Start refractoring extension permissions into ExtensionPermissionSet.

chrome/browser/extensions/extension_service.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/extension_service.h"
 
 #include <algorithm>
 #include <set>
 
 #include "base/basictypes.h"
@@ skipping 947 matching lines @@
 
   NotifyExtensionUnloaded(extension, UnloadedExtensionInfo::DISABLE);
 }
 
 void ExtensionService::GrantPermissions(const Extension* extension) {
   CHECK(extension);
 
   // We only maintain the granted permissions prefs for INTERNAL extensions.
   CHECK_EQ(Extension::INTERNAL, extension->location());
 
-  URLPatternSet effective_hosts = extension->GetEffectiveHostPermissions();
   extension_prefs_->AddGrantedPermissions(extension->id(),
-                                          extension->HasFullPermissions(),
-                                          extension->api_permissions(),
-                                          effective_hosts);
+                                          extension->permission_set());
 }
 
 void ExtensionService::GrantPermissionsAndEnableExtension(
     const Extension* extension) {
   CHECK(extension);
   RecordPermissionMessagesHistogram(
       extension, "Extensions.Permissions_ReEnable");
   GrantPermissions(extension);
   extension_prefs_->SetDidExtensionEscalatePermissions(extension, false);
   EnableExtension(extension->id());
@@ skipping 218 matching lines @@
 }
 
 // static
 void ExtensionService::RecordPermissionMessagesHistogram(
     const Extension* e, const char* histogram) {
   // Since this is called from multiple sources, and since the Histogram macros
   // use statics, we need to manually lookup the Histogram ourselves.
   base::Histogram* counter = base::LinearHistogram::FactoryGet(
       histogram,
       1,
-      Extension::PermissionMessage::ID_ENUM_BOUNDARY,
-      Extension::PermissionMessage::ID_ENUM_BOUNDARY + 1,
+      ExtensionPermissionMessage::kEnumBoundary,
+      ExtensionPermissionMessage::kEnumBoundary + 1,
       base::Histogram::kUmaTargetedHistogramFlag);
 
-  std::vector<Extension::PermissionMessage> permissions =
-      e->GetPermissionMessages();
+  ExtensionPermissionMessages permissions = e->GetPermissionMessages();
   if (permissions.empty()) {
-    counter->Add(Extension::PermissionMessage::ID_NONE);
+    counter->Add(ExtensionPermissionMessage::kNone);
   } else {
-    std::vector<Extension::PermissionMessage>::iterator it;
-    for (it = permissions.begin(); it != permissions.end(); ++it)
-      counter->Add(it->message_id());
+    for (ExtensionPermissionMessages::iterator it = permissions.begin();
+         it != permissions.end(); ++it)
+      counter->Add(it->id());
   }
 }
 
 void ExtensionService::LoadInstalledExtension(const ExtensionInfo& info,
                                               bool write_to_prefs) {
   std::string error;
   scoped_refptr<const Extension> extension(NULL);
   if (!extension_prefs_->IsExtensionAllowedByPolicy(info.extension_id)) {
     error = errors::kDisabledByPolicy;
   } else if (info.extension_manifest.get()) {
@@ skipping 698 matching lines @@
   // will record the permissions it recognized, not including "omnibox."
   // When upgrading to Chrome 10, "omnibox" will be recognized and Chrome
   // will disable the extension and prompt the user to approve the increase
   // in privileges. The extension could then release a new version that
   // removes the "omnibox" permission. When the user upgrades, Chrome will
   // still remember that "omnibox" had been granted, so that if the
   // extension once again includes "omnibox" in an upgrade, the extension
   // can upgrade without requiring this user's approval.
   const Extension* old = GetExtensionByIdInternal(extension->id(),
                                                   true, true, false);
-  bool granted_full_access;
-  std::set<std::string> granted_apis;
-  URLPatternSet granted_extent;
-
   bool is_extension_upgrade = old != NULL;
   bool is_privilege_increase = false;
 
   // We only record the granted permissions for INTERNAL extensions, since
   // they can't silently increase privileges.
   if (extension->location() == Extension::INTERNAL) {
     // Add all the recognized permissions if the granted permissions list
     // hasn't been initialized yet.
-    if (!extension_prefs_->GetGrantedPermissions(extension->id(),
-                                                 &granted_full_access,
-                                                 &granted_apis,
-                                                 &granted_extent)) {
-      GrantPermissions(extension);
-      CHECK(extension_prefs_->GetGrantedPermissions(extension->id(),
-                                                    &granted_full_access,
-                                                    &granted_apis,
-                                                    &granted_extent));
-    }
+    scoped_ptr<ExtensionPermissionSet> granted_permissions(
+        extension_prefs_->GetGrantedPermissions(extension->id()));
+    CHECK(granted_permissions.get());
 
     // Here, we check if an extension's privileges have increased in a manner
     // that requires the user's approval. This could occur because the browser
     // upgraded and recognized additional privileges, or an extension upgrades
     // to a version that requires additional privileges.
-    is_privilege_increase = Extension::IsPrivilegeIncrease(
-        granted_full_access, granted_apis, granted_extent, extension);
+    is_privilege_increase =
+        granted_permissions->HasLessPrivilegesThan(extension->permission_set());
   }
 
   if (is_extension_upgrade) {
     // Other than for unpacked extensions, CrxInstaller should have guaranteed
     // that we aren't downgrading.
     if (extension->location() != Extension::LOAD)
       CHECK(extension->version()->CompareTo(*(old->version())) >= 0);
 
     // Extensions get upgraded if the privileges are allowed to increase or
     // the privileges haven't increased.
@@ skipping 450 matching lines @@
 
 ExtensionService::NaClModuleInfoList::iterator
     ExtensionService::FindNaClModule(const GURL& url) {
   for (NaClModuleInfoList::iterator iter = nacl_module_list_.begin();
        iter != nacl_module_list_.end(); ++iter) {
     if (iter->url == url)
       return iter;
   }
   return nacl_module_list_.end();
 }