Chromium Code Reviews Chromium Code Reviews
Issue 10692160:
Support socket endpoint permissions for AppsV2 Socket API. (Closed)
Base URL: http://git.chromium.org/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/extension.h" | 5 #include "chrome/common/extensions/extension.h" |
| 6 | 6 |
| 7 #include <ostream> | 7 #include <ostream> |
| 8 | 8 |
| 9 #include "base/base64.h" | 9 #include "base/base64.h" |
| 10 #include "base/basictypes.h" | 10 #include "base/basictypes.h" |
| (...skipping 3319 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3330 if (manifest_->HasKey(key)) { | 3330 if (manifest_->HasKey(key)) { |
| 3331 ListValue* permissions = NULL; | 3331 ListValue* permissions = NULL; |
| 3332 if (!manifest_->GetList(key, &permissions)) { | 3332 if (!manifest_->GetList(key, &permissions)) { |
| 3333 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( | 3333 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( |
| 3334 errors::kInvalidPermissions, ""); | 3334 errors::kInvalidPermissions, ""); |
| 3335 return false; | 3335 return false; |
| 3336 } | 3336 } |
| 3337 | 3337 |
| 3338 for (size_t i = 0; i < permissions->GetSize(); ++i) { | 3338 for (size_t i = 0; i < permissions->GetSize(); ++i) { |
| 3339 std::string permission_str; | 3339 std::string permission_str; |
| 3340 if (!permissions->GetString(i, &permission_str)) { | 3340 base::ListValue *permission_list = NULL; |
| 3341 if (!permissions->GetString(i, &permission_str) && | |
| 3342 !(permissions->GetList(i, &permission_list) && | |
| 3343 permission_list->GetString(0, &permission_str))) { | |
| 3341 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( | 3344 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( |
| 3342 errors::kInvalidPermission, base::IntToString(i)); | 3345 errors::kInvalidPermission, base::IntToString(i)); |
| 3343 return false; | 3346 return false; |
| 3344 } | 3347 } |
| 3345 | 3348 |
| 3346 // NOTE: We need to get the APIPermission before the Feature | 3349 // NOTE: We need to get the APIPermission before the Feature |
| 3347 // object because the feature system does not know about aliases. | 3350 // object because the feature system does not know about aliases. |
| 3348 APIPermission* permission = | 3351 APIPermission* permission = |
| 3349 PermissionsInfo::GetInstance()->GetByName(permission_str); | 3352 PermissionsInfo::GetInstance()->GetByName(permission_str); |
| 3350 if (permission) { | 3353 if (permission) { |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 3374 continue; | 3377 continue; |
| 3375 } | 3378 } |
| 3376 | 3379 |
| 3377 if (permission->id() == APIPermission::kExperimental) { | 3380 if (permission->id() == APIPermission::kExperimental) { |
| 3378 if (!CanSpecifyExperimentalPermission()) { | 3381 if (!CanSpecifyExperimentalPermission()) { |
| 3379 *error = ASCIIToUTF16(errors::kExperimentalFlagRequired); | 3382 *error = ASCIIToUTF16(errors::kExperimentalFlagRequired); |
| 3380 return false; | 3383 return false; |
| 3381 } | 3384 } |
| 3382 } | 3385 } |
| 3383 | 3386 |
| 3384 api_permissions->insert(permission->id()); | 3387 scoped_refptr<APIPermissionDetail> detail = permission->CreateDetail(); |
| 3388 base::Value *value = NULL; | |
| 3389 if (permission_list) { | |
| 3390 if (!(permission_list->Get(1, &value) && detail->FromValue(value))) { | |
| 3391 *error = ExtensionErrorUtils::FormatErrorMessageUTF16( | |
| 3392 errors::kInvalidPermission, base::IntToString(i)); | |
| 3393 return false; | |
| 3394 } | |
| 3395 } | |
| 3396 | |
| 3397 api_permissions->insert(detail); | |
| 3385 continue; | 3398 continue; |
| 3386 } | 3399 } |
| 3387 | 3400 |
| 3388 // Check if it's a host pattern permission. | 3401 // Check if it's a host pattern permission. |
| 3389 const int kAllowedSchemes = CanExecuteScriptEverywhere() ? | 3402 const int kAllowedSchemes = CanExecuteScriptEverywhere() ? |
| 3390 URLPattern::SCHEME_ALL : kValidHostPermissionSchemes; | 3403 URLPattern::SCHEME_ALL : kValidHostPermissionSchemes; |
| 3391 | 3404 |
| 3392 URLPattern pattern = URLPattern(kAllowedSchemes); | 3405 URLPattern pattern = URLPattern(kAllowedSchemes); |
| 3393 URLPattern::ParseResult parse_result = pattern.Parse(permission_str); | 3406 URLPattern::ParseResult parse_result = pattern.Parse(permission_str); |
| 3394 if (parse_result == URLPattern::PARSE_SUCCESS) { | 3407 if (parse_result == URLPattern::PARSE_SUCCESS) { |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3471 APIPermission::ID permission) const { | 3484 APIPermission::ID permission) const { |
| 3472 base::AutoLock auto_lock(runtime_data_lock_); | 3485 base::AutoLock auto_lock(runtime_data_lock_); |
| 3473 if (runtime_data_.GetActivePermissions()->HasAPIPermission(permission)) | 3486 if (runtime_data_.GetActivePermissions()->HasAPIPermission(permission)) |
| 3474 return true; | 3487 return true; |
| 3475 scoped_refptr<const PermissionSet> tab_specific_permissions = | 3488 scoped_refptr<const PermissionSet> tab_specific_permissions = |
| 3476 runtime_data_.GetTabSpecificPermissions(tab_id); | 3489 runtime_data_.GetTabSpecificPermissions(tab_id); |
| 3477 return tab_specific_permissions.get() && | 3490 return tab_specific_permissions.get() && |
| 3478 tab_specific_permissions->HasAPIPermission(permission); | 3491 tab_specific_permissions->HasAPIPermission(permission); |
| 3479 } | 3492 } |
| 3480 | 3493 |
| 3494 bool Extension::CheckAPIPermissionWithDetail(APIPermission::ID permission, | |
| 3495 const APIPermissionDetail::CheckParam* param) const { | |
| 3496 base::AutoLock auto_lock(runtime_data_lock_); | |
|
miket_OOO
2012/08/06 21:04:06
It looks like this follows the existing pattern fo
Peng
2012/08/07 21:31:55
I guess this AutoLock protects runtime_data_ which
| |
| 3497 return runtime_data_.GetActivePermissions()-> | |
| 3498 CheckAPIPermissionWithDetail(permission, param); | |
| 3499 } | |
| 3500 | |
| 3481 const URLPatternSet& Extension::GetEffectiveHostPermissions() const { | 3501 const URLPatternSet& Extension::GetEffectiveHostPermissions() const { |
| 3482 base::AutoLock auto_lock(runtime_data_lock_); | 3502 base::AutoLock auto_lock(runtime_data_lock_); |
| 3483 return runtime_data_.GetActivePermissions()->effective_hosts(); | 3503 return runtime_data_.GetActivePermissions()->effective_hosts(); |
| 3484 } | 3504 } |
| 3485 | 3505 |
| 3486 bool Extension::HasHostPermission(const GURL& url) const { | 3506 bool Extension::HasHostPermission(const GURL& url) const { |
| 3487 if (url.SchemeIs(chrome::kChromeUIScheme) && | 3507 if (url.SchemeIs(chrome::kChromeUIScheme) && |
| 3488 url.host() != chrome::kChromeUIFaviconHost && | 3508 url.host() != chrome::kChromeUIFaviconHost && |
| 3489 url.host() != chrome::kChromeUIThumbnailHost && | 3509 url.host() != chrome::kChromeUIThumbnailHost && |
| 3490 location() != Extension::COMPONENT) { | 3510 location() != Extension::COMPONENT) { |
| (...skipping 412 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 3903 | 3923 |
| 3904 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( | 3924 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo( |
| 3905 const Extension* extension, | 3925 const Extension* extension, |
| 3906 const PermissionSet* permissions, | 3926 const PermissionSet* permissions, |
| 3907 Reason reason) | 3927 Reason reason) |
| 3908 : reason(reason), | 3928 : reason(reason), |
| 3909 extension(extension), | 3929 extension(extension), |
| 3910 permissions(permissions) {} | 3930 permissions(permissions) {} |
| 3911 | 3931 |
| 3912 } // namespace extensions | 3932 } // namespace extensions |
| OLD | NEW |
