New security-related pyauto tests for Chrome on ChromeOS that verify extension permissions.

chrome/test/functional/chromeos_security.py

 #!/usr/bin/python
 # Copyright (c) 2011 The Chromium Authors. All rights reserved.
 # Use of this source code is governed by a BSD-style license that can be
 # found in the LICENSE file.
 
 import os
 
 import pyauto_functional
 import pyauto
 
 
 class ChromeosSecurity(pyauto.PyUITest):
   """Security tests for chrome on ChromeOS.
 
   Requires ChromeOS to be logged in.
   """
+  BUNDLED_CRX_DIRECTORY = '/opt/google/chrome/extensions'
+
+  COMPONENT_EXTENSION_BASELINE = [

[jimhebert, 2011/06/03 23:34:44]

Is it typical pyauto style to just inline these expectations? If so OK as long
as it matches local pyauto style.

(In the autotests I've been keeping these serialized as seperate files...)

[dennis_jeffrey, 2011/06/07 19:02:20]

The baseline information has been moved to a separate private data file.

+      { 'name': 'Bookmark Manager',
+        'effective_host_permissions': ['chrome://favicon/*',
+                                       'chrome://resources/*',],
+        'api_permissions': ['bookmarks',
+                            'tabs',
+                            'experimental',],
+      },
+      { 'name': 'File Manager',
+        'effective_host_permissions': ['chrome://extension-icon/*',
+                                       'chrome://resources/*',],
+        'api_permissions': ['fileBrowserHandler',
+                            'fileBrowserPrivate',
+                            'mediaPlayerPrivate',
+                            'unlimitedStorage',],
+      },
+      { 'name': 'Mobile Activation',
+        'effective_host_permissions': [],
+        'api_permissions': [],
+      },
+      { 'name': 'Chrome Web Store',
+        'effective_host_permissions': [],
+        'api_permissions': ['management',
+                            'webstorePrivate',],
+      },
+  ]
+
+  BUNDLED_CRX_BASELINE = [

[jimhebert, 2011/06/03 23:34:44]

The autotest version of this test is kept in autotest-private because it will on
occasion end up containing name/details of unannounced Chrome OS features which
themselves are built out of private/internal bits. I don't know what the
equivalent 'private' mechanism is for pyauto but I think the concern carries
over. How do we address that in pyauto?

[Nirnimesh, 2011/06/04 22:53:08]

In this case, the baseline needs to be read out from a file in
chrome/test/data/pyauto_private/chromeos (this is private)

I'd prefer to have all data together in a single data file, in the private repo.

[dennis_jeffrey, 2011/06/07 19:02:20]

Done.  The baseline info has been moved to a separate private data file.

[dennis_jeffrey, 2011/06/07 19:02:20]

Done.  I created a file in a "security" subfolder of the pyauto private data
directory.

+      { 'crx_file': 'aciahcmjmecflokailenpkdchphgkefd.crx',
+        'name': 'Entanglement',
+        'effective_host_permissions': [],
+        'api_permissions': ['unlimitedStorage',],
+      },
+      { 'crx_file': 'apdfllckaahabafndbhieahigkjlhalf.crx',
+        'name': 'Google Docs',
+        'effective_host_permissions': [],
+        'api_permissions': ['unlimitedStorage',],
+      },
+      { 'crx_file': 'blpcfgokakmgnkcojhhkbfbldkacnbeo.crx',
+        'name': 'YouTube',
+        'effective_host_permissions': [],
+        'api_permissions': [],
+      },
+      { 'crx_file': 'ejjicmeblgpmajnghnpcppodonldlgfn.crx',
+        'name': 'Google Calendar',
+        'effective_host_permissions': [],
+        'api_permissions': ['notifications',
+                            'unlimitedStorage',],
+      },
+      { 'crx_file': 'hpfomeedmekonipambfkmjfacahlngjd.crx',
+        'name': 'Picasa Uploader',
+        'effective_host_permissions': ['*://www.google.com/*',
+                                       'https://picasaweb.google.com/*',],
+        'api_permissions': ['contextMenus',
+                            'fileBrowserHandler',
+                            'notifications',
+                            'tabs',],
+      },
+      { 'crx_file': 'kjebfhglflhjjjiceimfkgicifkhjlnm.crx',
+        'name': 'Scratchpad',
+        'effective_host_permissions': ['https://docs.google.com/*',
+                                       'https://www.google.com/*',],
+        'api_permissions': ['tabs',],
+      },
+      { 'crx_file': 'nckgahadagoaajjgafhacjanaoiihapd.crx',
+        'name': 'Google Talk',
+        'effective_host_permissions': ['*://mail.google.com/*',
+                                       '*://talkgadget.google.com/*',],
+        'api_permissions': ['tabs',],
+      },
+      { 'crx_file': 'pjkljhegncpnkpknbcohdijeoejaedia.crx',
+        'name': 'Gmail',
+        'effective_host_permissions': [],
+        'api_permissions': ['notifications',],
+      },
+  ]
+
+  def setUp(self):
+    pyauto.PyUITest.setUp(self)
+    if self.GetBrowserInfo()['properties']['is_official']:
+      self.COMPONENT_EXTENSION_BASELINE.append(
+          { 'name': 'Help',
+            'effective_host_permissions': ['*://www.google.com/*',],
+            'api_permissions': ['chromeosInfoPrivate',
+                                'tabs',],
+          })
 
   def ExtraChromeFlagsOnChromeOS(self):
-    """Override default list of extra flags typicall used with automation.
+    """Override default list of extra flags typically used with automation.
 
     See the default flags used with automation in pyauto.py.
     Chrome flags for this test should be as close to reality as possible.
     """
     return [
        '--homepage=about:blank',
     ]
 
   def testCannotViewLocalFiles(self):
     """Verify that local files cannot be accessed from the browser."""
     urls_and_titles = {
        'file:///': 'Index of /',
        'file:///etc/': 'Index of /etc/',
        self.GetFileURLForDataPath('title2.html'): 'Title Of Awesomeness',
     }
     for url, title in urls_and_titles.iteritems():
       self.NavigateToURL(url)
       self.assertNotEqual(title, self.GetActiveTabTitle(),
           msg='Could access local file %s.' % url)
 
+  def _VerifyExtensionPermissions(self, baseline):
+    """Ensures extension permissions in the baseline match actual info.
+
+    This function will fail the current test if either (1) an extension named
+    in the baseline is not currently installed in Chrome; or (2) the api
+    permissions or effective host permissions of an extension in the baseline
+    do not match the actual permissions associated with the extension in Chrome.
+
+    Args:
+      baseline: A dictionary of expected extension information, containing
+                extension names and api/effective host permission info.
+    """
+    full_ext_actual_info = self.GetExtensionsInfo()
+    for ext_expected_info in baseline:
+      located_ext_info = [info for info in full_ext_actual_info if
+                          info['name'] == ext_expected_info['name']]
+      self.assertTrue(
+          located_ext_info,
+          msg='Cannot locate extension info: ' + ext_expected_info['name'])
+      ext_actual_info = located_ext_info[0]
+      self.assertEqual(set(ext_expected_info['effective_host_permissions']),
+                       set(ext_actual_info['effective_host_permissions']),
+                       msg='Effective host permission info does not match for '
+                           'extension: ' + ext_expected_info['name'])
+      self.assertEqual(set(ext_expected_info['api_permissions']),
+                       set(ext_actual_info['api_permissions']),
+                       msg='API permission info does not match for '
+                           'extension: ' + ext_expected_info['name'])
+
+  def testComponentExtensionPermissions(self):
+    """Ensures component extension permissions are as expected."""
+    expected_names = [ext['name'] for ext in self.COMPONENT_EXTENSION_BASELINE]
+    actual_names = [ext['name'] for ext in self.GetExtensionsInfo() if
+                    ext['is_component_extension']]
+    self.assertEqual(set(expected_names), set(actual_names),
+                     msg='Component extension names do not match baseline:\n'
+                         'Installed extensions: %s\n'
+                         'Expected extensions: %s' % (actual_names,
+                                                      expected_names))
+    self._VerifyExtensionPermissions(self.COMPONENT_EXTENSION_BASELINE)
+
+  def testBundledCrxPermissions(self):
+    """Ensures bundled CRX permissions are as expected."""
+    # Verify that each bundled CRX on the device is expected, then install it.
+    for file_name in os.listdir(self.BUNDLED_CRX_DIRECTORY):
+      if file_name.endswith('.crx'):
+        self.assertTrue(
+            file_name in [x['crx_file'] for x in self.BUNDLED_CRX_BASELINE],
+            msg='Unexpected CRX file: ' + file_name)
+        crx_file = pyauto.FilePath(
+            os.path.join(self.BUNDLED_CRX_DIRECTORY, file_name))
+        self.assertTrue(self.InstallExtension(crx_file, False),
+                        msg='Extension install failed: %s' % crx_file.value())
+
+    # Verify that the permissions information in the baseline matches the
+    # permissions associated with the installed bundled CRX extensions.
+    self._VerifyExtensionPermissions(self.BUNDLED_CRX_BASELINE)
+
+  def testNoUnexpectedExtensions(self):
+    """Ensures there are no unexpected bundled or component extensions."""
+    # Install all bundled extensions on the device.
+    for file_name in os.listdir(self.BUNDLED_CRX_DIRECTORY):
+      if file_name.endswith('.crx'):
+        crx_file = pyauto.FilePath(
+            os.path.join(self.BUNDLED_CRX_DIRECTORY, file_name))
+        self.assertTrue(self.InstallExtension(crx_file, False),
+                        msg='Extension install failed: %s' % crx_file.value())
+
+    # Ensure that the set of installed extension names precisely matches the
+    # baseline.
+    expected_names = [ext['name'] for ext in self.COMPONENT_EXTENSION_BASELINE]
+    expected_names.extend([ext['name'] for ext in self.BUNDLED_CRX_BASELINE])
+    ext_actual_info = self.GetExtensionsInfo()
+    installed_names = [ext['name'] for ext in ext_actual_info]
+    self.assertEqual(set(expected_names), set(installed_names),
+                     msg='Installed extension names do not match baseline:\n'
+                         'Installed extensions: %s\n'
+                         'Expected extensions: %s' % (installed_names,
+                                                      expected_names))
 
 if __name__ == '__main__':
   pyauto_functional.Main()