Add a non-const APIPermissionSet to Extension to be manipulated during initialization.

chrome/common/extensions/extension.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/extension.h"
 
 #include "base/base64.h"
 #include "base/basictypes.h"
 #include "base/command_line.h"
 #include "base/file_path.h"
@@ skipping 21 matching lines @@
 #include "chrome/common/extensions/csp_validator.h"
 #include "chrome/common/extensions/extension_manifest_constants.h"
 #include "chrome/common/extensions/extension_resource.h"
 #include "chrome/common/extensions/feature_switch.h"
 #include "chrome/common/extensions/features/base_feature_provider.h"
 #include "chrome/common/extensions/features/feature.h"
 #include "chrome/common/extensions/manifest.h"
 #include "chrome/common/extensions/manifest_handler.h"
 #include "chrome/common/extensions/manifest_handler_helpers.h"
 #include "chrome/common/extensions/manifest_url_handler.h"
+#include "chrome/common/extensions/permissions/api_permission_set.h"
 #include "chrome/common/extensions/permissions/permission_set.h"
 #include "chrome/common/extensions/permissions/permissions_info.h"
 #include "chrome/common/extensions/user_script.h"
 #include "chrome/common/url_constants.h"
 #include "crypto/sha2.h"
 #include "extensions/common/constants.h"
 #include "extensions/common/error_utils.h"
 #include "extensions/common/url_pattern_set.h"
 #include "googleurl/src/url_util.h"
 #include "grit/chromium_strings.h"
@@ skipping 1347 matching lines @@
   manifest_->GetString(keys::kPublicKey, &public_key_);
 
   extension_url_ = Extension::GetBaseURLFromExtensionId(id());
 
   // Load App settings. LoadExtent at least has to be done before
   // ParsePermissions(), because the valid permissions depend on what type of
   // package this is.
   if (is_app() && !LoadAppFeatures(error))
     return false;
 
-  APIPermissionSet api_permissions;
+  initial_api_permissions_.reset(new APIPermissionSet);
   URLPatternSet host_permissions;
   if (!ParsePermissions(keys::kPermissions,
                         error,
-                        &api_permissions,
+                        initial_api_permissions_.get(),
                         &host_permissions)) {
     return false;
   }
 
   // Check for any permissions that are optional only.
-  for (APIPermissionSet::const_iterator i = api_permissions.begin();
-      i != api_permissions.end(); ++i) {
+  for (APIPermissionSet::const_iterator i = initial_api_permissions_->begin();
+       i != initial_api_permissions_->end(); ++i) {
     if ((*i)->info()->must_be_optional()) {
       *error = ErrorUtils::FormatErrorMessageUTF16(
           errors::kPermissionMustBeOptional, (*i)->info()->name());
       return false;
     }
   }
 
   // TODO(jeremya/kalman) do this via the features system by exposing the
   // app.window API to platform apps, with no dependency on any permissions.
   // See http://crbug.com/120069.
   if (is_platform_app()) {
-    api_permissions.insert(APIPermission::kAppCurrentWindowInternal);
-    api_permissions.insert(APIPermission::kAppRuntime);
-    api_permissions.insert(APIPermission::kAppWindow);
+    initial_api_permissions_->insert(APIPermission::kAppCurrentWindowInternal);
+    initial_api_permissions_->insert(APIPermission::kAppRuntime);
+    initial_api_permissions_->insert(APIPermission::kAppWindow);
   }
 
   APIPermissionSet optional_api_permissions;
   URLPatternSet optional_host_permissions;
   if (!ParsePermissions(keys::kOptionalPermissions,
                         error,
                         &optional_api_permissions,
                         &optional_host_permissions)) {
     return false;
   }
 
-  if (ContainsManifestForbiddenPermission(api_permissions, error) ||
+  if (ContainsManifestForbiddenPermission(*initial_api_permissions_, error) ||
       ContainsManifestForbiddenPermission(optional_api_permissions, error)) {
     return false;
   }
 
-  if (!LoadAppIsolation(api_permissions, error))
+  if (!LoadAppIsolation(error))
     return false;
 
-  if (!LoadSharedFeatures(api_permissions, error))
+  if (!LoadSharedFeatures(error))
     return false;
 
-  if (!LoadExtensionFeatures(&api_permissions, error))
+  if (!LoadExtensionFeatures(error))
     return false;
 
   if (!LoadManagedModeFeatures(error))
     return false;
 
   if (HasMultipleUISurfaces()) {
     *error = ASCIIToUTF16(errors::kOneUISurfaceOnly);
     return false;
   }
 
   finished_parsing_manifest_ = true;
 
   runtime_data_.SetActivePermissions(new PermissionSet(
-      this, api_permissions, host_permissions));
+      this, *initial_api_permissions_, host_permissions));
   required_permission_set_ = new PermissionSet(
-      this, api_permissions, host_permissions);
+      this, *initial_api_permissions_, host_permissions);
   optional_permission_set_ = new PermissionSet(
       optional_api_permissions, optional_host_permissions, URLPatternSet());
+  initial_api_permissions_.reset();
 
   return true;
 }
 
-bool Extension::LoadAppIsolation(const APIPermissionSet& api_permissions,
-                                 string16* error) {
+bool Extension::LoadAppIsolation(string16* error) {
   // Platform apps always get isolated storage.
   if (is_platform_app()) {
     is_storage_isolated_ = true;
     return true;
   }
 
   // Other apps only get it if it is requested _and_ experimental APIs are
   // enabled.
-  if (!api_permissions.count(APIPermission::kExperimental) || !is_app())
+  if (!initial_api_permissions()->count(APIPermission::kExperimental)
+      || !is_app())
     return true;
 
   Value* tmp_isolation = NULL;
   if (!manifest_->Get(keys::kIsolation, &tmp_isolation))
     return true;
 
   if (tmp_isolation->GetType() != Value::TYPE_LIST) {
     *error = ASCIIToUTF16(errors::kInvalidIsolation);
     return false;
   }
@@ skipping 300 matching lines @@
     }
   } else if (id() == extension_misc::kChromeAppId) {
     // Override launch url to new tab.
     launch_web_url_ = chrome::kChromeUINewTabURL;
     extent_.ClearPatterns();
   }
 
   return true;
 }
 
-bool Extension::LoadSharedFeatures(
-    const APIPermissionSet& api_permissions,
-    string16* error) {
+bool Extension::LoadSharedFeatures(string16* error) {
   if (!LoadDescription(error) ||
       !LoadIcons(error) ||
       !ManifestHandler::ParseExtension(this, error) ||
       !LoadPlugins(error) ||
       !LoadNaClModules(error) ||
       !LoadSandboxedPages(error) ||
       !LoadRequirements(error) ||
       !LoadOfflineEnabled(error) ||
       // LoadBackgroundScripts() must be called before LoadBackgroundPage().
       !LoadBackgroundScripts(error) ||
-      !LoadBackgroundPage(api_permissions, error) ||
-      !LoadBackgroundPersistent(api_permissions, error) ||
-      !LoadBackgroundAllowJSAccess(api_permissions, error))
+      !LoadBackgroundPage(error) ||
+      !LoadBackgroundPersistent(error) ||
+      !LoadBackgroundAllowJSAccess(error))
     return false;
 
   return true;
 }
 
 bool Extension::LoadDescription(string16* error) {
   if (manifest_->HasKey(keys::kDescription) &&
       !manifest_->GetString(keys::kDescription, &description_)) {
     *error = ASCIIToUTF16(errors::kInvalidDescription);
     return false;
@@ skipping 303 matching lines @@
       *error = ErrorUtils::FormatErrorMessageUTF16(
           errors::kInvalidBackgroundScript, base::IntToString(i));
       return false;
     }
     background_scripts_.push_back(script);
   }
 
   return true;
 }
 
-bool Extension::LoadBackgroundPage(
-    const APIPermissionSet& api_permissions,
-    string16* error) {
+bool Extension::LoadBackgroundPage(string16* error) {
   if (is_platform_app()) {
-    return LoadBackgroundPage(
-        keys::kPlatformAppBackgroundPage, api_permissions, error);
+    return LoadBackgroundPage(keys::kPlatformAppBackgroundPage, error);
   }
 
-  if (!LoadBackgroundPage(keys::kBackgroundPage, api_permissions, error))
+  if (!LoadBackgroundPage(keys::kBackgroundPage, error))
     return false;
   if (background_url_.is_empty()) {
     return LoadBackgroundPage(
-        keys::kBackgroundPageLegacy, api_permissions, error);
+        keys::kBackgroundPageLegacy, error);
   }
   return true;
 }
 
-bool Extension::LoadBackgroundPage(
-    const std::string& key,
-    const APIPermissionSet& api_permissions,
-    string16* error) {
+bool Extension::LoadBackgroundPage(const std::string& key, string16* error) {
   base::Value* background_page_value = NULL;
   if (!manifest_->Get(key, &background_page_value))
     return true;
 
   if (!background_scripts_.empty()) {
     *error = ASCIIToUTF16(errors::kInvalidBackgroundCombination);
     return false;
   }
 
 
   std::string background_str;
   if (!background_page_value->GetAsString(&background_str)) {
     *error = ASCIIToUTF16(errors::kInvalidBackground);
     return false;
   }
 
   if (is_hosted_app()) {
     background_url_ = GURL(background_str);
 
     // Make sure "background" permission is set.
-    if (!api_permissions.count(APIPermission::kBackground)) {
+    if (!initial_api_permissions()->count(APIPermission::kBackground)) {
       *error = ASCIIToUTF16(errors::kBackgroundPermissionNeeded);
       return false;
     }
     // Hosted apps require an absolute URL.
     if (!background_url_.is_valid()) {
       *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp);
       return false;
     }
 
     if (!(background_url_.SchemeIs("https") ||
           (CommandLine::ForCurrentProcess()->HasSwitch(
               switches::kAllowHTTPBackgroundPage) &&
            background_url_.SchemeIs("http")))) {
       *error = ASCIIToUTF16(errors::kInvalidBackgroundInHostedApp);
       return false;
     }
   } else {
     background_url_ = GetResourceURL(background_str);
   }
 
   return true;
 }
 
-bool Extension::LoadBackgroundPersistent(
-    const APIPermissionSet& api_permissions,
-    string16* error) {
+bool Extension::LoadBackgroundPersistent(string16* error) {
   if (is_platform_app()) {
     background_page_is_persistent_ = false;
     return true;
   }
 
   Value* background_persistent = NULL;
   if (!manifest_->Get(keys::kBackgroundPersistent, &background_persistent))
     return true;
 
   if (!background_persistent->GetAsBoolean(&background_page_is_persistent_)) {
     *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistent);
     return false;
   }
 
   if (!has_background_page()) {
     *error = ASCIIToUTF16(errors::kInvalidBackgroundPersistentNoPage);
     return false;
   }
 
   return true;
 }
 
-bool Extension::LoadBackgroundAllowJSAccess(
-    const APIPermissionSet& api_permissions,
-    string16* error) {
+bool Extension::LoadBackgroundAllowJSAccess(string16* error) {
   Value* allow_js_access = NULL;
   if (!manifest_->Get(keys::kBackgroundAllowJsAccess, &allow_js_access))
     return true;
 
   if (!allow_js_access->IsType(Value::TYPE_BOOLEAN) ||
       !allow_js_access->GetAsBoolean(&allow_background_js_access_)) {
     *error = ASCIIToUTF16(errors::kInvalidBackgroundAllowJsAccess);
     return false;
   }
 
   return true;
 }
 
-bool Extension::LoadExtensionFeatures(APIPermissionSet* api_permissions,
-                                      string16* error) {
+bool Extension::LoadExtensionFeatures(string16* error) {
   if (manifest_->HasKey(keys::kConvertedFromUserScript))
     manifest_->GetBoolean(keys::kConvertedFromUserScript,
                           &converted_from_user_script_);
 
   if (!LoadContentScripts(error) ||
-      !LoadSystemIndicator(api_permissions, error) ||
+      !LoadSystemIndicator(error) ||
       !LoadIncognitoMode(error) ||
       !LoadContentSecurityPolicy(error))
     return false;
 
   return true;
 }
 
 bool Extension::LoadContentScripts(string16* error) {
   if (!manifest_->HasKey(keys::kContentScripts))
     return true;
@@ skipping 17 matching lines @@
     script.set_extension_id(id());
     if (converted_from_user_script_) {
       script.set_emulate_greasemonkey(true);
       script.set_match_all_frames(true);  // Greasemonkey matches all frames.
     }
     content_scripts_.push_back(script);
   }
   return true;
 }
 
-bool Extension::LoadSystemIndicator(APIPermissionSet* api_permissions,
-                                    string16* error) {
+bool Extension::LoadSystemIndicator(string16* error) {
   if (!manifest_->HasKey(keys::kSystemIndicator)) {
     // There was no manifest entry for the system indicator.
     return true;
   }
 
   DictionaryValue* system_indicator_value = NULL;
   if (!manifest_->GetDictionary(keys::kSystemIndicator,
                                 &system_indicator_value)) {
     *error = ASCIIToUTF16(errors::kInvalidSystemIndicator);
     return false;
   }
 
   system_indicator_info_ = LoadExtensionActionInfoHelper(
       this, system_indicator_value, error);
 
   if (!system_indicator_info_.get()) {
     return false;
   }
 
   // Because the manifest was successfully parsed, auto-grant the permission.
   // TODO(dewittj) Add this for all extension action APIs.
-  api_permissions->insert(APIPermission::kSystemIndicator);
+  initial_api_permissions()->insert(APIPermission::kSystemIndicator);
 
   return true;
 }
 
 bool Extension::LoadIncognitoMode(string16* error) {
   // Apps default to split mode, extensions default to spanning.
   incognito_split_mode_ = is_app();
   if (!manifest_->HasKey(keys::kIncognito))
     return true;
   std::string value;
@@ skipping 459 matching lines @@
 
 UpdatedExtensionPermissionsInfo::UpdatedExtensionPermissionsInfo(
     const Extension* extension,
     const PermissionSet* permissions,
     Reason reason)
     : reason(reason),
       extension(extension),
       permissions(permissions) {}
 
 }   // namespace extensions