Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(528)

Side by Side Diff: chrome/browser/extensions/extension_webstore_private_api.cc

Issue 9317013: Add a centralized mechanism for whitelisting access to extension permissions. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: . Created 8 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/extensions/extension_webstore_private_api.h" 5 #include "chrome/browser/extensions/extension_webstore_private_api.h"
6 6
7 #include <string> 7 #include <string>
8 8
9 #include "base/string_util.h" 9 #include "base/string_util.h"
10 #include "base/utf_string_conversions.h" 10 #include "base/utf_string_conversions.h"
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after
46 const char kTokenKey[] = "token"; 46 const char kTokenKey[] = "token";
47 47
48 const char kCannotSpecifyIconDataAndUrlError[] = 48 const char kCannotSpecifyIconDataAndUrlError[] =
49 "You cannot specify both icon data and an icon url"; 49 "You cannot specify both icon data and an icon url";
50 const char kInvalidIconUrlError[] = "Invalid icon url"; 50 const char kInvalidIconUrlError[] = "Invalid icon url";
51 const char kInvalidIdError[] = "Invalid id"; 51 const char kInvalidIdError[] = "Invalid id";
52 const char kInvalidManifestError[] = "Invalid manifest"; 52 const char kInvalidManifestError[] = "Invalid manifest";
53 const char kNoPreviousBeginInstallWithManifestError[] = 53 const char kNoPreviousBeginInstallWithManifestError[] =
54 "* does not match a previous call to beginInstallWithManifest3"; 54 "* does not match a previous call to beginInstallWithManifest3";
55 const char kUserCancelledError[] = "User cancelled install"; 55 const char kUserCancelledError[] = "User cancelled install";
56 const char kPermissionDeniedError[] =
57 "You do not have permission to use this method.";
58 56
59 ProfileSyncService* test_sync_service = NULL; 57 ProfileSyncService* test_sync_service = NULL;
60 58
61 // Returns either the test sync service, or the real one from |profile|. 59 // Returns either the test sync service, or the real one from |profile|.
62 ProfileSyncService* GetSyncService(Profile* profile) { 60 ProfileSyncService* GetSyncService(Profile* profile) {
63 // TODO(webstore): It seems |test_sync_service| is not used anywhere. It 61 // TODO(webstore): It seems |test_sync_service| is not used anywhere. It
64 // should be removed. 62 // should be removed.
65 if (test_sync_service) 63 if (test_sync_service)
66 return test_sync_service; 64 return test_sync_service;
67 else 65 else
68 return ProfileSyncServiceFactory::GetInstance()->GetForProfile(profile); 66 return ProfileSyncServiceFactory::GetInstance()->GetForProfile(profile);
69 } 67 }
70 68
71 bool IsWebStoreURL(Profile* profile, const GURL& url) {
72 ExtensionService* service = profile->GetExtensionService();
73 const Extension* store = service->GetWebStoreApp();
74 if (!store) {
75 NOTREACHED();
76 return false;
77 }
78 return (service->extensions()->GetHostedAppByURL(ExtensionURLInfo(url)) ==
79 store);
80 }
81
82 // Whitelists extension IDs for use by webstorePrivate.silentlyInstall. 69 // Whitelists extension IDs for use by webstorePrivate.silentlyInstall.
83 bool trust_test_ids = false; 70 bool trust_test_ids = false;
84 71
85 bool IsTrustedForSilentInstall(const std::string& id) { 72 bool IsTrustedForSilentInstall(const std::string& id) {
86 // Trust the extensions in api_test/webstore_private/bundle when the flag 73 // Trust the extensions in api_test/webstore_private/bundle when the flag
87 // is set. 74 // is set.
88 if (trust_test_ids && 75 if (trust_test_ids &&
89 (id == "begfmnajjkbjdgmffnjaojchoncnmngg" || 76 (id == "begfmnajjkbjdgmffnjaojchoncnmngg" ||
90 id == "bmfoocgfinpmkmlbjhcbofejhkhlbchk" || 77 id == "bmfoocgfinpmkmlbjhcbofejhkhlbchk" ||
91 id == "mpneghmdnmaolkljkipbhaienajcflfe")) 78 id == "mpneghmdnmaolkljkipbhaienajcflfe"))
(...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after
144 void WebstorePrivateApi::SetTrustTestIDsForTesting(bool allow) { 131 void WebstorePrivateApi::SetTrustTestIDsForTesting(bool allow) {
145 trust_test_ids = allow; 132 trust_test_ids = allow;
146 } 133 }
147 134
148 BeginInstallWithManifestFunction::BeginInstallWithManifestFunction() 135 BeginInstallWithManifestFunction::BeginInstallWithManifestFunction()
149 : use_app_installed_bubble_(false) {} 136 : use_app_installed_bubble_(false) {}
150 137
151 BeginInstallWithManifestFunction::~BeginInstallWithManifestFunction() {} 138 BeginInstallWithManifestFunction::~BeginInstallWithManifestFunction() {}
152 139
153 bool BeginInstallWithManifestFunction::RunImpl() { 140 bool BeginInstallWithManifestFunction::RunImpl() {
154 if (!IsWebStoreURL(profile_, source_url())) {
155 SetResult(PERMISSION_DENIED);
156 return false;
157 }
158
159 DictionaryValue* details = NULL; 141 DictionaryValue* details = NULL;
160 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &details)); 142 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &details));
161 CHECK(details); 143 CHECK(details);
162 144
163 EXTENSION_FUNCTION_VALIDATE(details->GetString(kIdKey, &id_)); 145 EXTENSION_FUNCTION_VALIDATE(details->GetString(kIdKey, &id_));
164 if (!Extension::IdIsValid(id_)) { 146 if (!Extension::IdIsValid(id_)) {
165 SetResult(INVALID_ID); 147 SetResult(INVALID_ID);
166 error_ = kInvalidIdError; 148 error_ = kInvalidIdError;
167 return false; 149 return false;
168 } 150 }
(...skipping 176 matching lines...) Expand 10 before | Expand all | Expand 10 after
345 "Extensions.Permissions_InstallCancel" : 327 "Extensions.Permissions_InstallCancel" :
346 "Extensions.Permissions_InstallAbort"; 328 "Extensions.Permissions_InstallAbort";
347 ExtensionService::RecordPermissionMessagesHistogram( 329 ExtensionService::RecordPermissionMessagesHistogram(
348 dummy_extension_, histogram_name.c_str()); 330 dummy_extension_, histogram_name.c_str());
349 331
350 // Matches the AddRef in RunImpl(). 332 // Matches the AddRef in RunImpl().
351 Release(); 333 Release();
352 } 334 }
353 335
354 bool CompleteInstallFunction::RunImpl() { 336 bool CompleteInstallFunction::RunImpl() {
355 if (!IsWebStoreURL(profile_, source_url()))
356 return false;
357
358 std::string id; 337 std::string id;
359 EXTENSION_FUNCTION_VALIDATE(args_->GetString(0, &id)); 338 EXTENSION_FUNCTION_VALIDATE(args_->GetString(0, &id));
360 if (!Extension::IdIsValid(id)) { 339 if (!Extension::IdIsValid(id)) {
361 error_ = kInvalidIdError; 340 error_ = kInvalidIdError;
362 return false; 341 return false;
363 } 342 }
364 343
365 if (!CrxInstaller::IsIdWhitelisted(id) && 344 if (!CrxInstaller::IsIdWhitelisted(id) &&
366 !CrxInstaller::GetWhitelistEntry(id)) { 345 !CrxInstaller::GetWhitelistEntry(id)) {
367 error_ = ExtensionErrorUtils::FormatErrorMessage( 346 error_ = ExtensionErrorUtils::FormatErrorMessage(
(...skipping 10 matching lines...) Expand all
378 id, WebstoreInstaller::FLAG_NONE); 357 id, WebstoreInstaller::FLAG_NONE);
379 installer->Start(); 358 installer->Start();
380 359
381 return true; 360 return true;
382 } 361 }
383 362
384 SilentlyInstallFunction::SilentlyInstallFunction() {} 363 SilentlyInstallFunction::SilentlyInstallFunction() {}
385 SilentlyInstallFunction::~SilentlyInstallFunction() {} 364 SilentlyInstallFunction::~SilentlyInstallFunction() {}
386 365
387 bool SilentlyInstallFunction::RunImpl() { 366 bool SilentlyInstallFunction::RunImpl() {
388 if (!IsWebStoreURL(profile_, source_url())) {
389 error_ = kPermissionDeniedError;
390 return false;
391 }
392
393 DictionaryValue* details = NULL; 367 DictionaryValue* details = NULL;
394 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &details)); 368 EXTENSION_FUNCTION_VALIDATE(args_->GetDictionary(0, &details));
395 CHECK(details); 369 CHECK(details);
396 370
397 EXTENSION_FUNCTION_VALIDATE(details->GetString(kIdKey, &id_)); 371 EXTENSION_FUNCTION_VALIDATE(details->GetString(kIdKey, &id_));
398 if (!IsTrustedForSilentInstall(id_)) { 372 if (!IsTrustedForSilentInstall(id_)) {
399 error_ = kInvalidIdError; 373 error_ = kInvalidIdError;
400 return false; 374 return false;
401 } 375 }
402 376
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
458 const std::string& id, const std::string& error) { 432 const std::string& id, const std::string& error) {
459 CHECK_EQ(id_, id); 433 CHECK_EQ(id_, id);
460 434
461 error_ = error; 435 error_ = error;
462 SendResponse(false); 436 SendResponse(false);
463 437
464 Release(); // Matches the AddRef() in RunImpl(). 438 Release(); // Matches the AddRef() in RunImpl().
465 } 439 }
466 440
467 bool GetBrowserLoginFunction::RunImpl() { 441 bool GetBrowserLoginFunction::RunImpl() {
468 if (!IsWebStoreURL(profile_, source_url()))
469 return false;
470 result_.reset(CreateLoginResult(profile_->GetOriginalProfile())); 442 result_.reset(CreateLoginResult(profile_->GetOriginalProfile()));
471 return true; 443 return true;
472 } 444 }
473 445
474 bool GetStoreLoginFunction::RunImpl() { 446 bool GetStoreLoginFunction::RunImpl() {
475 if (!IsWebStoreURL(profile_, source_url()))
476 return false;
477 ExtensionService* service = profile_->GetExtensionService(); 447 ExtensionService* service = profile_->GetExtensionService();
478 ExtensionPrefs* prefs = service->extension_prefs(); 448 ExtensionPrefs* prefs = service->extension_prefs();
479 std::string login; 449 std::string login;
480 if (prefs->GetWebStoreLogin(&login)) { 450 if (prefs->GetWebStoreLogin(&login)) {
481 result_.reset(Value::CreateStringValue(login)); 451 result_.reset(Value::CreateStringValue(login));
482 } else { 452 } else {
483 result_.reset(Value::CreateStringValue(std::string())); 453 result_.reset(Value::CreateStringValue(std::string()));
484 } 454 }
485 return true; 455 return true;
486 } 456 }
487 457
488 bool SetStoreLoginFunction::RunImpl() { 458 bool SetStoreLoginFunction::RunImpl() {
489 if (!IsWebStoreURL(profile_, source_url()))
490 return false;
491 std::string login; 459 std::string login;
492 EXTENSION_FUNCTION_VALIDATE(args_->GetString(0, &login)); 460 EXTENSION_FUNCTION_VALIDATE(args_->GetString(0, &login));
493 ExtensionService* service = profile_->GetExtensionService(); 461 ExtensionService* service = profile_->GetExtensionService();
494 ExtensionPrefs* prefs = service->extension_prefs(); 462 ExtensionPrefs* prefs = service->extension_prefs();
495 prefs->SetWebStoreLogin(login); 463 prefs->SetWebStoreLogin(login);
496 return true; 464 return true;
497 } 465 }
498 466
499 GetWebGLStatusFunction::GetWebGLStatusFunction() {} 467 GetWebGLStatusFunction::GetWebGLStatusFunction() {}
500 GetWebGLStatusFunction::~GetWebGLStatusFunction() {} 468 GetWebGLStatusFunction::~GetWebGLStatusFunction() {}
(...skipping 49 matching lines...) Expand 10 before | Expand all | Expand 10 after
550 SendResponse(true); 518 SendResponse(true);
551 } else { 519 } else {
552 // Matched with a Release in OnGpuInfoUpdate. 520 // Matched with a Release in OnGpuInfoUpdate.
553 AddRef(); 521 AddRef();
554 522
555 manager->AddObserver(this); 523 manager->AddObserver(this);
556 manager->RequestCompleteGpuInfoIfNeeded(); 524 manager->RequestCompleteGpuInfoIfNeeded();
557 } 525 }
558 return true; 526 return true;
559 } 527 }
OLDNEW
« no previous file with comments | « chrome/browser/extensions/extension_web_socket_proxy_private_apitest.cc ('k') | chrome/chrome_tests.gypi » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698