Public Sessions - prompt the user for pageCapture requests

chrome/browser/chromeos/extensions/public_session_permission_helper.h

Index: chrome/browser/chromeos/extensions/public_session_permission_helper.h
diff --git a/chrome/browser/chromeos/extensions/public_session_permission_helper.h b/chrome/browser/chromeos/extensions/public_session_permission_helper.h
new file mode 100644
index 0000000000000000000000000000000000000000..dcb9d13afebd935fa65f0b8bf13c0cd4e47f1584
--- /dev/null
+++ b/chrome/browser/chromeos/extensions/public_session_permission_helper.h
@@ -0,0 +1,110 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_
+#define CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_
+
+#include <memory>
+#include <set>
+#include <vector>
+
+#include "base/callback_forward.h"
+#include "base/macros.h"
+#include "chrome/browser/extensions/extension_install_prompt.h"
+#include "extensions/common/extension_id.h"
+#include "extensions/common/permissions/api_permission.h"
+#include "extensions/common/permissions/api_permission_set.h"
+
+namespace content {
+class WebContents;
+}
+
+namespace extensions {
+
+class Extension;
+
+// In Public Sessions, extensions (and apps) are force-installed by admin policy
+// so the user does not get a chance to review the permissions for these
+// extensions. This is not acceptable from a security/privacy standpoint, so
+// when an extension uses one of the sensitive APIs for the first time, we show
+// the user a dialog where they can choose whether to allow the extension access
+// to the API.
+//
+// This class encapsulates the common functionality needed to show permission
+// requests to the user and to cache the user choices. The interface exposes two
+// functions which are used to request additional permissions, or to query the
+// currently granted permissions.
+class PublicSessionPermissionHelper {
+ private:
+  // ContainsAnyID function accepts only std::set<APIPermission::ID> argument,

[Devlin, 2017/01/30 17:04:17]

nitty nit: PermissionIDSet::ContainsAnyID()

[Ivan Šandrk, 2017/01/30 18:14:20]

Done.

+  // therefore PermissionHelperSet is used in this class.
+  using PermissionHelperSet = std::set<APIPermission::ID>;
+
+ public:
+  // Sets up the prompt asking the user for additional permission(s), handles
+  // the result, caches it, and then runs either success_callback or
+  // failure_callback depending on all permissions being allowed.
+  //
+  // Supports handling multiple requests for the same permission(s). Only the
+  // first request causes the prompt to be shown, subsequent ones are just
+  // enqueued to be called when the permission(s) is resolved.
+  //
+  // Caller must ensure that web_contents is valid. Must be called on UI thread.
+  //
+  // If finer resolving is needed, pass the same function in both callbacks and
+  // check the individual permissions by calling PermissionAllowed inside your
+  // function.
+  static void HandlePermissionRequest(const Extension& extension,
+                                      PermissionHelperSet requested_permissions,
+                                      content::WebContents* web_contents,
+                                      const base::Closure& success_callback,
+                                      const base::Closure& failure_callback);
+
+  // Used to check whether a certain permission is allowed. Useful only if
+  // called inside success/failure callbacks.
+  static bool PermissionAllowed(ExtensionId extension_id,
+                                APIPermission::ID permission_id);
+
+  PublicSessionPermissionHelper();
+  PublicSessionPermissionHelper(PublicSessionPermissionHelper&& other);
+  ~PublicSessionPermissionHelper();
+
+ private:
+  void HandlePermissionRequestImpl(const Extension& extension,
+                                   PermissionHelperSet requested_permissions,
+                                   content::WebContents* web_contents,
+                                   const base::Closure& success_callback,
+                                   const base::Closure& failure_callback);
+
+  bool PermissionAllowedImpl(APIPermission::ID permission_id);
+
+  void ResolvePermissionPrompt(
+      const std::unique_ptr<ExtensionInstallPrompt>* prompt,
+      PermissionIDSet unprompted_permissions,
+      ExtensionInstallPrompt::Result prompt_result);
+
+  struct RequestCallback {
+    RequestCallback(const base::Closure& success_callback,
+                    const base::Closure& failure_callback,
+                    const PermissionHelperSet& permission_list);
+    RequestCallback(const RequestCallback& other);
+    ~RequestCallback();
+    base::Closure success_callback;
+    base::Closure failure_callback;
+    PermissionHelperSet permission_list;
+  };
+  using RequestCallbackList = std::vector<RequestCallback>;
+
+  std::set<std::unique_ptr<ExtensionInstallPrompt>> prompts_;
+  PermissionIDSet prompted_permission_set_;
+  PermissionIDSet allowed_permission_set_;
+  PermissionIDSet denied_permission_set_;
+  RequestCallbackList callbacks_;
+
+  DISALLOW_COPY_AND_ASSIGN(PublicSessionPermissionHelper);
+};
+
+}  // namespace extensions
+
+#endif  // CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_