Index: chrome/browser/extensions/extension_function_dispatcher.cc |
diff --git a/chrome/browser/extensions/extension_function_dispatcher.cc b/chrome/browser/extensions/extension_function_dispatcher.cc |
index 588d08851e36298e00f647f0c649e11eb4722ea3..f51b9a3df61fb33bc6641a01af35f7b94f0577a8 100644 |
--- a/chrome/browser/extensions/extension_function_dispatcher.cc |
+++ b/chrome/browser/extensions/extension_function_dispatcher.cc |
@@ -27,6 +27,7 @@ |
#include "chrome/common/extensions/api/extension_api.h" |
#include "chrome/common/extensions/extension_messages.h" |
#include "chrome/common/extensions/extension_set.h" |
+#include "chrome/common/extensions/feature.h" |
#include "chrome/common/url_constants.h" |
#include "content/public/browser/render_process_host.h" |
#include "content/public/browser/render_view_host.h" |
@@ -37,6 +38,7 @@ |
#include "webkit/glue/resource_type.h" |
using extensions::ExtensionAPI; |
+using extensions::Feature; |
using content::RenderViewHost; |
using WebKit::WebSecurityOrigin; |
@@ -272,6 +274,27 @@ ExtensionFunction* ExtensionFunctionDispatcher::CreateExtensionFunction( |
return NULL; |
} |
+ // If the API has been ported to the feature system, use that. |
+ if (api->GetFeature(params.name)) { |
+ if (!api->IsAvailable( |
+ params.name, |
+ extension, |
+ static_cast<Feature::Context>(params.source_context_type))) { |
+ LOG(ERROR) << "Access to extension API '" << params.name << "' denied."; |
+ SendAccessDenied(ipc_sender, routing_id, params.request_id); |
+ return NULL; |
+ } |
+ } else { |
+ // Otherwise, fall back to the older system. |
+ if (!extension->HasAPIPermission(params.name)) { |
+ LOG(ERROR) << "Extension " << extension->id() << " does not have " |
+ << "permission to function: " << params.name; |
+ SendAccessDenied(ipc_sender, routing_id, params.request_id); |
+ return NULL; |
+ } |
+ } |
+ |
+ // If the API requires a privileged process, ensure it is in one. |
if (api->IsPrivileged(params.name) && |
!process_map.Contains(extension->id(), requesting_process_id)) { |
LOG(ERROR) << "Extension API called from incorrect process " |
@@ -281,13 +304,6 @@ ExtensionFunction* ExtensionFunctionDispatcher::CreateExtensionFunction( |
return NULL; |
} |
- if (!extension->HasAPIPermission(params.name)) { |
- LOG(ERROR) << "Extension " << extension->id() << " does not have " |
- << "permission to function: " << params.name; |
- SendAccessDenied(ipc_sender, routing_id, params.request_id); |
- return NULL; |
- } |
- |
ExtensionFunction* function = |
ExtensionFunctionRegistry::GetInstance()->NewFunction(params.name); |
function->SetArgs(¶ms.arguments); |