| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_prefs.h" | 5 #include "chrome/browser/extensions/extension_prefs.h" |
| 6 | 6 |
| 7 #include "base/string_number_conversions.h" | 7 #include "base/string_number_conversions.h" |
| 8 #include "base/string_util.h" | 8 #include "base/string_util.h" |
| 9 #include "base/utf_string_conversions.h" | 9 #include "base/utf_string_conversions.h" |
| 10 #include "chrome/browser/extensions/extension_pref_store.h" | 10 #include "chrome/browser/extensions/extension_pref_store.h" |
| (...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 95 | 95 |
| 96 // A preference for storing extra data sent in update checks for an extension. | 96 // A preference for storing extra data sent in update checks for an extension. |
| 97 const char kUpdateUrlData[] = "update_url_data"; | 97 const char kUpdateUrlData[] = "update_url_data"; |
| 98 | 98 |
| 99 // Whether the browser action is visible in the toolbar. | 99 // Whether the browser action is visible in the toolbar. |
| 100 const char kBrowserActionVisible[] = "browser_action_visible"; | 100 const char kBrowserActionVisible[] = "browser_action_visible"; |
| 101 | 101 |
| 102 // Preferences that hold which permissions the user has granted the extension. | 102 // Preferences that hold which permissions the user has granted the extension. |
| 103 // We explicitly keep track of these so that extensions can contain unknown | 103 // We explicitly keep track of these so that extensions can contain unknown |
| 104 // permissions, for backwards compatibility reasons, and we can still prompt | 104 // permissions, for backwards compatibility reasons, and we can still prompt |
| 105 // the user to accept them once recognized. | 105 // the user to accept them once recognized. We store the active permission |
| 106 const char kPrefGrantedAPIs[] = "granted_permissions.api"; | 106 // permissions because they may differ from those defined in the manifest. |
| 107 const char kPrefGrantedExplicitHosts[] = "granted_permissions.explicit_host"; | 107 const char kPrefActivePermissions[] = "active_permissions"; |
| 108 const char kPrefGrantedScriptableHosts[] = | 108 const char kPrefGrantedPermissions[] = "granted_permissions"; |
| 109 "granted_permissions.scriptable_host"; | 109 |
| 110 // The preference names for ExtensionPermissionSet values. |
| 111 const char kPrefAPIs[] = "api"; |
| 112 const char kPrefExplicitHosts[] = "explicit_host"; |
| 113 const char kPrefScriptableHosts[] = "scriptable_host"; |
| 110 | 114 |
| 111 // The preference names for the old granted permissions scheme. | 115 // The preference names for the old granted permissions scheme. |
| 112 const char kPrefOldGrantedFullAccess[] = "granted_permissions.full"; | 116 const char kPrefOldGrantedFullAccess[] = "granted_permissions.full"; |
| 113 const char kPrefOldGrantedHosts[] = "granted_permissions.host"; | 117 const char kPrefOldGrantedHosts[] = "granted_permissions.host"; |
| 114 const char kPrefOldGrantedAPIs[] = "granted_permissions.api"; | 118 const char kPrefOldGrantedAPIs[] = "granted_permissions.api"; |
| 115 | 119 |
| 116 // A preference that indicates when an extension was installed. | 120 // A preference that indicates when an extension was installed. |
| 117 const char kPrefInstallTime[] = "install_time"; | 121 const char kPrefInstallTime[] = "install_time"; |
| 118 | 122 |
| 119 // A preference that indicates whether the extension was installed from the | 123 // A preference that indicates whether the extension was installed from the |
| (...skipping 79 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 199 } | 203 } |
| 200 | 204 |
| 201 private: | 205 private: |
| 202 PrefService* prefs_; | 206 PrefService* prefs_; |
| 203 const std::string extension_id_; | 207 const std::string extension_id_; |
| 204 const std::string incognito_or_regular_path_; | 208 const std::string incognito_or_regular_path_; |
| 205 | 209 |
| 206 DISALLOW_COPY_AND_ASSIGN(ScopedExtensionControlledPrefUpdate); | 210 DISALLOW_COPY_AND_ASSIGN(ScopedExtensionControlledPrefUpdate); |
| 207 }; | 211 }; |
| 208 | 212 |
| 213 std::string JoinPrefs(std::string parent, const char* child) { |
| 214 return parent + "." + child; |
| 215 } |
| 216 |
| 209 } // namespace | 217 } // namespace |
| 210 | 218 |
| 211 ExtensionPrefs::ExtensionPrefs( | 219 ExtensionPrefs::ExtensionPrefs( |
| 212 PrefService* prefs, | 220 PrefService* prefs, |
| 213 const FilePath& root_dir, | 221 const FilePath& root_dir, |
| 214 ExtensionPrefValueMap* extension_pref_value_map) | 222 ExtensionPrefValueMap* extension_pref_value_map) |
| 215 : prefs_(prefs), | 223 : prefs_(prefs), |
| 216 install_directory_(root_dir), | 224 install_directory_(root_dir), |
| 217 extension_pref_value_map_(extension_pref_value_map), | 225 extension_pref_value_map_(extension_pref_value_map), |
| 218 content_settings_store_(new ExtensionContentSettingsStore()) { | 226 content_settings_store_(new ExtensionContentSettingsStore()) { |
| (...skipping 197 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 416 const std::string& pref_key, | 424 const std::string& pref_key, |
| 417 const URLPatternSet& new_value) { | 425 const URLPatternSet& new_value) { |
| 418 ListValue* value = new ListValue(); | 426 ListValue* value = new ListValue(); |
| 419 for (URLPatternSet::const_iterator i = new_value.begin(); | 427 for (URLPatternSet::const_iterator i = new_value.begin(); |
| 420 i != new_value.end(); ++i) | 428 i != new_value.end(); ++i) |
| 421 value->AppendIfNotPresent(Value::CreateStringValue(i->GetAsString())); | 429 value->AppendIfNotPresent(Value::CreateStringValue(i->GetAsString())); |
| 422 | 430 |
| 423 UpdateExtensionPref(extension_id, pref_key, value); | 431 UpdateExtensionPref(extension_id, pref_key, value); |
| 424 } | 432 } |
| 425 | 433 |
| 434 ExtensionPermissionSet* ExtensionPrefs::ReadExtensionPrefPermissionSet( |
| 435 const std::string& extension_id, |
| 436 const std::string& pref_key) { |
| 437 if (!GetExtensionPref(extension_id)) |
| 438 return NULL; |
| 439 |
| 440 // Retrieve the API permissions. |
| 441 ExtensionAPIPermissionSet apis; |
| 442 const ListValue* api_values = NULL; |
| 443 std::string api_pref = JoinPrefs(pref_key, kPrefAPIs); |
| 444 if (ReadExtensionPrefList(extension_id, api_pref, &api_values)) { |
| 445 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 446 for (size_t i = 0; i < api_values->GetSize(); ++i) { |
| 447 std::string permission_name; |
| 448 if (api_values->GetString(i, &permission_name)) { |
| 449 ExtensionAPIPermission *permission = info->GetByName(permission_name); |
| 450 if (permission) |
| 451 apis.insert(permission->id()); |
| 452 } |
| 453 } |
| 454 } |
| 455 |
| 456 // Retrieve the explicit host permissions. |
| 457 URLPatternSet explicit_hosts; |
| 458 ReadExtensionPrefURLPatternSet( |
| 459 extension_id, JoinPrefs(pref_key, kPrefExplicitHosts), |
| 460 &explicit_hosts, Extension::kValidHostPermissionSchemes); |
| 461 |
| 462 // Retrieve the scriptable host permissions. |
| 463 URLPatternSet scriptable_hosts; |
| 464 ReadExtensionPrefURLPatternSet( |
| 465 extension_id, JoinPrefs(pref_key, kPrefScriptableHosts), |
| 466 &scriptable_hosts, UserScript::kValidUserScriptSchemes); |
| 467 |
| 468 return new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts); |
| 469 } |
| 470 |
| 471 void ExtensionPrefs::SetExtensionPrefPermissionSet( |
| 472 const std::string& extension_id, |
| 473 const std::string& pref_key, |
| 474 const ExtensionPermissionSet* new_value) { |
| 475 // Set the API permissions. |
| 476 ListValue* api_values = new ListValue(); |
| 477 ExtensionAPIPermissionSet apis = new_value->apis(); |
| 478 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 479 std::string api_pref = JoinPrefs(pref_key, kPrefAPIs); |
| 480 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); |
| 481 i != apis.end(); ++i) { |
| 482 ExtensionAPIPermission* perm = info->GetByID(*i); |
| 483 if (perm) |
| 484 api_values->Append(Value::CreateStringValue(perm->name())); |
| 485 } |
| 486 UpdateExtensionPref(extension_id, api_pref, api_values); |
| 487 |
| 488 // Set the explicit host permissions. |
| 489 if (!new_value->explicit_hosts().is_empty()) { |
| 490 SetExtensionPrefURLPatternSet(extension_id, |
| 491 JoinPrefs(pref_key, kPrefExplicitHosts), |
| 492 new_value->explicit_hosts()); |
| 493 } |
| 494 |
| 495 // Set the scriptable host permissions. |
| 496 if (!new_value->scriptable_hosts().is_empty()) { |
| 497 SetExtensionPrefURLPatternSet(extension_id, |
| 498 JoinPrefs(pref_key, kPrefScriptableHosts), |
| 499 new_value->scriptable_hosts()); |
| 500 } |
| 501 } |
| 502 |
| 426 void ExtensionPrefs::SavePrefs() { | 503 void ExtensionPrefs::SavePrefs() { |
| 427 prefs_->ScheduleSavePersistentPrefs(); | 504 prefs_->ScheduleSavePersistentPrefs(); |
| 428 } | 505 } |
| 429 | 506 |
| 430 // static | 507 // static |
| 431 bool ExtensionPrefs::IsBlacklistBitSet(DictionaryValue* ext) { | 508 bool ExtensionPrefs::IsBlacklistBitSet(DictionaryValue* ext) { |
| 432 return ReadBooleanFromPref(ext, kPrefBlacklist); | 509 return ReadBooleanFromPref(ext, kPrefBlacklist); |
| 433 } | 510 } |
| 434 | 511 |
| 435 bool ExtensionPrefs::IsExtensionBlacklisted(const std::string& extension_id) { | 512 bool ExtensionPrefs::IsExtensionBlacklisted(const std::string& extension_id) { |
| (...skipping 195 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 631 | 708 |
| 632 // Remove the full access bit (empty list will get trimmed). | 709 // Remove the full access bit (empty list will get trimmed). |
| 633 UpdateExtensionPref( | 710 UpdateExtensionPref( |
| 634 *ext_id, kPrefOldGrantedFullAccess, new ListValue()); | 711 *ext_id, kPrefOldGrantedFullAccess, new ListValue()); |
| 635 | 712 |
| 636 // Add the plugin permission if the full access bit was set. | 713 // Add the plugin permission if the full access bit was set. |
| 637 if (full_access) { | 714 if (full_access) { |
| 638 ListValue* apis = NULL; | 715 ListValue* apis = NULL; |
| 639 ListValue* new_apis = NULL; | 716 ListValue* new_apis = NULL; |
| 640 | 717 |
| 641 if (ext->GetList(kPrefGrantedAPIs, &apis)) | 718 std::string granted_apis = |
| 719 JoinPrefs(kPrefGrantedPermissions, kPrefAPIs); |
| 720 if (ext->GetList(kPrefOldGrantedAPIs, &apis)) |
| 642 new_apis = apis->DeepCopy(); | 721 new_apis = apis->DeepCopy(); |
| 643 else | 722 else |
| 644 new_apis = new ListValue(); | 723 new_apis = new ListValue(); |
| 645 | 724 |
| 646 std::string plugin_name = info->GetByID( | 725 std::string plugin_name = info->GetByID( |
| 647 ExtensionAPIPermission::kPlugin)->name(); | 726 ExtensionAPIPermission::kPlugin)->name(); |
| 648 new_apis->Append(Value::CreateStringValue(plugin_name)); | 727 new_apis->Append(Value::CreateStringValue(plugin_name)); |
| 649 UpdateExtensionPref(*ext_id, kPrefGrantedAPIs, new_apis); | 728 UpdateExtensionPref(*ext_id, granted_apis, new_apis); |
| 650 } | 729 } |
| 651 | 730 |
| 652 // The granted permissions originally only held the effective hosts, | 731 // The granted permissions originally only held the effective hosts, |
| 653 // which are a combination of host and user script host permissions. | 732 // which are a combination of host and user script host permissions. |
| 654 // We now maintain these lists separately. For migration purposes, it | 733 // We now maintain these lists separately. For migration purposes, it |
| 655 // does not matter how we treat the old effective hosts as long as the | 734 // does not matter how we treat the old effective hosts as long as the |
| 656 // new effective hosts will be the same, so we move them to explicit | 735 // new effective hosts will be the same, so we move them to explicit |
| 657 // host permissions. | 736 // host permissions. |
| 658 ListValue* hosts; | 737 ListValue* hosts; |
| 738 std::string explicit_hosts = |
| 739 JoinPrefs(kPrefGrantedPermissions, kPrefExplicitHosts); |
| 659 if (ext->GetList(kPrefOldGrantedHosts, &hosts)) { | 740 if (ext->GetList(kPrefOldGrantedHosts, &hosts)) { |
| 660 UpdateExtensionPref( | 741 UpdateExtensionPref( |
| 661 *ext_id, kPrefGrantedExplicitHosts, hosts->DeepCopy()); | 742 *ext_id, explicit_hosts, hosts->DeepCopy()); |
| 662 | 743 |
| 663 // We can get rid of the old one by setting it to an empty list. | 744 // We can get rid of the old one by setting it to an empty list. |
| 664 UpdateExtensionPref(*ext_id, kPrefOldGrantedHosts, new ListValue()); | 745 UpdateExtensionPref(*ext_id, kPrefOldGrantedHosts, new ListValue()); |
| 665 } | 746 } |
| 666 } | 747 } |
| 667 } | 748 } |
| 668 | 749 |
| 669 ExtensionPermissionSet* ExtensionPrefs::GetGrantedPermissions( | 750 ExtensionPermissionSet* ExtensionPrefs::GetGrantedPermissions( |
| 670 const std::string& extension_id) { | 751 const std::string& extension_id) { |
| 671 CHECK(Extension::IdIsValid(extension_id)); | 752 CHECK(Extension::IdIsValid(extension_id)); |
| 672 | 753 return ReadExtensionPrefPermissionSet(extension_id, kPrefGrantedPermissions); |
| 673 const DictionaryValue* ext = GetExtensionPref(extension_id); | |
| 674 if (!ext) | |
| 675 return NULL; | |
| 676 | |
| 677 // Retrieve the API permissions. | |
| 678 ExtensionAPIPermissionSet apis; | |
| 679 const ListValue* api_values = NULL; | |
| 680 if (ReadExtensionPrefList(extension_id, kPrefGrantedAPIs, &api_values)) { | |
| 681 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | |
| 682 for (size_t i = 0; i < api_values->GetSize(); ++i) { | |
| 683 std::string permission_name; | |
| 684 if (api_values->GetString(i, &permission_name)) { | |
| 685 ExtensionAPIPermission *permission = info->GetByName(permission_name); | |
| 686 if (permission) | |
| 687 apis.insert(permission->id()); | |
| 688 } | |
| 689 } | |
| 690 } | |
| 691 | |
| 692 // Retrieve the explicit host permissions. | |
| 693 URLPatternSet explicit_hosts; | |
| 694 ReadExtensionPrefURLPatternSet( | |
| 695 extension_id, kPrefGrantedExplicitHosts, | |
| 696 &explicit_hosts, Extension::kValidHostPermissionSchemes); | |
| 697 | |
| 698 // Retrieve the scriptable host permissions. | |
| 699 URLPatternSet scriptable_hosts; | |
| 700 ReadExtensionPrefURLPatternSet( | |
| 701 extension_id, kPrefGrantedScriptableHosts, | |
| 702 &scriptable_hosts, UserScript::kValidUserScriptSchemes); | |
| 703 | |
| 704 return new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts); | |
| 705 } | 754 } |
| 706 | 755 |
| 707 void ExtensionPrefs::AddGrantedPermissions( | 756 void ExtensionPrefs::AddGrantedPermissions( |
| 708 const std::string& extension_id, | 757 const std::string& extension_id, |
| 709 const ExtensionPermissionSet* permissions) { | 758 const ExtensionPermissionSet* permissions) { |
| 710 CHECK(Extension::IdIsValid(extension_id)); | 759 CHECK(Extension::IdIsValid(extension_id)); |
| 711 | 760 |
| 712 scoped_ptr<ExtensionPermissionSet> granted_permissions( | 761 scoped_refptr<ExtensionPermissionSet> granted_permissions( |
| 713 GetGrantedPermissions(extension_id)); | 762 GetGrantedPermissions(extension_id)); |
| 714 | 763 |
| 715 // The new granted permissions are the union of the already granted | 764 // The new granted permissions are the union of the already granted |
| 716 // permissions and the newly granted permissions. | 765 // permissions and the newly granted permissions. |
| 717 scoped_ptr<ExtensionPermissionSet> new_perms( | 766 scoped_refptr<ExtensionPermissionSet> new_perms( |
| 718 ExtensionPermissionSet::CreateUnion( | 767 ExtensionPermissionSet::CreateUnion( |
| 719 permissions, granted_permissions.get())); | 768 permissions, granted_permissions.get())); |
| 720 | 769 |
| 721 // Set the API permissions. | 770 SetExtensionPrefPermissionSet( |
| 722 ListValue* api_values = new ListValue(); | 771 extension_id, kPrefGrantedPermissions, new_perms.get()); |
| 723 ExtensionAPIPermissionSet apis = new_perms->apis(); | 772 } |
| 724 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | |
| 725 for (ExtensionAPIPermissionSet::const_iterator i = apis.begin(); | |
| 726 i != apis.end(); ++i) { | |
| 727 ExtensionAPIPermission* perm = info->GetByID(*i); | |
| 728 if (perm) | |
| 729 api_values->Append(Value::CreateStringValue(perm->name())); | |
| 730 } | |
| 731 UpdateExtensionPref(extension_id, kPrefGrantedAPIs, api_values); | |
| 732 | 773 |
| 733 // Set the explicit host permissions. | 774 ExtensionPermissionSet* ExtensionPrefs::GetActivePermissions( |
| 734 if (!new_perms->explicit_hosts().is_empty()) { | 775 const std::string& extension_id) { |
| 735 SetExtensionPrefURLPatternSet(extension_id, | 776 CHECK(Extension::IdIsValid(extension_id)); |
| 736 kPrefGrantedExplicitHosts, | 777 return ReadExtensionPrefPermissionSet(extension_id, kPrefActivePermissions); |
| 737 new_perms->explicit_hosts()); | 778 } |
| 738 } | |
| 739 | 779 |
| 740 // Set the scriptable host permissions. | 780 void ExtensionPrefs::SetActivePermissions( |
| 741 if (!new_perms->scriptable_hosts().is_empty()) { | 781 const std::string& extension_id, |
| 742 SetExtensionPrefURLPatternSet(extension_id, | 782 const ExtensionPermissionSet* permissions) { |
| 743 kPrefGrantedScriptableHosts, | 783 SetExtensionPrefPermissionSet( |
| 744 new_perms->scriptable_hosts()); | 784 extension_id, kPrefActivePermissions, permissions); |
| 745 } | |
| 746 } | 785 } |
| 747 | 786 |
| 748 bool ExtensionPrefs::IsIncognitoEnabled(const std::string& extension_id) { | 787 bool ExtensionPrefs::IsIncognitoEnabled(const std::string& extension_id) { |
| 749 return ReadExtensionPrefBoolean(extension_id, kPrefIncognitoEnabled); | 788 return ReadExtensionPrefBoolean(extension_id, kPrefIncognitoEnabled); |
| 750 } | 789 } |
| 751 | 790 |
| 752 void ExtensionPrefs::SetIsIncognitoEnabled(const std::string& extension_id, | 791 void ExtensionPrefs::SetIsIncognitoEnabled(const std::string& extension_id, |
| 753 bool enabled) { | 792 bool enabled) { |
| 754 UpdateExtensionPref(extension_id, kPrefIncognitoEnabled, | 793 UpdateExtensionPref(extension_id, kPrefIncognitoEnabled, |
| 755 Value::CreateBooleanValue(enabled)); | 794 Value::CreateBooleanValue(enabled)); |
| (...skipping 869 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1625 prefs->RegisterListPref(prefs::kExtensionInstallAllowList, | 1664 prefs->RegisterListPref(prefs::kExtensionInstallAllowList, |
| 1626 PrefService::UNSYNCABLE_PREF); | 1665 PrefService::UNSYNCABLE_PREF); |
| 1627 prefs->RegisterListPref(prefs::kExtensionInstallDenyList, | 1666 prefs->RegisterListPref(prefs::kExtensionInstallDenyList, |
| 1628 PrefService::UNSYNCABLE_PREF); | 1667 PrefService::UNSYNCABLE_PREF); |
| 1629 prefs->RegisterListPref(prefs::kExtensionInstallForceList, | 1668 prefs->RegisterListPref(prefs::kExtensionInstallForceList, |
| 1630 PrefService::UNSYNCABLE_PREF); | 1669 PrefService::UNSYNCABLE_PREF); |
| 1631 prefs->RegisterStringPref(kWebStoreLogin, | 1670 prefs->RegisterStringPref(kWebStoreLogin, |
| 1632 std::string() /* default_value */, | 1671 std::string() /* default_value */, |
| 1633 PrefService::UNSYNCABLE_PREF); | 1672 PrefService::UNSYNCABLE_PREF); |
| 1634 } | 1673 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 7432006:
Add an experimental permissions API for extensions. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src