| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/extension_permission_set.h" | 5 #include "chrome/common/extensions/extension_permission_set.h" |
| 6 | 6 |
| 7 #include "base/json/json_value_serializer.h" | 7 #include "base/json/json_value_serializer.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/utf_string_conversions.h" | 10 #include "base/utf_string_conversions.h" |
| 11 #include "chrome/common/chrome_paths.h" | 11 #include "chrome/common/chrome_paths.h" |
| 12 #include "chrome/common/extensions/extension.h" | 12 #include "chrome/common/extensions/extension.h" |
| 13 #include "chrome/common/extensions/extension_constants.h" |
| 14 #include "chrome/common/extensions/extension_error_utils.h" |
| 15 #include "chrome/common/extensions/extension_permission_set.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
| 14 | 17 |
| 18 namespace errors = extension_manifest_errors; |
| 19 namespace keys = extension_manifest_keys; |
| 20 namespace values = extension_manifest_values; |
| 15 namespace { | 21 namespace { |
| 16 | 22 |
| 17 static scoped_refptr<Extension> LoadManifest(const std::string& dir, | 23 static scoped_refptr<Extension> LoadManifest(const std::string& dir, |
| 18 const std::string& test_file, | 24 const std::string& test_file, |
| 19 int extra_flags) { | 25 int extra_flags) { |
| 20 FilePath path; | 26 FilePath path; |
| 21 PathService::Get(chrome::DIR_TEST_DATA, &path); | 27 PathService::Get(chrome::DIR_TEST_DATA, &path); |
| 22 path = path.AppendASCII("extensions") | 28 path = path.AppendASCII("extensions") |
| 23 .AppendASCII(dir) | 29 .AppendASCII(dir) |
| 24 .AppendASCII(test_file); | 30 .AppendASCII(test_file); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 37 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); | 43 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); |
| 38 EXPECT_TRUE(extension) << error; | 44 EXPECT_TRUE(extension) << error; |
| 39 return extension; | 45 return extension; |
| 40 } | 46 } |
| 41 | 47 |
| 42 static scoped_refptr<Extension> LoadManifest(const std::string& dir, | 48 static scoped_refptr<Extension> LoadManifest(const std::string& dir, |
| 43 const std::string& test_file) { | 49 const std::string& test_file) { |
| 44 return LoadManifest(dir, test_file, Extension::NO_FLAGS); | 50 return LoadManifest(dir, test_file, Extension::NO_FLAGS); |
| 45 } | 51 } |
| 46 | 52 |
| 53 static scoped_refptr<Extension> LoadManifestFromValue( |
| 54 DictionaryValue* manifest, |
| 55 Extension::Location location, |
| 56 std::string* error) { |
| 57 return Extension::Create(FilePath(), location, *manifest, |
| 58 Extension::STRICT_ERROR_CHECKS, error); |
| 59 } |
| 60 |
| 61 static void LoadManifestAndExpectError(DictionaryValue* manifest, |
| 62 Extension::Location location, |
| 63 const std::string& permission) { |
| 64 std::string error; |
| 65 scoped_refptr<Extension> extension = |
| 66 LoadManifestFromValue(manifest, location, &error); |
| 67 |
| 68 std::string expected_error = ExtensionErrorUtils::FormatErrorMessage( |
| 69 errors::kPermissionNotAllowed, permission); |
| 70 EXPECT_FALSE(extension); |
| 71 EXPECT_EQ(expected_error, error); |
| 72 } |
| 73 |
| 47 void CompareLists(const std::vector<std::string>& expected, | 74 void CompareLists(const std::vector<std::string>& expected, |
| 48 const std::vector<std::string>& actual) { | 75 const std::vector<std::string>& actual) { |
| 49 ASSERT_EQ(expected.size(), actual.size()); | 76 ASSERT_EQ(expected.size(), actual.size()); |
| 50 | 77 |
| 51 for (size_t i = 0; i < expected.size(); ++i) { | 78 for (size_t i = 0; i < expected.size(); ++i) { |
| 52 EXPECT_EQ(expected[i], actual[i]); | 79 EXPECT_EQ(expected[i], actual[i]); |
| 53 } | 80 } |
| 54 } | 81 } |
| 55 | 82 |
| 56 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { | 83 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { |
| 57 int schemes = URLPattern::SCHEME_ALL; | 84 int schemes = URLPattern::SCHEME_ALL; |
| 58 extent->AddPattern(URLPattern(schemes, pattern)); | 85 extent->AddPattern(URLPattern(schemes, pattern)); |
| 59 } | 86 } |
| 60 | 87 |
| 61 } // namespace | 88 } // namespace |
| 62 | 89 |
| 63 class ExtensionAPIPermissionTest : public testing::Test { | 90 class ExtensionPermissionsTest : public testing::Test { |
| 64 }; | 91 }; |
| 65 | 92 |
| 66 class ExtensionPermissionSetTest : public testing::Test { | |
| 67 }; | |
| 68 | |
| 69 | |
| 70 // Tests GetByID. | 93 // Tests GetByID. |
| 71 TEST(ExtensionPermissionsInfoTest, GetByID) { | 94 TEST(ExtensionPermissionsTest, GetByID) { |
| 72 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 95 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 73 ExtensionAPIPermissionSet ids = info->GetAll(); | 96 ExtensionAPIPermissionSet ids = info->GetAll(); |
| 74 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); | 97 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); |
| 75 i != ids.end(); ++i) { | 98 i != ids.end(); ++i) { |
| 76 EXPECT_EQ(*i, info->GetByID(*i)->id()); | 99 EXPECT_EQ(*i, info->GetByID(*i)->id()); |
| 77 } | 100 } |
| 78 } | 101 } |
| 79 | 102 |
| 80 // Tests that GetByName works with normal permission names and aliases. | 103 // Tests that GetByName works with normal permission names and aliases. |
| 81 TEST(ExtensionPermissionsInfoTest, GetByName) { | 104 TEST(ExtensionPermissionsTest, GetByName) { |
| 82 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 105 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 83 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); | 106 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); |
| 84 EXPECT_EQ(ExtensionAPIPermission::kManagement, | 107 EXPECT_EQ(ExtensionAPIPermission::kManagement, |
| 85 info->GetByName("management")->id()); | 108 info->GetByName("management")->id()); |
| 86 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); | 109 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); |
| 87 } | 110 } |
| 88 | 111 |
| 89 TEST(ExtensionPermissionsInfoTest, GetAll) { | 112 TEST(ExtensionPermissionsTest, GetAll) { |
| 90 size_t count = 0; | 113 size_t count = 0; |
| 91 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 114 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 92 ExtensionAPIPermissionSet apis = info->GetAll(); | 115 ExtensionAPIPermissionSet apis = info->GetAll(); |
| 93 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); | 116 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); |
| 94 api != apis.end(); ++api) { | 117 api != apis.end(); ++api) { |
| 95 // Make sure only the valid permission IDs get returned. | 118 // Make sure only the valid permission IDs get returned. |
| 96 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); | 119 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); |
| 97 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); | 120 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); |
| 98 count++; | 121 count++; |
| 99 } | 122 } |
| 100 EXPECT_EQ(count, info->get_permission_count()); | 123 EXPECT_EQ(count, info->get_permission_count()); |
| 101 } | 124 } |
| 102 | 125 |
| 103 TEST(ExtensionPermissionInfoTest, GetAllByName) { | 126 TEST(ExtensionPermissionsTest, GetAllByName) { |
| 104 std::set<std::string> names; | 127 std::set<std::string> names; |
| 105 names.insert("background"); | 128 names.insert("background"); |
| 106 names.insert("management"); | 129 names.insert("management"); |
| 107 | 130 |
| 108 // This is an alias of kTab | 131 // This is an alias of kTab |
| 109 names.insert("windows"); | 132 names.insert("windows"); |
| 110 | 133 |
| 111 // This unknown name should get dropped. | 134 // This unknown name should get dropped. |
| 112 names.insert("sdlkfjasdlkfj"); | 135 names.insert("sdlkfjasdlkfj"); |
| 113 | 136 |
| 114 ExtensionAPIPermissionSet expected; | 137 ExtensionAPIPermissionSet expected; |
| 115 expected.insert(ExtensionAPIPermission::kBackground); | 138 expected.insert(ExtensionAPIPermission::kBackground); |
| 116 expected.insert(ExtensionAPIPermission::kManagement); | 139 expected.insert(ExtensionAPIPermission::kManagement); |
| 117 expected.insert(ExtensionAPIPermission::kTab); | 140 expected.insert(ExtensionAPIPermission::kTab); |
| 118 | 141 |
| 119 EXPECT_EQ(expected, | 142 EXPECT_EQ(expected, |
| 120 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); | 143 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); |
| 121 } | 144 } |
| 122 | 145 |
| 123 // Tests that the aliases are properly mapped. | 146 // Tests that the aliases are properly mapped. |
| 124 TEST(ExtensionAPIPermissionTest, Aliases) { | 147 TEST(ExtensionPermissionsTest, Aliases) { |
| 125 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 148 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 126 // tabs: tabs, windows | 149 // tabs: tabs, windows |
| 127 std::string tabs_name = "tabs"; | 150 std::string tabs_name = "tabs"; |
| 128 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); | 151 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); |
| 129 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); | 152 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); |
| 130 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); | 153 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); |
| 131 | 154 |
| 132 // unlimitedStorage: unlimitedStorage, unlimited_storage | 155 // unlimitedStorage: unlimitedStorage, unlimited_storage |
| 133 std::string storage_name = "unlimitedStorage"; | 156 std::string storage_name = "unlimitedStorage"; |
| 134 EXPECT_EQ(storage_name, info->GetByID( | 157 EXPECT_EQ(storage_name, info->GetByID( |
| 135 ExtensionAPIPermission::kUnlimitedStorage)->name()); | 158 ExtensionAPIPermission::kUnlimitedStorage)->name()); |
| 136 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, | 159 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, |
| 137 info->GetByName("unlimitedStorage")->id()); | 160 info->GetByName("unlimitedStorage")->id()); |
| 138 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, | 161 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, |
| 139 info->GetByName("unlimited_storage")->id()); | 162 info->GetByName("unlimited_storage")->id()); |
| 140 } | 163 } |
| 141 | 164 |
| 142 TEST(ExtensionAPIPermissionTest, HostedAppPermissions) { | 165 TEST(ExtensionPermissionsTest, HostedAppPermissions) { |
| 143 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 166 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 144 ExtensionAPIPermissionSet hosted_perms; | 167 ExtensionAPIPermissionSet hosted_perms; |
| 145 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); | 168 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); |
| 146 hosted_perms.insert(ExtensionAPIPermission::kBackground); | 169 hosted_perms.insert(ExtensionAPIPermission::kBackground); |
| 147 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); | 170 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); |
| 148 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); | 171 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); |
| 149 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); | 172 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 150 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); | 173 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); |
| 151 hosted_perms.insert(ExtensionAPIPermission::kExperimental); | 174 hosted_perms.insert(ExtensionAPIPermission::kExperimental); |
| 152 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); | 175 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); |
| 153 hosted_perms.insert(ExtensionAPIPermission::kNotification); | 176 hosted_perms.insert(ExtensionAPIPermission::kNotification); |
| 154 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); | 177 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); |
| 155 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); | 178 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 156 | 179 |
| 180 DictionaryValue source; |
| 181 source.SetString(keys::kName, "permission hosted app test"); |
| 182 source.SetString(keys::kVersion, "1"); |
| 183 source.SetInteger(keys::kManifestVersion, 2); |
| 184 ListValue* urls = new ListValue(); |
| 185 urls->Append(Value::CreateStringValue("http://localhost/test.html")); |
| 186 source.Set(keys::kWebURLs, urls); |
| 187 source.SetString(keys::kLaunchWebURL, "http://localhost/test.html"); |
| 188 |
| 157 ExtensionAPIPermissionSet perms = info->GetAll(); | 189 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 158 size_t count = 0; | 190 size_t count = 0; |
| 159 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 191 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 160 i != perms.end(); ++i) { | 192 i != perms.end(); ++i) { |
| 161 count += hosted_perms.count(*i); | 193 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 162 EXPECT_EQ(hosted_perms.count(*i) > 0, | 194 if (permission->supports_hosted_apps()) { |
| 163 info->GetByID(*i)->supports_hosted_apps()); | 195 count++; |
| 196 EXPECT_TRUE(hosted_perms.count(*i)); |
| 197 continue; |
| 198 } |
| 199 |
| 200 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 201 ListValue* permissions = new ListValue(); |
| 202 permissions->Append(Value::CreateStringValue(permission->name())); |
| 203 manifest->Set(keys::kPermissions, permissions); |
| 204 |
| 205 // This error may be generated for other reasons too, like if the permission |
| 206 // has a whitelist. |
| 207 LoadManifestAndExpectError( |
| 208 manifest.get(), Extension::INTERNAL, permission->name()); |
| 164 } | 209 } |
| 165 | 210 |
| 166 EXPECT_EQ(hosted_perms.size(), count); | 211 EXPECT_EQ(hosted_perms.size(), count); |
| 167 } | 212 } |
| 168 | 213 |
| 169 TEST(ExtensionAPIPermissionTest, PlatformAppPermissions) { | 214 TEST(ExtensionPermissionsTest, PlatformAppPermissions) { |
| 170 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 215 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 171 ExtensionAPIPermissionSet blacklist; | 216 ExtensionAPIPermissionSet blacklist; |
| 172 blacklist.insert(ExtensionAPIPermission::kAppNotifications); | 217 blacklist.insert(ExtensionAPIPermission::kAppNotifications); |
| 173 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); | 218 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 174 blacklist.insert(ExtensionAPIPermission::kChromePrivate); | 219 blacklist.insert(ExtensionAPIPermission::kChromePrivate); |
| 175 blacklist.insert(ExtensionAPIPermission::kCookie); | 220 blacklist.insert(ExtensionAPIPermission::kCookie); |
| 176 blacklist.insert(ExtensionAPIPermission::kTab); | 221 blacklist.insert(ExtensionAPIPermission::kTab); |
| 177 blacklist.insert(ExtensionAPIPermission::kWebNavigation); | 222 blacklist.insert(ExtensionAPIPermission::kWebNavigation); |
| 178 blacklist.insert(ExtensionAPIPermission::kWebRequest); | 223 blacklist.insert(ExtensionAPIPermission::kWebRequest); |
| 179 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); | 224 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); |
| 180 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); | 225 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); |
| 181 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); | 226 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 182 | 227 |
| 228 DictionaryValue source; |
| 229 source.SetString(keys::kName, "permission platform app test"); |
| 230 source.SetString(keys::kVersion, "1"); |
| 231 source.SetInteger(keys::kManifestVersion, 2); |
| 232 source.SetBoolean(keys::kPlatformApp, true); |
| 233 source.SetString(keys::kLaunchLocalPath, "test.html"); |
| 234 source.SetString(keys::kLaunchContainer, values::kLaunchContainerShell); |
| 235 |
| 183 ExtensionAPIPermissionSet perms = info->GetAll(); | 236 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 184 size_t count = 0; | 237 size_t count = 0; |
| 185 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 238 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 186 i != perms.end(); ++i) { | 239 i != perms.end(); ++i) { |
| 187 count += blacklist.count(*i); | 240 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 188 EXPECT_EQ(blacklist.count(*i) > 0, | 241 if (permission->supports_platform_apps()) |
| 189 !info->GetByID(*i)->supports_platform_apps()); | 242 continue; |
| 243 |
| 244 count++; |
| 245 EXPECT_TRUE(blacklist.count(*i)); |
| 246 |
| 247 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 248 ListValue* permissions = new ListValue(); |
| 249 permissions->Append(Value::CreateStringValue(permission->name())); |
| 250 manifest->Set(keys::kPermissions, permissions); |
| 251 |
| 252 // This error may be generated for other reasons too, like if the permission |
| 253 // has a whitelist. |
| 254 LoadManifestAndExpectError( |
| 255 manifest.get(), Extension::INTERNAL, permission->name()); |
| 190 } | 256 } |
| 191 | 257 |
| 192 EXPECT_EQ(blacklist.size(), count); | 258 EXPECT_EQ(blacklist.size(), count); |
| 193 } | 259 } |
| 194 | 260 |
| 195 TEST(ExtensionAPIPermissionTest, ComponentOnlyPermissions) { | 261 TEST(ExtensionPermissionsTest, ComponentOnlyPermissions) { |
| 196 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 262 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 197 ExtensionAPIPermissionSet private_perms; | 263 ExtensionAPIPermissionSet private_perms; |
| 198 private_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); | |
| 199 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); | 264 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); |
| 200 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); | 265 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); |
| 201 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); | 266 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); |
| 202 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); | 267 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); |
| 203 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); | 268 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); |
| 204 private_perms.insert(ExtensionAPIPermission::kWebstorePrivate); | 269 |
| 270 DictionaryValue source; |
| 271 source.SetString(keys::kName, "component only permission test"); |
| 272 source.SetString(keys::kVersion, "1"); |
| 273 source.SetInteger(keys::kManifestVersion, 2); |
| 205 | 274 |
| 206 ExtensionAPIPermissionSet perms = info->GetAll(); | 275 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 207 int count = 0; | 276 size_t count = 0; |
| 208 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 277 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 209 i != perms.end(); ++i) { | 278 i != perms.end(); ++i) { |
| 210 count += private_perms.count(*i); | 279 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 211 EXPECT_EQ(private_perms.count(*i) > 0, | 280 |
| 212 info->GetByID(*i)->is_component_only()); | 281 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 282 ListValue* permissions = new ListValue(); |
| 283 permissions->Append(Value::CreateStringValue(permission->name())); |
| 284 manifest->Set(keys::kPermissions, permissions); |
| 285 |
| 286 // COMPONENT extensions can access any permission. |
| 287 std::string error; |
| 288 scoped_refptr<Extension> extension = LoadManifestFromValue( |
| 289 manifest.get(), Extension::COMPONENT, &error); |
| 290 EXPECT_TRUE(extension); |
| 291 |
| 292 if (!permission->is_component_only()) |
| 293 continue; |
| 294 |
| 295 count++; |
| 296 EXPECT_TRUE(private_perms.count(*i)); |
| 297 |
| 298 // But INTERNAL extensions can't access component only permissions. |
| 299 LoadManifestAndExpectError( |
| 300 manifest.get(), Extension::INTERNAL, permission->name()); |
| 213 } | 301 } |
| 214 | 302 |
| 215 EXPECT_EQ(7, count); | 303 EXPECT_EQ(private_perms.size(), count); |
| 216 } | 304 } |
| 217 | 305 |
| 218 TEST(ExtensionPermissionSetTest, EffectiveHostPermissions) { | 306 // Tests that permission whitelists are enforced. |
| 307 TEST(ExtensionPermissionsTest, Whitelists) { |
| 308 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 309 ExtensionAPIPermissionSet ids = info->GetAll(); |
| 310 |
| 311 ExtensionAPIPermissionSet expected_whitelists; |
| 312 expected_whitelists.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 313 expected_whitelists.insert(ExtensionAPIPermission::kChromePrivate); |
| 314 expected_whitelists.insert(ExtensionAPIPermission::kInputMethodPrivate); |
| 315 expected_whitelists.insert(ExtensionAPIPermission::kTerminalPrivate); |
| 316 expected_whitelists.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); |
| 317 expected_whitelists.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 318 |
| 319 DictionaryValue source; |
| 320 source.SetString(keys::kName, "permission whitelist test"); |
| 321 source.SetString(keys::kVersion, "1"); |
| 322 source.SetInteger(keys::kManifestVersion, 2); |
| 323 |
| 324 size_t whitelists = 0; |
| 325 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); |
| 326 i != ids.end(); ++i) { |
| 327 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 328 if (!permission->HasWhitelist()) |
| 329 continue; |
| 330 |
| 331 whitelists++; |
| 332 EXPECT_TRUE(expected_whitelists.count(*i)); |
| 333 |
| 334 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 335 ListValue* permissions = new ListValue(); |
| 336 permissions->Append(Value::CreateStringValue(permission->name())); |
| 337 manifest->Set(keys::kPermissions, permissions); |
| 338 |
| 339 LoadManifestAndExpectError( |
| 340 manifest.get(), Extension::INTERNAL, permission->name()); |
| 341 } |
| 342 |
| 343 EXPECT_EQ(expected_whitelists.size(), whitelists); |
| 344 } |
| 345 |
| 346 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) { |
| 219 scoped_refptr<Extension> extension; | 347 scoped_refptr<Extension> extension; |
| 220 scoped_refptr<const ExtensionPermissionSet> permissions; | 348 scoped_refptr<const ExtensionPermissionSet> permissions; |
| 221 | 349 |
| 222 extension = LoadManifest("effective_host_permissions", "empty.json"); | 350 extension = LoadManifest("effective_host_permissions", "empty.json"); |
| 223 permissions = extension->GetActivePermissions(); | 351 permissions = extension->GetActivePermissions(); |
| 224 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); | 352 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); |
| 225 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( | 353 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( |
| 226 GURL("http://www.google.com"))); | 354 GURL("http://www.google.com"))); |
| 227 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); | 355 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); |
| 228 | 356 |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 284 | 412 |
| 285 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); | 413 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); |
| 286 permissions = extension->GetActivePermissions(); | 414 permissions = extension->GetActivePermissions(); |
| 287 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); | 415 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); |
| 288 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); | 416 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); |
| 289 EXPECT_TRUE( | 417 EXPECT_TRUE( |
| 290 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); | 418 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); |
| 291 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); | 419 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); |
| 292 } | 420 } |
| 293 | 421 |
| 294 TEST(ExtensionPermissionSetTest, ExplicitAccessToOrigin) { | 422 TEST(ExtensionPermissionsTest, ExplicitAccessToOrigin) { |
| 295 ExtensionAPIPermissionSet apis; | 423 ExtensionAPIPermissionSet apis; |
| 296 URLPatternSet explicit_hosts; | 424 URLPatternSet explicit_hosts; |
| 297 URLPatternSet scriptable_hosts; | 425 URLPatternSet scriptable_hosts; |
| 298 | 426 |
| 299 AddPattern(&explicit_hosts, "http://*.google.com/*"); | 427 AddPattern(&explicit_hosts, "http://*.google.com/*"); |
| 300 // The explicit host paths should get set to /*. | 428 // The explicit host paths should get set to /*. |
| 301 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); | 429 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); |
| 302 | 430 |
| 303 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( | 431 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( |
| 304 apis, explicit_hosts, scriptable_hosts); | 432 apis, explicit_hosts, scriptable_hosts); |
| 305 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 433 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 306 GURL("http://www.google.com/"))); | 434 GURL("http://www.google.com/"))); |
| 307 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 435 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 308 GURL("http://test.google.com/"))); | 436 GURL("http://test.google.com/"))); |
| 309 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 437 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 310 GURL("http://www.example.com"))); | 438 GURL("http://www.example.com"))); |
| 311 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( | 439 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( |
| 312 GURL("http://www.example.com"))); | 440 GURL("http://www.example.com"))); |
| 313 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( | 441 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( |
| 314 GURL("http://test.example.com"))); | 442 GURL("http://test.example.com"))); |
| 315 } | 443 } |
| 316 | 444 |
| 317 TEST(ExtensionPermissionSetTest, CreateUnion) { | 445 TEST(ExtensionPermissionsTest, CreateUnion) { |
| 318 ExtensionAPIPermissionSet apis1; | 446 ExtensionAPIPermissionSet apis1; |
| 319 ExtensionAPIPermissionSet apis2; | 447 ExtensionAPIPermissionSet apis2; |
| 320 ExtensionAPIPermissionSet expected_apis; | 448 ExtensionAPIPermissionSet expected_apis; |
| 321 | 449 |
| 322 URLPatternSet explicit_hosts1; | 450 URLPatternSet explicit_hosts1; |
| 323 URLPatternSet explicit_hosts2; | 451 URLPatternSet explicit_hosts2; |
| 324 URLPatternSet expected_explicit_hosts; | 452 URLPatternSet expected_explicit_hosts; |
| 325 | 453 |
| 326 URLPatternSet scriptable_hosts1; | 454 URLPatternSet scriptable_hosts1; |
| 327 URLPatternSet scriptable_hosts2; | 455 URLPatternSet scriptable_hosts2; |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 388 EXPECT_TRUE(union_set->Contains(*set2)); | 516 EXPECT_TRUE(union_set->Contains(*set2)); |
| 389 | 517 |
| 390 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); | 518 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); |
| 391 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); | 519 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); |
| 392 EXPECT_EQ(expected_apis, union_set->apis()); | 520 EXPECT_EQ(expected_apis, union_set->apis()); |
| 393 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); | 521 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); |
| 394 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); | 522 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); |
| 395 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); | 523 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); |
| 396 } | 524 } |
| 397 | 525 |
| 398 TEST(ExtensionPermissionSetTest, CreateIntersection) { | 526 TEST(ExtensionPermissionsTest, CreateIntersection) { |
| 399 ExtensionAPIPermissionSet apis1; | 527 ExtensionAPIPermissionSet apis1; |
| 400 ExtensionAPIPermissionSet apis2; | 528 ExtensionAPIPermissionSet apis2; |
| 401 ExtensionAPIPermissionSet expected_apis; | 529 ExtensionAPIPermissionSet expected_apis; |
| 402 | 530 |
| 403 URLPatternSet explicit_hosts1; | 531 URLPatternSet explicit_hosts1; |
| 404 URLPatternSet explicit_hosts2; | 532 URLPatternSet explicit_hosts2; |
| 405 URLPatternSet expected_explicit_hosts; | 533 URLPatternSet expected_explicit_hosts; |
| 406 | 534 |
| 407 URLPatternSet scriptable_hosts1; | 535 URLPatternSet scriptable_hosts1; |
| 408 URLPatternSet scriptable_hosts2; | 536 URLPatternSet scriptable_hosts2; |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 464 EXPECT_FALSE(new_set->Contains(*set2)); | 592 EXPECT_FALSE(new_set->Contains(*set2)); |
| 465 | 593 |
| 466 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); | 594 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); |
| 467 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); | 595 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); |
| 468 EXPECT_EQ(expected_apis, new_set->apis()); | 596 EXPECT_EQ(expected_apis, new_set->apis()); |
| 469 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); | 597 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); |
| 470 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); | 598 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); |
| 471 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); | 599 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); |
| 472 } | 600 } |
| 473 | 601 |
| 474 TEST(ExtensionPermissionSetTest, CreateDifference) { | 602 TEST(ExtensionPermissionsTest, CreateDifference) { |
| 475 ExtensionAPIPermissionSet apis1; | 603 ExtensionAPIPermissionSet apis1; |
| 476 ExtensionAPIPermissionSet apis2; | 604 ExtensionAPIPermissionSet apis2; |
| 477 ExtensionAPIPermissionSet expected_apis; | 605 ExtensionAPIPermissionSet expected_apis; |
| 478 | 606 |
| 479 URLPatternSet explicit_hosts1; | 607 URLPatternSet explicit_hosts1; |
| 480 URLPatternSet explicit_hosts2; | 608 URLPatternSet explicit_hosts2; |
| 481 URLPatternSet expected_explicit_hosts; | 609 URLPatternSet expected_explicit_hosts; |
| 482 | 610 |
| 483 URLPatternSet scriptable_hosts1; | 611 URLPatternSet scriptable_hosts1; |
| 484 URLPatternSet scriptable_hosts2; | 612 URLPatternSet scriptable_hosts2; |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 528 EXPECT_EQ(expected_apis, new_set->apis()); | 656 EXPECT_EQ(expected_apis, new_set->apis()); |
| 529 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); | 657 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); |
| 530 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); | 658 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); |
| 531 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); | 659 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); |
| 532 | 660 |
| 533 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set | 661 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set |
| 534 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); | 662 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); |
| 535 EXPECT_TRUE(set1->IsEmpty()); | 663 EXPECT_TRUE(set1->IsEmpty()); |
| 536 } | 664 } |
| 537 | 665 |
| 538 TEST(ExtensionPermissionSetTest, HasLessPrivilegesThan) { | 666 TEST(ExtensionPermissionsTest, HasLessPrivilegesThan) { |
| 539 const struct { | 667 const struct { |
| 540 const char* base_name; | 668 const char* base_name; |
| 541 // Increase these sizes if you have more than 10. | 669 // Increase these sizes if you have more than 10. |
| 542 const char* granted_apis[10]; | 670 const char* granted_apis[10]; |
| 543 const char* granted_hosts[10]; | 671 const char* granted_hosts[10]; |
| 544 bool full_access; | 672 bool full_access; |
| 545 bool expect_increase; | 673 bool expect_increase; |
| 546 } kTests[] = { | 674 } kTests[] = { |
| 547 { "allhosts1", {NULL}, {"http://*/", NULL}, false, | 675 { "allhosts1", {NULL}, {"http://*/", NULL}, false, |
| 548 false }, // all -> all | 676 false }, // all -> all |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 621 scoped_refptr<const ExtensionPermissionSet> old_p( | 749 scoped_refptr<const ExtensionPermissionSet> old_p( |
| 622 old_extension->GetActivePermissions()); | 750 old_extension->GetActivePermissions()); |
| 623 scoped_refptr<const ExtensionPermissionSet> new_p( | 751 scoped_refptr<const ExtensionPermissionSet> new_p( |
| 624 new_extension->GetActivePermissions()); | 752 new_extension->GetActivePermissions()); |
| 625 | 753 |
| 626 EXPECT_EQ(kTests[i].expect_increase, | 754 EXPECT_EQ(kTests[i].expect_increase, |
| 627 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; | 755 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; |
| 628 } | 756 } |
| 629 } | 757 } |
| 630 | 758 |
| 631 TEST(ExtensionPermissionSetTest, PermissionMessages) { | 759 TEST(ExtensionPermissionsTest, PermissionMessages) { |
| 632 // Ensure that all permissions that needs to show install UI actually have | 760 // Ensure that all permissions that needs to show install UI actually have |
| 633 // strings associated with them. | 761 // strings associated with them. |
| 634 ExtensionAPIPermissionSet skip; | 762 ExtensionAPIPermissionSet skip; |
| 635 | 763 |
| 636 // These are considered "nuisance" or "trivial" permissions that don't need | 764 // These are considered "nuisance" or "trivial" permissions that don't need |
| 637 // a prompt. | 765 // a prompt. |
| 638 skip.insert(ExtensionAPIPermission::kAppNotifications); | 766 skip.insert(ExtensionAPIPermission::kAppNotifications); |
| 639 skip.insert(ExtensionAPIPermission::kContextMenus); | 767 skip.insert(ExtensionAPIPermission::kContextMenus); |
| 640 skip.insert(ExtensionAPIPermission::kIdle); | 768 skip.insert(ExtensionAPIPermission::kIdle); |
| 641 skip.insert(ExtensionAPIPermission::kNotification); | 769 skip.insert(ExtensionAPIPermission::kNotification); |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 696 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) | 824 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) |
| 697 << "unexpected message_id for " << permission->name(); | 825 << "unexpected message_id for " << permission->name(); |
| 698 } else { | 826 } else { |
| 699 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) | 827 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) |
| 700 << "missing message_id for " << permission->name(); | 828 << "missing message_id for " << permission->name(); |
| 701 } | 829 } |
| 702 } | 830 } |
| 703 } | 831 } |
| 704 | 832 |
| 705 // Tests the default permissions (empty API permission set). | 833 // Tests the default permissions (empty API permission set). |
| 706 TEST(ExtensionPermissionSetTest, DefaultFunctionAccess) { | 834 TEST(ExtensionPermissionsTest, DefaultFunctionAccess) { |
| 707 const struct { | 835 const struct { |
| 708 const char* permission_name; | 836 const char* permission_name; |
| 709 bool expect_success; | 837 bool expect_success; |
| 710 } kTests[] = { | 838 } kTests[] = { |
| 711 // Negative test. | 839 // Negative test. |
| 712 { "non_existing_permission", false }, | 840 { "non_existing_permission", false }, |
| 713 // Test default module/package permission. | 841 // Test default module/package permission. |
| 714 { "browserAction", true }, | 842 { "browserAction", true }, |
| 715 { "devtools", true }, | 843 { "devtools", true }, |
| 716 { "extension", true }, | 844 { "extension", true }, |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 764 { "tabs", true}, | 892 { "tabs", true}, |
| 765 }; | 893 }; |
| 766 | 894 |
| 767 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); | 895 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); |
| 768 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { | 896 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { |
| 769 EXPECT_EQ(kTests[i].expect_success, | 897 EXPECT_EQ(kTests[i].expect_success, |
| 770 empty->HasAnyAccessToAPI(kTests[i].api_name)); | 898 empty->HasAnyAccessToAPI(kTests[i].api_name)); |
| 771 } | 899 } |
| 772 } | 900 } |
| 773 | 901 |
| 774 TEST(ExtensionPermissionSetTest, GetWarningMessages_ManyHosts) { | 902 TEST(ExtensionPermissionsTest, GetWarningMessages_ManyHosts) { |
| 775 scoped_refptr<Extension> extension; | 903 scoped_refptr<Extension> extension; |
| 776 | 904 |
| 777 extension = LoadManifest("permissions", "many-hosts.json"); | 905 extension = LoadManifest("permissions", "many-hosts.json"); |
| 778 std::vector<string16> warnings = | 906 std::vector<string16> warnings = |
| 779 extension->GetActivePermissions()->GetWarningMessages(); | 907 extension->GetActivePermissions()->GetWarningMessages(); |
| 780 ASSERT_EQ(1u, warnings.size()); | 908 ASSERT_EQ(1u, warnings.size()); |
| 781 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", | 909 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", |
| 782 UTF16ToUTF8(warnings[0])); | 910 UTF16ToUTF8(warnings[0])); |
| 783 } | 911 } |
| 784 | 912 |
| 785 TEST(ExtensionPermissionSetTest, GetWarningMessages_Plugins) { | 913 TEST(ExtensionPermissionsTest, GetWarningMessages_Plugins) { |
| 786 scoped_refptr<Extension> extension; | 914 scoped_refptr<Extension> extension; |
| 787 scoped_refptr<ExtensionPermissionSet> permissions; | 915 scoped_refptr<ExtensionPermissionSet> permissions; |
| 788 | 916 |
| 789 extension = LoadManifest("permissions", "plugins.json"); | 917 extension = LoadManifest("permissions", "plugins.json"); |
| 790 std::vector<string16> warnings = | 918 std::vector<string16> warnings = |
| 791 extension->GetActivePermissions()->GetWarningMessages(); | 919 extension->GetActivePermissions()->GetWarningMessages(); |
| 792 // We don't parse the plugins key on Chrome OS, so it should not ask for any | 920 // We don't parse the plugins key on Chrome OS, so it should not ask for any |
| 793 // permissions. | 921 // permissions. |
| 794 #if defined(OS_CHROMEOS) | 922 #if defined(OS_CHROMEOS) |
| 795 ASSERT_EQ(0u, warnings.size()); | 923 ASSERT_EQ(0u, warnings.size()); |
| 796 #else | 924 #else |
| 797 ASSERT_EQ(1u, warnings.size()); | 925 ASSERT_EQ(1u, warnings.size()); |
| 798 EXPECT_EQ("All data on your computer and the websites you visit", | 926 EXPECT_EQ("All data on your computer and the websites you visit", |
| 799 UTF16ToUTF8(warnings[0])); | 927 UTF16ToUTF8(warnings[0])); |
| 800 #endif | 928 #endif |
| 801 } | 929 } |
| 802 | 930 |
| 803 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay) { | 931 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay) { |
| 804 scoped_refptr<ExtensionPermissionSet> perm_set; | 932 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 805 ExtensionAPIPermissionSet empty_perms; | 933 ExtensionAPIPermissionSet empty_perms; |
| 806 std::set<std::string> expected; | 934 std::set<std::string> expected; |
| 807 expected.insert("www.foo.com"); | 935 expected.insert("www.foo.com"); |
| 808 expected.insert("www.bar.com"); | 936 expected.insert("www.bar.com"); |
| 809 expected.insert("www.baz.com"); | 937 expected.insert("www.baz.com"); |
| 810 URLPatternSet explicit_hosts; | 938 URLPatternSet explicit_hosts; |
| 811 URLPatternSet scriptable_hosts; | 939 URLPatternSet scriptable_hosts; |
| 812 | 940 |
| 813 { | 941 { |
| (...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 949 | 1077 |
| 950 explicit_hosts.AddPattern( | 1078 explicit_hosts.AddPattern( |
| 951 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); | 1079 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); |
| 952 | 1080 |
| 953 perm_set = new ExtensionPermissionSet( | 1081 perm_set = new ExtensionPermissionSet( |
| 954 empty_perms, explicit_hosts, scriptable_hosts); | 1082 empty_perms, explicit_hosts, scriptable_hosts); |
| 955 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1083 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 956 } | 1084 } |
| 957 } | 1085 } |
| 958 | 1086 |
| 959 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_ComIsBestRcd) { | 1087 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_ComIsBestRcd) { |
| 960 scoped_refptr<ExtensionPermissionSet> perm_set; | 1088 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 961 ExtensionAPIPermissionSet empty_perms; | 1089 ExtensionAPIPermissionSet empty_perms; |
| 962 URLPatternSet explicit_hosts; | 1090 URLPatternSet explicit_hosts; |
| 963 URLPatternSet scriptable_hosts; | 1091 URLPatternSet scriptable_hosts; |
| 964 explicit_hosts.AddPattern( | 1092 explicit_hosts.AddPattern( |
| 965 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1093 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 966 explicit_hosts.AddPattern( | 1094 explicit_hosts.AddPattern( |
| 967 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1095 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 968 explicit_hosts.AddPattern( | 1096 explicit_hosts.AddPattern( |
| 969 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1097 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 970 explicit_hosts.AddPattern( | 1098 explicit_hosts.AddPattern( |
| 971 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); | 1099 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); |
| 972 explicit_hosts.AddPattern( | 1100 explicit_hosts.AddPattern( |
| 973 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1101 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 974 explicit_hosts.AddPattern( | 1102 explicit_hosts.AddPattern( |
| 975 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); | 1103 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); |
| 976 | 1104 |
| 977 std::set<std::string> expected; | 1105 std::set<std::string> expected; |
| 978 expected.insert("www.foo.com"); | 1106 expected.insert("www.foo.com"); |
| 979 perm_set = new ExtensionPermissionSet( | 1107 perm_set = new ExtensionPermissionSet( |
| 980 empty_perms, explicit_hosts, scriptable_hosts); | 1108 empty_perms, explicit_hosts, scriptable_hosts); |
| 981 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1109 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 982 } | 1110 } |
| 983 | 1111 |
| 984 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { | 1112 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { |
| 985 scoped_refptr<ExtensionPermissionSet> perm_set; | 1113 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 986 ExtensionAPIPermissionSet empty_perms; | 1114 ExtensionAPIPermissionSet empty_perms; |
| 987 URLPatternSet explicit_hosts; | 1115 URLPatternSet explicit_hosts; |
| 988 URLPatternSet scriptable_hosts; | 1116 URLPatternSet scriptable_hosts; |
| 989 explicit_hosts.AddPattern( | 1117 explicit_hosts.AddPattern( |
| 990 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1118 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 991 explicit_hosts.AddPattern( | 1119 explicit_hosts.AddPattern( |
| 992 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1120 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 993 explicit_hosts.AddPattern( | 1121 explicit_hosts.AddPattern( |
| 994 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1122 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 995 explicit_hosts.AddPattern( | 1123 explicit_hosts.AddPattern( |
| 996 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); | 1124 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); |
| 997 explicit_hosts.AddPattern( | 1125 explicit_hosts.AddPattern( |
| 998 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1126 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 999 // No http://www.foo.com/path | 1127 // No http://www.foo.com/path |
| 1000 | 1128 |
| 1001 std::set<std::string> expected; | 1129 std::set<std::string> expected; |
| 1002 expected.insert("www.foo.net"); | 1130 expected.insert("www.foo.net"); |
| 1003 perm_set = new ExtensionPermissionSet( | 1131 perm_set = new ExtensionPermissionSet( |
| 1004 empty_perms, explicit_hosts, scriptable_hosts); | 1132 empty_perms, explicit_hosts, scriptable_hosts); |
| 1005 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1133 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1006 } | 1134 } |
| 1007 | 1135 |
| 1008 TEST(ExtensionPermissionSetTest, | 1136 TEST(ExtensionPermissionsTest, |
| 1009 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { | 1137 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { |
| 1010 scoped_refptr<ExtensionPermissionSet> perm_set; | 1138 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1011 ExtensionAPIPermissionSet empty_perms; | 1139 ExtensionAPIPermissionSet empty_perms; |
| 1012 URLPatternSet explicit_hosts; | 1140 URLPatternSet explicit_hosts; |
| 1013 URLPatternSet scriptable_hosts; | 1141 URLPatternSet scriptable_hosts; |
| 1014 explicit_hosts.AddPattern( | 1142 explicit_hosts.AddPattern( |
| 1015 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1143 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 1016 explicit_hosts.AddPattern( | 1144 explicit_hosts.AddPattern( |
| 1017 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1145 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 1018 explicit_hosts.AddPattern( | 1146 explicit_hosts.AddPattern( |
| 1019 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1147 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 1020 // No http://www.foo.net/path | 1148 // No http://www.foo.net/path |
| 1021 explicit_hosts.AddPattern( | 1149 explicit_hosts.AddPattern( |
| 1022 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1150 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 1023 // No http://www.foo.com/path | 1151 // No http://www.foo.com/path |
| 1024 | 1152 |
| 1025 std::set<std::string> expected; | 1153 std::set<std::string> expected; |
| 1026 expected.insert("www.foo.org"); | 1154 expected.insert("www.foo.org"); |
| 1027 perm_set = new ExtensionPermissionSet( | 1155 perm_set = new ExtensionPermissionSet( |
| 1028 empty_perms, explicit_hosts, scriptable_hosts); | 1156 empty_perms, explicit_hosts, scriptable_hosts); |
| 1029 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1157 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1030 } | 1158 } |
| 1031 | 1159 |
| 1032 TEST(ExtensionPermissionSetTest, | 1160 TEST(ExtensionPermissionsTest, |
| 1033 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { | 1161 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { |
| 1034 scoped_refptr<ExtensionPermissionSet> perm_set; | 1162 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1035 ExtensionAPIPermissionSet empty_perms; | 1163 ExtensionAPIPermissionSet empty_perms; |
| 1036 URLPatternSet explicit_hosts; | 1164 URLPatternSet explicit_hosts; |
| 1037 URLPatternSet scriptable_hosts; | 1165 URLPatternSet scriptable_hosts; |
| 1038 explicit_hosts.AddPattern( | 1166 explicit_hosts.AddPattern( |
| 1039 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1167 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 1040 // No http://www.foo.org/path | 1168 // No http://www.foo.org/path |
| 1041 explicit_hosts.AddPattern( | 1169 explicit_hosts.AddPattern( |
| 1042 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1170 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 1043 // No http://www.foo.net/path | 1171 // No http://www.foo.net/path |
| 1044 explicit_hosts.AddPattern( | 1172 explicit_hosts.AddPattern( |
| 1045 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1173 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 1046 // No http://www.foo.com/path | 1174 // No http://www.foo.com/path |
| 1047 | 1175 |
| 1048 std::set<std::string> expected; | 1176 std::set<std::string> expected; |
| 1049 expected.insert("www.foo.ca"); | 1177 expected.insert("www.foo.ca"); |
| 1050 perm_set = new ExtensionPermissionSet( | 1178 perm_set = new ExtensionPermissionSet( |
| 1051 empty_perms, explicit_hosts, scriptable_hosts); | 1179 empty_perms, explicit_hosts, scriptable_hosts); |
| 1052 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1180 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1053 } | 1181 } |
| 1054 | 1182 |
| 1055 TEST(ExtensionPermissionSetTest, HasLessHostPrivilegesThan) { | 1183 TEST(ExtensionPermissionsTest, HasLessHostPrivilegesThan) { |
| 1056 URLPatternSet elist1; | 1184 URLPatternSet elist1; |
| 1057 URLPatternSet elist2; | 1185 URLPatternSet elist2; |
| 1058 URLPatternSet slist1; | 1186 URLPatternSet slist1; |
| 1059 URLPatternSet slist2; | 1187 URLPatternSet slist2; |
| 1060 scoped_refptr<ExtensionPermissionSet> set1; | 1188 scoped_refptr<ExtensionPermissionSet> set1; |
| 1061 scoped_refptr<ExtensionPermissionSet> set2; | 1189 scoped_refptr<ExtensionPermissionSet> set2; |
| 1062 ExtensionAPIPermissionSet empty_perms; | 1190 ExtensionAPIPermissionSet empty_perms; |
| 1063 elist1.AddPattern( | 1191 elist1.AddPattern( |
| 1064 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); | 1192 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); |
| 1065 elist1.AddPattern( | 1193 elist1.AddPattern( |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1114 | 1242 |
| 1115 // Test that different subdomains count as different hosts. | 1243 // Test that different subdomains count as different hosts. |
| 1116 elist2.ClearPatterns(); | 1244 elist2.ClearPatterns(); |
| 1117 elist2.AddPattern( | 1245 elist2.AddPattern( |
| 1118 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); | 1246 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); |
| 1119 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); | 1247 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); |
| 1120 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); | 1248 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); |
| 1121 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); | 1249 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); |
| 1122 } | 1250 } |
| 1123 | 1251 |
| 1124 TEST(ExtensionPermissionSetTest, GetAPIsAsStrings) { | 1252 TEST(ExtensionPermissionsTest, GetAPIsAsStrings) { |
| 1125 ExtensionAPIPermissionSet apis; | 1253 ExtensionAPIPermissionSet apis; |
| 1126 URLPatternSet empty_set; | 1254 URLPatternSet empty_set; |
| 1127 | 1255 |
| 1128 apis.insert(ExtensionAPIPermission::kProxy); | 1256 apis.insert(ExtensionAPIPermission::kProxy); |
| 1129 apis.insert(ExtensionAPIPermission::kBackground); | 1257 apis.insert(ExtensionAPIPermission::kBackground); |
| 1130 apis.insert(ExtensionAPIPermission::kNotification); | 1258 apis.insert(ExtensionAPIPermission::kNotification); |
| 1131 apis.insert(ExtensionAPIPermission::kTab); | 1259 apis.insert(ExtensionAPIPermission::kTab); |
| 1132 | 1260 |
| 1133 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( | 1261 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( |
| 1134 apis, empty_set, empty_set); | 1262 apis, empty_set, empty_set); |
| 1135 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); | 1263 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); |
| 1136 | 1264 |
| 1137 // The result is correct if it has the same number of elements | 1265 // The result is correct if it has the same number of elements |
| 1138 // and we can convert it back to the id set. | 1266 // and we can convert it back to the id set. |
| 1139 EXPECT_EQ(4u, api_names.size()); | 1267 EXPECT_EQ(4u, api_names.size()); |
| 1140 EXPECT_EQ(apis, | 1268 EXPECT_EQ(apis, |
| 1141 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); | 1269 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); |
| 1142 } | 1270 } |
| 1143 | 1271 |
| 1144 TEST(ExtensionPermissionSetTest, IsEmpty) { | 1272 TEST(ExtensionPermissionsTest, IsEmpty) { |
| 1145 ExtensionAPIPermissionSet empty_apis; | 1273 ExtensionAPIPermissionSet empty_apis; |
| 1146 URLPatternSet empty_extent; | 1274 URLPatternSet empty_extent; |
| 1147 | 1275 |
| 1148 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); | 1276 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); |
| 1149 EXPECT_TRUE(empty->IsEmpty()); | 1277 EXPECT_TRUE(empty->IsEmpty()); |
| 1150 scoped_refptr<ExtensionPermissionSet> perm_set; | 1278 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1151 | 1279 |
| 1152 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); | 1280 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); |
| 1153 EXPECT_TRUE(perm_set->IsEmpty()); | 1281 EXPECT_TRUE(perm_set->IsEmpty()); |
| 1154 | 1282 |
| 1155 ExtensionAPIPermissionSet non_empty_apis; | 1283 ExtensionAPIPermissionSet non_empty_apis; |
| 1156 non_empty_apis.insert(ExtensionAPIPermission::kBackground); | 1284 non_empty_apis.insert(ExtensionAPIPermission::kBackground); |
| 1157 perm_set = new ExtensionPermissionSet( | 1285 perm_set = new ExtensionPermissionSet( |
| 1158 non_empty_apis, empty_extent, empty_extent); | 1286 non_empty_apis, empty_extent, empty_extent); |
| 1159 EXPECT_FALSE(perm_set->IsEmpty()); | 1287 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1160 | 1288 |
| 1161 // Try non standard host | 1289 // Try non standard host |
| 1162 URLPatternSet non_empty_extent; | 1290 URLPatternSet non_empty_extent; |
| 1163 AddPattern(&non_empty_extent, "http://www.google.com/*"); | 1291 AddPattern(&non_empty_extent, "http://www.google.com/*"); |
| 1164 | 1292 |
| 1165 perm_set = new ExtensionPermissionSet( | 1293 perm_set = new ExtensionPermissionSet( |
| 1166 empty_apis, non_empty_extent, empty_extent); | 1294 empty_apis, non_empty_extent, empty_extent); |
| 1167 EXPECT_FALSE(perm_set->IsEmpty()); | 1295 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1168 | 1296 |
| 1169 perm_set = new ExtensionPermissionSet( | 1297 perm_set = new ExtensionPermissionSet( |
| 1170 empty_apis, empty_extent, non_empty_extent); | 1298 empty_apis, empty_extent, non_empty_extent); |
| 1171 EXPECT_FALSE(perm_set->IsEmpty()); | 1299 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1172 } | 1300 } |
| OLD | NEW |