| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/common/extensions/extension_permission_set.h" | 5 #include "chrome/common/extensions/extension_permission_set.h" |
| 6 | 6 |
| 7 #include "base/json/json_value_serializer.h" | 7 #include "base/json/json_value_serializer.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/path_service.h" | 9 #include "base/path_service.h" |
| 10 #include "base/utf_string_conversions.h" | 10 #include "base/utf_string_conversions.h" |
| 11 #include "chrome/common/chrome_paths.h" | 11 #include "chrome/common/chrome_paths.h" |
| 12 #include "chrome/common/extensions/extension.h" | 12 #include "chrome/common/extensions/extension.h" |
| 13 #include "chrome/common/extensions/extension_constants.h" |
| 14 #include "chrome/common/extensions/extension_error_utils.h" |
| 15 #include "chrome/common/extensions/extension_permission_set.h" |
| 13 #include "testing/gtest/include/gtest/gtest.h" | 16 #include "testing/gtest/include/gtest/gtest.h" |
| 14 | 17 |
| 18 namespace errors = extension_manifest_errors; |
| 19 namespace keys = extension_manifest_keys; |
| 20 namespace values = extension_manifest_values; |
| 15 namespace { | 21 namespace { |
| 16 | 22 |
| 17 static scoped_refptr<Extension> LoadManifest(const std::string& dir, | 23 static scoped_refptr<Extension> LoadManifest(const std::string& dir, |
| 18 const std::string& test_file, | 24 const std::string& test_file, |
| 19 int extra_flags) { | 25 int extra_flags) { |
| 20 FilePath path; | 26 FilePath path; |
| 21 PathService::Get(chrome::DIR_TEST_DATA, &path); | 27 PathService::Get(chrome::DIR_TEST_DATA, &path); |
| 22 path = path.AppendASCII("extensions") | 28 path = path.AppendASCII("extensions") |
| 23 .AppendASCII(dir) | 29 .AppendASCII(dir) |
| 24 .AppendASCII(test_file); | 30 .AppendASCII(test_file); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 37 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); | 43 Extension::STRICT_ERROR_CHECKS | extra_flags, &error); |
| 38 EXPECT_TRUE(extension) << error; | 44 EXPECT_TRUE(extension) << error; |
| 39 return extension; | 45 return extension; |
| 40 } | 46 } |
| 41 | 47 |
| 42 static scoped_refptr<Extension> LoadManifest(const std::string& dir, | 48 static scoped_refptr<Extension> LoadManifest(const std::string& dir, |
| 43 const std::string& test_file) { | 49 const std::string& test_file) { |
| 44 return LoadManifest(dir, test_file, Extension::NO_FLAGS); | 50 return LoadManifest(dir, test_file, Extension::NO_FLAGS); |
| 45 } | 51 } |
| 46 | 52 |
| 53 static void LoadManifestAndExpectError(DictionaryValue* manifest, |
| 54 Extension::Location location, |
| 55 const std::string& permission) { |
| 56 std::string error; |
| 57 scoped_refptr<Extension> extension = Extension::Create( |
| 58 FilePath(), location, *manifest, |
| 59 Extension::STRICT_ERROR_CHECKS, &error); |
| 60 |
| 61 |
| 62 std::string expected_error = ExtensionErrorUtils::FormatErrorMessage( |
| 63 errors::kPermissionNotAllowed, permission); |
| 64 EXPECT_FALSE(extension); |
| 65 EXPECT_EQ(expected_error, error); |
| 66 } |
| 67 |
| 47 void CompareLists(const std::vector<std::string>& expected, | 68 void CompareLists(const std::vector<std::string>& expected, |
| 48 const std::vector<std::string>& actual) { | 69 const std::vector<std::string>& actual) { |
| 49 ASSERT_EQ(expected.size(), actual.size()); | 70 ASSERT_EQ(expected.size(), actual.size()); |
| 50 | 71 |
| 51 for (size_t i = 0; i < expected.size(); ++i) { | 72 for (size_t i = 0; i < expected.size(); ++i) { |
| 52 EXPECT_EQ(expected[i], actual[i]); | 73 EXPECT_EQ(expected[i], actual[i]); |
| 53 } | 74 } |
| 54 } | 75 } |
| 55 | 76 |
| 56 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { | 77 static void AddPattern(URLPatternSet* extent, const std::string& pattern) { |
| 57 int schemes = URLPattern::SCHEME_ALL; | 78 int schemes = URLPattern::SCHEME_ALL; |
| 58 extent->AddPattern(URLPattern(schemes, pattern)); | 79 extent->AddPattern(URLPattern(schemes, pattern)); |
| 59 } | 80 } |
| 60 | 81 |
| 61 } // namespace | 82 } // namespace |
| 62 | 83 |
| 63 class ExtensionAPIPermissionTest : public testing::Test { | 84 class ExtensionPermissionsTest : public testing::Test { |
| 64 }; | 85 }; |
| 65 | 86 |
| 66 class ExtensionPermissionSetTest : public testing::Test { | |
| 67 }; | |
| 68 | |
| 69 | |
| 70 // Tests GetByID. | 87 // Tests GetByID. |
| 71 TEST(ExtensionPermissionsInfoTest, GetByID) { | 88 TEST(ExtensionPermissionsTest, GetByID) { |
| 72 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 89 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 73 ExtensionAPIPermissionSet ids = info->GetAll(); | 90 ExtensionAPIPermissionSet ids = info->GetAll(); |
| 74 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); | 91 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); |
| 75 i != ids.end(); ++i) { | 92 i != ids.end(); ++i) { |
| 76 EXPECT_EQ(*i, info->GetByID(*i)->id()); | 93 EXPECT_EQ(*i, info->GetByID(*i)->id()); |
| 77 } | 94 } |
| 78 } | 95 } |
| 79 | 96 |
| 80 // Tests that GetByName works with normal permission names and aliases. | 97 // Tests that GetByName works with normal permission names and aliases. |
| 81 TEST(ExtensionPermissionsInfoTest, GetByName) { | 98 TEST(ExtensionPermissionsTest, GetByName) { |
| 82 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 99 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 83 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); | 100 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); |
| 84 EXPECT_EQ(ExtensionAPIPermission::kManagement, | 101 EXPECT_EQ(ExtensionAPIPermission::kManagement, |
| 85 info->GetByName("management")->id()); | 102 info->GetByName("management")->id()); |
| 86 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); | 103 EXPECT_FALSE(info->GetByName("alsdkfjasldkfj")); |
| 87 } | 104 } |
| 88 | 105 |
| 89 TEST(ExtensionPermissionsInfoTest, GetAll) { | 106 TEST(ExtensionPermissionsTest, GetAll) { |
| 90 size_t count = 0; | 107 size_t count = 0; |
| 91 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 108 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 92 ExtensionAPIPermissionSet apis = info->GetAll(); | 109 ExtensionAPIPermissionSet apis = info->GetAll(); |
| 93 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); | 110 for (ExtensionAPIPermissionSet::iterator api = apis.begin(); |
| 94 api != apis.end(); ++api) { | 111 api != apis.end(); ++api) { |
| 95 // Make sure only the valid permission IDs get returned. | 112 // Make sure only the valid permission IDs get returned. |
| 96 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); | 113 EXPECT_NE(ExtensionAPIPermission::kInvalid, *api); |
| 97 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); | 114 EXPECT_NE(ExtensionAPIPermission::kUnknown, *api); |
| 98 count++; | 115 count++; |
| 99 } | 116 } |
| 100 EXPECT_EQ(count, info->get_permission_count()); | 117 EXPECT_EQ(count, info->get_permission_count()); |
| 101 } | 118 } |
| 102 | 119 |
| 103 TEST(ExtensionPermissionInfoTest, GetAllByName) { | 120 TEST(ExtensionPermissionsTest, GetAllByName) { |
| 104 std::set<std::string> names; | 121 std::set<std::string> names; |
| 105 names.insert("background"); | 122 names.insert("background"); |
| 106 names.insert("management"); | 123 names.insert("management"); |
| 107 | 124 |
| 108 // This is an alias of kTab | 125 // This is an alias of kTab |
| 109 names.insert("windows"); | 126 names.insert("windows"); |
| 110 | 127 |
| 111 // This unknown name should get dropped. | 128 // This unknown name should get dropped. |
| 112 names.insert("sdlkfjasdlkfj"); | 129 names.insert("sdlkfjasdlkfj"); |
| 113 | 130 |
| 114 ExtensionAPIPermissionSet expected; | 131 ExtensionAPIPermissionSet expected; |
| 115 expected.insert(ExtensionAPIPermission::kBackground); | 132 expected.insert(ExtensionAPIPermission::kBackground); |
| 116 expected.insert(ExtensionAPIPermission::kManagement); | 133 expected.insert(ExtensionAPIPermission::kManagement); |
| 117 expected.insert(ExtensionAPIPermission::kTab); | 134 expected.insert(ExtensionAPIPermission::kTab); |
| 118 | 135 |
| 119 EXPECT_EQ(expected, | 136 EXPECT_EQ(expected, |
| 120 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); | 137 ExtensionPermissionsInfo::GetInstance()->GetAllByName(names)); |
| 121 } | 138 } |
| 122 | 139 |
| 123 // Tests that the aliases are properly mapped. | 140 // Tests that the aliases are properly mapped. |
| 124 TEST(ExtensionAPIPermissionTest, Aliases) { | 141 TEST(ExtensionPermissionsTest, Aliases) { |
| 125 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 142 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 126 // tabs: tabs, windows | 143 // tabs: tabs, windows |
| 127 std::string tabs_name = "tabs"; | 144 std::string tabs_name = "tabs"; |
| 128 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); | 145 EXPECT_EQ(tabs_name, info->GetByID(ExtensionAPIPermission::kTab)->name()); |
| 129 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); | 146 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("tabs")->id()); |
| 130 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); | 147 EXPECT_EQ(ExtensionAPIPermission::kTab, info->GetByName("windows")->id()); |
| 131 | 148 |
| 132 // unlimitedStorage: unlimitedStorage, unlimited_storage | 149 // unlimitedStorage: unlimitedStorage, unlimited_storage |
| 133 std::string storage_name = "unlimitedStorage"; | 150 std::string storage_name = "unlimitedStorage"; |
| 134 EXPECT_EQ(storage_name, info->GetByID( | 151 EXPECT_EQ(storage_name, info->GetByID( |
| 135 ExtensionAPIPermission::kUnlimitedStorage)->name()); | 152 ExtensionAPIPermission::kUnlimitedStorage)->name()); |
| 136 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, | 153 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, |
| 137 info->GetByName("unlimitedStorage")->id()); | 154 info->GetByName("unlimitedStorage")->id()); |
| 138 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, | 155 EXPECT_EQ(ExtensionAPIPermission::kUnlimitedStorage, |
| 139 info->GetByName("unlimited_storage")->id()); | 156 info->GetByName("unlimited_storage")->id()); |
| 140 } | 157 } |
| 141 | 158 |
| 142 TEST(ExtensionAPIPermissionTest, HostedAppPermissions) { | 159 TEST(ExtensionPermissionsTest, HostedAppPermissions) { |
| 143 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 160 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 144 ExtensionAPIPermissionSet hosted_perms; | 161 ExtensionAPIPermissionSet hosted_perms; |
| 145 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); | 162 hosted_perms.insert(ExtensionAPIPermission::kAppNotifications); |
| 146 hosted_perms.insert(ExtensionAPIPermission::kBackground); | 163 hosted_perms.insert(ExtensionAPIPermission::kBackground); |
| 147 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); | 164 hosted_perms.insert(ExtensionAPIPermission::kClipboardRead); |
| 148 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); | 165 hosted_perms.insert(ExtensionAPIPermission::kClipboardWrite); |
| 149 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); | 166 hosted_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 150 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); | 167 hosted_perms.insert(ExtensionAPIPermission::kChromePrivate); |
| 151 hosted_perms.insert(ExtensionAPIPermission::kExperimental); | 168 hosted_perms.insert(ExtensionAPIPermission::kExperimental); |
| 152 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); | 169 hosted_perms.insert(ExtensionAPIPermission::kGeolocation); |
| 153 hosted_perms.insert(ExtensionAPIPermission::kNotification); | 170 hosted_perms.insert(ExtensionAPIPermission::kNotification); |
| 154 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); | 171 hosted_perms.insert(ExtensionAPIPermission::kUnlimitedStorage); |
| 155 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); | 172 hosted_perms.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 156 | 173 |
| 174 DictionaryValue source; |
| 175 source.SetString(keys::kName, "permission hosted app test"); |
| 176 source.SetString(keys::kVersion, "1"); |
| 177 source.SetInteger(keys::kManifestVersion, 2); |
| 178 ListValue* urls = new ListValue(); |
| 179 urls->Append(Value::CreateStringValue("http://localhost/test.html")); |
| 180 source.Set(keys::kWebURLs, urls); |
| 181 source.SetString(keys::kLaunchWebURL, "http://localhost/test.html"); |
| 182 |
| 157 ExtensionAPIPermissionSet perms = info->GetAll(); | 183 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 158 size_t count = 0; | 184 size_t count = 0; |
| 159 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 185 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 160 i != perms.end(); ++i) { | 186 i != perms.end(); ++i) { |
| 161 count += hosted_perms.count(*i); | 187 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 162 EXPECT_EQ(hosted_perms.count(*i) > 0, | 188 if (permission->supports_hosted_apps()) { |
| 163 info->GetByID(*i)->supports_hosted_apps()); | 189 count++; |
| 190 EXPECT_TRUE(hosted_perms.count(*i)); |
| 191 continue; |
| 192 } |
| 193 |
| 194 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 195 ListValue* permissions = new ListValue(); |
| 196 permissions->Append(Value::CreateStringValue(permission->name())); |
| 197 manifest->Set(keys::kPermissions, permissions); |
| 198 |
| 199 // This error may be generated for other reasons too, like if the permission |
| 200 // has a whitelist. |
| 201 LoadManifestAndExpectError( |
| 202 manifest.get(), Extension::INTERNAL, permission->name()); |
| 164 } | 203 } |
| 165 | 204 |
| 166 EXPECT_EQ(hosted_perms.size(), count); | 205 EXPECT_EQ(hosted_perms.size(), count); |
| 167 } | 206 } |
| 168 | 207 |
| 169 TEST(ExtensionAPIPermissionTest, PlatformAppPermissions) { | 208 TEST(ExtensionPermissionsTest, PlatformAppPermissions) { |
| 170 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 209 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 171 ExtensionAPIPermissionSet blacklist; | 210 ExtensionAPIPermissionSet blacklist; |
| 172 blacklist.insert(ExtensionAPIPermission::kAppNotifications); | 211 blacklist.insert(ExtensionAPIPermission::kAppNotifications); |
| 173 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); | 212 blacklist.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 174 blacklist.insert(ExtensionAPIPermission::kChromePrivate); | 213 blacklist.insert(ExtensionAPIPermission::kChromePrivate); |
| 175 blacklist.insert(ExtensionAPIPermission::kCookie); | 214 blacklist.insert(ExtensionAPIPermission::kCookie); |
| 176 blacklist.insert(ExtensionAPIPermission::kTab); | 215 blacklist.insert(ExtensionAPIPermission::kTab); |
| 177 blacklist.insert(ExtensionAPIPermission::kWebNavigation); | 216 blacklist.insert(ExtensionAPIPermission::kWebNavigation); |
| 178 blacklist.insert(ExtensionAPIPermission::kWebRequest); | 217 blacklist.insert(ExtensionAPIPermission::kWebRequest); |
| 179 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); | 218 blacklist.insert(ExtensionAPIPermission::kWebRequestBlocking); |
| 180 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); | 219 blacklist.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); |
| 181 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); | 220 blacklist.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 182 | 221 |
| 222 DictionaryValue source; |
| 223 source.SetString(keys::kName, "permission platform app test"); |
| 224 source.SetString(keys::kVersion, "1"); |
| 225 source.SetInteger(keys::kManifestVersion, 2); |
| 226 source.SetBoolean(keys::kPlatformApp, true); |
| 227 source.SetString(keys::kLaunchLocalPath, "test.html"); |
| 228 source.SetString(keys::kLaunchContainer, values::kLaunchContainerShell); |
| 229 |
| 183 ExtensionAPIPermissionSet perms = info->GetAll(); | 230 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 184 size_t count = 0; | 231 size_t count = 0; |
| 185 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 232 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 186 i != perms.end(); ++i) { | 233 i != perms.end(); ++i) { |
| 187 count += blacklist.count(*i); | 234 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 188 EXPECT_EQ(blacklist.count(*i) > 0, | 235 if (permission->supports_platform_apps()) |
| 189 !info->GetByID(*i)->supports_platform_apps()); | 236 continue; |
| 237 |
| 238 count++; |
| 239 EXPECT_TRUE(blacklist.count(*i)); |
| 240 |
| 241 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 242 ListValue* permissions = new ListValue(); |
| 243 permissions->Append(Value::CreateStringValue(permission->name())); |
| 244 manifest->Set(keys::kPermissions, permissions); |
| 245 |
| 246 // This error may be generated for other reasons too, like if the permission |
| 247 // has a whitelist. |
| 248 LoadManifestAndExpectError( |
| 249 manifest.get(), Extension::INTERNAL, permission->name()); |
| 190 } | 250 } |
| 191 | 251 |
| 192 EXPECT_EQ(blacklist.size(), count); | 252 EXPECT_EQ(blacklist.size(), count); |
| 193 } | 253 } |
| 194 | 254 |
| 195 TEST(ExtensionAPIPermissionTest, ComponentOnlyPermissions) { | 255 TEST(ExtensionPermissionsTest, ComponentOnlyPermissions) { |
| 196 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); | 256 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 197 ExtensionAPIPermissionSet private_perms; | 257 ExtensionAPIPermissionSet private_perms; |
| 198 private_perms.insert(ExtensionAPIPermission::kChromeAuthPrivate); | |
| 199 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); | 258 private_perms.insert(ExtensionAPIPermission::kChromeosInfoPrivate); |
| 200 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); | 259 private_perms.insert(ExtensionAPIPermission::kFileBrowserPrivate); |
| 201 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); | 260 private_perms.insert(ExtensionAPIPermission::kMediaPlayerPrivate); |
| 202 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); | 261 private_perms.insert(ExtensionAPIPermission::kMetricsPrivate); |
| 203 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); | 262 private_perms.insert(ExtensionAPIPermission::kSystemPrivate); |
| 204 private_perms.insert(ExtensionAPIPermission::kWebstorePrivate); | 263 |
| 264 DictionaryValue source; |
| 265 source.SetString(keys::kName, "component only permission test"); |
| 266 source.SetString(keys::kVersion, "1"); |
| 267 source.SetInteger(keys::kManifestVersion, 2); |
| 205 | 268 |
| 206 ExtensionAPIPermissionSet perms = info->GetAll(); | 269 ExtensionAPIPermissionSet perms = info->GetAll(); |
| 207 int count = 0; | 270 size_t count = 0; |
| 208 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); | 271 for (ExtensionAPIPermissionSet::iterator i = perms.begin(); |
| 209 i != perms.end(); ++i) { | 272 i != perms.end(); ++i) { |
| 210 count += private_perms.count(*i); | 273 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 211 EXPECT_EQ(private_perms.count(*i) > 0, | 274 if (!permission->is_component_only()) |
| 212 info->GetByID(*i)->is_component_only()); | 275 continue; |
| 276 |
| 277 count++; |
| 278 EXPECT_TRUE(private_perms.count(*i)); |
| 279 |
| 280 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 281 ListValue* permissions = new ListValue(); |
| 282 permissions->Append(Value::CreateStringValue(permission->name())); |
| 283 manifest->Set(keys::kPermissions, permissions); |
| 284 |
| 285 LoadManifestAndExpectError( |
| 286 manifest.get(), Extension::INTERNAL, permission->name()); |
| 213 } | 287 } |
| 214 | 288 |
| 215 EXPECT_EQ(7, count); | 289 EXPECT_EQ(private_perms.size(), count); |
| 216 } | 290 } |
| 217 | 291 |
| 218 TEST(ExtensionPermissionSetTest, EffectiveHostPermissions) { | 292 // Tests that permission whitelists are enforced. |
| 293 TEST(ExtensionPermissionsTest, Whitelists) { |
| 294 ExtensionPermissionsInfo* info = ExtensionPermissionsInfo::GetInstance(); |
| 295 ExtensionAPIPermissionSet ids = info->GetAll(); |
| 296 |
| 297 ExtensionAPIPermissionSet expected_whitelists; |
| 298 expected_whitelists.insert(ExtensionAPIPermission::kChromeAuthPrivate); |
| 299 expected_whitelists.insert(ExtensionAPIPermission::kChromePrivate); |
| 300 expected_whitelists.insert(ExtensionAPIPermission::kInputMethodPrivate); |
| 301 expected_whitelists.insert(ExtensionAPIPermission::kTerminalPrivate); |
| 302 expected_whitelists.insert(ExtensionAPIPermission::kWebSocketProxyPrivate); |
| 303 expected_whitelists.insert(ExtensionAPIPermission::kWebstorePrivate); |
| 304 |
| 305 DictionaryValue source; |
| 306 source.SetString(keys::kName, "permission whitelist test"); |
| 307 source.SetString(keys::kVersion, "1"); |
| 308 source.SetInteger(keys::kManifestVersion, 2); |
| 309 |
| 310 size_t whitelists = 0; |
| 311 for (ExtensionAPIPermissionSet::iterator i = ids.begin(); |
| 312 i != ids.end(); ++i) { |
| 313 ExtensionAPIPermission* permission = info->GetByID(*i); |
| 314 if (!permission->HasWhitelist()) |
| 315 continue; |
| 316 |
| 317 whitelists++; |
| 318 EXPECT_TRUE(expected_whitelists.count(*i)); |
| 319 |
| 320 scoped_ptr<DictionaryValue> manifest(source.DeepCopy()); |
| 321 ListValue* permissions = new ListValue(); |
| 322 permissions->Append(Value::CreateStringValue(permission->name())); |
| 323 manifest->Set(keys::kPermissions, permissions); |
| 324 |
| 325 // Even COMPONENT extensions are subject to the whitelist. |
| 326 LoadManifestAndExpectError( |
| 327 manifest.get(), Extension::COMPONENT, permission->name()); |
| 328 } |
| 329 |
| 330 EXPECT_EQ(expected_whitelists.size(), whitelists); |
| 331 } |
| 332 |
| 333 TEST(ExtensionPermissionsTest, EffectiveHostPermissions) { |
| 219 scoped_refptr<Extension> extension; | 334 scoped_refptr<Extension> extension; |
| 220 scoped_refptr<const ExtensionPermissionSet> permissions; | 335 scoped_refptr<const ExtensionPermissionSet> permissions; |
| 221 | 336 |
| 222 extension = LoadManifest("effective_host_permissions", "empty.json"); | 337 extension = LoadManifest("effective_host_permissions", "empty.json"); |
| 223 permissions = extension->GetActivePermissions(); | 338 permissions = extension->GetActivePermissions(); |
| 224 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); | 339 EXPECT_EQ(0u, extension->GetEffectiveHostPermissions().patterns().size()); |
| 225 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( | 340 EXPECT_FALSE(permissions->HasEffectiveAccessToURL( |
| 226 GURL("http://www.google.com"))); | 341 GURL("http://www.google.com"))); |
| 227 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); | 342 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); |
| 228 | 343 |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 284 | 399 |
| 285 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); | 400 extension = LoadManifest("effective_host_permissions", "all_hosts3.json"); |
| 286 permissions = extension->GetActivePermissions(); | 401 permissions = extension->GetActivePermissions(); |
| 287 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); | 402 EXPECT_FALSE(permissions->HasEffectiveAccessToURL(GURL("http://test/"))); |
| 288 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); | 403 EXPECT_TRUE(permissions->HasEffectiveAccessToURL(GURL("https://test/"))); |
| 289 EXPECT_TRUE( | 404 EXPECT_TRUE( |
| 290 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); | 405 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); |
| 291 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); | 406 EXPECT_TRUE(permissions->HasEffectiveAccessToAllHosts()); |
| 292 } | 407 } |
| 293 | 408 |
| 294 TEST(ExtensionPermissionSetTest, ExplicitAccessToOrigin) { | 409 TEST(ExtensionPermissionsTest, ExplicitAccessToOrigin) { |
| 295 ExtensionAPIPermissionSet apis; | 410 ExtensionAPIPermissionSet apis; |
| 296 URLPatternSet explicit_hosts; | 411 URLPatternSet explicit_hosts; |
| 297 URLPatternSet scriptable_hosts; | 412 URLPatternSet scriptable_hosts; |
| 298 | 413 |
| 299 AddPattern(&explicit_hosts, "http://*.google.com/*"); | 414 AddPattern(&explicit_hosts, "http://*.google.com/*"); |
| 300 // The explicit host paths should get set to /*. | 415 // The explicit host paths should get set to /*. |
| 301 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); | 416 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); |
| 302 | 417 |
| 303 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( | 418 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( |
| 304 apis, explicit_hosts, scriptable_hosts); | 419 apis, explicit_hosts, scriptable_hosts); |
| 305 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 420 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 306 GURL("http://www.google.com/"))); | 421 GURL("http://www.google.com/"))); |
| 307 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 422 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 308 GURL("http://test.google.com/"))); | 423 GURL("http://test.google.com/"))); |
| 309 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( | 424 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( |
| 310 GURL("http://www.example.com"))); | 425 GURL("http://www.example.com"))); |
| 311 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( | 426 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( |
| 312 GURL("http://www.example.com"))); | 427 GURL("http://www.example.com"))); |
| 313 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( | 428 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( |
| 314 GURL("http://test.example.com"))); | 429 GURL("http://test.example.com"))); |
| 315 } | 430 } |
| 316 | 431 |
| 317 TEST(ExtensionPermissionSetTest, CreateUnion) { | 432 TEST(ExtensionPermissionsTest, CreateUnion) { |
| 318 ExtensionAPIPermissionSet apis1; | 433 ExtensionAPIPermissionSet apis1; |
| 319 ExtensionAPIPermissionSet apis2; | 434 ExtensionAPIPermissionSet apis2; |
| 320 ExtensionAPIPermissionSet expected_apis; | 435 ExtensionAPIPermissionSet expected_apis; |
| 321 | 436 |
| 322 URLPatternSet explicit_hosts1; | 437 URLPatternSet explicit_hosts1; |
| 323 URLPatternSet explicit_hosts2; | 438 URLPatternSet explicit_hosts2; |
| 324 URLPatternSet expected_explicit_hosts; | 439 URLPatternSet expected_explicit_hosts; |
| 325 | 440 |
| 326 URLPatternSet scriptable_hosts1; | 441 URLPatternSet scriptable_hosts1; |
| 327 URLPatternSet scriptable_hosts2; | 442 URLPatternSet scriptable_hosts2; |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 388 EXPECT_TRUE(union_set->Contains(*set2)); | 503 EXPECT_TRUE(union_set->Contains(*set2)); |
| 389 | 504 |
| 390 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); | 505 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); |
| 391 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); | 506 EXPECT_TRUE(union_set->HasEffectiveAccessToAllHosts()); |
| 392 EXPECT_EQ(expected_apis, union_set->apis()); | 507 EXPECT_EQ(expected_apis, union_set->apis()); |
| 393 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); | 508 EXPECT_EQ(expected_explicit_hosts, union_set->explicit_hosts()); |
| 394 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); | 509 EXPECT_EQ(expected_scriptable_hosts, union_set->scriptable_hosts()); |
| 395 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); | 510 EXPECT_EQ(effective_hosts, union_set->effective_hosts()); |
| 396 } | 511 } |
| 397 | 512 |
| 398 TEST(ExtensionPermissionSetTest, CreateIntersection) { | 513 TEST(ExtensionPermissionsTest, CreateIntersection) { |
| 399 ExtensionAPIPermissionSet apis1; | 514 ExtensionAPIPermissionSet apis1; |
| 400 ExtensionAPIPermissionSet apis2; | 515 ExtensionAPIPermissionSet apis2; |
| 401 ExtensionAPIPermissionSet expected_apis; | 516 ExtensionAPIPermissionSet expected_apis; |
| 402 | 517 |
| 403 URLPatternSet explicit_hosts1; | 518 URLPatternSet explicit_hosts1; |
| 404 URLPatternSet explicit_hosts2; | 519 URLPatternSet explicit_hosts2; |
| 405 URLPatternSet expected_explicit_hosts; | 520 URLPatternSet expected_explicit_hosts; |
| 406 | 521 |
| 407 URLPatternSet scriptable_hosts1; | 522 URLPatternSet scriptable_hosts1; |
| 408 URLPatternSet scriptable_hosts2; | 523 URLPatternSet scriptable_hosts2; |
| (...skipping 55 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 464 EXPECT_FALSE(new_set->Contains(*set2)); | 579 EXPECT_FALSE(new_set->Contains(*set2)); |
| 465 | 580 |
| 466 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); | 581 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); |
| 467 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); | 582 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); |
| 468 EXPECT_EQ(expected_apis, new_set->apis()); | 583 EXPECT_EQ(expected_apis, new_set->apis()); |
| 469 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); | 584 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); |
| 470 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); | 585 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); |
| 471 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); | 586 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); |
| 472 } | 587 } |
| 473 | 588 |
| 474 TEST(ExtensionPermissionSetTest, CreateDifference) { | 589 TEST(ExtensionPermissionsTest, CreateDifference) { |
| 475 ExtensionAPIPermissionSet apis1; | 590 ExtensionAPIPermissionSet apis1; |
| 476 ExtensionAPIPermissionSet apis2; | 591 ExtensionAPIPermissionSet apis2; |
| 477 ExtensionAPIPermissionSet expected_apis; | 592 ExtensionAPIPermissionSet expected_apis; |
| 478 | 593 |
| 479 URLPatternSet explicit_hosts1; | 594 URLPatternSet explicit_hosts1; |
| 480 URLPatternSet explicit_hosts2; | 595 URLPatternSet explicit_hosts2; |
| 481 URLPatternSet expected_explicit_hosts; | 596 URLPatternSet expected_explicit_hosts; |
| 482 | 597 |
| 483 URLPatternSet scriptable_hosts1; | 598 URLPatternSet scriptable_hosts1; |
| 484 URLPatternSet scriptable_hosts2; | 599 URLPatternSet scriptable_hosts2; |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 528 EXPECT_EQ(expected_apis, new_set->apis()); | 643 EXPECT_EQ(expected_apis, new_set->apis()); |
| 529 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); | 644 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); |
| 530 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); | 645 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); |
| 531 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); | 646 EXPECT_EQ(effective_hosts, new_set->effective_hosts()); |
| 532 | 647 |
| 533 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set | 648 // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set |
| 534 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); | 649 set1 = ExtensionPermissionSet::CreateIntersection(new_set.get(), set2.get()); |
| 535 EXPECT_TRUE(set1->IsEmpty()); | 650 EXPECT_TRUE(set1->IsEmpty()); |
| 536 } | 651 } |
| 537 | 652 |
| 538 TEST(ExtensionPermissionSetTest, HasLessPrivilegesThan) { | 653 TEST(ExtensionPermissionsTest, HasLessPrivilegesThan) { |
| 539 const struct { | 654 const struct { |
| 540 const char* base_name; | 655 const char* base_name; |
| 541 // Increase these sizes if you have more than 10. | 656 // Increase these sizes if you have more than 10. |
| 542 const char* granted_apis[10]; | 657 const char* granted_apis[10]; |
| 543 const char* granted_hosts[10]; | 658 const char* granted_hosts[10]; |
| 544 bool full_access; | 659 bool full_access; |
| 545 bool expect_increase; | 660 bool expect_increase; |
| 546 } kTests[] = { | 661 } kTests[] = { |
| 547 { "allhosts1", {NULL}, {"http://*/", NULL}, false, | 662 { "allhosts1", {NULL}, {"http://*/", NULL}, false, |
| 548 false }, // all -> all | 663 false }, // all -> all |
| (...skipping 72 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 621 scoped_refptr<const ExtensionPermissionSet> old_p( | 736 scoped_refptr<const ExtensionPermissionSet> old_p( |
| 622 old_extension->GetActivePermissions()); | 737 old_extension->GetActivePermissions()); |
| 623 scoped_refptr<const ExtensionPermissionSet> new_p( | 738 scoped_refptr<const ExtensionPermissionSet> new_p( |
| 624 new_extension->GetActivePermissions()); | 739 new_extension->GetActivePermissions()); |
| 625 | 740 |
| 626 EXPECT_EQ(kTests[i].expect_increase, | 741 EXPECT_EQ(kTests[i].expect_increase, |
| 627 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; | 742 old_p->HasLessPrivilegesThan(new_p)) << kTests[i].base_name; |
| 628 } | 743 } |
| 629 } | 744 } |
| 630 | 745 |
| 631 TEST(ExtensionPermissionSetTest, PermissionMessages) { | 746 TEST(ExtensionPermissionsTest, PermissionMessages) { |
| 632 // Ensure that all permissions that needs to show install UI actually have | 747 // Ensure that all permissions that needs to show install UI actually have |
| 633 // strings associated with them. | 748 // strings associated with them. |
| 634 ExtensionAPIPermissionSet skip; | 749 ExtensionAPIPermissionSet skip; |
| 635 | 750 |
| 636 // These are considered "nuisance" or "trivial" permissions that don't need | 751 // These are considered "nuisance" or "trivial" permissions that don't need |
| 637 // a prompt. | 752 // a prompt. |
| 638 skip.insert(ExtensionAPIPermission::kAppNotifications); | 753 skip.insert(ExtensionAPIPermission::kAppNotifications); |
| 639 skip.insert(ExtensionAPIPermission::kContextMenus); | 754 skip.insert(ExtensionAPIPermission::kContextMenus); |
| 640 skip.insert(ExtensionAPIPermission::kIdle); | 755 skip.insert(ExtensionAPIPermission::kIdle); |
| 641 skip.insert(ExtensionAPIPermission::kNotification); | 756 skip.insert(ExtensionAPIPermission::kNotification); |
| (...skipping 54 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 696 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) | 811 EXPECT_EQ(ExtensionPermissionMessage::kNone, permission->message_id()) |
| 697 << "unexpected message_id for " << permission->name(); | 812 << "unexpected message_id for " << permission->name(); |
| 698 } else { | 813 } else { |
| 699 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) | 814 EXPECT_NE(ExtensionPermissionMessage::kNone, permission->message_id()) |
| 700 << "missing message_id for " << permission->name(); | 815 << "missing message_id for " << permission->name(); |
| 701 } | 816 } |
| 702 } | 817 } |
| 703 } | 818 } |
| 704 | 819 |
| 705 // Tests the default permissions (empty API permission set). | 820 // Tests the default permissions (empty API permission set). |
| 706 TEST(ExtensionPermissionSetTest, DefaultFunctionAccess) { | 821 TEST(ExtensionPermissionsTest, DefaultFunctionAccess) { |
| 707 const struct { | 822 const struct { |
| 708 const char* permission_name; | 823 const char* permission_name; |
| 709 bool expect_success; | 824 bool expect_success; |
| 710 } kTests[] = { | 825 } kTests[] = { |
| 711 // Negative test. | 826 // Negative test. |
| 712 { "non_existing_permission", false }, | 827 { "non_existing_permission", false }, |
| 713 // Test default module/package permission. | 828 // Test default module/package permission. |
| 714 { "browserAction", true }, | 829 { "browserAction", true }, |
| 715 { "devtools", true }, | 830 { "devtools", true }, |
| 716 { "extension", true }, | 831 { "extension", true }, |
| (...skipping 47 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 764 { "tabs", true}, | 879 { "tabs", true}, |
| 765 }; | 880 }; |
| 766 | 881 |
| 767 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); | 882 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); |
| 768 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { | 883 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(kTests); ++i) { |
| 769 EXPECT_EQ(kTests[i].expect_success, | 884 EXPECT_EQ(kTests[i].expect_success, |
| 770 empty->HasAnyAccessToAPI(kTests[i].api_name)); | 885 empty->HasAnyAccessToAPI(kTests[i].api_name)); |
| 771 } | 886 } |
| 772 } | 887 } |
| 773 | 888 |
| 774 TEST(ExtensionPermissionSetTest, GetWarningMessages_ManyHosts) { | 889 TEST(ExtensionPermissionsTest, GetWarningMessages_ManyHosts) { |
| 775 scoped_refptr<Extension> extension; | 890 scoped_refptr<Extension> extension; |
| 776 | 891 |
| 777 extension = LoadManifest("permissions", "many-hosts.json"); | 892 extension = LoadManifest("permissions", "many-hosts.json"); |
| 778 std::vector<string16> warnings = | 893 std::vector<string16> warnings = |
| 779 extension->GetActivePermissions()->GetWarningMessages(); | 894 extension->GetActivePermissions()->GetWarningMessages(); |
| 780 ASSERT_EQ(1u, warnings.size()); | 895 ASSERT_EQ(1u, warnings.size()); |
| 781 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", | 896 EXPECT_EQ("Your data on encrypted.google.com and www.google.com", |
| 782 UTF16ToUTF8(warnings[0])); | 897 UTF16ToUTF8(warnings[0])); |
| 783 } | 898 } |
| 784 | 899 |
| 785 TEST(ExtensionPermissionSetTest, GetWarningMessages_Plugins) { | 900 TEST(ExtensionPermissionsTest, GetWarningMessages_Plugins) { |
| 786 scoped_refptr<Extension> extension; | 901 scoped_refptr<Extension> extension; |
| 787 scoped_refptr<ExtensionPermissionSet> permissions; | 902 scoped_refptr<ExtensionPermissionSet> permissions; |
| 788 | 903 |
| 789 extension = LoadManifest("permissions", "plugins.json"); | 904 extension = LoadManifest("permissions", "plugins.json"); |
| 790 std::vector<string16> warnings = | 905 std::vector<string16> warnings = |
| 791 extension->GetActivePermissions()->GetWarningMessages(); | 906 extension->GetActivePermissions()->GetWarningMessages(); |
| 792 // We don't parse the plugins key on Chrome OS, so it should not ask for any | 907 // We don't parse the plugins key on Chrome OS, so it should not ask for any |
| 793 // permissions. | 908 // permissions. |
| 794 #if defined(OS_CHROMEOS) | 909 #if defined(OS_CHROMEOS) |
| 795 ASSERT_EQ(0u, warnings.size()); | 910 ASSERT_EQ(0u, warnings.size()); |
| 796 #else | 911 #else |
| 797 ASSERT_EQ(1u, warnings.size()); | 912 ASSERT_EQ(1u, warnings.size()); |
| 798 EXPECT_EQ("All data on your computer and the websites you visit", | 913 EXPECT_EQ("All data on your computer and the websites you visit", |
| 799 UTF16ToUTF8(warnings[0])); | 914 UTF16ToUTF8(warnings[0])); |
| 800 #endif | 915 #endif |
| 801 } | 916 } |
| 802 | 917 |
| 803 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay) { | 918 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay) { |
| 804 scoped_refptr<ExtensionPermissionSet> perm_set; | 919 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 805 ExtensionAPIPermissionSet empty_perms; | 920 ExtensionAPIPermissionSet empty_perms; |
| 806 std::set<std::string> expected; | 921 std::set<std::string> expected; |
| 807 expected.insert("www.foo.com"); | 922 expected.insert("www.foo.com"); |
| 808 expected.insert("www.bar.com"); | 923 expected.insert("www.bar.com"); |
| 809 expected.insert("www.baz.com"); | 924 expected.insert("www.baz.com"); |
| 810 URLPatternSet explicit_hosts; | 925 URLPatternSet explicit_hosts; |
| 811 URLPatternSet scriptable_hosts; | 926 URLPatternSet scriptable_hosts; |
| 812 | 927 |
| 813 { | 928 { |
| (...skipping 135 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 949 | 1064 |
| 950 explicit_hosts.AddPattern( | 1065 explicit_hosts.AddPattern( |
| 951 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); | 1066 URLPattern(URLPattern::SCHEME_FILE, "file:///*")); |
| 952 | 1067 |
| 953 perm_set = new ExtensionPermissionSet( | 1068 perm_set = new ExtensionPermissionSet( |
| 954 empty_perms, explicit_hosts, scriptable_hosts); | 1069 empty_perms, explicit_hosts, scriptable_hosts); |
| 955 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1070 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 956 } | 1071 } |
| 957 } | 1072 } |
| 958 | 1073 |
| 959 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_ComIsBestRcd) { | 1074 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_ComIsBestRcd) { |
| 960 scoped_refptr<ExtensionPermissionSet> perm_set; | 1075 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 961 ExtensionAPIPermissionSet empty_perms; | 1076 ExtensionAPIPermissionSet empty_perms; |
| 962 URLPatternSet explicit_hosts; | 1077 URLPatternSet explicit_hosts; |
| 963 URLPatternSet scriptable_hosts; | 1078 URLPatternSet scriptable_hosts; |
| 964 explicit_hosts.AddPattern( | 1079 explicit_hosts.AddPattern( |
| 965 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1080 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 966 explicit_hosts.AddPattern( | 1081 explicit_hosts.AddPattern( |
| 967 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1082 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 968 explicit_hosts.AddPattern( | 1083 explicit_hosts.AddPattern( |
| 969 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1084 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 970 explicit_hosts.AddPattern( | 1085 explicit_hosts.AddPattern( |
| 971 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); | 1086 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); |
| 972 explicit_hosts.AddPattern( | 1087 explicit_hosts.AddPattern( |
| 973 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1088 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 974 explicit_hosts.AddPattern( | 1089 explicit_hosts.AddPattern( |
| 975 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); | 1090 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path")); |
| 976 | 1091 |
| 977 std::set<std::string> expected; | 1092 std::set<std::string> expected; |
| 978 expected.insert("www.foo.com"); | 1093 expected.insert("www.foo.com"); |
| 979 perm_set = new ExtensionPermissionSet( | 1094 perm_set = new ExtensionPermissionSet( |
| 980 empty_perms, explicit_hosts, scriptable_hosts); | 1095 empty_perms, explicit_hosts, scriptable_hosts); |
| 981 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1096 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 982 } | 1097 } |
| 983 | 1098 |
| 984 TEST(ExtensionPermissionSetTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { | 1099 TEST(ExtensionPermissionsTest, GetDistinctHostsForDisplay_NetIs2ndBestRcd) { |
| 985 scoped_refptr<ExtensionPermissionSet> perm_set; | 1100 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 986 ExtensionAPIPermissionSet empty_perms; | 1101 ExtensionAPIPermissionSet empty_perms; |
| 987 URLPatternSet explicit_hosts; | 1102 URLPatternSet explicit_hosts; |
| 988 URLPatternSet scriptable_hosts; | 1103 URLPatternSet scriptable_hosts; |
| 989 explicit_hosts.AddPattern( | 1104 explicit_hosts.AddPattern( |
| 990 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1105 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 991 explicit_hosts.AddPattern( | 1106 explicit_hosts.AddPattern( |
| 992 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1107 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 993 explicit_hosts.AddPattern( | 1108 explicit_hosts.AddPattern( |
| 994 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1109 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 995 explicit_hosts.AddPattern( | 1110 explicit_hosts.AddPattern( |
| 996 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); | 1111 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path")); |
| 997 explicit_hosts.AddPattern( | 1112 explicit_hosts.AddPattern( |
| 998 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1113 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 999 // No http://www.foo.com/path | 1114 // No http://www.foo.com/path |
| 1000 | 1115 |
| 1001 std::set<std::string> expected; | 1116 std::set<std::string> expected; |
| 1002 expected.insert("www.foo.net"); | 1117 expected.insert("www.foo.net"); |
| 1003 perm_set = new ExtensionPermissionSet( | 1118 perm_set = new ExtensionPermissionSet( |
| 1004 empty_perms, explicit_hosts, scriptable_hosts); | 1119 empty_perms, explicit_hosts, scriptable_hosts); |
| 1005 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1120 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1006 } | 1121 } |
| 1007 | 1122 |
| 1008 TEST(ExtensionPermissionSetTest, | 1123 TEST(ExtensionPermissionsTest, |
| 1009 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { | 1124 GetDistinctHostsForDisplay_OrgIs3rdBestRcd) { |
| 1010 scoped_refptr<ExtensionPermissionSet> perm_set; | 1125 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1011 ExtensionAPIPermissionSet empty_perms; | 1126 ExtensionAPIPermissionSet empty_perms; |
| 1012 URLPatternSet explicit_hosts; | 1127 URLPatternSet explicit_hosts; |
| 1013 URLPatternSet scriptable_hosts; | 1128 URLPatternSet scriptable_hosts; |
| 1014 explicit_hosts.AddPattern( | 1129 explicit_hosts.AddPattern( |
| 1015 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1130 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 1016 explicit_hosts.AddPattern( | 1131 explicit_hosts.AddPattern( |
| 1017 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); | 1132 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path")); |
| 1018 explicit_hosts.AddPattern( | 1133 explicit_hosts.AddPattern( |
| 1019 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1134 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 1020 // No http://www.foo.net/path | 1135 // No http://www.foo.net/path |
| 1021 explicit_hosts.AddPattern( | 1136 explicit_hosts.AddPattern( |
| 1022 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1137 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 1023 // No http://www.foo.com/path | 1138 // No http://www.foo.com/path |
| 1024 | 1139 |
| 1025 std::set<std::string> expected; | 1140 std::set<std::string> expected; |
| 1026 expected.insert("www.foo.org"); | 1141 expected.insert("www.foo.org"); |
| 1027 perm_set = new ExtensionPermissionSet( | 1142 perm_set = new ExtensionPermissionSet( |
| 1028 empty_perms, explicit_hosts, scriptable_hosts); | 1143 empty_perms, explicit_hosts, scriptable_hosts); |
| 1029 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1144 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1030 } | 1145 } |
| 1031 | 1146 |
| 1032 TEST(ExtensionPermissionSetTest, | 1147 TEST(ExtensionPermissionsTest, |
| 1033 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { | 1148 GetDistinctHostsForDisplay_FirstInListIs4thBestRcd) { |
| 1034 scoped_refptr<ExtensionPermissionSet> perm_set; | 1149 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1035 ExtensionAPIPermissionSet empty_perms; | 1150 ExtensionAPIPermissionSet empty_perms; |
| 1036 URLPatternSet explicit_hosts; | 1151 URLPatternSet explicit_hosts; |
| 1037 URLPatternSet scriptable_hosts; | 1152 URLPatternSet scriptable_hosts; |
| 1038 explicit_hosts.AddPattern( | 1153 explicit_hosts.AddPattern( |
| 1039 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); | 1154 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path")); |
| 1040 // No http://www.foo.org/path | 1155 // No http://www.foo.org/path |
| 1041 explicit_hosts.AddPattern( | 1156 explicit_hosts.AddPattern( |
| 1042 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); | 1157 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path")); |
| 1043 // No http://www.foo.net/path | 1158 // No http://www.foo.net/path |
| 1044 explicit_hosts.AddPattern( | 1159 explicit_hosts.AddPattern( |
| 1045 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); | 1160 URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path")); |
| 1046 // No http://www.foo.com/path | 1161 // No http://www.foo.com/path |
| 1047 | 1162 |
| 1048 std::set<std::string> expected; | 1163 std::set<std::string> expected; |
| 1049 expected.insert("www.foo.ca"); | 1164 expected.insert("www.foo.ca"); |
| 1050 perm_set = new ExtensionPermissionSet( | 1165 perm_set = new ExtensionPermissionSet( |
| 1051 empty_perms, explicit_hosts, scriptable_hosts); | 1166 empty_perms, explicit_hosts, scriptable_hosts); |
| 1052 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); | 1167 EXPECT_EQ(expected, perm_set->GetDistinctHostsForDisplay()); |
| 1053 } | 1168 } |
| 1054 | 1169 |
| 1055 TEST(ExtensionPermissionSetTest, HasLessHostPrivilegesThan) { | 1170 TEST(ExtensionPermissionsTest, HasLessHostPrivilegesThan) { |
| 1056 URLPatternSet elist1; | 1171 URLPatternSet elist1; |
| 1057 URLPatternSet elist2; | 1172 URLPatternSet elist2; |
| 1058 URLPatternSet slist1; | 1173 URLPatternSet slist1; |
| 1059 URLPatternSet slist2; | 1174 URLPatternSet slist2; |
| 1060 scoped_refptr<ExtensionPermissionSet> set1; | 1175 scoped_refptr<ExtensionPermissionSet> set1; |
| 1061 scoped_refptr<ExtensionPermissionSet> set2; | 1176 scoped_refptr<ExtensionPermissionSet> set2; |
| 1062 ExtensionAPIPermissionSet empty_perms; | 1177 ExtensionAPIPermissionSet empty_perms; |
| 1063 elist1.AddPattern( | 1178 elist1.AddPattern( |
| 1064 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); | 1179 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); |
| 1065 elist1.AddPattern( | 1180 elist1.AddPattern( |
| (...skipping 48 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1114 | 1229 |
| 1115 // Test that different subdomains count as different hosts. | 1230 // Test that different subdomains count as different hosts. |
| 1116 elist2.ClearPatterns(); | 1231 elist2.ClearPatterns(); |
| 1117 elist2.AddPattern( | 1232 elist2.AddPattern( |
| 1118 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); | 1233 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); |
| 1119 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); | 1234 set2 = new ExtensionPermissionSet(empty_perms, elist2, slist2); |
| 1120 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); | 1235 EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get())); |
| 1121 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); | 1236 EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get())); |
| 1122 } | 1237 } |
| 1123 | 1238 |
| 1124 TEST(ExtensionPermissionSetTest, GetAPIsAsStrings) { | 1239 TEST(ExtensionPermissionsTest, GetAPIsAsStrings) { |
| 1125 ExtensionAPIPermissionSet apis; | 1240 ExtensionAPIPermissionSet apis; |
| 1126 URLPatternSet empty_set; | 1241 URLPatternSet empty_set; |
| 1127 | 1242 |
| 1128 apis.insert(ExtensionAPIPermission::kProxy); | 1243 apis.insert(ExtensionAPIPermission::kProxy); |
| 1129 apis.insert(ExtensionAPIPermission::kBackground); | 1244 apis.insert(ExtensionAPIPermission::kBackground); |
| 1130 apis.insert(ExtensionAPIPermission::kNotification); | 1245 apis.insert(ExtensionAPIPermission::kNotification); |
| 1131 apis.insert(ExtensionAPIPermission::kTab); | 1246 apis.insert(ExtensionAPIPermission::kTab); |
| 1132 | 1247 |
| 1133 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( | 1248 scoped_refptr<ExtensionPermissionSet> perm_set = new ExtensionPermissionSet( |
| 1134 apis, empty_set, empty_set); | 1249 apis, empty_set, empty_set); |
| 1135 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); | 1250 std::set<std::string> api_names = perm_set->GetAPIsAsStrings(); |
| 1136 | 1251 |
| 1137 // The result is correct if it has the same number of elements | 1252 // The result is correct if it has the same number of elements |
| 1138 // and we can convert it back to the id set. | 1253 // and we can convert it back to the id set. |
| 1139 EXPECT_EQ(4u, api_names.size()); | 1254 EXPECT_EQ(4u, api_names.size()); |
| 1140 EXPECT_EQ(apis, | 1255 EXPECT_EQ(apis, |
| 1141 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); | 1256 ExtensionPermissionsInfo::GetInstance()->GetAllByName(api_names)); |
| 1142 } | 1257 } |
| 1143 | 1258 |
| 1144 TEST(ExtensionPermissionSetTest, IsEmpty) { | 1259 TEST(ExtensionPermissionsTest, IsEmpty) { |
| 1145 ExtensionAPIPermissionSet empty_apis; | 1260 ExtensionAPIPermissionSet empty_apis; |
| 1146 URLPatternSet empty_extent; | 1261 URLPatternSet empty_extent; |
| 1147 | 1262 |
| 1148 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); | 1263 scoped_refptr<ExtensionPermissionSet> empty = new ExtensionPermissionSet(); |
| 1149 EXPECT_TRUE(empty->IsEmpty()); | 1264 EXPECT_TRUE(empty->IsEmpty()); |
| 1150 scoped_refptr<ExtensionPermissionSet> perm_set; | 1265 scoped_refptr<ExtensionPermissionSet> perm_set; |
| 1151 | 1266 |
| 1152 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); | 1267 perm_set = new ExtensionPermissionSet(empty_apis, empty_extent, empty_extent); |
| 1153 EXPECT_TRUE(perm_set->IsEmpty()); | 1268 EXPECT_TRUE(perm_set->IsEmpty()); |
| 1154 | 1269 |
| 1155 ExtensionAPIPermissionSet non_empty_apis; | 1270 ExtensionAPIPermissionSet non_empty_apis; |
| 1156 non_empty_apis.insert(ExtensionAPIPermission::kBackground); | 1271 non_empty_apis.insert(ExtensionAPIPermission::kBackground); |
| 1157 perm_set = new ExtensionPermissionSet( | 1272 perm_set = new ExtensionPermissionSet( |
| 1158 non_empty_apis, empty_extent, empty_extent); | 1273 non_empty_apis, empty_extent, empty_extent); |
| 1159 EXPECT_FALSE(perm_set->IsEmpty()); | 1274 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1160 | 1275 |
| 1161 // Try non standard host | 1276 // Try non standard host |
| 1162 URLPatternSet non_empty_extent; | 1277 URLPatternSet non_empty_extent; |
| 1163 AddPattern(&non_empty_extent, "http://www.google.com/*"); | 1278 AddPattern(&non_empty_extent, "http://www.google.com/*"); |
| 1164 | 1279 |
| 1165 perm_set = new ExtensionPermissionSet( | 1280 perm_set = new ExtensionPermissionSet( |
| 1166 empty_apis, non_empty_extent, empty_extent); | 1281 empty_apis, non_empty_extent, empty_extent); |
| 1167 EXPECT_FALSE(perm_set->IsEmpty()); | 1282 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1168 | 1283 |
| 1169 perm_set = new ExtensionPermissionSet( | 1284 perm_set = new ExtensionPermissionSet( |
| 1170 empty_apis, empty_extent, non_empty_extent); | 1285 empty_apis, empty_extent, non_empty_extent); |
| 1171 EXPECT_FALSE(perm_set->IsEmpty()); | 1286 EXPECT_FALSE(perm_set->IsEmpty()); |
| 1172 } | 1287 } |
| OLD | NEW |