OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" | 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
6 | 6 |
7 #include "base/memory/scoped_ptr.h" | 7 #include <memory> |
| 8 |
| 9 #include "base/memory/ptr_util.h" |
8 #include "chrome/browser/chrome_notification_types.h" | 10 #include "chrome/browser/chrome_notification_types.h" |
9 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" | 11 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h" |
10 #include "chrome/browser/extensions/extension_management.h" | 12 #include "chrome/browser/extensions/extension_management.h" |
11 #include "chrome/browser/extensions/permissions_updater.h" | 13 #include "chrome/browser/extensions/permissions_updater.h" |
12 #include "chrome/browser/profiles/profile.h" | 14 #include "chrome/browser/profiles/profile.h" |
13 #include "chrome/common/extensions/api/permissions.h" | 15 #include "chrome/common/extensions/api/permissions.h" |
14 #include "extensions/browser/extension_prefs.h" | 16 #include "extensions/browser/extension_prefs.h" |
15 #include "extensions/common/error_utils.h" | 17 #include "extensions/common/error_utils.h" |
16 #include "extensions/common/extension.h" | 18 #include "extensions/common/extension.h" |
17 #include "extensions/common/manifest_handlers/permissions_parser.h" | 19 #include "extensions/common/manifest_handlers/permissions_parser.h" |
(...skipping 28 matching lines...) Expand all Loading... |
46 DO_NOT_SKIP = 0, | 48 DO_NOT_SKIP = 0, |
47 PROCEED, | 49 PROCEED, |
48 ABORT | 50 ABORT |
49 }; | 51 }; |
50 AutoConfirmForTest auto_confirm_for_tests = DO_NOT_SKIP; | 52 AutoConfirmForTest auto_confirm_for_tests = DO_NOT_SKIP; |
51 bool ignore_user_gesture_for_tests = false; | 53 bool ignore_user_gesture_for_tests = false; |
52 | 54 |
53 } // namespace | 55 } // namespace |
54 | 56 |
55 bool PermissionsContainsFunction::RunSync() { | 57 bool PermissionsContainsFunction::RunSync() { |
56 scoped_ptr<Contains::Params> params(Contains::Params::Create(*args_)); | 58 std::unique_ptr<Contains::Params> params(Contains::Params::Create(*args_)); |
57 EXTENSION_FUNCTION_VALIDATE(params); | 59 EXTENSION_FUNCTION_VALIDATE(params); |
58 | 60 |
59 scoped_ptr<const PermissionSet> permissions = helpers::UnpackPermissionSet( | 61 std::unique_ptr<const PermissionSet> permissions = |
60 params->permissions, | 62 helpers::UnpackPermissionSet( |
61 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), | 63 params->permissions, |
62 &error_); | 64 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), |
| 65 &error_); |
63 if (!permissions.get()) | 66 if (!permissions.get()) |
64 return false; | 67 return false; |
65 | 68 |
66 results_ = Contains::Results::Create( | 69 results_ = Contains::Results::Create( |
67 extension()->permissions_data()->active_permissions().Contains( | 70 extension()->permissions_data()->active_permissions().Contains( |
68 *permissions)); | 71 *permissions)); |
69 return true; | 72 return true; |
70 } | 73 } |
71 | 74 |
72 bool PermissionsGetAllFunction::RunSync() { | 75 bool PermissionsGetAllFunction::RunSync() { |
73 scoped_ptr<Permissions> permissions = helpers::PackPermissionSet( | 76 std::unique_ptr<Permissions> permissions = helpers::PackPermissionSet( |
74 extension()->permissions_data()->active_permissions()); | 77 extension()->permissions_data()->active_permissions()); |
75 results_ = GetAll::Results::Create(*permissions); | 78 results_ = GetAll::Results::Create(*permissions); |
76 return true; | 79 return true; |
77 } | 80 } |
78 | 81 |
79 bool PermissionsRemoveFunction::RunSync() { | 82 bool PermissionsRemoveFunction::RunSync() { |
80 scoped_ptr<Remove::Params> params(Remove::Params::Create(*args_)); | 83 std::unique_ptr<Remove::Params> params(Remove::Params::Create(*args_)); |
81 EXTENSION_FUNCTION_VALIDATE(params); | 84 EXTENSION_FUNCTION_VALIDATE(params); |
82 | 85 |
83 scoped_ptr<const PermissionSet> permissions = helpers::UnpackPermissionSet( | 86 std::unique_ptr<const PermissionSet> permissions = |
84 params->permissions, | 87 helpers::UnpackPermissionSet( |
85 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), | 88 params->permissions, |
86 &error_); | 89 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), |
| 90 &error_); |
87 if (!permissions.get()) | 91 if (!permissions.get()) |
88 return false; | 92 return false; |
89 | 93 |
90 // Make sure they're only trying to remove permissions supported by this API. | 94 // Make sure they're only trying to remove permissions supported by this API. |
91 APIPermissionSet apis = permissions->apis(); | 95 APIPermissionSet apis = permissions->apis(); |
92 for (APIPermissionSet::const_iterator i = apis.begin(); | 96 for (APIPermissionSet::const_iterator i = apis.begin(); |
93 i != apis.end(); ++i) { | 97 i != apis.end(); ++i) { |
94 if (!i->info()->supports_optional()) { | 98 if (!i->info()->supports_optional()) { |
95 error_ = ErrorUtils::FormatErrorMessage( | 99 error_ = ErrorUtils::FormatErrorMessage( |
96 kNotWhitelistedError, i->name()); | 100 kNotWhitelistedError, i->name()); |
97 return false; | 101 return false; |
98 } | 102 } |
99 } | 103 } |
100 | 104 |
101 // Make sure we only remove optional permissions, and not required | 105 // Make sure we only remove optional permissions, and not required |
102 // permissions. Sadly, for some reason we support having a permission be both | 106 // permissions. Sadly, for some reason we support having a permission be both |
103 // optional and required (and should assume its required), so we need both of | 107 // optional and required (and should assume its required), so we need both of |
104 // these checks. | 108 // these checks. |
105 // TODO(devlin): *Why* do we support that? Should be a load error. | 109 // TODO(devlin): *Why* do we support that? Should be a load error. |
106 const PermissionSet& optional = | 110 const PermissionSet& optional = |
107 PermissionsParser::GetOptionalPermissions(extension()); | 111 PermissionsParser::GetOptionalPermissions(extension()); |
108 const PermissionSet& required = | 112 const PermissionSet& required = |
109 PermissionsParser::GetRequiredPermissions(extension()); | 113 PermissionsParser::GetRequiredPermissions(extension()); |
110 if (!optional.Contains(*permissions) || | 114 if (!optional.Contains(*permissions) || |
111 !scoped_ptr<const PermissionSet>( | 115 !std::unique_ptr<const PermissionSet>( |
112 PermissionSet::CreateIntersection(*permissions, required)) | 116 PermissionSet::CreateIntersection(*permissions, required)) |
113 ->IsEmpty()) { | 117 ->IsEmpty()) { |
114 error_ = kCantRemoveRequiredPermissionsError; | 118 error_ = kCantRemoveRequiredPermissionsError; |
115 return false; | 119 return false; |
116 } | 120 } |
117 | 121 |
118 // Only try and remove those permissions that are active on the extension. | 122 // Only try and remove those permissions that are active on the extension. |
119 // For backwards compatability with behavior before this check was added, just | 123 // For backwards compatability with behavior before this check was added, just |
120 // silently remove any that aren't present. | 124 // silently remove any that aren't present. |
121 permissions = PermissionSet::CreateIntersection( | 125 permissions = PermissionSet::CreateIntersection( |
(...skipping 24 matching lines...) Expand all Loading... |
146 bool PermissionsRequestFunction::RunAsync() { | 150 bool PermissionsRequestFunction::RunAsync() { |
147 results_ = Request::Results::Create(false); | 151 results_ = Request::Results::Create(false); |
148 | 152 |
149 if (!user_gesture() && | 153 if (!user_gesture() && |
150 !ignore_user_gesture_for_tests && | 154 !ignore_user_gesture_for_tests && |
151 extension_->location() != Manifest::COMPONENT) { | 155 extension_->location() != Manifest::COMPONENT) { |
152 error_ = kUserGestureRequiredError; | 156 error_ = kUserGestureRequiredError; |
153 return false; | 157 return false; |
154 } | 158 } |
155 | 159 |
156 scoped_ptr<Request::Params> params(Request::Params::Create(*args_)); | 160 std::unique_ptr<Request::Params> params(Request::Params::Create(*args_)); |
157 EXTENSION_FUNCTION_VALIDATE(params); | 161 EXTENSION_FUNCTION_VALIDATE(params); |
158 | 162 |
159 requested_permissions_ = helpers::UnpackPermissionSet( | 163 requested_permissions_ = helpers::UnpackPermissionSet( |
160 params->permissions, | 164 params->permissions, |
161 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), | 165 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()), |
162 &error_); | 166 &error_); |
163 if (!requested_permissions_.get()) | 167 if (!requested_permissions_.get()) |
164 return false; | 168 return false; |
165 | 169 |
166 // Make sure they're only requesting permissions supported by this API. | 170 // Make sure they're only requesting permissions supported by this API. |
(...skipping 17 matching lines...) Expand all Loading... |
184 // Automatically declines api permissions requests, which are blocked by | 188 // Automatically declines api permissions requests, which are blocked by |
185 // enterprise policy. | 189 // enterprise policy. |
186 if (!ExtensionManagementFactory::GetForBrowserContext(GetProfile()) | 190 if (!ExtensionManagementFactory::GetForBrowserContext(GetProfile()) |
187 ->IsPermissionSetAllowed(extension(), *requested_permissions_)) { | 191 ->IsPermissionSetAllowed(extension(), *requested_permissions_)) { |
188 error_ = kBlockedByEnterprisePolicy; | 192 error_ = kBlockedByEnterprisePolicy; |
189 return false; | 193 return false; |
190 } | 194 } |
191 | 195 |
192 // We don't need to prompt the user if the requested permissions are a subset | 196 // We don't need to prompt the user if the requested permissions are a subset |
193 // of the granted permissions set. | 197 // of the granted permissions set. |
194 scoped_ptr<const PermissionSet> granted = | 198 std::unique_ptr<const PermissionSet> granted = |
195 ExtensionPrefs::Get(GetProfile()) | 199 ExtensionPrefs::Get(GetProfile()) |
196 ->GetGrantedPermissions(extension()->id()); | 200 ->GetGrantedPermissions(extension()->id()); |
197 if (granted.get() && granted->Contains(*requested_permissions_)) { | 201 if (granted.get() && granted->Contains(*requested_permissions_)) { |
198 PermissionsUpdater perms_updater(GetProfile()); | 202 PermissionsUpdater perms_updater(GetProfile()); |
199 perms_updater.AddPermissions(extension(), *requested_permissions_); | 203 perms_updater.AddPermissions(extension(), *requested_permissions_); |
200 results_ = Request::Results::Create(true); | 204 results_ = Request::Results::Create(true); |
201 SendResponse(true); | 205 SendResponse(true); |
202 return true; | 206 return true; |
203 } | 207 } |
204 | 208 |
(...skipping 23 matching lines...) Expand all Loading... |
228 OnInstallPromptDone(ExtensionInstallPrompt::Result::ACCEPTED); | 232 OnInstallPromptDone(ExtensionInstallPrompt::Result::ACCEPTED); |
229 } else if (auto_confirm_for_tests == ABORT) { | 233 } else if (auto_confirm_for_tests == ABORT) { |
230 // Pretend the user clicked cancel. | 234 // Pretend the user clicked cancel. |
231 OnInstallPromptDone(ExtensionInstallPrompt::Result::USER_CANCELED); | 235 OnInstallPromptDone(ExtensionInstallPrompt::Result::USER_CANCELED); |
232 } else { | 236 } else { |
233 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); | 237 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests); |
234 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents())); | 238 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents())); |
235 install_ui_->ShowDialog( | 239 install_ui_->ShowDialog( |
236 base::Bind(&PermissionsRequestFunction::OnInstallPromptDone, this), | 240 base::Bind(&PermissionsRequestFunction::OnInstallPromptDone, this), |
237 extension(), nullptr, | 241 extension(), nullptr, |
238 make_scoped_ptr(new ExtensionInstallPrompt::Prompt( | 242 base::WrapUnique(new ExtensionInstallPrompt::Prompt( |
239 ExtensionInstallPrompt::PERMISSIONS_PROMPT)), | 243 ExtensionInstallPrompt::PERMISSIONS_PROMPT)), |
240 requested_permissions_->Clone(), | 244 requested_permissions_->Clone(), |
241 ExtensionInstallPrompt::GetDefaultShowDialogCallback()); | 245 ExtensionInstallPrompt::GetDefaultShowDialogCallback()); |
242 } | 246 } |
243 | 247 |
244 return true; | 248 return true; |
245 } | 249 } |
246 | 250 |
247 void PermissionsRequestFunction::OnInstallPromptDone( | 251 void PermissionsRequestFunction::OnInstallPromptDone( |
248 ExtensionInstallPrompt::Result result) { | 252 ExtensionInstallPrompt::Result result) { |
249 if (result == ExtensionInstallPrompt::Result::ACCEPTED) { | 253 if (result == ExtensionInstallPrompt::Result::ACCEPTED) { |
250 PermissionsUpdater perms_updater(GetProfile()); | 254 PermissionsUpdater perms_updater(GetProfile()); |
251 perms_updater.AddPermissions(extension(), *requested_permissions_); | 255 perms_updater.AddPermissions(extension(), *requested_permissions_); |
252 | 256 |
253 results_ = Request::Results::Create(true); | 257 results_ = Request::Results::Create(true); |
254 } | 258 } |
255 | 259 |
256 SendResponse(true); | 260 SendResponse(true); |
257 Release(); // Balanced in RunAsync(). | 261 Release(); // Balanced in RunAsync(). |
258 } | 262 } |
259 | 263 |
260 } // namespace extensions | 264 } // namespace extensions |
OLD | NEW |