Start refractoring extension permissions into ExtensionPermissionSet.

chrome/common/extensions/extension_permission_set.h

+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_
+#define CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_
+#pragma once
+
+#include <map>
+#include <set>
+#include <string>
+#include <vector>
+
+#include "base/gtest_prod_util.h"
+#include "base/memory/singleton.h"
+#include "base/string16.h"
+#include "chrome/common/extensions/url_pattern.h"
+#include "chrome/common/extensions/url_pattern_set.h"
+
+class DictionaryValue;
+class Extension;
+class ExtensionPermissionsInfo;
+class ExtensionPrefs;
+class ListValue;
+
+// When prompting the user to install or approve permissions, we display
+// messages describing the effects of the permissions and not the permissions
+// themselves. Each ExtensionPermissionMessage represents one of the messages
+// shown to the user.
+class ExtensionPermissionMessage {
+ public:
+  // Do not reorder or add new enumerations in this list. If you need to add a
+  // new enum, add it just prior to ID_ENUM_BOUNDARY and enter its l10n
+  // message in kMessageIds.
+  enum MessageId {
+    ID_UNKNOWN,
+    ID_NONE,
+    ID_BOOKMARKS,
+    ID_GEOLOCATION,
+    ID_BROWSING_HISTORY,
+    ID_TABS,
+    ID_MANAGEMENT,
+    ID_DEBUGGER,
+    ID_HOSTS_1,
+    ID_HOSTS_2,
+    ID_HOSTS_3,
+    ID_HOSTS_4_OR_MORE,
+    ID_HOSTS_ALL,
+    ID_FULL_ACCESS,
+    ID_CLIPBOARD,
+    ID_ENUM_BOUNDARY
+  };
+
+  // Creates the corresponding permission message for a list of hosts.
+  static ExtensionPermissionMessage CreateFromHostList(
+      const std::vector<std::string> hosts);
+
+  ExtensionPermissionMessage(MessageId message_id, string16 message_);
+
+  // Gets the id of the permission message, which can be used in UMA
+  // histograms.
+  MessageId message_id() const { return message_id_; }
+
+  // Gets a localized message describing this permission. Please note that
+  // the message will be empty for message types TYPE_NONE and TYPE_UNKNOWN.
+  const string16& message() const { return message_; }
+
+  // Comparator to work with std::set.
+  bool operator<(const ExtensionPermissionMessage& that) const {
+    return message_id_ < that.message_id_;
+  }
+
+ private:
+  MessageId message_id_;
+  string16 message_;
+};
+
+typedef std::vector<ExtensionPermissionMessage> ExtensionPermissionMessages;
+
+
+// The ExtensionAPIPermission is an immutable class that describes a single
+// API permission.
+class ExtensionAPIPermission {
+ public:
+  static const ExtensionAPIPermission& Background();

[Matt Perry, 2011/06/09 22:28:42]

Most consumers don't need to access the internal bits of the
ExtensionAPIPermission structure. Rather they just need a way to refer to the
"bookmarks" permission, or to distinguish between 2 permissions.

Given that, I think it'd be simpler to just return an opaque handle that
represents a permission. An enum would be best:
enum {
  kBackground,
  kBookmark,
  ....,
  // (works nicely for aliases too)
  kOldUnlimitedStorage = kUnlimitedStoage,
  kWindow = kTab
}

Then ExtensionAPIPermissionInfo singleton could have methods for looking up the
ExtensionAPIPermission from the ID.

+  static const ExtensionAPIPermission& Bookmark();
+  static const ExtensionAPIPermission& ClipboardRead();
+  static const ExtensionAPIPermission& ClipboardWrite();
+  static const ExtensionAPIPermission& ContentSettings();
+  static const ExtensionAPIPermission& ContextMenus();
+  static const ExtensionAPIPermission& Cookie();
+  static const ExtensionAPIPermission& ChromePrivate();
+  static const ExtensionAPIPermission& ChromeosInfoPrivate();
+  static const ExtensionAPIPermission& Debugger();
+  static const ExtensionAPIPermission& Experimental();
+  static const ExtensionAPIPermission& FileBrowserHandler();
+  static const ExtensionAPIPermission& FileBrowserPrivate();
+  static const ExtensionAPIPermission& Geolocation();
+  static const ExtensionAPIPermission& History();
+  static const ExtensionAPIPermission& Idle();
+  static const ExtensionAPIPermission& Management();
+  static const ExtensionAPIPermission& MediaPlayerPrivate();
+  static const ExtensionAPIPermission& Notification();
+  static const ExtensionAPIPermission& Proxy();
+  static const ExtensionAPIPermission& Tab();
+  static const ExtensionAPIPermission& UnlimitedStorage();
+  static const ExtensionAPIPermission& WebSocketProxyPrivate();
+  static const ExtensionAPIPermission& WebstorePrivate();
+
+  // Returns the set of all ExtensionAPIPermissions.
+  static std::set<ExtensionAPIPermission> GetAll();
+
+  // Gets the permission with the given |name| and returns NULL if none exists.
+  static ExtensionAPIPermission* GetByName(std::string name);
+
+  // Converts the set of permission names into a set of ExtensionAPIPermissions,
+  // discarding any permissions with invalid names.
+  static std::set<ExtensionAPIPermission> GetAllByName(
+      const std::set<std::string>& permissions_str);
+
+  ~ExtensionAPIPermission();
+
+  // Gets the total number of API permissions.
+  static size_t permission_count() { return permission_count_; }
+
+  // Gets the total number of API permissions available to hosted apps.
+  static size_t hosted_app_permission_count() {
+    return hosted_app_permission_count_;
+  }
+
+  // Returns the localized permission message associated with this api.
+  ExtensionPermissionMessage GetMessage() const;
+
+  // Returns the message id associated with this permission.
+  ExtensionPermissionMessage::MessageId message_id() const {
+    return message_id_;
+  }
+
+  // Returns the name of this permission.
+  const char* name() const { return name_; }
+
+  // Returns true if this permission can be accessed by hosted apps.
+  bool is_hosted_app() const { return is_hosted_app_; }
+
+  // Returns true if this permission can only be acquired by COMPONENT
+  // extensions.
+  bool is_component_only() const { return is_component_only_; }
+
+  bool operator==(const ExtensionAPIPermission& permission) const;
+  bool operator<(const ExtensionAPIPermission& permission) const;
+
+ private:
+  static size_t permission_count_;
+  static size_t hosted_app_permission_count_;
+
+  explicit ExtensionAPIPermission(
+      ExtensionPermissionsInfo* info,
+      const char* name,
+      bool is_hosted_app,
+      bool is_component_only,
+      int l10n_message_id,
+      ExtensionPermissionMessage::MessageId message_id);
+
+  const char* name_;
+  bool is_hosted_app_;
+  bool is_component_only_;
+  int l10n_message_id_;
+  ExtensionPermissionMessage::MessageId message_id_;
+
+  friend class ExtensionPermissionsInfo;
+};
+
+// Singleton that holds the extension permission instances, so that the static
+// method accessors (e.g. ExtensionAPIPermission::Background()) can return const
+// refs.
+class ExtensionPermissionsInfo {
+ public:
+  static ExtensionPermissionsInfo* GetInstance();
+  ~ExtensionPermissionsInfo();
+
+ private:
+  ExtensionPermissionsInfo();
+
+  // A map from names to api permissions.
+  typedef std::map<std::string, ExtensionAPIPermission*> PermissionMap;
+
+  PermissionMap permissions_;
+
+  ExtensionAPIPermission background_;
+  ExtensionAPIPermission bookmark_;
+  ExtensionAPIPermission clipboard_read_;
+  ExtensionAPIPermission clipboard_write_;
+  ExtensionAPIPermission content_settings_;
+  ExtensionAPIPermission context_menus_;
+  ExtensionAPIPermission cookie_;
+  ExtensionAPIPermission chrome_private_;
+  ExtensionAPIPermission chromeos_info_private_;
+  ExtensionAPIPermission debugger_;
+  ExtensionAPIPermission experimental_;
+  ExtensionAPIPermission file_browser_handler_;
+  ExtensionAPIPermission file_browser_private_;
+  ExtensionAPIPermission geolocation_;
+  ExtensionAPIPermission history_;
+  ExtensionAPIPermission idle_;
+  ExtensionAPIPermission management_;
+  ExtensionAPIPermission media_player_private_;
+  ExtensionAPIPermission notification_;
+  ExtensionAPIPermission proxy_;
+  ExtensionAPIPermission tab_;
+  ExtensionAPIPermission unlimited_storage_;
+  ExtensionAPIPermission web_socket_proxy_private_;
+  ExtensionAPIPermission webstore_private_;
+
+  friend class ExtensionAPIPermission;
+  friend struct DefaultSingletonTraits<ExtensionPermissionsInfo>;
+  DISALLOW_COPY_AND_ASSIGN(ExtensionPermissionsInfo);
+};
+
+// The ExtensionPermissionSet is an immutable class that encapsulates an
+// extension's permissions. The class exposes set operations for combining and
+//  manipulating the permissions.
+class ExtensionPermissionSet {
+ public:
+  // Creates an empty permission set (e.g. default permissions).
+  ExtensionPermissionSet();
+
+  // Creates a new permission set based on the |extension| manifest data, and
+  // the api and host permissions (|apis| and |hosts|).
+  ExtensionPermissionSet(Extension* extension,
+                         std::set<ExtensionAPIPermission> apis,
+                         URLPatternList hosts);
+
+  ExtensionPermissionSet(bool full_access,
+                         std::set<ExtensionAPIPermission> apis,
+                         URLPatternSet effective_hosts);
+
+  ~ExtensionPermissionSet();
+
+  // Creates a new permission set that's the union of |set1| and |set2|.
+  // Passes ownership of the new set to the caller.
+  static ExtensionPermissionSet* CreateUnion(
+      const ExtensionPermissionSet& set1, const ExtensionPermissionSet& set2);
+
+  // Creates a new permission set that's equal to |set1| - |set2|.
+  // Passes ownership of the new set to the caller.
+  static ExtensionPermissionSet* CreateDifference(
+      const ExtensionPermissionSet& set1, const ExtensionPermissionSet& set2);
+
+  // Creates a new permission set that's the intersection of |set1| and |set2|.
+  // Passes ownership of the new set to the caller.
+  static ExtensionPermissionSet* CreateIntersection(
+      const ExtensionPermissionSet& set1, const ExtensionPermissionSet& set2);
+
+  // Returns true if |set| is a subset of this.
+  bool Contains(const ExtensionPermissionSet& set) const;
+
+  // Gets the API permissions in this set as a set of strings.
+  std::set<std::string> GetAPIsAsStrings() const;
+
+  // Gets a list of the distinct hosts for displaying to the user.
+  // NOTE: do not use this for comparing permissions, since this disgards some
+  // information.
+  std::vector<std::string> GetDistinctHostsForDisplay() const;
+
+  // Gets the localized permission messages that represent this set.
+  ExtensionPermissionMessages GetPermissionMessages() const;
+
+  // Gets the localized permission messages that represent this set (represented
+  // as strings).
+  std::vector<string16> GetWarningMessages() const;
+
+  // Returns true if this is an empty set (e.g., the default permission set).
+  bool IsEmpty() const;
+
+  // Returns true if the set has the specified API permission.
+  bool HasAPIPermission(const ExtensionAPIPermission& permission) const;
+
+  // Returns true if the permissions in this set grant access to the specified
+  // |function_name|.
+  bool HasAccessToFunction(const std::string& function_name) const;
+
+  // Returns true if this permission set includes access to |origin|.
+  bool HasAccessToHost(const GURL& origin) const;
+
+  // Returns true if this permission set includes effective access to all
+  // origins.
+  bool HasEffectiveAccessToAllHosts() const;
+
+  // Returns true if this permission set includes permissions that are
+  // restricted to internal extensions.
+  bool HasPrivatePermissions() const;
+
+  // Returns true if |permissions| has a greater privilege level than this
+  // permission set (e.g., this permission set has less permissions).
+  bool HasLessPrivilegesThan(const ExtensionPermissionSet& permissions);
+
+  const std::set<ExtensionAPIPermission>& apis() const { return apis_; }
+
+  const URLPatternSet& effective_hosts() const { return effective_hosts_; }
+
+  bool native_code() const { return native_code_; }
+
+ private:
+  FRIEND_TEST_ALL_PREFIXES(ExtensionPermissionSetTest,
+                           HasLessHostPrivilegesThan);
+
+  static std::vector<std::string> GetDistinctHosts(
+      const URLPatternList& host_patterns, bool include_rcd);
+
+  void InitFromExtension(Extension* extension, const URLPatternList& hosts);
+
+  string16 GetHostPermissionMessage() const;
+
+  std::set<ExtensionPermissionMessage> GetSimplePermissionMessages() const;
+
+  bool HasLessAPIPrivilegesThan(
+      const ExtensionPermissionSet& permissions);
+
+  bool HasLessHostPrivilegesThan(
+      const ExtensionPermissionSet& permissions);
+
+  std::set<ExtensionAPIPermission> apis_;
+
+  URLPatternSet effective_hosts_;
+
+  bool native_code_;
+
+};
+
+#endif  // CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_