Loosen error reporting for hosted app permissions.

chrome/common/extensions/extension.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/extension.h"
 
 #include <algorithm>
 
 #include "base/base64.h"
 #include "base/basictypes.h"
@@ skipping 2553 matching lines @@
       if (!permissions->GetString(i, &permission_str)) {
         *error = ExtensionErrorUtils::FormatErrorMessage(
             errors::kInvalidPermission, base::IntToString(i));
         return false;
       }
 
       ExtensionAPIPermission* permission =
           ExtensionPermissionsInfo::GetInstance()->GetByName(permission_str);
 
       if (permission != NULL) {
-        if (!CanSpecifyAPIPermission(permission, error))
+        if (CanSpecifyAPIPermission(permission, error))
+          api_permissions->insert(permission->id());
+        if (!error->empty())

[jstritar, 2011/10/31 19:16:19]

nit: I think you can make this 'else if', but it doesn't really matter.

           return false;
-        api_permissions->insert(permission->id());
         continue;
       }
 
       // Check if it's a host pattern permission.
       URLPattern pattern = URLPattern(CanExecuteScriptEverywhere() ?
           URLPattern::SCHEME_ALL : kValidHostPermissionSchemes);
 
       URLPattern::ParseResult parse_result = pattern.Parse(permission_str,
                                                            parse_strictness);
       if (parse_result == URLPattern::PARSE_SUCCESS) {
@@ skipping 214 matching lines @@
 
   if (permission->id() == ExtensionAPIPermission::kExperimental) {
     if (!CanSpecifyExperimentalPermission()) {
       *error = errors::kExperimentalFlagRequired;
       return false;
     }
   }
 
   if (is_hosted_app()) {
     if (!CanSpecifyPermissionForHostedApp(permission)) {
-      *error = ExtensionErrorUtils::FormatErrorMessage(
-          errors::kPermissionNotAllowed, permission->name());
+      // Some old versions of Chrome did not return errors here and we ended up
+      // with extensions in the store containing bad data: crbug.com/101993.
+      //
+      // TODO(aa): Consider just being a lot looser when loading and installing
+      // extensions. We can be strict when packing and in development mode. Then
+      // we won't have to maintain all these tricky backward compat issues:
+      // crbug.com/102328.
+      if (creation_flags_ & STRICT_ERROR_CHECKS) {
+        *error = ExtensionErrorUtils::FormatErrorMessage(
+            errors::kPermissionNotAllowed, permission->name());
+      }
       return false;
     }
   }
 
   return true;
 }
 
 bool Extension::CanSpecifyComponentOnlyPermission() const {
   // Only COMPONENT extensions can use private APIs.
   // TODO(asargent) - We want a more general purpose mechanism for this,
@@ skipping 180 matching lines @@
     already_disabled(false),
     extension(extension) {}
 
 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo(
     const Extension* extension,
     const ExtensionPermissionSet* permissions,
     Reason reason)
     : reason(reason),
       extension(extension),
       permissions(permissions) {}