Start refractoring extension permissions into ExtensionPermissionSet.

chrome/browser/extensions/extension_prefs.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/extension_prefs.h"
 
 #include "base/string_number_conversions.h"
 #include "base/string_util.h"
 #include "base/utf_string_conversions.h"
 #include "chrome/browser/extensions/extension_pref_store.h"
@@ skipping 439 matching lines @@
   for (size_t i = 0; i < value->GetSize(); ++i) {
     std::string item;
     if (!value->GetString(i, &item))
       return false;
     result->insert(item);
   }
 
   return true;
 }
 
-void ExtensionPrefs::AddToExtensionPrefStringSet(
+void ExtensionPrefs::SetExtensionPrefStringSet(
     const std::string& extension_id,
     const std::string& pref_key,
-    const std::set<std::string>& added_value) {
-  std::set<std::string> old_value;
-  std::set<std::string> new_value;
-  ReadExtensionPrefStringSet(extension_id, pref_key, &old_value);
-
-  std::set_union(old_value.begin(), old_value.end(),
-                 added_value.begin(), added_value.end(),
-                 std::inserter(new_value, new_value.begin()));
-
+    const std::set<std::string>& new_value) {
   ListValue* value = new ListValue();
   for (std::set<std::string>::const_iterator iter = new_value.begin();
        iter != new_value.end(); ++iter)
     value->Append(Value::CreateStringValue(*iter));
 
   UpdateExtensionPref(extension_id, pref_key, value);
 }
 
 void ExtensionPrefs::SavePrefs() {
   prefs_->ScheduleSavePersistentPrefs();
@@ skipping 181 matching lines @@
     return result;
   return false;
 }
 
 void ExtensionPrefs::SetActiveBit(const std::string& extension_id,
                                   bool active) {
   UpdateExtensionPref(extension_id, kActiveBit,
                       Value::CreateBooleanValue(active));
 }
 
-bool ExtensionPrefs::GetGrantedPermissions(
-    const std::string& extension_id,
-    bool* full_access,
-    std::set<std::string>* api_permissions,
-    URLPatternSet* host_extent) {
+ExtensionPermissionSet* ExtensionPrefs::GetGrantedPermissions(
+    const std::string& extension_id, bool* initialized) {
   CHECK(Extension::IdIsValid(extension_id));
 
+  bool full_access;
   const DictionaryValue* ext = GetExtensionPref(extension_id);
-  if (!ext || !ext->GetBoolean(kPrefGrantedPermissionsAll, full_access))
-    return false;
+  if (!ext || !ext->GetBoolean(kPrefGrantedPermissionsAll, &full_access)) {
+    if (initialized != NULL)
+      *initialized = false;
+    return new ExtensionPermissionSet();
+  }
 
+  if (initialized != NULL)
+    *initialized = true;
+
+  std::set<std::string> api_permissions_str;
   ReadExtensionPrefStringSet(
-      extension_id, kPrefGrantedPermissionsAPI, api_permissions);
+      extension_id, kPrefGrantedPermissionsAPI, &api_permissions_str);
+  std::set<ExtensionAPIPermission> api_permissions =
+      ExtensionAPIPermission::GetAllByName(api_permissions_str);
 
-  std::set<std::string> host_permissions;
+  std::set<std::string> host_permissions_str;
+  URLPatternSet host_extent;
   ReadExtensionPrefStringSet(
-      extension_id, kPrefGrantedPermissionsHost, &host_permissions);
+      extension_id, kPrefGrantedPermissionsHost, &host_permissions_str);
   bool allow_file_access = AllowFileAccess(extension_id);
 
   // The granted host permissions contain hosts from the manifest's
   // "permissions" array and from the content script "matches" arrays,
   // so the URLPattern needs to accept valid schemes from both types.
-  for (std::set<std::string>::iterator i = host_permissions.begin();
-       i != host_permissions.end(); ++i) {
+  for (std::set<std::string>::iterator i = host_permissions_str.begin();
+       i != host_permissions_str.end(); ++i) {
     URLPattern pattern(
         Extension::kValidHostPermissionSchemes |
         UserScript::kValidUserScriptSchemes);
 
     // Parse without strict checks, so that new strict checks do not
     // fail on a pattern in an installed extension.
     if (URLPattern::PARSE_SUCCESS != pattern.Parse(
             *i, URLPattern::PARSE_LENIENT)) {
       NOTREACHED();  // Corrupt prefs?  Hand editing?
     } else {
       if (!allow_file_access && pattern.MatchesScheme(chrome::kFileScheme)) {
         pattern.set_valid_schemes(
             pattern.valid_schemes() & ~URLPattern::SCHEME_FILE);
       }
-      host_extent->AddPattern(pattern);
+      host_extent.AddPattern(pattern);
     }
   }
 
-  return true;
+  return new ExtensionPermissionSet(full_access, api_permissions, host_extent);
 }
 
 void ExtensionPrefs::AddGrantedPermissions(
     const std::string& extension_id,
-    const bool full_access,
-    const std::set<std::string>& api_permissions,
-    const URLPatternSet& host_extent) {
+    const ExtensionPermissionSet& permissions) {
   CHECK(Extension::IdIsValid(extension_id));
 
+  scoped_ptr<ExtensionPermissionSet> granted_permissions(
+      GetGrantedPermissions(extension_id, NULL));
+
+  // The granted permissions are now the union of the already granted
+  // permissions and the newly granted permissions.
+  scoped_ptr<ExtensionPermissionSet> new_perms(
+      ExtensionPermissionSet::CreateUnion(permissions, *granted_permissions));
+
+  // Set the full access (native code) bit.
   UpdateExtensionPref(extension_id, kPrefGrantedPermissionsAll,
-                      Value::CreateBooleanValue(full_access));
+                      Value::CreateBooleanValue(new_perms->native_code()));
 
-  if (!api_permissions.empty()) {
-    AddToExtensionPrefStringSet(
-        extension_id, kPrefGrantedPermissionsAPI, api_permissions);
-  }
+  // Set the api permissions.
+  if (!new_perms->apis().empty())
+    SetExtensionPrefStringSet(extension_id, kPrefGrantedPermissionsAPI,
+                              new_perms->GetAPIsAsStrings());
 
-  if (!host_extent.is_empty()) {
-    std::set<std::string> host_permissions;
-    ExtentToStringSet(host_extent, &host_permissions);
-
-    AddToExtensionPrefStringSet(
-        extension_id, kPrefGrantedPermissionsHost, host_permissions);
+  // Set the host permissions.
+  if (!new_perms->effective_hosts().is_empty()) {
+    std::set<std::string> hosts;
+    ExtentToStringSet(new_perms->effective_hosts(), &hosts);
+    SetExtensionPrefStringSet(extension_id, kPrefGrantedPermissionsHost, hosts);
   }
 }
 
 bool ExtensionPrefs::IsIncognitoEnabled(const std::string& extension_id) {
   return ReadExtensionPrefBoolean(extension_id, kPrefIncognitoEnabled);
 }
 
 void ExtensionPrefs::SetIsIncognitoEnabled(const std::string& extension_id,
                                            bool enabled) {
   UpdateExtensionPref(extension_id, kPrefIncognitoEnabled,
@@ skipping 846 matching lines @@
   prefs->RegisterListPref(prefs::kExtensionInstallAllowList,
                           PrefService::UNSYNCABLE_PREF);
   prefs->RegisterListPref(prefs::kExtensionInstallDenyList,
                           PrefService::UNSYNCABLE_PREF);
   prefs->RegisterListPref(prefs::kExtensionInstallForceList,
                           PrefService::UNSYNCABLE_PREF);
   prefs->RegisterStringPref(kWebStoreLogin,
                             std::string() /* default_value */,
                             PrefService::UNSYNCABLE_PREF);
 }