| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" | 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
| 6 | 6 |
| 7 #include "base/memory/scoped_ptr.h" | 7 #include "base/memory/scoped_ptr.h" |
| 8 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" | 8 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" |
| 9 #include "chrome/browser/extensions/extension_prefs.h" | 9 #include "chrome/browser/extensions/extension_prefs.h" |
| 10 #include "chrome/browser/extensions/extension_system.h" | 10 #include "chrome/browser/extensions/extension_system.h" |
| (...skipping 50 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 61 | 61 |
| 62 ExtensionPrefs* prefs = ExtensionSystem::Get(profile_)->extension_prefs(); | 62 ExtensionPrefs* prefs = ExtensionSystem::Get(profile_)->extension_prefs(); |
| 63 scoped_refptr<PermissionSet> permissions = | 63 scoped_refptr<PermissionSet> permissions = |
| 64 helpers::UnpackPermissionSet(params->permissions, | 64 helpers::UnpackPermissionSet(params->permissions, |
| 65 prefs->AllowFileAccess(extension_->id()), | 65 prefs->AllowFileAccess(extension_->id()), |
| 66 &error_); | 66 &error_); |
| 67 if (!permissions.get()) | 67 if (!permissions.get()) |
| 68 return false; | 68 return false; |
| 69 | 69 |
| 70 results_ = Contains::Results::Create( | 70 results_ = Contains::Results::Create( |
| 71 GetExtension()->GetActivePermissions()->Contains(*permissions)); | 71 GetExtension()->GetActivePermissions()->ContainsOrEncompasses( |
| 72 *permissions)); |
| 72 return true; | 73 return true; |
| 73 } | 74 } |
| 74 | 75 |
| 75 bool PermissionsGetAllFunction::RunImpl() { | 76 bool PermissionsGetAllFunction::RunImpl() { |
| 76 scoped_ptr<Permissions> permissions = | 77 scoped_ptr<Permissions> permissions = |
| 77 helpers::PackPermissionSet(GetExtension()->GetActivePermissions()); | 78 helpers::PackPermissionSet(GetExtension()->GetActivePermissions()); |
| 78 results_ = GetAll::Results::Create(*permissions); | 79 results_ = GetAll::Results::Create(*permissions); |
| 79 return true; | 80 return true; |
| 80 } | 81 } |
| 81 | 82 |
| (...skipping 21 matching lines...) Expand all Loading... |
| 103 return false; | 104 return false; |
| 104 } | 105 } |
| 105 } | 106 } |
| 106 | 107 |
| 107 // Make sure we don't remove any required pemissions. | 108 // Make sure we don't remove any required pemissions. |
| 108 const PermissionSet* required = extension->required_permission_set(); | 109 const PermissionSet* required = extension->required_permission_set(); |
| 109 scoped_refptr<PermissionSet> intersection( | 110 scoped_refptr<PermissionSet> intersection( |
| 110 PermissionSet::CreateIntersection(permissions.get(), required)); | 111 PermissionSet::CreateIntersection(permissions.get(), required)); |
| 111 if (!intersection->IsEmpty()) { | 112 if (!intersection->IsEmpty()) { |
| 112 error_ = kCantRemoveRequiredPermissionsError; | 113 error_ = kCantRemoveRequiredPermissionsError; |
| 113 results_ = Remove::Results::Create(false); | |
| 114 return false; | 114 return false; |
| 115 } | 115 } |
| 116 | 116 |
| 117 PermissionsUpdater(profile()).RemovePermissions(extension, permissions.get()); | 117 PermissionsUpdater(profile()).RemovePermissions(extension, permissions.get()); |
| 118 results_ = Remove::Results::Create(true); | 118 results_ = Remove::Results::Create(true); |
| 119 return true; | 119 return true; |
| 120 } | 120 } |
| 121 | 121 |
| 122 // static | 122 // static |
| 123 void PermissionsRequestFunction::SetAutoConfirmForTests(bool should_proceed) { | 123 void PermissionsRequestFunction::SetAutoConfirmForTests(bool should_proceed) { |
| (...skipping 28 matching lines...) Expand all Loading... |
| 152 | 152 |
| 153 bool PermissionsRequestFunction::RunImpl() { | 153 bool PermissionsRequestFunction::RunImpl() { |
| 154 results_ = Request::Results::Create(false); | 154 results_ = Request::Results::Create(false); |
| 155 | 155 |
| 156 if (!user_gesture() && !ignore_user_gesture_for_tests) { | 156 if (!user_gesture() && !ignore_user_gesture_for_tests) { |
| 157 error_ = kUserGestureRequiredError; | 157 error_ = kUserGestureRequiredError; |
| 158 return false; | 158 return false; |
| 159 } | 159 } |
| 160 | 160 |
| 161 scoped_ptr<Request::Params> params(Request::Params::Create(*args_)); | 161 scoped_ptr<Request::Params> params(Request::Params::Create(*args_)); |
| 162 EXTENSION_FUNCTION_VALIDATE(params.get()); | 162 EXTENSION_FUNCTION_VALIDATE(params); |
| 163 | 163 |
| 164 ExtensionPrefs* prefs = ExtensionSystem::Get(profile_)->extension_prefs(); | 164 ExtensionPrefs* prefs = ExtensionSystem::Get(profile_)->extension_prefs(); |
| 165 | 165 |
| 166 requested_permissions_ = | 166 requested_permissions_ = |
| 167 helpers::UnpackPermissionSet(params->permissions, | 167 helpers::UnpackPermissionSet(params->permissions, |
| 168 prefs->AllowFileAccess(extension_->id()), | 168 prefs->AllowFileAccess(extension_->id()), |
| 169 &error_); | 169 &error_); |
| 170 if (!requested_permissions_.get()) | 170 if (!requested_permissions_.get()) |
| 171 return false; | 171 return false; |
| 172 | 172 |
| 173 // Make sure they're only requesting permissions supported by this API. | 173 // Make sure they're only requesting permissions supported by this API. |
| 174 APIPermissionSet apis = requested_permissions_->apis(); | 174 APIPermissionSet apis = requested_permissions_->apis(); |
| 175 for (APIPermissionSet::const_iterator i = apis.begin(); | 175 for (APIPermissionSet::const_iterator i = apis.begin(); |
| 176 i != apis.end(); ++i) { | 176 i != apis.end(); ++i) { |
| 177 if (!i->info()->supports_optional()) { | 177 if (!i->info()->supports_optional()) { |
| 178 error_ = ErrorUtils::FormatErrorMessage( | 178 error_ = ErrorUtils::FormatErrorMessage( |
| 179 kNotWhitelistedError, i->name()); | 179 kNotWhitelistedError, i->name()); |
| 180 return false; | 180 return false; |
| 181 } | 181 } |
| 182 } | 182 } |
| 183 | 183 |
| 184 // Filter out permissions that do not need to be listed in the optional | 184 // Filter out permissions that do not need to be listed in the optional |
| 185 // section of the manifest. | 185 // section of the manifest. |
| 186 scoped_refptr<extensions::PermissionSet> | 186 scoped_refptr<extensions::PermissionSet> |
| 187 manifest_required_requested_permissions = | 187 manifest_required_requested_permissions = |
| 188 PermissionSet::ExcludeNotInManifestPermissions( | 188 PermissionSet::ExcludeNotInManifestPermissions( |
| 189 requested_permissions_.get()); | 189 requested_permissions_.get()); |
| 190 | 190 |
| 191 // The requested permissions must be defined as optional in the manifest. | 191 // The requested permissions must be defined as optional in the manifest. |
| 192 if (!GetExtension()->optional_permission_set()->Contains( | 192 if (!GetExtension()->optional_permission_set()->ContainsOrEncompasses( |
| 193 *manifest_required_requested_permissions)) { | 193 *manifest_required_requested_permissions)) { |
| 194 error_ = kNotInOptionalPermissionsError; | 194 error_ = kNotInOptionalPermissionsError; |
| 195 results_ = Request::Results::Create(false); | |
| 196 return false; | 195 return false; |
| 197 } | 196 } |
| 198 | 197 |
| 199 // We don't need to prompt the user if the requested permissions are a subset | 198 // We don't need to prompt the user if the requested permissions are a subset |
| 200 // of the granted permissions set. | 199 // of the granted permissions set. |
| 201 scoped_refptr<const PermissionSet> granted = | 200 scoped_refptr<const PermissionSet> granted = |
| 202 prefs->GetGrantedPermissions(GetExtension()->id()); | 201 prefs->GetGrantedPermissions(GetExtension()->id()); |
| 203 if (granted.get() && granted->Contains(*requested_permissions_)) { | 202 if (granted && granted->ContainsOrEncompasses(*requested_permissions_)) { |
| 204 PermissionsUpdater perms_updater(profile()); | 203 PermissionsUpdater perms_updater(profile()); |
| 205 perms_updater.AddPermissions(GetExtension(), requested_permissions_.get()); | 204 perms_updater.AddPermissions(GetExtension(), requested_permissions_.get()); |
| 206 results_ = Request::Results::Create(true); | 205 results_ = Request::Results::Create(true); |
| 207 SendResponse(true); | 206 SendResponse(true); |
| 208 return true; | 207 return true; |
| 209 } | 208 } |
| 210 | 209 |
| 211 // Filter out the granted permissions so we only prompt for new ones. | 210 // Filter out the granted permissions so we only prompt for new ones. |
| 212 requested_permissions_ = PermissionSet::CreateDifference( | 211 requested_permissions_ = PermissionSet::CreateDifference( |
| 213 requested_permissions_.get(), granted.get()); | 212 requested_permissions_.get(), granted.get()); |
| (...skipping 12 matching lines...) Expand all Loading... |
| 226 InstallUIAbort(true); | 225 InstallUIAbort(true); |
| 227 } else { | 226 } else { |
| 228 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); | 227 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); |
| 229 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents())); | 228 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents())); |
| 230 install_ui_->ConfirmPermissions( | 229 install_ui_->ConfirmPermissions( |
| 231 this, GetExtension(), requested_permissions_.get()); | 230 this, GetExtension(), requested_permissions_.get()); |
| 232 } | 231 } |
| 233 | 232 |
| 234 return true; | 233 return true; |
| 235 } | 234 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 12209094:
Support requesting subsets of host permissions using the permissions API. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src