Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(23)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/common/extensions/permissions/permission_set_unittest.cc

Issue 1349613003: [Extensions] Un-refcount PermissionSet (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Rebase Created 5 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
« no previous file with comments | « chrome/common/extensions/permissions/chrome_permission_message_provider_unittest.cc ('k') | chrome/common/extensions/permissions/permissions_data_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "base/command_line.h" 5 #include "base/command_line.h"
6 #include "base/json/json_file_value_serializer.h" 6 #include "base/json/json_file_value_serializer.h"
7 #include "base/logging.h" 7 #include "base/logging.h"
8 #include "base/strings/string_number_conversions.h" 8 #include "base/strings/string_number_conversions.h"
9 #include "base/strings/stringprintf.h" 9 #include "base/strings/stringprintf.h"
10 #include "base/strings/utf_string_conversions.h" 10 #include "base/strings/utf_string_conversions.h"
(...skipping 170 matching lines...) Expand 10 before | Expand all | Expand 10 after
181 EXPECT_EQ(storage_name, info->GetByID( 181 EXPECT_EQ(storage_name, info->GetByID(
182 APIPermission::kUnlimitedStorage)->name()); 182 APIPermission::kUnlimitedStorage)->name());
183 EXPECT_EQ(APIPermission::kUnlimitedStorage, 183 EXPECT_EQ(APIPermission::kUnlimitedStorage,
184 info->GetByName("unlimitedStorage")->id()); 184 info->GetByName("unlimitedStorage")->id());
185 EXPECT_EQ(APIPermission::kUnlimitedStorage, 185 EXPECT_EQ(APIPermission::kUnlimitedStorage,
186 info->GetByName("unlimited_storage")->id()); 186 info->GetByName("unlimited_storage")->id());
187 } 187 }
188 188
189 TEST(PermissionsTest, EffectiveHostPermissions) { 189 TEST(PermissionsTest, EffectiveHostPermissions) {
190 scoped_refptr<Extension> extension; 190 scoped_refptr<Extension> extension;
191 scoped_refptr<const PermissionSet> permissions;
192 191
193 extension = LoadManifest("effective_host_permissions", "empty.json"); 192 extension = LoadManifest("effective_host_permissions", "empty.json");
194 permissions = extension->permissions_data()->active_permissions(); 193 const PermissionSet* permissions =
194 extension->permissions_data()->active_permissions();
195 EXPECT_EQ(0u, 195 EXPECT_EQ(0u,
196 extension->permissions_data() 196 extension->permissions_data()
197 ->GetEffectiveHostPermissions() 197 ->GetEffectiveHostPermissions()
198 .patterns() 198 .patterns()
199 .size()); 199 .size());
200 EXPECT_FALSE( 200 EXPECT_FALSE(
201 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com"))); 201 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com")));
202 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts()); 202 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts());
203 203
204 extension = LoadManifest("effective_host_permissions", "one_host.json"); 204 extension = LoadManifest("effective_host_permissions", "one_host.json");
(...skipping 64 matching lines...) Expand 10 before | Expand all | Expand 10 after
269 TEST(PermissionsTest, ExplicitAccessToOrigin) { 269 TEST(PermissionsTest, ExplicitAccessToOrigin) {
270 APIPermissionSet apis; 270 APIPermissionSet apis;
271 ManifestPermissionSet manifest_permissions; 271 ManifestPermissionSet manifest_permissions;
272 URLPatternSet explicit_hosts; 272 URLPatternSet explicit_hosts;
273 URLPatternSet scriptable_hosts; 273 URLPatternSet scriptable_hosts;
274 274
275 AddPattern(&explicit_hosts, "http://*.google.com/*"); 275 AddPattern(&explicit_hosts, "http://*.google.com/*");
276 // The explicit host paths should get set to /*. 276 // The explicit host paths should get set to /*.
277 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*"); 277 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*");
278 278
279 scoped_refptr<const PermissionSet> perm_set = new PermissionSet( 279 PermissionSet perm_set(apis, manifest_permissions, explicit_hosts,
280 apis, manifest_permissions, explicit_hosts, scriptable_hosts); 280 scriptable_hosts);
281 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 281 ASSERT_TRUE(
282 GURL("http://www.google.com/"))); 282 perm_set.HasExplicitAccessToOrigin(GURL("http://www.google.com/")));
283 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 283 ASSERT_TRUE(
284 GURL("http://test.google.com/"))); 284 perm_set.HasExplicitAccessToOrigin(GURL("http://test.google.com/")));
285 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin( 285 ASSERT_TRUE(
286 GURL("http://www.example.com"))); 286 perm_set.HasExplicitAccessToOrigin(GURL("http://www.example.com")));
287 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL( 287 ASSERT_TRUE(perm_set.HasEffectiveAccessToURL(GURL("http://www.example.com")));
288 GURL("http://www.example.com"))); 288 ASSERT_FALSE(
289 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin( 289 perm_set.HasExplicitAccessToOrigin(GURL("http://test.example.com")));
290 GURL("http://test.example.com")));
291 } 290 }
292 291
293 TEST(PermissionsTest, CreateUnion) { 292 TEST(PermissionsTest, CreateUnion) {
294 APIPermission* permission = NULL; 293 APIPermission* permission = NULL;
295 294
296 ManifestPermissionSet manifest_permissions; 295 ManifestPermissionSet manifest_permissions;
297 APIPermissionSet apis1; 296 APIPermissionSet apis1;
298 APIPermissionSet apis2; 297 APIPermissionSet apis2;
299 APIPermissionSet expected_apis; 298 APIPermissionSet expected_apis;
300 299
301 URLPatternSet explicit_hosts1; 300 URLPatternSet explicit_hosts1;
302 URLPatternSet explicit_hosts2; 301 URLPatternSet explicit_hosts2;
303 URLPatternSet expected_explicit_hosts; 302 URLPatternSet expected_explicit_hosts;
304 303
305 URLPatternSet scriptable_hosts1; 304 URLPatternSet scriptable_hosts1;
306 URLPatternSet scriptable_hosts2; 305 URLPatternSet scriptable_hosts2;
307 URLPatternSet expected_scriptable_hosts; 306 URLPatternSet expected_scriptable_hosts;
308 307
309 URLPatternSet effective_hosts; 308 URLPatternSet effective_hosts;
310 309
311 scoped_refptr<const PermissionSet> set1; 310 scoped_ptr<const PermissionSet> set1;
312 scoped_refptr<const PermissionSet> set2; 311 scoped_ptr<const PermissionSet> set2;
313 scoped_refptr<const PermissionSet> union_set; 312 scoped_ptr<const PermissionSet> union_set;
314 313
315 const APIPermissionInfo* permission_info = 314 const APIPermissionInfo* permission_info =
316 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); 315 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
317 permission = permission_info->CreateAPIPermission(); 316 permission = permission_info->CreateAPIPermission();
318 { 317 {
319 scoped_ptr<base::ListValue> value(new base::ListValue()); 318 scoped_ptr<base::ListValue> value(new base::ListValue());
320 value->Append(new base::StringValue("tcp-connect:*.example.com:80")); 319 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
321 value->Append(new base::StringValue("udp-bind::8080")); 320 value->Append(new base::StringValue("udp-bind::8080"));
322 value->Append(new base::StringValue("udp-send-to::8888")); 321 value->Append(new base::StringValue("udp-send-to::8888"));
323 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL)); 322 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
324 } 323 }
325 324
326 // Union with an empty set. 325 // Union with an empty set.
327 apis1.insert(APIPermission::kTab); 326 apis1.insert(APIPermission::kTab);
328 apis1.insert(APIPermission::kBackground); 327 apis1.insert(APIPermission::kBackground);
329 apis1.insert(permission->Clone()); 328 apis1.insert(permission->Clone());
330 expected_apis.insert(APIPermission::kTab); 329 expected_apis.insert(APIPermission::kTab);
331 expected_apis.insert(APIPermission::kBackground); 330 expected_apis.insert(APIPermission::kBackground);
332 expected_apis.insert(permission); 331 expected_apis.insert(permission);
333 332
334 AddPattern(&explicit_hosts1, "http://*.google.com/*"); 333 AddPattern(&explicit_hosts1, "http://*.google.com/*");
335 AddPattern(&expected_explicit_hosts, "http://*.google.com/*"); 334 AddPattern(&expected_explicit_hosts, "http://*.google.com/*");
336 AddPattern(&effective_hosts, "http://*.google.com/*"); 335 AddPattern(&effective_hosts, "http://*.google.com/*");
337 336
338 set1 = new PermissionSet(apis1, manifest_permissions, 337 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,
339 explicit_hosts1, scriptable_hosts1); 338 scriptable_hosts1));
340 set2 = new PermissionSet(apis2, manifest_permissions, 339 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
341 explicit_hosts2, scriptable_hosts2); 340 scriptable_hosts2));
342 union_set = PermissionSet::CreateUnion(*set1, *set2); 341 union_set = PermissionSet::CreateUnion(*set1, *set2);
343 EXPECT_TRUE(set1->Contains(*set2.get())); 342 EXPECT_TRUE(set1->Contains(*set2.get()));
344 EXPECT_TRUE(set1->Contains(*union_set.get())); 343 EXPECT_TRUE(set1->Contains(*union_set.get()));
345 EXPECT_FALSE(set2->Contains(*set1.get())); 344 EXPECT_FALSE(set2->Contains(*set1.get()));
346 EXPECT_FALSE(set2->Contains(*union_set.get())); 345 EXPECT_FALSE(set2->Contains(*union_set.get()));
347 EXPECT_TRUE(union_set->Contains(*set1.get())); 346 EXPECT_TRUE(union_set->Contains(*set1.get()));
348 EXPECT_TRUE(union_set->Contains(*set2.get())); 347 EXPECT_TRUE(union_set->Contains(*set2.get()));
349 348
350 EXPECT_FALSE(union_set->HasEffectiveFullAccess()); 349 EXPECT_FALSE(union_set->HasEffectiveFullAccess());
351 EXPECT_EQ(expected_apis, union_set->apis()); 350 EXPECT_EQ(expected_apis, union_set->apis());
(...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after
386 expected_apis.insert(permission); 385 expected_apis.insert(permission);
387 386
388 AddPattern(&explicit_hosts2, "http://*.example.com/*"); 387 AddPattern(&explicit_hosts2, "http://*.example.com/*");
389 AddPattern(&scriptable_hosts2, "http://*.google.com/*"); 388 AddPattern(&scriptable_hosts2, "http://*.google.com/*");
390 AddPattern(&expected_explicit_hosts, "http://*.example.com/*"); 389 AddPattern(&expected_explicit_hosts, "http://*.example.com/*");
391 AddPattern(&expected_scriptable_hosts, "http://*.google.com/*"); 390 AddPattern(&expected_scriptable_hosts, "http://*.google.com/*");
392 391
393 effective_hosts = 392 effective_hosts =
394 URLPatternSet::CreateUnion(explicit_hosts2, scriptable_hosts2); 393 URLPatternSet::CreateUnion(explicit_hosts2, scriptable_hosts2);
395 394
396 set2 = new PermissionSet(apis2, manifest_permissions, 395 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
397 explicit_hosts2, scriptable_hosts2); 396 scriptable_hosts2));
398 union_set = PermissionSet::CreateUnion(*set1, *set2); 397 union_set = PermissionSet::CreateUnion(*set1, *set2);
399 398
400 EXPECT_FALSE(set1->Contains(*set2.get())); 399 EXPECT_FALSE(set1->Contains(*set2.get()));
401 EXPECT_FALSE(set1->Contains(*union_set.get())); 400 EXPECT_FALSE(set1->Contains(*union_set.get()));
402 EXPECT_FALSE(set2->Contains(*set1.get())); 401 EXPECT_FALSE(set2->Contains(*set1.get()));
403 EXPECT_FALSE(set2->Contains(*union_set.get())); 402 EXPECT_FALSE(set2->Contains(*union_set.get()));
404 EXPECT_TRUE(union_set->Contains(*set1.get())); 403 EXPECT_TRUE(union_set->Contains(*set1.get()));
405 EXPECT_TRUE(union_set->Contains(*set2.get())); 404 EXPECT_TRUE(union_set->Contains(*set2.get()));
406 405
407 EXPECT_TRUE(union_set->HasEffectiveFullAccess()); 406 EXPECT_TRUE(union_set->HasEffectiveFullAccess());
(...skipping 15 matching lines...) Expand all
423 URLPatternSet explicit_hosts1; 422 URLPatternSet explicit_hosts1;
424 URLPatternSet explicit_hosts2; 423 URLPatternSet explicit_hosts2;
425 URLPatternSet expected_explicit_hosts; 424 URLPatternSet expected_explicit_hosts;
426 425
427 URLPatternSet scriptable_hosts1; 426 URLPatternSet scriptable_hosts1;
428 URLPatternSet scriptable_hosts2; 427 URLPatternSet scriptable_hosts2;
429 URLPatternSet expected_scriptable_hosts; 428 URLPatternSet expected_scriptable_hosts;
430 429
431 URLPatternSet effective_hosts; 430 URLPatternSet effective_hosts;
432 431
433 scoped_refptr<const PermissionSet> set1; 432 scoped_ptr<const PermissionSet> set1;
434 scoped_refptr<const PermissionSet> set2; 433 scoped_ptr<const PermissionSet> set2;
435 scoped_refptr<const PermissionSet> new_set; 434 scoped_ptr<const PermissionSet> new_set;
436 435
437 const APIPermissionInfo* permission_info = 436 const APIPermissionInfo* permission_info =
438 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); 437 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
439 438
440 // Intersection with an empty set. 439 // Intersection with an empty set.
441 apis1.insert(APIPermission::kTab); 440 apis1.insert(APIPermission::kTab);
442 apis1.insert(APIPermission::kBackground); 441 apis1.insert(APIPermission::kBackground);
443 permission = permission_info->CreateAPIPermission(); 442 permission = permission_info->CreateAPIPermission();
444 { 443 {
445 scoped_ptr<base::ListValue> value(new base::ListValue()); 444 scoped_ptr<base::ListValue> value(new base::ListValue());
446 value->Append(new base::StringValue("tcp-connect:*.example.com:80")); 445 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
447 value->Append(new base::StringValue("udp-bind::8080")); 446 value->Append(new base::StringValue("udp-bind::8080"));
448 value->Append(new base::StringValue("udp-send-to::8888")); 447 value->Append(new base::StringValue("udp-send-to::8888"));
449 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL)); 448 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
450 } 449 }
451 apis1.insert(permission); 450 apis1.insert(permission);
452 451
453 AddPattern(&explicit_hosts1, "http://*.google.com/*"); 452 AddPattern(&explicit_hosts1, "http://*.google.com/*");
454 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*"); 453 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");
455 454
456 set1 = new PermissionSet(apis1, manifest_permissions, 455 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,
457 explicit_hosts1, scriptable_hosts1); 456 scriptable_hosts1));
458 set2 = new PermissionSet(apis2, manifest_permissions, 457 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
459 explicit_hosts2, scriptable_hosts2); 458 scriptable_hosts2));
460 new_set = PermissionSet::CreateIntersection(*set1, *set2); 459 new_set = PermissionSet::CreateIntersection(*set1, *set2);
461 EXPECT_TRUE(set1->Contains(*new_set.get())); 460 EXPECT_TRUE(set1->Contains(*new_set.get()));
462 EXPECT_TRUE(set2->Contains(*new_set.get())); 461 EXPECT_TRUE(set2->Contains(*new_set.get()));
463 EXPECT_TRUE(set1->Contains(*set2.get())); 462 EXPECT_TRUE(set1->Contains(*set2.get()));
464 EXPECT_FALSE(set2->Contains(*set1.get())); 463 EXPECT_FALSE(set2->Contains(*set1.get()));
465 EXPECT_FALSE(new_set->Contains(*set1.get())); 464 EXPECT_FALSE(new_set->Contains(*set1.get()));
466 EXPECT_TRUE(new_set->Contains(*set2.get())); 465 EXPECT_TRUE(new_set->Contains(*set2.get()));
467 466
468 EXPECT_TRUE(new_set->IsEmpty()); 467 EXPECT_TRUE(new_set->IsEmpty());
469 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); 468 EXPECT_FALSE(new_set->HasEffectiveFullAccess());
(...skipping 28 matching lines...) Expand all
498 expected_apis.insert(permission); 497 expected_apis.insert(permission);
499 498
500 AddPattern(&explicit_hosts2, "http://*.example.com/*"); 499 AddPattern(&explicit_hosts2, "http://*.example.com/*");
501 AddPattern(&explicit_hosts2, "http://*.google.com/*"); 500 AddPattern(&explicit_hosts2, "http://*.google.com/*");
502 AddPattern(&scriptable_hosts2, "http://*.google.com/*"); 501 AddPattern(&scriptable_hosts2, "http://*.google.com/*");
503 AddPattern(&expected_explicit_hosts, "http://*.google.com/*"); 502 AddPattern(&expected_explicit_hosts, "http://*.google.com/*");
504 503
505 effective_hosts.ClearPatterns(); 504 effective_hosts.ClearPatterns();
506 AddPattern(&effective_hosts, "http://*.google.com/*"); 505 AddPattern(&effective_hosts, "http://*.google.com/*");
507 506
508 set2 = new PermissionSet(apis2, manifest_permissions, 507 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
509 explicit_hosts2, scriptable_hosts2); 508 scriptable_hosts2));
510 new_set = PermissionSet::CreateIntersection(*set1, *set2); 509 new_set = PermissionSet::CreateIntersection(*set1, *set2);
511 510
512 EXPECT_TRUE(set1->Contains(*new_set.get())); 511 EXPECT_TRUE(set1->Contains(*new_set.get()));
513 EXPECT_TRUE(set2->Contains(*new_set.get())); 512 EXPECT_TRUE(set2->Contains(*new_set.get()));
514 EXPECT_FALSE(set1->Contains(*set2.get())); 513 EXPECT_FALSE(set1->Contains(*set2.get()));
515 EXPECT_FALSE(set2->Contains(*set1.get())); 514 EXPECT_FALSE(set2->Contains(*set1.get()));
516 EXPECT_FALSE(new_set->Contains(*set1.get())); 515 EXPECT_FALSE(new_set->Contains(*set1.get()));
517 EXPECT_FALSE(new_set->Contains(*set2.get())); 516 EXPECT_FALSE(new_set->Contains(*set2.get()));
518 517
519 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); 518 EXPECT_FALSE(new_set->HasEffectiveFullAccess());
(...skipping 15 matching lines...) Expand all
535 URLPatternSet explicit_hosts1; 534 URLPatternSet explicit_hosts1;
536 URLPatternSet explicit_hosts2; 535 URLPatternSet explicit_hosts2;
537 URLPatternSet expected_explicit_hosts; 536 URLPatternSet expected_explicit_hosts;
538 537
539 URLPatternSet scriptable_hosts1; 538 URLPatternSet scriptable_hosts1;
540 URLPatternSet scriptable_hosts2; 539 URLPatternSet scriptable_hosts2;
541 URLPatternSet expected_scriptable_hosts; 540 URLPatternSet expected_scriptable_hosts;
542 541
543 URLPatternSet effective_hosts; 542 URLPatternSet effective_hosts;
544 543
545 scoped_refptr<const PermissionSet> set1; 544 scoped_ptr<const PermissionSet> set1;
546 scoped_refptr<const PermissionSet> set2; 545 scoped_ptr<const PermissionSet> set2;
547 scoped_refptr<const PermissionSet> new_set; 546 scoped_ptr<const PermissionSet> new_set;
548 547
549 const APIPermissionInfo* permission_info = 548 const APIPermissionInfo* permission_info =
550 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket); 549 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
551 550
552 // Difference with an empty set. 551 // Difference with an empty set.
553 apis1.insert(APIPermission::kTab); 552 apis1.insert(APIPermission::kTab);
554 apis1.insert(APIPermission::kBackground); 553 apis1.insert(APIPermission::kBackground);
555 permission = permission_info->CreateAPIPermission(); 554 permission = permission_info->CreateAPIPermission();
556 { 555 {
557 scoped_ptr<base::ListValue> value(new base::ListValue()); 556 scoped_ptr<base::ListValue> value(new base::ListValue());
558 value->Append(new base::StringValue("tcp-connect:*.example.com:80")); 557 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
559 value->Append(new base::StringValue("udp-bind::8080")); 558 value->Append(new base::StringValue("udp-bind::8080"));
560 value->Append(new base::StringValue("udp-send-to::8888")); 559 value->Append(new base::StringValue("udp-send-to::8888"));
561 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL)); 560 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
562 } 561 }
563 apis1.insert(permission); 562 apis1.insert(permission);
564 563
565 AddPattern(&explicit_hosts1, "http://*.google.com/*"); 564 AddPattern(&explicit_hosts1, "http://*.google.com/*");
566 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*"); 565 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");
567 566
568 set1 = new PermissionSet(apis1, manifest_permissions, 567 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,
569 explicit_hosts1, scriptable_hosts1); 568 scriptable_hosts1));
570 set2 = new PermissionSet(apis2, manifest_permissions, 569 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
571 explicit_hosts2, scriptable_hosts2); 570 scriptable_hosts2));
572 new_set = PermissionSet::CreateDifference(*set1, *set2); 571 new_set = PermissionSet::CreateDifference(*set1, *set2);
573 EXPECT_EQ(*set1.get(), *new_set.get()); 572 EXPECT_EQ(*set1.get(), *new_set.get());
574 573
575 // Now use a real second set. 574 // Now use a real second set.
576 apis2.insert(APIPermission::kTab); 575 apis2.insert(APIPermission::kTab);
577 apis2.insert(APIPermission::kProxy); 576 apis2.insert(APIPermission::kProxy);
578 apis2.insert(APIPermission::kClipboardWrite); 577 apis2.insert(APIPermission::kClipboardWrite);
579 apis2.insert(APIPermission::kPlugin); 578 apis2.insert(APIPermission::kPlugin);
580 permission = permission_info->CreateAPIPermission(); 579 permission = permission_info->CreateAPIPermission();
581 { 580 {
(...skipping 15 matching lines...) Expand all
597 expected_apis.insert(permission); 596 expected_apis.insert(permission);
598 597
599 AddPattern(&explicit_hosts2, "http://*.example.com/*"); 598 AddPattern(&explicit_hosts2, "http://*.example.com/*");
600 AddPattern(&explicit_hosts2, "http://*.google.com/*"); 599 AddPattern(&explicit_hosts2, "http://*.google.com/*");
601 AddPattern(&scriptable_hosts2, "http://*.google.com/*"); 600 AddPattern(&scriptable_hosts2, "http://*.google.com/*");
602 AddPattern(&expected_scriptable_hosts, "http://www.reddit.com/*"); 601 AddPattern(&expected_scriptable_hosts, "http://www.reddit.com/*");
603 602
604 effective_hosts.ClearPatterns(); 603 effective_hosts.ClearPatterns();
605 AddPattern(&effective_hosts, "http://www.reddit.com/*"); 604 AddPattern(&effective_hosts, "http://www.reddit.com/*");
606 605
607 set2 = new PermissionSet(apis2, manifest_permissions, 606 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,
608 explicit_hosts2, scriptable_hosts2); 607 scriptable_hosts2));
609 new_set = PermissionSet::CreateDifference(*set1, *set2); 608 new_set = PermissionSet::CreateDifference(*set1, *set2);
610 609
611 EXPECT_TRUE(set1->Contains(*new_set.get())); 610 EXPECT_TRUE(set1->Contains(*new_set.get()));
612 EXPECT_FALSE(set2->Contains(*new_set.get())); 611 EXPECT_FALSE(set2->Contains(*new_set.get()));
613 612
614 EXPECT_FALSE(new_set->HasEffectiveFullAccess()); 613 EXPECT_FALSE(new_set->HasEffectiveFullAccess());
615 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts()); 614 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts());
616 EXPECT_EQ(expected_apis, new_set->apis()); 615 EXPECT_EQ(expected_apis, new_set->apis());
617 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts()); 616 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
618 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts()); 617 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
(...skipping 51 matching lines...) Expand 10 before | Expand all | Expand 10 after
670 LoadManifest("allow_silent_upgrade", 669 LoadManifest("allow_silent_upgrade",
671 std::string(kTests[i].base_name) + "_old.json")); 670 std::string(kTests[i].base_name) + "_old.json"));
672 scoped_refptr<Extension> new_extension( 671 scoped_refptr<Extension> new_extension(
673 LoadManifest("allow_silent_upgrade", 672 LoadManifest("allow_silent_upgrade",
674 std::string(kTests[i].base_name) + "_new.json")); 673 std::string(kTests[i].base_name) + "_new.json"));
675 674
676 EXPECT_TRUE(new_extension.get()) << kTests[i].base_name << "_new.json"; 675 EXPECT_TRUE(new_extension.get()) << kTests[i].base_name << "_new.json";
677 if (!new_extension.get()) 676 if (!new_extension.get())
678 continue; 677 continue;
679 678
680 scoped_refptr<const PermissionSet> old_p( 679 const PermissionSet* old_p =
681 old_extension->permissions_data()->active_permissions()); 680 old_extension->permissions_data()->active_permissions();
682 scoped_refptr<const PermissionSet> new_p( 681 const PermissionSet* new_p =
683 new_extension->permissions_data()->active_permissions()); 682 new_extension->permissions_data()->active_permissions();
684 Manifest::Type extension_type = old_extension->GetType(); 683 Manifest::Type extension_type = old_extension->GetType();
685 684
686 bool increased = PermissionMessageProvider::Get()->IsPrivilegeIncrease( 685 bool increased = PermissionMessageProvider::Get()->IsPrivilegeIncrease(
687 old_p.get(), new_p.get(), extension_type); 686 old_p, new_p, extension_type);
688 EXPECT_EQ(kTests[i].expect_increase, increased) << kTests[i].base_name; 687 EXPECT_EQ(kTests[i].expect_increase, increased) << kTests[i].base_name;
689 } 688 }
690 } 689 }
691 690
692 TEST(PermissionsTest, PermissionMessages) { 691 TEST(PermissionsTest, PermissionMessages) {
693 // Ensure that all permissions that needs to show install UI actually have 692 // Ensure that all permissions that needs to show install UI actually have
694 // strings associated with them. 693 // strings associated with them.
695 APIPermissionSet skip; 694 APIPermissionSet skip;
696 695
697 // These are considered "nuisance" or "trivial" permissions that don't need 696 // These are considered "nuisance" or "trivial" permissions that don't need
(...skipping 159 matching lines...) Expand 10 before | Expand all | Expand 10 after
857 bool has_message = !provider->GetPermissionMessages(id).empty(); 856 bool has_message = !provider->GetPermissionMessages(id).empty();
858 bool should_have_message = !skip.count(i->id()); 857 bool should_have_message = !skip.count(i->id());
859 EXPECT_EQ(should_have_message, has_message) << permission_info->name(); 858 EXPECT_EQ(should_have_message, has_message) << permission_info->name();
860 } 859 }
861 } 860 }
862 861
863 TEST(PermissionsTest, FileSystemPermissionMessages) { 862 TEST(PermissionsTest, FileSystemPermissionMessages) {
864 APIPermissionSet api_permissions; 863 APIPermissionSet api_permissions;
865 api_permissions.insert(APIPermission::kFileSystemWrite); 864 api_permissions.insert(APIPermission::kFileSystemWrite);
866 api_permissions.insert(APIPermission::kFileSystemDirectory); 865 api_permissions.insert(APIPermission::kFileSystemDirectory);
867 scoped_refptr<const PermissionSet> permissions( 866 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
868 new PermissionSet(api_permissions, ManifestPermissionSet(), 867 URLPatternSet(), URLPatternSet());
869 URLPatternSet(), URLPatternSet())); 868 EXPECT_TRUE(
870 EXPECT_TRUE(PermissionSetProducesMessage( 869 PermissionSetProducesMessage(&permissions, Manifest::TYPE_PLATFORM_APP,
871 permissions.get(), Manifest::TYPE_PLATFORM_APP, 870 MakePermissionIDSet(api_permissions)));
872 MakePermissionIDSet(api_permissions)));
873 } 871 }
874 872
875 TEST(PermissionsTest, HiddenFileSystemPermissionMessages) { 873 TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {
876 APIPermissionSet api_permissions; 874 APIPermissionSet api_permissions;
877 api_permissions.insert(APIPermission::kFileSystemWrite); 875 api_permissions.insert(APIPermission::kFileSystemWrite);
878 api_permissions.insert(APIPermission::kFileSystemDirectory); 876 api_permissions.insert(APIPermission::kFileSystemDirectory);
879 scoped_refptr<const PermissionSet> permissions( 877 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
880 new PermissionSet(api_permissions, ManifestPermissionSet(), 878 URLPatternSet(), URLPatternSet());
881 URLPatternSet(), URLPatternSet())); 879 EXPECT_TRUE(
882 EXPECT_TRUE(PermissionSetProducesMessage( 880 PermissionSetProducesMessage(&permissions, Manifest::TYPE_PLATFORM_APP,
883 permissions.get(), Manifest::TYPE_PLATFORM_APP, 881 MakePermissionIDSet(api_permissions)));
884 MakePermissionIDSet(api_permissions)));
885 } 882 }
886 883
887 TEST(PermissionsTest, SuppressedPermissionMessages) { 884 TEST(PermissionsTest, SuppressedPermissionMessages) {
888 { 885 {
889 // Tabs warning suppresses favicon warning. 886 // Tabs warning suppresses favicon warning.
890 APIPermissionSet api_permissions; 887 APIPermissionSet api_permissions;
891 api_permissions.insert(APIPermission::kTab); 888 api_permissions.insert(APIPermission::kTab);
892 URLPatternSet hosts; 889 URLPatternSet hosts;
893 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, 890 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
894 "chrome://favicon/")); 891 "chrome://favicon/"));
895 scoped_refptr<const PermissionSet> permissions(new PermissionSet( 892 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,
896 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet())); 893 URLPatternSet());
897 EXPECT_TRUE(PermissionSetProducesMessage( 894 EXPECT_TRUE(PermissionSetProducesMessage(
898 permissions.get(), Manifest::TYPE_EXTENSION, 895 &permissions, Manifest::TYPE_EXTENSION,
899 MakePermissionIDSet(APIPermission::kTab, APIPermission::kFavicon))); 896 MakePermissionIDSet(APIPermission::kTab, APIPermission::kFavicon)));
900 } 897 }
901 { 898 {
902 // History warning suppresses favicon warning. 899 // History warning suppresses favicon warning.
903 APIPermissionSet api_permissions; 900 APIPermissionSet api_permissions;
904 api_permissions.insert(APIPermission::kHistory); 901 api_permissions.insert(APIPermission::kHistory);
905 URLPatternSet hosts; 902 URLPatternSet hosts;
906 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, 903 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,
907 "chrome://favicon/")); 904 "chrome://favicon/"));
908 scoped_refptr<const PermissionSet> permissions(new PermissionSet( 905 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,
909 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet())); 906 URLPatternSet());
910 EXPECT_TRUE(PermissionSetProducesMessage( 907 EXPECT_TRUE(PermissionSetProducesMessage(
911 permissions.get(), Manifest::TYPE_EXTENSION, 908 &permissions, Manifest::TYPE_EXTENSION,
912 MakePermissionIDSet(APIPermission::kHistory, APIPermission::kFavicon))); 909 MakePermissionIDSet(APIPermission::kHistory, APIPermission::kFavicon)));
913 } 910 }
914 { 911 {
915 // All sites warning suppresses tabs warning. 912 // All sites warning suppresses tabs warning.
916 APIPermissionSet api_permissions; 913 APIPermissionSet api_permissions;
917 api_permissions.insert(APIPermission::kTab); 914 api_permissions.insert(APIPermission::kTab);
918 URLPatternSet hosts; 915 URLPatternSet hosts;
919 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*")); 916 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
920 scoped_refptr<const PermissionSet> permissions(new PermissionSet( 917 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,
921 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet())); 918 URLPatternSet());
922 EXPECT_TRUE(PermissionSetProducesMessage( 919 EXPECT_TRUE(PermissionSetProducesMessage(
923 permissions.get(), Manifest::TYPE_EXTENSION, 920 &permissions, Manifest::TYPE_EXTENSION,
924 MakePermissionIDSet(APIPermission::kHostsAll, APIPermission::kTab))); 921 MakePermissionIDSet(APIPermission::kHostsAll, APIPermission::kTab)));
925 } 922 }
926 { 923 {
927 // All sites warning suppresses topSites warning. 924 // All sites warning suppresses topSites warning.
928 APIPermissionSet api_permissions; 925 APIPermissionSet api_permissions;
929 api_permissions.insert(APIPermission::kTopSites); 926 api_permissions.insert(APIPermission::kTopSites);
930 URLPatternSet hosts; 927 URLPatternSet hosts;
931 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*")); 928 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
932 scoped_refptr<const PermissionSet> permissions(new PermissionSet( 929 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,
933 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet())); 930 URLPatternSet());
934 EXPECT_TRUE(PermissionSetProducesMessage( 931 EXPECT_TRUE(PermissionSetProducesMessage(
935 permissions.get(), Manifest::TYPE_EXTENSION, 932 &permissions, Manifest::TYPE_EXTENSION,
936 MakePermissionIDSet(APIPermission::kHostsAll, 933 MakePermissionIDSet(APIPermission::kHostsAll,
937 APIPermission::kTopSites))); 934 APIPermission::kTopSites)));
938 } 935 }
939 { 936 {
940 // All sites warning suppresses declarativeWebRequest warning. 937 // All sites warning suppresses declarativeWebRequest warning.
941 APIPermissionSet api_permissions; 938 APIPermissionSet api_permissions;
942 api_permissions.insert(APIPermission::kDeclarativeWebRequest); 939 api_permissions.insert(APIPermission::kDeclarativeWebRequest);
943 URLPatternSet hosts; 940 URLPatternSet hosts;
944 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*")); 941 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
945 scoped_refptr<const PermissionSet> permissions(new PermissionSet( 942 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,
946 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet())); 943 URLPatternSet());
947 EXPECT_TRUE(PermissionSetProducesMessage( 944 EXPECT_TRUE(PermissionSetProducesMessage(
948 permissions.get(), Manifest::TYPE_EXTENSION, 945 &permissions, Manifest::TYPE_EXTENSION,
949 MakePermissionIDSet(APIPermission::kHostsAll))); 946 MakePermissionIDSet(APIPermission::kHostsAll)));
950 } 947 }
951 { 948 {
952 // BrowsingHistory warning suppresses all history read/write warnings. 949 // BrowsingHistory warning suppresses all history read/write warnings.
953 APIPermissionSet api_permissions; 950 APIPermissionSet api_permissions;
954 api_permissions.insert(APIPermission::kHistory); 951 api_permissions.insert(APIPermission::kHistory);
955 api_permissions.insert(APIPermission::kTab); 952 api_permissions.insert(APIPermission::kTab);
956 api_permissions.insert(APIPermission::kTopSites); 953 api_permissions.insert(APIPermission::kTopSites);
957 api_permissions.insert(APIPermission::kProcesses); 954 api_permissions.insert(APIPermission::kProcesses);
958 api_permissions.insert(APIPermission::kWebNavigation); 955 api_permissions.insert(APIPermission::kWebNavigation);
959 scoped_refptr<const PermissionSet> permissions( 956 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
960 new PermissionSet(api_permissions, ManifestPermissionSet(), 957 URLPatternSet(), URLPatternSet());
961 URLPatternSet(), URLPatternSet())); 958 EXPECT_TRUE(
962 EXPECT_TRUE(PermissionSetProducesMessage( 959 PermissionSetProducesMessage(&permissions, Manifest::TYPE_EXTENSION,
963 permissions.get(), Manifest::TYPE_EXTENSION, 960 MakePermissionIDSet(api_permissions)));
964 MakePermissionIDSet(api_permissions)));
965 } 961 }
966 { 962 {
967 // Tabs warning suppresses all read-only history warnings. 963 // Tabs warning suppresses all read-only history warnings.
968 APIPermissionSet api_permissions; 964 APIPermissionSet api_permissions;
969 api_permissions.insert(APIPermission::kTab); 965 api_permissions.insert(APIPermission::kTab);
970 api_permissions.insert(APIPermission::kTopSites); 966 api_permissions.insert(APIPermission::kTopSites);
971 api_permissions.insert(APIPermission::kProcesses); 967 api_permissions.insert(APIPermission::kProcesses);
972 api_permissions.insert(APIPermission::kWebNavigation); 968 api_permissions.insert(APIPermission::kWebNavigation);
973 scoped_refptr<const PermissionSet> permissions( 969 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
974 new PermissionSet(api_permissions, ManifestPermissionSet(), 970 URLPatternSet(), URLPatternSet());
975 URLPatternSet(), URLPatternSet())); 971 EXPECT_TRUE(
976 EXPECT_TRUE(PermissionSetProducesMessage( 972 PermissionSetProducesMessage(&permissions, Manifest::TYPE_EXTENSION,
977 permissions.get(), Manifest::TYPE_EXTENSION, 973 MakePermissionIDSet(api_permissions)));
978 MakePermissionIDSet(api_permissions)));
979 } 974 }
980 } 975 }
981 976
982 TEST(PermissionsTest, AccessToDevicesMessages) { 977 TEST(PermissionsTest, AccessToDevicesMessages) {
983 { 978 {
984 APIPermissionSet api_permissions; 979 APIPermissionSet api_permissions;
985 api_permissions.insert(APIPermission::kSerial); 980 api_permissions.insert(APIPermission::kSerial);
986 scoped_refptr<const PermissionSet> permissions( 981 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
987 new PermissionSet(api_permissions, ManifestPermissionSet(), 982 URLPatternSet(), URLPatternSet());
988 URLPatternSet(), URLPatternSet()));
989 VerifyOnePermissionMessage( 983 VerifyOnePermissionMessage(
990 permissions.get(), Manifest::TYPE_EXTENSION, 984 &permissions, Manifest::TYPE_EXTENSION,
991 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL)); 985 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));
992 } 986 }
993 { 987 {
994 // Testing that multiple permissions will show the one message. 988 // Testing that multiple permissions will show the one message.
995 APIPermissionSet api_permissions; 989 APIPermissionSet api_permissions;
996 api_permissions.insert(APIPermission::kSerial); 990 api_permissions.insert(APIPermission::kSerial);
997 api_permissions.insert(APIPermission::kSerial); 991 api_permissions.insert(APIPermission::kSerial);
998 scoped_refptr<const PermissionSet> permissions( 992 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
999 new PermissionSet(api_permissions, ManifestPermissionSet(), 993 URLPatternSet(), URLPatternSet());
1000 URLPatternSet(), URLPatternSet()));
1001 VerifyOnePermissionMessage( 994 VerifyOnePermissionMessage(
1002 permissions.get(), Manifest::TYPE_EXTENSION, 995 &permissions, Manifest::TYPE_EXTENSION,
1003 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL)); 996 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));
1004 } 997 }
1005 { 998 {
1006 scoped_refptr<Extension> extension = 999 scoped_refptr<Extension> extension =
1007 LoadManifest("permissions", "access_to_devices_bluetooth.json"); 1000 LoadManifest("permissions", "access_to_devices_bluetooth.json");
1008 PermissionSet* set = const_cast<PermissionSet*>( 1001 PermissionSet* set = const_cast<PermissionSet*>(
1009 extension->permissions_data()->active_permissions().get()); 1002 extension->permissions_data()->active_permissions());
1010 VerifyOnePermissionMessage( 1003 VerifyOnePermissionMessage(
1011 set, extension->GetType(), 1004 set, extension->GetType(),
1012 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH)); 1005 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH));
1013 1006
1014 // Test Bluetooth and Serial 1007 // Test Bluetooth and Serial
1015 set->apis_.insert(APIPermission::kSerial); 1008 set->apis_.insert(APIPermission::kSerial);
1016 VerifyOnePermissionMessage( 1009 VerifyOnePermissionMessage(
1017 set, extension->GetType(), 1010 set, extension->GetType(),
1018 l10n_util::GetStringUTF16( 1011 l10n_util::GetStringUTF16(
1019 IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL)); 1012 IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL));
1020 } 1013 }
1021 } 1014 }
1022 1015
1023 TEST(PermissionsTest, MergedFileSystemPermissionComparison) { 1016 TEST(PermissionsTest, MergedFileSystemPermissionComparison) {
1024 APIPermissionSet write_api_permissions; 1017 APIPermissionSet write_api_permissions;
1025 write_api_permissions.insert(APIPermission::kFileSystemWrite); 1018 write_api_permissions.insert(APIPermission::kFileSystemWrite);
1026 scoped_refptr<const PermissionSet> write_permissions( 1019 PermissionSet write_permissions(write_api_permissions,
1027 new PermissionSet(write_api_permissions, ManifestPermissionSet(), 1020 ManifestPermissionSet(), URLPatternSet(),
1028 URLPatternSet(), URLPatternSet())); 1021 URLPatternSet());
1029 1022
1030 APIPermissionSet directory_api_permissions; 1023 APIPermissionSet directory_api_permissions;
1031 directory_api_permissions.insert(APIPermission::kFileSystemDirectory); 1024 directory_api_permissions.insert(APIPermission::kFileSystemDirectory);
1032 scoped_refptr<const PermissionSet> directory_permissions( 1025 PermissionSet directory_permissions(directory_api_permissions,
1033 new PermissionSet(directory_api_permissions, ManifestPermissionSet(), 1026 ManifestPermissionSet(), URLPatternSet(),
1034 URLPatternSet(), URLPatternSet())); 1027 URLPatternSet());
1035 1028
1036 APIPermissionSet write_directory_api_permissions; 1029 APIPermissionSet write_directory_api_permissions;
1037 write_directory_api_permissions.insert(APIPermission::kFileSystemWrite); 1030 write_directory_api_permissions.insert(APIPermission::kFileSystemWrite);
1038 write_directory_api_permissions.insert(APIPermission::kFileSystemDirectory); 1031 write_directory_api_permissions.insert(APIPermission::kFileSystemDirectory);
1039 scoped_refptr<const PermissionSet> write_directory_permissions( 1032 PermissionSet write_directory_permissions(write_directory_api_permissions,
1040 new PermissionSet(write_directory_api_permissions, 1033 ManifestPermissionSet(),
1041 ManifestPermissionSet(), URLPatternSet(), 1034 URLPatternSet(), URLPatternSet());
1042 URLPatternSet()));
1043 1035
1044 const PermissionMessageProvider* provider = PermissionMessageProvider::Get(); 1036 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
1045 EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(), 1037 EXPECT_FALSE(provider->IsPrivilegeIncrease(&write_directory_permissions,
1046 write_permissions.get(), 1038 &write_permissions,
1047 Manifest::TYPE_PLATFORM_APP)); 1039 Manifest::TYPE_PLATFORM_APP));
1048 EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(), 1040 EXPECT_FALSE(provider->IsPrivilegeIncrease(&write_directory_permissions,
1049 directory_permissions.get(), 1041 &directory_permissions,
1050 Manifest::TYPE_PLATFORM_APP)); 1042 Manifest::TYPE_PLATFORM_APP));
1051 EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(), 1043 EXPECT_TRUE(provider->IsPrivilegeIncrease(
1052 directory_permissions.get(), 1044 &write_permissions, &directory_permissions, Manifest::TYPE_PLATFORM_APP));
1045 EXPECT_TRUE(provider->IsPrivilegeIncrease(&write_permissions,
1046 &write_directory_permissions,
1053 Manifest::TYPE_PLATFORM_APP)); 1047 Manifest::TYPE_PLATFORM_APP));
1054 EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(), 1048 EXPECT_FALSE(provider->IsPrivilegeIncrease(
1055 write_directory_permissions.get(), 1049 &directory_permissions, &write_permissions, Manifest::TYPE_PLATFORM_APP));
1056 Manifest::TYPE_PLATFORM_APP)); 1050 EXPECT_TRUE(provider->IsPrivilegeIncrease(&directory_permissions,
1057 EXPECT_FALSE(provider->IsPrivilegeIncrease(directory_permissions.get(), 1051 &write_directory_permissions,
1058 write_permissions.get(),
1059 Manifest::TYPE_PLATFORM_APP));
1060 EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions.get(),
1061 write_directory_permissions.get(),
1062 Manifest::TYPE_PLATFORM_APP)); 1052 Manifest::TYPE_PLATFORM_APP));
1063 } 1053 }
1064 1054
1065 TEST(PermissionsTest, GetWarningMessages_ManyHosts) { 1055 TEST(PermissionsTest, GetWarningMessages_ManyHosts) {
1066 scoped_refptr<Extension> extension; 1056 scoped_refptr<Extension> extension;
1067 extension = LoadManifest("permissions", "many-hosts.json"); 1057 extension = LoadManifest("permissions", "many-hosts.json");
1068 EXPECT_TRUE(VerifyOnePermissionMessage( 1058 EXPECT_TRUE(VerifyOnePermissionMessage(
1069 extension->permissions_data(), 1059 extension->permissions_data(),
1070 "Read and change your data on encrypted.google.com and www.google.com")); 1060 "Read and change your data on encrypted.google.com and www.google.com"));
1071 } 1061 }
(...skipping 16 matching lines...) Expand all
1088 TEST(PermissionsTest, GetWarningMessages_AudioVideo) { 1078 TEST(PermissionsTest, GetWarningMessages_AudioVideo) {
1089 const std::string kAudio("Use your microphone"); 1079 const std::string kAudio("Use your microphone");
1090 const std::string kVideo("Use your camera"); 1080 const std::string kVideo("Use your camera");
1091 const std::string kBoth("Use your microphone and camera"); 1081 const std::string kBoth("Use your microphone and camera");
1092 1082
1093 // Both audio and video present. 1083 // Both audio and video present.
1094 scoped_refptr<Extension> extension = 1084 scoped_refptr<Extension> extension =
1095 LoadManifest("permissions", "audio-video.json"); 1085 LoadManifest("permissions", "audio-video.json");
1096 const PermissionMessageProvider* provider = PermissionMessageProvider::Get(); 1086 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
1097 PermissionSet* set = const_cast<PermissionSet*>( 1087 PermissionSet* set = const_cast<PermissionSet*>(
1098 extension->permissions_data()->active_permissions().get()); 1088 extension->permissions_data()->active_permissions());
1099 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kAudio)); 1089 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kAudio));
1100 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kVideo)); 1090 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kVideo));
1101 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(), kBoth)); 1091 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(), kBoth));
1102 PermissionMessages warnings = provider->GetPermissionMessages( 1092 PermissionMessages warnings = provider->GetPermissionMessages(
1103 provider->GetAllPermissionIDs(set, extension->GetType())); 1093 provider->GetAllPermissionIDs(set, extension->GetType()));
1104 size_t combined_index = IndexOf(warnings, kBoth); 1094 size_t combined_index = IndexOf(warnings, kBoth);
1105 size_t combined_size = warnings.size(); 1095 size_t combined_size = warnings.size();
1106 1096
1107 // Just audio present. 1097 // Just audio present.
1108 set->apis_.erase(APIPermission::kVideoCapture); 1098 set->apis_.erase(APIPermission::kVideoCapture);
(...skipping 18 matching lines...) Expand all
1127 } 1117 }
1128 1118
1129 TEST(PermissionsTest, GetWarningMessages_CombinedSessions) { 1119 TEST(PermissionsTest, GetWarningMessages_CombinedSessions) {
1130 { 1120 {
1131 APIPermissionSet api_permissions; 1121 APIPermissionSet api_permissions;
1132 api_permissions.insert(APIPermission::kTab); 1122 api_permissions.insert(APIPermission::kTab);
1133 api_permissions.insert(APIPermission::kTopSites); 1123 api_permissions.insert(APIPermission::kTopSites);
1134 api_permissions.insert(APIPermission::kProcesses); 1124 api_permissions.insert(APIPermission::kProcesses);
1135 api_permissions.insert(APIPermission::kWebNavigation); 1125 api_permissions.insert(APIPermission::kWebNavigation);
1136 api_permissions.insert(APIPermission::kSessions); 1126 api_permissions.insert(APIPermission::kSessions);
1137 scoped_refptr<const PermissionSet> permissions( 1127 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
1138 new PermissionSet(api_permissions, ManifestPermissionSet(), 1128 URLPatternSet(), URLPatternSet());
1139 URLPatternSet(), URLPatternSet()));
1140 EXPECT_TRUE(VerifyOnePermissionMessage( 1129 EXPECT_TRUE(VerifyOnePermissionMessage(
1141 permissions.get(), Manifest::TYPE_EXTENSION, 1130 &permissions, Manifest::TYPE_EXTENSION,
1142 l10n_util::GetStringUTF16( 1131 l10n_util::GetStringUTF16(
1143 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS))); 1132 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS)));
1144 } 1133 }
1145 { 1134 {
1146 APIPermissionSet api_permissions; 1135 APIPermissionSet api_permissions;
1147 api_permissions.insert(APIPermission::kHistory); 1136 api_permissions.insert(APIPermission::kHistory);
1148 api_permissions.insert(APIPermission::kTab); 1137 api_permissions.insert(APIPermission::kTab);
1149 api_permissions.insert(APIPermission::kTopSites); 1138 api_permissions.insert(APIPermission::kTopSites);
1150 api_permissions.insert(APIPermission::kProcesses); 1139 api_permissions.insert(APIPermission::kProcesses);
1151 api_permissions.insert(APIPermission::kWebNavigation); 1140 api_permissions.insert(APIPermission::kWebNavigation);
1152 api_permissions.insert(APIPermission::kSessions); 1141 api_permissions.insert(APIPermission::kSessions);
1153 scoped_refptr<const PermissionSet> permissions( 1142 PermissionSet permissions(api_permissions, ManifestPermissionSet(),
1154 new PermissionSet(api_permissions, ManifestPermissionSet(), 1143 URLPatternSet(), URLPatternSet());
1155 URLPatternSet(), URLPatternSet()));
1156 EXPECT_TRUE(VerifyOnePermissionMessage( 1144 EXPECT_TRUE(VerifyOnePermissionMessage(
1157 permissions.get(), Manifest::TYPE_EXTENSION, 1145 &permissions, Manifest::TYPE_EXTENSION,
1158 l10n_util::GetStringUTF16( 1146 l10n_util::GetStringUTF16(
1159 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS))); 1147 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS)));
1160 } 1148 }
1161 } 1149 }
1162 1150
1163 TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) { 1151 TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {
1164 // Test that if the declarativeWebRequest permission is present 1152 // Test that if the declarativeWebRequest permission is present
1165 // in combination with all hosts permission, then only the warning 1153 // in combination with all hosts permission, then only the warning
1166 // for host permissions is shown, because that covers the use of 1154 // for host permissions is shown, because that covers the use of
1167 // declarativeWebRequest. 1155 // declarativeWebRequest.
1168 1156
1169 // Until Declarative Web Request is in stable, let's make sure it is enabled 1157 // Until Declarative Web Request is in stable, let's make sure it is enabled
1170 // on the current channel. 1158 // on the current channel.
1171 ScopedCurrentChannel sc(version_info::Channel::CANARY); 1159 ScopedCurrentChannel sc(version_info::Channel::CANARY);
1172 1160
1173 // First verify that declarativeWebRequest produces a message when host 1161 // First verify that declarativeWebRequest produces a message when host
1174 // permissions do not cover all hosts. 1162 // permissions do not cover all hosts.
1175 scoped_refptr<Extension> extension = 1163 scoped_refptr<Extension> extension =
1176 LoadManifest("permissions", "web_request_not_all_host_permissions.json"); 1164 LoadManifest("permissions", "web_request_not_all_host_permissions.json");
1177 const PermissionSet* set = 1165 const PermissionSet* set =
1178 extension->permissions_data()->active_permissions().get(); 1166 extension->permissions_data()->active_permissions();
1179 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(), 1167 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(),
1180 "Block parts of web pages")); 1168 "Block parts of web pages"));
1181 EXPECT_FALSE(VerifyHasPermissionMessage( 1169 EXPECT_FALSE(VerifyHasPermissionMessage(
1182 set, extension->GetType(), 1170 set, extension->GetType(),
1183 "Read and change all your data on the websites you visit")); 1171 "Read and change all your data on the websites you visit"));
1184 1172
1185 // Now verify that declarativeWebRequest does not produce a message when host 1173 // Now verify that declarativeWebRequest does not produce a message when host
1186 // permissions do cover all hosts. 1174 // permissions do cover all hosts.
1187 extension = 1175 extension =
1188 LoadManifest("permissions", "web_request_all_host_permissions.json"); 1176 LoadManifest("permissions", "web_request_all_host_permissions.json");
1189 set = extension->permissions_data()->active_permissions().get(); 1177 set = extension->permissions_data()->active_permissions();
1190 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), 1178 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(),
1191 "Block parts of web pages")); 1179 "Block parts of web pages"));
1192 EXPECT_TRUE(VerifyHasPermissionMessage( 1180 EXPECT_TRUE(VerifyHasPermissionMessage(
1193 set, extension->GetType(), 1181 set, extension->GetType(),
1194 "Read and change all your data on the websites you visit")); 1182 "Read and change all your data on the websites you visit"));
1195 } 1183 }
1196 1184
1197 TEST(PermissionsTest, GetWarningMessages_Serial) { 1185 TEST(PermissionsTest, GetWarningMessages_Serial) {
1198 scoped_refptr<Extension> extension = 1186 scoped_refptr<Extension> extension =
1199 LoadManifest("permissions", "serial.json"); 1187 LoadManifest("permissions", "serial.json");
(...skipping 241 matching lines...) Expand 10 before | Expand all | Expand 10 after
1441 expected.clear(); 1429 expected.clear();
1442 1430
1443 explicit_hosts.AddPattern( 1431 explicit_hosts.AddPattern(
1444 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com/*")); 1432 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com/*"));
1445 scriptable_hosts.AddPattern( 1433 scriptable_hosts.AddPattern(
1446 URLPattern(URLPattern::SCHEME_HTTP, "http://*.example.com/*")); 1434 URLPattern(URLPattern::SCHEME_HTTP, "http://*.example.com/*"));
1447 1435
1448 expected.insert("*.google.com"); 1436 expected.insert("*.google.com");
1449 expected.insert("*.example.com"); 1437 expected.insert("*.example.com");
1450 1438
1451 scoped_refptr<const PermissionSet> perm_set( 1439 PermissionSet perm_set(empty_perms, ManifestPermissionSet(), explicit_hosts,
1452 new PermissionSet(empty_perms, ManifestPermissionSet(), explicit_hosts, 1440 scriptable_hosts);
1453 scriptable_hosts)); 1441 EXPECT_EQ(expected, permission_message_util::GetDistinctHosts(
1454 EXPECT_EQ(expected, 1442 perm_set.effective_hosts(), true, true));
1455 permission_message_util::GetDistinctHosts(
1456 perm_set->effective_hosts(), true, true));
1457 } 1443 }
1458 1444
1459 { 1445 {
1460 // We don't display warnings for file URLs because they are off by default. 1446 // We don't display warnings for file URLs because they are off by default.
1461 SCOPED_TRACE("file urls"); 1447 SCOPED_TRACE("file urls");
1462 1448
1463 explicit_hosts.ClearPatterns(); 1449 explicit_hosts.ClearPatterns();
1464 expected.clear(); 1450 expected.clear();
1465 1451
1466 explicit_hosts.AddPattern( 1452 explicit_hosts.AddPattern(
(...skipping 88 matching lines...) Expand 10 before | Expand all | Expand 10 after
1555 } 1541 }
1556 1542
1557 TEST(PermissionsTest, IsHostPrivilegeIncrease) { 1543 TEST(PermissionsTest, IsHostPrivilegeIncrease) {
1558 Manifest::Type type = Manifest::TYPE_EXTENSION; 1544 Manifest::Type type = Manifest::TYPE_EXTENSION;
1559 const PermissionMessageProvider* provider = PermissionMessageProvider::Get(); 1545 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
1560 ManifestPermissionSet empty_manifest_permissions; 1546 ManifestPermissionSet empty_manifest_permissions;
1561 URLPatternSet elist1; 1547 URLPatternSet elist1;
1562 URLPatternSet elist2; 1548 URLPatternSet elist2;
1563 URLPatternSet slist1; 1549 URLPatternSet slist1;
1564 URLPatternSet slist2; 1550 URLPatternSet slist2;
1565 scoped_refptr<const PermissionSet> set1; 1551 scoped_ptr<const PermissionSet> set1;
1566 scoped_refptr<const PermissionSet> set2; 1552 scoped_ptr<const PermissionSet> set2;
1567 APIPermissionSet empty_perms; 1553 APIPermissionSet empty_perms;
1568 elist1.AddPattern( 1554 elist1.AddPattern(
1569 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); 1555 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
1570 elist1.AddPattern( 1556 elist1.AddPattern(
1571 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path")); 1557 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
1572 1558
1573 // Test that the host order does not matter. 1559 // Test that the host order does not matter.
1574 elist2.AddPattern( 1560 elist2.AddPattern(
1575 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path")); 1561 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
1576 elist2.AddPattern( 1562 elist2.AddPattern(
1577 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path")); 1563 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
1578 1564
1579 set1 = new PermissionSet(empty_perms, empty_manifest_permissions, 1565 set1.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist1,
1580 elist1, slist1); 1566 slist1));
1581 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1567 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1582 elist2, slist2); 1568 slist2));
1583 1569
1584 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1570 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1585 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1571 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1586 1572
1587 // Test that paths are ignored. 1573 // Test that paths are ignored.
1588 elist2.ClearPatterns(); 1574 elist2.ClearPatterns();
1589 elist2.AddPattern( 1575 elist2.AddPattern(
1590 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*")); 1576 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));
1591 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1577 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1592 elist2, slist2); 1578 slist2));
1593 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1579 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1594 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1580 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1595 1581
1596 // Test that RCDs are ignored. 1582 // Test that RCDs are ignored.
1597 elist2.ClearPatterns(); 1583 elist2.ClearPatterns();
1598 elist2.AddPattern( 1584 elist2.AddPattern(
1599 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*")); 1585 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));
1600 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1586 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1601 elist2, slist2); 1587 slist2));
1602 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1588 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1603 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1589 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1604 1590
1605 // Test that subdomain wildcards are handled properly. 1591 // Test that subdomain wildcards are handled properly.
1606 elist2.ClearPatterns(); 1592 elist2.ClearPatterns();
1607 elist2.AddPattern( 1593 elist2.AddPattern(
1608 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*")); 1594 URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*"));
1609 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1595 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1610 elist2, slist2); 1596 slist2));
1611 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1597 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1612 // TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337 1598 // TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337
1613 // EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type)); 1599 // EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
1614 1600
1615 // Test that different domains count as different hosts. 1601 // Test that different domains count as different hosts.
1616 elist2.ClearPatterns(); 1602 elist2.ClearPatterns();
1617 elist2.AddPattern( 1603 elist2.AddPattern(
1618 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path")); 1604 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
1619 elist2.AddPattern( 1605 elist2.AddPattern(
1620 URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path")); 1606 URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));
1621 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1607 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1622 elist2, slist2); 1608 slist2));
1623 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1609 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1624 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1610 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1625 1611
1626 // Test that different subdomains count as different hosts. 1612 // Test that different subdomains count as different hosts.
1627 elist2.ClearPatterns(); 1613 elist2.ClearPatterns();
1628 elist2.AddPattern( 1614 elist2.AddPattern(
1629 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*")); 1615 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
1630 set2 = new PermissionSet(empty_perms, empty_manifest_permissions, 1616 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,
1631 elist2, slist2); 1617 slist2));
1632 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1618 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1633 EXPECT_TRUE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1619 EXPECT_TRUE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1634 1620
1635 // Test that platform apps do not have host permissions increases. 1621 // Test that platform apps do not have host permissions increases.
1636 type = Manifest::TYPE_PLATFORM_APP; 1622 type = Manifest::TYPE_PLATFORM_APP;
1637 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type)); 1623 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
1638 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type)); 1624 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
1639 } 1625 }
1640 1626
1641 TEST(PermissionsTest, GetAPIsAsStrings) { 1627 TEST(PermissionsTest, GetAPIsAsStrings) {
1642 APIPermissionSet apis; 1628 APIPermissionSet apis;
1643 URLPatternSet empty_set; 1629 URLPatternSet empty_set;
1644 1630
1645 apis.insert(APIPermission::kProxy); 1631 apis.insert(APIPermission::kProxy);
1646 apis.insert(APIPermission::kBackground); 1632 apis.insert(APIPermission::kBackground);
1647 apis.insert(APIPermission::kNotifications); 1633 apis.insert(APIPermission::kNotifications);
1648 apis.insert(APIPermission::kTab); 1634 apis.insert(APIPermission::kTab);
1649 1635
1650 scoped_refptr<const PermissionSet> perm_set = 1636 PermissionSet perm_set(apis, ManifestPermissionSet(), empty_set, empty_set);
1651 new PermissionSet(apis, ManifestPermissionSet(), empty_set, empty_set); 1637 std::set<std::string> api_names = perm_set.GetAPIsAsStrings();
1652 std::set<std::string> api_names = perm_set->GetAPIsAsStrings();
1653 1638
1654 // The result is correct if it has the same number of elements 1639 // The result is correct if it has the same number of elements
1655 // and we can convert it back to the id set. 1640 // and we can convert it back to the id set.
1656 EXPECT_EQ(4u, api_names.size()); 1641 EXPECT_EQ(4u, api_names.size());
1657 EXPECT_EQ(apis, 1642 EXPECT_EQ(apis,
1658 PermissionsInfo::GetInstance()->GetAllByName(api_names)); 1643 PermissionsInfo::GetInstance()->GetAllByName(api_names));
1659 } 1644 }
1660 1645
1661 TEST(PermissionsTest, IsEmpty) { 1646 TEST(PermissionsTest, IsEmpty) {
1662 APIPermissionSet empty_apis; 1647 APIPermissionSet empty_apis;
1663 URLPatternSet empty_extent; 1648 URLPatternSet empty_extent;
1664 1649
1665 scoped_refptr<const PermissionSet> empty = new PermissionSet(); 1650 scoped_ptr<const PermissionSet> empty(new PermissionSet());
1666 EXPECT_TRUE(empty->IsEmpty()); 1651 EXPECT_TRUE(empty->IsEmpty());
1667 scoped_refptr<const PermissionSet> perm_set; 1652 scoped_ptr<const PermissionSet> perm_set;
1668 1653
1669 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(), 1654 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),
1670 empty_extent, empty_extent); 1655 empty_extent, empty_extent));
1671 EXPECT_TRUE(perm_set->IsEmpty()); 1656 EXPECT_TRUE(perm_set->IsEmpty());
1672 1657
1673 APIPermissionSet non_empty_apis; 1658 APIPermissionSet non_empty_apis;
1674 non_empty_apis.insert(APIPermission::kBackground); 1659 non_empty_apis.insert(APIPermission::kBackground);
1675 perm_set = new PermissionSet(non_empty_apis, ManifestPermissionSet(), 1660 perm_set.reset(new PermissionSet(non_empty_apis, ManifestPermissionSet(),
1676 empty_extent, empty_extent); 1661 empty_extent, empty_extent));
1677 EXPECT_FALSE(perm_set->IsEmpty()); 1662 EXPECT_FALSE(perm_set->IsEmpty());
1678 1663
1679 // Try non standard host 1664 // Try non standard host
1680 URLPatternSet non_empty_extent; 1665 URLPatternSet non_empty_extent;
1681 AddPattern(&non_empty_extent, "http://www.google.com/*"); 1666 AddPattern(&non_empty_extent, "http://www.google.com/*");
1682 1667
1683 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(), 1668 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),
1684 non_empty_extent, empty_extent); 1669 non_empty_extent, empty_extent));
1685 EXPECT_FALSE(perm_set->IsEmpty()); 1670 EXPECT_FALSE(perm_set->IsEmpty());
1686 1671
1687 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(), 1672 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),
1688 empty_extent, non_empty_extent); 1673 empty_extent, non_empty_extent));
1689 EXPECT_FALSE(perm_set->IsEmpty()); 1674 EXPECT_FALSE(perm_set->IsEmpty());
1690 } 1675 }
1691 1676
1692 TEST(PermissionsTest, ImpliedPermissions) { 1677 TEST(PermissionsTest, ImpliedPermissions) {
1693 URLPatternSet empty_extent; 1678 URLPatternSet empty_extent;
1694 APIPermissionSet apis; 1679 APIPermissionSet apis;
1695 apis.insert(APIPermission::kFileBrowserHandler); 1680 apis.insert(APIPermission::kFileBrowserHandler);
1696 EXPECT_EQ(1U, apis.size()); 1681 EXPECT_EQ(1U, apis.size());
1697 1682
1698 scoped_refptr<const PermissionSet> perm_set; 1683 PermissionSet perm_set(apis, ManifestPermissionSet(), empty_extent,
1699 perm_set = new PermissionSet(apis, ManifestPermissionSet(), 1684 empty_extent);
1700 empty_extent, empty_extent); 1685 EXPECT_EQ(2U, perm_set.apis().size());
1701 EXPECT_EQ(2U, perm_set->apis().size());
1702 } 1686 }
1703 1687
1704 TEST(PermissionsTest, SyncFileSystemPermission) { 1688 TEST(PermissionsTest, SyncFileSystemPermission) {
1705 scoped_refptr<Extension> extension = LoadManifest( 1689 scoped_refptr<Extension> extension = LoadManifest(
1706 "permissions", "sync_file_system.json"); 1690 "permissions", "sync_file_system.json");
1707 APIPermissionSet apis; 1691 APIPermissionSet apis;
1708 apis.insert(APIPermission::kSyncFileSystem); 1692 apis.insert(APIPermission::kSyncFileSystem);
1709 EXPECT_TRUE(extension->is_platform_app()); 1693 EXPECT_TRUE(extension->is_platform_app());
1710 EXPECT_TRUE(extension->permissions_data()->HasAPIPermission( 1694 EXPECT_TRUE(extension->permissions_data()->HasAPIPermission(
1711 APIPermission::kSyncFileSystem)); 1695 APIPermission::kSyncFileSystem));
1712 EXPECT_TRUE( 1696 EXPECT_TRUE(
1713 VerifyOnePermissionMessage(extension->permissions_data(), 1697 VerifyOnePermissionMessage(extension->permissions_data(),
1714 "Store data in your Google Drive account")); 1698 "Store data in your Google Drive account"));
1715 } 1699 }
1716 1700
1717 // Make sure that we don't crash when we're trying to show the permissions 1701 // Make sure that we don't crash when we're trying to show the permissions
1718 // even though chrome://thumb (and everything that's not chrome://favicon with 1702 // even though chrome://thumb (and everything that's not chrome://favicon with
1719 // a chrome:// scheme) is not a valid permission. 1703 // a chrome:// scheme) is not a valid permission.
1720 // More details here: crbug/246314. 1704 // More details here: crbug/246314.
1721 TEST(PermissionsTest, ChromeURLs) { 1705 TEST(PermissionsTest, ChromeURLs) {
1722 URLPatternSet allowed_hosts; 1706 URLPatternSet allowed_hosts;
1723 allowed_hosts.AddPattern( 1707 allowed_hosts.AddPattern(
1724 URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/")); 1708 URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/"));
1725 allowed_hosts.AddPattern( 1709 allowed_hosts.AddPattern(
1726 URLPattern(URLPattern::SCHEME_ALL, "chrome://favicon/")); 1710 URLPattern(URLPattern::SCHEME_ALL, "chrome://favicon/"));
1727 allowed_hosts.AddPattern( 1711 allowed_hosts.AddPattern(
1728 URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/")); 1712 URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/"));
1729 scoped_refptr<const PermissionSet> permissions( 1713 PermissionSet permissions(APIPermissionSet(), ManifestPermissionSet(),
1730 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(), 1714 allowed_hosts, URLPatternSet());
1731 allowed_hosts, URLPatternSet()));
1732 PermissionMessageProvider::Get()->GetPermissionMessages( 1715 PermissionMessageProvider::Get()->GetPermissionMessages(
1733 PermissionMessageProvider::Get()->GetAllPermissionIDs( 1716 PermissionMessageProvider::Get()->GetAllPermissionIDs(
1734 permissions.get(), Manifest::TYPE_EXTENSION)); 1717 &permissions, Manifest::TYPE_EXTENSION));
1735 } 1718 }
1736 1719
1737 TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) { 1720 TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {
1738 scoped_refptr<Extension> extension( 1721 scoped_refptr<Extension> extension(
1739 LoadManifest("permissions", "permissions_all_urls.json")); 1722 LoadManifest("permissions", "permissions_all_urls.json"));
1740 scoped_refptr<const PermissionSet> permissions( 1723 const PermissionSet* permissions =
1741 extension->permissions_data()->active_permissions()); 1724 extension->permissions_data()->active_permissions();
1742 1725
1743 scoped_refptr<Extension> extension_dwr( 1726 scoped_refptr<Extension> extension_dwr(
1744 LoadManifest("permissions", "web_request_all_host_permissions.json")); 1727 LoadManifest("permissions", "web_request_all_host_permissions.json"));
1745 scoped_refptr<const PermissionSet> permissions_dwr( 1728 const PermissionSet* permissions_dwr =
1746 extension_dwr->permissions_data()->active_permissions()); 1729 extension_dwr->permissions_data()->active_permissions();
1747 1730
1748 EXPECT_FALSE(PermissionMessageProvider::Get()-> 1731 EXPECT_FALSE(PermissionMessageProvider::Get()->IsPrivilegeIncrease(
1749 IsPrivilegeIncrease(permissions.get(), 1732 permissions, permissions_dwr, extension->GetType()));
1750 permissions_dwr.get(),
1751 extension->GetType()));
1752 } 1733 }
1753 1734
1754 } // namespace extensions 1735 } // namespace extensions
OLDNEW
« no previous file with comments | « chrome/common/extensions/permissions/chrome_permission_message_provider_unittest.cc ('k') | chrome/common/extensions/permissions/permissions_data_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698