Chromium Code Reviews Chromium Code Reviews
Issue 2499493004:
Communicate ExtensionSettings policy to renderers (Closed)
| Index: chrome/browser/extensions/content_script_apitest.cc |
| diff --git a/chrome/browser/extensions/content_script_apitest.cc b/chrome/browser/extensions/content_script_apitest.cc |
| index 37d131735f5f2eedeb285f4c895864f259e8fab8..15fa267ad454afec8e0b98d5cbd3a6cbf52a50fb 100644 |
| --- a/chrome/browser/extensions/content_script_apitest.cc |
| +++ b/chrome/browser/extensions/content_script_apitest.cc |
| @@ -13,7 +13,10 @@ |
| #include "build/build_config.h" |
| #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
| #include "chrome/browser/extensions/extension_apitest.h" |
| +#include "chrome/browser/extensions/extension_management_constants.h" |
| +#include "chrome/browser/extensions/extension_management_test_util.h" |
| #include "chrome/browser/extensions/extension_service.h" |
| +#include "chrome/browser/extensions/extension_with_management_policy_apitest.h" |
| #include "chrome/browser/extensions/test_extension_dir.h" |
| #include "chrome/browser/ui/browser.h" |
| #include "chrome/browser/ui/tabs/tab_strip_model.h" |
| @@ -21,6 +24,8 @@ |
| #include "chrome/test/base/ui_test_utils.h" |
| #include "components/app_modal/javascript_dialog_extensions_client.h" |
| #include "components/app_modal/javascript_dialog_manager.h" |
| +#include "components/policy/core/browser/browser_policy_connector.h" |
| +#include "components/policy/core/common/mock_configuration_policy_provider.h" |
| #include "content/public/browser/javascript_dialog_manager.h" |
| #include "content/public/browser/render_frame_host.h" |
| #include "content/public/browser/web_contents.h" |
| @@ -329,7 +334,7 @@ class ContentScriptCssInjectionTest : public ExtensionApiTest { |
| // can't use the real Webstore's URL. If this changes, we could clean this |
| // up. |
| command_line->AppendSwitchASCII( |
| - switches::kAppsGalleryURL, |
| + ::switches::kAppsGalleryURL, |
|
asargent_no_longer_on_chrome
2016/11/23 01:19:23
why this change? (maybe the missing closing brace
nrpeter
2017/01/02 19:57:44
Done.
|
| base::StringPrintf("http://%s", kWebstoreDomain)); |
| } |
| }; |
| @@ -468,9 +473,15 @@ IN_PROC_BROWSER_TEST_F(ExtensionApiTest, ContentScriptExtensionAPIs) { |
| #else |
| #define MAYBE_ContentScriptPermissionsApi ContentScriptPermissionsApi |
| #endif |
| -IN_PROC_BROWSER_TEST_F(ExtensionApiTest, MAYBE_ContentScriptPermissionsApi) { |
| - extensions::PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
| - extensions::PermissionsRequestFunction::SetAutoConfirmForTests(true); |
| +IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy, |
| + MAYBE_ContentScriptPermissionsApi) { |
| + // Set enterprise policy to block injection to policy specified host. |
| + { |
| + ExtensionManagementPolicyUpdater pref(&policy_provider_); |
| + pref.AddRuntimeBlockedHost("*", "*://example.com/*"); |
| + } |
| + PermissionsRequestFunction::SetAutoConfirmForTests(true); |
| + PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
| host_resolver()->AddRule("*.com", "127.0.0.1"); |
| ASSERT_TRUE(StartEmbeddedTestServer()); |
| ASSERT_TRUE(RunExtensionTest("content_scripts/permissions")) << message_; |
| @@ -666,4 +677,44 @@ IN_PROC_BROWSER_TEST_F(ExtensionApiTest, |
| EXPECT_FALSE(content_script_listener.was_satisfied()); |
| } |
| +// Test that optional permissions blocked by enterprise policy will be denied |
| +// automatically. |
| +IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy, |
| + InjectAttemptBlockedByPolicy) { |
| + // Set enterprise policy to block injection to policy specified host. |
| + { |
| + ExtensionManagementPolicyUpdater pref(&policy_provider_); |
| + pref.AddRuntimeBlockedHost("*", "*://example.com/*"); |
| + } |
| + // Set auto confirm UI flag. |
| + PermissionsRequestFunction::SetAutoConfirmForTests(true); |
| + PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
| + |
| + ASSERT_TRUE(StartEmbeddedTestServer()); |
| + |
| + LoadExtension( |
| + test_data_dir_.AppendASCII("content_scripts/policy_blocked")); |
| + |
| + // Injection should happen as our local server isn't on example.com. |
| + ResultCatcher catcher; |
| + ui_test_utils::NavigateToURL( |
| + browser(), |
| + embedded_test_server()->GetURL( |
| + "/extensions/api_test/content_scripts/policy_blocked/inject.html")); |
| + EXPECT_FALSE(catcher.GetNextResult()); |
| + |
| + // Set enterprise policy to block injection to policy specified host. |
| + { |
| + ExtensionManagementPolicyUpdater pref(&policy_provider_); |
| + pref.AddRuntimeBlockedHost("*", "*://*/*"); |
| + } |
| + |
| + // Injection should NOT happen as policy blocks ALL scheme/host/port/path. |
| + ui_test_utils::NavigateToURL( |
| + browser(), |
| + embedded_test_server()->GetURL( |
| + "/extensions/api_test/content_scripts/policy_blocked/inject.html")); |
| + EXPECT_TRUE(catcher.GetNextResult()); |
| +} |
| + |
| } // namespace extensions |
