chrome/browser/extensions/extension_service.cc - Issue 2019423007: Re-enable extensions disabled due to permission increase if they have all permissions

Side by Side Diff: chrome/browser/extensions/extension_service.cc

Issue 2019423007: Re-enable extensions disabled due to permission increase if they have all permissions (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ext_update_test

Patch Set: fix startup, add tests Created 4 years, 6 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/extensions/extension_service.h"	5 #include "chrome/browser/extensions/extension_service.h"

6	6

7 #include <stddef.h>	7 #include <stddef.h>

8	8

9 #include <algorithm>	9 #include <algorithm>

10 #include <iterator>	10 #include <iterator>

(...skipping 1593 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
1604 extension->GetType());	1604 extension->GetType());

1605	1605

1606 // If there was no privilege increase, the extension might still have new	1606 // If there was no privilege increase, the extension might still have new

1607 // permissions (which either don't generate a warning message, or whose	1607 // permissions (which either don't generate a warning message, or whose

1608 // warning messages are suppressed by existing permissions). Grant the new	1608 // warning messages are suppressed by existing permissions). Grant the new

1609 // permissions.	1609 // permissions.

1610 if (!is_privilege_increase)	1610 if (!is_privilege_increase)

1611 GrantPermissions(extension);	1611 GrantPermissions(extension);

1612 }	1612 }

1613	1613

1614 if (is_extension_installed) {	1614 bool previously_disabled =

1615 // If the extension was already disabled, suppress any alerts for becoming	1615 extension_prefs_->IsExtensionDisabled(extension->id());

1616 // disabled on permissions increase.	1616 if (is_extension_installed && previously_disabled) {

1617 bool previously_disabled =

1618 extension_prefs_->IsExtensionDisabled(extension->id());

1619 // Legacy disabled extensions do not have a disable reason. Infer that it	1617 // Legacy disabled extensions do not have a disable reason. Infer that it

1620 // was likely disabled by the user.	1618 // was likely disabled by the user.

1621 if (previously_disabled && disable_reasons == Extension::DISABLE_NONE)	1619 if (disable_reasons == Extension::DISABLE_NONE)

1622 disable_reasons \|= Extension::DISABLE_USER_ACTION;	1620 disable_reasons \|= Extension::DISABLE_USER_ACTION;

1623	1621

1624 // Extensions that came to us disabled from sync need a similar inference,	1622 // Extensions that came to us disabled from sync need a similar inference,

1625 // except based on the new version's permissions.	1623 // except based on the new version's permissions.

1626 // TODO(treib,devlin): Since M48, DISABLE_UNKNOWN_FROM_SYNC isn't used	1624 // TODO(treib,devlin): Since M48, DISABLE_UNKNOWN_FROM_SYNC isn't used

1627 // anymore; this code is still here to migrate any existing old state.	1625 // anymore; this code is still here to migrate any existing old state.

1628 // Remove it after some grace period.	1626 // Remove it after some grace period.

1629 if (previously_disabled &&	1627 if (disable_reasons & Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC) {

1630 (disable_reasons & Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC)) {

1631 // Remove the DISABLE_UNKNOWN_FROM_SYNC reason.	1628 // Remove the DISABLE_UNKNOWN_FROM_SYNC reason.

1632 disable_reasons &= ~Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC;	1629 disable_reasons &= ~Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC;

1633 extension_prefs_->RemoveDisableReason(	1630 extension_prefs_->RemoveDisableReason(

1634 extension->id(), Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC);	1631 extension->id(), Extension::DEPRECATED_DISABLE_UNKNOWN_FROM_SYNC);

1635 // If there was no privilege increase, it was likely disabled by the user.	1632 // If there was no privilege increase, it was likely disabled by the user.

1636 if (!is_privilege_increase)	1633 if (!is_privilege_increase)

1637 disable_reasons \|= Extension::DISABLE_USER_ACTION;	1634 disable_reasons \|= Extension::DISABLE_USER_ACTION;

1638 }	1635 }

1639 }	1636 }

1640	1637

	1638 // If the extension is disabled due to a permissions increase, but does in

	1639 // fact have all permissions, remove that disable reason.
	Marc Treib 2016/06/10 14:12:17 To make the "startup" case work, I had to pull thi To make the "startup" case work, I had to pull this out of the "if (is_extension_installed)" - turns out \|is_extension_installed\| is false during startup, even if the extension was previously installed. Misleading names ftw :-/ In fact, I can't see a reason why this check is even there at all. Removing it doesn't seem to break anything, though from experience, that doesn't mean much... Devlin 2016/06/10 19:05:52 Can you add a TODO to rename it on line 1442? Som Show quoted text On 2016/06/10 14:12:17, Marc Treib wrote: > To make the "startup" case work, I had to pull this out of the "if > (is_extension_installed)" - turns out \|is_extension_installed\| is false during > startup, even if the extension was previously installed. Misleading names ftw > :-/ > In fact, I can't see a reason why this check is even there at all. Removing it > doesn't seem to break anything, though from experience, that doesn't mean > much... Can you add a TODO to rename it on line 1442? Something like: // TODO([devlin\|treib]): This is incorrect during startup, where the extension isn't already loaded, but may have been installed. (option b: rename it in this CL - up to you ;)) Marc Treib 2016/06/13 11:54:59 Done. I also added a TODO in CheckPermissionsIncre Show quoted text On 2016/06/10 19:05:52, Devlin wrote: > On 2016/06/10 14:12:17, Marc Treib wrote: > > To make the "startup" case work, I had to pull this out of the "if > > (is_extension_installed)" - turns out \|is_extension_installed\| is false during > > startup, even if the extension was previously installed. Misleading names ftw > > :-/ > > In fact, I can't see a reason why this check is even there at all. Removing it > > doesn't seem to break anything, though from experience, that doesn't mean > > much... > > Can you add a TODO to rename it on line 1442? Something like: > // TODO([devlin\|treib]): This is incorrect during startup, where the extension > isn't already loaded, but may have been installed. Done. I also added a TODO in CheckPermissionsIncrease, (a) to explain the same thing, a (2) since I think we don't actually need it there. Show quoted text > (option b: rename it in this CL - up to you ;)) Sure, I can do that - what would be a good name? is_extension_loaded? Devlin 2016/06/13 13:51:50 is_extension_loaded sgtm Show quoted text On 2016/06/13 11:54:59, Marc Treib wrote: > On 2016/06/10 19:05:52, Devlin wrote: > > On 2016/06/10 14:12:17, Marc Treib wrote: > > > To make the "startup" case work, I had to pull this out of the "if > > > (is_extension_installed)" - turns out \|is_extension_installed\| is false > during > > > startup, even if the extension was previously installed. Misleading names > ftw > > > :-/ > > > In fact, I can't see a reason why this check is even there at all. Removing > it > > > doesn't seem to break anything, though from experience, that doesn't mean > > > much... > > > > Can you add a TODO to rename it on line 1442? Something like: > > // TODO([devlin\|treib]): This is incorrect during startup, where the extension > > isn't already loaded, but may have been installed. > > Done. > I also added a TODO in CheckPermissionsIncrease, (a) to explain the same thing, > a (2) since I think we don't actually need it there. > > > (option b: rename it in this CL - up to you ;)) > > Sure, I can do that - what would be a good name? is_extension_loaded? is_extension_loaded sgtm Marc Treib 2016/06/14 15:24:26 Done, and removed/updated the TODOs accordingly. Show quoted text On 2016/06/13 13:51:50, Devlin wrote: > On 2016/06/13 11:54:59, Marc Treib wrote: > > On 2016/06/10 19:05:52, Devlin wrote: > > > On 2016/06/10 14:12:17, Marc Treib wrote: > > > > To make the "startup" case work, I had to pull this out of the "if > > > > (is_extension_installed)" - turns out \|is_extension_installed\| is false > > during > > > > startup, even if the extension was previously installed. Misleading names > > ftw > > > > :-/ > > > > In fact, I can't see a reason why this check is even there at all. > Removing > > it > > > > doesn't seem to break anything, though from experience, that doesn't mean > > > > much... > > > > > > Can you add a TODO to rename it on line 1442? Something like: > > > // TODO([devlin\|treib]): This is incorrect during startup, where the > extension > > > isn't already loaded, but may have been installed. > > > > Done. > > I also added a TODO in CheckPermissionsIncrease, (a) to explain the same > thing, > > a (2) since I think we don't actually need it there. > > > > > (option b: rename it in this CL - up to you ;)) > > > > Sure, I can do that - what would be a good name? is_extension_loaded? > > is_extension_loaded sgtm Done, and removed/updated the TODOs accordingly.
	1640 if (previously_disabled && !is_privilege_increase &&
	Devlin 2016/06/10 19:05:52 Add: // TODO(devlin): This was added to fix crbug. Add: // TODO(devlin): This was added to fix crbug.com/616474, but it's unclear // if this behavior should stay forever. Marc Treib 2016/06/13 11:54:59 Done. Show quoted text On 2016/06/10 19:05:52, Devlin wrote: > Add: > // TODO(devlin): This was added to fix crbug.com/616474, but it's unclear > // if this behavior should stay forever. Done.
	1641 (disable_reasons & Extension::DISABLE_PERMISSIONS_INCREASE)) {

	1642 disable_reasons &= ~Extension::DISABLE_PERMISSIONS_INCREASE;

	1643 extension_prefs_->RemoveDisableReason(

	1644 extension->id(), Extension::DISABLE_PERMISSIONS_INCREASE);
	Devlin 2016/06/10 19:05:52 I wonder if we should add some UMA for this. I'm I wonder if we should add some UMA for this. I'm expecting this to be relatively rare, but if we see ourselves re-enabling bunches of extensions, it'd at least be good to know. Marc Treib 2016/06/13 11:54:59 Added a binary histogram. PTAL. Show quoted text On 2016/06/10 19:05:52, Devlin wrote: > I wonder if we should add some UMA for this. I'm expecting this to be > relatively rare, but if we see ourselves re-enabling bunches of extensions, it'd > at least be good to know. Added a binary histogram. PTAL.
	1645 }

	1646

1641 // Extension has changed permissions significantly. Disable it. A	1647 // Extension has changed permissions significantly. Disable it. A

1642 // notification should be sent by the caller. If the extension is already	1648 // notification should be sent by the caller. If the extension is already

1643 // disabled because it was installed remotely, don't add another disable	1649 // disabled because it was installed remotely, don't add another disable

1644 // reason.	1650 // reason.

1645 if (is_privilege_increase &&	1651 if (is_privilege_increase &&

1646 !(disable_reasons & Extension::DISABLE_REMOTE_INSTALL)) {	1652 !(disable_reasons & Extension::DISABLE_REMOTE_INSTALL)) {

1647 disable_reasons \|= Extension::DISABLE_PERMISSIONS_INCREASE;	1653 disable_reasons \|= Extension::DISABLE_PERMISSIONS_INCREASE;

1648 if (!extension_prefs_->DidExtensionEscalatePermissions(extension->id()))	1654 if (!extension_prefs_->DidExtensionEscalatePermissions(extension->id()))

1649 RecordPermissionMessagesHistogram(extension, "AutoDisable");	1655 RecordPermissionMessagesHistogram(extension, "AutoDisable");

1650	1656

1651 #if defined(ENABLE_SUPERVISED_USERS)	1657 #if defined(ENABLE_SUPERVISED_USERS)

1652 // If a custodian-installed extension is disabled for a supervised user due	1658 // If a custodian-installed extension is disabled for a supervised user due

1653 // to a permissions increase, send a request to the custodian if the	1659 // to a permissions increase, send a request to the custodian if the

1654 // supervised user themselves can't re-enable the extension.	1660 // supervised user themselves can't re-enable the extension.

1655 if (extensions::util::IsExtensionSupervised(extension, profile_) &&	1661 if (extensions::util::IsExtensionSupervised(extension, profile_) &&

1656 extensions::util::NeedCustodianApprovalForPermissionIncrease(	1662 extensions::util::NeedCustodianApprovalForPermissionIncrease(

1657 profile_) &&	1663 profile_) &&

1658 !ExtensionSyncService::Get(profile_)->HasPendingReenable(	1664 !ExtensionSyncService::Get(profile_)->HasPendingReenable(

1659 extension->id(), *extension->version())) {	1665 extension->id(), *extension->version())) {

1660 SupervisedUserService* supervised_user_service =	1666 SupervisedUserService* supervised_user_service =

1661 SupervisedUserServiceFactory::GetForProfile(profile_);	1667 SupervisedUserServiceFactory::GetForProfile(profile_);

1662 supervised_user_service->AddExtensionUpdateRequest(extension->id(),	1668 supervised_user_service->AddExtensionUpdateRequest(extension->id(),

1663 *extension->version());	1669 *extension->version());

1664 }	1670 }

1665 #endif	1671 #endif

1666 }	1672 }

1667 if (disable_reasons != Extension::DISABLE_NONE)	1673

	1674 if (disable_reasons == Extension::DISABLE_NONE)

	1675 extension_prefs_->SetExtensionEnabled(extension->id());

	1676 else

1668 extension_prefs_->SetExtensionDisabled(extension->id(), disable_reasons);	1677 extension_prefs_->SetExtensionDisabled(extension->id(), disable_reasons);

1669 }	1678 }

1670	1679

1671 void ExtensionService::UpdateActiveExtensionsInCrashReporter() {	1680 void ExtensionService::UpdateActiveExtensionsInCrashReporter() {

1672 std::set<std::string> extension_ids;	1681 std::set<std::string> extension_ids;

1673 for (const auto& extension : registry_->enabled_extensions()) {	1682 for (const auto& extension : registry_->enabled_extensions()) {

1674 if (!extension->is_theme() && extension->location() != Manifest::COMPONENT)	1683 if (!extension->is_theme() && extension->location() != Manifest::COMPONENT)

1675 extension_ids.insert(extension->id());	1684 extension_ids.insert(extension->id());

1676 }	1685 }

1677	1686

(...skipping 757 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
2435 }	2444 }

2436	2445

2437 void ExtensionService::OnProfileDestructionStarted() {	2446 void ExtensionService::OnProfileDestructionStarted() {

2438 ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs();	2447 ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs();

2439 for (ExtensionIdSet::iterator it = ids_to_unload.begin();	2448 for (ExtensionIdSet::iterator it = ids_to_unload.begin();

2440 it != ids_to_unload.end();	2449 it != ids_to_unload.end();

2441 ++it) {	2450 ++it) {

2442 UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN);	2451 UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN);

2443 }	2452 }

2444 }	2453 }

OLD	NEW

« no previous file with comments | « no previous file | chrome/browser/extensions/extension_service_unittest.cc » ('j') | no next file with comments »