Show apps protecting local data in chrome://settings/cookies.

chrome/browser/extensions/extension_special_storage_policy_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/message_loop.h"
 #include "base/values.h"
 #include "chrome/browser/content_settings/cookie_settings.h"
 #include "chrome/browser/extensions/extension_special_storage_policy.h"
 #include "chrome/common/content_settings.h"
 #include "chrome/common/content_settings_types.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_manifest_constants.h"
 #include "chrome/test/base/testing_profile.h"
 #include "content/public/test/test_browser_thread.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using content::BrowserThread;
 using extensions::Extension;
 
 namespace keys = extension_manifest_keys;
 
 class ExtensionSpecialStoragePolicyTest : public testing::Test {
+ public:
+  virtual void SetUp() {
+    policy_ = new ExtensionSpecialStoragePolicy(NULL);
+  }
+
  protected:
   scoped_refptr<Extension> CreateProtectedApp() {
 #if defined(OS_WIN)
     FilePath path(FILE_PATH_LITERAL("c:\\foo"));
 #elif defined(OS_POSIX)
     FilePath path(FILE_PATH_LITERAL("/foo"));
 #endif
     DictionaryValue manifest;
     manifest.SetString(keys::kName, "Protected");
     manifest.SetString(keys::kVersion, "1");
@@ skipping 76 matching lines @@
     ListValue* list = new ListValue();
     list->Append(Value::CreateStringValue("unlimitedStorage"));
     list->Append(Value::CreateStringValue("fileSystem"));
     manifest.Set(keys::kPermissions, list);
     std::string error;
     scoped_refptr<Extension> handler_app = Extension::Create(
         path, Extension::INVALID, manifest, Extension::NO_FLAGS, &error);
     EXPECT_TRUE(handler_app.get()) << error;
     return handler_app;
   }
+
+  void ExpectProtectedBy(const ExtensionSet& expected_extensions,

[marja, 2012/07/09 08:11:43]

Nit: There's no test which would assert that something is *not* protected, so,
e.g., if there was a bug that all the URLs appear as protected, the test
wouldn't catch it.. (There is EXPECT_FALSE(IsStorageUnlimited(...)) types of
tests though.)

-> bool ProtectedBy(...) and EXPECT_TRUE(ProtectedBy(...));
EXPECT_FALSE(ProtectedBy(...)) ?

[Bernhard Bauer, 2012/07/09 09:50:48]

I pass in an ExtensionSet and then expect that this is *exactly* the set of
protecting extensions. I.e. if I pass in an empty set, I'm expecting the origin
not to be protected.

I'll add a comment to explain.

[marja, 2012/07/09 09:55:02]

Ahh, yes, I read this sloppily, it's not enough that it's protected by *some*.
Feel free to ignore this comment, too.

+                         const GURL& url) {
+    const ExtensionSet* extensions = policy_->ExtensionsProtectingOrigin(url);
+    EXPECT_EQ(expected_extensions.size(), extensions->size());
+    for (ExtensionSet::const_iterator it = expected_extensions.begin();
+         it != expected_extensions.end(); ++it) {
+      EXPECT_TRUE(extensions->Contains((*it)->id()))
+          << "Origin " << url << "not protected by extension ID "
+          << (*it)->id();
+    }
+  }
+
+  scoped_refptr<ExtensionSpecialStoragePolicy> policy_;
 };
 
 TEST_F(ExtensionSpecialStoragePolicyTest, EmptyPolicy) {
   const GURL kHttpUrl("http://foo");
   const GURL kExtensionUrl("chrome-extension://bar");
 
-  scoped_refptr<ExtensionSpecialStoragePolicy> policy(
-      new ExtensionSpecialStoragePolicy(NULL));
-
-  ASSERT_FALSE(policy->IsStorageUnlimited(kHttpUrl));
-  ASSERT_FALSE(policy->IsStorageUnlimited(kHttpUrl));  // test cached result
-  ASSERT_FALSE(policy->IsStorageUnlimited(kExtensionUrl));
-  ASSERT_FALSE(policy->IsStorageProtected(kHttpUrl));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(kHttpUrl));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(kHttpUrl));  // test cached result
+  EXPECT_FALSE(policy_->IsStorageUnlimited(kExtensionUrl));
+  ExtensionSet empty_set;
+  ExpectProtectedBy(empty_set, kHttpUrl);
 
   // This one is just based on the scheme.
-  ASSERT_TRUE(policy->IsStorageProtected(kExtensionUrl));
+  EXPECT_TRUE(policy_->IsStorageProtected(kExtensionUrl));
 }
 
 
 TEST_F(ExtensionSpecialStoragePolicyTest, AppWithProtectedStorage) {
   scoped_refptr<Extension> extension(CreateProtectedApp());
-  scoped_refptr<ExtensionSpecialStoragePolicy> policy(
-      new ExtensionSpecialStoragePolicy(NULL));
-  policy->GrantRightsForExtension(extension);
-  EXPECT_FALSE(policy->IsStorageUnlimited(extension->url()));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit:6000/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://not_listed/")));
+  policy_->GrantRightsForExtension(extension);
+  ExtensionSet protecting_extensions;
+  protecting_extensions.Insert(extension);
+  ExtensionSet empty_set;
 
-  policy->RevokeRightsForExtension(extension);
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("https://bar.wildcards/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(extension->url()));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("http://explicit/")));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit:6000/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://bar.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("http://not_listed/"));
+
+  policy_->RevokeRightsForExtension(extension);
+  ExpectProtectedBy(empty_set, GURL("http://explicit/"));
+  ExpectProtectedBy(empty_set, GURL("http://foo.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("https://bar.wildcards/"));
 }
 
 TEST_F(ExtensionSpecialStoragePolicyTest, AppWithUnlimitedStorage) {
   scoped_refptr<Extension> extension(CreateUnlimitedApp());
-  scoped_refptr<ExtensionSpecialStoragePolicy> policy(
-      new ExtensionSpecialStoragePolicy(NULL));
-  policy->GrantRightsForExtension(extension);
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit:6000/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://not_listed/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(extension->url()));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("http://explicit:6000/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("https://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("http://not_listed/")));
+  policy_->GrantRightsForExtension(extension);
+  ExtensionSet protecting_extensions;
+  protecting_extensions.Insert(extension);
+  ExtensionSet empty_set;
 
-  policy->RevokeRightsForExtension(extension);
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("http://explicit/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("https://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("https://bar.wildcards/")));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit:6000/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://bar.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("http://not_listed/"));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(extension->url()));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("http://explicit/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("http://explicit:6000/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("https://foo.wildcards/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("https://bar.wildcards/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("http://not_listed/")));
+
+  policy_->RevokeRightsForExtension(extension);
+  ExpectProtectedBy(empty_set, GURL("http://explicit/"));
+  ExpectProtectedBy(empty_set, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("http://bar.wildcards/"));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("http://explicit/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("https://foo.wildcards/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("https://bar.wildcards/")));
 }
 
 TEST_F(ExtensionSpecialStoragePolicyTest, OverlappingApps) {
   scoped_refptr<Extension> protected_app(CreateProtectedApp());
   scoped_refptr<Extension> unlimited_app(CreateUnlimitedApp());
-  scoped_refptr<ExtensionSpecialStoragePolicy> policy(
-      new ExtensionSpecialStoragePolicy(NULL));
-  policy->GrantRightsForExtension(protected_app);
-  policy->GrantRightsForExtension(unlimited_app);
+  policy_->GrantRightsForExtension(protected_app);
+  policy_->GrantRightsForExtension(unlimited_app);
+  ExtensionSet protecting_extensions;
+  ExtensionSet empty_set;
+  protecting_extensions.Insert(protected_app);
+  protecting_extensions.Insert(unlimited_app);
 
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit:6000/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://not_listed/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("http://explicit:6000/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("https://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageUnlimited(GURL("https://bar.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("http://not_listed/")));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit:6000/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://bar.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("http://not_listed/"));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("http://explicit/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("http://explicit:6000/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("https://foo.wildcards/")));
+  EXPECT_TRUE(policy_->IsStorageUnlimited(GURL("https://bar.wildcards/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("http://not_listed/")));
 
-  policy->RevokeRightsForExtension(unlimited_app);
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("http://explicit/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("https://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageUnlimited(GURL("https://bar.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("http://foo.wildcards/")));
-  EXPECT_TRUE(policy->IsStorageProtected(GURL("https://bar.wildcards/")));
+  policy_->RevokeRightsForExtension(unlimited_app);
+  protecting_extensions.Remove(unlimited_app->id());
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("http://explicit/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("https://foo.wildcards/")));
+  EXPECT_FALSE(policy_->IsStorageUnlimited(GURL("https://bar.wildcards/")));
+  ExpectProtectedBy(protecting_extensions, GURL("http://explicit/"));
+  ExpectProtectedBy(protecting_extensions, GURL("http://foo.wildcards/"));
+  ExpectProtectedBy(protecting_extensions, GURL("https://bar.wildcards/"));
 
-  policy->RevokeRightsForExtension(protected_app);
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://explicit/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("http://foo.wildcards/")));
-  EXPECT_FALSE(policy->IsStorageProtected(GURL("https://bar.wildcards/")));
+  policy_->RevokeRightsForExtension(protected_app);
+  ExpectProtectedBy(empty_set, GURL("http://explicit/"));
+  ExpectProtectedBy(empty_set, GURL("http://foo.wildcards/"));
+  ExpectProtectedBy(empty_set, GURL("https://bar.wildcards/"));
 }
 
 TEST_F(ExtensionSpecialStoragePolicyTest, HasSessionOnlyOrigins) {
   MessageLoop message_loop;
   content::TestBrowserThread ui_thread(BrowserThread::UI, &message_loop);
 
   TestingProfile profile;
   CookieSettings* cookie_settings =
       CookieSettings::Factory::GetForProfile(&profile);
-  scoped_refptr<ExtensionSpecialStoragePolicy> policy(
-      new ExtensionSpecialStoragePolicy(cookie_settings));
+  policy_ = new ExtensionSpecialStoragePolicy(cookie_settings);
 
-  EXPECT_FALSE(policy->HasSessionOnlyOrigins());
+  EXPECT_FALSE(policy_->HasSessionOnlyOrigins());
 
   // The default setting can be session-only.
   cookie_settings->SetDefaultCookieSetting(CONTENT_SETTING_SESSION_ONLY);
-  EXPECT_TRUE(policy->HasSessionOnlyOrigins());
+  EXPECT_TRUE(policy_->HasSessionOnlyOrigins());
 
   cookie_settings->SetDefaultCookieSetting(CONTENT_SETTING_ALLOW);
-  EXPECT_FALSE(policy->HasSessionOnlyOrigins());
+  EXPECT_FALSE(policy_->HasSessionOnlyOrigins());
 
   // Or the session-onlyness can affect individual origins.
   ContentSettingsPattern pattern =
       ContentSettingsPattern::FromString("pattern.com");
 
   cookie_settings->SetCookieSetting(pattern,
                                     ContentSettingsPattern::Wildcard(),
                                     CONTENT_SETTING_SESSION_ONLY);
 
-  EXPECT_TRUE(policy->HasSessionOnlyOrigins());
+  EXPECT_TRUE(policy_->HasSessionOnlyOrigins());
 
   // Clearing an origin-specific rule.
   cookie_settings->ResetCookieSetting(pattern,
                                       ContentSettingsPattern::Wildcard());
 
-  EXPECT_FALSE(policy->HasSessionOnlyOrigins());
+  EXPECT_FALSE(policy_->HasSessionOnlyOrigins());
 }