Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(422)

Side by Side Diff: chrome/common/extensions/extension_permission_set_unittest.cc

Issue 9317013: Add a centralized mechanism for whitelisting access to extension permissions. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: . Created 8 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension_permission_set.h" 5 #include "chrome/common/extensions/extension_permission_set.h"
6 6
7 #include "base/json/json_value_serializer.h" 7 #include "base/json/json_value_serializer.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/path_service.h" 9 #include "base/path_service.h"
10 #include "base/utf_string_conversions.h" 10 #include "base/utf_string_conversions.h"
11 #include "chrome/common/chrome_paths.h" 11 #include "chrome/common/chrome_paths.h"
12 #include "chrome/common/extensions/extension.h" 12 #include "chrome/common/extensions/extension.h"
13 #include "chrome/common/extensions/extension_constants.h"
14 #include "chrome/common/extensions/extension_error_utils.h"
15 #include "chrome/common/extensions/extension_permission_set.h"
13 #include "testing/gtest/include/gtest/gtest.h" 16 #include "testing/gtest/include/gtest/gtest.h"
14 17
18 namespace errors = extension_manifest_errors;
19 namespace keys = extension_manifest_keys;
20 namespace values = extension_manifest_values;
15 namespace { 21 namespace {
16 22
17 static scoped_refptr<Extension> LoadManifest(const std::string& dir, 23 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
18 const std::string& test_file, 24 const std::string& test_file,
19 int extra_flags) { 25 int extra_flags) {
20 FilePath path; 26 FilePath path;
21 PathService::Get(chrome::DIR_TEST_DATA, &path); 27 PathService::Get(chrome::DIR_TEST_DATA, &path);
22 path = path.AppendASCII("extensions") 28 path = path.AppendASCII("extensions")
23 .AppendASCII(dir) 29 .AppendASCII(dir)
24 .AppendASCII(test_file); 30 .AppendASCII(test_file);
(...skipping 12 matching lines...) Expand all
37 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); 43 Extension::STRICT_ERROR_CHECKS | extra_flags, &error);
38 EXPECT_TRUE(extension) << error; 44 EXPECT_TRUE(extension) << error;
39 return extension; 45 return extension;
40 } 46 }
41 47
42 static scoped_refptr<Extension> LoadManifest(const std::string& dir, 48 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
43 const std::string& test_file) { 49 const std::string& test_file) {
44 return LoadManifest(dir, test_file, Extension::NO_FLAGS); 50 return LoadManifest(dir, test_file, Extension::NO_FLAGS);
45 } 51 }
46 52
53 static scoped_refptr<Extension> LoadManifestFromValue(
54 DictionaryValue* manifest,
55 Extension::Location location,
56 std::string* error) {
57 return Extension::Create(FilePath(), location, *manifest,
58 Extension::STRICT_ERROR_CHECKS, error);
59 }
60
61 static void LoadManifestAndExpectError(DictionaryValue* manifest,
62 Extension::Location location,
63 const std::string& permission) {
64 std::string error;
65 scoped_refptr<Extension> extension =
66 LoadManifestFromValue(manifest, location, &error);
67
68 std::string expected_error = ExtensionErrorUtils::FormatErrorMessage(
69 errors::kPermissionNotAllowed, permission);
70 EXPECT_FALSE(extension);
71 EXPECT_EQ(expected_error, error);
72 }
73
47 void CompareLists(const std::vector<std::string>& expected, 74 void CompareLists(const std::vector<std::string>& expected,
48 const std::vector<std::string>& actual) { 75 const std::vector<std::string>& actual) {
49 ASSERT_EQ(expected.size(), actual.size()); 76 ASSERT_EQ(expected.size(), actual.size());
50 77
51 for (size_t i = 0; i < expected.size(); ++i) { 78 for (size_t i = 0; i < expected.size(); ++i) {
52 EXPECT_EQ(expected[i], actual[i]); 79 EXPECT_EQ(expected[i], actual[i]);
53 } 80 }
54 } 81 }
55 82
56 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { 83 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
57 int schemes = URLPattern::SCHEME_ALL; 84 int schemes = URLPattern::SCHEME_ALL;
58 extent->AddPattern(URLPattern(schemes, pattern)); 85 extent->AddPattern(URLPattern(schemes, pattern));
59 } 86 }
60 87
61 } // namespace 88 } // namespace
62 89
63 class ExtensionAPIPermissionTest : public testing::Test { 90 class ExtensionPermissionsTest : public testing::Test {
64 }; 91 };
65 92
66 class ExtensionPermissionSetTest : public testing::Test {
67 };
68
69
70 // Tests GetByID. 93 // Tests GetByID.
71 TEST(ExtensionPermissionsInfoTest, GetByID) { 94 TEST(ExtensionPermissionsTest, GetByID) {
72 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 95 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
73 ExtensionAPIPermissionSet ids = info->GetAll(); 96 ExtensionAPIPermissionSet ids = info->GetAll();
74 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); 97 for (ExtensionAPIPermissionSet::iterator i = ids.begin();
75 i != ids.end(); ++i) { 98 i != ids.end(); ++i) {
76 EXPECT_EQ(*i, info->GetByID(*i)->id()); 99 EXPECT_EQ(*i, info->GetByID(*i)->id());
77 } 100 }
78 } 101 }
79 102
80 // Tests that GetByName works with normal permission names and aliases. 103 // Tests that GetByName works with normal permission names and aliases.
81 TEST(ExtensionPermissionsInfoTest, GetByName) { 104 TEST(ExtensionPermissionsTest, GetByName) {
82 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 105 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
83 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); 106 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id());
84 EXPECT_EQ(ExtensionAPIPermission::kManagement, 107 EXPECT_EQ(ExtensionAPIPermission::kManagement,
85 info->GetByName("management")->id()); 108 info->GetByName("management")->id());
86 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); 109 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj"));
87 } 110 }
88 111
89 TEST(ExtensionPermissionsInfoTest, GetAll) { 112 TEST(ExtensionPermissionsTest, GetAll) {
90 size_t count = 0; 113 size_t count = 0;
91 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 114 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
92 ExtensionAPIPermissionSet apis = info->GetAll(); 115 ExtensionAPIPermissionSet apis = info->GetAll();
93 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); 116 for (ExtensionAPIPermissionSet::iterator api = apis.begin();
94 api != apis.end(); ++api) { 117 api != apis.end(); ++api) {
95 // Make sure only the valid permission IDs get returned. 118 // Make sure only the valid permission IDs get returned.
96 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); 119 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api);
97 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); 120 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api);
98 count++; 121 count++;
99 } 122 }
100 EXPECT_EQ(count, info->get_permission_count()); 123 EXPECT_EQ(count, info->get_permission_count());
101 } 124 }
102 125
103 TEST(ExtensionPermissionInfoTest, GetAllByName) { 126 TEST(ExtensionPermissionsTest, GetAllByName) {
104 std::set<std::string> names; 127 std::set<std::string> names;
105 names.insert("background"); 128 names.insert("background");
106 names.insert("management"); 129 names.insert("management");
107 130
108 // This is an alias of kTab 131 // This is an alias of kTab
109 names.insert("windows"); 132 names.insert("windows");
110 133
111 // This unknown name should get dropped. 134 // This unknown name should get dropped.
112 names.insert("sdlkfjasdlkfj"); 135 names.insert("sdlkfjasdlkfj");
113 136
114 ExtensionAPIPermissionSet expected; 137 ExtensionAPIPermissionSet expected;
115 expected.insert(ExtensionAPIPermission::kBackground); 138 expected.insert(ExtensionAPIPermission::kBackground);
116 expected.insert(ExtensionAPIPermission::kManagement); 139 expected.insert(ExtensionAPIPermission::kManagement);
117 expected.insert(ExtensionAPIPermission::kTab); 140 expected.insert(ExtensionAPIPermission::kTab);
118 141
119 EXPECT_EQ(expected, 142 EXPECT_EQ(expected,
120 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); 143 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names));
121 } 144 }
122 145
123 // Tests that the aliases are properly mapped. 146 // Tests that the aliases are properly mapped.
124 TEST(ExtensionAPIPermissionTest, Aliases) { 147 TEST(ExtensionPermissionsTest, Aliases) {
125 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 148 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
126 // tabs: tabs, windows 149 // tabs: tabs, windows
127 std::string tabs_name = "tabs"; 150 std::string tabs_name = "tabs";
128 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); 151 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name());
129 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); 152 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id());
130 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); 153 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id());
131 154
132 // unlimitedStorage: unlimitedStorage, unlimited_storage 155 // unlimitedStorage: unlimitedStorage, unlimited_storage
133 std::string storage_name = "unlimitedStorage"; 156 std::string storage_name = "unlimitedStorage";
134 EXPECT_EQ(storage_name, info->GetByID( 157 EXPECT_EQ(storage_name, info->GetByID(
135 ExtensionAPIPermission::kUnlimitedStorage)->name()); 158 ExtensionAPIPermission::kUnlimitedStorage)->name());
136 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, 159 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage,
137 info->GetByName("unlimitedStorage")->id()); 160 info->GetByName("unlimitedStorage")->id());
138 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, 161 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage,
139 info->GetByName("unlimited_storage")->id()); 162 info->GetByName("unlimited_storage")->id());
140 } 163 }
141 164
142 TEST(ExtensionAPIPermissionTest, HostedAppPermissions) { 165 TEST(ExtensionPermissionsTest, HostedAppPermissions) {
143 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 166 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
144 ExtensionAPIPermissionSet hosted_perms; 167 ExtensionAPIPermissionSet hosted_perms;
145 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); 168 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications);
146 hosted_perms.insert(ExtensionAPIPermission::kBackground); 169 hosted_perms.insert(ExtensionAPIPermission::kBackground);
147 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); 170 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead);
148 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); 171 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite);
149 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); 172 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate);
150 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); 173 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate);
151 hosted_perms.insert(ExtensionAPIPermission::kExperimental); 174 hosted_perms.insert(ExtensionAPIPermission::kExperimental);
152 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); 175 hosted_perms.insert(ExtensionAPIPermission::kGeolocation);
153 hosted_perms.insert(ExtensionAPIPermission::kNotification); 176 hosted_perms.insert(ExtensionAPIPermission::kNotification);
154 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); 177 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage);
155 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); 178 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate);
156 179
180 DictionaryValue source;
181 source.SetString(keys::kName, "permission hosted app test");
182 source.SetString(keys::kVersion, "1");
183 source.SetInteger(keys::kManifestVersion, 2);
184 ListValue* urls = new ListValue();
185 urls->Append(Value::CreateStringValue("http://localhost/test.html"));
186 source.Set(keys::kWebURLs, urls);
187 source.SetString(keys::kLaunchWebURL, "http://localhost/test.html");
188
157 ExtensionAPIPermissionSet perms = info->GetAll(); 189 ExtensionAPIPermissionSet perms = info->GetAll();
158 size_t count = 0; 190 size_t count = 0;
159 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 191 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
160 i != perms.end(); ++i) { 192 i != perms.end(); ++i) {
161 count += hosted_perms.count(*i); 193 ExtensionAPIPermission* permission = info->GetByID(*i);
162 EXPECT_EQ(hosted_perms.count(*i) > 0, 194 if (permission->supports_hosted_apps()) {
163 info->GetByID(*i)->supports_hosted_apps()); 195 count++;
196 EXPECT_TRUE(hosted_perms.count(*i));
197 continue;
198 }
199
200 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
201 ListValue* permissions = new ListValue();
202 permissions->Append(Value::CreateStringValue(permission->name()));
203 manifest->Set(keys::kPermissions, permissions);
204
205 // This error may be generated for other reasons too, like if the permission
206 // has a whitelist.
207 LoadManifestAndExpectError(
208 manifest.get(), Extension::INTERNAL, permission->name());
164 } 209 }
165 210
166 EXPECT_EQ(hosted_perms.size(), count); 211 EXPECT_EQ(hosted_perms.size(), count);
167 } 212 }
168 213
169 TEST(ExtensionAPIPermissionTest, PlatformAppPermissions) { 214 TEST(ExtensionPermissionsTest, PlatformAppPermissions) {
170 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 215 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
171 ExtensionAPIPermissionSet blacklist; 216 ExtensionAPIPermissionSet blacklist;
172 blacklist.insert(ExtensionAPIPermission::kAppNotifications); 217 blacklist.insert(ExtensionAPIPermission::kAppNotifications);
173 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); 218 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate);
174 blacklist.insert(ExtensionAPIPermission::kChromePrivate); 219 blacklist.insert(ExtensionAPIPermission::kChromePrivate);
175 blacklist.insert(ExtensionAPIPermission::kCookie); 220 blacklist.insert(ExtensionAPIPermission::kCookie);
176 blacklist.insert(ExtensionAPIPermission::kTab); 221 blacklist.insert(ExtensionAPIPermission::kTab);
177 blacklist.insert(ExtensionAPIPermission::kWebNavigation); 222 blacklist.insert(ExtensionAPIPermission::kWebNavigation);
178 blacklist.insert(ExtensionAPIPermission::kWebRequest); 223 blacklist.insert(ExtensionAPIPermission::kWebRequest);
179 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); 224 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking);
180 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); 225 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate);
181 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); 226 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate);
182 227
228 DictionaryValue source;
229 source.SetString(keys::kName, "permission platform app test");
230 source.SetString(keys::kVersion, "1");
231 source.SetInteger(keys::kManifestVersion, 2);
232 source.SetBoolean(keys::kPlatformApp, true);
233 source.SetString(keys::kLaunchLocalPath, "test.html");
234 source.SetString(keys::kLaunchContainer, values::kLaunchContainerShell);
235
183 ExtensionAPIPermissionSet perms = info->GetAll(); 236 ExtensionAPIPermissionSet perms = info->GetAll();
184 size_t count = 0; 237 size_t count = 0;
185 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 238 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
186 i != perms.end(); ++i) { 239 i != perms.end(); ++i) {
187 count += blacklist.count(*i); 240 ExtensionAPIPermission* permission = info->GetByID(*i);
188 EXPECT_EQ(blacklist.count(*i) > 0, 241 if (permission->supports_platform_apps())
189 !info->GetByID(*i)->supports_platform_apps()); 242 continue;
243
244 count++;
245 EXPECT_TRUE(blacklist.count(*i));
246
247 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
248 ListValue* permissions = new ListValue();
249 permissions->Append(Value::CreateStringValue(permission->name()));
250 manifest->Set(keys::kPermissions, permissions);
251
252 // This error may be generated for other reasons too, like if the permission
253 // has a whitelist.
254 LoadManifestAndExpectError(
255 manifest.get(), Extension::INTERNAL, permission->name());
190 } 256 }
191 257
192 EXPECT_EQ(blacklist.size(), count); 258 EXPECT_EQ(blacklist.size(), count);
193 } 259 }
194 260
195 TEST(ExtensionAPIPermissionTest, ComponentOnlyPermissions) { 261 TEST(ExtensionPermissionsTest, ComponentOnlyPermissions) {
196 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 262 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
197 ExtensionAPIPermissionSet private_perms; 263 ExtensionAPIPermissionSet private_perms;
198 private_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate);
199 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); 264 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate);
200 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); 265 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate);
201 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); 266 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate);
202 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); 267 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate);
203 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); 268 private_perms.insert(ExtensionAPIPermission::kSystemPrivate);
204 private_perms.insert(ExtensionAPIPermission::kWebstorePrivate); 269
270 DictionaryValue source;
271 source.SetString(keys::kName, "component only permission test");
272 source.SetString(keys::kVersion, "1");
273 source.SetInteger(keys::kManifestVersion, 2);
205 274
206 ExtensionAPIPermissionSet perms = info->GetAll(); 275 ExtensionAPIPermissionSet perms = info->GetAll();
207 int count = 0; 276 size_t count = 0;
208 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 277 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
209 i != perms.end(); ++i) { 278 i != perms.end(); ++i) {
210 count += private_perms.count(*i); 279 ExtensionAPIPermission* permission = info->GetByID(*i);
211 EXPECT_EQ(private_perms.count(*i) > 0, 280
212 info->GetByID(*i)->is_component_only()); 281 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
282 ListValue* permissions = new ListValue();
283 permissions->Append(Value::CreateStringValue(permission->name()));
284 manifest->Set(keys::kPermissions, permissions);
285
286 // COMPONENT extensions can access any permission.
287 std::string error;
288 scoped_refptr<Extension> extension = LoadManifestFromValue(
289 manifest.get(), Extension::COMPONENT, &error);
290 EXPECT_TRUE(extension);
291
292 if (!permission->is_component_only())
293 continue;
294
295 count++;
296 EXPECT_TRUE(private_perms.count(*i));
297
298 // But INTERNAL extensions can't access component only permissions.
299 LoadManifestAndExpectError(
300 manifest.get(), Extension::INTERNAL, permission->name());
213 } 301 }
214 302
215 EXPECT_EQ(7, count); 303 EXPECT_EQ(private_perms.size(), count);
216 } 304 }
217 305
218 TEST(ExtensionPermissionSetTest, EffectiveHostPermissions) { 306 // Tests that permission whitelists are enforced.
307 TEST(ExtensionPermissionsTest, Whitelists) {
308 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
309 ExtensionAPIPermissionSet ids = info->GetAll();
310
311 ExtensionAPIPermissionSet expected_whitelists;
312 expected_whitelists.insert(ExtensionAPIPermission::kChromeAuthPrivate);
313 expected_whitelists.insert(ExtensionAPIPermission::kChromePrivate);
314 expected_whitelists.insert(ExtensionAPIPermission::kInputMethodPrivate);
315 expected_whitelists.insert(ExtensionAPIPermission::kTerminalPrivate);
316 expected_whitelists.insert(ExtensionAPIPermission::kWebSocketProxyPrivate);
317 expected_whitelists.insert(ExtensionAPIPermission::kWebstorePrivate);
318
319 DictionaryValue source;
320 source.SetString(keys::kName, "permission whitelist test");
321 source.SetString(keys::kVersion, "1");
322 source.SetInteger(keys::kManifestVersion, 2);
323
324 size_t whitelists = 0;
325 for (ExtensionAPIPermissionSet::iterator i = ids.begin();
326 i != ids.end(); ++i) {
327 ExtensionAPIPermission* permission = info->GetByID(*i);
328 if (!permission->HasWhitelist())
329 continue;
330
331 whitelists++;
332 EXPECT_TRUE(expected_whitelists.count(*i));
333
334 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
335 ListValue* permissions = new ListValue();
336 permissions->Append(Value::CreateStringValue(permission->name()));
337 manifest->Set(keys::kPermissions, permissions);
338
339 LoadManifestAndExpectError(
340 manifest.get(), Extension::INTERNAL, permission->name());
341 }
342
343 EXPECT_EQ(expected_whitelists.size(), whitelists);
344 }
345
346 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
219 scoped_refptr<Extension> extension; 347 scoped_refptr<Extension> extension;
220 scoped_refptr<const ExtensionPermissionSet> permissions; 348 scoped_refptr<const ExtensionPermissionSet> permissions;
221 349
222 extension = LoadManifest("effective_host_permissions", "empty.json"); 350 extension = LoadManifest("effective_host_permissions", "empty.json");
223 permissions = extension->GetActivePermissions(); 351 permissions = extension->GetActivePermissions();
224 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); 352 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size());
225 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( 353 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(
226 GURL("http://www.google.com"))); 354 GURL("http://www.google.com")));
227 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); 355 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts());
228 356
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
284 412
285 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); 413 extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
286 permissions = extension->GetActivePermissions(); 414 permissions = extension->GetActivePermissions();
287 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); 415 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/")));
288 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); 416 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/")));
289 EXPECT_TRUE( 417 EXPECT_TRUE(
290 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); 418 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com")));
291 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); 419 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts());
292 } 420 }
293 421
294 TEST(ExtensionPermissionSetTest, ExplicitAccessToOrigin) { 422 TEST(ExtensionPermissionsTest, ExplicitAccessToOrigin) {
295 ExtensionAPIPermissionSet apis; 423 ExtensionAPIPermissionSet apis;
296 URLPatternSet explicit_hosts; 424 URLPatternSet explicit_hosts;
297 URLPatternSet scriptable_hosts; 425 URLPatternSet scriptable_hosts;
298 426
299 AddPattern(&explicit_hosts, "http://*.google.com/*"); 427 AddPattern(&explicit_hosts, "http://*.google.com/*");
300 // The explicit host paths should get set to /*. 428 // The explicit host paths should get set to /*.
301 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); 429 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*");
302 430
303 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( 431 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet(
304 apis, explicit_hosts, scriptable_hosts); 432 apis, explicit_hosts, scriptable_hosts);
305 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 433 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
306 GURL("http://www.google.com/"))); 434 GURL("http://www.google.com/")));
307 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 435 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
308 GURL("http://test.google.com/"))); 436 GURL("http://test.google.com/")));
309 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 437 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
310 GURL("http://www.example.com"))); 438 GURL("http://www.example.com")));
311 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( 439 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL(
312 GURL("http://www.example.com"))); 440 GURL("http://www.example.com")));
313 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( 441 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin(
314 GURL("http://test.example.com"))); 442 GURL("http://test.example.com")));
315 } 443 }
316 444
317 TEST(ExtensionPermissionSetTest, CreateUnion) { 445 TEST(ExtensionPermissionsTest, CreateUnion) {
318 ExtensionAPIPermissionSet apis1; 446 ExtensionAPIPermissionSet apis1;
319 ExtensionAPIPermissionSet apis2; 447 ExtensionAPIPermissionSet apis2;
320 ExtensionAPIPermissionSet expected_apis; 448 ExtensionAPIPermissionSet expected_apis;
321 449
322 URLPatternSet explicit_hosts1; 450 URLPatternSet explicit_hosts1;
323 URLPatternSet explicit_hosts2; 451 URLPatternSet explicit_hosts2;
324 URLPatternSet expected_explicit_hosts; 452 URLPatternSet expected_explicit_hosts;
325 453
326 URLPatternSet scriptable_hosts1; 454 URLPatternSet scriptable_hosts1;
327 URLPatternSet scriptable_hosts2; 455 URLPatternSet scriptable_hosts2;
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
388 EXPECT_TRUE(union_set->Contains(*set2)); 516 EXPECT_TRUE(union_set->Contains(*set2));
389 517
390 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); 518 EXPECT_TRUE(union_set->HasEffectiveFullAccess());
391 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); 519 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts());
392 EXPECT_EQ(expected_apis, union_set->apis()); 520 EXPECT_EQ(expected_apis, union_set->apis());
393 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); 521 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts());
394 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); 522 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts());
395 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); 523 EXPECT_EQ(effective_hosts, union_set->effective_hosts());
396 } 524 }
397 525
398 TEST(ExtensionPermissionSetTest, CreateIntersection) { 526 TEST(ExtensionPermissionsTest, CreateIntersection) {
399 ExtensionAPIPermissionSet apis1; 527 ExtensionAPIPermissionSet apis1;
400 ExtensionAPIPermissionSet apis2; 528 ExtensionAPIPermissionSet apis2;
401 ExtensionAPIPermissionSet expected_apis; 529 ExtensionAPIPermissionSet expected_apis;
402 530
403 URLPatternSet explicit_hosts1; 531 URLPatternSet explicit_hosts1;
404 URLPatternSet explicit_hosts2; 532 URLPatternSet explicit_hosts2;
405 URLPatternSet expected_explicit_hosts; 533 URLPatternSet expected_explicit_hosts;
406 534
407 URLPatternSet scriptable_hosts1; 535 URLPatternSet scriptable_hosts1;
408 URLPatternSet scriptable_hosts2; 536 URLPatternSet scriptable_hosts2;
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
464 EXPECT_FALSE(new_set->Contains(*set2)); 592 EXPECT_FALSE(new_set->Contains(*set2));
465 593
466 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); 594 EXPECT_FALSE(new_set->HasEffectiveFullAccess());
467 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); 595 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts());
468 EXPECT_EQ(expected_apis, new_set->apis()); 596 EXPECT_EQ(expected_apis, new_set->apis());
469 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); 597 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
470 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); 598 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
471 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); 599 EXPECT_EQ(effective_hosts, new_set->effective_hosts());
472 } 600 }
473 601
474 TEST(ExtensionPermissionSetTest, CreateDifference) { 602 TEST(ExtensionPermissionsTest, CreateDifference) {
475 ExtensionAPIPermissionSet apis1; 603 ExtensionAPIPermissionSet apis1;
476 ExtensionAPIPermissionSet apis2; 604 ExtensionAPIPermissionSet apis2;
477 ExtensionAPIPermissionSet expected_apis; 605 ExtensionAPIPermissionSet expected_apis;
478 606
479 URLPatternSet explicit_hosts1; 607 URLPatternSet explicit_hosts1;
480 URLPatternSet explicit_hosts2; 608 URLPatternSet explicit_hosts2;
481 URLPatternSet expected_explicit_hosts; 609 URLPatternSet expected_explicit_hosts;
482 610
483 URLPatternSet scriptable_hosts1; 611 URLPatternSet scriptable_hosts1;
484 URLPatternSet scriptable_hosts2; 612 URLPatternSet scriptable_hosts2;
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
528 EXPECT_EQ(expected_apis, new_set->apis()); 656 EXPECT_EQ(expected_apis, new_set->apis());
529 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); 657 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
530 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); 658 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
531 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); 659 EXPECT_EQ(effective_hosts, new_set->effective_hosts());
532 660
533 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set 661 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set
534 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); 662 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get());
535 EXPECT_TRUE(set1->IsEmpty()); 663 EXPECT_TRUE(set1->IsEmpty());
536 } 664 }
537 665
538 TEST(ExtensionPermissionSetTest, HasLessPrivilegesThan) { 666 TEST(ExtensionPermissionsTest, HasLessPrivilegesThan) {
539 const struct { 667 const struct {
540 const char* base_name; 668 const char* base_name;
541 // Increase these sizes if you have more than 10. 669 // Increase these sizes if you have more than 10.
542 const char* granted_apis[10]; 670 const char* granted_apis[10];
543 const char* granted_hosts[10]; 671 const char* granted_hosts[10];
544 bool full_access; 672 bool full_access;
545 bool expect_increase; 673 bool expect_increase;
546 } kTests[] = { 674 } kTests[] = {
547 { "allhosts1", {NULL}, {"http://*/", NULL}, false, 675 { "allhosts1", {NULL}, {"http://*/", NULL}, false,
548 false }, // all -> all 676 false }, // all -> all
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after
621 scoped_refptr<const ExtensionPermissionSet> old_p( 749 scoped_refptr<const ExtensionPermissionSet> old_p(
622 old_extension->GetActivePermissions()); 750 old_extension->GetActivePermissions());
623 scoped_refptr<const ExtensionPermissionSet> new_p( 751 scoped_refptr<const ExtensionPermissionSet> new_p(
624 new_extension->GetActivePermissions()); 752 new_extension->GetActivePermissions());
625 753
626 EXPECT_EQ(kTests[i].expect_increase, 754 EXPECT_EQ(kTests[i].expect_increase,
627 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; 755 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name;
628 } 756 }
629 } 757 }
630 758
631 TEST(ExtensionPermissionSetTest, PermissionMessages) { 759 TEST(ExtensionPermissionsTest, PermissionMessages) {
632 // Ensure that all permissions that needs to show install UI actually have 760 // Ensure that all permissions that needs to show install UI actually have
633 // strings associated with them. 761 // strings associated with them.
634 ExtensionAPIPermissionSet skip; 762 ExtensionAPIPermissionSet skip;
635 763
636 // These are considered "nuisance" or "trivial" permissions that don't need 764 // These are considered "nuisance" or "trivial" permissions that don't need
637 // a prompt. 765 // a prompt.
638 skip.insert(ExtensionAPIPermission::kAppNotifications); 766 skip.insert(ExtensionAPIPermission::kAppNotifications);
639 skip.insert(ExtensionAPIPermission::kContextMenus); 767 skip.insert(ExtensionAPIPermission::kContextMenus);
640 skip.insert(ExtensionAPIPermission::kIdle); 768 skip.insert(ExtensionAPIPermission::kIdle);
641 skip.insert(ExtensionAPIPermission::kNotification); 769 skip.insert(ExtensionAPIPermission::kNotification);
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
696 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) 824 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id())
697 << "unexpected message_id for " << permission->name(); 825 << "unexpected message_id for " << permission->name();
698 } else { 826 } else {
699 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) 827 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id())
700 << "missing message_id for " << permission->name(); 828 << "missing message_id for " << permission->name();
701 } 829 }
702 } 830 }
703 } 831 }
704 832
705 // Tests the default permissions (empty API permission set). 833 // Tests the default permissions (empty API permission set).
706 TEST(ExtensionPermissionSetTest, DefaultFunctionAccess) { 834 TEST(ExtensionPermissionsTest, DefaultFunctionAccess) {
707 const struct { 835 const struct {
708 const char* permission_name; 836 const char* permission_name;
709 bool expect_success; 837 bool expect_success;
710 } kTests[] = { 838 } kTests[] = {
711 // Negative test. 839 // Negative test.
712 { "non_existing_permission", false }, 840 { "non_existing_permission", false },
713 // Test default module/package permission. 841 // Test default module/package permission.
714 { "browserAction", true }, 842 { "browserAction", true },
715 { "devtools", true }, 843 { "devtools", true },
716 { "extension", true }, 844 { "extension", true },
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after
764 { "tabs", true}, 892 { "tabs", true},
765 }; 893 };
766 894
767 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); 895 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet();
768 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { 896 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) {
769 EXPECT_EQ(kTests[i].expect_success, 897 EXPECT_EQ(kTests[i].expect_success,
770 empty->HasAnyAccessToAPI(kTests[i].api_name)); 898 empty->HasAnyAccessToAPI(kTests[i].api_name));
771 } 899 }
772 } 900 }
773 901
774 TEST(ExtensionPermissionSetTest, GetWarningMessages_ManyHosts) { 902 TEST(ExtensionPermissionsTest, GetWarningMessages_ManyHosts) {
775 scoped_refptr<Extension> extension; 903 scoped_refptr<Extension> extension;
776 904
777 extension = LoadManifest("permissions", "many-hosts.json"); 905 extension = LoadManifest("permissions", "many-hosts.json");
778 std::vector<string16> warnings = 906 std::vector<string16> warnings =
779 extension->GetActivePermissions()->GetWarningMessages(); 907 extension->GetActivePermissions()->GetWarningMessages();
780 ASSERT_EQ(1u, warnings.size()); 908 ASSERT_EQ(1u, warnings.size());
781 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", 909 EXPECT_EQ("Your data on encrypted.google.com and www.google.com",
782 UTF16ToUTF8(warnings[0])); 910 UTF16ToUTF8(warnings[0]));
783 } 911 }
784 912
785 TEST(ExtensionPermissionSetTest, GetWarningMessages_Plugins) { 913 TEST(ExtensionPermissionsTest, GetWarningMessages_Plugins) {
786 scoped_refptr<Extension> extension; 914 scoped_refptr<Extension> extension;
787 scoped_refptr<ExtensionPermissionSet> permissions; 915 scoped_refptr<ExtensionPermissionSet> permissions;
788 916
789 extension = LoadManifest("permissions", "plugins.json"); 917 extension = LoadManifest("permissions", "plugins.json");
790 std::vector<string16> warnings = 918 std::vector<string16> warnings =
791 extension->GetActivePermissions()->GetWarningMessages(); 919 extension->GetActivePermissions()->GetWarningMessages();
792 // We don't parse the plugins key on Chrome OS, so it should not ask for any 920 // We don't parse the plugins key on Chrome OS, so it should not ask for any
793 // permissions. 921 // permissions.
794 #if defined(OS_CHROMEOS) 922 #if defined(OS_CHROMEOS)
795 ASSERT_EQ(0u, warnings.size()); 923 ASSERT_EQ(0u, warnings.size());
796 #else 924 #else
797 ASSERT_EQ(1u, warnings.size()); 925 ASSERT_EQ(1u, warnings.size());
798 EXPECT_EQ("All data on your computer and the websites you visit", 926 EXPECT_EQ("All data on your computer and the websites you visit",
799 UTF16ToUTF8(warnings[0])); 927 UTF16ToUTF8(warnings[0]));
800 #endif 928 #endif
801 } 929 }
802 930
803 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay) { 931 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay) {
804 scoped_refptr<ExtensionPermissionSet> perm_set; 932 scoped_refptr<ExtensionPermissionSet> perm_set;
805 ExtensionAPIPermissionSet empty_perms; 933 ExtensionAPIPermissionSet empty_perms;
806 std::set<std::string> expected; 934 std::set<std::string> expected;
807 expected.insert("www.foo.com"); 935 expected.insert("www.foo.com");
808 expected.insert("www.bar.com"); 936 expected.insert("www.bar.com");
809 expected.insert("www.baz.com"); 937 expected.insert("www.baz.com");
810 URLPatternSet explicit_hosts; 938 URLPatternSet explicit_hosts;
811 URLPatternSet scriptable_hosts; 939 URLPatternSet scriptable_hosts;
812 940
813 { 941 {
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after
949 1077
950 explicit_hosts.AddPattern( 1078 explicit_hosts.AddPattern(
951 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); 1079 URLPattern(URLPattern::SCHEME_FILE, "file:///*"));
952 1080
953 perm_set = new ExtensionPermissionSet( 1081 perm_set = new ExtensionPermissionSet(
954 empty_perms, explicit_hosts, scriptable_hosts); 1082 empty_perms, explicit_hosts, scriptable_hosts);
955 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1083 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
956 } 1084 }
957 } 1085 }
958 1086
959 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_ComIsBestRcd) { 1087 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_ComIsBestRcd) {
960 scoped_refptr<ExtensionPermissionSet> perm_set; 1088 scoped_refptr<ExtensionPermissionSet> perm_set;
961 ExtensionAPIPermissionSet empty_perms; 1089 ExtensionAPIPermissionSet empty_perms;
962 URLPatternSet explicit_hosts; 1090 URLPatternSet explicit_hosts;
963 URLPatternSet scriptable_hosts; 1091 URLPatternSet scriptable_hosts;
964 explicit_hosts.AddPattern( 1092 explicit_hosts.AddPattern(
965 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1093 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
966 explicit_hosts.AddPattern( 1094 explicit_hosts.AddPattern(
967 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1095 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
968 explicit_hosts.AddPattern( 1096 explicit_hosts.AddPattern(
969 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1097 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
970 explicit_hosts.AddPattern( 1098 explicit_hosts.AddPattern(
971 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); 1099 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
972 explicit_hosts.AddPattern( 1100 explicit_hosts.AddPattern(
973 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1101 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
974 explicit_hosts.AddPattern( 1102 explicit_hosts.AddPattern(
975 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); 1103 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
976 1104
977 std::set<std::string> expected; 1105 std::set<std::string> expected;
978 expected.insert("www.foo.com"); 1106 expected.insert("www.foo.com");
979 perm_set = new ExtensionPermissionSet( 1107 perm_set = new ExtensionPermissionSet(
980 empty_perms, explicit_hosts, scriptable_hosts); 1108 empty_perms, explicit_hosts, scriptable_hosts);
981 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1109 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
982 } 1110 }
983 1111
984 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { 1112 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) {
985 scoped_refptr<ExtensionPermissionSet> perm_set; 1113 scoped_refptr<ExtensionPermissionSet> perm_set;
986 ExtensionAPIPermissionSet empty_perms; 1114 ExtensionAPIPermissionSet empty_perms;
987 URLPatternSet explicit_hosts; 1115 URLPatternSet explicit_hosts;
988 URLPatternSet scriptable_hosts; 1116 URLPatternSet scriptable_hosts;
989 explicit_hosts.AddPattern( 1117 explicit_hosts.AddPattern(
990 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1118 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
991 explicit_hosts.AddPattern( 1119 explicit_hosts.AddPattern(
992 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1120 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
993 explicit_hosts.AddPattern( 1121 explicit_hosts.AddPattern(
994 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1122 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
995 explicit_hosts.AddPattern( 1123 explicit_hosts.AddPattern(
996 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); 1124 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
997 explicit_hosts.AddPattern( 1125 explicit_hosts.AddPattern(
998 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1126 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
999 // No http://www.foo.com/path 1127 // No http://www.foo.com/path
1000 1128
1001 std::set<std::string> expected; 1129 std::set<std::string> expected;
1002 expected.insert("www.foo.net"); 1130 expected.insert("www.foo.net");
1003 perm_set = new ExtensionPermissionSet( 1131 perm_set = new ExtensionPermissionSet(
1004 empty_perms, explicit_hosts, scriptable_hosts); 1132 empty_perms, explicit_hosts, scriptable_hosts);
1005 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1133 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1006 } 1134 }
1007 1135
1008 TEST(ExtensionPermissionSetTest, 1136 TEST(ExtensionPermissionsTest,
1009 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { 1137 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) {
1010 scoped_refptr<ExtensionPermissionSet> perm_set; 1138 scoped_refptr<ExtensionPermissionSet> perm_set;
1011 ExtensionAPIPermissionSet empty_perms; 1139 ExtensionAPIPermissionSet empty_perms;
1012 URLPatternSet explicit_hosts; 1140 URLPatternSet explicit_hosts;
1013 URLPatternSet scriptable_hosts; 1141 URLPatternSet scriptable_hosts;
1014 explicit_hosts.AddPattern( 1142 explicit_hosts.AddPattern(
1015 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1143 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
1016 explicit_hosts.AddPattern( 1144 explicit_hosts.AddPattern(
1017 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1145 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
1018 explicit_hosts.AddPattern( 1146 explicit_hosts.AddPattern(
1019 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1147 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
1020 // No http://www.foo.net/path 1148 // No http://www.foo.net/path
1021 explicit_hosts.AddPattern( 1149 explicit_hosts.AddPattern(
1022 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1150 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
1023 // No http://www.foo.com/path 1151 // No http://www.foo.com/path
1024 1152
1025 std::set<std::string> expected; 1153 std::set<std::string> expected;
1026 expected.insert("www.foo.org"); 1154 expected.insert("www.foo.org");
1027 perm_set = new ExtensionPermissionSet( 1155 perm_set = new ExtensionPermissionSet(
1028 empty_perms, explicit_hosts, scriptable_hosts); 1156 empty_perms, explicit_hosts, scriptable_hosts);
1029 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1157 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1030 } 1158 }
1031 1159
1032 TEST(ExtensionPermissionSetTest, 1160 TEST(ExtensionPermissionsTest,
1033 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { 1161 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) {
1034 scoped_refptr<ExtensionPermissionSet> perm_set; 1162 scoped_refptr<ExtensionPermissionSet> perm_set;
1035 ExtensionAPIPermissionSet empty_perms; 1163 ExtensionAPIPermissionSet empty_perms;
1036 URLPatternSet explicit_hosts; 1164 URLPatternSet explicit_hosts;
1037 URLPatternSet scriptable_hosts; 1165 URLPatternSet scriptable_hosts;
1038 explicit_hosts.AddPattern( 1166 explicit_hosts.AddPattern(
1039 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1167 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
1040 // No http://www.foo.org/path 1168 // No http://www.foo.org/path
1041 explicit_hosts.AddPattern( 1169 explicit_hosts.AddPattern(
1042 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1170 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
1043 // No http://www.foo.net/path 1171 // No http://www.foo.net/path
1044 explicit_hosts.AddPattern( 1172 explicit_hosts.AddPattern(
1045 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1173 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
1046 // No http://www.foo.com/path 1174 // No http://www.foo.com/path
1047 1175
1048 std::set<std::string> expected; 1176 std::set<std::string> expected;
1049 expected.insert("www.foo.ca"); 1177 expected.insert("www.foo.ca");
1050 perm_set = new ExtensionPermissionSet( 1178 perm_set = new ExtensionPermissionSet(
1051 empty_perms, explicit_hosts, scriptable_hosts); 1179 empty_perms, explicit_hosts, scriptable_hosts);
1052 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1180 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1053 } 1181 }
1054 1182
1055 TEST(ExtensionPermissionSetTest, HasLessHostPrivilegesThan) { 1183 TEST(ExtensionPermissionsTest, HasLessHostPrivilegesThan) {
1056 URLPatternSet elist1; 1184 URLPatternSet elist1;
1057 URLPatternSet elist2; 1185 URLPatternSet elist2;
1058 URLPatternSet slist1; 1186 URLPatternSet slist1;
1059 URLPatternSet slist2; 1187 URLPatternSet slist2;
1060 scoped_refptr<ExtensionPermissionSet> set1; 1188 scoped_refptr<ExtensionPermissionSet> set1;
1061 scoped_refptr<ExtensionPermissionSet> set2; 1189 scoped_refptr<ExtensionPermissionSet> set2;
1062 ExtensionAPIPermissionSet empty_perms; 1190 ExtensionAPIPermissionSet empty_perms;
1063 elist1.AddPattern( 1191 elist1.AddPattern(
1064 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); 1192 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
1065 elist1.AddPattern( 1193 elist1.AddPattern(
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
1114 1242
1115 // Test that different subdomains count as different hosts. 1243 // Test that different subdomains count as different hosts.
1116 elist2.ClearPatterns(); 1244 elist2.ClearPatterns();
1117 elist2.AddPattern( 1245 elist2.AddPattern(
1118 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); 1246 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
1119 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); 1247 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2);
1120 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); 1248 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get()));
1121 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); 1249 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get()));
1122 } 1250 }
1123 1251
1124 TEST(ExtensionPermissionSetTest, GetAPIsAsStrings) { 1252 TEST(ExtensionPermissionsTest, GetAPIsAsStrings) {
1125 ExtensionAPIPermissionSet apis; 1253 ExtensionAPIPermissionSet apis;
1126 URLPatternSet empty_set; 1254 URLPatternSet empty_set;
1127 1255
1128 apis.insert(ExtensionAPIPermission::kProxy); 1256 apis.insert(ExtensionAPIPermission::kProxy);
1129 apis.insert(ExtensionAPIPermission::kBackground); 1257 apis.insert(ExtensionAPIPermission::kBackground);
1130 apis.insert(ExtensionAPIPermission::kNotification); 1258 apis.insert(ExtensionAPIPermission::kNotification);
1131 apis.insert(ExtensionAPIPermission::kTab); 1259 apis.insert(ExtensionAPIPermission::kTab);
1132 1260
1133 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( 1261 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet(
1134 apis, empty_set, empty_set); 1262 apis, empty_set, empty_set);
1135 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); 1263 std::set<std::string> api_names = perm_set->GetAPIsAsStrings();
1136 1264
1137 // The result is correct if it has the same number of elements 1265 // The result is correct if it has the same number of elements
1138 // and we can convert it back to the id set. 1266 // and we can convert it back to the id set.
1139 EXPECT_EQ(4u, api_names.size()); 1267 EXPECT_EQ(4u, api_names.size());
1140 EXPECT_EQ(apis, 1268 EXPECT_EQ(apis,
1141 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); 1269 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names));
1142 } 1270 }
1143 1271
1144 TEST(ExtensionPermissionSetTest, IsEmpty) { 1272 TEST(ExtensionPermissionsTest, IsEmpty) {
1145 ExtensionAPIPermissionSet empty_apis; 1273 ExtensionAPIPermissionSet empty_apis;
1146 URLPatternSet empty_extent; 1274 URLPatternSet empty_extent;
1147 1275
1148 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); 1276 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet();
1149 EXPECT_TRUE(empty->IsEmpty()); 1277 EXPECT_TRUE(empty->IsEmpty());
1150 scoped_refptr<ExtensionPermissionSet> perm_set; 1278 scoped_refptr<ExtensionPermissionSet> perm_set;
1151 1279
1152 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); 1280 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent);
1153 EXPECT_TRUE(perm_set->IsEmpty()); 1281 EXPECT_TRUE(perm_set->IsEmpty());
1154 1282
1155 ExtensionAPIPermissionSet non_empty_apis; 1283 ExtensionAPIPermissionSet non_empty_apis;
1156 non_empty_apis.insert(ExtensionAPIPermission::kBackground); 1284 non_empty_apis.insert(ExtensionAPIPermission::kBackground);
1157 perm_set = new ExtensionPermissionSet( 1285 perm_set = new ExtensionPermissionSet(
1158 non_empty_apis, empty_extent, empty_extent); 1286 non_empty_apis, empty_extent, empty_extent);
1159 EXPECT_FALSE(perm_set->IsEmpty()); 1287 EXPECT_FALSE(perm_set->IsEmpty());
1160 1288
1161 // Try non standard host 1289 // Try non standard host
1162 URLPatternSet non_empty_extent; 1290 URLPatternSet non_empty_extent;
1163 AddPattern(&non_empty_extent, "http://www.google.com/*"); 1291 AddPattern(&non_empty_extent, "http://www.google.com/*");
1164 1292
1165 perm_set = new ExtensionPermissionSet( 1293 perm_set = new ExtensionPermissionSet(
1166 empty_apis, non_empty_extent, empty_extent); 1294 empty_apis, non_empty_extent, empty_extent);
1167 EXPECT_FALSE(perm_set->IsEmpty()); 1295 EXPECT_FALSE(perm_set->IsEmpty());
1168 1296
1169 perm_set = new ExtensionPermissionSet( 1297 perm_set = new ExtensionPermissionSet(
1170 empty_apis, empty_extent, non_empty_extent); 1298 empty_apis, empty_extent, non_empty_extent);
1171 EXPECT_FALSE(perm_set->IsEmpty()); 1299 EXPECT_FALSE(perm_set->IsEmpty());
1172 } 1300 }
OLDNEW
« no previous file with comments | « chrome/common/extensions/extension_permission_set.cc ('k') | chrome/renderer/extensions/chrome_private_custom_bindings.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698