQ(expected,
- PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+ permission_message_util::GetDistinctHosts(
+ explicit_hosts, true, true));
}
-TEST(PermissionsTest, HasLessHostPrivilegesThan) {
- Manifest::Type extension_type = Manifest::TYPE_EXTENSION;
+TEST(PermissionsTest, IsHostPrivilegeIncrease) {
+ Manifest::Type type = Manifest::TYPE_EXTENSION;
+ const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
URLPatternSet elist1;
URLPatternSet elist2;
URLPatternSet slist1;
@@ -1259,33 +1287,33 @@ TEST(PermissionsTest, HasLessHostPrivilegesThan) {
set1 = new PermissionSet(empty_perms, elist1, slist1);
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that paths are ignored.
elist2.ClearPatterns();
elist2.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that RCDs are ignored.
elist2.ClearPatterns();
elist2.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that subdomain wildcards are handled properly.
elist2.ClearPatterns();
elist2.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*"));
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
// TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337
- // EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get()));
+ // EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that different domains count as different hosts.
elist2.ClearPatterns();
@@ -1294,21 +1322,21 @@ TEST(PermissionsTest, HasLessHostPrivilegesThan) {
elist2.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that different subdomains count as different hosts.
elist2.ClearPatterns();
elist2.AddPattern(
URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
set2 = new PermissionSet(empty_perms, elist2, slist2);
- EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set2, set1, type));
// Test that platform apps do not have host permissions increases.
- extension_type = Manifest::TYPE_PLATFORM_APP;
- EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
- EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+ type = Manifest::TYPE_PLATFORM_APP;
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
}
TEST(PermissionsTest, GetAPIsAsStrings) {
@@ -1400,10 +1428,11 @@ TEST(PermissionsTest, ChromeURLs) {
URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/"));
scoped_refptr<PermissionSet> permissions(
new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
- permissions->GetPermissionMessages(Manifest::TYPE_EXTENSION);
+ PermissionMessageProvider::Get()->
+ GetPermissionMessages(permissions, Manifest::TYPE_EXTENSION);
}
-TEST(PermissionsTest, HasLessPrivilegesThan_DeclarativeWebRequest) {
+TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {
scoped_refptr<Extension> extension(
LoadManifest("permissions", "permissions_all_urls.json"));
scoped_refptr<const PermissionSet> permissions(
@@ -1414,7 +1443,10 @@ TEST(PermissionsTest, HasLessPrivilegesThan_DeclarativeWebRequest) {
scoped_refptr<const PermissionSet> permissions_dwr(
extension_dwr->GetActivePermissions());
- EXPECT_FALSE(permissions->HasLessPrivilegesThan(permissions_dwr.get(),
- extension->GetType()));
+ EXPECT_FALSE(PermissionMessageProvider::Get()->
+ IsPrivilegeIncrease(permissions.get(),
+ permissions_dwr.get(),
+ extension->GetType()));
}
+
} // namespace extensions
generated by cgit v1.1 at 2025-01-07 07:43:31 +0000