Add an experimental permissions API for extensions.

chrome/renderer/extensions/extension_dispatcher.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/renderer/extensions/extension_dispatcher.h"
 
 #include "base/command_line.h"
 #include "chrome/common/child_process_logging.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_messages.h"
+#include "chrome/common/extensions/extension_permission_set.h"
 #include "chrome/common/url_constants.h"
 #include "chrome/renderer/extensions/chrome_app_bindings.h"
 #include "chrome/renderer/extensions/event_bindings.h"
 #include "chrome/renderer/extensions/extension_groups.h"
 #include "chrome/renderer/extensions/extension_process_bindings.h"
 #include "chrome/renderer/extensions/js_only_v8_extensions.h"
 #include "chrome/renderer/extensions/renderer_extension_bindings.h"
 #include "chrome/renderer/extensions/user_script_slave.h"
 #include "content/renderer/render_thread.h"
 #include "third_party/WebKit/Source/WebKit/chromium/public/WebDataSource.h"
@@ skipping 36 matching lines @@
   bool handled = true;
   IPC_BEGIN_MESSAGE_MAP(ExtensionDispatcher, message)
     IPC_MESSAGE_HANDLER(ExtensionMsg_MessageInvoke, OnMessageInvoke)
     IPC_MESSAGE_HANDLER(ExtensionMsg_SetFunctionNames, OnSetFunctionNames)
     IPC_MESSAGE_HANDLER(ExtensionMsg_Loaded, OnLoaded)
     IPC_MESSAGE_HANDLER(ExtensionMsg_Unloaded, OnUnloaded)
     IPC_MESSAGE_HANDLER(ExtensionMsg_SetScriptingWhitelist,
                         OnSetScriptingWhitelist)
     IPC_MESSAGE_HANDLER(ExtensionMsg_ActivateExtension, OnActivateExtension)
     IPC_MESSAGE_HANDLER(ExtensionMsg_ActivateApplication, OnActivateApplication)
+    IPC_MESSAGE_HANDLER(ExtensionMsg_UpdatePermissions, OnUpdatePermissions)
     IPC_MESSAGE_HANDLER(ExtensionMsg_UpdateUserScripts, OnUpdateUserScripts)
     IPC_MESSAGE_UNHANDLED(handled = false)
   IPC_END_MESSAGE_MAP()
 
   return handled;
 }
 
 void ExtensionDispatcher::WebKitInitialized() {
   // For extensions, we want to ensure we call the IdleHandler every so often,
   // even if the extension keeps up activity.
@@ skipping 64 matching lines @@
   scoped_refptr<const Extension> extension(params.ConvertToExtension());
   if (!extension) {
     // This can happen if extension parsing fails for any reason. One reason
     // this can legitimately happen is if the
     // --enable-experimental-extension-apis changes at runtime, which happens
     // during browser tests. Existing renderers won't know about the change.
     return;
   }
 
   extensions_.Insert(extension);
+  extension->SetActivePermissions(params.GetActivePermissions());
 }
 
 void ExtensionDispatcher::OnUnloaded(const std::string& id) {
   extensions_.Remove(id);
   // If the extension is later reloaded with a different set of permissions,
   // we'd like it to get a new isolated world ID, so that it can pick up the
   // changed origin whitelist.
   UserScriptSlave::RemoveIsolatedWorld(id);
 }
 
@@ skipping 75 matching lines @@
 void ExtensionDispatcher::InitHostPermissions(const Extension* extension) {
   if (extension->HasAPIPermission(ExtensionAPIPermission::kManagement)) {
     WebSecurityPolicy::addOriginAccessWhitelistEntry(
         extension->url(),
         WebString::fromUTF8(chrome::kChromeUIScheme),
         WebString::fromUTF8(chrome::kChromeUIExtensionIconHost),
         false);
   }
 
   const URLPatternSet& permissions =
-      extension->permission_set()->explicit_hosts();
+      extension->GetActivePermissions()->explicit_hosts();
   for (URLPatternSet::const_iterator i = permissions.begin();
        i != permissions.end(); ++i) {
     const char* schemes[] = {
       chrome::kHttpScheme,
       chrome::kHttpsScheme,
       chrome::kFileScheme,
       chrome::kChromeUIScheme,
     };
     for (size_t j = 0; j < arraysize(schemes); ++j) {
       if (i->MatchesScheme(schemes[j])) {
         WebSecurityPolicy::addOriginAccessWhitelistEntry(
             extension->url(),
             WebString::fromUTF8(schemes[j]),
             WebString::fromUTF8(i->host()),
             i->match_subdomains());
       }
     }
   }
 }
 
+void ExtensionDispatcher::OnUpdatePermissions(
+    const std::string& extension_id,
+    const ExtensionAPIPermissionSet& apis,
+    const URLPatternSet& explicit_hosts,
+    const URLPatternSet& scriptable_hosts) {
+  const Extension* extension = extensions_.GetByID(extension_id);
+  if (!extension)
+    return;
+
+  extension->SetActivePermissions(
+      new ExtensionPermissionSet(apis, explicit_hosts, scriptable_hosts));
+}
+
 void ExtensionDispatcher::OnUpdateUserScripts(
     base::SharedMemoryHandle scripts) {
   DCHECK(base::SharedMemory::IsHandleValid(scripts)) << "Bad scripts handle";
   user_script_slave_->UpdateScripts(scripts);
   UpdateActiveExtensions();
 }
 
 void ExtensionDispatcher::UpdateActiveExtensions() {
   // In single-process mode, the browser process reports the active extensions.
   if (CommandLine::ForCurrentProcess()->HasSwitch(switches::kSingleProcess))
     return;
 
   std::set<std::string> active_extensions = active_extension_ids_;
   user_script_slave_->GetActiveExtensions(&active_extensions);
   child_process_logging::SetActiveExtensions(active_extensions);
 }
 
 void ExtensionDispatcher::RegisterExtension(v8::Extension* extension,
                                             bool restrict_to_extensions) {
   if (restrict_to_extensions)
     restricted_v8_extensions_.insert(extension->name());
 
   RenderThread::current()->RegisterExtension(extension);
 }