Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(184)

Side by Side Diff: chrome/common/extensions/extension_permission_set_unittest.cc

Issue 9317013: Add a centralized mechanism for whitelisting access to extension permissions. (Closed) Base URL: http://git.chromium.org/chromium/src.git@master
Patch Set: comments Created 8 years, 10 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/common/extensions/extension_permission_set.h" 5 #include "chrome/common/extensions/extension_permission_set.h"
6 6
7 #include "base/json/json_value_serializer.h" 7 #include "base/json/json_value_serializer.h"
8 #include "base/logging.h" 8 #include "base/logging.h"
9 #include "base/path_service.h" 9 #include "base/path_service.h"
10 #include "base/utf_string_conversions.h" 10 #include "base/utf_string_conversions.h"
11 #include "chrome/common/chrome_paths.h" 11 #include "chrome/common/chrome_paths.h"
12 #include "chrome/common/extensions/extension.h" 12 #include "chrome/common/extensions/extension.h"
13 #include "chrome/common/extensions/extension_constants.h"
14 #include "chrome/common/extensions/extension_error_utils.h"
15 #include "chrome/common/extensions/extension_permission_set.h"
13 #include "testing/gtest/include/gtest/gtest.h" 16 #include "testing/gtest/include/gtest/gtest.h"
14 17
18 namespace errors = extension_manifest_errors;
19 namespace keys = extension_manifest_keys;
20 namespace values = extension_manifest_values;
15 namespace { 21 namespace {
16 22
17 static scoped_refptr<Extension> LoadManifest(const std::string& dir, 23 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
18 const std::string& test_file, 24 const std::string& test_file,
19 int extra_flags) { 25 int extra_flags) {
20 FilePath path; 26 FilePath path;
21 PathService::Get(chrome::DIR_TEST_DATA, &path); 27 PathService::Get(chrome::DIR_TEST_DATA, &path);
22 path = path.AppendASCII("extensions") 28 path = path.AppendASCII("extensions")
23 .AppendASCII(dir) 29 .AppendASCII(dir)
24 .AppendASCII(test_file); 30 .AppendASCII(test_file);
(...skipping 12 matching lines...) Expand all
37 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); 43 Extension::STRICT_ERROR_CHECKS | extra_flags, &error);
38 EXPECT_TRUE(extension) << error; 44 EXPECT_TRUE(extension) << error;
39 return extension; 45 return extension;
40 } 46 }
41 47
42 static scoped_refptr<Extension> LoadManifest(const std::string& dir, 48 static scoped_refptr<Extension> LoadManifest(const std::string& dir,
43 const std::string& test_file) { 49 const std::string& test_file) {
44 return LoadManifest(dir, test_file, Extension::NO_FLAGS); 50 return LoadManifest(dir, test_file, Extension::NO_FLAGS);
45 } 51 }
46 52
53 static void LoadManifestAndExpectError(DictionaryValue* manifest,
54 Extension::Location location,
55 const std::string& permission) {
56 std::string error;
57 scoped_refptr<Extension> extension = Extension::Create(
58 FilePath(), location, *manifest,
59 Extension::STRICT_ERROR_CHECKS, &error);
60
61
62 std::string expected_error = ExtensionErrorUtils::FormatErrorMessage(
63 errors::kPermissionNotAllowed, permission);
64 EXPECT_FALSE(extension);
65 EXPECT_EQ(expected_error, error);
66 }
67
47 void CompareLists(const std::vector<std::string>& expected, 68 void CompareLists(const std::vector<std::string>& expected,
48 const std::vector<std::string>& actual) { 69 const std::vector<std::string>& actual) {
49 ASSERT_EQ(expected.size(), actual.size()); 70 ASSERT_EQ(expected.size(), actual.size());
50 71
51 for (size_t i = 0; i < expected.size(); ++i) { 72 for (size_t i = 0; i < expected.size(); ++i) {
52 EXPECT_EQ(expected[i], actual[i]); 73 EXPECT_EQ(expected[i], actual[i]);
53 } 74 }
54 } 75 }
55 76
56 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { 77 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
57 int schemes = URLPattern::SCHEME_ALL; 78 int schemes = URLPattern::SCHEME_ALL;
58 extent->AddPattern(URLPattern(schemes, pattern)); 79 extent->AddPattern(URLPattern(schemes, pattern));
59 } 80 }
60 81
61 } // namespace 82 } // namespace
62 83
63 class ExtensionAPIPermissionTest : public testing::Test { 84 class ExtensionPermissionsTest : public testing::Test {
64 }; 85 };
65 86
66 class ExtensionPermissionSetTest : public testing::Test {
67 };
68
69
70 // Tests GetByID. 87 // Tests GetByID.
71 TEST(ExtensionPermissionsInfoTest, GetByID) { 88 TEST(ExtensionPermissionsTest, GetByID) {
72 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 89 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
73 ExtensionAPIPermissionSet ids = info->GetAll(); 90 ExtensionAPIPermissionSet ids = info->GetAll();
74 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); 91 for (ExtensionAPIPermissionSet::iterator i = ids.begin();
75 i != ids.end(); ++i) { 92 i != ids.end(); ++i) {
76 EXPECT_EQ(*i, info->GetByID(*i)->id()); 93 EXPECT_EQ(*i, info->GetByID(*i)->id());
77 } 94 }
78 } 95 }
79 96
80 // Tests that GetByName works with normal permission names and aliases. 97 // Tests that GetByName works with normal permission names and aliases.
81 TEST(ExtensionPermissionsInfoTest, GetByName) { 98 TEST(ExtensionPermissionsTest, GetByName) {
82 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 99 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
83 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); 100 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id());
84 EXPECT_EQ(ExtensionAPIPermission::kManagement, 101 EXPECT_EQ(ExtensionAPIPermission::kManagement,
85 info->GetByName("management")->id()); 102 info->GetByName("management")->id());
86 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); 103 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj"));
87 } 104 }
88 105
89 TEST(ExtensionPermissionsInfoTest, GetAll) { 106 TEST(ExtensionPermissionsTest, GetAll) {
90 size_t count = 0; 107 size_t count = 0;
91 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 108 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
92 ExtensionAPIPermissionSet apis = info->GetAll(); 109 ExtensionAPIPermissionSet apis = info->GetAll();
93 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); 110 for (ExtensionAPIPermissionSet::iterator api = apis.begin();
94 api != apis.end(); ++api) { 111 api != apis.end(); ++api) {
95 // Make sure only the valid permission IDs get returned. 112 // Make sure only the valid permission IDs get returned.
96 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); 113 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api);
97 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); 114 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api);
98 count++; 115 count++;
99 } 116 }
100 EXPECT_EQ(count, info->get_permission_count()); 117 EXPECT_EQ(count, info->get_permission_count());
101 } 118 }
102 119
103 TEST(ExtensionPermissionInfoTest, GetAllByName) { 120 TEST(ExtensionPermissionsTest, GetAllByName) {
104 std::set<std::string> names; 121 std::set<std::string> names;
105 names.insert("background"); 122 names.insert("background");
106 names.insert("management"); 123 names.insert("management");
107 124
108 // This is an alias of kTab 125 // This is an alias of kTab
109 names.insert("windows"); 126 names.insert("windows");
110 127
111 // This unknown name should get dropped. 128 // This unknown name should get dropped.
112 names.insert("sdlkfjasdlkfj"); 129 names.insert("sdlkfjasdlkfj");
113 130
114 ExtensionAPIPermissionSet expected; 131 ExtensionAPIPermissionSet expected;
115 expected.insert(ExtensionAPIPermission::kBackground); 132 expected.insert(ExtensionAPIPermission::kBackground);
116 expected.insert(ExtensionAPIPermission::kManagement); 133 expected.insert(ExtensionAPIPermission::kManagement);
117 expected.insert(ExtensionAPIPermission::kTab); 134 expected.insert(ExtensionAPIPermission::kTab);
118 135
119 EXPECT_EQ(expected, 136 EXPECT_EQ(expected,
120 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); 137 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names));
121 } 138 }
122 139
123 // Tests that the aliases are properly mapped. 140 // Tests that the aliases are properly mapped.
124 TEST(ExtensionAPIPermissionTest, Aliases) { 141 TEST(ExtensionPermissionsTest, Aliases) {
125 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 142 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
126 // tabs: tabs, windows 143 // tabs: tabs, windows
127 std::string tabs_name = "tabs"; 144 std::string tabs_name = "tabs";
128 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); 145 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name());
129 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); 146 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id());
130 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); 147 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id());
131 148
132 // unlimitedStorage: unlimitedStorage, unlimited_storage 149 // unlimitedStorage: unlimitedStorage, unlimited_storage
133 std::string storage_name = "unlimitedStorage"; 150 std::string storage_name = "unlimitedStorage";
134 EXPECT_EQ(storage_name, info->GetByID( 151 EXPECT_EQ(storage_name, info->GetByID(
135 ExtensionAPIPermission::kUnlimitedStorage)->name()); 152 ExtensionAPIPermission::kUnlimitedStorage)->name());
136 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, 153 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage,
137 info->GetByName("unlimitedStorage")->id()); 154 info->GetByName("unlimitedStorage")->id());
138 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, 155 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage,
139 info->GetByName("unlimited_storage")->id()); 156 info->GetByName("unlimited_storage")->id());
140 } 157 }
141 158
142 TEST(ExtensionAPIPermissionTest, HostedAppPermissions) { 159 TEST(ExtensionPermissionsTest, HostedAppPermissions) {
143 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 160 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
144 ExtensionAPIPermissionSet hosted_perms; 161 ExtensionAPIPermissionSet hosted_perms;
145 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); 162 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications);
146 hosted_perms.insert(ExtensionAPIPermission::kBackground); 163 hosted_perms.insert(ExtensionAPIPermission::kBackground);
147 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); 164 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead);
148 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); 165 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite);
149 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); 166 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate);
150 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); 167 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate);
151 hosted_perms.insert(ExtensionAPIPermission::kExperimental); 168 hosted_perms.insert(ExtensionAPIPermission::kExperimental);
152 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); 169 hosted_perms.insert(ExtensionAPIPermission::kGeolocation);
153 hosted_perms.insert(ExtensionAPIPermission::kNotification); 170 hosted_perms.insert(ExtensionAPIPermission::kNotification);
154 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); 171 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage);
155 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); 172 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate);
156 173
174 DictionaryValue source;
175 source.SetString(keys::kName, "permission hosted app test");
176 source.SetString(keys::kVersion, "1");
177 source.SetInteger(keys::kManifestVersion, 2);
178 ListValue* urls = new ListValue();
179 urls->Append(Value::CreateStringValue("http://localhost/test.html"));
180 source.Set(keys::kWebURLs, urls);
181 source.SetString(keys::kLaunchWebURL, "http://localhost/test.html");
182
157 ExtensionAPIPermissionSet perms = info->GetAll(); 183 ExtensionAPIPermissionSet perms = info->GetAll();
158 size_t count = 0; 184 size_t count = 0;
159 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 185 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
160 i != perms.end(); ++i) { 186 i != perms.end(); ++i) {
161 count += hosted_perms.count(*i); 187 ExtensionAPIPermission* permission = info->GetByID(*i);
162 EXPECT_EQ(hosted_perms.count(*i) > 0, 188 if (permission->supports_hosted_apps()) {
163 info->GetByID(*i)->supports_hosted_apps()); 189 count++;
190 EXPECT_TRUE(hosted_perms.count(*i));
191 continue;
192 }
193
194 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
195 ListValue* permissions = new ListValue();
196 permissions->Append(Value::CreateStringValue(permission->name()));
197 manifest->Set(keys::kPermissions, permissions);
198
199 // This error may be generated for other reasons too, like if the permission
200 // has a whitelist.
201 LoadManifestAndExpectError(
202 manifest.get(), Extension::INTERNAL, permission->name());
164 } 203 }
165 204
166 EXPECT_EQ(hosted_perms.size(), count); 205 EXPECT_EQ(hosted_perms.size(), count);
167 } 206 }
168 207
169 TEST(ExtensionAPIPermissionTest, PlatformAppPermissions) { 208 TEST(ExtensionPermissionsTest, PlatformAppPermissions) {
170 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 209 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
171 ExtensionAPIPermissionSet blacklist; 210 ExtensionAPIPermissionSet blacklist;
172 blacklist.insert(ExtensionAPIPermission::kAppNotifications); 211 blacklist.insert(ExtensionAPIPermission::kAppNotifications);
173 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); 212 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate);
174 blacklist.insert(ExtensionAPIPermission::kChromePrivate); 213 blacklist.insert(ExtensionAPIPermission::kChromePrivate);
175 blacklist.insert(ExtensionAPIPermission::kCookie); 214 blacklist.insert(ExtensionAPIPermission::kCookie);
176 blacklist.insert(ExtensionAPIPermission::kTab); 215 blacklist.insert(ExtensionAPIPermission::kTab);
177 blacklist.insert(ExtensionAPIPermission::kWebNavigation); 216 blacklist.insert(ExtensionAPIPermission::kWebNavigation);
178 blacklist.insert(ExtensionAPIPermission::kWebRequest); 217 blacklist.insert(ExtensionAPIPermission::kWebRequest);
179 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); 218 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking);
180 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); 219 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate);
181 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); 220 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate);
182 221
222 DictionaryValue source;
223 source.SetString(keys::kName, "permission platform app test");
224 source.SetString(keys::kVersion, "1");
225 source.SetInteger(keys::kManifestVersion, 2);
226 source.SetBoolean(keys::kPlatformApp, true);
227 source.SetString(keys::kLaunchLocalPath, "test.html");
228 source.SetString(keys::kLaunchContainer, values::kLaunchContainerShell);
229
183 ExtensionAPIPermissionSet perms = info->GetAll(); 230 ExtensionAPIPermissionSet perms = info->GetAll();
184 size_t count = 0; 231 size_t count = 0;
185 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 232 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
186 i != perms.end(); ++i) { 233 i != perms.end(); ++i) {
187 count += blacklist.count(*i); 234 ExtensionAPIPermission* permission = info->GetByID(*i);
188 EXPECT_EQ(blacklist.count(*i) > 0, 235 if (permission->supports_platform_apps())
189 !info->GetByID(*i)->supports_platform_apps()); 236 continue;
237
238 count++;
239 EXPECT_TRUE(blacklist.count(*i));
240
241 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
242 ListValue* permissions = new ListValue();
243 permissions->Append(Value::CreateStringValue(permission->name()));
244 manifest->Set(keys::kPermissions, permissions);
245
246 // This error may be generated for other reasons too, like if the permission
247 // has a whitelist.
248 LoadManifestAndExpectError(
249 manifest.get(), Extension::INTERNAL, permission->name());
190 } 250 }
191 251
192 EXPECT_EQ(blacklist.size(), count); 252 EXPECT_EQ(blacklist.size(), count);
193 } 253 }
194 254
195 TEST(ExtensionAPIPermissionTest, ComponentOnlyPermissions) { 255 TEST(ExtensionPermissionsTest, ComponentOnlyPermissions) {
196 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); 256 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
197 ExtensionAPIPermissionSet private_perms; 257 ExtensionAPIPermissionSet private_perms;
198 private_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate);
199 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); 258 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate);
200 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); 259 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate);
201 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); 260 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate);
202 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); 261 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate);
203 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); 262 private_perms.insert(ExtensionAPIPermission::kSystemPrivate);
204 private_perms.insert(ExtensionAPIPermission::kWebstorePrivate); 263
264 DictionaryValue source;
265 source.SetString(keys::kName, "component only permission test");
266 source.SetString(keys::kVersion, "1");
267 source.SetInteger(keys::kManifestVersion, 2);
205 268
206 ExtensionAPIPermissionSet perms = info->GetAll(); 269 ExtensionAPIPermissionSet perms = info->GetAll();
207 int count = 0; 270 size_t count = 0;
208 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); 271 for (ExtensionAPIPermissionSet::iterator i = perms.begin();
209 i != perms.end(); ++i) { 272 i != perms.end(); ++i) {
210 count += private_perms.count(*i); 273 ExtensionAPIPermission* permission = info->GetByID(*i);
211 EXPECT_EQ(private_perms.count(*i) > 0, 274 if (!permission->is_component_only())
212 info->GetByID(*i)->is_component_only()); 275 continue;
276
277 count++;
278 EXPECT_TRUE(private_perms.count(*i));
279
280 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
281 ListValue* permissions = new ListValue();
282 permissions->Append(Value::CreateStringValue(permission->name()));
283 manifest->Set(keys::kPermissions, permissions);
284
285 LoadManifestAndExpectError(
286 manifest.get(), Extension::INTERNAL, permission->name());
213 } 287 }
214 288
215 EXPECT_EQ(7, count); 289 EXPECT_EQ(private_perms.size(), count);
216 } 290 }
217 291
218 TEST(ExtensionPermissionSetTest, EffectiveHostPermissions) { 292 // Tests that permission whitelists are enforced.
293 TEST(ExtensionPermissionsTest, Whitelists) {
294 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance();
295 ExtensionAPIPermissionSet ids = info->GetAll();
296
297 ExtensionAPIPermissionSet expected_whitelists;
298 expected_whitelists.insert(ExtensionAPIPermission::kChromeAuthPrivate);
299 expected_whitelists.insert(ExtensionAPIPermission::kChromePrivate);
300 expected_whitelists.insert(ExtensionAPIPermission::kInputMethodPrivate);
301 expected_whitelists.insert(ExtensionAPIPermission::kTerminalPrivate);
302 expected_whitelists.insert(ExtensionAPIPermission::kWebSocketProxyPrivate);
303 expected_whitelists.insert(ExtensionAPIPermission::kWebstorePrivate);
304
305 DictionaryValue source;
306 source.SetString(keys::kName, "permission whitelist test");
307 source.SetString(keys::kVersion, "1");
308 source.SetInteger(keys::kManifestVersion, 2);
309
310 size_t whitelists = 0;
311 for (ExtensionAPIPermissionSet::iterator i = ids.begin();
312 i != ids.end(); ++i) {
313 ExtensionAPIPermission* permission = info->GetByID(*i);
314 if (!permission->HasWhitelist())
315 continue;
316
317 whitelists++;
318 EXPECT_TRUE(expected_whitelists.count(*i));
319
320 scoped_ptr<DictionaryValue> manifest(source.DeepCopy());
321 ListValue* permissions = new ListValue();
322 permissions->Append(Value::CreateStringValue(permission->name()));
323 manifest->Set(keys::kPermissions, permissions);
324
325 // Even COMPONENT extensions are subject to the whitelist.
326 LoadManifestAndExpectError(
327 manifest.get(), Extension::COMPONENT, permission->name());
328 }
329
330 EXPECT_EQ(expected_whitelists.size(), whitelists);
331 }
332
333 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {
219 scoped_refptr<Extension> extension; 334 scoped_refptr<Extension> extension;
220 scoped_refptr<const ExtensionPermissionSet> permissions; 335 scoped_refptr<const ExtensionPermissionSet> permissions;
221 336
222 extension = LoadManifest("effective_host_permissions", "empty.json"); 337 extension = LoadManifest("effective_host_permissions", "empty.json");
223 permissions = extension->GetActivePermissions(); 338 permissions = extension->GetActivePermissions();
224 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); 339 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size());
225 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( 340 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(
226 GURL("http://www.google.com"))); 341 GURL("http://www.google.com")));
227 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); 342 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts());
228 343
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
284 399
285 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); 400 extension = LoadManifest("effective_host_permissions", "all_hosts3.json");
286 permissions = extension->GetActivePermissions(); 401 permissions = extension->GetActivePermissions();
287 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); 402 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/")));
288 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); 403 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/")));
289 EXPECT_TRUE( 404 EXPECT_TRUE(
290 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); 405 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com")));
291 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); 406 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts());
292 } 407 }
293 408
294 TEST(ExtensionPermissionSetTest, ExplicitAccessToOrigin) { 409 TEST(ExtensionPermissionsTest, ExplicitAccessToOrigin) {
295 ExtensionAPIPermissionSet apis; 410 ExtensionAPIPermissionSet apis;
296 URLPatternSet explicit_hosts; 411 URLPatternSet explicit_hosts;
297 URLPatternSet scriptable_hosts; 412 URLPatternSet scriptable_hosts;
298 413
299 AddPattern(&explicit_hosts, "http://*.google.com/*"); 414 AddPattern(&explicit_hosts, "http://*.google.com/*");
300 // The explicit host paths should get set to /*. 415 // The explicit host paths should get set to /*.
301 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); 416 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*");
302 417
303 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( 418 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet(
304 apis, explicit_hosts, scriptable_hosts); 419 apis, explicit_hosts, scriptable_hosts);
305 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 420 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
306 GURL("http://www.google.com/"))); 421 GURL("http://www.google.com/")));
307 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 422 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
308 GURL("http://test.google.com/"))); 423 GURL("http://test.google.com/")));
309 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 424 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(
310 GURL("http://www.example.com"))); 425 GURL("http://www.example.com")));
311 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( 426 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL(
312 GURL("http://www.example.com"))); 427 GURL("http://www.example.com")));
313 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( 428 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin(
314 GURL("http://test.example.com"))); 429 GURL("http://test.example.com")));
315 } 430 }
316 431
317 TEST(ExtensionPermissionSetTest, CreateUnion) { 432 TEST(ExtensionPermissionsTest, CreateUnion) {
318 ExtensionAPIPermissionSet apis1; 433 ExtensionAPIPermissionSet apis1;
319 ExtensionAPIPermissionSet apis2; 434 ExtensionAPIPermissionSet apis2;
320 ExtensionAPIPermissionSet expected_apis; 435 ExtensionAPIPermissionSet expected_apis;
321 436
322 URLPatternSet explicit_hosts1; 437 URLPatternSet explicit_hosts1;
323 URLPatternSet explicit_hosts2; 438 URLPatternSet explicit_hosts2;
324 URLPatternSet expected_explicit_hosts; 439 URLPatternSet expected_explicit_hosts;
325 440
326 URLPatternSet scriptable_hosts1; 441 URLPatternSet scriptable_hosts1;
327 URLPatternSet scriptable_hosts2; 442 URLPatternSet scriptable_hosts2;
(...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after
388 EXPECT_TRUE(union_set->Contains(*set2)); 503 EXPECT_TRUE(union_set->Contains(*set2));
389 504
390 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); 505 EXPECT_TRUE(union_set->HasEffectiveFullAccess());
391 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); 506 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts());
392 EXPECT_EQ(expected_apis, union_set->apis()); 507 EXPECT_EQ(expected_apis, union_set->apis());
393 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); 508 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts());
394 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); 509 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts());
395 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); 510 EXPECT_EQ(effective_hosts, union_set->effective_hosts());
396 } 511 }
397 512
398 TEST(ExtensionPermissionSetTest, CreateIntersection) { 513 TEST(ExtensionPermissionsTest, CreateIntersection) {
399 ExtensionAPIPermissionSet apis1; 514 ExtensionAPIPermissionSet apis1;
400 ExtensionAPIPermissionSet apis2; 515 ExtensionAPIPermissionSet apis2;
401 ExtensionAPIPermissionSet expected_apis; 516 ExtensionAPIPermissionSet expected_apis;
402 517
403 URLPatternSet explicit_hosts1; 518 URLPatternSet explicit_hosts1;
404 URLPatternSet explicit_hosts2; 519 URLPatternSet explicit_hosts2;
405 URLPatternSet expected_explicit_hosts; 520 URLPatternSet expected_explicit_hosts;
406 521
407 URLPatternSet scriptable_hosts1; 522 URLPatternSet scriptable_hosts1;
408 URLPatternSet scriptable_hosts2; 523 URLPatternSet scriptable_hosts2;
(...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after
464 EXPECT_FALSE(new_set->Contains(*set2)); 579 EXPECT_FALSE(new_set->Contains(*set2));
465 580
466 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); 581 EXPECT_FALSE(new_set->HasEffectiveFullAccess());
467 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); 582 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts());
468 EXPECT_EQ(expected_apis, new_set->apis()); 583 EXPECT_EQ(expected_apis, new_set->apis());
469 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); 584 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
470 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); 585 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
471 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); 586 EXPECT_EQ(effective_hosts, new_set->effective_hosts());
472 } 587 }
473 588
474 TEST(ExtensionPermissionSetTest, CreateDifference) { 589 TEST(ExtensionPermissionsTest, CreateDifference) {
475 ExtensionAPIPermissionSet apis1; 590 ExtensionAPIPermissionSet apis1;
476 ExtensionAPIPermissionSet apis2; 591 ExtensionAPIPermissionSet apis2;
477 ExtensionAPIPermissionSet expected_apis; 592 ExtensionAPIPermissionSet expected_apis;
478 593
479 URLPatternSet explicit_hosts1; 594 URLPatternSet explicit_hosts1;
480 URLPatternSet explicit_hosts2; 595 URLPatternSet explicit_hosts2;
481 URLPatternSet expected_explicit_hosts; 596 URLPatternSet expected_explicit_hosts;
482 597
483 URLPatternSet scriptable_hosts1; 598 URLPatternSet scriptable_hosts1;
484 URLPatternSet scriptable_hosts2; 599 URLPatternSet scriptable_hosts2;
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after
528 EXPECT_EQ(expected_apis, new_set->apis()); 643 EXPECT_EQ(expected_apis, new_set->apis());
529 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); 644 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
530 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); 645 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
531 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); 646 EXPECT_EQ(effective_hosts, new_set->effective_hosts());
532 647
533 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set 648 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set
534 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); 649 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get());
535 EXPECT_TRUE(set1->IsEmpty()); 650 EXPECT_TRUE(set1->IsEmpty());
536 } 651 }
537 652
538 TEST(ExtensionPermissionSetTest, HasLessPrivilegesThan) { 653 TEST(ExtensionPermissionsTest, HasLessPrivilegesThan) {
539 const struct { 654 const struct {
540 const char* base_name; 655 const char* base_name;
541 // Increase these sizes if you have more than 10. 656 // Increase these sizes if you have more than 10.
542 const char* granted_apis[10]; 657 const char* granted_apis[10];
543 const char* granted_hosts[10]; 658 const char* granted_hosts[10];
544 bool full_access; 659 bool full_access;
545 bool expect_increase; 660 bool expect_increase;
546 } kTests[] = { 661 } kTests[] = {
547 { "allhosts1", {NULL}, {"http://*/", NULL}, false, 662 { "allhosts1", {NULL}, {"http://*/", NULL}, false,
548 false }, // all -> all 663 false }, // all -> all
(...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after
621 scoped_refptr<const ExtensionPermissionSet> old_p( 736 scoped_refptr<const ExtensionPermissionSet> old_p(
622 old_extension->GetActivePermissions()); 737 old_extension->GetActivePermissions());
623 scoped_refptr<const ExtensionPermissionSet> new_p( 738 scoped_refptr<const ExtensionPermissionSet> new_p(
624 new_extension->GetActivePermissions()); 739 new_extension->GetActivePermissions());
625 740
626 EXPECT_EQ(kTests[i].expect_increase, 741 EXPECT_EQ(kTests[i].expect_increase,
627 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; 742 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name;
628 } 743 }
629 } 744 }
630 745
631 TEST(ExtensionPermissionSetTest, PermissionMessages) { 746 TEST(ExtensionPermissionsTest, PermissionMessages) {
632 // Ensure that all permissions that needs to show install UI actually have 747 // Ensure that all permissions that needs to show install UI actually have
633 // strings associated with them. 748 // strings associated with them.
634 ExtensionAPIPermissionSet skip; 749 ExtensionAPIPermissionSet skip;
635 750
636 // These are considered "nuisance" or "trivial" permissions that don't need 751 // These are considered "nuisance" or "trivial" permissions that don't need
637 // a prompt. 752 // a prompt.
638 skip.insert(ExtensionAPIPermission::kAppNotifications); 753 skip.insert(ExtensionAPIPermission::kAppNotifications);
639 skip.insert(ExtensionAPIPermission::kContextMenus); 754 skip.insert(ExtensionAPIPermission::kContextMenus);
640 skip.insert(ExtensionAPIPermission::kIdle); 755 skip.insert(ExtensionAPIPermission::kIdle);
641 skip.insert(ExtensionAPIPermission::kNotification); 756 skip.insert(ExtensionAPIPermission::kNotification);
(...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after
696 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) 811 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id())
697 << "unexpected message_id for " << permission->name(); 812 << "unexpected message_id for " << permission->name();
698 } else { 813 } else {
699 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) 814 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id())
700 << "missing message_id for " << permission->name(); 815 << "missing message_id for " << permission->name();
701 } 816 }
702 } 817 }
703 } 818 }
704 819
705 // Tests the default permissions (empty API permission set). 820 // Tests the default permissions (empty API permission set).
706 TEST(ExtensionPermissionSetTest, DefaultFunctionAccess) { 821 TEST(ExtensionPermissionsTest, DefaultFunctionAccess) {
707 const struct { 822 const struct {
708 const char* permission_name; 823 const char* permission_name;
709 bool expect_success; 824 bool expect_success;
710 } kTests[] = { 825 } kTests[] = {
711 // Negative test. 826 // Negative test.
712 { "non_existing_permission", false }, 827 { "non_existing_permission", false },
713 // Test default module/package permission. 828 // Test default module/package permission.
714 { "browserAction", true }, 829 { "browserAction", true },
715 { "devtools", true }, 830 { "devtools", true },
716 { "extension", true }, 831 { "extension", true },
(...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after
764 { "tabs", true}, 879 { "tabs", true},
765 }; 880 };
766 881
767 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); 882 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet();
768 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { 883 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) {
769 EXPECT_EQ(kTests[i].expect_success, 884 EXPECT_EQ(kTests[i].expect_success,
770 empty->HasAnyAccessToAPI(kTests[i].api_name)); 885 empty->HasAnyAccessToAPI(kTests[i].api_name));
771 } 886 }
772 } 887 }
773 888
774 TEST(ExtensionPermissionSetTest, GetWarningMessages_ManyHosts) { 889 TEST(ExtensionPermissionsTest, GetWarningMessages_ManyHosts) {
775 scoped_refptr<Extension> extension; 890 scoped_refptr<Extension> extension;
776 891
777 extension = LoadManifest("permissions", "many-hosts.json"); 892 extension = LoadManifest("permissions", "many-hosts.json");
778 std::vector<string16> warnings = 893 std::vector<string16> warnings =
779 extension->GetActivePermissions()->GetWarningMessages(); 894 extension->GetActivePermissions()->GetWarningMessages();
780 ASSERT_EQ(1u, warnings.size()); 895 ASSERT_EQ(1u, warnings.size());
781 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", 896 EXPECT_EQ("Your data on encrypted.google.com and www.google.com",
782 UTF16ToUTF8(warnings[0])); 897 UTF16ToUTF8(warnings[0]));
783 } 898 }
784 899
785 TEST(ExtensionPermissionSetTest, GetWarningMessages_Plugins) { 900 TEST(ExtensionPermissionsTest, GetWarningMessages_Plugins) {
786 scoped_refptr<Extension> extension; 901 scoped_refptr<Extension> extension;
787 scoped_refptr<ExtensionPermissionSet> permissions; 902 scoped_refptr<ExtensionPermissionSet> permissions;
788 903
789 extension = LoadManifest("permissions", "plugins.json"); 904 extension = LoadManifest("permissions", "plugins.json");
790 std::vector<string16> warnings = 905 std::vector<string16> warnings =
791 extension->GetActivePermissions()->GetWarningMessages(); 906 extension->GetActivePermissions()->GetWarningMessages();
792 // We don't parse the plugins key on Chrome OS, so it should not ask for any 907 // We don't parse the plugins key on Chrome OS, so it should not ask for any
793 // permissions. 908 // permissions.
794 #if defined(OS_CHROMEOS) 909 #if defined(OS_CHROMEOS)
795 ASSERT_EQ(0u, warnings.size()); 910 ASSERT_EQ(0u, warnings.size());
796 #else 911 #else
797 ASSERT_EQ(1u, warnings.size()); 912 ASSERT_EQ(1u, warnings.size());
798 EXPECT_EQ("All data on your computer and the websites you visit", 913 EXPECT_EQ("All data on your computer and the websites you visit",
799 UTF16ToUTF8(warnings[0])); 914 UTF16ToUTF8(warnings[0]));
800 #endif 915 #endif
801 } 916 }
802 917
803 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay) { 918 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay) {
804 scoped_refptr<ExtensionPermissionSet> perm_set; 919 scoped_refptr<ExtensionPermissionSet> perm_set;
805 ExtensionAPIPermissionSet empty_perms; 920 ExtensionAPIPermissionSet empty_perms;
806 std::set<std::string> expected; 921 std::set<std::string> expected;
807 expected.insert("www.foo.com"); 922 expected.insert("www.foo.com");
808 expected.insert("www.bar.com"); 923 expected.insert("www.bar.com");
809 expected.insert("www.baz.com"); 924 expected.insert("www.baz.com");
810 URLPatternSet explicit_hosts; 925 URLPatternSet explicit_hosts;
811 URLPatternSet scriptable_hosts; 926 URLPatternSet scriptable_hosts;
812 927
813 { 928 {
(...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after
949 1064
950 explicit_hosts.AddPattern( 1065 explicit_hosts.AddPattern(
951 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); 1066 URLPattern(URLPattern::SCHEME_FILE, "file:///*"));
952 1067
953 perm_set = new ExtensionPermissionSet( 1068 perm_set = new ExtensionPermissionSet(
954 empty_perms, explicit_hosts, scriptable_hosts); 1069 empty_perms, explicit_hosts, scriptable_hosts);
955 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1070 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
956 } 1071 }
957 } 1072 }
958 1073
959 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_ComIsBestRcd) { 1074 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_ComIsBestRcd) {
960 scoped_refptr<ExtensionPermissionSet> perm_set; 1075 scoped_refptr<ExtensionPermissionSet> perm_set;
961 ExtensionAPIPermissionSet empty_perms; 1076 ExtensionAPIPermissionSet empty_perms;
962 URLPatternSet explicit_hosts; 1077 URLPatternSet explicit_hosts;
963 URLPatternSet scriptable_hosts; 1078 URLPatternSet scriptable_hosts;
964 explicit_hosts.AddPattern( 1079 explicit_hosts.AddPattern(
965 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1080 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
966 explicit_hosts.AddPattern( 1081 explicit_hosts.AddPattern(
967 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1082 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
968 explicit_hosts.AddPattern( 1083 explicit_hosts.AddPattern(
969 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1084 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
970 explicit_hosts.AddPattern( 1085 explicit_hosts.AddPattern(
971 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); 1086 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
972 explicit_hosts.AddPattern( 1087 explicit_hosts.AddPattern(
973 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1088 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
974 explicit_hosts.AddPattern( 1089 explicit_hosts.AddPattern(
975 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); 1090 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
976 1091
977 std::set<std::string> expected; 1092 std::set<std::string> expected;
978 expected.insert("www.foo.com"); 1093 expected.insert("www.foo.com");
979 perm_set = new ExtensionPermissionSet( 1094 perm_set = new ExtensionPermissionSet(
980 empty_perms, explicit_hosts, scriptable_hosts); 1095 empty_perms, explicit_hosts, scriptable_hosts);
981 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1096 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
982 } 1097 }
983 1098
984 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { 1099 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) {
985 scoped_refptr<ExtensionPermissionSet> perm_set; 1100 scoped_refptr<ExtensionPermissionSet> perm_set;
986 ExtensionAPIPermissionSet empty_perms; 1101 ExtensionAPIPermissionSet empty_perms;
987 URLPatternSet explicit_hosts; 1102 URLPatternSet explicit_hosts;
988 URLPatternSet scriptable_hosts; 1103 URLPatternSet scriptable_hosts;
989 explicit_hosts.AddPattern( 1104 explicit_hosts.AddPattern(
990 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1105 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
991 explicit_hosts.AddPattern( 1106 explicit_hosts.AddPattern(
992 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1107 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
993 explicit_hosts.AddPattern( 1108 explicit_hosts.AddPattern(
994 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1109 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
995 explicit_hosts.AddPattern( 1110 explicit_hosts.AddPattern(
996 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); 1111 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
997 explicit_hosts.AddPattern( 1112 explicit_hosts.AddPattern(
998 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1113 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
999 // No http://www.foo.com/path 1114 // No http://www.foo.com/path
1000 1115
1001 std::set<std::string> expected; 1116 std::set<std::string> expected;
1002 expected.insert("www.foo.net"); 1117 expected.insert("www.foo.net");
1003 perm_set = new ExtensionPermissionSet( 1118 perm_set = new ExtensionPermissionSet(
1004 empty_perms, explicit_hosts, scriptable_hosts); 1119 empty_perms, explicit_hosts, scriptable_hosts);
1005 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1120 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1006 } 1121 }
1007 1122
1008 TEST(ExtensionPermissionSetTest, 1123 TEST(ExtensionPermissionsTest,
1009 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { 1124 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) {
1010 scoped_refptr<ExtensionPermissionSet> perm_set; 1125 scoped_refptr<ExtensionPermissionSet> perm_set;
1011 ExtensionAPIPermissionSet empty_perms; 1126 ExtensionAPIPermissionSet empty_perms;
1012 URLPatternSet explicit_hosts; 1127 URLPatternSet explicit_hosts;
1013 URLPatternSet scriptable_hosts; 1128 URLPatternSet scriptable_hosts;
1014 explicit_hosts.AddPattern( 1129 explicit_hosts.AddPattern(
1015 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1130 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
1016 explicit_hosts.AddPattern( 1131 explicit_hosts.AddPattern(
1017 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); 1132 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
1018 explicit_hosts.AddPattern( 1133 explicit_hosts.AddPattern(
1019 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1134 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
1020 // No http://www.foo.net/path 1135 // No http://www.foo.net/path
1021 explicit_hosts.AddPattern( 1136 explicit_hosts.AddPattern(
1022 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1137 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
1023 // No http://www.foo.com/path 1138 // No http://www.foo.com/path
1024 1139
1025 std::set<std::string> expected; 1140 std::set<std::string> expected;
1026 expected.insert("www.foo.org"); 1141 expected.insert("www.foo.org");
1027 perm_set = new ExtensionPermissionSet( 1142 perm_set = new ExtensionPermissionSet(
1028 empty_perms, explicit_hosts, scriptable_hosts); 1143 empty_perms, explicit_hosts, scriptable_hosts);
1029 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1144 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1030 } 1145 }
1031 1146
1032 TEST(ExtensionPermissionSetTest, 1147 TEST(ExtensionPermissionsTest,
1033 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { 1148 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) {
1034 scoped_refptr<ExtensionPermissionSet> perm_set; 1149 scoped_refptr<ExtensionPermissionSet> perm_set;
1035 ExtensionAPIPermissionSet empty_perms; 1150 ExtensionAPIPermissionSet empty_perms;
1036 URLPatternSet explicit_hosts; 1151 URLPatternSet explicit_hosts;
1037 URLPatternSet scriptable_hosts; 1152 URLPatternSet scriptable_hosts;
1038 explicit_hosts.AddPattern( 1153 explicit_hosts.AddPattern(
1039 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); 1154 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
1040 // No http://www.foo.org/path 1155 // No http://www.foo.org/path
1041 explicit_hosts.AddPattern( 1156 explicit_hosts.AddPattern(
1042 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); 1157 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
1043 // No http://www.foo.net/path 1158 // No http://www.foo.net/path
1044 explicit_hosts.AddPattern( 1159 explicit_hosts.AddPattern(
1045 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); 1160 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
1046 // No http://www.foo.com/path 1161 // No http://www.foo.com/path
1047 1162
1048 std::set<std::string> expected; 1163 std::set<std::string> expected;
1049 expected.insert("www.foo.ca"); 1164 expected.insert("www.foo.ca");
1050 perm_set = new ExtensionPermissionSet( 1165 perm_set = new ExtensionPermissionSet(
1051 empty_perms, explicit_hosts, scriptable_hosts); 1166 empty_perms, explicit_hosts, scriptable_hosts);
1052 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); 1167 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay());
1053 } 1168 }
1054 1169
1055 TEST(ExtensionPermissionSetTest, HasLessHostPrivilegesThan) { 1170 TEST(ExtensionPermissionsTest, HasLessHostPrivilegesThan) {
1056 URLPatternSet elist1; 1171 URLPatternSet elist1;
1057 URLPatternSet elist2; 1172 URLPatternSet elist2;
1058 URLPatternSet slist1; 1173 URLPatternSet slist1;
1059 URLPatternSet slist2; 1174 URLPatternSet slist2;
1060 scoped_refptr<ExtensionPermissionSet> set1; 1175 scoped_refptr<ExtensionPermissionSet> set1;
1061 scoped_refptr<ExtensionPermissionSet> set2; 1176 scoped_refptr<ExtensionPermissionSet> set2;
1062 ExtensionAPIPermissionSet empty_perms; 1177 ExtensionAPIPermissionSet empty_perms;
1063 elist1.AddPattern( 1178 elist1.AddPattern(
1064 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); 1179 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
1065 elist1.AddPattern( 1180 elist1.AddPattern(
(...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after
1114 1229
1115 // Test that different subdomains count as different hosts. 1230 // Test that different subdomains count as different hosts.
1116 elist2.ClearPatterns(); 1231 elist2.ClearPatterns();
1117 elist2.AddPattern( 1232 elist2.AddPattern(
1118 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); 1233 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
1119 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); 1234 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2);
1120 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); 1235 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get()));
1121 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); 1236 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get()));
1122 } 1237 }
1123 1238
1124 TEST(ExtensionPermissionSetTest, GetAPIsAsStrings) { 1239 TEST(ExtensionPermissionsTest, GetAPIsAsStrings) {
1125 ExtensionAPIPermissionSet apis; 1240 ExtensionAPIPermissionSet apis;
1126 URLPatternSet empty_set; 1241 URLPatternSet empty_set;
1127 1242
1128 apis.insert(ExtensionAPIPermission::kProxy); 1243 apis.insert(ExtensionAPIPermission::kProxy);
1129 apis.insert(ExtensionAPIPermission::kBackground); 1244 apis.insert(ExtensionAPIPermission::kBackground);
1130 apis.insert(ExtensionAPIPermission::kNotification); 1245 apis.insert(ExtensionAPIPermission::kNotification);
1131 apis.insert(ExtensionAPIPermission::kTab); 1246 apis.insert(ExtensionAPIPermission::kTab);
1132 1247
1133 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( 1248 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet(
1134 apis, empty_set, empty_set); 1249 apis, empty_set, empty_set);
1135 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); 1250 std::set<std::string> api_names = perm_set->GetAPIsAsStrings();
1136 1251
1137 // The result is correct if it has the same number of elements 1252 // The result is correct if it has the same number of elements
1138 // and we can convert it back to the id set. 1253 // and we can convert it back to the id set.
1139 EXPECT_EQ(4u, api_names.size()); 1254 EXPECT_EQ(4u, api_names.size());
1140 EXPECT_EQ(apis, 1255 EXPECT_EQ(apis,
1141 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); 1256 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names));
1142 } 1257 }
1143 1258
1144 TEST(ExtensionPermissionSetTest, IsEmpty) { 1259 TEST(ExtensionPermissionsTest, IsEmpty) {
1145 ExtensionAPIPermissionSet empty_apis; 1260 ExtensionAPIPermissionSet empty_apis;
1146 URLPatternSet empty_extent; 1261 URLPatternSet empty_extent;
1147 1262
1148 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); 1263 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet();
1149 EXPECT_TRUE(empty->IsEmpty()); 1264 EXPECT_TRUE(empty->IsEmpty());
1150 scoped_refptr<ExtensionPermissionSet> perm_set; 1265 scoped_refptr<ExtensionPermissionSet> perm_set;
1151 1266
1152 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); 1267 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent);
1153 EXPECT_TRUE(perm_set->IsEmpty()); 1268 EXPECT_TRUE(perm_set->IsEmpty());
1154 1269
1155 ExtensionAPIPermissionSet non_empty_apis; 1270 ExtensionAPIPermissionSet non_empty_apis;
1156 non_empty_apis.insert(ExtensionAPIPermission::kBackground); 1271 non_empty_apis.insert(ExtensionAPIPermission::kBackground);
1157 perm_set = new ExtensionPermissionSet( 1272 perm_set = new ExtensionPermissionSet(
1158 non_empty_apis, empty_extent, empty_extent); 1273 non_empty_apis, empty_extent, empty_extent);
1159 EXPECT_FALSE(perm_set->IsEmpty()); 1274 EXPECT_FALSE(perm_set->IsEmpty());
1160 1275
1161 // Try non standard host 1276 // Try non standard host
1162 URLPatternSet non_empty_extent; 1277 URLPatternSet non_empty_extent;
1163 AddPattern(&non_empty_extent, "http://www.google.com/*"); 1278 AddPattern(&non_empty_extent, "http://www.google.com/*");
1164 1279
1165 perm_set = new ExtensionPermissionSet( 1280 perm_set = new ExtensionPermissionSet(
1166 empty_apis, non_empty_extent, empty_extent); 1281 empty_apis, non_empty_extent, empty_extent);
1167 EXPECT_FALSE(perm_set->IsEmpty()); 1282 EXPECT_FALSE(perm_set->IsEmpty());
1168 1283
1169 perm_set = new ExtensionPermissionSet( 1284 perm_set = new ExtensionPermissionSet(
1170 empty_apis, empty_extent, non_empty_extent); 1285 empty_apis, empty_extent, non_empty_extent);
1171 EXPECT_FALSE(perm_set->IsEmpty()); 1286 EXPECT_FALSE(perm_set->IsEmpty());
1172 } 1287 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698