Make USB permissions work in the new permission message system

chrome/common/extensions/permissions/chrome_permission_message_rules.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
 
 #include "base/stl_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/grit/generated_resources.h"
@@ skipping 160 matching lines @@
   }
 
   int message_id_for_one_host_;
   int message_id_for_two_hosts_;
   int message_id_for_three_hosts_;
   int message_id_for_many_hosts_;
 
   DISALLOW_COPY_AND_ASSIGN(CommaSeparatedListFormatter);
 };
 
+class USBDevicesFormatter : public ChromePermissionMessageFormatter {
+ public:
+  USBDevicesFormatter() {}
+  ~USBDevicesFormatter() override {}
+
+  CoalescedPermissionMessage GetPermissionMessage(
+      const PermissionIDSet& permissions) const override {
+    DCHECK(permissions.size() > 0);
+
+    // Single-item case: Put it directly into the top-level message.
+    if (permissions.size() == 1) {

[Devlin, 2015/08/20 16:33:07]

nit: I think these would be more readable in helper functions:
return permissions.size() == 1 ?
    GetItemMessage(*permissions.begin()) :
    GetMultiItemMessage(permissions);

[Marc Treib, 2015/08/21 08:00:48]

Done, mostly - I still have to pass the PermissionIDSet to GetItemMessage, since
I need a Set for CoalescedPermissionMessage.

+      const PermissionID& permission = *permissions.begin();
+      base::string16 msg;
+      switch (permission.id()) {
+        case APIPermission::kUsbDevice:
+          msg = l10n_util::GetStringFUTF16(
+              IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE, permission.parameter());
+          break;
+        case APIPermission::kUsbDeviceUnknownProduct:
+          msg = l10n_util::GetStringFUTF16(
+              IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT,
+              permission.parameter());
+          break;
+        case APIPermission::kUsbDeviceUnknownVendor:
+          msg = l10n_util::GetStringUTF16(
+              IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR);
+          break;
+        default:
+          NOTREACHED();
+      }
+      return CoalescedPermissionMessage(msg, permissions);
+    }
+
+    // Multi-item case: Put all the items into submessages.
+    std::vector<base::string16> submessages;
+    std::vector<base::string16> devices =
+        permissions.GetAllPermissionsWithID(APIPermission::kUsbDevice)
+            .GetAllPermissionParameters();
+    for (const base::string16& device : devices) {
+      submessages.push_back(l10n_util::GetStringFUTF16(
+          IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM, device));
+    }
+    std::vector<base::string16> vendors =
+        permissions.GetAllPermissionsWithID(
+                       APIPermission::kUsbDeviceUnknownProduct)
+            .GetAllPermissionParameters();
+    for (const base::string16& vendor : vendors) {
+      submessages.push_back(l10n_util::GetStringFUTF16(
+          IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_PRODUCT,
+          vendor));
+    }
+    if (permissions.ContainsID(APIPermission::kUsbDeviceUnknownVendor)) {
+      submessages.push_back(l10n_util::GetStringUTF16(
+          IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_VENDOR));
+    }
+
+    return CoalescedPermissionMessage(
+        l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
+        permissions, submessages);
+  }
+
+ private:
+  DISALLOW_COPY_AND_ASSIGN(USBDevicesFormatter);
+};
+
 }  // namespace
 
 ChromePermissionMessageRule::ChromePermissionMessageRule(
     int message_id,
     PermissionIDSetInitializer required,
     PermissionIDSetInitializer optional)
     : required_permissions_(required),
       optional_permissions_(optional),
       formatter_(new DefaultPermissionMessageFormatter(message_id)) {
 }
@@ skipping 60 matching lines @@
   // yet powerful enough to encapsulate all the messages we want to display.
   //
   // TODO(sashab): Once existing message sites are deprecated, reorder this list
   // to better describe the rules generated, rather than the callsites they are
   // migrated from.
   ChromePermissionMessageRule rules_arr[] = {
       // Full url access permission messages.
       {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
       {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
        {APIPermission::kPlugin},
-       {APIPermission::kFullAccess,
-        APIPermission::kHostsAll,
-        APIPermission::kHostsAllReadOnly,
-        APIPermission::kDeclarativeWebRequest,
-        APIPermission::kTopSites,
-        APIPermission::kTab}},
+       {APIPermission::kFullAccess, APIPermission::kHostsAll,
+        APIPermission::kHostsAllReadOnly, APIPermission::kDeclarativeWebRequest,
+        APIPermission::kTopSites, APIPermission::kTab}},
       {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
        {APIPermission::kFullAccess},
-       {APIPermission::kHostsAll,
-        APIPermission::kHostsAllReadOnly,
-        APIPermission::kDeclarativeWebRequest,
-        APIPermission::kTopSites,
+       {APIPermission::kHostsAll, APIPermission::kHostsAllReadOnly,
+        APIPermission::kDeclarativeWebRequest, APIPermission::kTopSites,
         APIPermission::kTab}},
 
       // Parameterized permission messages:
       // Messages generated by the sockets permission.
       {new SpaceSeparatedListFormatter(
            IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
            IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
        {APIPermission::kSocketDomainHosts},
        {}},
       {new SpaceSeparatedListFormatter(
@@ skipping 11 matching lines @@
        {APIPermission::kHostReadOnly},
        {}},
       {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
                                        IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
                                        IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
                                        IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
        {APIPermission::kHostReadWrite},
        {}},
 
       // USB Device Permission rules:
-      // TODO(sashab, reillyg): Rework the permission message logic for USB
-      // devices to generate more meaningful messages and better fit the current
-      // rules system. Maybe model it similarly to host or socket permissions
-      // above. crbug.com/522842
-      {new SingleParameterFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE),
-       {APIPermission::kUsbDevice},
-       {}},
-      {new SingleParameterFormatter(
-           IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT),
-       {APIPermission::kUsbDeviceUnknownProduct},
-       {}},
-      {IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR,
-       {APIPermission::kUsbDeviceUnknownVendor},
-       {}},
-      {new SimpleListFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
-       {APIPermission::kUsbDeviceList},
-       {}},
+      {new USBDevicesFormatter,
+       {},
+       {APIPermission::kUsbDevice, APIPermission::kUsbDeviceUnknownProduct,
+        APIPermission::kUsbDeviceUnknownVendor}},
 
       // Coalesced message rules taken from
       // ChromePermissionMessageProvider::GetWarningMessages():
 
       // Access to users' devices should provide a single warning message
       // specifying the transport method used; serial and/or Bluetooth.
       {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
        {APIPermission::kBluetooth, APIPermission::kSerial},
        {APIPermission::kBluetoothDevices}},
 
@@ skipping 16 matching lines @@
       {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
        {APIPermission::kMediaGalleriesAllGalleriesDelete,
         APIPermission::kMediaGalleriesAllGalleriesRead},
        {}},
       {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
        {APIPermission::kMediaGalleriesAllGalleriesRead},
        {}},
 
       {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
        {APIPermission::kSessions, APIPermission::kHistory},
-       {APIPermission::kFavicon,
-        APIPermission::kProcesses,
-        APIPermission::kTab,
-        APIPermission::kTopSites,
-        APIPermission::kWebNavigation}},
+       {APIPermission::kFavicon, APIPermission::kProcesses, APIPermission::kTab,
+        APIPermission::kTopSites, APIPermission::kWebNavigation}},
       {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
        {APIPermission::kSessions, APIPermission::kTab},
-       {APIPermission::kFavicon,
-        APIPermission::kProcesses,
-        APIPermission::kTopSites,
-        APIPermission::kWebNavigation}},
+       {APIPermission::kFavicon, APIPermission::kProcesses,
+        APIPermission::kTopSites, APIPermission::kWebNavigation}},
 
       // Suppression list taken from
       // ChromePermissionMessageProvider::GetPermissionMessages():
       // Some warnings are more generic and/or powerful and supercede other
       // warnings. In that case, the first message suppresses the second one.
       {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
        {APIPermission::kBluetooth},
        {APIPermission::kBluetoothDevices}},
       {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
        {APIPermission::kBookmark},
        {APIPermission::kOverrideBookmarksUI}},
       // History already allows reading favicons, tab access and accessing the
       // list of most frequently visited sites.
       {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
        {APIPermission::kHistory},
-       {APIPermission::kFavicon,
-        APIPermission::kProcesses,
-        APIPermission::kTab,
-        APIPermission::kTopSites,
-        APIPermission::kWebNavigation}},
+       {APIPermission::kFavicon, APIPermission::kProcesses, APIPermission::kTab,
+        APIPermission::kTopSites, APIPermission::kWebNavigation}},
       // A special hack: If kFileSystemWriteDirectory would be displayed, hide
       // kFileSystemDirectory as the write directory message implies it.
       // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
       // since this rules system can represent the rule. See crbug.com/284849.
       {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
        {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
        {APIPermission::kFileSystemWriteDirectory}},
       // Full access already allows DeclarativeWebRequest, reading the list of
       // most frequently visited sites, and tab access.
       // The warning message for declarativeWebRequest
       // permissions speaks about blocking parts of pages, which is a
       // subset of what the "<all_urls>" access allows. Therefore we
       // display only the "<all_urls>" warning message if both permissions
       // are required.
       {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
        {APIPermission::kHostsAll},
-       {APIPermission::kDeclarativeWebRequest,
-        APIPermission::kTopSites,
-        APIPermission::kTab,
-        APIPermission::kFavicon,
-        APIPermission::kTopSites,
+       {APIPermission::kDeclarativeWebRequest, APIPermission::kTopSites,
+        APIPermission::kTab, APIPermission::kFavicon, APIPermission::kTopSites,
         APIPermission::kHostsAllReadOnly}},
       // AutomationManifestPermission:
       {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
        {APIPermission::kHostsAllReadOnly},
        {}},  // TODO(treib): This should probably include kTab?
       // Tabs already allows reading favicons and reading the list of most
       // frequently visited sites.
       {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
        {APIPermission::kTab},
-       {APIPermission::kFavicon,
-        APIPermission::kProcesses,
-        APIPermission::kTopSites,
-        APIPermission::kWebNavigation}},
+       {APIPermission::kFavicon, APIPermission::kProcesses,
+        APIPermission::kTopSites, APIPermission::kWebNavigation}},
 
       // Individual message rules taken from
       // ChromeAPIPermissions::GetAllPermissions():
       // Permission messages for all extension types:
 
       {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
        {APIPermission::kClipboardRead},
        {}},
       {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
        {APIPermission::kDesktopCapture},
@@ skipping 248 matching lines @@
   insert(permission_four);
   insert(permission_five);
   insert(permission_six);
 }
 
 ChromePermissionMessageRule::PermissionIDSetInitializer::
     ~PermissionIDSetInitializer() {
 }
 
 }  // namespace extensions