Chromium Code Reviews Chromium Code Reviews
Issue 10815028:
Make ActiveTabPermissionManager also grant the tabs permission. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_function_dispatcher.h" | 5 #include "chrome/browser/extensions/extension_function_dispatcher.h" |
| 6 | 6 |
| 7 #include <map> | 7 #include <map> |
| 8 | 8 |
| 9 #include "base/json/json_string_value_serializer.h" | 9 #include "base/json/json_string_value_serializer.h" |
| 10 #include "base/lazy_instance.h" | 10 #include "base/lazy_instance.h" |
| (...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 146 function->AsIOThreadExtensionFunction(); | 146 function->AsIOThreadExtensionFunction(); |
| 147 if (!function_io) { | 147 if (!function_io) { |
| 148 NOTREACHED(); | 148 NOTREACHED(); |
| 149 return; | 149 return; |
| 150 } | 150 } |
| 151 function_io->set_ipc_sender(ipc_sender, routing_id); | 151 function_io->set_ipc_sender(ipc_sender, routing_id); |
| 152 function_io->set_extension_info_map(extension_info_map); | 152 function_io->set_extension_info_map(extension_info_map); |
| 153 function->set_include_incognito( | 153 function->set_include_incognito( |
| 154 extension_info_map->IsIncognitoEnabled(extension->id())); | 154 extension_info_map->IsIncognitoEnabled(extension->id())); |
| 155 | 155 |
| 156 if (!function->HasPermission()) { | |
| 157 LOG(ERROR) << "Extension " << extension->id() << " does not have " | |
| 158 << "permission to function: " << params.name; | |
| 159 SendAccessDenied(ipc_sender, routing_id, params.request_id); | |
| 160 } | |
| 161 | |
| 156 ExtensionsQuotaService* quota = extension_info_map->GetQuotaService(); | 162 ExtensionsQuotaService* quota = extension_info_map->GetQuotaService(); |
| 157 if (quota->Assess(extension->id(), function, ¶ms.arguments, | 163 if (quota->Assess(extension->id(), function, ¶ms.arguments, |
| 158 base::TimeTicks::Now())) { | 164 base::TimeTicks::Now())) { |
| 159 function->Run(); | 165 function->Run(); |
| 160 LogSuccess(extension, params); | 166 LogSuccess(extension, params); |
| 161 } else { | 167 } else { |
| 162 function->OnQuotaExceeded(); | 168 function->OnQuotaExceeded(); |
| 163 LogFailure(extension, params.name, kQuotaExceeded); | 169 LogFailure(extension, params.name, kQuotaExceeded); |
| 164 } | 170 } |
| 165 } | 171 } |
| (...skipping 38 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 204 function->AsUIThreadExtensionFunction(); | 210 function->AsUIThreadExtensionFunction(); |
| 205 if (!function_ui) { | 211 if (!function_ui) { |
| 206 NOTREACHED(); | 212 NOTREACHED(); |
| 207 return; | 213 return; |
| 208 } | 214 } |
| 209 function_ui->SetRenderViewHost(render_view_host); | 215 function_ui->SetRenderViewHost(render_view_host); |
| 210 function_ui->set_dispatcher(AsWeakPtr()); | 216 function_ui->set_dispatcher(AsWeakPtr()); |
| 211 function_ui->set_profile(profile_); | 217 function_ui->set_profile(profile_); |
| 212 function->set_include_incognito(service->CanCrossIncognito(extension)); | 218 function->set_include_incognito(service->CanCrossIncognito(extension)); |
| 213 | 219 |
| 220 if (!function->HasPermission()) { | |
|
Aaron Boodman
2012/07/31 14:53:43
Bummer about the duplication. Why can't this go at
not at google - send to devlin
2012/07/31 15:09:05
Because of the extra initialization that this need
not at google - send to devlin
2012/08/01 13:57:04
Turns out I was wrong about this. Done.
| |
| 221 LOG(ERROR) << "Extension " << extension->id() << " does not have " | |
| 222 << "permission to function: " << params.name; | |
| 223 SendAccessDenied(render_view_host, | |
| 224 render_view_host->GetRoutingID(), | |
| 225 params.request_id); | |
| 226 } | |
| 227 | |
| 214 ExtensionsQuotaService* quota = service->quota_service(); | 228 ExtensionsQuotaService* quota = service->quota_service(); |
| 215 if (quota->Assess(extension->id(), function, ¶ms.arguments, | 229 if (quota->Assess(extension->id(), function, ¶ms.arguments, |
| 216 base::TimeTicks::Now())) { | 230 base::TimeTicks::Now())) { |
| 217 // See crbug.com/39178. | 231 // See crbug.com/39178. |
| 218 ExternalProtocolHandler::PermitLaunchUrl(); | 232 ExternalProtocolHandler::PermitLaunchUrl(); |
| 219 | 233 |
| 220 function->Run(); | 234 function->Run(); |
| 221 LogSuccess(extension, params); | 235 LogSuccess(extension, params); |
| 222 } else { | 236 } else { |
| 223 function->OnQuotaExceeded(); | 237 function->OnQuotaExceeded(); |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 260 | 274 |
| 261 if (api->IsPrivileged(params.name) && | 275 if (api->IsPrivileged(params.name) && |
| 262 !process_map.Contains(extension->id(), requesting_process_id)) { | 276 !process_map.Contains(extension->id(), requesting_process_id)) { |
| 263 LOG(ERROR) << "Extension API called from incorrect process " | 277 LOG(ERROR) << "Extension API called from incorrect process " |
| 264 << requesting_process_id | 278 << requesting_process_id |
| 265 << " from URL " << params.source_url.spec(); | 279 << " from URL " << params.source_url.spec(); |
| 266 SendAccessDenied(ipc_sender, routing_id, params.request_id); | 280 SendAccessDenied(ipc_sender, routing_id, params.request_id); |
| 267 return NULL; | 281 return NULL; |
| 268 } | 282 } |
| 269 | 283 |
| 270 if (!extension->HasAPIPermission(params.name)) { | |
| 271 LOG(ERROR) << "Extension " << extension->id() << " does not have " | |
| 272 << "permission to function: " << params.name; | |
| 273 SendAccessDenied(ipc_sender, routing_id, params.request_id); | |
| 274 return NULL; | |
| 275 } | |
| 276 | |
| 277 ExtensionFunction* function = | 284 ExtensionFunction* function = |
| 278 ExtensionFunctionRegistry::GetInstance()->NewFunction(params.name); | 285 ExtensionFunctionRegistry::GetInstance()->NewFunction(params.name); |
| 279 function->SetArgs(¶ms.arguments); | 286 function->SetArgs(¶ms.arguments); |
| 280 function->set_source_url(params.source_url); | 287 function->set_source_url(params.source_url); |
| 281 function->set_request_id(params.request_id); | 288 function->set_request_id(params.request_id); |
| 282 function->set_has_callback(params.has_callback); | 289 function->set_has_callback(params.has_callback); |
| 283 function->set_user_gesture(params.user_gesture); | 290 function->set_user_gesture(params.user_gesture); |
| 284 function->set_extension(extension); | 291 function->set_extension(extension); |
| 285 function->set_profile_id(profile); | 292 function->set_profile_id(profile); |
| 286 return function; | 293 return function; |
| 287 } | 294 } |
| 288 | 295 |
| 289 // static | 296 // static |
| 290 void ExtensionFunctionDispatcher::SendAccessDenied( | 297 void ExtensionFunctionDispatcher::SendAccessDenied( |
| 291 IPC::Sender* ipc_sender, int routing_id, int request_id) { | 298 IPC::Sender* ipc_sender, int routing_id, int request_id) { |
| 292 ListValue empty_list; | 299 ListValue empty_list; |
| 293 ipc_sender->Send(new ExtensionMsg_Response( | 300 ipc_sender->Send(new ExtensionMsg_Response( |
| 294 routing_id, request_id, false, empty_list, | 301 routing_id, request_id, false, empty_list, |
| 295 "Access to extension API denied.")); | 302 "Access to extension API denied.")); |
| 296 } | 303 } |
| OLD | NEW |
