Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(234)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/extension_permission_set.cc

Issue 8598022: Restrict access to permissions based on extension types. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: . Created 9 years ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« chrome/browser/renderer_host/chrome_render_view_host_observer.cc ('K') | « chrome/common/extensions/extension_permission_set.h ('k') | chrome/common/extensions/extension_permission_set_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension_permission_set.h" 5 #include "chrome/common/extensions/extension_permission_set.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 #include <string> 8 #include <string>
9 9
10 #include "base/memory/singleton.h" 10 #include "base/memory/singleton.h"
(...skipping 142 matching lines...) Expand 10 before | Expand all | Expand 10 after
153 ExtensionPermissionMessage ExtensionAPIPermission::GetMessage() const { 153 ExtensionPermissionMessage ExtensionAPIPermission::GetMessage() const {
154 return ExtensionPermissionMessage( 154 return ExtensionPermissionMessage(
155 message_id_, l10n_util::GetStringUTF16(l10n_message_id_)); 155 message_id_, l10n_util::GetStringUTF16(l10n_message_id_));
156 } 156 }
157 157
158 ExtensionAPIPermission::ExtensionAPIPermission( 158 ExtensionAPIPermission::ExtensionAPIPermission(
159 ID id, 159 ID id,
160 const char* name, 160 const char* name,
161 int l10n_message_id, 161 int l10n_message_id,
162 ExtensionPermissionMessage::ID message_id, 162 ExtensionPermissionMessage::ID message_id,
163 int flags) 163 int flags,
164 int type_restrictions)
164 : id_(id), 165 : id_(id),
165 name_(name), 166 name_(name),
166 flags_(flags), 167 flags_(flags),
168 type_restrictions_(type_restrictions),
167 l10n_message_id_(l10n_message_id), 169 l10n_message_id_(l10n_message_id),
168 message_id_(message_id) { 170 message_id_(message_id) {}
169 }
170 171
171 ExtensionAPIPermission::~ExtensionAPIPermission() { 172 ExtensionAPIPermission::~ExtensionAPIPermission() {}
173
174 // static
175 void ExtensionAPIPermission::RegisterAllPermissions(
176 ExtensionPermissionsInfo* info) {
177
178 // Register hosted app permissions.
179 info->RegisterPermission(
180 kBackground, "background", 0,
181 ExtensionPermissionMessage::kNone, kFlagSupportsOptional, kTypeAll);
182 info->RegisterPermission(
183 kClipboardRead, "clipboardRead", IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
184 ExtensionPermissionMessage::kClipboard, kFlagSupportsOptional, kTypeAll);
185 info->RegisterPermission(
186 kClipboardWrite, "clipboardWrite", 0,
187 ExtensionPermissionMessage::kNone, kFlagSupportsOptional, kTypeAll);
188 info->RegisterPermission(
189 kChromePrivate, "chromePrivate", 0,
190 ExtensionPermissionMessage::kNone, kFlagNone,
191 kTypeAll - kTypePlatformApp);
192 info->RegisterPermission(
193 kExperimental, "experimental", 0,
194 ExtensionPermissionMessage::kNone, kFlagNone, kTypeAll);
195 info->RegisterPermission(
196 kGeolocation, "geolocation", IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
197 ExtensionPermissionMessage::kGeolocation, kFlagNone, kTypeAll);
198 info->RegisterPermission(
199 kNotification, "notifications", 0,
200 ExtensionPermissionMessage::kNone, kFlagSupportsOptional, kTypeAll);
201 info->RegisterPermission(
202 kUnlimitedStorage, "unlimitedStorage", 0,
203 ExtensionPermissionMessage::kNone, kFlagNone, kTypeAll);
204
205 // Hosted app and private permissions.
206 info->RegisterPermission(
207 kChromeAuthPrivate, "chromeAuthPrivate", 0,
208 ExtensionPermissionMessage::kNone, kFlagComponentOnly,
209 kTypeAll - kTypePlatformApp);
210 info->RegisterPermission(
211 kWebstorePrivate, "webstorePrivate", 0,
212 ExtensionPermissionMessage::kNone, kFlagComponentOnly, kTypeAll);
213
214 // Register extension permissions.
215 info->RegisterPermission(
216 kBookmark, "bookmarks", IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
217 ExtensionPermissionMessage::kBookmarks,
218 kFlagSupportsOptional, kTypeDefault);
219 info->RegisterPermission(
220 kContentSettings, "contentSettings",
221 IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
222 ExtensionPermissionMessage::kContentSettings, kFlagNone, kTypeDefault);
223 info->RegisterPermission(
224 kContextMenus, "contextMenus", 0,
225 ExtensionPermissionMessage::kNone, kFlagSupportsOptional, kTypeDefault);
226 info->RegisterPermission(
227 kCookie, "cookies", 0,
228 ExtensionPermissionMessage::kNone, kFlagSupportsOptional,
229 kTypeDefault - kTypePlatformApp);
230 info->RegisterPermission(
231 kDebugger, "debugger", IDS_EXTENSION_PROMPT_WARNING_DEBUGGER,
232 ExtensionPermissionMessage::kDebugger,
233 kFlagSupportsOptional, kTypeDefault);
234 info->RegisterPermission(
235 kFileBrowserHandler, "fileBrowserHandler", 0,
236 ExtensionPermissionMessage::kNone, kFlagNone, kTypeDefault);
237 info->RegisterPermission(
238 kHistory, "history", IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY,
239 ExtensionPermissionMessage::kBrowsingHistory,
240 kFlagSupportsOptional, kTypeDefault);
241 info->RegisterPermission(
242 kIdle, "idle", 0, ExtensionPermissionMessage::kNone,
243 kFlagSupportsOptional, kTypeDefault);
244 info->RegisterPermission(
245 kInputMethodPrivate, "inputMethodPrivate", 0,
246 ExtensionPermissionMessage::kNone, kFlagNone, kTypeDefault);
247 info->RegisterPermission(
248 kManagement, "management", IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
249 ExtensionPermissionMessage::kManagement,
250 kFlagSupportsOptional, kTypeDefault);
251 info->RegisterPermission(
252 kTab, "tabs", IDS_EXTENSION_PROMPT_WARNING_TABS,
253 ExtensionPermissionMessage::kTabs, kFlagSupportsOptional,
254 kTypeDefault - kTypePlatformApp);
255 info->RegisterPermission(
256 kTts, "tts", 0,
257 ExtensionPermissionMessage::kNone, kFlagNone, kTypeDefault);
258 info->RegisterPermission(
259 kTtsEngine, "ttsEngine", IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
260 ExtensionPermissionMessage::kTtsEngine, kFlagNone, kTypeDefault);
261 info->RegisterPermission(
262 kWebNavigation, "webNavigation", 0,
263 ExtensionPermissionMessage::kNone, kFlagNone,
264 kTypeDefault - kTypePlatformApp);
265 info->RegisterPermission(
266 kWebRequest, "webRequest", 0,
267 ExtensionPermissionMessage::kNone, kFlagNone,
268 kTypeDefault - kTypePlatformApp);
269 info->RegisterPermission(
270 kWebRequestBlocking, "webRequestBlocking", 0,
271 ExtensionPermissionMessage::kNone, kFlagNone,
272 kTypeDefault - kTypePlatformApp);
273 info->RegisterPermission(
274 kWebSocketProxyPrivate, "webSocketProxyPrivate", 0,
275 ExtensionPermissionMessage::kNone, kFlagNone,
276 kTypeDefault - kTypePlatformApp);
277
278 // Register private permissions.
279 info->RegisterPermission(
280 kChromeosInfoPrivate, "chromeosInfoPrivate", 0,
281 ExtensionPermissionMessage::kNone, kFlagComponentOnly, kTypeDefault);
282 info->RegisterPermission(
283 kFileBrowserPrivate, "fileBrowserPrivate", 0,
284 ExtensionPermissionMessage::kNone, kFlagComponentOnly, kTypeDefault);
285 info->RegisterPermission(
286 kMediaPlayerPrivate, "mediaPlayerPrivate", 0,
287 ExtensionPermissionMessage::kNone, kFlagComponentOnly, kTypeDefault);
288 info->RegisterPermission(
289 kMetricsPrivate, "metricsPrivate", 0,
290 ExtensionPermissionMessage::kNone, kFlagComponentOnly, kTypeDefault);
291
292 // Full url access permissions.
293 info->RegisterPermission(
294 kProxy, "proxy", 0, ExtensionPermissionMessage::kNone,
295 kFlagImpliesFullURLAccess, kTypeDefault);
296
297 info->RegisterPermission(
298 kDevtools, "devtools", 0, ExtensionPermissionMessage::kNone,
299 kFlagImpliesFullURLAccess, kTypeDefault);
300
301 info->RegisterPermission(
302 kPlugin, "plugin", IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
303 ExtensionPermissionMessage::kFullAccess,
304 kFlagImpliesFullURLAccess | kFlagImpliesFullAccess, kTypeDefault);
305
306 // Platform-app permissions.
307 info->RegisterPermission(
308 kSocket, "socket", 0,
309 ExtensionPermissionMessage::kNone, kFlagNone, kTypePlatformApp);
310
311 // Register aliases.
312 info->RegisterAlias("unlimitedStorage", kOldUnlimitedStoragePermission);
313 info->RegisterAlias("tabs", kWindowsPermission);
172 } 314 }
173 315
174 // 316 //
175 // ExtensionPermissionsInfo 317 // ExtensionPermissionsInfo
176 // 318 //
177 319
178 // static 320 // static
179 ExtensionPermissionsInfo* ExtensionPermissionsInfo::GetInstance() { 321 ExtensionPermissionsInfo* ExtensionPermissionsInfo::GetInstance() {
180 return Singleton<ExtensionPermissionsInfo>::get(); 322 return Singleton<ExtensionPermissionsInfo>::get();
181 } 323 }
(...skipping 29 matching lines...) Expand all
211 } 353 }
212 354
213 ExtensionPermissionsInfo::~ExtensionPermissionsInfo() { 355 ExtensionPermissionsInfo::~ExtensionPermissionsInfo() {
214 for (IDMap::iterator i = id_map_.begin(); i != id_map_.end(); ++i) 356 for (IDMap::iterator i = id_map_.begin(); i != id_map_.end(); ++i)
215 delete i->second; 357 delete i->second;
216 } 358 }
217 359
218 ExtensionPermissionsInfo::ExtensionPermissionsInfo() 360 ExtensionPermissionsInfo::ExtensionPermissionsInfo()
219 : hosted_app_permission_count_(0), 361 : hosted_app_permission_count_(0),
220 permission_count_(0) { 362 permission_count_(0) {
221 // Map the permissions flags to shorter names for convenience. 363 ExtensionAPIPermission::RegisterAllPermissions(this);
222 int none = ExtensionAPIPermission::kFlagNone;
223 int hosted_app = ExtensionAPIPermission::kFlagHostedApp;
224 int component_only = ExtensionAPIPermission::kFlagComponentOnly;
225 int full_access = ExtensionAPIPermission::kFlagImpliesFullAccess;
226 int all_urls = ExtensionAPIPermission::kFlagImpliesFullURLAccess;
227 int platform_app_only = ExtensionAPIPermission::kFlagPlatformAppOnly;
228
229 // Note: please update the permissions API documentation when modifying which
230 // permissions can be specified as optional.
231 int optional = ExtensionAPIPermission::kFlagSupportsOptional;
232
233 // Hosted app permissions
234 RegisterPermission(
235 ExtensionAPIPermission::kBackground, "background", 0,
236 ExtensionPermissionMessage::kNone, hosted_app | optional);
237 RegisterPermission(
238 ExtensionAPIPermission::kClipboardRead, "clipboardRead",
239 IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
240 ExtensionPermissionMessage::kClipboard, hosted_app | optional);
241 RegisterPermission(
242 ExtensionAPIPermission::kClipboardWrite, "clipboardWrite", 0,
243 ExtensionPermissionMessage::kNone, hosted_app | optional);
244 RegisterPermission(
245 ExtensionAPIPermission::kChromePrivate, "chromePrivate", 0,
246 ExtensionPermissionMessage::kNone, hosted_app);
247 RegisterPermission(
248 ExtensionAPIPermission::kExperimental, "experimental", 0,
249 ExtensionPermissionMessage::kNone, hosted_app);
250 RegisterPermission(
251 ExtensionAPIPermission::kGeolocation, "geolocation",
252 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
253 ExtensionPermissionMessage::kGeolocation, hosted_app);
254 RegisterPermission(
255 ExtensionAPIPermission::kNotification, "notifications", 0,
256 ExtensionPermissionMessage::kNone, hosted_app | optional);
257 RegisterPermission(
258 ExtensionAPIPermission::kUnlimitedStorage, "unlimitedStorage", 0,
259 ExtensionPermissionMessage::kNone, hosted_app);
260
261 // Hosted app and private permissions.
262 RegisterPermission(
263 ExtensionAPIPermission::kChromeAuthPrivate, "chromeAuthPrivate", 0,
264 ExtensionPermissionMessage::kNone, hosted_app | component_only);
265 RegisterPermission(
266 ExtensionAPIPermission::kWebstorePrivate, "webstorePrivate", 0,
267 ExtensionPermissionMessage::kNone, hosted_app | component_only);
268
269 // Extension permissions.
270 RegisterPermission(
271 ExtensionAPIPermission::kBookmark, "bookmarks",
272 IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
273 ExtensionPermissionMessage::kBookmarks, optional);
274 RegisterPermission(
275 ExtensionAPIPermission::kContentSettings, "contentSettings",
276 IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
277 ExtensionPermissionMessage::kContentSettings, none);
278 RegisterPermission(
279 ExtensionAPIPermission::kContextMenus, "contextMenus", 0,
280 ExtensionPermissionMessage::kNone, optional);
281 RegisterPermission(
282 ExtensionAPIPermission::kCookie, "cookies", 0,
283 ExtensionPermissionMessage::kNone, optional);
284 RegisterPermission(
285 ExtensionAPIPermission::kDebugger, "debugger",
286 IDS_EXTENSION_PROMPT_WARNING_DEBUGGER,
287 ExtensionPermissionMessage::kDebugger, optional);
288 RegisterPermission(
289 ExtensionAPIPermission::kFileBrowserHandler, "fileBrowserHandler", 0,
290 ExtensionPermissionMessage::kNone, none);
291 RegisterPermission(
292 ExtensionAPIPermission::kHistory, "history",
293 IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY,
294 ExtensionPermissionMessage::kBrowsingHistory, optional);
295 RegisterPermission(
296 ExtensionAPIPermission::kIdle, "idle", 0,
297 ExtensionPermissionMessage::kNone, optional);
298 RegisterPermission(
299 ExtensionAPIPermission::kInputMethodPrivate, "inputMethodPrivate", 0,
300 ExtensionPermissionMessage::kNone, none);
301 RegisterPermission(
302 ExtensionAPIPermission::kManagement, "management",
303 IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
304 ExtensionPermissionMessage::kManagement, optional);
305 RegisterPermission(
306 ExtensionAPIPermission::kPageCapture, "pageCapture",
307 IDS_EXTENSION_PROMPT_WARNING_ALL_PAGES_CONTENT,
308 ExtensionPermissionMessage::kAllPageContent, none);
309 RegisterPermission(
310 ExtensionAPIPermission::kTab, "tabs",
311 IDS_EXTENSION_PROMPT_WARNING_TABS,
312 ExtensionPermissionMessage::kTabs, optional);
313 RegisterPermission(
314 ExtensionAPIPermission::kTts, "tts", 0,
315 ExtensionPermissionMessage::kNone, none);
316 RegisterPermission(
317 ExtensionAPIPermission::kTtsEngine, "ttsEngine",
318 IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
319 ExtensionPermissionMessage::kTtsEngine, none);
320 RegisterPermission(
321 ExtensionAPIPermission::kWebNavigation, "webNavigation", 0,
322 ExtensionPermissionMessage::kNone, none);
323 RegisterPermission(
324 ExtensionAPIPermission::kWebRequest, "webRequest", 0,
325 ExtensionPermissionMessage::kNone, none);
326 RegisterPermission(
327 ExtensionAPIPermission::kWebRequestBlocking, "webRequestBlocking", 0,
328 ExtensionPermissionMessage::kNone, none);
329 RegisterPermission(
330 ExtensionAPIPermission::kWebSocketProxyPrivate,
331 "webSocketProxyPrivate", 0,
332 ExtensionPermissionMessage::kNone, none);
333
334 // Private permissions
335 RegisterPermission(
336 ExtensionAPIPermission::kChromeosInfoPrivate, "chromeosInfoPrivate", 0,
337 ExtensionPermissionMessage::kNone, component_only);
338 RegisterPermission(
339 ExtensionAPIPermission::kFileBrowserPrivate, "fileBrowserPrivate", 0,
340 ExtensionPermissionMessage::kNone, component_only);
341 RegisterPermission(
342 ExtensionAPIPermission::kMediaPlayerPrivate, "mediaPlayerPrivate", 0,
343 ExtensionPermissionMessage::kNone, component_only);
344 RegisterPermission(
345 ExtensionAPIPermission::kMetricsPrivate, "metricsPrivate", 0,
346 ExtensionPermissionMessage::kNone, component_only);
347
348 // Full url access permissions.
349 RegisterPermission(
350 ExtensionAPIPermission::kProxy, "proxy", 0,
351 ExtensionPermissionMessage::kNone, all_urls);
352
353 RegisterPermission(
354 ExtensionAPIPermission::kDevtools, "devtools", 0,
355 ExtensionPermissionMessage::kNone, all_urls);
356
357 RegisterPermission(
358 ExtensionAPIPermission::kPlugin, "plugin",
359 IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
360 ExtensionPermissionMessage::kFullAccess, all_urls | full_access);
361
362 // Platform-app permissions
363 RegisterPermission(
364 ExtensionAPIPermission::kSocket, "socket", 0,
365 ExtensionPermissionMessage::kNone, platform_app_only);
366
367 // Register Aliases
368 RegisterAlias("unlimitedStorage", kOldUnlimitedStoragePermission);
369 RegisterAlias("tabs", kWindowsPermission);
370 } 364 }
371 365
372 void ExtensionPermissionsInfo::RegisterAlias( 366 void ExtensionPermissionsInfo::RegisterAlias(
373 const char* name, const char* alias) { 367 const char* name, const char* alias) {
374 DCHECK(name_map_.find(name) != name_map_.end()); 368 DCHECK(name_map_.find(name) != name_map_.end());
375 DCHECK(name_map_.find(alias) == name_map_.end()); 369 DCHECK(name_map_.find(alias) == name_map_.end());
376 name_map_[alias] = name_map_[name]; 370 name_map_[alias] = name_map_[name];
377 } 371 }
378 372
379 void ExtensionPermissionsInfo::RegisterPermission( 373 void ExtensionPermissionsInfo::RegisterPermission(
380 ExtensionAPIPermission::ID id, 374 ExtensionAPIPermission::ID id,
381 const char* name, 375 const char* name,
382 int l10n_message_id, 376 int l10n_message_id,
383 ExtensionPermissionMessage::ID message_id, 377 ExtensionPermissionMessage::ID message_id,
384 int flags) { 378 int flags,
379 int type_restrictions) {
385 DCHECK(id_map_.find(id) == id_map_.end()); 380 DCHECK(id_map_.find(id) == id_map_.end());
386 DCHECK(name_map_.find(name) == name_map_.end()); 381 DCHECK(name_map_.find(name) == name_map_.end());
387 382
388 ExtensionAPIPermission* permission = 383 ExtensionAPIPermission* permission = new ExtensionAPIPermission(
389 new ExtensionAPIPermission(id, name, l10n_message_id, message_id, flags); 384 id, name, l10n_message_id, message_id, flags, type_restrictions);
390 385
391 id_map_[id] = permission; 386 id_map_[id] = permission;
392 name_map_[name] = permission; 387 name_map_[name] = permission;
393 388
394 permission_count_++; 389 permission_count_++;
395 if (permission->is_hosted_app())
396 hosted_app_permission_count_++;
397 } 390 }
398 391
399 // 392 //
400 // ExtensionPermissionSet 393 // ExtensionPermissionSet
401 // 394 //
402 395
403 ExtensionPermissionSet::ExtensionPermissionSet() { 396 ExtensionPermissionSet::ExtensionPermissionSet() {
404 } 397 }
405 398
406 ExtensionPermissionSet::ExtensionPermissionSet( 399 ExtensionPermissionSet::ExtensionPermissionSet(
(...skipping 10 matching lines...) Expand all
417 ExtensionPermissionSet::ExtensionPermissionSet( 410 ExtensionPermissionSet::ExtensionPermissionSet(
418 const ExtensionAPIPermissionSet& apis, 411 const ExtensionAPIPermissionSet& apis,
419 const URLPatternSet& explicit_hosts, 412 const URLPatternSet& explicit_hosts,
420 const URLPatternSet& scriptable_hosts) 413 const URLPatternSet& scriptable_hosts)
421 : apis_(apis), 414 : apis_(apis),
422 scriptable_hosts_(scriptable_hosts) { 415 scriptable_hosts_(scriptable_hosts) {
423 AddPatternsAndRemovePaths(explicit_hosts, &explicit_hosts_); 416 AddPatternsAndRemovePaths(explicit_hosts, &explicit_hosts_);
424 InitEffectiveHosts(); 417 InitEffectiveHosts();
425 } 418 }
426 419
427 ExtensionPermissionSet::~ExtensionPermissionSet() { 420 ExtensionPermissionSet::~ExtensionPermissionSet() {}
428 }
429 421
430 // static 422 // static
431 ExtensionPermissionSet* ExtensionPermissionSet::CreateDifference( 423 ExtensionPermissionSet* ExtensionPermissionSet::CreateDifference(
432 const ExtensionPermissionSet* set1, 424 const ExtensionPermissionSet* set1,
433 const ExtensionPermissionSet* set2) { 425 const ExtensionPermissionSet* set2) {
434 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); 426 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet();
435 const ExtensionPermissionSet* set1_safe = (set1 == NULL) ? empty : set1; 427 const ExtensionPermissionSet* set1_safe = (set1 == NULL) ? empty : set1;
436 const ExtensionPermissionSet* set2_safe = (set2 == NULL) ? empty : set2; 428 const ExtensionPermissionSet* set2_safe = (set2 == NULL) ? empty : set2;
437 429
438 ExtensionAPIPermissionSet apis; 430 ExtensionAPIPermissionSet apis;
(...skipping 246 matching lines...) Expand 10 before | Expand all | Expand 10 after
685 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 677 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
686 for (ExtensionAPIPermissionSet::const_iterator i = apis_.begin(); 678 for (ExtensionAPIPermissionSet::const_iterator i = apis_.begin();
687 i != apis_.end(); ++i) { 679 i != apis_.end(); ++i) {
688 ExtensionAPIPermission* permission = info->GetByID(*i); 680 ExtensionAPIPermission* permission = info->GetByID(*i);
689 if (permission && permission->is_component_only()) 681 if (permission && permission->is_component_only())
690 return true; 682 return true;
691 } 683 }
692 return false; 684 return false;
693 } 685 }
694 686
695 bool ExtensionPermissionSet::HasPlatformAppPermissions() const {
696 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
697 for (ExtensionAPIPermissionSet::const_iterator i = apis_.begin();
698 i != apis_.end(); ++i) {
699 ExtensionAPIPermission* permission = info->GetByID(*i);
700 if (permission && permission->is_platform_app_only())
701 return true;
702 }
703 return false;
704 }
705
706 bool ExtensionPermissionSet::HasLessPrivilegesThan( 687 bool ExtensionPermissionSet::HasLessPrivilegesThan(
707 const ExtensionPermissionSet* permissions) const { 688 const ExtensionPermissionSet* permissions) const {
708 // Things can't get worse than native code access. 689 // Things can't get worse than native code access.
709 if (HasEffectiveFullAccess()) 690 if (HasEffectiveFullAccess())
710 return false; 691 return false;
711 692
712 // Otherwise, it's a privilege increase if the new one has full access. 693 // Otherwise, it's a privilege increase if the new one has full access.
713 if (permissions->HasEffectiveFullAccess()) 694 if (permissions->HasEffectiveFullAccess())
714 return true; 695 return true;
715 696
(...skipping 146 matching lines...) Expand 10 before | Expand all | Expand 10 after
862 std::set<std::string> new_hosts_set(GetDistinctHosts(new_list, false, false)); 843 std::set<std::string> new_hosts_set(GetDistinctHosts(new_list, false, false));
863 std::set<std::string> old_hosts_set(GetDistinctHosts(old_list, false, false)); 844 std::set<std::string> old_hosts_set(GetDistinctHosts(old_list, false, false));
864 std::set<std::string> new_hosts_only; 845 std::set<std::string> new_hosts_only;
865 846
866 std::set_difference(new_hosts_set.begin(), new_hosts_set.end(), 847 std::set_difference(new_hosts_set.begin(), new_hosts_set.end(),
867 old_hosts_set.begin(), old_hosts_set.end(), 848 old_hosts_set.begin(), old_hosts_set.end(),
868 std::inserter(new_hosts_only, new_hosts_only.begin())); 849 std::inserter(new_hosts_only, new_hosts_only.begin()));
869 850
870 return !new_hosts_only.empty(); 851 return !new_hosts_only.empty();
871 } 852 }
OLDNEW
« chrome/browser/renderer_host/chrome_render_view_host_observer.cc ('K') | « chrome/common/extensions/extension_permission_set.h ('k') | chrome/common/extensions/extension_permission_set_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698