| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_prefs.h" | 5 #include "chrome/browser/extensions/extension_prefs.h" |
| 6 | 6 |
| 7 #include "base/string_number_conversions.h" | 7 #include "base/string_number_conversions.h" |
| 8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
| 9 #include "base/utf_string_conversions.h" | 9 #include "base/utf_string_conversions.h" |
| 10 #include "chrome/browser/extensions/extension_pref_store.h" | 10 #include "chrome/browser/extensions/extension_pref_store.h" |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 95 | 95 |
| 96 // A preference for storing extra data sent in update checks for an extension. | 96 // A preference for storing extra data sent in update checks for an extension. |
| 97 const char kUpdateUrlData[] = "update_url_data"; | 97 const char kUpdateUrlData[] = "update_url_data"; |
| 98 | 98 |
| 99 // Whether the browser action is visible in the toolbar. | 99 // Whether the browser action is visible in the toolbar. |
| 100 const char kBrowserActionVisible[] = "browser_action_visible"; | 100 const char kBrowserActionVisible[] = "browser_action_visible"; |
| 101 | 101 |
| 102 // Preferences that hold which permissions the user has granted the extension. | 102 // Preferences that hold which permissions the user has granted the extension. |
| 103 // We explicitly keep track of these so that extensions can contain unknown | 103 // We explicitly keep track of these so that extensions can contain unknown |
| 104 // permissions, for backwards compatibility reasons, and we can still prompt | 104 // permissions, for backwards compatibility reasons, and we can still prompt |
| 105 // the user to accept them once recognized. | 105 // the user to accept them once recognized. We store the active permission |
| 106 const char kPrefGrantedAPIs[] = "granted_permissions.api"; | 106 // permissions because they may differ from those defined in the manifest. |
| 107 const char kPrefGrantedExplicitHosts[] = "granted_permissions.explicit_host"; | 107 const char kPrefActivePermissions[] = "active_permissions"; |
| 108 const char kPrefGrantedScriptableHosts[] = | 108 const char kPrefGrantedPermissions[] = "granted_permissions"; |
| 109 "granted_permissions.scriptable_host"; | 109 |
| 110 // The preference names for ExtensionPermissionSet values. |
| 111 const char kPrefAPIs[] = "api"; |
| 112 const char kPrefExplicitHosts[] = "explicit_host"; |
| 113 const char kPrefScriptableHosts[] = "scriptable_host"; |
| 110 | 114 |
| 111 // The preference names for the old granted permissions scheme. | 115 // The preference names for the old granted permissions scheme. |
| 112 const char kPrefOldGrantedFullAccess[] = "granted_permissions.full"; | 116 const char kPrefOldGrantedFullAccess[] = "granted_permissions.full"; |
| 113 const char kPrefOldGrantedHosts[] = "granted_permissions.host"; | 117 const char kPrefOldGrantedHosts[] = "granted_permissions.host"; |
| 114 const char kPrefOldGrantedAPIs[] = "granted_permissions.api"; | 118 const char kPrefOldGrantedAPIs[] = "granted_permissions.api"; |
| 115 | 119 |
| 116 // A preference that indicates when an extension was installed. | 120 // A preference that indicates when an extension was installed. |
| 117 const char kPrefInstallTime[] = "install_time"; | 121 const char kPrefInstallTime[] = "install_time"; |
| 118 | 122 |
| 119 // A preference that indicates whether the extension was installed from the | 123 // A preference that indicates whether the extension was installed from the |
| (...skipping 75 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 195 } | 199 } |
| 196 | 200 |
| 197 private: | 201 private: |
| 198 PrefService* prefs_; | 202 PrefService* prefs_; |
| 199 const std::string extension_id_; | 203 const std::string extension_id_; |
| 200 const std::string incognito_or_regular_path_; | 204 const std::string incognito_or_regular_path_; |
| 201 | 205 |
| 202 DISALLOW_COPY_AND_ASSIGN(ScopedExtensionControlledPrefUpdate); | 206 DISALLOW_COPY_AND_ASSIGN(ScopedExtensionControlledPrefUpdate); |
| 203 }; | 207 }; |
| 204 | 208 |
| 209 std::string JoinPrefs(std::string parent, const char* child) { |
| 210 return parent + "." + child; |
| 211 } |
| 212 |
| 205 } // namespace | 213 } // namespace |
| 206 | 214 |
| 207 ExtensionPrefs::ExtensionPrefs( | 215 ExtensionPrefs::ExtensionPrefs( |
| 208 PrefService* prefs, | 216 PrefService* prefs, |
| 209 const FilePath& root_dir, | 217 const FilePath& root_dir, |
| 210 ExtensionPrefValueMap* extension_pref_value_map) | 218 ExtensionPrefValueMap* extension_pref_value_map) |
| 211 : prefs_(prefs), | 219 : prefs_(prefs), |
| 212 install_directory_(root_dir), | 220 install_directory_(root_dir), |
| 213 extension_pref_value_map_(extension_pref_value_map), | 221 extension_pref_value_map_(extension_pref_value_map), |
| 214 content_settings_store_(new ExtensionContentSettingsStore()) { | 222 content_settings_store_(new ExtensionContentSettingsStore()) { |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 412 const std::string& pref_key, | 420 const std::string& pref_key, |
| 413 const URLPatternSet& new_value) { | 421 const URLPatternSet& new_value) { |
| 414 ListValue* value = new ListValue(); | 422 ListValue* value = new ListValue(); |
| 415 for (URLPatternSet::const_iterator i = new_value.begin(); | 423 for (URLPatternSet::const_iterator i = new_value.begin(); |
| 416 i != new_value.end(); ++i) | 424 i != new_value.end(); ++i) |
| 417 value->AppendIfNotPresent(Value::CreateStringValue(i->GetAsString())); | 425 value->AppendIfNotPresent(Value::CreateStringValue(i->GetAsString())); |
| 418 | 426 |
| 419 UpdateExtensionPref(extension_id, pref_key, value); | 427 UpdateExtensionPref(extension_id, pref_key, value); |
| 420 } | 428 } |
| 421 | 429 |
| 430 ExtensionPermissionSet* ExtensionPrefs::ReadExtensionPrefPermissionSet( |
| 431 const std::string& extension_id, |
| 432 const std::string& pref_key) { |
| 433 if (!GetExtensionPref(extension_id)) |
| 434 return NULL; |
| 435 |
| 436 // Retrieve the API permissions. |
| 437 ExtensionAPIPermissionSet apis; |
| 438 const ListValue* api_values = NULL; |
| 439 std::string api_pref = JoinPrefs(pref_key, kPrefAPIs); |
| 440 if (ReadExtensionPrefList(extension_id, api_pref, &api_values)) { |
| 441 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 442 for (size_t i = 0; i < api_values->GetSize(); ++i) { |
| 443 std::string permission_name; |
| 444 if (api_values->GetString(i, &permission_name)) { |
| 445 ExtensionAPIPermission *permission = info->GetByName(permission_name); |
| 446 if (permission) |
| 447 apis.insert(permission->id()); |
| 448 } |
| 449 } |
| 450 } |
| 451 |
| 452 // Retrieve the explicit host permissions. |
| 453 URLPatternSet explicit_hosts; |
| 454 ReadExtensionPrefURLPatternSet( |
| 455 extension_id, JoinPrefs(pref_key, kPrefExplicitHosts), |
| 456 &explicit_hosts, Extension::kValidHostPermissionSchemes); |
| 457 |
| 458 // Retrieve the scriptable host permissions. |
| 459 URLPatternSet scriptable_hosts; |
| 460 ReadExtensionPrefURLPatternSet( |
| 461 extension_id, JoinPrefs(pref_key, kPrefScriptableHosts), |
| 462 &scriptable_hosts, UserScript::kValidUserScriptSchemes); |
| 463 |
| 464 return new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts); |
| 465 } |
| 466 |
| 467 void ExtensionPrefs::SetExtensionPrefPermissionSet( |
| 468 const std::string& extension_id, |
| 469 const std::string& pref_key, |
| 470 const ExtensionPermissionSet* new_value) { |
| 471 // Set the API permissions. |
| 472 ListValue* api_values = new ListValue(); |
| 473 ExtensionAPIPermissionSet apis = new_value->apis(); |
| 474 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 475 std::string api_pref = JoinPrefs(pref_key, kPrefAPIs); |
| 476 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); |
| 477 i != apis.end(); ++i) { |
| 478 ExtensionAPIPermission* perm = info->GetByID(*i); |
| 479 if (perm) |
| 480 api_values->Append(Value::CreateStringValue(perm->name())); |
| 481 } |
| 482 UpdateExtensionPref(extension_id, api_pref, api_values); |
| 483 |
| 484 // Set the explicit host permissions. |
| 485 if (!new_value->explicit_hosts().is_empty()) { |
| 486 SetExtensionPrefURLPatternSet(extension_id, |
| 487 JoinPrefs(pref_key, kPrefExplicitHosts), |
| 488 new_value->explicit_hosts()); |
| 489 } |
| 490 |
| 491 // Set the scriptable host permissions. |
| 492 if (!new_value->scriptable_hosts().is_empty()) { |
| 493 SetExtensionPrefURLPatternSet(extension_id, |
| 494 JoinPrefs(pref_key, kPrefScriptableHosts), |
| 495 new_value->scriptable_hosts()); |
| 496 } |
| 497 } |
| 498 |
| 422 void ExtensionPrefs::SavePrefs() { | 499 void ExtensionPrefs::SavePrefs() { |
| 423 prefs_->ScheduleSavePersistentPrefs(); | 500 prefs_->ScheduleSavePersistentPrefs(); |
| 424 } | 501 } |
| 425 | 502 |
| 426 // static | 503 // static |
| 427 bool ExtensionPrefs::IsBlacklistBitSet(DictionaryValue* ext) { | 504 bool ExtensionPrefs::IsBlacklistBitSet(DictionaryValue* ext) { |
| 428 return ReadBooleanFromPref(ext, kPrefBlacklist); | 505 return ReadBooleanFromPref(ext, kPrefBlacklist); |
| 429 } | 506 } |
| 430 | 507 |
| 431 bool ExtensionPrefs::IsExtensionBlacklisted(const std::string& extension_id) { | 508 bool ExtensionPrefs::IsExtensionBlacklisted(const std::string& extension_id) { |
| (...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 627 | 704 |
| 628 // Remove the full access bit (empty list will get trimmed). | 705 // Remove the full access bit (empty list will get trimmed). |
| 629 UpdateExtensionPref( | 706 UpdateExtensionPref( |
| 630 *ext_id, kPrefOldGrantedFullAccess, new ListValue()); | 707 *ext_id, kPrefOldGrantedFullAccess, new ListValue()); |
| 631 | 708 |
| 632 // Add the plugin permission if the full access bit was set. | 709 // Add the plugin permission if the full access bit was set. |
| 633 if (full_access) { | 710 if (full_access) { |
| 634 ListValue* apis = NULL; | 711 ListValue* apis = NULL; |
| 635 ListValue* new_apis = NULL; | 712 ListValue* new_apis = NULL; |
| 636 | 713 |
| 637 if (ext->GetList(kPrefGrantedAPIs, &apis)) | 714 std::string granted_apis = |
| 715 JoinPrefs(kPrefGrantedPermissions, kPrefAPIs); |
| 716 if (ext->GetList(kPrefOldGrantedAPIs, &apis)) |
| 638 new_apis = apis->DeepCopy(); | 717 new_apis = apis->DeepCopy(); |
| 639 else | 718 else |
| 640 new_apis = new ListValue(); | 719 new_apis = new ListValue(); |
| 641 | 720 |
| 642 std::string plugin_name = info->GetByID( | 721 std::string plugin_name = info->GetByID( |
| 643 ExtensionAPIPermission::kPlugin)->name(); | 722 ExtensionAPIPermission::kPlugin)->name(); |
| 644 new_apis->Append(Value::CreateStringValue(plugin_name)); | 723 new_apis->Append(Value::CreateStringValue(plugin_name)); |
| 645 UpdateExtensionPref(*ext_id, kPrefGrantedAPIs, new_apis); | 724 UpdateExtensionPref(*ext_id, granted_apis, new_apis); |
| 646 } | 725 } |
| 647 | 726 |
| 648 // The granted permissions originally only held the effective hosts, | 727 // The granted permissions originally only held the effective hosts, |
| 649 // which are a combination of host and user script host permissions. | 728 // which are a combination of host and user script host permissions. |
| 650 // We now maintain these lists separately. For migration purposes, it | 729 // We now maintain these lists separately. For migration purposes, it |
| 651 // does not matter how we treat the old effective hosts as long as the | 730 // does not matter how we treat the old effective hosts as long as the |
| 652 // new effective hosts will be the same, so we move them to explicit | 731 // new effective hosts will be the same, so we move them to explicit |
| 653 // host permissions. | 732 // host permissions. |
| 654 ListValue* hosts; | 733 ListValue* hosts; |
| 734 std::string explicit_hosts = |
| 735 JoinPrefs(kPrefGrantedPermissions, kPrefExplicitHosts); |
| 655 if (ext->GetList(kPrefOldGrantedHosts, &hosts)) { | 736 if (ext->GetList(kPrefOldGrantedHosts, &hosts)) { |
| 656 UpdateExtensionPref( | 737 UpdateExtensionPref( |
| 657 *ext_id, kPrefGrantedExplicitHosts, hosts->DeepCopy()); | 738 *ext_id, explicit_hosts, hosts->DeepCopy()); |
| 658 | 739 |
| 659 // We can get rid of the old one by setting it to an empty list. | 740 // We can get rid of the old one by setting it to an empty list. |
| 660 UpdateExtensionPref(*ext_id, kPrefOldGrantedHosts, new ListValue()); | 741 UpdateExtensionPref(*ext_id, kPrefOldGrantedHosts, new ListValue()); |
| 661 } | 742 } |
| 662 } | 743 } |
| 663 } | 744 } |
| 664 | 745 |
| 665 ExtensionPermissionSet* ExtensionPrefs::GetGrantedPermissions( | 746 ExtensionPermissionSet* ExtensionPrefs::GetGrantedPermissions( |
| 666 const std::string& extension_id) { | 747 const std::string& extension_id) { |
| 667 CHECK(Extension::IdIsValid(extension_id)); | 748 CHECK(Extension::IdIsValid(extension_id)); |
| 668 | 749 return ReadExtensionPrefPermissionSet(extension_id, kPrefGrantedPermissions); |
| 669 const DictionaryValue* ext = GetExtensionPref(extension_id); | |
| 670 if (!ext) | |
| 671 return NULL; | |
| 672 | |
| 673 // Retrieve the API permissions. | |
| 674 ExtensionAPIPermissionSet apis; | |
| 675 const ListValue* api_values = NULL; | |
| 676 if (ReadExtensionPrefList(extension_id, kPrefGrantedAPIs, &api_values)) { | |
| 677 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | |
| 678 for (size_t i = 0; i < api_values->GetSize(); ++i) { | |
| 679 std::string permission_name; | |
| 680 if (api_values->GetString(i, &permission_name)) { | |
| 681 ExtensionAPIPermission *permission = info->GetByName(permission_name); | |
| 682 if (permission) | |
| 683 apis.insert(permission->id()); | |
| 684 } | |
| 685 } | |
| 686 } | |
| 687 | |
| 688 // Retrieve the explicit host permissions. | |
| 689 URLPatternSet explicit_hosts; | |
| 690 ReadExtensionPrefURLPatternSet( | |
| 691 extension_id, kPrefGrantedExplicitHosts, | |
| 692 &explicit_hosts, Extension::kValidHostPermissionSchemes); | |
| 693 | |
| 694 // Retrieve the scriptable host permissions. | |
| 695 URLPatternSet scriptable_hosts; | |
| 696 ReadExtensionPrefURLPatternSet( | |
| 697 extension_id, kPrefGrantedScriptableHosts, | |
| 698 &scriptable_hosts, UserScript::kValidUserScriptSchemes); | |
| 699 | |
| 700 return new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts); | |
| 701 } | 750 } |
| 702 | 751 |
| 703 void ExtensionPrefs::AddGrantedPermissions( | 752 void ExtensionPrefs::AddGrantedPermissions( |
| 704 const std::string& extension_id, | 753 const std::string& extension_id, |
| 705 const ExtensionPermissionSet* permissions) { | 754 const ExtensionPermissionSet* permissions) { |
| 706 CHECK(Extension::IdIsValid(extension_id)); | 755 CHECK(Extension::IdIsValid(extension_id)); |
| 707 | 756 |
| 708 scoped_ptr<ExtensionPermissionSet> granted_permissions( | 757 scoped_ptr<ExtensionPermissionSet> granted_permissions( |
| 709 GetGrantedPermissions(extension_id)); | 758 GetGrantedPermissions(extension_id)); |
| 710 | 759 |
| 711 // The new granted permissions are the union of the already granted | 760 // The new granted permissions are the union of the already granted |
| 712 // permissions and the newly granted permissions. | 761 // permissions and the newly granted permissions. |
| 713 scoped_ptr<ExtensionPermissionSet> new_perms( | 762 scoped_ptr<ExtensionPermissionSet> new_perms( |
| 714 ExtensionPermissionSet::CreateUnion( | 763 ExtensionPermissionSet::CreateUnion( |
| 715 permissions, granted_permissions.get())); | 764 permissions, granted_permissions.get())); |
| 716 | 765 |
| 717 // Set the API permissions. | 766 SetExtensionPrefPermissionSet( |
| 718 ListValue* api_values = new ListValue(); | 767 extension_id, kPrefGrantedPermissions, new_perms.get()); |
| 719 ExtensionAPIPermissionSet apis = new_perms->apis(); | 768 } |
| 720 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | |
| 721 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); | |
| 722 i != apis.end(); ++i) { | |
| 723 ExtensionAPIPermission* perm = info->GetByID(*i); | |
| 724 if (perm) | |
| 725 api_values->Append(Value::CreateStringValue(perm->name())); | |
| 726 } | |
| 727 UpdateExtensionPref(extension_id, kPrefGrantedAPIs, api_values); | |
| 728 | 769 |
| 729 // Set the explicit host permissions. | 770 ExtensionPermissionSet* ExtensionPrefs::GetActivePermissions( |
| 730 if (!new_perms->explicit_hosts().is_empty()) { | 771 const std::string& extension_id) { |
| 731 SetExtensionPrefURLPatternSet(extension_id, | 772 CHECK(Extension::IdIsValid(extension_id)); |
| 732 kPrefGrantedExplicitHosts, | 773 return ReadExtensionPrefPermissionSet(extension_id, kPrefActivePermissions); |
| 733 new_perms->explicit_hosts()); | 774 } |
| 734 } | |
| 735 | 775 |
| 736 // Set the scriptable host permissions. | 776 void ExtensionPrefs::SetActivePermissions( |
| 737 if (!new_perms->scriptable_hosts().is_empty()) { | 777 const std::string& extension_id, |
| 738 SetExtensionPrefURLPatternSet(extension_id, | 778 const ExtensionPermissionSet* permissions) { |
| 739 kPrefGrantedScriptableHosts, | 779 SetExtensionPrefPermissionSet( |
| 740 new_perms->scriptable_hosts()); | 780 extension_id, kPrefActivePermissions, permissions); |
| 741 } | |
| 742 } | 781 } |
| 743 | 782 |
| 744 bool ExtensionPrefs::IsIncognitoEnabled(const std::string& extension_id) { | 783 bool ExtensionPrefs::IsIncognitoEnabled(const std::string& extension_id) { |
| 745 return ReadExtensionPrefBoolean(extension_id, kPrefIncognitoEnabled); | 784 return ReadExtensionPrefBoolean(extension_id, kPrefIncognitoEnabled); |
| 746 } | 785 } |
| 747 | 786 |
| 748 void ExtensionPrefs::SetIsIncognitoEnabled(const std::string& extension_id, | 787 void ExtensionPrefs::SetIsIncognitoEnabled(const std::string& extension_id, |
| 749 bool enabled) { | 788 bool enabled) { |
| 750 UpdateExtensionPref(extension_id, kPrefIncognitoEnabled, | 789 UpdateExtensionPref(extension_id, kPrefIncognitoEnabled, |
| 751 Value::CreateBooleanValue(enabled)); | 790 Value::CreateBooleanValue(enabled)); |
| (...skipping 858 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1610 prefs->RegisterListPref(prefs::kExtensionInstallAllowList, | 1649 prefs->RegisterListPref(prefs::kExtensionInstallAllowList, |
| 1611 PrefService::UNSYNCABLE_PREF); | 1650 PrefService::UNSYNCABLE_PREF); |
| 1612 prefs->RegisterListPref(prefs::kExtensionInstallDenyList, | 1651 prefs->RegisterListPref(prefs::kExtensionInstallDenyList, |
| 1613 PrefService::UNSYNCABLE_PREF); | 1652 PrefService::UNSYNCABLE_PREF); |
| 1614 prefs->RegisterListPref(prefs::kExtensionInstallForceList, | 1653 prefs->RegisterListPref(prefs::kExtensionInstallForceList, |
| 1615 PrefService::UNSYNCABLE_PREF); | 1654 PrefService::UNSYNCABLE_PREF); |
| 1616 prefs->RegisterStringPref(kWebStoreLogin, | 1655 prefs->RegisterStringPref(kWebStoreLogin, |
| 1617 std::string() /* default_value */, | 1656 std::string() /* default_value */, |
| 1618 PrefService::UNSYNCABLE_PREF); | 1657 PrefService::UNSYNCABLE_PREF); |
| 1619 } | 1658 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7432006:
Add an experimental permissions API for extensions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src