diff options
Diffstat (limited to 'chrome/common')
12 files changed, 11 insertions, 405 deletions
diff --git a/chrome/common/extensions/api/extension_api.cc b/chrome/common/extensions/api/extension_api.cc index f28ab3c..2490d5d 100644 --- a/chrome/common/extensions/api/extension_api.cc +++ b/chrome/common/extensions/api/extension_api.cc @@ -18,10 +18,10 @@ #include "base/values.h" #include "chrome/common/extensions/api/generated_schemas.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/features/feature.h" #include "extensions/common/features/feature_provider.h" +#include "extensions/common/permissions/permission_set.h" #include "grit/common_resources.h" #include "grit/extensions_api_resources.h" #include "ui/base/resource/resource_bundle.h" diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 44e7215..86f20ff 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -22,7 +22,6 @@ #include "base/version.h" #include "chrome/common/extensions/extension_constants.h" #include "chrome/common/extensions/manifest_handler.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "content/public/common/url_constants.h" #include "extensions/common/constants.h" @@ -31,6 +30,7 @@ #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" #include "extensions/common/permissions/api_permission_set.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/permissions/permissions_info.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" diff --git a/chrome/common/extensions/extension_messages.h b/chrome/common/extensions/extension_messages.h index 381a9d7..8e0d843 100644 --- a/chrome/common/extensions/extension_messages.h +++ b/chrome/common/extensions/extension_messages.h @@ -10,11 +10,10 @@ #include "base/memory/shared_memory.h" #include "base/values.h" -#include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/api/messaging/message.h" +#include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/permissions/bluetooth_permission_data.h" #include "chrome/common/extensions/permissions/media_galleries_permission_data.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/socket_permission_data.h" #include "chrome/common/extensions/permissions/usb_device_permission_data.h" #include "chrome/common/web_application_info.h" @@ -22,6 +21,7 @@ #include "content/public/common/socket_permission_request.h" #include "extensions/common/draggable_region.h" #include "extensions/common/extensions_client.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/url_pattern.h" #include "extensions/common/url_pattern_set.h" #include "extensions/common/view_type.h" diff --git a/chrome/common/extensions/features/permission_feature.cc b/chrome/common/extensions/features/permission_feature.cc index 5beb26f..cc91c41 100644 --- a/chrome/common/extensions/features/permission_feature.cc +++ b/chrome/common/extensions/features/permission_feature.cc @@ -4,8 +4,8 @@ #include "chrome/common/extensions/features/permission_feature.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" +#include "extensions/common/permissions/permission_set.h" namespace extensions { diff --git a/chrome/common/extensions/manifest_handlers/shared_module_info.cc b/chrome/common/extensions/manifest_handlers/shared_module_info.cc index 1bf8839..a7c8164 100644 --- a/chrome/common/extensions/manifest_handlers/shared_module_info.cc +++ b/chrome/common/extensions/manifest_handlers/shared_module_info.cc @@ -10,10 +10,10 @@ #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "base/version.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "extensions/common/constants.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/permission_set.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/chrome_permission_message_provider.cc b/chrome/common/extensions/permissions/chrome_permission_message_provider.cc index 1bea93b..433c18d 100644 --- a/chrome/common/extensions/permissions/chrome_permission_message_provider.cc +++ b/chrome/common/extensions/permissions/chrome_permission_message_provider.cc @@ -6,9 +6,9 @@ #include "base/stl_util.h" #include "chrome/common/extensions/permissions/permission_message_util.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "extensions/common/extensions_client.h" #include "extensions/common/permissions/permission_message.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/url_pattern_set.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/permission_message_util.cc b/chrome/common/extensions/permissions/permission_message_util.cc index bb43236..1a99542 100644 --- a/chrome/common/extensions/permissions/permission_message_util.cc +++ b/chrome/common/extensions/permissions/permission_message_util.cc @@ -6,9 +6,9 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/utf_string_conversions.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "content/public/common/url_constants.h" #include "extensions/common/permissions/permission_message.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/url_pattern_set.h" #include "grit/generated_resources.h" #include "net/base/registry_controlled_domains/registry_controlled_domain.h" diff --git a/chrome/common/extensions/permissions/permission_set.cc b/chrome/common/extensions/permissions/permission_set.cc deleted file mode 100644 index 9c97014..0000000 --- a/chrome/common/extensions/permissions/permission_set.cc +++ /dev/null @@ -1,251 +0,0 @@ -// Copyright (c) 2013 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/common/extensions/permissions/permission_set.h" - -#include <algorithm> -#include <iterator> -#include <string> - -#include "extensions/common/permissions/permissions_info.h" -#include "extensions/common/url_pattern.h" -#include "extensions/common/url_pattern_set.h" -#include "url/gurl.h" - -using extensions::URLPatternSet; - -namespace { - -void AddPatternsAndRemovePaths(const URLPatternSet& set, URLPatternSet* out) { - DCHECK(out); - for (URLPatternSet::const_iterator i = set.begin(); i != set.end(); ++i) { - URLPattern p = *i; - p.SetPath("/*"); - out->AddPattern(p); - } -} - -} // namespace - -namespace extensions { - -// -// PermissionSet -// - -PermissionSet::PermissionSet() {} - -PermissionSet::PermissionSet( - const APIPermissionSet& apis, - const URLPatternSet& explicit_hosts, - const URLPatternSet& scriptable_hosts) - : apis_(apis), - scriptable_hosts_(scriptable_hosts) { - AddPatternsAndRemovePaths(explicit_hosts, &explicit_hosts_); - InitImplicitPermissions(); - InitEffectiveHosts(); -} - -// static -PermissionSet* PermissionSet::CreateDifference( - const PermissionSet* set1, - const PermissionSet* set2) { - scoped_refptr<PermissionSet> empty = new PermissionSet(); - const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; - const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; - - APIPermissionSet apis; - APIPermissionSet::Difference(set1_safe->apis(), set2_safe->apis(), &apis); - - URLPatternSet explicit_hosts; - URLPatternSet::CreateDifference(set1_safe->explicit_hosts(), - set2_safe->explicit_hosts(), - &explicit_hosts); - - URLPatternSet scriptable_hosts; - URLPatternSet::CreateDifference(set1_safe->scriptable_hosts(), - set2_safe->scriptable_hosts(), - &scriptable_hosts); - - return new PermissionSet(apis, explicit_hosts, scriptable_hosts); -} - -// static -PermissionSet* PermissionSet::CreateIntersection( - const PermissionSet* set1, - const PermissionSet* set2) { - scoped_refptr<PermissionSet> empty = new PermissionSet(); - const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; - const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; - - APIPermissionSet apis; - APIPermissionSet::Intersection(set1_safe->apis(), set2_safe->apis(), &apis); - - URLPatternSet explicit_hosts; - URLPatternSet::CreateIntersection(set1_safe->explicit_hosts(), - set2_safe->explicit_hosts(), - &explicit_hosts); - - URLPatternSet scriptable_hosts; - URLPatternSet::CreateIntersection(set1_safe->scriptable_hosts(), - set2_safe->scriptable_hosts(), - &scriptable_hosts); - - return new PermissionSet(apis, explicit_hosts, scriptable_hosts); -} - -// static -PermissionSet* PermissionSet::CreateUnion( - const PermissionSet* set1, - const PermissionSet* set2) { - scoped_refptr<PermissionSet> empty = new PermissionSet(); - const PermissionSet* set1_safe = (set1 == NULL) ? empty.get() : set1; - const PermissionSet* set2_safe = (set2 == NULL) ? empty.get() : set2; - - APIPermissionSet apis; - APIPermissionSet::Union(set1_safe->apis(), set2_safe->apis(), &apis); - - URLPatternSet explicit_hosts; - URLPatternSet::CreateUnion(set1_safe->explicit_hosts(), - set2_safe->explicit_hosts(), - &explicit_hosts); - - URLPatternSet scriptable_hosts; - URLPatternSet::CreateUnion(set1_safe->scriptable_hosts(), - set2_safe->scriptable_hosts(), - &scriptable_hosts); - - return new PermissionSet(apis, explicit_hosts, scriptable_hosts); -} - -bool PermissionSet::operator==( - const PermissionSet& rhs) const { - return apis_ == rhs.apis_ && - scriptable_hosts_ == rhs.scriptable_hosts_ && - explicit_hosts_ == rhs.explicit_hosts_; -} - -bool PermissionSet::Contains(const PermissionSet& set) const { - return apis_.Contains(set.apis()) && - explicit_hosts().Contains(set.explicit_hosts()) && - scriptable_hosts().Contains(set.scriptable_hosts()); -} - -std::set<std::string> PermissionSet::GetAPIsAsStrings() const { - std::set<std::string> apis_str; - for (APIPermissionSet::const_iterator i = apis_.begin(); - i != apis_.end(); ++i) { - apis_str.insert(i->name()); - } - return apis_str; -} - -bool PermissionSet::IsEmpty() const { - // Not default if any host permissions are present. - if (!(explicit_hosts().is_empty() && scriptable_hosts().is_empty())) - return false; - - // Or if it has no api permissions. - return apis().empty(); -} - -bool PermissionSet::HasAPIPermission( - APIPermission::ID id) const { - return apis().find(id) != apis().end(); -} - -bool PermissionSet::HasAPIPermission(const std::string& permission_name) const { - const APIPermissionInfo* permission = - PermissionsInfo::GetInstance()->GetByName(permission_name); - CHECK(permission) << permission_name; - return (permission && apis_.count(permission->id())); -} - -bool PermissionSet::CheckAPIPermission(APIPermission::ID permission) const { - return CheckAPIPermissionWithParam(permission, NULL); -} - -bool PermissionSet::CheckAPIPermissionWithParam( - APIPermission::ID permission, - const APIPermission::CheckParam* param) const { - APIPermissionSet::const_iterator iter = apis().find(permission); - if (iter == apis().end()) - return false; - return iter->Check(param); -} - -bool PermissionSet::HasExplicitAccessToOrigin( - const GURL& origin) const { - return explicit_hosts().MatchesURL(origin); -} - -bool PermissionSet::HasScriptableAccessToURL( - const GURL& origin) const { - // We only need to check our host list to verify access. The host list should - // already reflect any special rules (such as chrome://favicon, all hosts - // access, etc.). - return scriptable_hosts().MatchesURL(origin); -} - -bool PermissionSet::HasEffectiveAccessToAllHosts() const { - // There are two ways this set can have effective access to all hosts: - // 1) it has an <all_urls> URL pattern. - // 2) it has a named permission with implied full URL access. - for (URLPatternSet::const_iterator host = effective_hosts().begin(); - host != effective_hosts().end(); ++host) { - if (host->match_all_urls() || - (host->match_subdomains() && host->host().empty())) - return true; - } - - for (APIPermissionSet::const_iterator i = apis().begin(); - i != apis().end(); ++i) { - if (i->info()->implies_full_url_access()) - return true; - } - return false; -} - -bool PermissionSet::HasEffectiveAccessToURL(const GURL& url) const { - return effective_hosts().MatchesURL(url); -} - -bool PermissionSet::HasEffectiveFullAccess() const { - for (APIPermissionSet::const_iterator i = apis().begin(); - i != apis().end(); ++i) { - if (i->info()->implies_full_access()) - return true; - } - return false; -} - -PermissionSet::~PermissionSet() {} - -void PermissionSet::InitImplicitPermissions() { - // The downloads permission implies the internal version as well. - if (apis_.find(APIPermission::kDownloads) != apis_.end()) - apis_.insert(APIPermission::kDownloadsInternal); - - // TODO(fsamuel): Is there a better way to request access to the WebRequest - // API without exposing it to the Chrome App? - if (apis_.find(APIPermission::kWebView) != apis_.end()) - apis_.insert(APIPermission::kWebRequestInternal); - - // The webRequest permission implies the internal version as well. - if (apis_.find(APIPermission::kWebRequest) != apis_.end()) - apis_.insert(APIPermission::kWebRequestInternal); - - // The fileBrowserHandler permission implies the internal version as well. - if (apis_.find(APIPermission::kFileBrowserHandler) != apis_.end()) - apis_.insert(APIPermission::kFileBrowserHandlerInternal); -} - -void PermissionSet::InitEffectiveHosts() { - effective_hosts_.ClearPatterns(); - - URLPatternSet::CreateUnion( - explicit_hosts(), scriptable_hosts(), &effective_hosts_); -} - -} // namespace extensions diff --git a/chrome/common/extensions/permissions/permission_set.h b/chrome/common/extensions/permissions/permission_set.h deleted file mode 100644 index e4cbd43..0000000 --- a/chrome/common/extensions/permissions/permission_set.h +++ /dev/null @@ -1,143 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSION_SET_H_ -#define CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSION_SET_H_ - -#include <map> -#include <set> -#include <string> -#include <vector> - -#include "base/gtest_prod_util.h" -#include "base/memory/ref_counted.h" -#include "base/memory/singleton.h" -#include "base/strings/string16.h" -#include "extensions/common/manifest.h" -#include "extensions/common/permissions/api_permission.h" -#include "extensions/common/permissions/api_permission_set.h" -#include "extensions/common/url_pattern_set.h" - -namespace extensions { -class Extension; - -// The PermissionSet is an immutable class that encapsulates an -// extension's permissions. The class exposes set operations for combining and -// manipulating the permissions. -class PermissionSet - : public base::RefCountedThreadSafe<PermissionSet> { - public: - // Creates an empty permission set (e.g. default permissions). - PermissionSet(); - - // Creates a new permission set based on the specified data: the API - // permissions, host permissions, and scriptable hosts. The effective hosts - // of the newly created permission set will be inferred from the given - // host permissions. - PermissionSet(const APIPermissionSet& apis, - const URLPatternSet& explicit_hosts, - const URLPatternSet& scriptable_hosts); - - // Creates a new permission set equal to |set1| - |set2|, passing ownership of - // the new set to the caller. - static PermissionSet* CreateDifference( - const PermissionSet* set1, const PermissionSet* set2); - - // Creates a new permission set equal to the intersection of |set1| and - // |set2|, passing ownership of the new set to the caller. - static PermissionSet* CreateIntersection( - const PermissionSet* set1, const PermissionSet* set2); - - // Creates a new permission set equal to the union of |set1| and |set2|. - // Passes ownership of the new set to the caller. - static PermissionSet* CreateUnion( - const PermissionSet* set1, const PermissionSet* set2); - - bool operator==(const PermissionSet& rhs) const; - - // Returns true if every API or host permission available to |set| is also - // available to this. In other words, if the API permissions of |set| are a - // subset of this, and the host permissions in this encompass those in |set|. - bool Contains(const PermissionSet& set) const; - - // Gets the API permissions in this set as a set of strings. - std::set<std::string> GetAPIsAsStrings() const; - - // Returns true if this is an empty set (e.g., the default permission set). - bool IsEmpty() const; - - // Returns true if the set has the specified API permission. - bool HasAPIPermission(APIPermission::ID permission) const; - - // Returns true if the |extension| explicitly requests access to the given - // |permission_name|. Note this does not include APIs without no corresponding - // permission, like "runtime" or "browserAction". - bool HasAPIPermission(const std::string& permission_name) const; - - // Returns true if the set allows the given permission with the default - // permission detal. - bool CheckAPIPermission(APIPermission::ID permission) const; - - // Returns true if the set allows the given permission and permission param. - bool CheckAPIPermissionWithParam(APIPermission::ID permission, - const APIPermission::CheckParam* param) const; - - // Returns true if this includes permission to access |origin|. - bool HasExplicitAccessToOrigin(const GURL& origin) const; - - // Returns true if this permission set includes access to script |url|. - bool HasScriptableAccessToURL(const GURL& url) const; - - // Returns true if this permission set includes effective access to all - // origins. - bool HasEffectiveAccessToAllHosts() const; - - // Returns true if this permission set includes effective access to |url|. - bool HasEffectiveAccessToURL(const GURL& url) const; - - // Returns ture if this permission set effectively represents full access - // (e.g. native code). - bool HasEffectiveFullAccess() const; - - const APIPermissionSet& apis() const { return apis_; } - - const URLPatternSet& effective_hosts() const { return effective_hosts_; } - - const URLPatternSet& explicit_hosts() const { return explicit_hosts_; } - - const URLPatternSet& scriptable_hosts() const { return scriptable_hosts_; } - - private: - FRIEND_TEST_ALL_PREFIXES(PermissionsTest, GetWarningMessages_AudioVideo); - friend class base::RefCountedThreadSafe<PermissionSet>; - - ~PermissionSet(); - - void AddAPIPermission(APIPermission::ID id); - - // Adds permissions implied independently of other context. - void InitImplicitPermissions(); - - // Initializes the effective host permission based on the data in this set. - void InitEffectiveHosts(); - - // The api list is used when deciding if an extension can access certain - // extension APIs and features. - APIPermissionSet apis_; - - // The list of hosts that can be accessed directly from the extension. - // TODO(jstritar): Rename to "hosts_"? - URLPatternSet explicit_hosts_; - - // The list of hosts that can be scripted by content scripts. - // TODO(jstritar): Rename to "user_script_hosts_"? - URLPatternSet scriptable_hosts_; - - // The list of hosts this effectively grants access to. - URLPatternSet effective_hosts_; -}; - -} // namespace extensions - -#endif // CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSION_SET_H_ diff --git a/chrome/common/extensions/permissions/permission_set_unittest.cc b/chrome/common/extensions/permissions/permission_set_unittest.cc index 39fe8e4..ca335105a 100644 --- a/chrome/common/extensions/permissions/permission_set_unittest.cc +++ b/chrome/common/extensions/permissions/permission_set_unittest.cc @@ -14,11 +14,11 @@ #include "chrome/common/extensions/features/feature_channel.h" #include "chrome/common/extensions/permissions/chrome_permission_message_provider.h" #include "chrome/common/extensions/permissions/permission_message_util.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/extensions/permissions/socket_permission.h" #include "extensions/common/error_utils.h" #include "extensions/common/permissions/permission_message_provider.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/permissions/permissions_info.h" #include "testing/gtest/include/gtest/gtest.h" diff --git a/chrome/common/extensions/permissions/permissions_data.cc b/chrome/common/extensions/permissions/permissions_data.cc index d6fb529..4c31fcc 100644 --- a/chrome/common/extensions/permissions/permissions_data.cc +++ b/chrome/common/extensions/permissions/permissions_data.cc @@ -14,7 +14,6 @@ #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_constants.h" #include "chrome/common/extensions/permissions/chrome_scheme_hosts.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "content/public/common/url_constants.h" #include "extensions/common/constants.h" #include "extensions/common/error_utils.h" @@ -26,6 +25,7 @@ #include "extensions/common/manifest_constants.h" #include "extensions/common/permissions/api_permission_set.h" #include "extensions/common/permissions/permission_message_provider.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/permissions/permissions_info.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" diff --git a/chrome/common/extensions/permissions/permissions_data_unittest.cc b/chrome/common/extensions/permissions/permissions_data_unittest.cc index 92ec84c..c2bdb07 100644 --- a/chrome/common/extensions/permissions/permissions_data_unittest.cc +++ b/chrome/common/extensions/permissions/permissions_data_unittest.cc @@ -12,7 +12,6 @@ #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_test_util.h" #include "chrome/common/extensions/features/feature_channel.h" -#include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/extensions/permissions/socket_permission.h" #include "content/public/common/socket_permission_request.h" @@ -20,6 +19,7 @@ #include "extensions/common/id_util.h" #include "extensions/common/manifest_constants.h" #include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/permission_set.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" #include "testing/gtest/include/gtest/gtest.h" |