Take 2 at implementing activeTab.

chrome/common/extensions/extension_unittest.cc

Index: chrome/common/extensions/extension_unittest.cc
diff --git a/chrome/common/extensions/extension_unittest.cc b/chrome/common/extensions/extension_unittest.cc
index 4c5f57a5ea7307dc9d661a69a931a01dcf1494f3..f7887cb0b653d6421a24a3fd4a63ba5bf0e44292 100644
--- a/chrome/common/extensions/extension_unittest.cc
+++ b/chrome/common/extensions/extension_unittest.cc
@@ -615,62 +615,62 @@ TEST(ExtensionTest, WantsFileAccess) {
   // <all_urls> permission
   extension = LoadManifest("permissions", "permissions_all_urls.json");
   EXPECT_TRUE(extension->wants_file_access());
-  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
   extension = LoadManifest(
       "permissions", "permissions_all_urls.json", Extension::ALLOW_FILE_ACCESS);
   EXPECT_TRUE(extension->wants_file_access());
-  EXPECT_TRUE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_TRUE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
 
   // file:///* permission
   extension = LoadManifest("permissions", "permissions_file_scheme.json");
   EXPECT_TRUE(extension->wants_file_access());
-  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
   extension = LoadManifest("permissions", "permissions_file_scheme.json",
       Extension::ALLOW_FILE_ACCESS);
   EXPECT_TRUE(extension->wants_file_access());
-  EXPECT_TRUE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_TRUE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
 
   // http://* permission
   extension = LoadManifest("permissions", "permissions_http_scheme.json");
   EXPECT_FALSE(extension->wants_file_access());
-  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
   extension = LoadManifest("permissions", "permissions_http_scheme.json",
       Extension::ALLOW_FILE_ACCESS);
   EXPECT_FALSE(extension->wants_file_access());
-  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, NULL, NULL));
+  EXPECT_FALSE(extension->CanExecuteScriptOnPage(file_url, -1, NULL, NULL));
 
   // <all_urls> content script match
   extension = LoadManifest("permissions", "content_script_all_urls.json");
   EXPECT_TRUE(extension->wants_file_access());
   EXPECT_FALSE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
   extension = LoadManifest("permissions", "content_script_all_urls.json",
       Extension::ALLOW_FILE_ACCESS);
   EXPECT_TRUE(extension->wants_file_access());
   EXPECT_TRUE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
 
   // file:///* content script match
   extension = LoadManifest("permissions", "content_script_file_scheme.json");
   EXPECT_TRUE(extension->wants_file_access());
   EXPECT_FALSE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
   extension = LoadManifest("permissions", "content_script_file_scheme.json",
       Extension::ALLOW_FILE_ACCESS);
   EXPECT_TRUE(extension->wants_file_access());
   EXPECT_TRUE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
 
   // http://* content script match
   extension = LoadManifest("permissions", "content_script_http_scheme.json");
   EXPECT_FALSE(extension->wants_file_access());
   EXPECT_FALSE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
   extension = LoadManifest("permissions", "content_script_http_scheme.json",
       Extension::ALLOW_FILE_ACCESS);
   EXPECT_FALSE(extension->wants_file_access());
   EXPECT_FALSE(extension->CanExecuteScriptOnPage(
-      file_url, &extension->content_scripts()[0], NULL));
+      file_url, -1, &extension->content_scripts()[0], NULL));
 }
 
 TEST(ExtensionTest, ExtraFlags) {
@@ -689,49 +689,92 @@ TEST(ExtensionTest, ExtraFlags) {
 // Base class for testing the CanExecuteScriptOnPage and CanCaptureVisiblePage
 // methods of Extension for extensions with various permissions.
 class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
- public:
-  ExtensionScriptAndCaptureVisibleTest() {
-    PathService::Get(chrome::DIR_TEST_DATA, &dirpath_);
+ protected:
+  ExtensionScriptAndCaptureVisibleTest()
+      : http_url("http://www.google.com"),
+        http_url_with_path("http://www.google.com/index.html"),
+        https_url("https://www.google.com"),
+        file_url("file:///foo/bar"),
+        favicon_url("chrome://favicon/http://www.google.com"),
+        extension_url("chrome-extension://" +
+            Extension::GenerateIdForPath(FilePath(FILE_PATH_LITERAL("foo")))),
+        settings_url("chrome://settings"),
+        about_url("about:flags") {
+    urls_.insert(http_url);
+    urls_.insert(http_url_with_path);
+    urls_.insert(https_url);
+    urls_.insert(file_url);
+    urls_.insert(favicon_url);
+    urls_.insert(extension_url);
+    urls_.insert(settings_url);
+    urls_.insert(about_url);
   }
 
   bool Allowed(const Extension* extension, const GURL& url) {
-    return (extension->CanExecuteScriptOnPage(url, NULL, NULL) &&
-            extension->CanCaptureVisiblePage(url, NULL));
+    return Allowed(extension, url, -1);
+  }
+
+  bool Allowed(const Extension* extension, const GURL& url, int tab_id) {
+    return (extension->CanExecuteScriptOnPage(url, tab_id, NULL, NULL) &&
+            extension->CanCaptureVisiblePage(url, tab_id, NULL));
   }
 
   bool CaptureOnly(const Extension* extension, const GURL& url) {
-    return !extension->CanExecuteScriptOnPage(url, NULL, NULL) &&
-        extension->CanCaptureVisiblePage(url, NULL);
+    return CaptureOnly(extension, url, -1);
+  }
+
+  bool CaptureOnly(const Extension* extension, const GURL& url, int tab_id) {
+    return !extension->CanExecuteScriptOnPage(url, tab_id, NULL, NULL) &&
+            extension->CanCaptureVisiblePage(url, tab_id, NULL);
   }
 
   bool Blocked(const Extension* extension, const GURL& url) {
-    return !(extension->CanExecuteScriptOnPage(url, NULL, NULL) ||
-             extension->CanCaptureVisiblePage(url, NULL));
+    return Blocked(extension, url, -1);
   }
 
- protected:
-  FilePath dirpath_;
-};
+  bool Blocked(const Extension* extension, const GURL& url, int tab_id) {
+    return !(extension->CanExecuteScriptOnPage(url, tab_id, NULL, NULL) ||
+             extension->CanCaptureVisiblePage(url, tab_id, NULL));
+  }
+
+  bool AllowedExclusivelyOnTab(
+      const Extension* extension,
+      const std::set<GURL>& allowed_urls,
+      int tab_id) {
+    bool result = true;
+    for (std::set<GURL>::iterator it = urls_.begin(); it != urls_.end(); ++it) {
+      const GURL& url = *it;
+      if (allowed_urls.count(url))
+        result &= Allowed(extension, url, tab_id);
+      else
+        result &= Blocked(extension, url, tab_id);
+    }
+    return result;
+  }
 
-TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
-  scoped_refptr<Extension> extension;
   // URLs that are "safe" to provide scripting and capture visible tab access
   // to if the permissions allow it.
-  GURL http_url("http://www.google.com");
-  GURL https_url("https://www.google.com");
-  GURL file_url("file:///foo/bar");
+  const GURL http_url;
+  const GURL http_url_with_path;
+  const GURL https_url;
+  const GURL file_url;
 
   // We should allow host permission but not scripting permission for favicon
   // urls.
-  GURL favicon_url("chrome://favicon/http://www.google.com");
-
-  std::string dummy_id =
-      Extension::GenerateIdForPath(FilePath(FILE_PATH_LITERAL("whatever")));
+  const GURL favicon_url;
 
   // URLs that regular extensions should never get access to.
-  GURL extension_url("chrome-extension://" + dummy_id);
-  GURL settings_url("chrome://settings");
-  GURL about_url("about:flags");
+  const GURL extension_url;
+  const GURL settings_url;
+  const GURL about_url;
+
+ private:
+  // The set of all URLs above.
+  std::set<GURL> urls_;
+};
+
+TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
+  scoped_refptr<Extension> extension;
 
   // Test <all_urls> for regular extensions.
   extension = LoadManifestStrict("script_and_capture",
@@ -810,6 +853,82 @@ TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) {
   EXPECT_FALSE(extension->HasHostPermission(settings_url));
 }
 
+TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) {
+  scoped_refptr<Extension> extension =
+      LoadManifestStrict("script_and_capture", "tab_specific.json");
+
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(0));
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(1));
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(2));
+
+  std::set<GURL> no_urls;
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+
+  URLPatternSet allowed_hosts;
+    allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
+                                        http_url.spec()));
+  std::set<GURL> allowed_urls;
+    allowed_urls.insert(http_url);
+    // http_url_with_path() will also be allowed, because Extension should be
+    // considering the security origin of the URL not the URL itself, and
+    // http_url is in allowed_hosts.
+    allowed_urls.insert(http_url_with_path);
+
+  extension->SetTabSpecificHostPermissions(0, allowed_hosts);
+  EXPECT_EQ(allowed_hosts, *extension->GetTabSpecificHostPermissions(0));
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, allowed_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+
+  extension->ClearTabSpecificHostPermissions(0);
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(0));
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+
+  std::set<GURL> more_allowed_urls = allowed_urls;
+    more_allowed_urls.insert(https_url);
+  URLPatternSet more_allowed_hosts = allowed_hosts;
+    more_allowed_hosts.AddPattern(URLPattern(URLPattern::SCHEME_ALL,
+                                             https_url.spec()));
+
+  extension->SetTabSpecificHostPermissions(0, allowed_hosts);
+  EXPECT_EQ(allowed_hosts, *extension->GetTabSpecificHostPermissions(0));
+  extension->SetTabSpecificHostPermissions(1, more_allowed_hosts);
+  EXPECT_EQ(more_allowed_hosts, *extension->GetTabSpecificHostPermissions(1));
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, allowed_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, more_allowed_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+
+  extension->ClearTabSpecificHostPermissions(0);
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(0));
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, more_allowed_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+
+  extension->ClearTabSpecificHostPermissions(1);
+  EXPECT_EQ(NULL, extension->GetTabSpecificHostPermissions(1));
+
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 0));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 1));
+  EXPECT_TRUE(AllowedExclusivelyOnTab(extension, no_urls, 2));
+}
+
+TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecificActiveHostPermissions) {
+  // - no active permissions.
+  // - no tab specific permissions
+  // - changing active permissions.
+  // - changing tab specific permissions.
+  // - lots of tab specific permissions (test merge algorithm).

[not at google - send to devlin, 2012/06/07 08:49:22]

I've deleted this, just didn't upload yet so as to reduce noise. It only makes
sense with that new ActiveHostPermissions stuff, which is only applicable with
the XHR, and no point testing that if we're not going to submit it anyway.

+}
+
 TEST(ExtensionTest, GenerateId) {
   std::string result;
   EXPECT_TRUE(Extension::GenerateId("", &result));