From 793964ab2f1e7148e6e0948911ef8efc932e1858 Mon Sep 17 00:00:00 2001 From: "yoz@chromium.org" Date: Tue, 8 Oct 2013 00:47:19 +0000 Subject: Move APIPermission, APIPermissionSet, PermissionsInfo to top-level extensions. BUG=298586 TBR=sky@chromium.org Review URL: https://codereview.chromium.org/26024004 git-svn-id: svn://svn.chromium.org/chrome/trunk/src@227409 0039d316-1c4b-4281-b951-d872f2087c98 --- apps/DEPS | 1 - apps/saved_files_service.cc | 2 +- .../background_application_list_model_unittest.cc | 2 +- .../extensions/api/file_system/file_system_api.cc | 2 +- .../api/media_galleries/media_galleries_api.cc | 2 +- .../extensions/api/permissions/permissions_api.cc | 2 +- .../api/permissions/permissions_api_helpers.cc | 4 +- .../extensions/api/preference/preference_api.cc | 2 +- .../api/push_messaging/push_messaging_api.cc | 2 +- .../api/storage/managed_value_store_cache.cc | 2 +- .../api/storage/sync_or_local_value_store_cache.cc | 2 +- chrome/browser/extensions/extension_prefs.cc | 2 +- .../browser/extensions/extension_prefs_unittest.cc | 2 +- chrome/browser/extensions/extension_tab_util.cc | 2 +- .../browser/extensions/script_bubble_controller.cc | 2 +- .../browser/extensions/suggest_permission_util.cc | 2 +- .../browser/extensions/suggest_permission_util.h | 2 +- .../media_galleries/media_galleries_preferences.cc | 2 +- .../themes/theme_syncable_service_unittest.cc | 2 +- .../ui/webui/options/content_settings_handler.cc | 2 +- chrome/chrome_common.gypi | 6 - chrome/chrome_tests_unit.gypi | 2 +- .../extensions/api/plugins/plugins_handler.cc | 4 +- .../extensions/api/sockets/sockets_handler.cc | 2 +- .../api/storage/storage_schema_manifest_handler.cc | 2 +- .../system_indicator/system_indicator_handler.cc | 2 +- chrome/common/extensions/background_info.cc | 2 +- chrome/common/extensions/extension.cc | 4 +- chrome/common/extensions/extension.h | 2 +- chrome/common/extensions/extension_messages.cc | 2 +- .../manifest_handlers/app_isolation_info.cc | 2 +- .../manifest_handlers/externally_connectable.cc | 2 +- chrome/common/extensions/manifest_url_handler.cc | 4 +- .../extensions/permissions/api_permission.cc | 143 --------- .../common/extensions/permissions/api_permission.h | 333 -------------------- .../extensions/permissions/api_permission_set.cc | 343 --------------------- .../extensions/permissions/api_permission_set.h | 173 ----------- .../permissions/api_permission_set_unittest.cc | 333 -------------------- .../extensions/permissions/bluetooth_permission.cc | 2 +- .../extensions/permissions/bluetooth_permission.h | 2 +- .../permissions/bluetooth_permission_data.h | 2 +- .../permissions/chrome_api_permissions.cc | 6 +- .../extensions/permissions/chrome_scheme_hosts.cc | 2 +- .../permissions/media_galleries_permission.cc | 2 +- .../permissions/media_galleries_permission.h | 2 +- .../permissions/media_galleries_permission_data.h | 2 +- .../media_galleries_permission_unittest.cc | 4 +- .../extensions/permissions/permission_set.cc | 2 +- .../common/extensions/permissions/permission_set.h | 4 +- .../permissions/permission_set_unittest.cc | 2 +- .../extensions/permissions/permissions_data.cc | 4 +- .../extensions/permissions/permissions_data.h | 2 +- .../permissions/permissions_data_unittest.cc | 2 +- .../extensions/permissions/permissions_info.cc | 101 ------ .../extensions/permissions/permissions_info.h | 81 ----- .../permissions/set_disjunction_permission.h | 2 +- .../extensions/permissions/socket_permission.cc | 2 +- .../extensions/permissions/socket_permission.h | 2 +- .../permissions/socket_permission_data.cc | 2 +- .../permissions/socket_permission_data.h | 2 +- .../permissions/socket_permission_entry.cc | 2 +- .../permissions/socket_permission_unittest.cc | 2 +- .../permissions/usb_device_permission.cc | 2 +- .../extensions/permissions/usb_device_permission.h | 2 +- .../permissions/usb_device_permission_data.cc | 2 +- .../permissions/usb_device_permission_data.h | 2 +- .../permissions/usb_device_permission_unittest.cc | 4 +- chrome/renderer/chrome_render_view_observer.h | 2 +- extensions/DEPS | 6 +- extensions/common/permissions/api_permission.cc | 143 +++++++++ extensions/common/permissions/api_permission.h | 333 ++++++++++++++++++++ .../common/permissions/api_permission_set.cc | 343 +++++++++++++++++++++ extensions/common/permissions/api_permission_set.h | 173 +++++++++++ .../permissions/api_permission_set_unittest.cc | 333 ++++++++++++++++++++ extensions/common/permissions/permissions_info.cc | 101 ++++++ extensions/common/permissions/permissions_info.h | 81 +++++ extensions/extensions.gyp | 6 + 77 files changed, 1587 insertions(+), 1584 deletions(-) delete mode 100644 chrome/common/extensions/permissions/api_permission.cc delete mode 100644 chrome/common/extensions/permissions/api_permission.h delete mode 100644 chrome/common/extensions/permissions/api_permission_set.cc delete mode 100644 chrome/common/extensions/permissions/api_permission_set.h delete mode 100644 chrome/common/extensions/permissions/api_permission_set_unittest.cc delete mode 100644 chrome/common/extensions/permissions/permissions_info.cc delete mode 100644 chrome/common/extensions/permissions/permissions_info.h create mode 100644 extensions/common/permissions/api_permission.cc create mode 100644 extensions/common/permissions/api_permission.h create mode 100644 extensions/common/permissions/api_permission_set.cc create mode 100644 extensions/common/permissions/api_permission_set.h create mode 100644 extensions/common/permissions/api_permission_set_unittest.cc create mode 100644 extensions/common/permissions/permissions_info.cc create mode 100644 extensions/common/permissions/permissions_info.h diff --git a/apps/DEPS b/apps/DEPS index 86a8099..08ba5cf 100644 --- a/apps/DEPS +++ b/apps/DEPS @@ -48,7 +48,6 @@ include_rules = [ "+chrome/common/extensions/extension_set.h", "+chrome/common/extensions/manifest_handlers/icons_handler.h", "+chrome/common/extensions/manifest_handlers/kiosk_mode_info.h", - "+chrome/common/extensions/permissions/api_permission.h", "+chrome/common/extensions/permissions/permission_set.h", ] diff --git a/apps/saved_files_service.cc b/apps/saved_files_service.cc index f832ffe..20f81e8 100644 --- a/apps/saved_files_service.cc +++ b/apps/saved_files_service.cc @@ -15,9 +15,9 @@ #include "chrome/browser/extensions/extension_prefs.h" #include "chrome/browser/extensions/extension_service.h" #include "chrome/browser/extensions/extension_system.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "content/public/browser/notification_service.h" +#include "extensions/common/permissions/api_permission.h" namespace apps { diff --git a/chrome/browser/background/background_application_list_model_unittest.cc b/chrome/browser/background/background_application_list_model_unittest.cc index 2e410c0..0c35c59 100644 --- a/chrome/browser/background/background_application_list_model_unittest.cc +++ b/chrome/browser/background/background_application_list_model_unittest.cc @@ -19,12 +19,12 @@ #include "chrome/browser/extensions/extension_system.h" #include "chrome/browser/extensions/permissions_updater.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/test/base/testing_profile.h" #include "content/public/browser/notification_registrar.h" #include "content/public/browser/notification_types.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" #include "testing/gtest/include/gtest/gtest.h" // This value is used to seed the PRNG at the beginning of a sequence of diff --git a/chrome/browser/extensions/api/file_system/file_system_api.cc b/chrome/browser/extensions/api/file_system/file_system_api.cc index ea2a23f..93a2a2f 100644 --- a/chrome/browser/extensions/api/file_system/file_system_api.cc +++ b/chrome/browser/extensions/api/file_system/file_system_api.cc @@ -27,13 +27,13 @@ #include "chrome/browser/ui/chrome_select_file_policy.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/api/file_system.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/child_process_security_policy.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_view_host.h" #include "content/public/browser/web_contents.h" #include "content/public/browser/web_contents_view.h" +#include "extensions/common/permissions/api_permission.h" #include "grit/generated_resources.h" #include "net/base/mime_util.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/browser/extensions/api/media_galleries/media_galleries_api.cc b/chrome/browser/extensions/api/media_galleries/media_galleries_api.cc index 1167e22..c07e229 100644 --- a/chrome/browser/extensions/api/media_galleries/media_galleries_api.cc +++ b/chrome/browser/extensions/api/media_galleries/media_galleries_api.cc @@ -26,7 +26,6 @@ #include "chrome/browser/ui/chrome_select_file_policy.h" #include "chrome/common/extensions/api/media_galleries.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/pref_names.h" @@ -35,6 +34,7 @@ #include "content/public/browser/render_process_host.h" #include "content/public/browser/render_view_host.h" #include "content/public/browser/web_contents.h" +#include "extensions/common/permissions/api_permission.h" #if defined(OS_WIN) #include "base/strings/sys_string_conversions.h" diff --git a/chrome/browser/extensions/api/permissions/permissions_api.cc b/chrome/browser/extensions/api/permissions/permissions_api.cc index cf40ae1..9fc6536 100644 --- a/chrome/browser/extensions/api/permissions/permissions_api.cc +++ b/chrome/browser/extensions/api/permissions/permissions_api.cc @@ -13,8 +13,8 @@ #include "chrome/common/extensions/api/permissions.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/permissions/permissions_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "extensions/common/error_utils.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/url_pattern_set.h" #include "url/gurl.h" diff --git a/chrome/browser/extensions/api/permissions/permissions_api_helpers.cc b/chrome/browser/extensions/api/permissions/permissions_api_helpers.cc index 9a610c0..3b2e70d 100644 --- a/chrome/browser/extensions/api/permissions/permissions_api_helpers.cc +++ b/chrome/browser/extensions/api/permissions/permissions_api_helpers.cc @@ -10,9 +10,9 @@ #include "chrome/common/extensions/api/permissions.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/permissions/permission_set.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/usb_device_permission.h" #include "extensions/common/error_utils.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/url_pattern_set.h" using extensions::APIPermission; @@ -145,5 +145,5 @@ scoped_refptr UnpackPermissionSet( new PermissionSet(apis, origins, URLPatternSet())); } -} // namespace permissions_api +} // namespace permissions_api_helpers } // namespace extensions diff --git a/chrome/browser/extensions/api/preference/preference_api.cc b/chrome/browser/extensions/api/preference/preference_api.cc index ca6f938..87f9e1c 100644 --- a/chrome/browser/extensions/api/preference/preference_api.cc +++ b/chrome/browser/extensions/api/preference/preference_api.cc @@ -23,12 +23,12 @@ #include "chrome/browser/extensions/extension_service.h" #include "chrome/browser/extensions/extension_system.h" #include "chrome/browser/profiles/profile.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/pref_names.h" #include "content/public/browser/notification_details.h" #include "content/public/browser/notification_source.h" #include "extensions/browser/pref_names.h" #include "extensions/common/error_utils.h" +#include "extensions/common/permissions/api_permission.h" namespace keys = extensions::preference_api_constants; namespace helpers = extensions::preference_helpers; diff --git a/chrome/browser/extensions/api/push_messaging/push_messaging_api.cc b/chrome/browser/extensions/api/push_messaging/push_messaging_api.cc index cae3129..0d5d6bf 100644 --- a/chrome/browser/extensions/api/push_messaging/push_messaging_api.cc +++ b/chrome/browser/extensions/api/push_messaging/push_messaging_api.cc @@ -28,10 +28,10 @@ #include "chrome/common/extensions/api/push_messaging.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_set.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/notification_details.h" #include "content/public/browser/notification_source.h" +#include "extensions/common/permissions/api_permission.h" #include "google_apis/gaia/gaia_constants.h" #include "url/gurl.h" diff --git a/chrome/browser/extensions/api/storage/managed_value_store_cache.cc b/chrome/browser/extensions/api/storage/managed_value_store_cache.cc index 05e6ebb..b60b773 100644 --- a/chrome/browser/extensions/api/storage/managed_value_store_cache.cc +++ b/chrome/browser/extensions/api/storage/managed_value_store_cache.cc @@ -26,7 +26,6 @@ #include "chrome/common/extensions/api/storage/storage_schema_manifest_handler.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_set.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "components/policy/core/common/schema.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/notification_observer.h" @@ -35,6 +34,7 @@ #include "extensions/common/constants.h" #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" using content::BrowserThread; diff --git a/chrome/browser/extensions/api/storage/sync_or_local_value_store_cache.cc b/chrome/browser/extensions/api/storage/sync_or_local_value_store_cache.cc index da38155..dd34537 100644 --- a/chrome/browser/extensions/api/storage/sync_or_local_value_store_cache.cc +++ b/chrome/browser/extensions/api/storage/sync_or_local_value_store_cache.cc @@ -14,9 +14,9 @@ #include "chrome/browser/extensions/api/storage/weak_unlimited_settings_storage.h" #include "chrome/browser/sync/glue/sync_start_util.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "content/public/browser/browser_thread.h" #include "extensions/common/constants.h" +#include "extensions/common/permissions/api_permission.h" using content::BrowserThread; diff --git a/chrome/browser/extensions/extension_prefs.cc b/chrome/browser/extensions/extension_prefs.cc index a9d5d0e..bee5000 100644 --- a/chrome/browser/extensions/extension_prefs.cc +++ b/chrome/browser/extensions/extension_prefs.cc @@ -23,13 +23,13 @@ #include "chrome/common/extensions/feature_switch.h" #include "chrome/common/extensions/manifest_handlers/app_launch_info.h" #include "chrome/common/extensions/permissions/permission_set.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/pref_names.h" #include "chrome/common/url_constants.h" #include "components/user_prefs/pref_registry_syncable.h" #include "content/public/browser/notification_service.h" #include "extensions/browser/pref_names.h" #include "extensions/common/manifest.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/url_pattern.h" #include "extensions/common/user_script.h" #include "grit/generated_resources.h" diff --git a/chrome/browser/extensions/extension_prefs_unittest.cc b/chrome/browser/extensions/extension_prefs_unittest.cc index 5d5f9c7..aa21caa 100644 --- a/chrome/browser/extensions/extension_prefs_unittest.cc +++ b/chrome/browser/extensions/extension_prefs_unittest.cc @@ -19,12 +19,12 @@ #include "chrome/browser/prefs/scoped_user_pref_update.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/permissions/permission_set.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "components/user_prefs/pref_registry_syncable.h" #include "content/public/browser/notification_details.h" #include "content/public/browser/notification_source.h" #include "content/public/test/mock_notification_observer.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/permissions_info.h" #include "sync/api/string_ordinal.h" using base::Time; diff --git a/chrome/browser/extensions/extension_tab_util.cc b/chrome/browser/extensions/extension_tab_util.cc index c9e4260..004fca0 100644 --- a/chrome/browser/extensions/extension_tab_util.cc +++ b/chrome/browser/extensions/extension_tab_util.cc @@ -20,7 +20,6 @@ #include "chrome/browser/ui/tabs/tab_strip_model.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/manifest_url_handler.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/net/url_fixer_upper.h" #include "chrome/common/url_constants.h" @@ -29,6 +28,7 @@ #include "content/public/browser/web_contents.h" #include "content/public/browser/web_contents_view.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" #include "url/gurl.h" namespace keys = extensions::tabs_constants; diff --git a/chrome/browser/extensions/script_bubble_controller.cc b/chrome/browser/extensions/script_bubble_controller.cc index 08828a3..a47d24a 100644 --- a/chrome/browser/extensions/script_bubble_controller.cc +++ b/chrome/browser/extensions/script_bubble_controller.cc @@ -13,8 +13,8 @@ #include "chrome/browser/extensions/location_bar_controller.h" #include "chrome/browser/profiles/profile.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "content/public/browser/navigation_details.h" +#include "extensions/common/permissions/api_permission.h" using extensions::APIPermission; diff --git a/chrome/browser/extensions/suggest_permission_util.cc b/chrome/browser/extensions/suggest_permission_util.cc index 6a61fa0..cd9e1db 100644 --- a/chrome/browser/extensions/suggest_permission_util.cc +++ b/chrome/browser/extensions/suggest_permission_util.cc @@ -8,9 +8,9 @@ #include "chrome/browser/extensions/extension_system.h" #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_messages.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "content/public/browser/render_view_host.h" #include "content/public/common/console_message_level.h" +#include "extensions/common/permissions/permissions_info.h" using content::CONSOLE_MESSAGE_LEVEL_WARNING; using content::RenderViewHost; diff --git a/chrome/browser/extensions/suggest_permission_util.h b/chrome/browser/extensions/suggest_permission_util.h index b71d3d4..ba55aec 100644 --- a/chrome/browser/extensions/suggest_permission_util.h +++ b/chrome/browser/extensions/suggest_permission_util.h @@ -5,7 +5,7 @@ #ifndef CHROME_BROWSER_EXTENSIONS_SUGGEST_PERMISSION_UTIL_H_ #define CHROME_BROWSER_EXTENSIONS_SUGGEST_PERMISSION_UTIL_H_ -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" class Profile; diff --git a/chrome/browser/media_galleries/media_galleries_preferences.cc b/chrome/browser/media_galleries/media_galleries_preferences.cc index 09744b3..df5bbec 100644 --- a/chrome/browser/media_galleries/media_galleries_preferences.cc +++ b/chrome/browser/media_galleries/media_galleries_preferences.cc @@ -27,12 +27,12 @@ #include "chrome/browser/storage_monitor/storage_monitor.h" #include "chrome/common/chrome_paths.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/pref_names.h" #include "components/user_prefs/pref_registry_syncable.h" #include "content/public/browser/browser_thread.h" +#include "extensions/common/permissions/api_permission.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" #include "ui/base/text/bytes_formatting.h" diff --git a/chrome/browser/themes/theme_syncable_service_unittest.cc b/chrome/browser/themes/theme_syncable_service_unittest.cc index 0d53ee3..42ae85f 100644 --- a/chrome/browser/themes/theme_syncable_service_unittest.cc +++ b/chrome/browser/themes/theme_syncable_service_unittest.cc @@ -17,11 +17,11 @@ #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_messages.h" #include "chrome/common/extensions/manifest_url_handler.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/test/base/testing_profile.h" #include "content/public/test/test_browser_thread.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" #include "sync/api/sync_error.h" #include "sync/api/sync_error_factory_mock.h" #include "sync/protocol/sync.pb.h" diff --git a/chrome/browser/ui/webui/options/content_settings_handler.cc b/chrome/browser/ui/webui/options/content_settings_handler.cc index 3cfb99d..d514c51 100644 --- a/chrome/browser/ui/webui/options/content_settings_handler.cc +++ b/chrome/browser/ui/webui/options/content_settings_handler.cc @@ -32,7 +32,6 @@ #include "chrome/common/content_settings_pattern.h" #include "chrome/common/extensions/extension_set.h" #include "chrome/common/extensions/manifest_handlers/app_launch_info.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/pref_names.h" #include "chrome/common/url_constants.h" #include "content/public/browser/notification_service.h" @@ -41,6 +40,7 @@ #include "content/public/browser/user_metrics.h" #include "content/public/browser/web_ui.h" #include "content/public/common/content_switches.h" +#include "extensions/common/permissions/api_permission.h" #include "grit/generated_resources.h" #include "grit/locale_settings.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/chrome_common.gypi b/chrome/chrome_common.gypi index 4c58171..dc50d33 100644 --- a/chrome/chrome_common.gypi +++ b/chrome/chrome_common.gypi @@ -243,10 +243,6 @@ 'common/extensions/message_bundle.h', 'common/extensions/mime_types_handler.cc', 'common/extensions/mime_types_handler.h', - 'common/extensions/permissions/api_permission.cc', - 'common/extensions/permissions/api_permission.h', - 'common/extensions/permissions/api_permission_set.cc', - 'common/extensions/permissions/api_permission_set.h', 'common/extensions/permissions/bluetooth_permission.cc', 'common/extensions/permissions/bluetooth_permission.h', 'common/extensions/permissions/bluetooth_permission_data.cc', @@ -265,8 +261,6 @@ 'common/extensions/permissions/permission_set.h', 'common/extensions/permissions/permissions_data.cc', 'common/extensions/permissions/permissions_data.h', - 'common/extensions/permissions/permissions_info.cc', - 'common/extensions/permissions/permissions_info.h', 'common/extensions/permissions/set_disjunction_permission.h', 'common/extensions/permissions/socket_permission.cc', 'common/extensions/permissions/socket_permission.h', diff --git a/chrome/chrome_tests_unit.gypi b/chrome/chrome_tests_unit.gypi index d114598..46d1362 100644 --- a/chrome/chrome_tests_unit.gypi +++ b/chrome/chrome_tests_unit.gypi @@ -520,6 +520,7 @@ '../extensions/common/matcher/url_matcher_factory_unittest.cc', '../extensions/common/matcher/url_matcher_unittest.cc', '../extensions/common/one_shot_event_unittest.cc', + '../extensions/common/permissions/api_permission_set_unittest.cc', '../extensions/common/url_pattern_set_unittest.cc', '../extensions/common/url_pattern_unittest.cc', '../extensions/common/user_script_unittest.cc', @@ -1786,7 +1787,6 @@ 'common/extensions/manifest_unittest.cc', 'common/extensions/manifest_handler_unittest.cc', 'common/extensions/message_bundle_unittest.cc', - 'common/extensions/permissions/api_permission_set_unittest.cc', 'common/extensions/permissions/media_galleries_permission_unittest.cc', 'common/extensions/permissions/permission_set_unittest.cc', 'common/extensions/permissions/permissions_data_unittest.cc', diff --git a/chrome/common/extensions/api/plugins/plugins_handler.cc b/chrome/common/extensions/api/plugins/plugins_handler.cc index 03357a0..1f1ea6d 100644 --- a/chrome/common/extensions/api/plugins/plugins_handler.cc +++ b/chrome/common/extensions/api/plugins/plugins_handler.cc @@ -8,12 +8,12 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/utf_string_conversions.h" #include "base/values.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission_set.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/api/sockets/sockets_handler.cc b/chrome/common/extensions/api/sockets/sockets_handler.cc index a367239..fdc6984 100644 --- a/chrome/common/extensions/api/sockets/sockets_handler.cc +++ b/chrome/common/extensions/api/sockets/sockets_handler.cc @@ -9,11 +9,11 @@ #include "base/values.h" #include "chrome/common/extensions/api/manifest_types.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/extensions/permissions/socket_permission_data.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" namespace extensions { diff --git a/chrome/common/extensions/api/storage/storage_schema_manifest_handler.cc b/chrome/common/extensions/api/storage/storage_schema_manifest_handler.cc index d95a967..a9bef0ce 100644 --- a/chrome/common/extensions/api/storage/storage_schema_manifest_handler.cc +++ b/chrome/common/extensions/api/storage/storage_schema_manifest_handler.cc @@ -14,11 +14,11 @@ #include "base/strings/stringprintf.h" #include "base/strings/utf_string_conversions.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "components/policy/core/common/schema.h" #include "extensions/common/install_warning.h" #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" using extensions::manifest_keys::kStorageManagedSchema; diff --git a/chrome/common/extensions/api/system_indicator/system_indicator_handler.cc b/chrome/common/extensions/api/system_indicator/system_indicator_handler.cc index d57747a..451bd12 100644 --- a/chrome/common/extensions/api/system_indicator/system_indicator_handler.cc +++ b/chrome/common/extensions/api/system_indicator/system_indicator_handler.cc @@ -9,9 +9,9 @@ #include "base/values.h" #include "chrome/common/extensions/api/extension_action/action_info.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" namespace extensions { diff --git a/chrome/common/extensions/background_info.cc b/chrome/common/extensions/background_info.cc index 4862aa4..54be0b8 100644 --- a/chrome/common/extensions/background_info.cc +++ b/chrome/common/extensions/background_info.cc @@ -12,11 +12,11 @@ #include "base/strings/utf_string_conversions.h" #include "chrome/common/chrome_switches.h" #include "chrome/common/extensions/extension_file_util.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/constants.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/extension.cc b/chrome/common/extensions/extension.cc index 29a9e44..1855691 100644 --- a/chrome/common/extensions/extension.cc +++ b/chrome/common/extensions/extension.cc @@ -21,16 +21,16 @@ #include "base/values.h" #include "base/version.h" #include "chrome/common/extensions/manifest_handler.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "content/public/common/url_constants.h" #include "extensions/common/constants.h" #include "extensions/common/error_utils.h" #include "extensions/common/id_util.h" #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" #include "grit/chromium_strings.h" diff --git a/chrome/common/extensions/extension.h b/chrome/common/extensions/extension.h index 3c1067d..c84f7f3 100644 --- a/chrome/common/extensions/extension.h +++ b/chrome/common/extensions/extension.h @@ -21,10 +21,10 @@ #include "base/synchronization/lock.h" #include "base/threading/thread_checker.h" #include "chrome/common/extensions/extension_constants.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "extensions/common/extension_resource.h" #include "extensions/common/install_warning.h" #include "extensions/common/manifest.h" +#include "extensions/common/permissions/api_permission.h" #include "extensions/common/url_pattern.h" #include "extensions/common/url_pattern_set.h" #include "ui/base/accelerators/accelerator.h" diff --git a/chrome/common/extensions/extension_messages.cc b/chrome/common/extensions/extension_messages.cc index 1530222..0e3c5e4 100644 --- a/chrome/common/extensions/extension_messages.cc +++ b/chrome/common/extensions/extension_messages.cc @@ -7,9 +7,9 @@ #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_constants.h" #include "chrome/common/extensions/permissions/permissions_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "content/public/common/common_param_traits.h" #include "extensions/common/manifest.h" +#include "extensions/common/permissions/permissions_info.h" using extensions::APIPermission; using extensions::APIPermissionInfo; diff --git a/chrome/common/extensions/manifest_handlers/app_isolation_info.cc b/chrome/common/extensions/manifest_handlers/app_isolation_info.cc index 98989b9..7798eac 100644 --- a/chrome/common/extensions/manifest_handlers/app_isolation_info.cc +++ b/chrome/common/extensions/manifest_handlers/app_isolation_info.cc @@ -9,10 +9,10 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/utf_string_conversions.h" #include "base/values.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" namespace extensions { diff --git a/chrome/common/extensions/manifest_handlers/externally_connectable.cc b/chrome/common/extensions/manifest_handlers/externally_connectable.cc index 0b55d74..8104a45 100644 --- a/chrome/common/extensions/manifest_handlers/externally_connectable.cc +++ b/chrome/common/extensions/manifest_handlers/externally_connectable.cc @@ -9,10 +9,10 @@ #include "base/stl_util.h" #include "base/strings/utf_string_conversions.h" #include "chrome/common/extensions/api/manifest_types.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" #include "extensions/common/url_pattern.h" #include "net/base/registry_controlled_domains/registry_controlled_domain.h" #include "url/gurl.h" diff --git a/chrome/common/extensions/manifest_url_handler.cc b/chrome/common/extensions/manifest_url_handler.cc index 14e0189..1e3e349 100644 --- a/chrome/common/extensions/manifest_url_handler.cc +++ b/chrome/common/extensions/manifest_url_handler.cc @@ -13,13 +13,13 @@ #include "base/values.h" #include "chrome/common/chrome_constants.h" #include "chrome/common/extensions/extension_file_util.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/url_constants.h" #include "extensions/common/error_utils.h" #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission_set.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/api_permission.cc b/chrome/common/extensions/permissions/api_permission.cc deleted file mode 100644 index d6a365e..0000000 --- a/chrome/common/extensions/permissions/api_permission.cc +++ /dev/null @@ -1,143 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/common/extensions/permissions/api_permission.h" - -#include "ui/base/l10n/l10n_util.h" - -namespace { - -using extensions::APIPermission; -using extensions::APIPermissionInfo; -using extensions::PermissionMessage; -using extensions::PermissionMessages; - -class SimpleAPIPermission : public APIPermission { - public: - explicit SimpleAPIPermission(const APIPermissionInfo* permission) - : APIPermission(permission) { } - - virtual ~SimpleAPIPermission() { } - - virtual bool HasMessages() const OVERRIDE { - return info()->message_id() > PermissionMessage::kNone; - } - - virtual PermissionMessages GetMessages() const OVERRIDE { - DCHECK(HasMessages()); - PermissionMessages result; - result.push_back(GetMessage_()); - return result; - } - - virtual bool Check( - const APIPermission::CheckParam* param) const OVERRIDE { - return !param; - } - - virtual bool Contains(const APIPermission* rhs) const OVERRIDE { - CHECK(info() == rhs->info()); - return true; - } - - virtual bool Equal(const APIPermission* rhs) const OVERRIDE { - if (this == rhs) - return true; - CHECK(info() == rhs->info()); - return true; - } - - virtual bool FromValue(const base::Value* value) OVERRIDE { - if (value) - return false; - return true; - } - - virtual scoped_ptr ToValue() const OVERRIDE { - return scoped_ptr(); - } - - virtual APIPermission* Clone() const OVERRIDE { - return new SimpleAPIPermission(info()); - } - - virtual APIPermission* Diff(const APIPermission* rhs) const OVERRIDE { - CHECK(info() == rhs->info()); - return NULL; - } - - virtual APIPermission* Union(const APIPermission* rhs) const OVERRIDE { - CHECK(info() == rhs->info()); - return new SimpleAPIPermission(info()); - } - - virtual APIPermission* Intersect(const APIPermission* rhs) const OVERRIDE { - CHECK(info() == rhs->info()); - return new SimpleAPIPermission(info()); - } - - virtual void Write(IPC::Message* m) const OVERRIDE { } - - virtual bool Read(const IPC::Message* m, PickleIterator* iter) OVERRIDE { - return true; - } - - virtual void Log(std::string* log) const OVERRIDE { } -}; - -} // namespace - -namespace extensions { - -APIPermission::APIPermission(const APIPermissionInfo* info) - : info_(info) { - DCHECK(info_); -} - -APIPermission::~APIPermission() { } - -APIPermission::ID APIPermission::id() const { - return info()->id(); -} - -const char* APIPermission::name() const { - return info()->name(); -} - -PermissionMessage APIPermission::GetMessage_() const { - return info()->GetMessage_(); -} - -// -// APIPermissionInfo -// - -APIPermissionInfo::APIPermissionInfo( - APIPermission::ID id, - const char* name, - int l10n_message_id, - PermissionMessage::ID message_id, - int flags, - APIPermissionConstructor api_permission_constructor) - : id_(id), - name_(name), - flags_(flags), - l10n_message_id_(l10n_message_id), - message_id_(message_id), - api_permission_constructor_(api_permission_constructor) { } - - -APIPermissionInfo::~APIPermissionInfo() { } - -APIPermission* APIPermissionInfo::CreateAPIPermission() const { - return api_permission_constructor_ ? - api_permission_constructor_(this) : new SimpleAPIPermission(this); -} - -PermissionMessage APIPermissionInfo::GetMessage_() const { - return PermissionMessage( - message_id_, l10n_util::GetStringUTF16(l10n_message_id_)); -} - -} // namespace extensions diff --git a/chrome/common/extensions/permissions/api_permission.h b/chrome/common/extensions/permissions/api_permission.h deleted file mode 100644 index 1debe6e..0000000 --- a/chrome/common/extensions/permissions/api_permission.h +++ /dev/null @@ -1,333 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ -#define CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ - -#include -#include -#include - -#include "base/callback.h" -#include "base/memory/scoped_ptr.h" -#include "base/pickle.h" -#include "base/values.h" -#include "extensions/common/permissions/permission_message.h" - -namespace IPC { -class Message; -} - -namespace extensions { - -class APIPermissionInfo; -class ChromeAPIPermissions; - -// APIPermission is for handling some complex permissions. Please refer to -// extensions::SocketPermission as an example. -// There is one instance per permission per loaded extension. -class APIPermission { - public: - enum ID { - // Error codes. - kInvalid = -2, - kUnknown = -1, - - // Real permissions. - kActiveTab, - kActivityLogPrivate, - kAdView, - kAlarms, - kAppCurrentWindowInternal, - kAppRuntime, - kAppWindow, - kAudio, - kAudioCapture, - kAutoTestPrivate, - kBackground, - kBluetooth, - kBookmark, - kBookmarkManagerPrivate, - kBrailleDisplayPrivate, - kBrowsingData, - kCast, - kChromeosInfoPrivate, - kClipboardRead, - kClipboardWrite, - kCloudPrintPrivate, - kCommandLinePrivate, - kContentSettings, - kContextMenus, - kCookie, - kDiagnostics, - kDial, - kDebugger, - kDeclarative, - kDeclarativeContent, - kDeclarativeWebRequest, - kDesktopCapture, - kDeveloperPrivate, - kDevtools, - kDns, - kDownloads, - kDownloadsInternal, - kDownloadsOpen, - kDownloadsShelf, - kEchoPrivate, - kEnterprisePlatformKeysPrivate, - kExperimental, - kFeedbackPrivate, - kFileBrowserHandler, - kFileBrowserHandlerInternal, - kFileBrowserPrivate, - kFileSystem, - kFileSystemDirectory, - kFileSystemRetainEntries, - kFileSystemWrite, - kFileSystemWriteDirectory, - kFontSettings, - kFullscreen, - kGeolocation, - kHistory, - kIdentity, - kIdentityPrivate, - kIdltest, - kIdle, - kInfobars, - kInput, - kInputMethodPrivate, - kLocation, - kLogPrivate, - kManagement, - kMediaGalleries, - kMediaGalleriesPrivate, - kMediaPlayerPrivate, - kMetricsPrivate, - kMDns, - kMusicManagerPrivate, - kNativeMessaging, - kNetworkingPrivate, - kNotification, - kPageCapture, - kPointerLock, - kPlugin, - kPower, - kPreferencesPrivate, - kPrincipalsPrivate, - kPrivacy, - kProcesses, - kProxy, - kPushMessaging, - kImageWriterPrivate, - kRtcPrivate, - kScreensaver, - kSerial, - kSessions, - kSignedInDevices, - kSocket, - kSocketsUdp, - kStorage, - kStreamsPrivate, - kSyncFileSystem, - kSystemPrivate, - kSystemIndicator, - kSystemDisplay, - kSystemStorage, - kTab, - kTabCapture, - kTabCaptureForTab, - kTerminalPrivate, - kTopSites, - kTts, - kTtsEngine, - kUnlimitedStorage, - kUsb, - kUsbDevice, - kVideoCapture, - kVirtualKeyboardPrivate, - kWallpaper, - kWallpaperPrivate, - kWebConnectable, // for externally_connectable manifest key - kWebNavigation, - kWebRequest, - kWebRequestBlocking, - kWebRequestInternal, - kWebRtc, - kWebrtcLoggingPrivate, - kWebstorePrivate, - kWebView, - kSystemCpu, - kSystemMemory, - kSystemInfoCpu, - kSystemInfoMemory, - kEnumBoundary - }; - - struct CheckParam { - }; - - explicit APIPermission(const APIPermissionInfo* info); - - virtual ~APIPermission(); - - // Returns the id of this permission. - ID id() const; - - // Returns the name of this permission. - const char* name() const; - - // Returns the APIPermission of this permission. - const APIPermissionInfo* info() const { - return info_; - } - - // Returns true if this permission has any PermissionMessages. - virtual bool HasMessages() const = 0; - - // Returns the localized permission messages of this permission. - virtual PermissionMessages GetMessages() const = 0; - - // Returns true if the given permission is allowed. - virtual bool Check(const CheckParam* param) const = 0; - - // Returns true if |rhs| is a subset of this. - virtual bool Contains(const APIPermission* rhs) const = 0; - - // Returns true if |rhs| is equal to this. - virtual bool Equal(const APIPermission* rhs) const = 0; - - // Parses the APIPermission from |value|. Returns false if error happens. - virtual bool FromValue(const base::Value* value) = 0; - - // Stores this into a new created |value|. - virtual scoped_ptr ToValue() const = 0; - - // Clones this. - virtual APIPermission* Clone() const = 0; - - // Returns a new API permission which equals this - |rhs|. - virtual APIPermission* Diff(const APIPermission* rhs) const = 0; - - // Returns a new API permission which equals the union of this and |rhs|. - virtual APIPermission* Union(const APIPermission* rhs) const = 0; - - // Returns a new API permission which equals the intersect of this and |rhs|. - virtual APIPermission* Intersect(const APIPermission* rhs) const = 0; - - // IPC functions - // Writes this into the given IPC message |m|. - virtual void Write(IPC::Message* m) const = 0; - - // Reads from the given IPC message |m|. - virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0; - - // Logs this permission. - virtual void Log(std::string* log) const = 0; - - protected: - // Returns the localized permission message associated with this api. - // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. - PermissionMessage GetMessage_() const; - - private: - const APIPermissionInfo* const info_; -}; - - -// The APIPermissionInfo is an immutable class that describes a single -// named permission (API permission). -// There is one instance per permission. -class APIPermissionInfo { - public: - enum Flag { - kFlagNone = 0, - - // Indicates if the permission implies full access (native code). - kFlagImpliesFullAccess = 1 << 0, - - // Indicates if the permission implies full URL access. - kFlagImpliesFullURLAccess = 1 << 1, - - // Indicates that extensions cannot specify the permission as optional. - kFlagCannotBeOptional = 1 << 3, - - // Indicates that the permission is internal to the extensions - // system and cannot be specified in the "permissions" list. - kFlagInternal = 1 << 4, - }; - - typedef APIPermission* (*APIPermissionConstructor)(const APIPermissionInfo*); - - typedef std::set IDSet; - - ~APIPermissionInfo(); - - // Creates a APIPermission instance. - APIPermission* CreateAPIPermission() const; - - int flags() const { return flags_; } - - APIPermission::ID id() const { return id_; } - - // Returns the message id associated with this permission. - PermissionMessage::ID message_id() const { - return message_id_; - } - - // Returns the name of this permission. - const char* name() const { return name_; } - - // Returns true if this permission implies full access (e.g., native code). - bool implies_full_access() const { - return (flags_ & kFlagImpliesFullAccess) != 0; - } - - // Returns true if this permission implies full URL access. - bool implies_full_url_access() const { - return (flags_ & kFlagImpliesFullURLAccess) != 0; - } - - // Returns true if this permission can be added and removed via the - // optional permissions extension API. - bool supports_optional() const { - return (flags_ & kFlagCannotBeOptional) == 0; - } - - // Returns true if this permission is internal rather than a - // "permissions" list entry. - bool is_internal() const { - return (flags_ & kFlagInternal) != 0; - } - - private: - // Instances should only be constructed from within a - // PermissionsInfo::Delegate. - friend class ChromeAPIPermissions; - // Implementations of APIPermission will want to get the permission message, - // but this class's implementation should be hidden from everyone else. - friend class APIPermission; - - explicit APIPermissionInfo( - APIPermission::ID id, - const char* name, - int l10n_message_id, - PermissionMessage::ID message_id, - int flags, - APIPermissionConstructor api_permission_constructor); - - // Returns the localized permission message associated with this api. - // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. - PermissionMessage GetMessage_() const; - - const APIPermission::ID id_; - const char* const name_; - const int flags_; - const int l10n_message_id_; - const PermissionMessage::ID message_id_; - const APIPermissionConstructor api_permission_constructor_; -}; - -} // namespace extensions - -#endif // CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ diff --git a/chrome/common/extensions/permissions/api_permission_set.cc b/chrome/common/extensions/permissions/api_permission_set.cc deleted file mode 100644 index e3e46b3..0000000 --- a/chrome/common/extensions/permissions/api_permission_set.cc +++ /dev/null @@ -1,343 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/common/extensions/permissions/api_permission_set.h" - -#include "base/logging.h" -#include "base/stl_util.h" -#include "base/strings/string_number_conversions.h" -#include "base/values.h" -#include "chrome/common/extensions/permissions/permissions_info.h" -#include "extensions/common/error_utils.h" -#include "extensions/common/manifest_constants.h" - -namespace extensions { - -namespace errors = manifest_errors; - -namespace { - -bool CreateAPIPermission( - const std::string& permission_str, - const base::Value* permission_value, - APIPermissionSet::ParseSource source, - APIPermissionSet* api_permissions, - string16* error, - std::vector* unhandled_permissions) { - - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByName(permission_str); - if (permission_info) { - scoped_ptr permission( - permission_info->CreateAPIPermission()); - if (source != APIPermissionSet::kAllowInternalPermissions && - permission_info->is_internal()) { - // An internal permission specified in permissions list is an error. - if (error) { - *error = ErrorUtils::FormatErrorMessageUTF16( - errors::kPermissionNotAllowedInManifest, permission_str); - } - return false; - } - - if (!permission->FromValue(permission_value)) { - if (error) { - *error = ErrorUtils::FormatErrorMessageUTF16( - errors::kInvalidPermission, permission_info->name()); - return false; - } - LOG(WARNING) << "Parse permission failed."; - } else { - api_permissions->insert(permission.release()); - } - return true; - } - - if (unhandled_permissions) - unhandled_permissions->push_back(permission_str); - else - LOG(WARNING) << "Unknown permission[" << permission_str << "]."; - - return true; -} - -bool ParseChildPermissions(const std::string& base_name, - const base::Value* permission_value, - APIPermissionSet::ParseSource source, - APIPermissionSet* api_permissions, - string16* error, - std::vector* unhandled_permissions) { - if (permission_value) { - const base::ListValue* permissions; - if (!permission_value->GetAsList(&permissions)) { - if (error) { - *error = ErrorUtils::FormatErrorMessageUTF16( - errors::kInvalidPermission, base_name); - return false; - } - LOG(WARNING) << "Permission value is not a list."; - // Failed to parse, but since error is NULL, failures are not fatal so - // return true here anyway. - return true; - } - - for (size_t i = 0; i < permissions->GetSize(); ++i) { - std::string permission_str; - if (!permissions->GetString(i, &permission_str)) { - // permission should be a string - if (error) { - *error = ErrorUtils::FormatErrorMessageUTF16( - errors::kInvalidPermission, - base_name + '.' + base::IntToString(i)); - return false; - } - LOG(WARNING) << "Permission is not a string."; - continue; - } - - if (!CreateAPIPermission( - base_name + '.' + permission_str, NULL, source, - api_permissions, error, unhandled_permissions)) - return false; - } - } - - return CreateAPIPermission(base_name, NULL, source, - api_permissions, error, NULL); -} - -} // namespace - -APIPermissionSet::APIPermissionSet() { -} - -APIPermissionSet::APIPermissionSet(const APIPermissionSet& set) { - this->operator=(set); -} - -APIPermissionSet::~APIPermissionSet() { -} - -APIPermissionSet::const_iterator::const_iterator( - const APIPermissionMap::const_iterator& it) - : it_(it) { -} - -APIPermissionSet::const_iterator::const_iterator( - const const_iterator& ids_it) - : it_(ids_it.it_) { -} - -APIPermissionSet& APIPermissionSet::operator=(const APIPermissionSet& rhs) { - const_iterator it = rhs.begin(); - const const_iterator end = rhs.end(); - while (it != end) { - insert(it->Clone()); - ++it; - } - return *this; -} - -bool APIPermissionSet::operator==(const APIPermissionSet& rhs) const { - const_iterator it = begin(); - const_iterator rhs_it = rhs.begin(); - const_iterator it_end = end(); - const_iterator rhs_it_end = rhs.end(); - - while (it != it_end && rhs_it != rhs_it_end) { - if (!it->Equal(*rhs_it)) - return false; - ++it; - ++rhs_it; - } - return it == it_end && rhs_it == rhs_it_end; -} - -void APIPermissionSet::insert(APIPermission::ID id) { - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByID(id); - insert(permission_info->CreateAPIPermission()); -} - -void APIPermissionSet::insert(APIPermission* permission) { - map_[permission->id()].reset(permission); -} - -bool APIPermissionSet::Contains(const APIPermissionSet& rhs) const { - APIPermissionSet::const_iterator it1 = begin(); - APIPermissionSet::const_iterator it2 = rhs.begin(); - APIPermissionSet::const_iterator end1 = end(); - APIPermissionSet::const_iterator end2 = rhs.end(); - - while (it1 != end1 && it2 != end2) { - if (it1->id() > it2->id()) { - return false; - } else if (it1->id() < it2->id()) { - ++it1; - } else { - if (!it1->Contains(*it2)) - return false; - ++it1; - ++it2; - } - } - - return it2 == end2; -} - -void APIPermissionSet::Difference( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3) { - CHECK(set3); - set3->clear(); - - APIPermissionSet::const_iterator it1 = set1.begin(); - APIPermissionSet::const_iterator it2 = set2.begin(); - const APIPermissionSet::const_iterator end1 = set1.end(); - const APIPermissionSet::const_iterator end2 = set2.end(); - - while (it1 != end1 && it2 != end2) { - if (it1->id() < it2->id()) { - set3->insert(it1->Clone()); - ++it1; - } else if (it1->id() > it2->id()) { - ++it2; - } else { - APIPermission* p = it1->Diff(*it2); - if (p) - set3->insert(p); - ++it1; - ++it2; - } - } - - while (it1 != end1) { - set3->insert(it1->Clone()); - ++it1; - } -} - -void APIPermissionSet::Intersection( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3) { - DCHECK(set3); - set3->clear(); - - APIPermissionSet::const_iterator it1 = set1.begin(); - APIPermissionSet::const_iterator it2 = set2.begin(); - const APIPermissionSet::const_iterator end1 = set1.end(); - const APIPermissionSet::const_iterator end2 = set2.end(); - - while (it1 != end1 && it2 != end2) { - if (it1->id() < it2->id()) { - ++it1; - } else if (it1->id() > it2->id()) { - ++it2; - } else { - APIPermission* p = it1->Intersect(*it2); - if (p) - set3->insert(p); - ++it1; - ++it2; - } - } -} - -void APIPermissionSet::Union( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3) { - DCHECK(set3); - set3->clear(); - - APIPermissionSet::const_iterator it1 = set1.begin(); - APIPermissionSet::const_iterator it2 = set2.begin(); - const APIPermissionSet::const_iterator end1 = set1.end(); - const APIPermissionSet::const_iterator end2 = set2.end(); - - while (true) { - if (it1 == end1) { - while (it2 != end2) { - set3->insert(it2->Clone()); - ++it2; - } - break; - } - if (it2 == end2) { - while (it1 != end1) { - set3->insert(it1->Clone()); - ++it1; - } - break; - } - if (it1->id() < it2->id()) { - set3->insert(it1->Clone()); - ++it1; - } else if (it1->id() > it2->id()) { - set3->insert(it2->Clone()); - ++it2; - } else { - set3->insert(it1->Union(*it2)); - ++it1; - ++it2; - } - } -} - -// static -bool APIPermissionSet::ParseFromJSON( - const base::ListValue* permissions, - APIPermissionSet::ParseSource source, - APIPermissionSet* api_permissions, - string16* error, - std::vector* unhandled_permissions) { - for (size_t i = 0; i < permissions->GetSize(); ++i) { - std::string permission_str; - const base::Value* permission_value = NULL; - if (!permissions->GetString(i, &permission_str)) { - const base::DictionaryValue* dict = NULL; - // permission should be a string or a single key dict. - if (!permissions->GetDictionary(i, &dict) || dict->size() != 1) { - if (error) { - *error = ErrorUtils::FormatErrorMessageUTF16( - errors::kInvalidPermission, base::IntToString(i)); - return false; - } - LOG(WARNING) << "Permission is not a string or single key dict."; - continue; - } - base::DictionaryValue::Iterator it(*dict); - permission_str = it.key(); - permission_value = &it.value(); - } - - // Check if this permission is a special case where its value should - // be treated as a list of child permissions. - if (PermissionsInfo::GetInstance()->HasChildPermissions(permission_str)) { - if (!ParseChildPermissions(permission_str, permission_value, source, - api_permissions, error, unhandled_permissions)) - return false; - continue; - } - - if (!CreateAPIPermission(permission_str, permission_value, source, - api_permissions, error, unhandled_permissions)) - return false; - } - return true; -} - -void APIPermissionSet::AddImpliedPermissions() { - // The fileSystem.write and fileSystem.directory permissions imply - // fileSystem.writeDirectory. - // TODO(sammc): Remove this. See http://crbug.com/284849. - if (ContainsKey(map_, APIPermission::kFileSystemWrite) && - ContainsKey(map_, APIPermission::kFileSystemDirectory)) { - insert(APIPermission::kFileSystemWriteDirectory); - } -} - -} // namespace extensions diff --git a/chrome/common/extensions/permissions/api_permission_set.h b/chrome/common/extensions/permissions/api_permission_set.h deleted file mode 100644 index c3ef583..0000000 --- a/chrome/common/extensions/permissions/api_permission_set.h +++ /dev/null @@ -1,173 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_SET_H_ -#define CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_SET_H_ - -#include -#include - -#include "base/memory/linked_ptr.h" -#include "chrome/common/extensions/permissions/api_permission.h" - -namespace base { -class ListValue; -} // namespace base - -namespace extensions { - -class Extension; - -typedef std::map > APIPermissionMap; - -class APIPermissionSet { - public: - class const_iterator : - public std::iterator { - public: - const_iterator(const APIPermissionMap::const_iterator& it); - const_iterator(const const_iterator& ids_it); - - const_iterator& operator++() { - ++it_; - return *this; - } - - const_iterator operator++(int) { - const_iterator tmp(it_++); - return tmp; - } - - bool operator==(const const_iterator& rhs) const { - return it_ == rhs.it_; - } - - bool operator!=(const const_iterator& rhs) const { - return it_ != rhs.it_; - } - - const APIPermission* operator*() const { - return it_->second.get(); - } - - const APIPermission* operator->() const { - return it_->second.get(); - } - - private: - APIPermissionMap::const_iterator it_; - }; - - enum ParseSource { - // Don't allow internal permissions to be parsed (e.g. entries in the - // "permissions" list in a manifest). - kDisallowInternalPermissions, - - // Allow internal permissions to be parsed (e.g. from the "api" field of a - // permissions list in the prefs). - kAllowInternalPermissions, - }; - - APIPermissionSet(); - - APIPermissionSet(const APIPermissionSet& set); - - ~APIPermissionSet(); - - const_iterator begin() const { - return const_iterator(map().begin()); - } - - const_iterator end() const { - return map().end(); - } - - const_iterator find(APIPermission::ID id) const { - return map().find(id); - } - - const APIPermissionMap& map() const { - return map_; - } - - APIPermissionMap& map() { - return map_; - } - - void clear() { - map_.clear(); - } - - size_t count(APIPermission::ID id) const { - return map().count(id); - } - - bool empty() const { - return map().empty(); - } - - size_t erase(APIPermission::ID id) { - return map().erase(id); - } - - size_t size() const { - return map().size(); - } - - APIPermissionSet& operator=(const APIPermissionSet& rhs); - - bool operator==(const APIPermissionSet& rhs) const; - - bool operator!=(const APIPermissionSet& rhs) const { - return !operator==(rhs); - } - - void insert(APIPermission::ID id); - - // Insert |permission| into the APIPermissionSet. The APIPermissionSet will - // take the ownership of |permission|, - void insert(APIPermission* permission); - - bool Contains(const APIPermissionSet& rhs) const; - - static void Difference( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3); - - static void Intersection( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3); - - static void Union( - const APIPermissionSet& set1, - const APIPermissionSet& set2, - APIPermissionSet* set3); - - // Parses permissions from |permissions| and adds the parsed permissions to - // |api_permissions|. If |source| is kDisallowInternalPermissions, treat - // permissions with kFlagInternal as errors. If |unhandled_permissions| - // is not NULL, the names of all permissions that couldn't be parsed will be - // added to this vector. If |error| is NULL, parsing will continue with the - // next permission if invalid data is detected. If |error| is not NULL, it - // will be set to an error message and false is returned when an invalid - // permission is found. - static bool ParseFromJSON( - const base::ListValue* permissions, - ParseSource source, - APIPermissionSet* api_permissions, - string16* error, - std::vector* unhandled_permissions); - - void AddImpliedPermissions(); - - private: - APIPermissionMap map_; -}; - -} // namespace extensions - -#endif // CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_SET_H_ diff --git a/chrome/common/extensions/permissions/api_permission_set_unittest.cc b/chrome/common/extensions/permissions/api_permission_set_unittest.cc deleted file mode 100644 index ae4b3be..0000000 --- a/chrome/common/extensions/permissions/api_permission_set_unittest.cc +++ /dev/null @@ -1,333 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "base/pickle.h" -#include "base/values.h" -#include "chrome/common/extensions/extension_messages.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" -#include "chrome/common/extensions/permissions/permissions_info.h" -#include "ipc/ipc_message.h" -#include "testing/gtest/include/gtest/gtest.h" - -namespace extensions { - -TEST(APIPermissionSetTest, General) { - APIPermissionSet apis; - apis.insert(APIPermission::kTab); - apis.insert(APIPermission::kBackground); - apis.insert(APIPermission::kProxy); - apis.insert(APIPermission::kClipboardWrite); - apis.insert(APIPermission::kPlugin); - - EXPECT_EQ(apis.find(APIPermission::kProxy)->id(), APIPermission::kProxy); - EXPECT_TRUE(apis.find(APIPermission::kSocket) == apis.end()); - - EXPECT_EQ(apis.size(), 5u); - - EXPECT_EQ(apis.erase(APIPermission::kTab), 1u); - EXPECT_EQ(apis.size(), 4u); - - EXPECT_EQ(apis.erase(APIPermission::kTab), 0u); - EXPECT_EQ(apis.size(), 4u); -} - -TEST(APIPermissionSetTest, CreateUnion) { - APIPermission* permission = NULL; - - APIPermissionSet apis1; - APIPermissionSet apis2; - APIPermissionSet expected_apis; - APIPermissionSet result; - - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - - // Union with an empty set. - apis1.insert(APIPermission::kTab); - apis1.insert(APIPermission::kBackground); - apis1.insert(permission->Clone()); - expected_apis.insert(APIPermission::kTab); - expected_apis.insert(APIPermission::kBackground); - expected_apis.insert(permission); - - APIPermissionSet::Union(apis1, apis2, &result); - - EXPECT_TRUE(apis1.Contains(apis2)); - EXPECT_TRUE(apis1.Contains(result)); - EXPECT_FALSE(apis2.Contains(apis1)); - EXPECT_FALSE(apis2.Contains(result)); - EXPECT_TRUE(result.Contains(apis1)); - EXPECT_TRUE(result.Contains(apis2)); - - EXPECT_EQ(expected_apis, result); - - // Now use a real second set. - apis2.insert(APIPermission::kTab); - apis2.insert(APIPermission::kProxy); - apis2.insert(APIPermission::kClipboardWrite); - apis2.insert(APIPermission::kPlugin); - - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-send-to::8899")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis2.insert(permission); - - expected_apis.insert(APIPermission::kTab); - expected_apis.insert(APIPermission::kProxy); - expected_apis.insert(APIPermission::kClipboardWrite); - expected_apis.insert(APIPermission::kPlugin); - - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - value->Append(new base::StringValue("udp-send-to::8899")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - // Insert a new socket permission which will replace the old one. - expected_apis.insert(permission); - - APIPermissionSet::Union(apis1, apis2, &result); - - EXPECT_FALSE(apis1.Contains(apis2)); - EXPECT_FALSE(apis1.Contains(result)); - EXPECT_FALSE(apis2.Contains(apis1)); - EXPECT_FALSE(apis2.Contains(result)); - EXPECT_TRUE(result.Contains(apis1)); - EXPECT_TRUE(result.Contains(apis2)); - - EXPECT_EQ(expected_apis, result); -} - -TEST(APIPermissionSetTest, CreateIntersection) { - APIPermission* permission = NULL; - - APIPermissionSet apis1; - APIPermissionSet apis2; - APIPermissionSet expected_apis; - APIPermissionSet result; - - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); - - // Intersection with an empty set. - apis1.insert(APIPermission::kTab); - apis1.insert(APIPermission::kBackground); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis1.insert(permission); - - APIPermissionSet::Intersection(apis1, apis2, &result); - EXPECT_TRUE(apis1.Contains(result)); - EXPECT_TRUE(apis2.Contains(result)); - EXPECT_TRUE(apis1.Contains(apis2)); - EXPECT_FALSE(apis2.Contains(apis1)); - EXPECT_FALSE(result.Contains(apis1)); - EXPECT_TRUE(result.Contains(apis2)); - - EXPECT_TRUE(result.empty()); - EXPECT_EQ(expected_apis, result); - - // Now use a real second set. - apis2.insert(APIPermission::kTab); - apis2.insert(APIPermission::kProxy); - apis2.insert(APIPermission::kClipboardWrite); - apis2.insert(APIPermission::kPlugin); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - value->Append(new base::StringValue("udp-send-to::8899")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis2.insert(permission); - - expected_apis.insert(APIPermission::kTab); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - expected_apis.insert(permission); - - APIPermissionSet::Intersection(apis1, apis2, &result); - - EXPECT_TRUE(apis1.Contains(result)); - EXPECT_TRUE(apis2.Contains(result)); - EXPECT_FALSE(apis1.Contains(apis2)); - EXPECT_FALSE(apis2.Contains(apis1)); - EXPECT_FALSE(result.Contains(apis1)); - EXPECT_FALSE(result.Contains(apis2)); - - EXPECT_EQ(expected_apis, result); -} - -TEST(APIPermissionSetTest, CreateDifference) { - APIPermission* permission = NULL; - - APIPermissionSet apis1; - APIPermissionSet apis2; - APIPermissionSet expected_apis; - APIPermissionSet result; - - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); - - // Difference with an empty set. - apis1.insert(APIPermission::kTab); - apis1.insert(APIPermission::kBackground); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis1.insert(permission); - - APIPermissionSet::Difference(apis1, apis2, &result); - - EXPECT_EQ(apis1, result); - - // Now use a real second set. - apis2.insert(APIPermission::kTab); - apis2.insert(APIPermission::kProxy); - apis2.insert(APIPermission::kClipboardWrite); - apis2.insert(APIPermission::kPlugin); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-send-to::8899")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis2.insert(permission); - - expected_apis.insert(APIPermission::kBackground); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - expected_apis.insert(permission); - - APIPermissionSet::Difference(apis1, apis2, &result); - - EXPECT_TRUE(apis1.Contains(result)); - EXPECT_FALSE(apis2.Contains(result)); - - EXPECT_EQ(expected_apis, result); - - // |result| = |apis1| - |apis2| --> |result| intersect |apis2| == empty_set - APIPermissionSet result2; - APIPermissionSet::Intersection(result, apis2, &result2); - EXPECT_TRUE(result2.empty()); -} - -TEST(APIPermissionSetTest, IPC) { - APIPermission* permission = NULL; - - APIPermissionSet apis; - APIPermissionSet expected_apis; - - const APIPermissionInfo* permission_info = - PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); - - apis.insert(APIPermission::kTab); - apis.insert(APIPermission::kBackground); - permission = permission_info->CreateAPIPermission(); - { - scoped_ptr value(new base::ListValue()); - value->Append(new base::StringValue("tcp-connect:*.example.com:80")); - value->Append(new base::StringValue("udp-bind::8080")); - value->Append(new base::StringValue("udp-send-to::8888")); - if (!permission->FromValue(value.get())) { - NOTREACHED(); - } - } - apis.insert(permission); - - EXPECT_NE(apis, expected_apis); - - IPC::Message m; - WriteParam(&m, apis); - PickleIterator iter(m); - CHECK(ReadParam(&m, &iter, &expected_apis)); - EXPECT_EQ(apis, expected_apis); -} - -TEST(APIPermissionSetTest, ImplicitPermissions) { - APIPermissionSet apis; - apis.insert(APIPermission::kFileSystemWrite); - apis.AddImpliedPermissions(); - - EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(), - APIPermission::kFileSystemWrite); - EXPECT_EQ(apis.size(), 1u); - - apis.erase(APIPermission::kFileSystemWrite); - apis.insert(APIPermission::kFileSystemDirectory); - apis.AddImpliedPermissions(); - - EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(), - APIPermission::kFileSystemDirectory); - EXPECT_EQ(apis.size(), 1u); - - apis.insert(APIPermission::kFileSystemWrite); - apis.AddImpliedPermissions(); - - EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(), - APIPermission::kFileSystemWrite); - EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(), - APIPermission::kFileSystemDirectory); - EXPECT_EQ(apis.find(APIPermission::kFileSystemWriteDirectory)->id(), - APIPermission::kFileSystemWriteDirectory); - EXPECT_EQ(apis.size(), 3u); -} - -} // namespace extensions diff --git a/chrome/common/extensions/permissions/bluetooth_permission.cc b/chrome/common/extensions/permissions/bluetooth_permission.cc index 984c4a0..4d82868 100644 --- a/chrome/common/extensions/permissions/bluetooth_permission.cc +++ b/chrome/common/extensions/permissions/bluetooth_permission.cc @@ -11,7 +11,7 @@ #include "base/strings/string_util.h" #include "base/strings/utf_string_conversions.h" #include "chrome/common/extensions/permissions/bluetooth_permission_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" +#include "extensions/common/permissions/permissions_info.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/bluetooth_permission.h b/chrome/common/extensions/permissions/bluetooth_permission.h index 7ca8445..5eea337 100644 --- a/chrome/common/extensions/permissions/bluetooth_permission.h +++ b/chrome/common/extensions/permissions/bluetooth_permission.h @@ -7,9 +7,9 @@ #include -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/bluetooth_permission_data.h" #include "chrome/common/extensions/permissions/set_disjunction_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/bluetooth_permission_data.h b/chrome/common/extensions/permissions/bluetooth_permission_data.h index 9ae5dd4..25413d4 100644 --- a/chrome/common/extensions/permissions/bluetooth_permission_data.h +++ b/chrome/common/extensions/permissions/bluetooth_permission_data.h @@ -8,7 +8,7 @@ #include #include "base/memory/scoped_ptr.h" -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace base { diff --git a/chrome/common/extensions/permissions/chrome_api_permissions.cc b/chrome/common/extensions/permissions/chrome_api_permissions.cc index 55b10a9..3eed610 100644 --- a/chrome/common/extensions/permissions/chrome_api_permissions.cc +++ b/chrome/common/extensions/permissions/chrome_api_permissions.cc @@ -4,14 +4,14 @@ #include "chrome/common/extensions/permissions/chrome_api_permissions.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/bluetooth_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/socket_permission.h" #include "chrome/common/extensions/permissions/usb_device_permission.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission_set.h" #include "extensions/common/permissions/permission_message.h" +#include "extensions/common/permissions/permissions_info.h" #include "grit/generated_resources.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/chrome_scheme_hosts.cc b/chrome/common/extensions/permissions/chrome_scheme_hosts.cc index 6833597..722d20c 100644 --- a/chrome/common/extensions/permissions/chrome_scheme_hosts.cc +++ b/chrome/common/extensions/permissions/chrome_scheme_hosts.cc @@ -3,9 +3,9 @@ // found in the LICENSE file. #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/chrome_scheme_hosts.h" #include "chrome/common/url_constants.h" +#include "extensions/common/permissions/api_permission_set.h" #include "extensions/common/url_pattern.h" #include "extensions/common/url_pattern_set.h" diff --git a/chrome/common/extensions/permissions/media_galleries_permission.cc b/chrome/common/extensions/permissions/media_galleries_permission.cc index f3cd7af..807e600 100644 --- a/chrome/common/extensions/permissions/media_galleries_permission.cc +++ b/chrome/common/extensions/permissions/media_galleries_permission.cc @@ -10,7 +10,7 @@ #include "base/logging.h" #include "base/strings/string16.h" #include "base/strings/utf_string_conversions.h" -#include "chrome/common/extensions/permissions/permissions_info.h" +#include "extensions/common/permissions/permissions_info.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/media_galleries_permission.h b/chrome/common/extensions/permissions/media_galleries_permission.h index c94bd1c..831a4f6 100644 --- a/chrome/common/extensions/permissions/media_galleries_permission.h +++ b/chrome/common/extensions/permissions/media_galleries_permission.h @@ -6,9 +6,9 @@ #define CHROME_COMMON_EXTENSIONS_PERMISSIONS_MEDIA_GALLERIES_PERMISSION_H_ #include "base/basictypes.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission_data.h" #include "chrome/common/extensions/permissions/set_disjunction_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/media_galleries_permission_data.h b/chrome/common/extensions/permissions/media_galleries_permission_data.h index 896242d..9d13eae 100644 --- a/chrome/common/extensions/permissions/media_galleries_permission_data.h +++ b/chrome/common/extensions/permissions/media_galleries_permission_data.h @@ -9,7 +9,7 @@ #include "base/basictypes.h" #include "base/memory/scoped_ptr.h" -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace base { class Value; diff --git a/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc b/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc index f3cb3a8..b6dbf70 100644 --- a/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc +++ b/chrome/common/extensions/permissions/media_galleries_permission_unittest.cc @@ -5,10 +5,10 @@ // These tests make sure MediaGalleriesPermission values are parsed correctly. #include "base/values.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission.h" #include "chrome/common/extensions/permissions/media_galleries_permission_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/permissions_info.h" #include "testing/gtest/include/gtest/gtest.h" using content::SocketPermissionRequest; diff --git a/chrome/common/extensions/permissions/permission_set.cc b/chrome/common/extensions/permissions/permission_set.cc index 7406bb5..d027605 100644 --- a/chrome/common/extensions/permissions/permission_set.cc +++ b/chrome/common/extensions/permissions/permission_set.cc @@ -10,9 +10,9 @@ #include "base/stl_util.h" #include "chrome/common/extensions/permissions/permission_message_util.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "content/public/common/url_constants.h" #include "extensions/common/extensions_client.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/url_pattern.h" #include "extensions/common/url_pattern_set.h" #include "grit/generated_resources.h" diff --git a/chrome/common/extensions/permissions/permission_set.h b/chrome/common/extensions/permissions/permission_set.h index 0083a08..0f78bda 100644 --- a/chrome/common/extensions/permissions/permission_set.h +++ b/chrome/common/extensions/permissions/permission_set.h @@ -14,9 +14,9 @@ #include "base/memory/ref_counted.h" #include "base/memory/singleton.h" #include "base/strings/string16.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "extensions/common/manifest.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission_set.h" #include "extensions/common/permissions/permission_message.h" #include "extensions/common/url_pattern_set.h" diff --git a/chrome/common/extensions/permissions/permission_set_unittest.cc b/chrome/common/extensions/permissions/permission_set_unittest.cc index 9cbd689..a2fa1d0 100644 --- a/chrome/common/extensions/permissions/permission_set_unittest.cc +++ b/chrome/common/extensions/permissions/permission_set_unittest.cc @@ -14,9 +14,9 @@ #include "chrome/common/extensions/features/feature_channel.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/socket_permission.h" #include "extensions/common/error_utils.h" +#include "extensions/common/permissions/permissions_info.h" #include "testing/gtest/include/gtest/gtest.h" using extension_test_util::LoadManifest; diff --git a/chrome/common/extensions/permissions/permissions_data.cc b/chrome/common/extensions/permissions/permissions_data.cc index 0e8adc6..817259f 100644 --- a/chrome/common/extensions/permissions/permissions_data.cc +++ b/chrome/common/extensions/permissions/permissions_data.cc @@ -12,10 +12,8 @@ #include "base/strings/utf_string_conversions.h" #include "base/values.h" #include "chrome/common/extensions/extension.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" #include "chrome/common/extensions/permissions/chrome_scheme_hosts.h" #include "chrome/common/extensions/permissions/permission_set.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "content/public/common/url_constants.h" #include "extensions/common/constants.h" #include "extensions/common/error_utils.h" @@ -24,6 +22,8 @@ #include "extensions/common/manifest.h" #include "extensions/common/manifest_constants.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission_set.h" +#include "extensions/common/permissions/permissions_info.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" #include "extensions/common/user_script.h" diff --git a/chrome/common/extensions/permissions/permissions_data.h b/chrome/common/extensions/permissions/permissions_data.h index 8ca7e63..60534ec 100644 --- a/chrome/common/extensions/permissions/permissions_data.h +++ b/chrome/common/extensions/permissions/permissions_data.h @@ -12,7 +12,7 @@ #include "base/memory/scoped_ptr.h" #include "base/strings/string16.h" #include "base/synchronization/lock.h" -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" #include "extensions/common/permissions/permission_message.h" class GURL; diff --git a/chrome/common/extensions/permissions/permissions_data_unittest.cc b/chrome/common/extensions/permissions/permissions_data_unittest.cc index 1fc56c5..92ec84c 100644 --- a/chrome/common/extensions/permissions/permissions_data_unittest.cc +++ b/chrome/common/extensions/permissions/permissions_data_unittest.cc @@ -12,7 +12,6 @@ #include "chrome/common/extensions/extension.h" #include "chrome/common/extensions/extension_test_util.h" #include "chrome/common/extensions/features/feature_channel.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/permission_set.h" #include "chrome/common/extensions/permissions/permissions_data.h" #include "chrome/common/extensions/permissions/socket_permission.h" @@ -20,6 +19,7 @@ #include "extensions/common/error_utils.h" #include "extensions/common/id_util.h" #include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/api_permission.h" #include "extensions/common/switches.h" #include "extensions/common/url_pattern_set.h" #include "testing/gtest/include/gtest/gtest.h" diff --git a/chrome/common/extensions/permissions/permissions_info.cc b/chrome/common/extensions/permissions/permissions_info.cc deleted file mode 100644 index ec251e8..0000000 --- a/chrome/common/extensions/permissions/permissions_info.cc +++ /dev/null @@ -1,101 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#include "chrome/common/extensions/permissions/permissions_info.h" - -#include "base/lazy_instance.h" -#include "base/logging.h" -#include "base/stl_util.h" -#include "base/strings/string_util.h" -#include "extensions/common/extensions_client.h" - -namespace extensions { - -static base::LazyInstance g_permissions_info = - LAZY_INSTANCE_INITIALIZER; - -// static -PermissionsInfo* PermissionsInfo::GetInstance() { - return g_permissions_info.Pointer(); -} - -PermissionsInfo::~PermissionsInfo() { - STLDeleteContainerPairSecondPointers(id_map_.begin(), id_map_.end()); -} - -const APIPermissionInfo* PermissionsInfo::GetByID( - APIPermission::ID id) const { - IDMap::const_iterator i = id_map_.find(id); - return (i == id_map_.end()) ? NULL : i->second; -} - -const APIPermissionInfo* PermissionsInfo::GetByName( - const std::string& name) const { - NameMap::const_iterator i = name_map_.find(name); - return (i == name_map_.end()) ? NULL : i->second; -} - -APIPermissionSet PermissionsInfo::GetAll() const { - APIPermissionSet permissions; - for (IDMap::const_iterator i = id_map_.begin(); i != id_map_.end(); ++i) - permissions.insert(i->second->id()); - return permissions; -} - -APIPermissionSet PermissionsInfo::GetAllByName( - const std::set& permission_names) const { - APIPermissionSet permissions; - for (std::set::const_iterator i = permission_names.begin(); - i != permission_names.end(); ++i) { - const APIPermissionInfo* permission_info = GetByName(*i); - if (permission_info) - permissions.insert(permission_info->id()); - } - return permissions; -} - -bool PermissionsInfo::HasChildPermissions(const std::string& name) const { - NameMap::const_iterator i = name_map_.lower_bound(name + '.'); - if (i == name_map_.end()) return false; - return StartsWithASCII(i->first, name + '.', true); -} - -PermissionsInfo::PermissionsInfo() - : hosted_app_permission_count_(0), - permission_count_(0) { - DCHECK(ExtensionsClient::Get()); - InitializeWithProvider(ExtensionsClient::Get()->GetPermissionsProvider()); -} - -void PermissionsInfo::InitializeWithProvider( - const PermissionsProvider& provider) { - std::vector permissions = provider.GetAllPermissions(); - std::vector aliases = - provider.GetAllAliases(); - - for (size_t i = 0; i < permissions.size(); ++i) - RegisterPermission(permissions[i]); - for (size_t i = 0; i < aliases.size(); ++i) - RegisterAlias(aliases[i].name, aliases[i].alias); -} - -void PermissionsInfo::RegisterAlias( - const char* name, - const char* alias) { - DCHECK(ContainsKey(name_map_, name)); - DCHECK(!ContainsKey(name_map_, alias)); - name_map_[alias] = name_map_[name]; -} - -void PermissionsInfo::RegisterPermission(APIPermissionInfo* permission) { - DCHECK(!ContainsKey(id_map_, permission->id())); - DCHECK(!ContainsKey(name_map_, permission->name())); - - id_map_[permission->id()] = permission; - name_map_[permission->name()] = permission; - - permission_count_++; -} - -} // namespace extensions diff --git a/chrome/common/extensions/permissions/permissions_info.h b/chrome/common/extensions/permissions/permissions_info.h deleted file mode 100644 index c459c2b..0000000 --- a/chrome/common/extensions/permissions/permissions_info.h +++ /dev/null @@ -1,81 +0,0 @@ -// Copyright (c) 2012 The Chromium Authors. All rights reserved. -// Use of this source code is governed by a BSD-style license that can be -// found in the LICENSE file. - -#ifndef CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSIONS_INFO_H_ -#define CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSIONS_INFO_H_ - -#include -#include -#include - -#include "base/callback.h" -#include "base/lazy_instance.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/api_permission_set.h" -#include "extensions/common/permissions/permission_message.h" -#include "extensions/common/permissions/permissions_provider.h" - -namespace extensions { - -// A global object that holds the extension permission instances and provides -// methods for accessing them. -class PermissionsInfo { - public: - static PermissionsInfo* GetInstance(); - - virtual ~PermissionsInfo(); - - // Returns the permission with the given |id|, and NULL if it doesn't exist. - const APIPermissionInfo* GetByID(APIPermission::ID id) const; - - // Returns the permission with the given |name|, and NULL if none - // exists. - const APIPermissionInfo* GetByName(const std::string& name) const; - - // Returns a set containing all valid api permission ids. - APIPermissionSet GetAll() const; - - // Converts all the permission names in |permission_names| to permission ids. - APIPermissionSet GetAllByName( - const std::set& permission_names) const; - - // Checks if any permissions have names that start with |name| followed by a - // period. - bool HasChildPermissions(const std::string& name) const; - - // Gets the total number of API permissions. - size_t get_permission_count() const { return permission_count_; } - - private: - friend struct base::DefaultLazyInstanceTraits; - - PermissionsInfo(); - - // Initializes the permissions from the provider. - void InitializeWithProvider(const PermissionsProvider& provider); - - // Registers an |alias| for a given permission |name|. - void RegisterAlias(const char* name, const char* alias); - - // Registers a permission with the specified attributes and flags. - void RegisterPermission(APIPermissionInfo* permission); - - // Maps permission ids to permissions. - typedef std::map IDMap; - - // Maps names and aliases to permissions. - typedef std::map NameMap; - - IDMap id_map_; - NameMap name_map_; - - size_t hosted_app_permission_count_; - size_t permission_count_; - - DISALLOW_COPY_AND_ASSIGN(PermissionsInfo); -}; - -} // namespace extensions - -#endif // CHROME_COMMON_EXTENSIONS_PERMISSIONS_PERMISSIONS_INFO_H_ diff --git a/chrome/common/extensions/permissions/set_disjunction_permission.h b/chrome/common/extensions/permissions/set_disjunction_permission.h index dd6f9b3..97388ba 100644 --- a/chrome/common/extensions/permissions/set_disjunction_permission.h +++ b/chrome/common/extensions/permissions/set_disjunction_permission.h @@ -12,7 +12,7 @@ #include "base/memory/scoped_ptr.h" #include "base/values.h" #include "chrome/common/extensions/extension_messages.h" -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" #include "ipc/ipc_message.h" #include "ipc/ipc_message_utils.h" diff --git a/chrome/common/extensions/permissions/socket_permission.cc b/chrome/common/extensions/permissions/socket_permission.cc index 9f2c35c..d640cbe 100644 --- a/chrome/common/extensions/permissions/socket_permission.cc +++ b/chrome/common/extensions/permissions/socket_permission.cc @@ -9,8 +9,8 @@ #include "base/logging.h" #include "base/memory/scoped_ptr.h" #include "base/strings/utf_string_conversions.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/set_disjunction_permission.h" +#include "extensions/common/permissions/permissions_info.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/socket_permission.h b/chrome/common/extensions/permissions/socket_permission.h index a3bc4f3..5f3373e 100644 --- a/chrome/common/extensions/permissions/socket_permission.h +++ b/chrome/common/extensions/permissions/socket_permission.h @@ -7,9 +7,9 @@ #include -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/set_disjunction_permission.h" #include "chrome/common/extensions/permissions/socket_permission_data.h" +#include "extensions/common/permissions/api_permission.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/socket_permission_data.cc b/chrome/common/extensions/permissions/socket_permission_data.cc index e87fd84..b110cb50 100644 --- a/chrome/common/extensions/permissions/socket_permission_data.cc +++ b/chrome/common/extensions/permissions/socket_permission_data.cc @@ -13,8 +13,8 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/string_split.h" #include "base/strings/string_util.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/socket_permission.h" +#include "extensions/common/permissions/api_permission.h" #include "url/url_canon.h" namespace { diff --git a/chrome/common/extensions/permissions/socket_permission_data.h b/chrome/common/extensions/permissions/socket_permission_data.h index d647568..8eeee16 100644 --- a/chrome/common/extensions/permissions/socket_permission_data.h +++ b/chrome/common/extensions/permissions/socket_permission_data.h @@ -6,8 +6,8 @@ #include -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/socket_permission_entry.h" +#include "extensions/common/permissions/api_permission.h" #include "ipc/ipc_param_traits.h" template struct FuzzTraits; diff --git a/chrome/common/extensions/permissions/socket_permission_entry.cc b/chrome/common/extensions/permissions/socket_permission_entry.cc index 17f2ef7..9d9eeea 100644 --- a/chrome/common/extensions/permissions/socket_permission_entry.cc +++ b/chrome/common/extensions/permissions/socket_permission_entry.cc @@ -13,8 +13,8 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/string_split.h" #include "base/strings/string_util.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/socket_permission.h" +#include "extensions/common/permissions/api_permission.h" #include "url/url_canon.h" namespace { diff --git a/chrome/common/extensions/permissions/socket_permission_unittest.cc b/chrome/common/extensions/permissions/socket_permission_unittest.cc index 8d75d73..78bd818 100644 --- a/chrome/common/extensions/permissions/socket_permission_unittest.cc +++ b/chrome/common/extensions/permissions/socket_permission_unittest.cc @@ -6,9 +6,9 @@ #include "base/pickle.h" #include "base/values.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/socket_permission.h" #include "chrome/common/extensions/permissions/socket_permission_data.h" +#include "extensions/common/permissions/permissions_info.h" #include "ipc/ipc_message.h" #include "testing/gtest/include/gtest/gtest.h" diff --git a/chrome/common/extensions/permissions/usb_device_permission.cc b/chrome/common/extensions/permissions/usb_device_permission.cc index ef832c1..3c13936 100644 --- a/chrome/common/extensions/permissions/usb_device_permission.cc +++ b/chrome/common/extensions/permissions/usb_device_permission.cc @@ -10,7 +10,7 @@ #include "base/logging.h" #include "base/strings/string16.h" #include "base/strings/utf_string_conversions.h" -#include "chrome/common/extensions/permissions/permissions_info.h" +#include "extensions/common/permissions/permissions_info.h" #include "grit/generated_resources.h" #include "ui/base/l10n/l10n_util.h" diff --git a/chrome/common/extensions/permissions/usb_device_permission.h b/chrome/common/extensions/permissions/usb_device_permission.h index 211b8ef..3e599f0 100644 --- a/chrome/common/extensions/permissions/usb_device_permission.h +++ b/chrome/common/extensions/permissions/usb_device_permission.h @@ -6,9 +6,9 @@ #define CHROME_COMMON_EXTENSIONS_PERMISSIONS_USB_DEVICE_PERMISSION_H_ #include "base/basictypes.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/set_disjunction_permission.h" #include "chrome/common/extensions/permissions/usb_device_permission_data.h" +#include "extensions/common/permissions/api_permission.h" namespace extensions { diff --git a/chrome/common/extensions/permissions/usb_device_permission_data.cc b/chrome/common/extensions/permissions/usb_device_permission_data.cc index ef94376..9cf32ba 100644 --- a/chrome/common/extensions/permissions/usb_device_permission_data.cc +++ b/chrome/common/extensions/permissions/usb_device_permission_data.cc @@ -12,8 +12,8 @@ #include "base/strings/string_number_conversions.h" #include "base/strings/string_split.h" #include "base/values.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "chrome/common/extensions/permissions/usb_device_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace { diff --git a/chrome/common/extensions/permissions/usb_device_permission_data.h b/chrome/common/extensions/permissions/usb_device_permission_data.h index 30d86e881..c326371 100644 --- a/chrome/common/extensions/permissions/usb_device_permission_data.h +++ b/chrome/common/extensions/permissions/usb_device_permission_data.h @@ -8,7 +8,7 @@ #include "base/basictypes.h" #include "base/memory/scoped_ptr.h" -#include "chrome/common/extensions/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission.h" namespace base { diff --git a/chrome/common/extensions/permissions/usb_device_permission_unittest.cc b/chrome/common/extensions/permissions/usb_device_permission_unittest.cc index 3f7e0b8..a42ad3b 100644 --- a/chrome/common/extensions/permissions/usb_device_permission_unittest.cc +++ b/chrome/common/extensions/permissions/usb_device_permission_unittest.cc @@ -9,10 +9,10 @@ #include "base/pickle.h" #include "base/strings/utf_string_conversions.h" #include "base/values.h" -#include "chrome/common/extensions/permissions/api_permission.h" -#include "chrome/common/extensions/permissions/permissions_info.h" #include "chrome/common/extensions/permissions/usb_device_permission.h" #include "chrome/common/extensions/permissions/usb_device_permission_data.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/permissions_info.h" #include "ipc/ipc_message.h" #include "testing/gtest/include/gtest/gtest.h" diff --git a/chrome/renderer/chrome_render_view_observer.h b/chrome/renderer/chrome_render_view_observer.h index b556e46..b661eaa 100644 --- a/chrome/renderer/chrome_render_view_observer.h +++ b/chrome/renderer/chrome_render_view_observer.h @@ -13,9 +13,9 @@ #include "base/memory/linked_ptr.h" #include "base/memory/scoped_ptr.h" #include "base/timer/timer.h" -#include "chrome/common/extensions/permissions/api_permission.h" #include "content/public/common/top_controls_state.h" #include "content/public/renderer/render_view_observer.h" +#include "extensions/common/permissions/api_permission.h" #include "third_party/WebKit/public/web/WebPermissionClient.h" #include "ui/gfx/size.h" #include "url/gurl.h" diff --git a/extensions/DEPS b/extensions/DEPS index 850ea19..14eae2f 100644 --- a/extensions/DEPS +++ b/extensions/DEPS @@ -9,5 +9,9 @@ include_rules = [ specific_include_rules = { ".*test\.cc": [ "+content/public/test", - ] + ], + "api_permission_set_unittest\.cc": [ + # Temporary include for tests. + "+chrome/common/extensions/extension_messages.h", + ], } diff --git a/extensions/common/permissions/api_permission.cc b/extensions/common/permissions/api_permission.cc new file mode 100644 index 0000000..f183ed2 --- /dev/null +++ b/extensions/common/permissions/api_permission.cc @@ -0,0 +1,143 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "extensions/common/permissions/api_permission.h" + +#include "ui/base/l10n/l10n_util.h" + +namespace { + +using extensions::APIPermission; +using extensions::APIPermissionInfo; +using extensions::PermissionMessage; +using extensions::PermissionMessages; + +class SimpleAPIPermission : public APIPermission { + public: + explicit SimpleAPIPermission(const APIPermissionInfo* permission) + : APIPermission(permission) { } + + virtual ~SimpleAPIPermission() { } + + virtual bool HasMessages() const OVERRIDE { + return info()->message_id() > PermissionMessage::kNone; + } + + virtual PermissionMessages GetMessages() const OVERRIDE { + DCHECK(HasMessages()); + PermissionMessages result; + result.push_back(GetMessage_()); + return result; + } + + virtual bool Check( + const APIPermission::CheckParam* param) const OVERRIDE { + return !param; + } + + virtual bool Contains(const APIPermission* rhs) const OVERRIDE { + CHECK(info() == rhs->info()); + return true; + } + + virtual bool Equal(const APIPermission* rhs) const OVERRIDE { + if (this == rhs) + return true; + CHECK(info() == rhs->info()); + return true; + } + + virtual bool FromValue(const base::Value* value) OVERRIDE { + if (value) + return false; + return true; + } + + virtual scoped_ptr ToValue() const OVERRIDE { + return scoped_ptr(); + } + + virtual APIPermission* Clone() const OVERRIDE { + return new SimpleAPIPermission(info()); + } + + virtual APIPermission* Diff(const APIPermission* rhs) const OVERRIDE { + CHECK(info() == rhs->info()); + return NULL; + } + + virtual APIPermission* Union(const APIPermission* rhs) const OVERRIDE { + CHECK(info() == rhs->info()); + return new SimpleAPIPermission(info()); + } + + virtual APIPermission* Intersect(const APIPermission* rhs) const OVERRIDE { + CHECK(info() == rhs->info()); + return new SimpleAPIPermission(info()); + } + + virtual void Write(IPC::Message* m) const OVERRIDE { } + + virtual bool Read(const IPC::Message* m, PickleIterator* iter) OVERRIDE { + return true; + } + + virtual void Log(std::string* log) const OVERRIDE { } +}; + +} // namespace + +namespace extensions { + +APIPermission::APIPermission(const APIPermissionInfo* info) + : info_(info) { + DCHECK(info_); +} + +APIPermission::~APIPermission() { } + +APIPermission::ID APIPermission::id() const { + return info()->id(); +} + +const char* APIPermission::name() const { + return info()->name(); +} + +PermissionMessage APIPermission::GetMessage_() const { + return info()->GetMessage_(); +} + +// +// APIPermissionInfo +// + +APIPermissionInfo::APIPermissionInfo( + APIPermission::ID id, + const char* name, + int l10n_message_id, + PermissionMessage::ID message_id, + int flags, + APIPermissionConstructor api_permission_constructor) + : id_(id), + name_(name), + flags_(flags), + l10n_message_id_(l10n_message_id), + message_id_(message_id), + api_permission_constructor_(api_permission_constructor) { } + + +APIPermissionInfo::~APIPermissionInfo() { } + +APIPermission* APIPermissionInfo::CreateAPIPermission() const { + return api_permission_constructor_ ? + api_permission_constructor_(this) : new SimpleAPIPermission(this); +} + +PermissionMessage APIPermissionInfo::GetMessage_() const { + return PermissionMessage( + message_id_, l10n_util::GetStringUTF16(l10n_message_id_)); +} + +} // namespace extensions diff --git a/extensions/common/permissions/api_permission.h b/extensions/common/permissions/api_permission.h new file mode 100644 index 0000000..6fbe479 --- /dev/null +++ b/extensions/common/permissions/api_permission.h @@ -0,0 +1,333 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_ +#define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_ + +#include +#include +#include + +#include "base/callback.h" +#include "base/memory/scoped_ptr.h" +#include "base/pickle.h" +#include "base/values.h" +#include "extensions/common/permissions/permission_message.h" + +namespace IPC { +class Message; +} + +namespace extensions { + +class APIPermissionInfo; +class ChromeAPIPermissions; + +// APIPermission is for handling some complex permissions. Please refer to +// extensions::SocketPermission as an example. +// There is one instance per permission per loaded extension. +class APIPermission { + public: + enum ID { + // Error codes. + kInvalid = -2, + kUnknown = -1, + + // Real permissions. + kActiveTab, + kActivityLogPrivate, + kAdView, + kAlarms, + kAppCurrentWindowInternal, + kAppRuntime, + kAppWindow, + kAudio, + kAudioCapture, + kAutoTestPrivate, + kBackground, + kBluetooth, + kBookmark, + kBookmarkManagerPrivate, + kBrailleDisplayPrivate, + kBrowsingData, + kCast, + kChromeosInfoPrivate, + kClipboardRead, + kClipboardWrite, + kCloudPrintPrivate, + kCommandLinePrivate, + kContentSettings, + kContextMenus, + kCookie, + kDiagnostics, + kDial, + kDebugger, + kDeclarative, + kDeclarativeContent, + kDeclarativeWebRequest, + kDesktopCapture, + kDeveloperPrivate, + kDevtools, + kDns, + kDownloads, + kDownloadsInternal, + kDownloadsOpen, + kDownloadsShelf, + kEchoPrivate, + kEnterprisePlatformKeysPrivate, + kExperimental, + kFeedbackPrivate, + kFileBrowserHandler, + kFileBrowserHandlerInternal, + kFileBrowserPrivate, + kFileSystem, + kFileSystemDirectory, + kFileSystemRetainEntries, + kFileSystemWrite, + kFileSystemWriteDirectory, + kFontSettings, + kFullscreen, + kGeolocation, + kHistory, + kIdentity, + kIdentityPrivate, + kIdltest, + kIdle, + kInfobars, + kInput, + kInputMethodPrivate, + kLocation, + kLogPrivate, + kManagement, + kMediaGalleries, + kMediaGalleriesPrivate, + kMediaPlayerPrivate, + kMetricsPrivate, + kMDns, + kMusicManagerPrivate, + kNativeMessaging, + kNetworkingPrivate, + kNotification, + kPageCapture, + kPointerLock, + kPlugin, + kPower, + kPreferencesPrivate, + kPrincipalsPrivate, + kPrivacy, + kProcesses, + kProxy, + kPushMessaging, + kImageWriterPrivate, + kRtcPrivate, + kScreensaver, + kSerial, + kSessions, + kSignedInDevices, + kSocket, + kSocketsUdp, + kStorage, + kStreamsPrivate, + kSyncFileSystem, + kSystemPrivate, + kSystemIndicator, + kSystemDisplay, + kSystemStorage, + kTab, + kTabCapture, + kTabCaptureForTab, + kTerminalPrivate, + kTopSites, + kTts, + kTtsEngine, + kUnlimitedStorage, + kUsb, + kUsbDevice, + kVideoCapture, + kVirtualKeyboardPrivate, + kWallpaper, + kWallpaperPrivate, + kWebConnectable, // for externally_connectable manifest key + kWebNavigation, + kWebRequest, + kWebRequestBlocking, + kWebRequestInternal, + kWebRtc, + kWebrtcLoggingPrivate, + kWebstorePrivate, + kWebView, + kSystemCpu, + kSystemMemory, + kSystemInfoCpu, + kSystemInfoMemory, + kEnumBoundary + }; + + struct CheckParam { + }; + + explicit APIPermission(const APIPermissionInfo* info); + + virtual ~APIPermission(); + + // Returns the id of this permission. + ID id() const; + + // Returns the name of this permission. + const char* name() const; + + // Returns the APIPermission of this permission. + const APIPermissionInfo* info() const { + return info_; + } + + // Returns true if this permission has any PermissionMessages. + virtual bool HasMessages() const = 0; + + // Returns the localized permission messages of this permission. + virtual PermissionMessages GetMessages() const = 0; + + // Returns true if the given permission is allowed. + virtual bool Check(const CheckParam* param) const = 0; + + // Returns true if |rhs| is a subset of this. + virtual bool Contains(const APIPermission* rhs) const = 0; + + // Returns true if |rhs| is equal to this. + virtual bool Equal(const APIPermission* rhs) const = 0; + + // Parses the APIPermission from |value|. Returns false if error happens. + virtual bool FromValue(const base::Value* value) = 0; + + // Stores this into a new created |value|. + virtual scoped_ptr ToValue() const = 0; + + // Clones this. + virtual APIPermission* Clone() const = 0; + + // Returns a new API permission which equals this - |rhs|. + virtual APIPermission* Diff(const APIPermission* rhs) const = 0; + + // Returns a new API permission which equals the union of this and |rhs|. + virtual APIPermission* Union(const APIPermission* rhs) const = 0; + + // Returns a new API permission which equals the intersect of this and |rhs|. + virtual APIPermission* Intersect(const APIPermission* rhs) const = 0; + + // IPC functions + // Writes this into the given IPC message |m|. + virtual void Write(IPC::Message* m) const = 0; + + // Reads from the given IPC message |m|. + virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0; + + // Logs this permission. + virtual void Log(std::string* log) const = 0; + + protected: + // Returns the localized permission message associated with this api. + // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. + PermissionMessage GetMessage_() const; + + private: + const APIPermissionInfo* const info_; +}; + + +// The APIPermissionInfo is an immutable class that describes a single +// named permission (API permission). +// There is one instance per permission. +class APIPermissionInfo { + public: + enum Flag { + kFlagNone = 0, + + // Indicates if the permission implies full access (native code). + kFlagImpliesFullAccess = 1 << 0, + + // Indicates if the permission implies full URL access. + kFlagImpliesFullURLAccess = 1 << 1, + + // Indicates that extensions cannot specify the permission as optional. + kFlagCannotBeOptional = 1 << 3, + + // Indicates that the permission is internal to the extensions + // system and cannot be specified in the "permissions" list. + kFlagInternal = 1 << 4, + }; + + typedef APIPermission* (*APIPermissionConstructor)(const APIPermissionInfo*); + + typedef std::set IDSet; + + ~APIPermissionInfo(); + + // Creates a APIPermission instance. + APIPermission* CreateAPIPermission() const; + + int flags() const { return flags_; } + + APIPermission::ID id() const { return id_; } + + // Returns the message id associated with this permission. + PermissionMessage::ID message_id() const { + return message_id_; + } + + // Returns the name of this permission. + const char* name() const { return name_; } + + // Returns true if this permission implies full access (e.g., native code). + bool implies_full_access() const { + return (flags_ & kFlagImpliesFullAccess) != 0; + } + + // Returns true if this permission implies full URL access. + bool implies_full_url_access() const { + return (flags_ & kFlagImpliesFullURLAccess) != 0; + } + + // Returns true if this permission can be added and removed via the + // optional permissions extension API. + bool supports_optional() const { + return (flags_ & kFlagCannotBeOptional) == 0; + } + + // Returns true if this permission is internal rather than a + // "permissions" list entry. + bool is_internal() const { + return (flags_ & kFlagInternal) != 0; + } + + private: + // Instances should only be constructed from within a + // PermissionsInfo::Delegate. + friend class ChromeAPIPermissions; + // Implementations of APIPermission will want to get the permission message, + // but this class's implementation should be hidden from everyone else. + friend class APIPermission; + + explicit APIPermissionInfo( + APIPermission::ID id, + const char* name, + int l10n_message_id, + PermissionMessage::ID message_id, + int flags, + APIPermissionConstructor api_permission_constructor); + + // Returns the localized permission message associated with this api. + // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. + PermissionMessage GetMessage_() const; + + const APIPermission::ID id_; + const char* const name_; + const int flags_; + const int l10n_message_id_; + const PermissionMessage::ID message_id_; + const APIPermissionConstructor api_permission_constructor_; +}; + +} // namespace extensions + +#endif // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_ diff --git a/extensions/common/permissions/api_permission_set.cc b/extensions/common/permissions/api_permission_set.cc new file mode 100644 index 0000000..ebaf8d8 --- /dev/null +++ b/extensions/common/permissions/api_permission_set.cc @@ -0,0 +1,343 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "extensions/common/permissions/api_permission_set.h" + +#include "base/logging.h" +#include "base/stl_util.h" +#include "base/strings/string_number_conversions.h" +#include "base/values.h" +#include "extensions/common/error_utils.h" +#include "extensions/common/manifest_constants.h" +#include "extensions/common/permissions/permissions_info.h" + +namespace extensions { + +namespace errors = manifest_errors; + +namespace { + +bool CreateAPIPermission( + const std::string& permission_str, + const base::Value* permission_value, + APIPermissionSet::ParseSource source, + APIPermissionSet* api_permissions, + string16* error, + std::vector* unhandled_permissions) { + + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByName(permission_str); + if (permission_info) { + scoped_ptr permission( + permission_info->CreateAPIPermission()); + if (source != APIPermissionSet::kAllowInternalPermissions && + permission_info->is_internal()) { + // An internal permission specified in permissions list is an error. + if (error) { + *error = ErrorUtils::FormatErrorMessageUTF16( + errors::kPermissionNotAllowedInManifest, permission_str); + } + return false; + } + + if (!permission->FromValue(permission_value)) { + if (error) { + *error = ErrorUtils::FormatErrorMessageUTF16( + errors::kInvalidPermission, permission_info->name()); + return false; + } + LOG(WARNING) << "Parse permission failed."; + } else { + api_permissions->insert(permission.release()); + } + return true; + } + + if (unhandled_permissions) + unhandled_permissions->push_back(permission_str); + else + LOG(WARNING) << "Unknown permission[" << permission_str << "]."; + + return true; +} + +bool ParseChildPermissions(const std::string& base_name, + const base::Value* permission_value, + APIPermissionSet::ParseSource source, + APIPermissionSet* api_permissions, + string16* error, + std::vector* unhandled_permissions) { + if (permission_value) { + const base::ListValue* permissions; + if (!permission_value->GetAsList(&permissions)) { + if (error) { + *error = ErrorUtils::FormatErrorMessageUTF16( + errors::kInvalidPermission, base_name); + return false; + } + LOG(WARNING) << "Permission value is not a list."; + // Failed to parse, but since error is NULL, failures are not fatal so + // return true here anyway. + return true; + } + + for (size_t i = 0; i < permissions->GetSize(); ++i) { + std::string permission_str; + if (!permissions->GetString(i, &permission_str)) { + // permission should be a string + if (error) { + *error = ErrorUtils::FormatErrorMessageUTF16( + errors::kInvalidPermission, + base_name + '.' + base::IntToString(i)); + return false; + } + LOG(WARNING) << "Permission is not a string."; + continue; + } + + if (!CreateAPIPermission( + base_name + '.' + permission_str, NULL, source, + api_permissions, error, unhandled_permissions)) + return false; + } + } + + return CreateAPIPermission(base_name, NULL, source, + api_permissions, error, NULL); +} + +} // namespace + +APIPermissionSet::APIPermissionSet() { +} + +APIPermissionSet::APIPermissionSet(const APIPermissionSet& set) { + this->operator=(set); +} + +APIPermissionSet::~APIPermissionSet() { +} + +APIPermissionSet::const_iterator::const_iterator( + const APIPermissionMap::const_iterator& it) + : it_(it) { +} + +APIPermissionSet::const_iterator::const_iterator( + const const_iterator& ids_it) + : it_(ids_it.it_) { +} + +APIPermissionSet& APIPermissionSet::operator=(const APIPermissionSet& rhs) { + const_iterator it = rhs.begin(); + const const_iterator end = rhs.end(); + while (it != end) { + insert(it->Clone()); + ++it; + } + return *this; +} + +bool APIPermissionSet::operator==(const APIPermissionSet& rhs) const { + const_iterator it = begin(); + const_iterator rhs_it = rhs.begin(); + const_iterator it_end = end(); + const_iterator rhs_it_end = rhs.end(); + + while (it != it_end && rhs_it != rhs_it_end) { + if (!it->Equal(*rhs_it)) + return false; + ++it; + ++rhs_it; + } + return it == it_end && rhs_it == rhs_it_end; +} + +void APIPermissionSet::insert(APIPermission::ID id) { + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByID(id); + insert(permission_info->CreateAPIPermission()); +} + +void APIPermissionSet::insert(APIPermission* permission) { + map_[permission->id()].reset(permission); +} + +bool APIPermissionSet::Contains(const APIPermissionSet& rhs) const { + APIPermissionSet::const_iterator it1 = begin(); + APIPermissionSet::const_iterator it2 = rhs.begin(); + APIPermissionSet::const_iterator end1 = end(); + APIPermissionSet::const_iterator end2 = rhs.end(); + + while (it1 != end1 && it2 != end2) { + if (it1->id() > it2->id()) { + return false; + } else if (it1->id() < it2->id()) { + ++it1; + } else { + if (!it1->Contains(*it2)) + return false; + ++it1; + ++it2; + } + } + + return it2 == end2; +} + +void APIPermissionSet::Difference( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3) { + CHECK(set3); + set3->clear(); + + APIPermissionSet::const_iterator it1 = set1.begin(); + APIPermissionSet::const_iterator it2 = set2.begin(); + const APIPermissionSet::const_iterator end1 = set1.end(); + const APIPermissionSet::const_iterator end2 = set2.end(); + + while (it1 != end1 && it2 != end2) { + if (it1->id() < it2->id()) { + set3->insert(it1->Clone()); + ++it1; + } else if (it1->id() > it2->id()) { + ++it2; + } else { + APIPermission* p = it1->Diff(*it2); + if (p) + set3->insert(p); + ++it1; + ++it2; + } + } + + while (it1 != end1) { + set3->insert(it1->Clone()); + ++it1; + } +} + +void APIPermissionSet::Intersection( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3) { + DCHECK(set3); + set3->clear(); + + APIPermissionSet::const_iterator it1 = set1.begin(); + APIPermissionSet::const_iterator it2 = set2.begin(); + const APIPermissionSet::const_iterator end1 = set1.end(); + const APIPermissionSet::const_iterator end2 = set2.end(); + + while (it1 != end1 && it2 != end2) { + if (it1->id() < it2->id()) { + ++it1; + } else if (it1->id() > it2->id()) { + ++it2; + } else { + APIPermission* p = it1->Intersect(*it2); + if (p) + set3->insert(p); + ++it1; + ++it2; + } + } +} + +void APIPermissionSet::Union( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3) { + DCHECK(set3); + set3->clear(); + + APIPermissionSet::const_iterator it1 = set1.begin(); + APIPermissionSet::const_iterator it2 = set2.begin(); + const APIPermissionSet::const_iterator end1 = set1.end(); + const APIPermissionSet::const_iterator end2 = set2.end(); + + while (true) { + if (it1 == end1) { + while (it2 != end2) { + set3->insert(it2->Clone()); + ++it2; + } + break; + } + if (it2 == end2) { + while (it1 != end1) { + set3->insert(it1->Clone()); + ++it1; + } + break; + } + if (it1->id() < it2->id()) { + set3->insert(it1->Clone()); + ++it1; + } else if (it1->id() > it2->id()) { + set3->insert(it2->Clone()); + ++it2; + } else { + set3->insert(it1->Union(*it2)); + ++it1; + ++it2; + } + } +} + +// static +bool APIPermissionSet::ParseFromJSON( + const base::ListValue* permissions, + APIPermissionSet::ParseSource source, + APIPermissionSet* api_permissions, + string16* error, + std::vector* unhandled_permissions) { + for (size_t i = 0; i < permissions->GetSize(); ++i) { + std::string permission_str; + const base::Value* permission_value = NULL; + if (!permissions->GetString(i, &permission_str)) { + const base::DictionaryValue* dict = NULL; + // permission should be a string or a single key dict. + if (!permissions->GetDictionary(i, &dict) || dict->size() != 1) { + if (error) { + *error = ErrorUtils::FormatErrorMessageUTF16( + errors::kInvalidPermission, base::IntToString(i)); + return false; + } + LOG(WARNING) << "Permission is not a string or single key dict."; + continue; + } + base::DictionaryValue::Iterator it(*dict); + permission_str = it.key(); + permission_value = &it.value(); + } + + // Check if this permission is a special case where its value should + // be treated as a list of child permissions. + if (PermissionsInfo::GetInstance()->HasChildPermissions(permission_str)) { + if (!ParseChildPermissions(permission_str, permission_value, source, + api_permissions, error, unhandled_permissions)) + return false; + continue; + } + + if (!CreateAPIPermission(permission_str, permission_value, source, + api_permissions, error, unhandled_permissions)) + return false; + } + return true; +} + +void APIPermissionSet::AddImpliedPermissions() { + // The fileSystem.write and fileSystem.directory permissions imply + // fileSystem.writeDirectory. + // TODO(sammc): Remove this. See http://crbug.com/284849. + if (ContainsKey(map_, APIPermission::kFileSystemWrite) && + ContainsKey(map_, APIPermission::kFileSystemDirectory)) { + insert(APIPermission::kFileSystemWriteDirectory); + } +} + +} // namespace extensions diff --git a/extensions/common/permissions/api_permission_set.h b/extensions/common/permissions/api_permission_set.h new file mode 100644 index 0000000..9b6f26d --- /dev/null +++ b/extensions/common/permissions/api_permission_set.h @@ -0,0 +1,173 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ +#define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ + +#include +#include + +#include "base/memory/linked_ptr.h" +#include "extensions/common/permissions/api_permission.h" + +namespace base { +class ListValue; +} // namespace base + +namespace extensions { + +class Extension; + +typedef std::map > APIPermissionMap; + +class APIPermissionSet { + public: + class const_iterator : + public std::iterator { + public: + const_iterator(const APIPermissionMap::const_iterator& it); + const_iterator(const const_iterator& ids_it); + + const_iterator& operator++() { + ++it_; + return *this; + } + + const_iterator operator++(int) { + const_iterator tmp(it_++); + return tmp; + } + + bool operator==(const const_iterator& rhs) const { + return it_ == rhs.it_; + } + + bool operator!=(const const_iterator& rhs) const { + return it_ != rhs.it_; + } + + const APIPermission* operator*() const { + return it_->second.get(); + } + + const APIPermission* operator->() const { + return it_->second.get(); + } + + private: + APIPermissionMap::const_iterator it_; + }; + + enum ParseSource { + // Don't allow internal permissions to be parsed (e.g. entries in the + // "permissions" list in a manifest). + kDisallowInternalPermissions, + + // Allow internal permissions to be parsed (e.g. from the "api" field of a + // permissions list in the prefs). + kAllowInternalPermissions, + }; + + APIPermissionSet(); + + APIPermissionSet(const APIPermissionSet& set); + + ~APIPermissionSet(); + + const_iterator begin() const { + return const_iterator(map().begin()); + } + + const_iterator end() const { + return map().end(); + } + + const_iterator find(APIPermission::ID id) const { + return map().find(id); + } + + const APIPermissionMap& map() const { + return map_; + } + + APIPermissionMap& map() { + return map_; + } + + void clear() { + map_.clear(); + } + + size_t count(APIPermission::ID id) const { + return map().count(id); + } + + bool empty() const { + return map().empty(); + } + + size_t erase(APIPermission::ID id) { + return map().erase(id); + } + + size_t size() const { + return map().size(); + } + + APIPermissionSet& operator=(const APIPermissionSet& rhs); + + bool operator==(const APIPermissionSet& rhs) const; + + bool operator!=(const APIPermissionSet& rhs) const { + return !operator==(rhs); + } + + void insert(APIPermission::ID id); + + // Insert |permission| into the APIPermissionSet. The APIPermissionSet will + // take the ownership of |permission|, + void insert(APIPermission* permission); + + bool Contains(const APIPermissionSet& rhs) const; + + static void Difference( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3); + + static void Intersection( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3); + + static void Union( + const APIPermissionSet& set1, + const APIPermissionSet& set2, + APIPermissionSet* set3); + + // Parses permissions from |permissions| and adds the parsed permissions to + // |api_permissions|. If |source| is kDisallowInternalPermissions, treat + // permissions with kFlagInternal as errors. If |unhandled_permissions| + // is not NULL, the names of all permissions that couldn't be parsed will be + // added to this vector. If |error| is NULL, parsing will continue with the + // next permission if invalid data is detected. If |error| is not NULL, it + // will be set to an error message and false is returned when an invalid + // permission is found. + static bool ParseFromJSON( + const base::ListValue* permissions, + ParseSource source, + APIPermissionSet* api_permissions, + string16* error, + std::vector* unhandled_permissions); + + void AddImpliedPermissions(); + + private: + APIPermissionMap map_; +}; + +} // namespace extensions + +#endif // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ diff --git a/extensions/common/permissions/api_permission_set_unittest.cc b/extensions/common/permissions/api_permission_set_unittest.cc new file mode 100644 index 0000000..85f8ccc --- /dev/null +++ b/extensions/common/permissions/api_permission_set_unittest.cc @@ -0,0 +1,333 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "base/pickle.h" +#include "base/values.h" +#include "chrome/common/extensions/extension_messages.h" +#include "extensions/common/permissions/api_permission_set.h" +#include "extensions/common/permissions/permissions_info.h" +#include "ipc/ipc_message.h" +#include "testing/gtest/include/gtest/gtest.h" + +namespace extensions { + +TEST(APIPermissionSetTest, General) { + APIPermissionSet apis; + apis.insert(APIPermission::kTab); + apis.insert(APIPermission::kBackground); + apis.insert(APIPermission::kProxy); + apis.insert(APIPermission::kClipboardWrite); + apis.insert(APIPermission::kPlugin); + + EXPECT_EQ(apis.find(APIPermission::kProxy)->id(), APIPermission::kProxy); + EXPECT_TRUE(apis.find(APIPermission::kSocket) == apis.end()); + + EXPECT_EQ(apis.size(), 5u); + + EXPECT_EQ(apis.erase(APIPermission::kTab), 1u); + EXPECT_EQ(apis.size(), 4u); + + EXPECT_EQ(apis.erase(APIPermission::kTab), 0u); + EXPECT_EQ(apis.size(), 4u); +} + +TEST(APIPermissionSetTest, CreateUnion) { + APIPermission* permission = NULL; + + APIPermissionSet apis1; + APIPermissionSet apis2; + APIPermissionSet expected_apis; + APIPermissionSet result; + + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + + // Union with an empty set. + apis1.insert(APIPermission::kTab); + apis1.insert(APIPermission::kBackground); + apis1.insert(permission->Clone()); + expected_apis.insert(APIPermission::kTab); + expected_apis.insert(APIPermission::kBackground); + expected_apis.insert(permission); + + APIPermissionSet::Union(apis1, apis2, &result); + + EXPECT_TRUE(apis1.Contains(apis2)); + EXPECT_TRUE(apis1.Contains(result)); + EXPECT_FALSE(apis2.Contains(apis1)); + EXPECT_FALSE(apis2.Contains(result)); + EXPECT_TRUE(result.Contains(apis1)); + EXPECT_TRUE(result.Contains(apis2)); + + EXPECT_EQ(expected_apis, result); + + // Now use a real second set. + apis2.insert(APIPermission::kTab); + apis2.insert(APIPermission::kProxy); + apis2.insert(APIPermission::kClipboardWrite); + apis2.insert(APIPermission::kPlugin); + + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-send-to::8899")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis2.insert(permission); + + expected_apis.insert(APIPermission::kTab); + expected_apis.insert(APIPermission::kProxy); + expected_apis.insert(APIPermission::kClipboardWrite); + expected_apis.insert(APIPermission::kPlugin); + + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + value->Append(new base::StringValue("udp-send-to::8899")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + // Insert a new socket permission which will replace the old one. + expected_apis.insert(permission); + + APIPermissionSet::Union(apis1, apis2, &result); + + EXPECT_FALSE(apis1.Contains(apis2)); + EXPECT_FALSE(apis1.Contains(result)); + EXPECT_FALSE(apis2.Contains(apis1)); + EXPECT_FALSE(apis2.Contains(result)); + EXPECT_TRUE(result.Contains(apis1)); + EXPECT_TRUE(result.Contains(apis2)); + + EXPECT_EQ(expected_apis, result); +} + +TEST(APIPermissionSetTest, CreateIntersection) { + APIPermission* permission = NULL; + + APIPermissionSet apis1; + APIPermissionSet apis2; + APIPermissionSet expected_apis; + APIPermissionSet result; + + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); + + // Intersection with an empty set. + apis1.insert(APIPermission::kTab); + apis1.insert(APIPermission::kBackground); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis1.insert(permission); + + APIPermissionSet::Intersection(apis1, apis2, &result); + EXPECT_TRUE(apis1.Contains(result)); + EXPECT_TRUE(apis2.Contains(result)); + EXPECT_TRUE(apis1.Contains(apis2)); + EXPECT_FALSE(apis2.Contains(apis1)); + EXPECT_FALSE(result.Contains(apis1)); + EXPECT_TRUE(result.Contains(apis2)); + + EXPECT_TRUE(result.empty()); + EXPECT_EQ(expected_apis, result); + + // Now use a real second set. + apis2.insert(APIPermission::kTab); + apis2.insert(APIPermission::kProxy); + apis2.insert(APIPermission::kClipboardWrite); + apis2.insert(APIPermission::kPlugin); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + value->Append(new base::StringValue("udp-send-to::8899")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis2.insert(permission); + + expected_apis.insert(APIPermission::kTab); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + expected_apis.insert(permission); + + APIPermissionSet::Intersection(apis1, apis2, &result); + + EXPECT_TRUE(apis1.Contains(result)); + EXPECT_TRUE(apis2.Contains(result)); + EXPECT_FALSE(apis1.Contains(apis2)); + EXPECT_FALSE(apis2.Contains(apis1)); + EXPECT_FALSE(result.Contains(apis1)); + EXPECT_FALSE(result.Contains(apis2)); + + EXPECT_EQ(expected_apis, result); +} + +TEST(APIPermissionSetTest, CreateDifference) { + APIPermission* permission = NULL; + + APIPermissionSet apis1; + APIPermissionSet apis2; + APIPermissionSet expected_apis; + APIPermissionSet result; + + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); + + // Difference with an empty set. + apis1.insert(APIPermission::kTab); + apis1.insert(APIPermission::kBackground); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis1.insert(permission); + + APIPermissionSet::Difference(apis1, apis2, &result); + + EXPECT_EQ(apis1, result); + + // Now use a real second set. + apis2.insert(APIPermission::kTab); + apis2.insert(APIPermission::kProxy); + apis2.insert(APIPermission::kClipboardWrite); + apis2.insert(APIPermission::kPlugin); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-send-to::8899")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis2.insert(permission); + + expected_apis.insert(APIPermission::kBackground); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + expected_apis.insert(permission); + + APIPermissionSet::Difference(apis1, apis2, &result); + + EXPECT_TRUE(apis1.Contains(result)); + EXPECT_FALSE(apis2.Contains(result)); + + EXPECT_EQ(expected_apis, result); + + // |result| = |apis1| - |apis2| --> |result| intersect |apis2| == empty_set + APIPermissionSet result2; + APIPermissionSet::Intersection(result, apis2, &result2); + EXPECT_TRUE(result2.empty()); +} + +TEST(APIPermissionSetTest, IPC) { + APIPermission* permission = NULL; + + APIPermissionSet apis; + APIPermissionSet expected_apis; + + const APIPermissionInfo* permission_info = + PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); + + apis.insert(APIPermission::kTab); + apis.insert(APIPermission::kBackground); + permission = permission_info->CreateAPIPermission(); + { + scoped_ptr value(new base::ListValue()); + value->Append(new base::StringValue("tcp-connect:*.example.com:80")); + value->Append(new base::StringValue("udp-bind::8080")); + value->Append(new base::StringValue("udp-send-to::8888")); + if (!permission->FromValue(value.get())) { + NOTREACHED(); + } + } + apis.insert(permission); + + EXPECT_NE(apis, expected_apis); + + IPC::Message m; + WriteParam(&m, apis); + PickleIterator iter(m); + CHECK(ReadParam(&m, &iter, &expected_apis)); + EXPECT_EQ(apis, expected_apis); +} + +TEST(APIPermissionSetTest, ImplicitPermissions) { + APIPermissionSet apis; + apis.insert(APIPermission::kFileSystemWrite); + apis.AddImpliedPermissions(); + + EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(), + APIPermission::kFileSystemWrite); + EXPECT_EQ(apis.size(), 1u); + + apis.erase(APIPermission::kFileSystemWrite); + apis.insert(APIPermission::kFileSystemDirectory); + apis.AddImpliedPermissions(); + + EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(), + APIPermission::kFileSystemDirectory); + EXPECT_EQ(apis.size(), 1u); + + apis.insert(APIPermission::kFileSystemWrite); + apis.AddImpliedPermissions(); + + EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(), + APIPermission::kFileSystemWrite); + EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(), + APIPermission::kFileSystemDirectory); + EXPECT_EQ(apis.find(APIPermission::kFileSystemWriteDirectory)->id(), + APIPermission::kFileSystemWriteDirectory); + EXPECT_EQ(apis.size(), 3u); +} + +} // namespace extensions diff --git a/extensions/common/permissions/permissions_info.cc b/extensions/common/permissions/permissions_info.cc new file mode 100644 index 0000000..bac3d9c1 --- /dev/null +++ b/extensions/common/permissions/permissions_info.cc @@ -0,0 +1,101 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#include "extensions/common/permissions/permissions_info.h" + +#include "base/lazy_instance.h" +#include "base/logging.h" +#include "base/stl_util.h" +#include "base/strings/string_util.h" +#include "extensions/common/extensions_client.h" + +namespace extensions { + +static base::LazyInstance g_permissions_info = + LAZY_INSTANCE_INITIALIZER; + +// static +PermissionsInfo* PermissionsInfo::GetInstance() { + return g_permissions_info.Pointer(); +} + +PermissionsInfo::~PermissionsInfo() { + STLDeleteContainerPairSecondPointers(id_map_.begin(), id_map_.end()); +} + +const APIPermissionInfo* PermissionsInfo::GetByID( + APIPermission::ID id) const { + IDMap::const_iterator i = id_map_.find(id); + return (i == id_map_.end()) ? NULL : i->second; +} + +const APIPermissionInfo* PermissionsInfo::GetByName( + const std::string& name) const { + NameMap::const_iterator i = name_map_.find(name); + return (i == name_map_.end()) ? NULL : i->second; +} + +APIPermissionSet PermissionsInfo::GetAll() const { + APIPermissionSet permissions; + for (IDMap::const_iterator i = id_map_.begin(); i != id_map_.end(); ++i) + permissions.insert(i->second->id()); + return permissions; +} + +APIPermissionSet PermissionsInfo::GetAllByName( + const std::set& permission_names) const { + APIPermissionSet permissions; + for (std::set::const_iterator i = permission_names.begin(); + i != permission_names.end(); ++i) { + const APIPermissionInfo* permission_info = GetByName(*i); + if (permission_info) + permissions.insert(permission_info->id()); + } + return permissions; +} + +bool PermissionsInfo::HasChildPermissions(const std::string& name) const { + NameMap::const_iterator i = name_map_.lower_bound(name + '.'); + if (i == name_map_.end()) return false; + return StartsWithASCII(i->first, name + '.', true); +} + +PermissionsInfo::PermissionsInfo() + : hosted_app_permission_count_(0), + permission_count_(0) { + DCHECK(ExtensionsClient::Get()); + InitializeWithProvider(ExtensionsClient::Get()->GetPermissionsProvider()); +} + +void PermissionsInfo::InitializeWithProvider( + const PermissionsProvider& provider) { + std::vector permissions = provider.GetAllPermissions(); + std::vector aliases = + provider.GetAllAliases(); + + for (size_t i = 0; i < permissions.size(); ++i) + RegisterPermission(permissions[i]); + for (size_t i = 0; i < aliases.size(); ++i) + RegisterAlias(aliases[i].name, aliases[i].alias); +} + +void PermissionsInfo::RegisterAlias( + const char* name, + const char* alias) { + DCHECK(ContainsKey(name_map_, name)); + DCHECK(!ContainsKey(name_map_, alias)); + name_map_[alias] = name_map_[name]; +} + +void PermissionsInfo::RegisterPermission(APIPermissionInfo* permission) { + DCHECK(!ContainsKey(id_map_, permission->id())); + DCHECK(!ContainsKey(name_map_, permission->name())); + + id_map_[permission->id()] = permission; + name_map_[permission->name()] = permission; + + permission_count_++; +} + +} // namespace extensions diff --git a/extensions/common/permissions/permissions_info.h b/extensions/common/permissions/permissions_info.h new file mode 100644 index 0000000..9be7e6d --- /dev/null +++ b/extensions/common/permissions/permissions_info.h @@ -0,0 +1,81 @@ +// Copyright 2013 The Chromium Authors. All rights reserved. +// Use of this source code is governed by a BSD-style license that can be +// found in the LICENSE file. + +#ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_INFO_H_ +#define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_INFO_H_ + +#include +#include +#include + +#include "base/callback.h" +#include "base/lazy_instance.h" +#include "extensions/common/permissions/api_permission.h" +#include "extensions/common/permissions/api_permission_set.h" +#include "extensions/common/permissions/permission_message.h" +#include "extensions/common/permissions/permissions_provider.h" + +namespace extensions { + +// A global object that holds the extension permission instances and provides +// methods for accessing them. +class PermissionsInfo { + public: + static PermissionsInfo* GetInstance(); + + virtual ~PermissionsInfo(); + + // Returns the permission with the given |id|, and NULL if it doesn't exist. + const APIPermissionInfo* GetByID(APIPermission::ID id) const; + + // Returns the permission with the given |name|, and NULL if none + // exists. + const APIPermissionInfo* GetByName(const std::string& name) const; + + // Returns a set containing all valid api permission ids. + APIPermissionSet GetAll() const; + + // Converts all the permission names in |permission_names| to permission ids. + APIPermissionSet GetAllByName( + const std::set& permission_names) const; + + // Checks if any permissions have names that start with |name| followed by a + // period. + bool HasChildPermissions(const std::string& name) const; + + // Gets the total number of API permissions. + size_t get_permission_count() const { return permission_count_; } + + private: + friend struct base::DefaultLazyInstanceTraits; + + PermissionsInfo(); + + // Initializes the permissions from the provider. + void InitializeWithProvider(const PermissionsProvider& provider); + + // Registers an |alias| for a given permission |name|. + void RegisterAlias(const char* name, const char* alias); + + // Registers a permission with the specified attributes and flags. + void RegisterPermission(APIPermissionInfo* permission); + + // Maps permission ids to permissions. + typedef std::map IDMap; + + // Maps names and aliases to permissions. + typedef std::map NameMap; + + IDMap id_map_; + NameMap name_map_; + + size_t hosted_app_permission_count_; + size_t permission_count_; + + DISALLOW_COPY_AND_ASSIGN(PermissionsInfo); +}; + +} // namespace extensions + +#endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_INFO_H_ diff --git a/extensions/extensions.gyp b/extensions/extensions.gyp index b9e1f209..6c4b3e2 100644 --- a/extensions/extensions.gyp +++ b/extensions/extensions.gyp @@ -64,8 +64,14 @@ 'common/matcher/url_matcher_helpers.h', 'common/one_shot_event.cc', 'common/one_shot_event.h', + 'common/permissions/api_permission.cc', + 'common/permissions/api_permission.h', + 'common/permissions/api_permission_set.cc', + 'common/permissions/api_permission_set.h', 'common/permissions/permission_message.cc', 'common/permissions/permission_message.h', + 'common/permissions/permissions_info.cc', + 'common/permissions/permissions_info.h', 'common/permissions/permissions_provider.h', 'common/stack_frame.cc', 'common/stack_frame.h', -- cgit v1.1