| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "base/files/file_path.h" | 5 #include "base/files/file_path.h" |
| 6 #include "base/json/json_file_value_serializer.h" | 6 #include "base/json/json_file_value_serializer.h" |
| 7 #include "base/memory/ref_counted.h" | 7 #include "base/memory/ref_counted.h" |
| 8 #include "base/run_loop.h" | 8 #include "base/run_loop.h" |
| 9 #include "base/strings/stringprintf.h" | 9 #include "base/strings/stringprintf.h" |
| 10 #include "base/values.h" | 10 #include "base/values.h" |
| (...skipping 138 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 149 | 149 |
| 150 private: | 150 private: |
| 151 void Observe(int type, | 151 void Observe(int type, |
| 152 const content::NotificationSource& source, | 152 const content::NotificationSource& source, |
| 153 const content::NotificationDetails& details) override { | 153 const content::NotificationDetails& details) override { |
| 154 received_notification_ = true; | 154 received_notification_ = true; |
| 155 UpdatedExtensionPermissionsInfo* info = | 155 UpdatedExtensionPermissionsInfo* info = |
| 156 content::Details<UpdatedExtensionPermissionsInfo>(details).ptr(); | 156 content::Details<UpdatedExtensionPermissionsInfo>(details).ptr(); |
| 157 | 157 |
| 158 extension_ = info->extension; | 158 extension_ = info->extension; |
| 159 permissions_ = info->permissions; | 159 permissions_ = info->permissions.Clone(); |
| 160 reason_ = info->reason; | 160 reason_ = info->reason; |
| 161 | 161 |
| 162 if (waiting_) { | 162 if (waiting_) { |
| 163 waiting_ = false; | 163 waiting_ = false; |
| 164 base::MessageLoopForUI::current()->Quit(); | 164 base::MessageLoopForUI::current()->Quit(); |
| 165 } | 165 } |
| 166 } | 166 } |
| 167 | 167 |
| 168 bool received_notification_; | 168 bool received_notification_; |
| 169 bool waiting_; | 169 bool waiting_; |
| 170 content::NotificationRegistrar registrar_; | 170 content::NotificationRegistrar registrar_; |
| 171 scoped_refptr<const Extension> extension_; | 171 scoped_refptr<const Extension> extension_; |
| 172 scoped_refptr<const PermissionSet> permissions_; | 172 scoped_ptr<const PermissionSet> permissions_; |
| 173 UpdatedExtensionPermissionsInfo::Reason reason_; | 173 UpdatedExtensionPermissionsInfo::Reason reason_; |
| 174 }; | 174 }; |
| 175 | 175 |
| 176 class PermissionsUpdaterTest : public ExtensionServiceTestBase { | 176 class PermissionsUpdaterTest : public ExtensionServiceTestBase { |
| 177 }; | 177 }; |
| 178 | 178 |
| 179 scoped_refptr<Extension> LoadOurManifest() { | 179 scoped_refptr<Extension> LoadOurManifest() { |
| 180 base::FilePath path; | 180 base::FilePath path; |
| 181 path = path.AppendASCII("api_test") | 181 path = path.AppendASCII("api_test") |
| 182 .AppendASCII("permissions") | 182 .AppendASCII("permissions") |
| (...skipping 20 matching lines...) Expand all Loading... |
| 203 // Load the test extension. | 203 // Load the test extension. |
| 204 scoped_refptr<Extension> extension = LoadOurManifest(); | 204 scoped_refptr<Extension> extension = LoadOurManifest(); |
| 205 ASSERT_TRUE(extension.get()); | 205 ASSERT_TRUE(extension.get()); |
| 206 | 206 |
| 207 APIPermissionSet default_apis; | 207 APIPermissionSet default_apis; |
| 208 default_apis.insert(APIPermission::kManagement); | 208 default_apis.insert(APIPermission::kManagement); |
| 209 ManifestPermissionSet empty_manifest_permissions; | 209 ManifestPermissionSet empty_manifest_permissions; |
| 210 | 210 |
| 211 URLPatternSet default_hosts; | 211 URLPatternSet default_hosts; |
| 212 AddPattern(&default_hosts, "http://a.com/*"); | 212 AddPattern(&default_hosts, "http://a.com/*"); |
| 213 scoped_refptr<const PermissionSet> default_permissions = new PermissionSet( | 213 PermissionSet default_permissions(default_apis, empty_manifest_permissions, |
| 214 default_apis, empty_manifest_permissions, default_hosts, URLPatternSet()); | 214 default_hosts, URLPatternSet()); |
| 215 | 215 |
| 216 // Make sure it loaded properly. | 216 // Make sure it loaded properly. |
| 217 scoped_refptr<const PermissionSet> permissions = | 217 ASSERT_EQ(default_permissions, |
| 218 extension->permissions_data()->active_permissions(); | 218 *extension->permissions_data()->active_permissions()); |
| 219 ASSERT_EQ(*default_permissions.get(), | 219 |
| 220 *extension->permissions_data()->active_permissions().get()); | 220 ExtensionPrefs* prefs = ExtensionPrefs::Get(profile_.get()); |
| 221 scoped_ptr<const PermissionSet> active_permissions; |
| 222 scoped_ptr<const PermissionSet> granted_permissions; |
| 221 | 223 |
| 222 // Add a few permissions. | 224 // Add a few permissions. |
| 223 APIPermissionSet apis; | 225 APIPermissionSet apis; |
| 224 apis.insert(APIPermission::kNotifications); | 226 apis.insert(APIPermission::kNotifications); |
| 225 URLPatternSet hosts; | 227 URLPatternSet hosts; |
| 226 AddPattern(&hosts, "http://*.c.com/*"); | 228 AddPattern(&hosts, "http://*.c.com/*"); |
| 227 | 229 |
| 228 scoped_refptr<const PermissionSet> delta = new PermissionSet( | 230 { |
| 229 apis, empty_manifest_permissions, hosts, URLPatternSet()); | 231 PermissionSet delta(apis, empty_manifest_permissions, hosts, |
| 232 URLPatternSet()); |
| 230 | 233 |
| 231 PermissionsUpdaterListener listener; | 234 PermissionsUpdaterListener listener; |
| 232 PermissionsUpdater updater(profile_.get()); | 235 PermissionsUpdater(profile_.get()).AddPermissions(extension.get(), &delta); |
| 233 updater.AddPermissions(extension.get(), delta.get()); | |
| 234 | 236 |
| 235 listener.Wait(); | 237 listener.Wait(); |
| 236 | 238 |
| 237 // Verify that the permission notification was sent correctly. | 239 // Verify that the permission notification was sent correctly. |
| 238 ASSERT_TRUE(listener.received_notification()); | 240 ASSERT_TRUE(listener.received_notification()); |
| 239 ASSERT_EQ(extension.get(), listener.extension()); | 241 ASSERT_EQ(extension.get(), listener.extension()); |
| 240 ASSERT_EQ(UpdatedExtensionPermissionsInfo::ADDED, listener.reason()); | 242 ASSERT_EQ(UpdatedExtensionPermissionsInfo::ADDED, listener.reason()); |
| 241 ASSERT_EQ(*delta.get(), *listener.permissions()); | 243 ASSERT_EQ(delta, *listener.permissions()); |
| 242 | 244 |
| 243 // Make sure the extension's active permissions reflect the change. | 245 // Make sure the extension's active permissions reflect the change. |
| 244 scoped_refptr<const PermissionSet> active_permissions = | 246 active_permissions = PermissionSet::CreateUnion(default_permissions, delta); |
| 245 PermissionSet::CreateUnion(*default_permissions, *delta); | |
| 246 ASSERT_EQ(*active_permissions.get(), | 247 ASSERT_EQ(*active_permissions.get(), |
| 247 *extension->permissions_data()->active_permissions().get()); | 248 *extension->permissions_data()->active_permissions()); |
| 248 | 249 |
| 249 // Verify that the new granted and active permissions were also stored | 250 // Verify that the new granted and active permissions were also stored |
| 250 // in the extension preferences. In this case, the granted permissions should | 251 // in the extension preferences. In this case, the granted permissions should |
| 251 // be equal to the active permissions. | 252 // be equal to the active permissions. |
| 252 ExtensionPrefs* prefs = ExtensionPrefs::Get(profile_.get()); | 253 ASSERT_EQ(*active_permissions.get(), |
| 253 scoped_refptr<const PermissionSet> granted_permissions = active_permissions; | 254 *prefs->GetActivePermissions(extension->id())); |
| 255 granted_permissions = active_permissions->Clone(); |
| 256 ASSERT_EQ(*granted_permissions, |
| 257 *prefs->GetGrantedPermissions(extension->id())); |
| 258 } |
| 254 | 259 |
| 255 scoped_refptr<const PermissionSet> from_prefs = | 260 { |
| 256 prefs->GetActivePermissions(extension->id()); | |
| 257 ASSERT_EQ(*active_permissions.get(), *from_prefs.get()); | |
| 258 | |
| 259 from_prefs = prefs->GetGrantedPermissions(extension->id()); | |
| 260 ASSERT_EQ(*active_permissions.get(), *from_prefs.get()); | |
| 261 | |
| 262 // In the second part of the test, we'll remove the permissions that we | 261 // In the second part of the test, we'll remove the permissions that we |
| 263 // just added except for 'notifications'. | 262 // just added except for 'notifications'. |
| 264 apis.erase(APIPermission::kNotifications); | 263 apis.erase(APIPermission::kNotifications); |
| 265 delta = new PermissionSet(apis, empty_manifest_permissions, | 264 PermissionSet delta(apis, empty_manifest_permissions, hosts, URLPatternSet()); |
| 266 hosts, URLPatternSet()); | |
| 267 | 265 |
| 268 listener.Reset(); | 266 PermissionsUpdaterListener listener; |
| 269 updater.RemovePermissions(extension.get(), delta.get(), | 267 PermissionsUpdater(profile_.get()) |
| 270 PermissionsUpdater::REMOVE_SOFT); | 268 .RemovePermissions(extension.get(), &delta, |
| 269 PermissionsUpdater::REMOVE_SOFT); |
| 271 listener.Wait(); | 270 listener.Wait(); |
| 272 | 271 |
| 273 // Verify that the notification was correct. | 272 // Verify that the notification was correct. |
| 274 ASSERT_TRUE(listener.received_notification()); | 273 ASSERT_TRUE(listener.received_notification()); |
| 275 ASSERT_EQ(extension.get(), listener.extension()); | 274 ASSERT_EQ(extension.get(), listener.extension()); |
| 276 ASSERT_EQ(UpdatedExtensionPermissionsInfo::REMOVED, listener.reason()); | 275 ASSERT_EQ(UpdatedExtensionPermissionsInfo::REMOVED, listener.reason()); |
| 277 ASSERT_EQ(*delta.get(), *listener.permissions()); | 276 ASSERT_EQ(delta, *listener.permissions()); |
| 278 | 277 |
| 279 // Make sure the extension's active permissions reflect the change. | 278 // Make sure the extension's active permissions reflect the change. |
| 280 active_permissions = | 279 active_permissions = |
| 281 PermissionSet::CreateDifference(*active_permissions, *delta); | 280 PermissionSet::CreateDifference(*active_permissions, delta); |
| 282 ASSERT_EQ(*active_permissions.get(), | 281 ASSERT_EQ(*active_permissions.get(), |
| 283 *extension->permissions_data()->active_permissions().get()); | 282 *extension->permissions_data()->active_permissions()); |
| 284 | 283 |
| 285 // Verify that the extension prefs hold the new active permissions and the | 284 // Verify that the extension prefs hold the new active permissions and the |
| 286 // same granted permissions. | 285 // same granted permissions. |
| 287 from_prefs = prefs->GetActivePermissions(extension->id()); | 286 ASSERT_EQ(*active_permissions, *prefs->GetActivePermissions(extension->id())); |
| 288 ASSERT_EQ(*active_permissions.get(), *from_prefs.get()); | |
| 289 | 287 |
| 290 from_prefs = prefs->GetGrantedPermissions(extension->id()); | 288 ASSERT_EQ(*granted_permissions, |
| 291 ASSERT_EQ(*granted_permissions.get(), *from_prefs.get()); | 289 *prefs->GetGrantedPermissions(extension->id())); |
| 290 } |
| 292 } | 291 } |
| 293 | 292 |
| 294 TEST_F(PermissionsUpdaterTest, WithholdAllHosts) { | 293 TEST_F(PermissionsUpdaterTest, WithholdAllHosts) { |
| 295 InitializeEmptyExtensionService(); | 294 InitializeEmptyExtensionService(); |
| 296 | 295 |
| 297 // Permissions are only withheld with the appropriate switch turned on. | 296 // Permissions are only withheld with the appropriate switch turned on. |
| 298 scoped_ptr<FeatureSwitch::ScopedOverride> switch_override( | 297 scoped_ptr<FeatureSwitch::ScopedOverride> switch_override( |
| 299 new FeatureSwitch::ScopedOverride(FeatureSwitch::scripts_require_action(), | 298 new FeatureSwitch::ScopedOverride(FeatureSwitch::scripts_require_action(), |
| 300 FeatureSwitch::OVERRIDE_ENABLED)); | 299 FeatureSwitch::OVERRIDE_ENABLED)); |
| 301 | 300 |
| (...skipping 186 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 } | 487 } |
| 489 | 488 |
| 490 TEST_F(PermissionsUpdaterTest, RevokingPermissions) { | 489 TEST_F(PermissionsUpdaterTest, RevokingPermissions) { |
| 491 InitializeEmptyExtensionService(); | 490 InitializeEmptyExtensionService(); |
| 492 | 491 |
| 493 ExtensionPrefs* prefs = ExtensionPrefs::Get(profile()); | 492 ExtensionPrefs* prefs = ExtensionPrefs::Get(profile()); |
| 494 | 493 |
| 495 auto api_permission_set = [](APIPermission::ID id) { | 494 auto api_permission_set = [](APIPermission::ID id) { |
| 496 APIPermissionSet apis; | 495 APIPermissionSet apis; |
| 497 apis.insert(id); | 496 apis.insert(id); |
| 498 return make_scoped_refptr(new PermissionSet( | 497 return make_scoped_ptr(new PermissionSet(apis, ManifestPermissionSet(), |
| 499 apis, ManifestPermissionSet(), URLPatternSet(), URLPatternSet())); | 498 URLPatternSet(), URLPatternSet())); |
| 500 }; | 499 }; |
| 501 | 500 |
| 502 auto url_permission_set = [](const GURL& url) { | 501 auto url_permission_set = [](const GURL& url) { |
| 503 URLPatternSet set; | 502 URLPatternSet set; |
| 504 URLPattern pattern(URLPattern::SCHEME_ALL, url.spec()); | 503 URLPattern pattern(URLPattern::SCHEME_ALL, url.spec()); |
| 505 set.AddPattern(pattern); | 504 set.AddPattern(pattern); |
| 506 return make_scoped_refptr(new PermissionSet( | 505 return make_scoped_ptr(new PermissionSet( |
| 507 APIPermissionSet(), ManifestPermissionSet(), set, URLPatternSet())); | 506 APIPermissionSet(), ManifestPermissionSet(), set, URLPatternSet())); |
| 508 }; | 507 }; |
| 509 | 508 |
| 510 { | 509 { |
| 511 // Test revoking optional permissions. | 510 // Test revoking optional permissions. |
| 512 ListBuilder optional_permissions; | 511 ListBuilder optional_permissions; |
| 513 optional_permissions.Append("tabs").Append("cookies").Append("management"); | 512 optional_permissions.Append("tabs").Append("cookies").Append("management"); |
| 514 ListBuilder required_permissions; | 513 ListBuilder required_permissions; |
| 515 required_permissions.Append("topSites"); | 514 required_permissions.Append("topSites"); |
| 516 scoped_refptr<const Extension> extension = | 515 scoped_refptr<const Extension> extension = |
| 517 CreateExtensionWithOptionalPermissions(optional_permissions.Build(), | 516 CreateExtensionWithOptionalPermissions(optional_permissions.Build(), |
| 518 required_permissions.Build(), | 517 required_permissions.Build(), |
| 519 "My Extension"); | 518 "My Extension"); |
| 520 | 519 |
| 521 PermissionsUpdater updater(profile()); | 520 PermissionsUpdater updater(profile()); |
| 522 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get())->IsEmpty()); | 521 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get())->IsEmpty()); |
| 523 | 522 |
| 524 // Add the optional "cookies" permission. | 523 // Add the optional "cookies" permission. |
| 525 updater.AddPermissions(extension.get(), | 524 updater.AddPermissions(extension.get(), |
| 526 api_permission_set(APIPermission::kCookie).get()); | 525 api_permission_set(APIPermission::kCookie).get()); |
| 527 const PermissionsData* permissions = extension->permissions_data(); | 526 const PermissionsData* permissions = extension->permissions_data(); |
| 528 // The extension should have the permission in its active permissions and | 527 // The extension should have the permission in its active permissions and |
| 529 // its granted permissions (stored in prefs). And, the permission should | 528 // its granted permissions (stored in prefs). And, the permission should |
| 530 // be revokable. | 529 // be revokable. |
| 531 EXPECT_TRUE(permissions->HasAPIPermission(APIPermission::kCookie)); | 530 EXPECT_TRUE(permissions->HasAPIPermission(APIPermission::kCookie)); |
| 532 scoped_refptr<const PermissionSet> granted_permissions = | 531 scoped_ptr<const PermissionSet> granted_permissions = |
| 533 prefs->GetGrantedPermissions(extension->id()); | 532 prefs->GetGrantedPermissions(extension->id()); |
| 534 EXPECT_TRUE(granted_permissions->HasAPIPermission(APIPermission::kCookie)); | 533 EXPECT_TRUE(granted_permissions->HasAPIPermission(APIPermission::kCookie)); |
| 535 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get()) | 534 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get()) |
| 536 ->HasAPIPermission(APIPermission::kCookie)); | 535 ->HasAPIPermission(APIPermission::kCookie)); |
| 537 | 536 |
| 538 // Repeat with "tabs". | 537 // Repeat with "tabs". |
| 539 updater.AddPermissions(extension.get(), | 538 updater.AddPermissions(extension.get(), |
| 540 api_permission_set(APIPermission::kTab).get()); | 539 api_permission_set(APIPermission::kTab).get()); |
| 541 EXPECT_TRUE(permissions->HasAPIPermission(APIPermission::kTab)); | 540 EXPECT_TRUE(permissions->HasAPIPermission(APIPermission::kTab)); |
| 542 granted_permissions = prefs->GetGrantedPermissions(extension->id()); | 541 granted_permissions = prefs->GetGrantedPermissions(extension->id()); |
| (...skipping 71 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 614 ->active_permissions() | 613 ->active_permissions() |
| 615 ->HasExplicitAccessToOrigin(kOrigin)); | 614 ->HasExplicitAccessToOrigin(kOrigin)); |
| 616 EXPECT_TRUE(extension->permissions_data() | 615 EXPECT_TRUE(extension->permissions_data() |
| 617 ->withheld_permissions() | 616 ->withheld_permissions() |
| 618 ->HasExplicitAccessToOrigin(kOrigin)); | 617 ->HasExplicitAccessToOrigin(kOrigin)); |
| 619 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get())->IsEmpty()); | 618 EXPECT_TRUE(updater.GetRevokablePermissions(extension.get())->IsEmpty()); |
| 620 } | 619 } |
| 621 } | 620 } |
| 622 | 621 |
| 623 } // namespace extensions | 622 } // namespace extensions |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1349613003:
[Extensions] Un-refcount PermissionSet (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master