chrome/common/extensions/permissions/permission_set_unittest.cc - Issue 1349613003: [Extensions] Un-refcount PermissionSet

Side by Side Diff: chrome/common/extensions/permissions/permission_set_unittest.cc

Issue 1349613003: [Extensions] Un-refcount PermissionSet (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 5 years, 3 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/extensions/api/permissions/permissions_api_helpers.h ('K') | « chrome/common/extensions/permissions/chrome_permission_message_provider_unittest.cc ('k') | chrome/common/extensions/permissions/permissions_data_unittest.cc » ('j') | extensions/browser/extension_prefs.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "base/command_line.h"	5 #include "base/command_line.h"

6 #include "base/json/json_file_value_serializer.h"	6 #include "base/json/json_file_value_serializer.h"

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/strings/string_number_conversions.h"	8 #include "base/strings/string_number_conversions.h"

9 #include "base/strings/stringprintf.h"	9 #include "base/strings/stringprintf.h"

10 #include "base/strings/utf_string_conversions.h"	10 #include "base/strings/utf_string_conversions.h"

(...skipping 170 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
181 EXPECT_EQ(storage_name, info->GetByID(	181 EXPECT_EQ(storage_name, info->GetByID(

182 APIPermission::kUnlimitedStorage)->name());	182 APIPermission::kUnlimitedStorage)->name());

183 EXPECT_EQ(APIPermission::kUnlimitedStorage,	183 EXPECT_EQ(APIPermission::kUnlimitedStorage,

184 info->GetByName("unlimitedStorage")->id());	184 info->GetByName("unlimitedStorage")->id());

185 EXPECT_EQ(APIPermission::kUnlimitedStorage,	185 EXPECT_EQ(APIPermission::kUnlimitedStorage,

186 info->GetByName("unlimited_storage")->id());	186 info->GetByName("unlimited_storage")->id());

187 }	187 }

188	188

189 TEST(PermissionsTest, EffectiveHostPermissions) {	189 TEST(PermissionsTest, EffectiveHostPermissions) {

190 scoped_refptr<Extension> extension;	190 scoped_refptr<Extension> extension;

191 scoped_refptr<const PermissionSet> permissions;

192	191

193 extension = LoadManifest("effective_host_permissions", "empty.json");	192 extension = LoadManifest("effective_host_permissions", "empty.json");

194 permissions = extension->permissions_data()->active_permissions();	193 const PermissionSet* permissions =

	194 extension->permissions_data()->active_permissions();

195 EXPECT_EQ(0u,	195 EXPECT_EQ(0u,

196 extension->permissions_data()	196 extension->permissions_data()

197 ->GetEffectiveHostPermissions()	197 ->GetEffectiveHostPermissions()

198 .patterns()	198 .patterns()

199 .size());	199 .size());

200 EXPECT_FALSE(	200 EXPECT_FALSE(

201 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com")));	201 permissions->HasEffectiveAccessToURL(GURL("http://www.google.com")));

202 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts());	202 EXPECT_FALSE(permissions->HasEffectiveAccessToAllHosts());

203	203

204 extension = LoadManifest("effective_host_permissions", "one_host.json");	204 extension = LoadManifest("effective_host_permissions", "one_host.json");

(...skipping 64 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
269 TEST(PermissionsTest, ExplicitAccessToOrigin) {	269 TEST(PermissionsTest, ExplicitAccessToOrigin) {

270 APIPermissionSet apis;	270 APIPermissionSet apis;

271 ManifestPermissionSet manifest_permissions;	271 ManifestPermissionSet manifest_permissions;

272 URLPatternSet explicit_hosts;	272 URLPatternSet explicit_hosts;

273 URLPatternSet scriptable_hosts;	273 URLPatternSet scriptable_hosts;

274	274

275 AddPattern(&explicit_hosts, "http://.google.com/");	275 AddPattern(&explicit_hosts, "http://.google.com/");

276 // The explicit host paths should get set to /*.	276 // The explicit host paths should get set to /*.

277 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*");	277 AddPattern(&explicit_hosts, "http://www.example.com/a/particular/path/*");

278	278

279 scoped_refptr<const PermissionSet> perm_set = new PermissionSet(	279 PermissionSet perm_set(apis, manifest_permissions, explicit_hosts,

280 apis, manifest_permissions, explicit_hosts, scriptable_hosts);	280 scriptable_hosts);

281 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(	281 ASSERT_TRUE(

282 GURL("http://www.google.com/")));	282 perm_set.HasExplicitAccessToOrigin(GURL("http://www.google.com/")));

283 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(	283 ASSERT_TRUE(

284 GURL("http://test.google.com/")));	284 perm_set.HasExplicitAccessToOrigin(GURL("http://test.google.com/")));

285 ASSERT_TRUE(perm_set->HasExplicitAccessToOrigin(	285 ASSERT_TRUE(

286 GURL("http://www.example.com")));	286 perm_set.HasExplicitAccessToOrigin(GURL("http://www.example.com")));

287 ASSERT_TRUE(perm_set->HasEffectiveAccessToURL(	287 ASSERT_TRUE(perm_set.HasEffectiveAccessToURL(GURL("http://www.example.com")));

288 GURL("http://www.example.com")));	288 ASSERT_FALSE(

289 ASSERT_FALSE(perm_set->HasExplicitAccessToOrigin(	289 perm_set.HasExplicitAccessToOrigin(GURL("http://test.example.com")));

290 GURL("http://test.example.com")));

291 }	290 }

292	291

293 TEST(PermissionsTest, CreateUnion) {	292 TEST(PermissionsTest, CreateUnion) {

294 APIPermission* permission = NULL;	293 APIPermission* permission = NULL;

295	294

296 ManifestPermissionSet manifest_permissions;	295 ManifestPermissionSet manifest_permissions;

297 APIPermissionSet apis1;	296 APIPermissionSet apis1;

298 APIPermissionSet apis2;	297 APIPermissionSet apis2;

299 APIPermissionSet expected_apis;	298 APIPermissionSet expected_apis;

300	299

301 URLPatternSet explicit_hosts1;	300 URLPatternSet explicit_hosts1;

302 URLPatternSet explicit_hosts2;	301 URLPatternSet explicit_hosts2;

303 URLPatternSet expected_explicit_hosts;	302 URLPatternSet expected_explicit_hosts;

304	303

305 URLPatternSet scriptable_hosts1;	304 URLPatternSet scriptable_hosts1;

306 URLPatternSet scriptable_hosts2;	305 URLPatternSet scriptable_hosts2;

307 URLPatternSet expected_scriptable_hosts;	306 URLPatternSet expected_scriptable_hosts;

308	307

309 URLPatternSet effective_hosts;	308 URLPatternSet effective_hosts;

310	309

311 scoped_refptr<const PermissionSet> set1;	310 scoped_ptr<const PermissionSet> set1;

312 scoped_refptr<const PermissionSet> set2;	311 scoped_ptr<const PermissionSet> set2;

313 scoped_refptr<const PermissionSet> union_set;	312 scoped_ptr<const PermissionSet> union_set;

314	313

315 const APIPermissionInfo* permission_info =	314 const APIPermissionInfo* permission_info =

316 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);	315 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);

317 permission = permission_info->CreateAPIPermission();	316 permission = permission_info->CreateAPIPermission();

318 {	317 {

319 scoped_ptr<base::ListValue> value(new base::ListValue());	318 scoped_ptr<base::ListValue> value(new base::ListValue());

320 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));	319 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));

321 value->Append(new base::StringValue("udp-bind::8080"));	320 value->Append(new base::StringValue("udp-bind::8080"));

322 value->Append(new base::StringValue("udp-send-to::8888"));	321 value->Append(new base::StringValue("udp-send-to::8888"));

323 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));	322 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));

324 }	323 }

325	324

326 // Union with an empty set.	325 // Union with an empty set.

327 apis1.insert(APIPermission::kTab);	326 apis1.insert(APIPermission::kTab);

328 apis1.insert(APIPermission::kBackground);	327 apis1.insert(APIPermission::kBackground);

329 apis1.insert(permission->Clone());	328 apis1.insert(permission->Clone());

330 expected_apis.insert(APIPermission::kTab);	329 expected_apis.insert(APIPermission::kTab);

331 expected_apis.insert(APIPermission::kBackground);	330 expected_apis.insert(APIPermission::kBackground);

332 expected_apis.insert(permission);	331 expected_apis.insert(permission);

333	332

334 AddPattern(&explicit_hosts1, "http://.google.com/");	333 AddPattern(&explicit_hosts1, "http://.google.com/");

335 AddPattern(&expected_explicit_hosts, "http://.google.com/");	334 AddPattern(&expected_explicit_hosts, "http://.google.com/");

336 AddPattern(&effective_hosts, "http://.google.com/");	335 AddPattern(&effective_hosts, "http://.google.com/");

337	336

338 set1 = new PermissionSet(apis1, manifest_permissions,	337 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,

339 explicit_hosts1, scriptable_hosts1);	338 scriptable_hosts1));

340 set2 = new PermissionSet(apis2, manifest_permissions,	339 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

341 explicit_hosts2, scriptable_hosts2);	340 scriptable_hosts2));

342 union_set = PermissionSet::CreateUnion(set1, set2);	341 union_set = PermissionSet::CreateUnion(set1, set2);

343 EXPECT_TRUE(set1->Contains(*set2.get()));	342 EXPECT_TRUE(set1->Contains(*set2.get()));

344 EXPECT_TRUE(set1->Contains(*union_set.get()));	343 EXPECT_TRUE(set1->Contains(*union_set.get()));

345 EXPECT_FALSE(set2->Contains(*set1.get()));	344 EXPECT_FALSE(set2->Contains(*set1.get()));

346 EXPECT_FALSE(set2->Contains(*union_set.get()));	345 EXPECT_FALSE(set2->Contains(*union_set.get()));

347 EXPECT_TRUE(union_set->Contains(*set1.get()));	346 EXPECT_TRUE(union_set->Contains(*set1.get()));

348 EXPECT_TRUE(union_set->Contains(*set2.get()));	347 EXPECT_TRUE(union_set->Contains(*set2.get()));

349	348

350 EXPECT_FALSE(union_set->HasEffectiveFullAccess());	349 EXPECT_FALSE(union_set->HasEffectiveFullAccess());

351 EXPECT_EQ(expected_apis, union_set->apis());	350 EXPECT_EQ(expected_apis, union_set->apis());

(...skipping 34 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
386 expected_apis.insert(permission);	385 expected_apis.insert(permission);

387	386

388 AddPattern(&explicit_hosts2, "http://.example.com/");	387 AddPattern(&explicit_hosts2, "http://.example.com/");

389 AddPattern(&scriptable_hosts2, "http://.google.com/");	388 AddPattern(&scriptable_hosts2, "http://.google.com/");

390 AddPattern(&expected_explicit_hosts, "http://.example.com/");	389 AddPattern(&expected_explicit_hosts, "http://.example.com/");

391 AddPattern(&expected_scriptable_hosts, "http://.google.com/");	390 AddPattern(&expected_scriptable_hosts, "http://.google.com/");

392	391

393 effective_hosts =	392 effective_hosts =

394 URLPatternSet::CreateUnion(explicit_hosts2, scriptable_hosts2);	393 URLPatternSet::CreateUnion(explicit_hosts2, scriptable_hosts2);

395	394

396 set2 = new PermissionSet(apis2, manifest_permissions,	395 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

397 explicit_hosts2, scriptable_hosts2);	396 scriptable_hosts2));

398 union_set = PermissionSet::CreateUnion(set1, set2);	397 union_set = PermissionSet::CreateUnion(set1, set2);

399	398

400 EXPECT_FALSE(set1->Contains(*set2.get()));	399 EXPECT_FALSE(set1->Contains(*set2.get()));

401 EXPECT_FALSE(set1->Contains(*union_set.get()));	400 EXPECT_FALSE(set1->Contains(*union_set.get()));

402 EXPECT_FALSE(set2->Contains(*set1.get()));	401 EXPECT_FALSE(set2->Contains(*set1.get()));

403 EXPECT_FALSE(set2->Contains(*union_set.get()));	402 EXPECT_FALSE(set2->Contains(*union_set.get()));

404 EXPECT_TRUE(union_set->Contains(*set1.get()));	403 EXPECT_TRUE(union_set->Contains(*set1.get()));

405 EXPECT_TRUE(union_set->Contains(*set2.get()));	404 EXPECT_TRUE(union_set->Contains(*set2.get()));

406	405

407 EXPECT_TRUE(union_set->HasEffectiveFullAccess());	406 EXPECT_TRUE(union_set->HasEffectiveFullAccess());

(...skipping 15 matching lines...) Expand all Loading...
423 URLPatternSet explicit_hosts1;	422 URLPatternSet explicit_hosts1;

424 URLPatternSet explicit_hosts2;	423 URLPatternSet explicit_hosts2;

425 URLPatternSet expected_explicit_hosts;	424 URLPatternSet expected_explicit_hosts;

426	425

427 URLPatternSet scriptable_hosts1;	426 URLPatternSet scriptable_hosts1;

428 URLPatternSet scriptable_hosts2;	427 URLPatternSet scriptable_hosts2;

429 URLPatternSet expected_scriptable_hosts;	428 URLPatternSet expected_scriptable_hosts;

430	429

431 URLPatternSet effective_hosts;	430 URLPatternSet effective_hosts;

432	431

433 scoped_refptr<const PermissionSet> set1;	432 scoped_ptr<const PermissionSet> set1;

434 scoped_refptr<const PermissionSet> set2;	433 scoped_ptr<const PermissionSet> set2;

435 scoped_refptr<const PermissionSet> new_set;	434 scoped_ptr<const PermissionSet> new_set;

436	435

437 const APIPermissionInfo* permission_info =	436 const APIPermissionInfo* permission_info =

438 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);	437 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);

439	438

440 // Intersection with an empty set.	439 // Intersection with an empty set.

441 apis1.insert(APIPermission::kTab);	440 apis1.insert(APIPermission::kTab);

442 apis1.insert(APIPermission::kBackground);	441 apis1.insert(APIPermission::kBackground);

443 permission = permission_info->CreateAPIPermission();	442 permission = permission_info->CreateAPIPermission();

444 {	443 {

445 scoped_ptr<base::ListValue> value(new base::ListValue());	444 scoped_ptr<base::ListValue> value(new base::ListValue());

446 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));	445 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));

447 value->Append(new base::StringValue("udp-bind::8080"));	446 value->Append(new base::StringValue("udp-bind::8080"));

448 value->Append(new base::StringValue("udp-send-to::8888"));	447 value->Append(new base::StringValue("udp-send-to::8888"));

449 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));	448 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));

450 }	449 }

451 apis1.insert(permission);	450 apis1.insert(permission);

452	451

453 AddPattern(&explicit_hosts1, "http://.google.com/");	452 AddPattern(&explicit_hosts1, "http://.google.com/");

454 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");	453 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");

455	454

456 set1 = new PermissionSet(apis1, manifest_permissions,	455 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,

457 explicit_hosts1, scriptable_hosts1);	456 scriptable_hosts1));

458 set2 = new PermissionSet(apis2, manifest_permissions,	457 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

459 explicit_hosts2, scriptable_hosts2);	458 scriptable_hosts2));

460 new_set = PermissionSet::CreateIntersection(set1, set2);	459 new_set = PermissionSet::CreateIntersection(set1, set2);

461 EXPECT_TRUE(set1->Contains(*new_set.get()));	460 EXPECT_TRUE(set1->Contains(*new_set.get()));

462 EXPECT_TRUE(set2->Contains(*new_set.get()));	461 EXPECT_TRUE(set2->Contains(*new_set.get()));

463 EXPECT_TRUE(set1->Contains(*set2.get()));	462 EXPECT_TRUE(set1->Contains(*set2.get()));

464 EXPECT_FALSE(set2->Contains(*set1.get()));	463 EXPECT_FALSE(set2->Contains(*set1.get()));

465 EXPECT_FALSE(new_set->Contains(*set1.get()));	464 EXPECT_FALSE(new_set->Contains(*set1.get()));

466 EXPECT_TRUE(new_set->Contains(*set2.get()));	465 EXPECT_TRUE(new_set->Contains(*set2.get()));

467	466

468 EXPECT_TRUE(new_set->IsEmpty());	467 EXPECT_TRUE(new_set->IsEmpty());

469 EXPECT_FALSE(new_set->HasEffectiveFullAccess());	468 EXPECT_FALSE(new_set->HasEffectiveFullAccess());

(...skipping 28 matching lines...) Expand all Loading...
498 expected_apis.insert(permission);	497 expected_apis.insert(permission);

499	498

500 AddPattern(&explicit_hosts2, "http://.example.com/");	499 AddPattern(&explicit_hosts2, "http://.example.com/");

501 AddPattern(&explicit_hosts2, "http://.google.com/");	500 AddPattern(&explicit_hosts2, "http://.google.com/");

502 AddPattern(&scriptable_hosts2, "http://.google.com/");	501 AddPattern(&scriptable_hosts2, "http://.google.com/");

503 AddPattern(&expected_explicit_hosts, "http://.google.com/");	502 AddPattern(&expected_explicit_hosts, "http://.google.com/");

504	503

505 effective_hosts.ClearPatterns();	504 effective_hosts.ClearPatterns();

506 AddPattern(&effective_hosts, "http://.google.com/");	505 AddPattern(&effective_hosts, "http://.google.com/");

507	506

508 set2 = new PermissionSet(apis2, manifest_permissions,	507 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

509 explicit_hosts2, scriptable_hosts2);	508 scriptable_hosts2));

510 new_set = PermissionSet::CreateIntersection(set1, set2);	509 new_set = PermissionSet::CreateIntersection(set1, set2);

511	510

512 EXPECT_TRUE(set1->Contains(*new_set.get()));	511 EXPECT_TRUE(set1->Contains(*new_set.get()));

513 EXPECT_TRUE(set2->Contains(*new_set.get()));	512 EXPECT_TRUE(set2->Contains(*new_set.get()));

514 EXPECT_FALSE(set1->Contains(*set2.get()));	513 EXPECT_FALSE(set1->Contains(*set2.get()));

515 EXPECT_FALSE(set2->Contains(*set1.get()));	514 EXPECT_FALSE(set2->Contains(*set1.get()));

516 EXPECT_FALSE(new_set->Contains(*set1.get()));	515 EXPECT_FALSE(new_set->Contains(*set1.get()));

517 EXPECT_FALSE(new_set->Contains(*set2.get()));	516 EXPECT_FALSE(new_set->Contains(*set2.get()));

518	517

519 EXPECT_FALSE(new_set->HasEffectiveFullAccess());	518 EXPECT_FALSE(new_set->HasEffectiveFullAccess());

(...skipping 15 matching lines...) Expand all Loading...
535 URLPatternSet explicit_hosts1;	534 URLPatternSet explicit_hosts1;

536 URLPatternSet explicit_hosts2;	535 URLPatternSet explicit_hosts2;

537 URLPatternSet expected_explicit_hosts;	536 URLPatternSet expected_explicit_hosts;

538	537

539 URLPatternSet scriptable_hosts1;	538 URLPatternSet scriptable_hosts1;

540 URLPatternSet scriptable_hosts2;	539 URLPatternSet scriptable_hosts2;

541 URLPatternSet expected_scriptable_hosts;	540 URLPatternSet expected_scriptable_hosts;

542	541

543 URLPatternSet effective_hosts;	542 URLPatternSet effective_hosts;

544	543

545 scoped_refptr<const PermissionSet> set1;	544 scoped_ptr<const PermissionSet> set1;

546 scoped_refptr<const PermissionSet> set2;	545 scoped_ptr<const PermissionSet> set2;

547 scoped_refptr<const PermissionSet> new_set;	546 scoped_ptr<const PermissionSet> new_set;

548	547

549 const APIPermissionInfo* permission_info =	548 const APIPermissionInfo* permission_info =

550 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);	549 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);

551	550

552 // Difference with an empty set.	551 // Difference with an empty set.

553 apis1.insert(APIPermission::kTab);	552 apis1.insert(APIPermission::kTab);

554 apis1.insert(APIPermission::kBackground);	553 apis1.insert(APIPermission::kBackground);

555 permission = permission_info->CreateAPIPermission();	554 permission = permission_info->CreateAPIPermission();

556 {	555 {

557 scoped_ptr<base::ListValue> value(new base::ListValue());	556 scoped_ptr<base::ListValue> value(new base::ListValue());

558 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));	557 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));

559 value->Append(new base::StringValue("udp-bind::8080"));	558 value->Append(new base::StringValue("udp-bind::8080"));

560 value->Append(new base::StringValue("udp-send-to::8888"));	559 value->Append(new base::StringValue("udp-send-to::8888"));

561 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));	560 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));

562 }	561 }

563 apis1.insert(permission);	562 apis1.insert(permission);

564	563

565 AddPattern(&explicit_hosts1, "http://.google.com/");	564 AddPattern(&explicit_hosts1, "http://.google.com/");

566 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");	565 AddPattern(&scriptable_hosts1, "http://www.reddit.com/*");

567	566

568 set1 = new PermissionSet(apis1, manifest_permissions,	567 set1.reset(new PermissionSet(apis1, manifest_permissions, explicit_hosts1,

569 explicit_hosts1, scriptable_hosts1);	568 scriptable_hosts1));

570 set2 = new PermissionSet(apis2, manifest_permissions,	569 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

571 explicit_hosts2, scriptable_hosts2);	570 scriptable_hosts2));

572 new_set = PermissionSet::CreateDifference(set1, set2);	571 new_set = PermissionSet::CreateDifference(set1, set2);

573 EXPECT_EQ(set1.get(), new_set.get());	572 EXPECT_EQ(set1.get(), new_set.get());

574	573

575 // Now use a real second set.	574 // Now use a real second set.

576 apis2.insert(APIPermission::kTab);	575 apis2.insert(APIPermission::kTab);

577 apis2.insert(APIPermission::kProxy);	576 apis2.insert(APIPermission::kProxy);

578 apis2.insert(APIPermission::kClipboardWrite);	577 apis2.insert(APIPermission::kClipboardWrite);

579 apis2.insert(APIPermission::kPlugin);	578 apis2.insert(APIPermission::kPlugin);

580 permission = permission_info->CreateAPIPermission();	579 permission = permission_info->CreateAPIPermission();

581 {	580 {

(...skipping 15 matching lines...) Expand all Loading...
597 expected_apis.insert(permission);	596 expected_apis.insert(permission);

598	597

599 AddPattern(&explicit_hosts2, "http://.example.com/");	598 AddPattern(&explicit_hosts2, "http://.example.com/");

600 AddPattern(&explicit_hosts2, "http://.google.com/");	599 AddPattern(&explicit_hosts2, "http://.google.com/");

601 AddPattern(&scriptable_hosts2, "http://.google.com/");	600 AddPattern(&scriptable_hosts2, "http://.google.com/");

602 AddPattern(&expected_scriptable_hosts, "http://www.reddit.com/*");	601 AddPattern(&expected_scriptable_hosts, "http://www.reddit.com/*");

603	602

604 effective_hosts.ClearPatterns();	603 effective_hosts.ClearPatterns();

605 AddPattern(&effective_hosts, "http://www.reddit.com/*");	604 AddPattern(&effective_hosts, "http://www.reddit.com/*");

606	605

607 set2 = new PermissionSet(apis2, manifest_permissions,	606 set2.reset(new PermissionSet(apis2, manifest_permissions, explicit_hosts2,

608 explicit_hosts2, scriptable_hosts2);	607 scriptable_hosts2));

609 new_set = PermissionSet::CreateDifference(set1, set2);	608 new_set = PermissionSet::CreateDifference(set1, set2);

610	609

611 EXPECT_TRUE(set1->Contains(*new_set.get()));	610 EXPECT_TRUE(set1->Contains(*new_set.get()));

612 EXPECT_FALSE(set2->Contains(*new_set.get()));	611 EXPECT_FALSE(set2->Contains(*new_set.get()));

613	612

614 EXPECT_FALSE(new_set->HasEffectiveFullAccess());	613 EXPECT_FALSE(new_set->HasEffectiveFullAccess());

615 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts());	614 EXPECT_FALSE(new_set->HasEffectiveAccessToAllHosts());

616 EXPECT_EQ(expected_apis, new_set->apis());	615 EXPECT_EQ(expected_apis, new_set->apis());

617 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());	616 EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());

618 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());	617 EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());

(...skipping 51 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
670 LoadManifest("allow_silent_upgrade",	669 LoadManifest("allow_silent_upgrade",

671 std::string(kTests[i].base_name) + "_old.json"));	670 std::string(kTests[i].base_name) + "_old.json"));

672 scoped_refptr<Extension> new_extension(	671 scoped_refptr<Extension> new_extension(

673 LoadManifest("allow_silent_upgrade",	672 LoadManifest("allow_silent_upgrade",

674 std::string(kTests[i].base_name) + "_new.json"));	673 std::string(kTests[i].base_name) + "_new.json"));

675	674

676 EXPECT_TRUE(new_extension.get()) << kTests[i].base_name << "_new.json";	675 EXPECT_TRUE(new_extension.get()) << kTests[i].base_name << "_new.json";

677 if (!new_extension.get())	676 if (!new_extension.get())

678 continue;	677 continue;

679	678

680 scoped_refptr<const PermissionSet> old_p(	679 const PermissionSet* old_p =

681 old_extension->permissions_data()->active_permissions());	680 old_extension->permissions_data()->active_permissions();

682 scoped_refptr<const PermissionSet> new_p(	681 const PermissionSet* new_p =

683 new_extension->permissions_data()->active_permissions());	682 new_extension->permissions_data()->active_permissions();

684 Manifest::Type extension_type = old_extension->GetType();	683 Manifest::Type extension_type = old_extension->GetType();

685	684

686 bool increased = PermissionMessageProvider::Get()->IsPrivilegeIncrease(	685 bool increased = PermissionMessageProvider::Get()->IsPrivilegeIncrease(

687 old_p.get(), new_p.get(), extension_type);	686 old_p, new_p, extension_type);

688 EXPECT_EQ(kTests[i].expect_increase, increased) << kTests[i].base_name;	687 EXPECT_EQ(kTests[i].expect_increase, increased) << kTests[i].base_name;

689 }	688 }

690 }	689 }

691	690

692 TEST(PermissionsTest, PermissionMessages) {	691 TEST(PermissionsTest, PermissionMessages) {

693 // Ensure that all permissions that needs to show install UI actually have	692 // Ensure that all permissions that needs to show install UI actually have

694 // strings associated with them.	693 // strings associated with them.

695 APIPermissionSet skip;	694 APIPermissionSet skip;

696	695

697 // These are considered "nuisance" or "trivial" permissions that don't need	696 // These are considered "nuisance" or "trivial" permissions that don't need

(...skipping 159 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
857 bool has_message = !provider->GetPermissionMessages(id).empty();	856 bool has_message = !provider->GetPermissionMessages(id).empty();

858 bool should_have_message = !skip.count(i->id());	857 bool should_have_message = !skip.count(i->id());

859 EXPECT_EQ(should_have_message, has_message) << permission_info->name();	858 EXPECT_EQ(should_have_message, has_message) << permission_info->name();

860 }	859 }

861 }	860 }

862	861

863 TEST(PermissionsTest, FileSystemPermissionMessages) {	862 TEST(PermissionsTest, FileSystemPermissionMessages) {

864 APIPermissionSet api_permissions;	863 APIPermissionSet api_permissions;

865 api_permissions.insert(APIPermission::kFileSystemWrite);	864 api_permissions.insert(APIPermission::kFileSystemWrite);

866 api_permissions.insert(APIPermission::kFileSystemDirectory);	865 api_permissions.insert(APIPermission::kFileSystemDirectory);

867 scoped_refptr<const PermissionSet> permissions(	866 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

868 new PermissionSet(api_permissions, ManifestPermissionSet(),	867 URLPatternSet(), URLPatternSet());

869 URLPatternSet(), URLPatternSet()));	868 EXPECT_TRUE(

870 EXPECT_TRUE(PermissionSetProducesMessage(	869 PermissionSetProducesMessage(&permissions, Manifest::TYPE_PLATFORM_APP,

871 permissions.get(), Manifest::TYPE_PLATFORM_APP,	870 MakePermissionIDSet(api_permissions)));

872 MakePermissionIDSet(api_permissions)));

873 }	871 }

874	872

875 TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {	873 TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {

876 APIPermissionSet api_permissions;	874 APIPermissionSet api_permissions;

877 api_permissions.insert(APIPermission::kFileSystemWrite);	875 api_permissions.insert(APIPermission::kFileSystemWrite);

878 api_permissions.insert(APIPermission::kFileSystemDirectory);	876 api_permissions.insert(APIPermission::kFileSystemDirectory);

879 scoped_refptr<const PermissionSet> permissions(	877 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

880 new PermissionSet(api_permissions, ManifestPermissionSet(),	878 URLPatternSet(), URLPatternSet());

881 URLPatternSet(), URLPatternSet()));	879 EXPECT_TRUE(

882 EXPECT_TRUE(PermissionSetProducesMessage(	880 PermissionSetProducesMessage(&permissions, Manifest::TYPE_PLATFORM_APP,

883 permissions.get(), Manifest::TYPE_PLATFORM_APP,	881 MakePermissionIDSet(api_permissions)));

884 MakePermissionIDSet(api_permissions)));

885 }	882 }

886	883

887 TEST(PermissionsTest, SuppressedPermissionMessages) {	884 TEST(PermissionsTest, SuppressedPermissionMessages) {

888 {	885 {

889 // Tabs warning suppresses favicon warning.	886 // Tabs warning suppresses favicon warning.

890 APIPermissionSet api_permissions;	887 APIPermissionSet api_permissions;

891 api_permissions.insert(APIPermission::kTab);	888 api_permissions.insert(APIPermission::kTab);

892 URLPatternSet hosts;	889 URLPatternSet hosts;

893 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,	890 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,

894 "chrome://favicon/"));	891 "chrome://favicon/"));

895 scoped_refptr<const PermissionSet> permissions(new PermissionSet(	892 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,

896 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));	893 URLPatternSet());

897 EXPECT_TRUE(PermissionSetProducesMessage(	894 EXPECT_TRUE(PermissionSetProducesMessage(

898 permissions.get(), Manifest::TYPE_EXTENSION,	895 &permissions, Manifest::TYPE_EXTENSION,

899 MakePermissionIDSet(APIPermission::kTab, APIPermission::kFavicon)));	896 MakePermissionIDSet(APIPermission::kTab, APIPermission::kFavicon)));

900 }	897 }

901 {	898 {

902 // History warning suppresses favicon warning.	899 // History warning suppresses favicon warning.

903 APIPermissionSet api_permissions;	900 APIPermissionSet api_permissions;

904 api_permissions.insert(APIPermission::kHistory);	901 api_permissions.insert(APIPermission::kHistory);

905 URLPatternSet hosts;	902 URLPatternSet hosts;

906 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,	903 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI,

907 "chrome://favicon/"));	904 "chrome://favicon/"));

908 scoped_refptr<const PermissionSet> permissions(new PermissionSet(	905 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,

909 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));	906 URLPatternSet());

910 EXPECT_TRUE(PermissionSetProducesMessage(	907 EXPECT_TRUE(PermissionSetProducesMessage(

911 permissions.get(), Manifest::TYPE_EXTENSION,	908 &permissions, Manifest::TYPE_EXTENSION,

912 MakePermissionIDSet(APIPermission::kHistory, APIPermission::kFavicon)));	909 MakePermissionIDSet(APIPermission::kHistory, APIPermission::kFavicon)));

913 }	910 }

914 {	911 {

915 // All sites warning suppresses tabs warning.	912 // All sites warning suppresses tabs warning.

916 APIPermissionSet api_permissions;	913 APIPermissionSet api_permissions;

917 api_permissions.insert(APIPermission::kTab);	914 api_permissions.insert(APIPermission::kTab);

918 URLPatternSet hosts;	915 URLPatternSet hosts;

919 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));	916 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));

920 scoped_refptr<const PermissionSet> permissions(new PermissionSet(	917 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,

921 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));	918 URLPatternSet());

922 EXPECT_TRUE(PermissionSetProducesMessage(	919 EXPECT_TRUE(PermissionSetProducesMessage(

923 permissions.get(), Manifest::TYPE_EXTENSION,	920 &permissions, Manifest::TYPE_EXTENSION,

924 MakePermissionIDSet(APIPermission::kHostsAll, APIPermission::kTab)));	921 MakePermissionIDSet(APIPermission::kHostsAll, APIPermission::kTab)));

925 }	922 }

926 {	923 {

927 // All sites warning suppresses topSites warning.	924 // All sites warning suppresses topSites warning.

928 APIPermissionSet api_permissions;	925 APIPermissionSet api_permissions;

929 api_permissions.insert(APIPermission::kTopSites);	926 api_permissions.insert(APIPermission::kTopSites);

930 URLPatternSet hosts;	927 URLPatternSet hosts;

931 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));	928 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));

932 scoped_refptr<const PermissionSet> permissions(new PermissionSet(	929 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,

933 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));	930 URLPatternSet());

934 EXPECT_TRUE(PermissionSetProducesMessage(	931 EXPECT_TRUE(PermissionSetProducesMessage(

935 permissions.get(), Manifest::TYPE_EXTENSION,	932 &permissions, Manifest::TYPE_EXTENSION,

936 MakePermissionIDSet(APIPermission::kHostsAll,	933 MakePermissionIDSet(APIPermission::kHostsAll,

937 APIPermission::kTopSites)));	934 APIPermission::kTopSites)));

938 }	935 }

939 {	936 {

940 // All sites warning suppresses declarativeWebRequest warning.	937 // All sites warning suppresses declarativeWebRequest warning.

941 APIPermissionSet api_permissions;	938 APIPermissionSet api_permissions;

942 api_permissions.insert(APIPermission::kDeclarativeWebRequest);	939 api_permissions.insert(APIPermission::kDeclarativeWebRequest);

943 URLPatternSet hosts;	940 URLPatternSet hosts;

944 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));	941 hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, ":///*"));

945 scoped_refptr<const PermissionSet> permissions(new PermissionSet(	942 PermissionSet permissions(api_permissions, ManifestPermissionSet(), hosts,

946 api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));	943 URLPatternSet());

947 EXPECT_TRUE(PermissionSetProducesMessage(	944 EXPECT_TRUE(PermissionSetProducesMessage(

948 permissions.get(), Manifest::TYPE_EXTENSION,	945 &permissions, Manifest::TYPE_EXTENSION,

949 MakePermissionIDSet(APIPermission::kHostsAll)));	946 MakePermissionIDSet(APIPermission::kHostsAll)));

950 }	947 }

951 {	948 {

952 // BrowsingHistory warning suppresses all history read/write warnings.	949 // BrowsingHistory warning suppresses all history read/write warnings.

953 APIPermissionSet api_permissions;	950 APIPermissionSet api_permissions;

954 api_permissions.insert(APIPermission::kHistory);	951 api_permissions.insert(APIPermission::kHistory);

955 api_permissions.insert(APIPermission::kTab);	952 api_permissions.insert(APIPermission::kTab);

956 api_permissions.insert(APIPermission::kTopSites);	953 api_permissions.insert(APIPermission::kTopSites);

957 api_permissions.insert(APIPermission::kProcesses);	954 api_permissions.insert(APIPermission::kProcesses);

958 api_permissions.insert(APIPermission::kWebNavigation);	955 api_permissions.insert(APIPermission::kWebNavigation);

959 scoped_refptr<const PermissionSet> permissions(	956 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

960 new PermissionSet(api_permissions, ManifestPermissionSet(),	957 URLPatternSet(), URLPatternSet());

961 URLPatternSet(), URLPatternSet()));	958 EXPECT_TRUE(

962 EXPECT_TRUE(PermissionSetProducesMessage(	959 PermissionSetProducesMessage(&permissions, Manifest::TYPE_EXTENSION,

963 permissions.get(), Manifest::TYPE_EXTENSION,	960 MakePermissionIDSet(api_permissions)));

964 MakePermissionIDSet(api_permissions)));

965 }	961 }

966 {	962 {

967 // Tabs warning suppresses all read-only history warnings.	963 // Tabs warning suppresses all read-only history warnings.

968 APIPermissionSet api_permissions;	964 APIPermissionSet api_permissions;

969 api_permissions.insert(APIPermission::kTab);	965 api_permissions.insert(APIPermission::kTab);

970 api_permissions.insert(APIPermission::kTopSites);	966 api_permissions.insert(APIPermission::kTopSites);

971 api_permissions.insert(APIPermission::kProcesses);	967 api_permissions.insert(APIPermission::kProcesses);

972 api_permissions.insert(APIPermission::kWebNavigation);	968 api_permissions.insert(APIPermission::kWebNavigation);

973 scoped_refptr<const PermissionSet> permissions(	969 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

974 new PermissionSet(api_permissions, ManifestPermissionSet(),	970 URLPatternSet(), URLPatternSet());

975 URLPatternSet(), URLPatternSet()));	971 EXPECT_TRUE(

976 EXPECT_TRUE(PermissionSetProducesMessage(	972 PermissionSetProducesMessage(&permissions, Manifest::TYPE_EXTENSION,

977 permissions.get(), Manifest::TYPE_EXTENSION,	973 MakePermissionIDSet(api_permissions)));

978 MakePermissionIDSet(api_permissions)));

979 }	974 }

980 }	975 }

981	976

982 TEST(PermissionsTest, AccessToDevicesMessages) {	977 TEST(PermissionsTest, AccessToDevicesMessages) {

983 {	978 {

984 APIPermissionSet api_permissions;	979 APIPermissionSet api_permissions;

985 api_permissions.insert(APIPermission::kSerial);	980 api_permissions.insert(APIPermission::kSerial);

986 scoped_refptr<const PermissionSet> permissions(	981 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

987 new PermissionSet(api_permissions, ManifestPermissionSet(),	982 URLPatternSet(), URLPatternSet());

988 URLPatternSet(), URLPatternSet()));

989 VerifyOnePermissionMessage(	983 VerifyOnePermissionMessage(

990 permissions.get(), Manifest::TYPE_EXTENSION,	984 &permissions, Manifest::TYPE_EXTENSION,

991 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));	985 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));

992 }	986 }

993 {	987 {

994 // Testing that multiple permissions will show the one message.	988 // Testing that multiple permissions will show the one message.

995 APIPermissionSet api_permissions;	989 APIPermissionSet api_permissions;

996 api_permissions.insert(APIPermission::kSerial);	990 api_permissions.insert(APIPermission::kSerial);

997 api_permissions.insert(APIPermission::kSerial);	991 api_permissions.insert(APIPermission::kSerial);

998 scoped_refptr<const PermissionSet> permissions(	992 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

999 new PermissionSet(api_permissions, ManifestPermissionSet(),	993 URLPatternSet(), URLPatternSet());

1000 URLPatternSet(), URLPatternSet()));

1001 VerifyOnePermissionMessage(	994 VerifyOnePermissionMessage(

1002 permissions.get(), Manifest::TYPE_EXTENSION,	995 &permissions, Manifest::TYPE_EXTENSION,

1003 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));	996 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL));

1004 }	997 }

1005 {	998 {

1006 scoped_refptr<Extension> extension =	999 scoped_refptr<Extension> extension =

1007 LoadManifest("permissions", "access_to_devices_bluetooth.json");	1000 LoadManifest("permissions", "access_to_devices_bluetooth.json");

1008 PermissionSet* set = const_cast<PermissionSet*>(	1001 PermissionSet* set = const_cast<PermissionSet*>(

1009 extension->permissions_data()->active_permissions().get());	1002 extension->permissions_data()->active_permissions());

1010 VerifyOnePermissionMessage(	1003 VerifyOnePermissionMessage(

1011 set, extension->GetType(),	1004 set, extension->GetType(),

1012 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH));	1005 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH));

1013	1006

1014 // Test Bluetooth and Serial	1007 // Test Bluetooth and Serial

1015 set->apis_.insert(APIPermission::kSerial);	1008 set->apis_.insert(APIPermission::kSerial);

1016 VerifyOnePermissionMessage(	1009 VerifyOnePermissionMessage(

1017 set, extension->GetType(),	1010 set, extension->GetType(),

1018 l10n_util::GetStringUTF16(	1011 l10n_util::GetStringUTF16(

1019 IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL));	1012 IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL));

1020 }	1013 }

1021 }	1014 }

1022	1015

1023 TEST(PermissionsTest, MergedFileSystemPermissionComparison) {	1016 TEST(PermissionsTest, MergedFileSystemPermissionComparison) {

1024 APIPermissionSet write_api_permissions;	1017 APIPermissionSet write_api_permissions;

1025 write_api_permissions.insert(APIPermission::kFileSystemWrite);	1018 write_api_permissions.insert(APIPermission::kFileSystemWrite);

1026 scoped_refptr<const PermissionSet> write_permissions(	1019 PermissionSet write_permissions(write_api_permissions,

1027 new PermissionSet(write_api_permissions, ManifestPermissionSet(),	1020 ManifestPermissionSet(), URLPatternSet(),

1028 URLPatternSet(), URLPatternSet()));	1021 URLPatternSet());

1029	1022

1030 APIPermissionSet directory_api_permissions;	1023 APIPermissionSet directory_api_permissions;

1031 directory_api_permissions.insert(APIPermission::kFileSystemDirectory);	1024 directory_api_permissions.insert(APIPermission::kFileSystemDirectory);

1032 scoped_refptr<const PermissionSet> directory_permissions(	1025 PermissionSet directory_permissions(directory_api_permissions,

1033 new PermissionSet(directory_api_permissions, ManifestPermissionSet(),	1026 ManifestPermissionSet(), URLPatternSet(),

1034 URLPatternSet(), URLPatternSet()));	1027 URLPatternSet());

1035	1028

1036 APIPermissionSet write_directory_api_permissions;	1029 APIPermissionSet write_directory_api_permissions;

1037 write_directory_api_permissions.insert(APIPermission::kFileSystemWrite);	1030 write_directory_api_permissions.insert(APIPermission::kFileSystemWrite);

1038 write_directory_api_permissions.insert(APIPermission::kFileSystemDirectory);	1031 write_directory_api_permissions.insert(APIPermission::kFileSystemDirectory);

1039 scoped_refptr<const PermissionSet> write_directory_permissions(	1032 PermissionSet write_directory_permissions(write_directory_api_permissions,

1040 new PermissionSet(write_directory_api_permissions,	1033 ManifestPermissionSet(),

1041 ManifestPermissionSet(), URLPatternSet(),	1034 URLPatternSet(), URLPatternSet());

1042 URLPatternSet()));

1043	1035

1044 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();	1036 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();

1045 EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(),	1037 EXPECT_FALSE(provider->IsPrivilegeIncrease(&write_directory_permissions,

1046 write_permissions.get(),	1038 &write_permissions,

1047 Manifest::TYPE_PLATFORM_APP));	1039 Manifest::TYPE_PLATFORM_APP));

1048 EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(),	1040 EXPECT_FALSE(provider->IsPrivilegeIncrease(&write_directory_permissions,

1049 directory_permissions.get(),	1041 &directory_permissions,

1050 Manifest::TYPE_PLATFORM_APP));	1042 Manifest::TYPE_PLATFORM_APP));

1051 EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(),	1043 EXPECT_TRUE(provider->IsPrivilegeIncrease(

1052 directory_permissions.get(),	1044 &write_permissions, &directory_permissions, Manifest::TYPE_PLATFORM_APP));

	1045 EXPECT_TRUE(provider->IsPrivilegeIncrease(&write_permissions,

	1046 &write_directory_permissions,

1053 Manifest::TYPE_PLATFORM_APP));	1047 Manifest::TYPE_PLATFORM_APP));

1054 EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(),	1048 EXPECT_FALSE(provider->IsPrivilegeIncrease(

1055 write_directory_permissions.get(),	1049 &directory_permissions, &write_permissions, Manifest::TYPE_PLATFORM_APP));

1056 Manifest::TYPE_PLATFORM_APP));	1050 EXPECT_TRUE(provider->IsPrivilegeIncrease(&directory_permissions,

1057 EXPECT_FALSE(provider->IsPrivilegeIncrease(directory_permissions.get(),	1051 &write_directory_permissions,

1058 write_permissions.get(),

1059 Manifest::TYPE_PLATFORM_APP));

1060 EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions.get(),

1061 write_directory_permissions.get(),

1062 Manifest::TYPE_PLATFORM_APP));	1052 Manifest::TYPE_PLATFORM_APP));

1063 }	1053 }

1064	1054

1065 TEST(PermissionsTest, GetWarningMessages_ManyHosts) {	1055 TEST(PermissionsTest, GetWarningMessages_ManyHosts) {

1066 scoped_refptr<Extension> extension;	1056 scoped_refptr<Extension> extension;

1067 extension = LoadManifest("permissions", "many-hosts.json");	1057 extension = LoadManifest("permissions", "many-hosts.json");

1068 EXPECT_TRUE(VerifyOnePermissionMessage(	1058 EXPECT_TRUE(VerifyOnePermissionMessage(

1069 extension->permissions_data(),	1059 extension->permissions_data(),

1070 "Read and change your data on encrypted.google.com and www.google.com"));	1060 "Read and change your data on encrypted.google.com and www.google.com"));

1071 }	1061 }

(...skipping 16 matching lines...) Expand all Loading...
1088 TEST(PermissionsTest, GetWarningMessages_AudioVideo) {	1078 TEST(PermissionsTest, GetWarningMessages_AudioVideo) {

1089 const std::string kAudio("Use your microphone");	1079 const std::string kAudio("Use your microphone");

1090 const std::string kVideo("Use your camera");	1080 const std::string kVideo("Use your camera");

1091 const std::string kBoth("Use your microphone and camera");	1081 const std::string kBoth("Use your microphone and camera");

1092	1082

1093 // Both audio and video present.	1083 // Both audio and video present.

1094 scoped_refptr<Extension> extension =	1084 scoped_refptr<Extension> extension =

1095 LoadManifest("permissions", "audio-video.json");	1085 LoadManifest("permissions", "audio-video.json");

1096 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();	1086 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();

1097 PermissionSet* set = const_cast<PermissionSet*>(	1087 PermissionSet* set = const_cast<PermissionSet*>(

1098 extension->permissions_data()->active_permissions().get());	1088 extension->permissions_data()->active_permissions());

1099 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kAudio));	1089 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kAudio));

1100 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kVideo));	1090 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(), kVideo));

1101 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(), kBoth));	1091 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(), kBoth));

1102 PermissionMessages warnings = provider->GetPermissionMessages(	1092 PermissionMessages warnings = provider->GetPermissionMessages(

1103 provider->GetAllPermissionIDs(set, extension->GetType()));	1093 provider->GetAllPermissionIDs(set, extension->GetType()));

1104 size_t combined_index = IndexOf(warnings, kBoth);	1094 size_t combined_index = IndexOf(warnings, kBoth);

1105 size_t combined_size = warnings.size();	1095 size_t combined_size = warnings.size();

1106	1096

1107 // Just audio present.	1097 // Just audio present.

1108 set->apis_.erase(APIPermission::kVideoCapture);	1098 set->apis_.erase(APIPermission::kVideoCapture);

(...skipping 18 matching lines...) Expand all Loading...
1127 }	1117 }

1128	1118

1129 TEST(PermissionsTest, GetWarningMessages_CombinedSessions) {	1119 TEST(PermissionsTest, GetWarningMessages_CombinedSessions) {

1130 {	1120 {

1131 APIPermissionSet api_permissions;	1121 APIPermissionSet api_permissions;

1132 api_permissions.insert(APIPermission::kTab);	1122 api_permissions.insert(APIPermission::kTab);

1133 api_permissions.insert(APIPermission::kTopSites);	1123 api_permissions.insert(APIPermission::kTopSites);

1134 api_permissions.insert(APIPermission::kProcesses);	1124 api_permissions.insert(APIPermission::kProcesses);

1135 api_permissions.insert(APIPermission::kWebNavigation);	1125 api_permissions.insert(APIPermission::kWebNavigation);

1136 api_permissions.insert(APIPermission::kSessions);	1126 api_permissions.insert(APIPermission::kSessions);

1137 scoped_refptr<const PermissionSet> permissions(	1127 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

1138 new PermissionSet(api_permissions, ManifestPermissionSet(),	1128 URLPatternSet(), URLPatternSet());

1139 URLPatternSet(), URLPatternSet()));

1140 EXPECT_TRUE(VerifyOnePermissionMessage(	1129 EXPECT_TRUE(VerifyOnePermissionMessage(

1141 permissions.get(), Manifest::TYPE_EXTENSION,	1130 &permissions, Manifest::TYPE_EXTENSION,

1142 l10n_util::GetStringUTF16(	1131 l10n_util::GetStringUTF16(

1143 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS)));	1132 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS)));

1144 }	1133 }

1145 {	1134 {

1146 APIPermissionSet api_permissions;	1135 APIPermissionSet api_permissions;

1147 api_permissions.insert(APIPermission::kHistory);	1136 api_permissions.insert(APIPermission::kHistory);

1148 api_permissions.insert(APIPermission::kTab);	1137 api_permissions.insert(APIPermission::kTab);

1149 api_permissions.insert(APIPermission::kTopSites);	1138 api_permissions.insert(APIPermission::kTopSites);

1150 api_permissions.insert(APIPermission::kProcesses);	1139 api_permissions.insert(APIPermission::kProcesses);

1151 api_permissions.insert(APIPermission::kWebNavigation);	1140 api_permissions.insert(APIPermission::kWebNavigation);

1152 api_permissions.insert(APIPermission::kSessions);	1141 api_permissions.insert(APIPermission::kSessions);

1153 scoped_refptr<const PermissionSet> permissions(	1142 PermissionSet permissions(api_permissions, ManifestPermissionSet(),

1154 new PermissionSet(api_permissions, ManifestPermissionSet(),	1143 URLPatternSet(), URLPatternSet());

1155 URLPatternSet(), URLPatternSet()));

1156 EXPECT_TRUE(VerifyOnePermissionMessage(	1144 EXPECT_TRUE(VerifyOnePermissionMessage(

1157 permissions.get(), Manifest::TYPE_EXTENSION,	1145 &permissions, Manifest::TYPE_EXTENSION,

1158 l10n_util::GetStringUTF16(	1146 l10n_util::GetStringUTF16(

1159 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS)));	1147 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS)));

1160 }	1148 }

1161 }	1149 }

1162	1150

1163 TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {	1151 TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {

1164 // Test that if the declarativeWebRequest permission is present	1152 // Test that if the declarativeWebRequest permission is present

1165 // in combination with all hosts permission, then only the warning	1153 // in combination with all hosts permission, then only the warning

1166 // for host permissions is shown, because that covers the use of	1154 // for host permissions is shown, because that covers the use of

1167 // declarativeWebRequest.	1155 // declarativeWebRequest.

1168	1156

1169 // Until Declarative Web Request is in stable, let's make sure it is enabled	1157 // Until Declarative Web Request is in stable, let's make sure it is enabled

1170 // on the current channel.	1158 // on the current channel.

1171 ScopedCurrentChannel sc(version_info::Channel::CANARY);	1159 ScopedCurrentChannel sc(version_info::Channel::CANARY);

1172	1160

1173 // First verify that declarativeWebRequest produces a message when host	1161 // First verify that declarativeWebRequest produces a message when host

1174 // permissions do not cover all hosts.	1162 // permissions do not cover all hosts.

1175 scoped_refptr<Extension> extension =	1163 scoped_refptr<Extension> extension =

1176 LoadManifest("permissions", "web_request_not_all_host_permissions.json");	1164 LoadManifest("permissions", "web_request_not_all_host_permissions.json");

1177 const PermissionSet* set =	1165 const PermissionSet* set =

1178 extension->permissions_data()->active_permissions().get();	1166 extension->permissions_data()->active_permissions();

1179 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(),	1167 EXPECT_TRUE(VerifyHasPermissionMessage(set, extension->GetType(),

1180 "Block parts of web pages"));	1168 "Block parts of web pages"));

1181 EXPECT_FALSE(VerifyHasPermissionMessage(	1169 EXPECT_FALSE(VerifyHasPermissionMessage(

1182 set, extension->GetType(),	1170 set, extension->GetType(),

1183 "Read and change all your data on the websites you visit"));	1171 "Read and change all your data on the websites you visit"));

1184	1172

1185 // Now verify that declarativeWebRequest does not produce a message when host	1173 // Now verify that declarativeWebRequest does not produce a message when host

1186 // permissions do cover all hosts.	1174 // permissions do cover all hosts.

1187 extension =	1175 extension =

1188 LoadManifest("permissions", "web_request_all_host_permissions.json");	1176 LoadManifest("permissions", "web_request_all_host_permissions.json");

1189 set = extension->permissions_data()->active_permissions().get();	1177 set = extension->permissions_data()->active_permissions();

1190 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(),	1178 EXPECT_FALSE(VerifyHasPermissionMessage(set, extension->GetType(),

1191 "Block parts of web pages"));	1179 "Block parts of web pages"));

1192 EXPECT_TRUE(VerifyHasPermissionMessage(	1180 EXPECT_TRUE(VerifyHasPermissionMessage(

1193 set, extension->GetType(),	1181 set, extension->GetType(),

1194 "Read and change all your data on the websites you visit"));	1182 "Read and change all your data on the websites you visit"));

1195 }	1183 }

1196	1184

1197 TEST(PermissionsTest, GetWarningMessages_Serial) {	1185 TEST(PermissionsTest, GetWarningMessages_Serial) {

1198 scoped_refptr<Extension> extension =	1186 scoped_refptr<Extension> extension =

1199 LoadManifest("permissions", "serial.json");	1187 LoadManifest("permissions", "serial.json");

(...skipping 241 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1441 expected.clear();	1429 expected.clear();

1442	1430

1443 explicit_hosts.AddPattern(	1431 explicit_hosts.AddPattern(

1444 URLPattern(URLPattern::SCHEME_HTTP, "http://.google.com/"));	1432 URLPattern(URLPattern::SCHEME_HTTP, "http://.google.com/"));

1445 scriptable_hosts.AddPattern(	1433 scriptable_hosts.AddPattern(

1446 URLPattern(URLPattern::SCHEME_HTTP, "http://.example.com/"));	1434 URLPattern(URLPattern::SCHEME_HTTP, "http://.example.com/"));

1447	1435

1448 expected.insert("*.google.com");	1436 expected.insert("*.google.com");

1449 expected.insert("*.example.com");	1437 expected.insert("*.example.com");

1450	1438

1451 scoped_refptr<const PermissionSet> perm_set(	1439 PermissionSet perm_set(empty_perms, ManifestPermissionSet(), explicit_hosts,

1452 new PermissionSet(empty_perms, ManifestPermissionSet(), explicit_hosts,	1440 scriptable_hosts);

1453 scriptable_hosts));	1441 EXPECT_EQ(expected, permission_message_util::GetDistinctHosts(

1454 EXPECT_EQ(expected,	1442 perm_set.effective_hosts(), true, true));

1455 permission_message_util::GetDistinctHosts(

1456 perm_set->effective_hosts(), true, true));

1457 }	1443 }

1458	1444

1459 {	1445 {

1460 // We don't display warnings for file URLs because they are off by default.	1446 // We don't display warnings for file URLs because they are off by default.

1461 SCOPED_TRACE("file urls");	1447 SCOPED_TRACE("file urls");

1462	1448

1463 explicit_hosts.ClearPatterns();	1449 explicit_hosts.ClearPatterns();

1464 expected.clear();	1450 expected.clear();

1465	1451

1466 explicit_hosts.AddPattern(	1452 explicit_hosts.AddPattern(

(...skipping 88 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1555 }	1541 }

1556	1542

1557 TEST(PermissionsTest, IsHostPrivilegeIncrease) {	1543 TEST(PermissionsTest, IsHostPrivilegeIncrease) {

1558 Manifest::Type type = Manifest::TYPE_EXTENSION;	1544 Manifest::Type type = Manifest::TYPE_EXTENSION;

1559 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();	1545 const PermissionMessageProvider* provider = PermissionMessageProvider::Get();

1560 ManifestPermissionSet empty_manifest_permissions;	1546 ManifestPermissionSet empty_manifest_permissions;

1561 URLPatternSet elist1;	1547 URLPatternSet elist1;

1562 URLPatternSet elist2;	1548 URLPatternSet elist2;

1563 URLPatternSet slist1;	1549 URLPatternSet slist1;

1564 URLPatternSet slist2;	1550 URLPatternSet slist2;

1565 scoped_refptr<const PermissionSet> set1;	1551 scoped_ptr<const PermissionSet> set1;

1566 scoped_refptr<const PermissionSet> set2;	1552 scoped_ptr<const PermissionSet> set2;

1567 APIPermissionSet empty_perms;	1553 APIPermissionSet empty_perms;

1568 elist1.AddPattern(	1554 elist1.AddPattern(

1569 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));	1555 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));

1570 elist1.AddPattern(	1556 elist1.AddPattern(

1571 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));	1557 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));

1572	1558

1573 // Test that the host order does not matter.	1559 // Test that the host order does not matter.

1574 elist2.AddPattern(	1560 elist2.AddPattern(

1575 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));	1561 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));

1576 elist2.AddPattern(	1562 elist2.AddPattern(

1577 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));	1563 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));

1578	1564

1579 set1 = new PermissionSet(empty_perms, empty_manifest_permissions,	1565 set1.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist1,

1580 elist1, slist1);	1566 slist1));

1581 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1567 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1582 elist2, slist2);	1568 slist2));

1583	1569

1584 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1570 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1585 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1571 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1586	1572

1587 // Test that paths are ignored.	1573 // Test that paths are ignored.

1588 elist2.ClearPatterns();	1574 elist2.ClearPatterns();

1589 elist2.AddPattern(	1575 elist2.AddPattern(

1590 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));	1576 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));

1591 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1577 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1592 elist2, slist2);	1578 slist2));

1593 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1579 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1594 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1580 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1595	1581

1596 // Test that RCDs are ignored.	1582 // Test that RCDs are ignored.

1597 elist2.ClearPatterns();	1583 elist2.ClearPatterns();

1598 elist2.AddPattern(	1584 elist2.AddPattern(

1599 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));	1585 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));

1600 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1586 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1601 elist2, slist2);	1587 slist2));

1602 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1588 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1603 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1589 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1604	1590

1605 // Test that subdomain wildcards are handled properly.	1591 // Test that subdomain wildcards are handled properly.

1606 elist2.ClearPatterns();	1592 elist2.ClearPatterns();

1607 elist2.AddPattern(	1593 elist2.AddPattern(

1608 URLPattern(URLPattern::SCHEME_HTTP, "http://.google.com.hk/"));	1594 URLPattern(URLPattern::SCHEME_HTTP, "http://.google.com.hk/"));

1609 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1595 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1610 elist2, slist2);	1596 slist2));

1611 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1597 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1612 // TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337	1598 // TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337

1613 // EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));	1599 // EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));

1614	1600

1615 // Test that different domains count as different hosts.	1601 // Test that different domains count as different hosts.

1616 elist2.ClearPatterns();	1602 elist2.ClearPatterns();

1617 elist2.AddPattern(	1603 elist2.AddPattern(

1618 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));	1604 URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));

1619 elist2.AddPattern(	1605 elist2.AddPattern(

1620 URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));	1606 URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));

1621 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1607 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1622 elist2, slist2);	1608 slist2));

1623 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1609 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1624 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1610 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1625	1611

1626 // Test that different subdomains count as different hosts.	1612 // Test that different subdomains count as different hosts.

1627 elist2.ClearPatterns();	1613 elist2.ClearPatterns();

1628 elist2.AddPattern(	1614 elist2.AddPattern(

1629 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));	1615 URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));

1630 set2 = new PermissionSet(empty_perms, empty_manifest_permissions,	1616 set2.reset(new PermissionSet(empty_perms, empty_manifest_permissions, elist2,

1631 elist2, slist2);	1617 slist2));

1632 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1618 EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1633 EXPECT_TRUE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1619 EXPECT_TRUE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1634	1620

1635 // Test that platform apps do not have host permissions increases.	1621 // Test that platform apps do not have host permissions increases.

1636 type = Manifest::TYPE_PLATFORM_APP;	1622 type = Manifest::TYPE_PLATFORM_APP;

1637 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));	1623 EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));

1638 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));	1624 EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));

1639 }	1625 }

1640	1626

1641 TEST(PermissionsTest, GetAPIsAsStrings) {	1627 TEST(PermissionsTest, GetAPIsAsStrings) {

1642 APIPermissionSet apis;	1628 APIPermissionSet apis;

1643 URLPatternSet empty_set;	1629 URLPatternSet empty_set;

1644	1630

1645 apis.insert(APIPermission::kProxy);	1631 apis.insert(APIPermission::kProxy);

1646 apis.insert(APIPermission::kBackground);	1632 apis.insert(APIPermission::kBackground);

1647 apis.insert(APIPermission::kNotifications);	1633 apis.insert(APIPermission::kNotifications);

1648 apis.insert(APIPermission::kTab);	1634 apis.insert(APIPermission::kTab);

1649	1635

1650 scoped_refptr<const PermissionSet> perm_set =	1636 PermissionSet perm_set(apis, ManifestPermissionSet(), empty_set, empty_set);

1651 new PermissionSet(apis, ManifestPermissionSet(), empty_set, empty_set);	1637 std::set<std::string> api_names = perm_set.GetAPIsAsStrings();

1652 std::set<std::string> api_names = perm_set->GetAPIsAsStrings();

1653	1638

1654 // The result is correct if it has the same number of elements	1639 // The result is correct if it has the same number of elements

1655 // and we can convert it back to the id set.	1640 // and we can convert it back to the id set.

1656 EXPECT_EQ(4u, api_names.size());	1641 EXPECT_EQ(4u, api_names.size());

1657 EXPECT_EQ(apis,	1642 EXPECT_EQ(apis,

1658 PermissionsInfo::GetInstance()->GetAllByName(api_names));	1643 PermissionsInfo::GetInstance()->GetAllByName(api_names));

1659 }	1644 }

1660	1645

1661 TEST(PermissionsTest, IsEmpty) {	1646 TEST(PermissionsTest, IsEmpty) {

1662 APIPermissionSet empty_apis;	1647 APIPermissionSet empty_apis;

1663 URLPatternSet empty_extent;	1648 URLPatternSet empty_extent;

1664	1649

1665 scoped_refptr<const PermissionSet> empty = new PermissionSet();	1650 scoped_ptr<const PermissionSet> empty(new PermissionSet());

1666 EXPECT_TRUE(empty->IsEmpty());	1651 EXPECT_TRUE(empty->IsEmpty());

1667 scoped_refptr<const PermissionSet> perm_set;	1652 scoped_ptr<const PermissionSet> perm_set;

1668	1653

1669 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(),	1654 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),

1670 empty_extent, empty_extent);	1655 empty_extent, empty_extent));

1671 EXPECT_TRUE(perm_set->IsEmpty());	1656 EXPECT_TRUE(perm_set->IsEmpty());

1672	1657

1673 APIPermissionSet non_empty_apis;	1658 APIPermissionSet non_empty_apis;

1674 non_empty_apis.insert(APIPermission::kBackground);	1659 non_empty_apis.insert(APIPermission::kBackground);

1675 perm_set = new PermissionSet(non_empty_apis, ManifestPermissionSet(),	1660 perm_set.reset(new PermissionSet(non_empty_apis, ManifestPermissionSet(),

1676 empty_extent, empty_extent);	1661 empty_extent, empty_extent));

1677 EXPECT_FALSE(perm_set->IsEmpty());	1662 EXPECT_FALSE(perm_set->IsEmpty());

1678	1663

1679 // Try non standard host	1664 // Try non standard host

1680 URLPatternSet non_empty_extent;	1665 URLPatternSet non_empty_extent;

1681 AddPattern(&non_empty_extent, "http://www.google.com/*");	1666 AddPattern(&non_empty_extent, "http://www.google.com/*");

1682	1667

1683 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(),	1668 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),

1684 non_empty_extent, empty_extent);	1669 non_empty_extent, empty_extent));

1685 EXPECT_FALSE(perm_set->IsEmpty());	1670 EXPECT_FALSE(perm_set->IsEmpty());

1686	1671

1687 perm_set = new PermissionSet(empty_apis, ManifestPermissionSet(),	1672 perm_set.reset(new PermissionSet(empty_apis, ManifestPermissionSet(),

1688 empty_extent, non_empty_extent);	1673 empty_extent, non_empty_extent));

1689 EXPECT_FALSE(perm_set->IsEmpty());	1674 EXPECT_FALSE(perm_set->IsEmpty());

1690 }	1675 }

1691	1676

1692 TEST(PermissionsTest, ImpliedPermissions) {	1677 TEST(PermissionsTest, ImpliedPermissions) {

1693 URLPatternSet empty_extent;	1678 URLPatternSet empty_extent;

1694 APIPermissionSet apis;	1679 APIPermissionSet apis;

1695 apis.insert(APIPermission::kFileBrowserHandler);	1680 apis.insert(APIPermission::kFileBrowserHandler);

1696 EXPECT_EQ(1U, apis.size());	1681 EXPECT_EQ(1U, apis.size());

1697	1682

1698 scoped_refptr<const PermissionSet> perm_set;	1683 PermissionSet perm_set(apis, ManifestPermissionSet(), empty_extent,

1699 perm_set = new PermissionSet(apis, ManifestPermissionSet(),	1684 empty_extent);

1700 empty_extent, empty_extent);	1685 EXPECT_EQ(2U, perm_set.apis().size());

1701 EXPECT_EQ(2U, perm_set->apis().size());

1702 }	1686 }

1703	1687

1704 TEST(PermissionsTest, SyncFileSystemPermission) {	1688 TEST(PermissionsTest, SyncFileSystemPermission) {

1705 scoped_refptr<Extension> extension = LoadManifest(	1689 scoped_refptr<Extension> extension = LoadManifest(

1706 "permissions", "sync_file_system.json");	1690 "permissions", "sync_file_system.json");

1707 APIPermissionSet apis;	1691 APIPermissionSet apis;

1708 apis.insert(APIPermission::kSyncFileSystem);	1692 apis.insert(APIPermission::kSyncFileSystem);

1709 EXPECT_TRUE(extension->is_platform_app());	1693 EXPECT_TRUE(extension->is_platform_app());

1710 EXPECT_TRUE(extension->permissions_data()->HasAPIPermission(	1694 EXPECT_TRUE(extension->permissions_data()->HasAPIPermission(

1711 APIPermission::kSyncFileSystem));	1695 APIPermission::kSyncFileSystem));

1712 EXPECT_TRUE(	1696 EXPECT_TRUE(

1713 VerifyOnePermissionMessage(extension->permissions_data(),	1697 VerifyOnePermissionMessage(extension->permissions_data(),

1714 "Store data in your Google Drive account"));	1698 "Store data in your Google Drive account"));

1715 }	1699 }

1716	1700

1717 // Make sure that we don't crash when we're trying to show the permissions	1701 // Make sure that we don't crash when we're trying to show the permissions

1718 // even though chrome://thumb (and everything that's not chrome://favicon with	1702 // even though chrome://thumb (and everything that's not chrome://favicon with

1719 // a chrome:// scheme) is not a valid permission.	1703 // a chrome:// scheme) is not a valid permission.

1720 // More details here: crbug/246314.	1704 // More details here: crbug/246314.

1721 TEST(PermissionsTest, ChromeURLs) {	1705 TEST(PermissionsTest, ChromeURLs) {

1722 URLPatternSet allowed_hosts;	1706 URLPatternSet allowed_hosts;

1723 allowed_hosts.AddPattern(	1707 allowed_hosts.AddPattern(

1724 URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/"));	1708 URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/"));

1725 allowed_hosts.AddPattern(	1709 allowed_hosts.AddPattern(

1726 URLPattern(URLPattern::SCHEME_ALL, "chrome://favicon/"));	1710 URLPattern(URLPattern::SCHEME_ALL, "chrome://favicon/"));

1727 allowed_hosts.AddPattern(	1711 allowed_hosts.AddPattern(

1728 URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/"));	1712 URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/"));

1729 scoped_refptr<const PermissionSet> permissions(	1713 PermissionSet permissions(APIPermissionSet(), ManifestPermissionSet(),

1730 new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),	1714 allowed_hosts, URLPatternSet());

1731 allowed_hosts, URLPatternSet()));

1732 PermissionMessageProvider::Get()->GetPermissionMessages(	1715 PermissionMessageProvider::Get()->GetPermissionMessages(

1733 PermissionMessageProvider::Get()->GetAllPermissionIDs(	1716 PermissionMessageProvider::Get()->GetAllPermissionIDs(

1734 permissions.get(), Manifest::TYPE_EXTENSION));	1717 &permissions, Manifest::TYPE_EXTENSION));

1735 }	1718 }

1736	1719

1737 TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {	1720 TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {

1738 scoped_refptr<Extension> extension(	1721 scoped_refptr<Extension> extension(

1739 LoadManifest("permissions", "permissions_all_urls.json"));	1722 LoadManifest("permissions", "permissions_all_urls.json"));

1740 scoped_refptr<const PermissionSet> permissions(	1723 const PermissionSet* permissions =

1741 extension->permissions_data()->active_permissions());	1724 extension->permissions_data()->active_permissions();

1742	1725

1743 scoped_refptr<Extension> extension_dwr(	1726 scoped_refptr<Extension> extension_dwr(

1744 LoadManifest("permissions", "web_request_all_host_permissions.json"));	1727 LoadManifest("permissions", "web_request_all_host_permissions.json"));

1745 scoped_refptr<const PermissionSet> permissions_dwr(	1728 const PermissionSet* permissions_dwr =

1746 extension_dwr->permissions_data()->active_permissions());	1729 extension_dwr->permissions_data()->active_permissions();

1747	1730

1748 EXPECT_FALSE(PermissionMessageProvider::Get()->	1731 EXPECT_FALSE(PermissionMessageProvider::Get()->IsPrivilegeIncrease(

1749 IsPrivilegeIncrease(permissions.get(),	1732 permissions, permissions_dwr, extension->GetType()));

1750 permissions_dwr.get(),

1751 extension->GetType()));

1752 }	1733 }

1753	1734

1754 } // namespace extensions	1735 } // namespace extensions

OLD	NEW