Support a "policy" extension location in extension features files. At the same

extensions/common/features/simple_feature.cc

 // Copyright 2014 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/common/features/simple_feature.h"
 
 #include <map>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/lazy_instance.h"
 #include "base/sha1.h"
 #include "base/strings/string_number_conversions.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "extensions/common/switches.h"
 
 namespace extensions {
 
 namespace {
 
 struct Mappings {
   Mappings() {
-    extension_types["extension"] = Manifest::TYPE_EXTENSION;
-    extension_types["theme"] = Manifest::TYPE_THEME;
-    extension_types["legacy_packaged_app"] = Manifest::TYPE_LEGACY_PACKAGED_APP;
-    extension_types["hosted_app"] = Manifest::TYPE_HOSTED_APP;
-    extension_types["platform_app"] = Manifest::TYPE_PLATFORM_APP;
-    extension_types["shared_module"] = Manifest::TYPE_SHARED_MODULE;
+    extension_types["extension"].push_back(Manifest::TYPE_EXTENSION);

[not at google - send to devlin, 2014/04/17 21:33:14]

I'm not... super happy about these changes.

[Yoyo Zhou, 2014/04/17 21:53:12]

Can you replace Manifest::Location with something like a LocationClass that
matches multiple Manifest::Locations? We already have a custom notion of
location for Features, so why not replace it with a different custom notion?

[not at google - send to devlin, 2014/04/17 21:59:31]

I found the old way of doing that a bit awkward; exposing a utility method and
calling it from the right places.

but it would be a less extreme change.

[Yoyo Zhou, 2014/04/17 22:00:30]

You don't have to expose it. Just pass in the Manifest::Location to
IsAvailable...().

+    extension_types["theme"].push_back(Manifest::TYPE_THEME);
+    extension_types["legacy_packaged_app"].push_back(
+        Manifest::TYPE_LEGACY_PACKAGED_APP);
+    extension_types["hosted_app"].push_back(Manifest::TYPE_HOSTED_APP);
+    extension_types["platform_app"].push_back(Manifest::TYPE_PLATFORM_APP);
+    extension_types["shared_module"].push_back(Manifest::TYPE_SHARED_MODULE);
 
-    contexts["blessed_extension"] = Feature::BLESSED_EXTENSION_CONTEXT;
-    contexts["unblessed_extension"] = Feature::UNBLESSED_EXTENSION_CONTEXT;
-    contexts["content_script"] = Feature::CONTENT_SCRIPT_CONTEXT;
-    contexts["web_page"] = Feature::WEB_PAGE_CONTEXT;
-    contexts["blessed_web_page"] = Feature::BLESSED_WEB_PAGE_CONTEXT;
+    contexts["blessed_extension"].push_back(Feature::BLESSED_EXTENSION_CONTEXT);
+    contexts["unblessed_extension"].push_back(
+        Feature::UNBLESSED_EXTENSION_CONTEXT);
+    contexts["content_script"].push_back(Feature::CONTENT_SCRIPT_CONTEXT);
+    contexts["web_page"].push_back(Feature::WEB_PAGE_CONTEXT);
+    contexts["blessed_web_page"].push_back(Feature::BLESSED_WEB_PAGE_CONTEXT);
 
-    locations["component"] = Feature::COMPONENT_LOCATION;
+    locations["component"].push_back(Manifest::COMPONENT);
+    locations["component"].push_back(Manifest::EXTERNAL_COMPONENT);
+    locations["policy"].push_back(Manifest::EXTERNAL_POLICY_DOWNLOAD);
+    locations["policy"].push_back(Manifest::EXTERNAL_POLICY);
 
-    platforms["chromeos"] = Feature::CHROMEOS_PLATFORM;
-    platforms["linux"] = Feature::LINUX_PLATFORM;
-    platforms["mac"] = Feature::MACOSX_PLATFORM;
-    platforms["win"] = Feature::WIN_PLATFORM;
+    platforms["chromeos"].push_back(Feature::CHROMEOS_PLATFORM);
+    platforms["linux"].push_back(Feature::LINUX_PLATFORM);
+    platforms["mac"].push_back(Feature::MACOSX_PLATFORM);
+    platforms["win"].push_back(Feature::WIN_PLATFORM);
   }
 
-  std::map<std::string, Manifest::Type> extension_types;
-  std::map<std::string, Feature::Context> contexts;
-  std::map<std::string, Feature::Location> locations;
-  std::map<std::string, Feature::Platform> platforms;
+  std::map<std::string, std::vector<Manifest::Type> > extension_types;
+  std::map<std::string, std::vector<Feature::Context> > contexts;
+  std::map<std::string, std::vector<Manifest::Location> > locations;
+  std::map<std::string, std::vector<Feature::Platform> > platforms;
 };
 
 base::LazyInstance<Mappings> g_mappings = LAZY_INSTANCE_INITIALIZER;
 
 // TODO(aa): Can we replace all this manual parsing with JSON schema stuff?
 
 void ParseSet(const base::DictionaryValue* value,
               const std::string& property,
               std::set<std::string>* set) {
   const base::ListValue* list_value = NULL;
   if (!value->GetList(property, &list_value))
     return;
 
   set->clear();
   for (size_t i = 0; i < list_value->GetSize(); ++i) {
     std::string str_val;
     CHECK(list_value->GetString(i, &str_val)) << property << " " << i;
     set->insert(str_val);
   }
 }
 
-template<typename T>
-void ParseEnum(const std::string& string_value,
-               T* enum_value,
-               const std::map<std::string, T>& mapping) {
-  typename std::map<std::string, T>::const_iterator iter =
+template <typename T>
+void ParseEnumHelper(const std::string& string_value,
+                     const std::map<std::string, std::vector<T> >& mapping,
+                     std::set<T>* enum_set) {
+  typename std::map<std::string, std::vector<T> >::const_iterator iter =
       mapping.find(string_value);
   CHECK(iter != mapping.end()) << string_value;
-  *enum_value = iter->second;
+  enum_set->insert(iter->second.begin(), iter->second.end());
 }
 
-template<typename T>
-void ParseEnum(const base::DictionaryValue* value,
-               const std::string& property,
-               T* enum_value,
-               const std::map<std::string, T>& mapping) {
-  std::string string_value;
-  if (!value->GetString(property, &string_value))
-    return;
-
-  ParseEnum(string_value, enum_value, mapping);
+template <typename T>
+void ParseEnum(const std::string& string_value,
+               const std::map<std::string, std::vector<T> >& mapping,
+               std::set<T>* enum_set) {
+  enum_set->clear();
+  ParseEnumHelper(string_value, mapping, enum_set);
 }
 
-template<typename T>
+template <typename T>
 void ParseEnumSet(const base::DictionaryValue* value,
                   const std::string& property,
-                  std::set<T>* enum_set,
-                  const std::map<std::string, T>& mapping) {
+                  const std::map<std::string, std::vector<T> >& mapping,
+                  std::set<T>* enum_set) {
   if (!value->HasKey(property))
     return;
 
   enum_set->clear();
 
   std::string property_string;
   if (value->GetString(property, &property_string)) {
     if (property_string == "all") {
-      for (typename std::map<std::string, T>::const_iterator j =
-               mapping.begin(); j != mapping.end(); ++j) {
-        enum_set->insert(j->second);
+      for (typename std::map<std::string, std::vector<T> >::const_iterator j =
+               mapping.begin();
+           j != mapping.end();
+           ++j) {
+        enum_set->insert(j->second.begin(), j->second.end());
       }
     }
     return;
   }
 
   std::set<std::string> string_set;
   ParseSet(value, property, &string_set);
   for (std::set<std::string>::iterator iter = string_set.begin();
        iter != string_set.end(); ++iter) {
-    T enum_value = static_cast<T>(0);
-    ParseEnum(*iter, &enum_value, mapping);
-    enum_set->insert(enum_value);
+    ParseEnumHelper(*iter, mapping, enum_set);
   }
 }
 
 void ParseURLPatterns(const base::DictionaryValue* value,
                       const std::string& key,
                       URLPatternSet* set) {
   const base::ListValue* matches = NULL;
   if (value->GetList(key, &matches)) {
     set->ClearPatterns();
     for (size_t i = 0; i < matches->GetSize(); ++i) {
@@ skipping 78 matching lines @@
 
 std::string HashExtensionId(const std::string& extension_id) {
   const std::string id_hash = base::SHA1HashString(extension_id);
   DCHECK(id_hash.length() == base::kSHA1Length);
   return base::HexEncode(id_hash.c_str(), id_hash.length());
 }
 
 }  // namespace
 
 SimpleFeature::SimpleFeature()
-    : location_(UNSPECIFIED_LOCATION),
-      min_manifest_version_(0),
-      max_manifest_version_(0),
-      has_parent_(false) {}
+    : min_manifest_version_(0), max_manifest_version_(0), has_parent_(false) {
+}
 
 SimpleFeature::~SimpleFeature() {}
 
 void SimpleFeature::AddFilter(scoped_ptr<SimpleFeatureFilter> filter) {
   filters_.push_back(make_linked_ptr(filter.release()));
 }
 
 std::string SimpleFeature::Parse(const base::DictionaryValue* value) {
   ParseURLPatterns(value, "matches", &matches_);
   ParseSet(value, "whitelist", &whitelist_);
   ParseSet(value, "dependencies", &dependencies_);
-  ParseEnumSet<Manifest::Type>(value, "extension_types", &extension_types_,
-                                g_mappings.Get().extension_types);
-  ParseEnumSet<Context>(value, "contexts", &contexts_,
-                        g_mappings.Get().contexts);
-  ParseEnum<Location>(value, "location", &location_,
-                      g_mappings.Get().locations);
-  ParseEnumSet<Platform>(value, "platforms", &platforms_,
-                         g_mappings.Get().platforms);
+  ParseEnumSet<Manifest::Type>(value,
+                               "extension_types",
+                               g_mappings.Get().extension_types,
+                               &extension_types_);
+  // Only a single value is supported for "location", but it expands to
+  // multiple possible values.
+  std::string location;
+  if (value->GetStringWithoutPathExpansion("location", &location)) {
+    ParseEnum<Manifest::Location>(
+        location, g_mappings.Get().locations, &locations_);
+  }
+  ParseEnumSet<Context>(
+      value, "contexts", g_mappings.Get().contexts, &contexts_);
+  ParseEnumSet<Platform>(
+      value, "platforms", g_mappings.Get().platforms, &platforms_);
   value->GetInteger("min_manifest_version", &min_manifest_version_);
   value->GetInteger("max_manifest_version", &max_manifest_version_);
 
   no_parent_ = false;
   value->GetBoolean("noparent", &no_parent_);
 
   if (matches_.is_empty() && contexts_.count(WEB_PAGE_CONTEXT) != 0) {
     return name() + ": Allowing web_page contexts requires supplying a value " +
         "for matches.";
   }
 
   for (FilterList::iterator filter_iter = filters_.begin();
        filter_iter != filters_.end();
        ++filter_iter) {
     std::string result = (*filter_iter)->Parse(value);
     if (!result.empty()) {
       return result;
     }
   }
 
   return std::string();
 }
 
 Feature::Availability SimpleFeature::IsAvailableToManifest(
     const std::string& extension_id,
     Manifest::Type type,
-    Location location,
+    Manifest::Location location,
     int manifest_version,
     Platform platform) const {
-  // Check extension type first to avoid granting platform app permissions
-  // to component extensions.
-  // HACK(kalman): user script -> extension. Solve this in a more generic way
-  // when we compile feature files.
-  Manifest::Type type_to_check = (type == Manifest::TYPE_USER_SCRIPT) ?
-      Manifest::TYPE_EXTENSION : type;
   if (!extension_types_.empty() &&
-      extension_types_.find(type_to_check) == extension_types_.end()) {
+      extension_types_.find(type) == extension_types_.end()) {
     return CreateAvailability(INVALID_TYPE, type);
   }
 
   // Component extensions can access any feature.
-  if (location == COMPONENT_LOCATION)
+  if (location == Manifest::COMPONENT ||
+      location == Manifest::EXTERNAL_COMPONENT) {
     return CreateAvailability(IS_AVAILABLE, type);
+  }
 
   if (!whitelist_.empty()) {
     if (!IsIdInWhitelist(extension_id)) {
       // TODO(aa): This is gross. There should be a better way to test the
       // whitelist.
       CommandLine* command_line = CommandLine::ForCurrentProcess();
       if (!command_line->HasSwitch(switches::kWhitelistedExtensionID))
         return CreateAvailability(NOT_FOUND_IN_WHITELIST, type);
 
       std::string whitelist_switch_value =
           CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
               switches::kWhitelistedExtensionID);
       if (extension_id != whitelist_switch_value)
         return CreateAvailability(NOT_FOUND_IN_WHITELIST, type);
     }
   }
 
-  if (location_ != UNSPECIFIED_LOCATION && location_ != location)
+  if (!locations_.empty() && locations_.find(location) == locations_.end())

[Yoyo Zhou, 2014/04/17 21:53:12]

Change this test to be something like location_class_.Contains(location)

[not at google - send to devlin, 2014/04/17 23:18:11]

done sort of. I went back to how the code was before with the Location and move
the util in here. I didn't like the idea of updating that test again this time
with a "LocationClass" that's effectively an implementation detail.

     return CreateAvailability(INVALID_LOCATION, type);
 
   if (!platforms_.empty() &&
       platforms_.find(platform) == platforms_.end())
     return CreateAvailability(INVALID_PLATFORM, type);
 
   if (min_manifest_version_ != 0 && manifest_version < min_manifest_version_)
     return CreateAvailability(INVALID_MIN_MANIFEST_VERSION, type);
 
   if (max_manifest_version_ != 0 && manifest_version > max_manifest_version_)
@@ skipping 10 matching lines @@
 
   return CreateAvailability(IS_AVAILABLE, type);
 }
 
 Feature::Availability SimpleFeature::IsAvailableToContext(
     const Extension* extension,
     SimpleFeature::Context context,
     const GURL& url,
     SimpleFeature::Platform platform) const {
   if (extension) {
-    Availability result = IsAvailableToManifest(
-        extension->id(),
-        extension->GetType(),
-        ConvertLocation(extension->location()),
-        extension->manifest_version(),
-        platform);
+    Availability result = IsAvailableToManifest(extension->id(),
+                                                extension->GetType(),
+                                                extension->location(),
+                                                extension->manifest_version(),
+                                                platform);
     if (!result.is_available())
       return result;
   }
 
   if (!contexts_.empty() && contexts_.find(context) == contexts_.end())
     return CreateAvailability(INVALID_CONTEXT, context);
 
   if (!matches_.is_empty() && !matches_.MatchesURL(url))
     return CreateAvailability(INVALID_URL, url);
 
@@ skipping 125 matching lines @@
 
   if (whitelist.find(extension_id) != whitelist.end() ||
       whitelist.find(HashExtensionId(extension_id)) != whitelist.end()) {
     return true;
   }
 
   return false;
 }
 
 }  // namespace extensions