Restrict access to permissions based on extension types.

chrome/common/extensions/extension_permission_set.h

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #ifndef CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_
 #define CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_
 #pragma once
 
 #include <map>
 #include <set>
 #include <string>
 #include <vector>
 
 #include "base/gtest_prod_util.h"
 #include "base/memory/ref_counted.h"
 #include "base/memory/scoped_ptr.h"
 #include "base/memory/singleton.h"
 #include "base/string16.h"
 #include "chrome/common/extensions/url_pattern_set.h"
 
 class Extension;
+class ExtensionPermissionsInfo;
 
 // When prompting the user to install or approve permissions, we display
 // messages describing the effects of the permissions rather than listing the
 // permissions themselves. Each ExtensionPermissionMessage represents one of the
 // messages shown to the user.
 class ExtensionPermissionMessage {
  public:
   // Do not reorder this enumeration. If you need to add a new enum, add it just
   // prior to kEnumBoundary.
   enum ID {
@@ skipping 93 matching lines @@
     kWebRequest,
     kWebRequestBlocking,
     kWebSocketProxyPrivate,
     kWebstorePrivate,
     kEnumBoundary
   };
 
   enum Flag {
     kFlagNone = 0,
 
-    // Indicates if the permission can be accessed by hosted apps.
-    kFlagHostedApp = 1 << 0,
-
     // Indicates if the permission implies full access (native code).
-    kFlagImpliesFullAccess = 1 << 1,
+    kFlagImpliesFullAccess = 1 << 0,
 
     // Indicates if the permission implies full URL access.
-    kFlagImpliesFullURLAccess = 1 << 2,
+    kFlagImpliesFullURLAccess = 1 << 1,
 
     // Indicates that the permission is private to COMPONENT extensions.
-    kFlagComponentOnly = 1 << 3,
+    kFlagComponentOnly = 1 << 2,
 
     // Indicates that the permission supports the optional permissions API.
-    kFlagSupportsOptional = 1 << 4,
+    kFlagSupportsOptional = 1 << 3,
+  };
 
-    // Indicates whether the permission is available only to platform apps.
-    kFlagPlatformAppOnly = 1 << 5,
+  // Flags for specifying what extension types can use the permission.
+  enum TypeRestriction {
+    kTypeNone = 0,
+
+    // Extension::TYPE_EXTENSION and Extension::TYPE_USER_SCRIPT
+    kTypeExtension = 1 << 0,
+
+    // Extension::TYPE_HOSTED_APP
+    kTypeHostedApp = 1 << 1,
+
+    // Extension::TYPE_PACKAGED_APP
+    kTypePackagedApp = 1 << 2,
+
+    // Extension::TYPE_PLATFORM_APP
+    kTypePlatformApp = 1 << 3,
+
+    // Supports all types.
+    kTypeAll = (1 << 4) - 1,
+
+    // Convenience flag for all types except hosted apps.
+    kTypeDefault = kTypeAll - kTypeHostedApp,
   };
 
   typedef std::set<ID> IDSet;
 
   ~ExtensionAPIPermission();
 
   // Returns the localized permission message associated with this api.
   ExtensionPermissionMessage GetMessage() const;
 
   int flags() const { return flags_; }
 
+  int type_restrictions() const { return type_restrictions_; }
+
   ID id() const { return id_; }
 
   // Returns the message id associated with this permission.
   ExtensionPermissionMessage::ID message_id() const {
     return message_id_;
   }
 
   // Returns the name of this permission.
   const char* name() const { return name_; }
 
   // Returns true if this permission implies full access (e.g., native code).
   bool implies_full_access() const {
     return (flags_ & kFlagImpliesFullAccess) != 0;
   }
 
   // Returns true if this permission implies full URL access.
   bool implies_full_url_access() const {
     return (flags_ & kFlagImpliesFullURLAccess) != 0;
   }
 
-  // Returns true if this permission can be accessed by hosted apps.
-  bool is_hosted_app() const {
-    return (flags_ & kFlagHostedApp) != 0;
-  }
-
   // Returns true if this permission can only be acquired by COMPONENT
   // extensions.
   bool is_component_only() const {
     return (flags_ & kFlagComponentOnly) != 0;
   }
 
+  // Returns true if regular extensions can specify this permission.
+  bool supports_extensions() const {
+    return (type_restrictions_ & kTypeExtension) != 0;
+  }
+
+  // Returns true if hosted apps can specify this permission.
+  bool supports_hosted_apps() const {
+    return (type_restrictions_ & kTypeHostedApp) != 0;
+  }
+
+  // Returns true if packaged apps can specify this permission.
+  bool supports_packaged_apps() const {
+    return (type_restrictions_ & kTypePackagedApp) != 0;
+  }
+
+  // Returns true if platform apps can specify this permission.
+  bool supports_platform_apps() const {
+    return (type_restrictions_ & kTypePlatformApp) != 0;
+  }
+
   // Returns true if this permission can be added and removed via the
   // optional permissions extension API.
   bool supports_optional() const {
     return (flags_ & kFlagSupportsOptional) != 0;
   }
 
-  // Returns true if this permission can only be acquired by platform apps.
-  bool is_platform_app_only() const {
-    return (flags_ & kFlagPlatformAppOnly) != 0;
+  // Returns true if this permissions supports the specified |type|.
+  bool supports_type(TypeRestriction type) const {
+    return (type_restrictions_ & type) != 0;
   }
 
  private:
   // Instances should only be constructed from within ExtensionPermissionsInfo.
   friend class ExtensionPermissionsInfo;
 
+  // Register ALL the permissions!
+  static void RegisterAllPermissions(ExtensionPermissionsInfo* info);
+
   explicit ExtensionAPIPermission(
       ID id,
       const char* name,
       int l10n_message_id,
       ExtensionPermissionMessage::ID message_id,
-      int flags);
+      int flags,
+      int type_restrictions);
 
   ID id_;
   const char* name_;
   int flags_;
+  int type_restrictions_;
   int l10n_message_id_;
   ExtensionPermissionMessage::ID message_id_;
 };
 
 typedef std::set<ExtensionAPIPermission::ID> ExtensionAPIPermissionSet;
 
 // Singleton that holds the extension permission instances and provides static
 // methods for accessing them.
 class ExtensionPermissionsInfo {
  public:
   // Returns a pointer to the singleton instance.
   static ExtensionPermissionsInfo* GetInstance();
 
   // Returns the permission with the given |id|, and NULL if it doesn't exist.
   ExtensionAPIPermission* GetByID(ExtensionAPIPermission::ID id);
 
   // Returns the permission with the given |name|, and NULL if none
   // exists.
   ExtensionAPIPermission* GetByName(std::string name);
 
   // Returns a set containing all valid api permission ids.
   ExtensionAPIPermissionSet GetAll();
 
   // Converts all the permission names in |permission_names| to permission ids.
   ExtensionAPIPermissionSet GetAllByName(
       const std::set<std::string>& permission_names);
 
-  // Gets the total number of API permissions available to hosted apps.
-  size_t get_hosted_app_permission_count() {
-    return hosted_app_permission_count_;
-  }
-
   // Gets the total number of API permissions.
   size_t get_permission_count() { return permission_count_; }
 
  private:
+  friend class ExtensionAPIPermission;
+
   ~ExtensionPermissionsInfo();
   ExtensionPermissionsInfo();
 
   // Registers an |alias| for a given permission |name|.
   void RegisterAlias(const char* name, const char* alias);
 
   // Registers a permission with the specified attributes and flags.
   void RegisterPermission(
       ExtensionAPIPermission::ID id,
       const char* name,
       int l10n_message_id,
       ExtensionPermissionMessage::ID message_id,
-      int flags);
+      int flags,
+      int type_restrictions);
 
   // Maps permission ids to permissions.
   typedef std::map<ExtensionAPIPermission::ID, ExtensionAPIPermission*> IDMap;
 
   // Maps names and aliases to permissions.
   typedef std::map<std::string, ExtensionAPIPermission*> NameMap;
 
   IDMap id_map_;
   NameMap name_map_;
 
@@ skipping 87 matching lines @@
   bool HasEffectiveAccessToURL(const GURL& url) const;
 
   // Returns ture if this permission set effectively represents full access
   // (e.g. native code).
   bool HasEffectiveFullAccess() const;
 
   // Returns true if this permission set includes permissions that are
   // restricted to internal extensions.
   bool HasPrivatePermissions() const;
 
-  // Returns true if this permission set includes permissions that are
-  // restricted to platform apps.
-  bool HasPlatformAppPermissions() const;
-
   // Returns true if |permissions| has a greater privilege level than this
   // permission set (e.g., this permission set has less permissions).
   bool HasLessPrivilegesThan(const ExtensionPermissionSet* permissions) const;
 
   const ExtensionAPIPermissionSet& apis() const { return apis_; }
 
   const URLPatternSet& effective_hosts() const { return effective_hosts_; }
 
   const URLPatternSet& explicit_hosts() const { return explicit_hosts_; }
 
@@ skipping 39 matching lines @@
 
   // The list of hosts that can be scripted by content scripts.
   // TODO(jstritar): Rename to "user_script_hosts_"?
   URLPatternSet scriptable_hosts_;
 
   // The list of hosts this effectively grants access to.
   URLPatternSet effective_hosts_;
 };
 
 #endif  // CHROME_COMMON_EXTENSIONS_EXTENSION_PERMISSION_SET_H_