Public Sessions - prompt the user for pageCapture requests

chrome/browser/chromeos/extensions/public_session_permission_helper.h

Index: chrome/browser/chromeos/extensions/public_session_permission_helper.h
diff --git a/chrome/browser/chromeos/extensions/public_session_permission_helper.h b/chrome/browser/chromeos/extensions/public_session_permission_helper.h
new file mode 100644
index 0000000000000000000000000000000000000000..4d66f1f5cd6c75074c5363676be54deae122da46
--- /dev/null
+++ b/chrome/browser/chromeos/extensions/public_session_permission_helper.h
@@ -0,0 +1,66 @@
+// Copyright 2017 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#ifndef CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_
+#define CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_
+
+#include <memory>
+#include <set>
+
+#include "base/callback_forward.h"
+#include "extensions/common/permissions/api_permission.h"
+#include "extensions/common/permissions/api_permission_set.h"
+
+class ExtensionInstallPrompt;
+
+namespace content {
+class WebContents;
+}
+
+namespace extensions {
+
+class Extension;
+
+namespace permission_helper {
+
+using RequestResolvedCallback = base::Callback<void(const PermissionIDSet&)>;
+using PromptFactory = base::Callback<std::unique_ptr<ExtensionInstallPrompt>(
+    content::WebContents*)>;
+
+// In Public Sessions, extensions (and apps) are force-installed by admin policy
+// so the user does not get a chance to review the permissions for these
+// extensions. This is not acceptable from a security/privacy standpoint, so
+// when an extension uses one of the sensitive APIs for the first time, we show
+// the user a dialog where they can choose whether to allow the extension access
+// to the API.
+//
+// This function sets up the prompt asking the user for additional
+// permission(s), handles the result, caches it, and then runs the callback with
+// the allowed permissions as the argument.
+//
+// The user will be prompted about a certain permission only once, and that
+// choice will be cached and used in any subsequent requests that use the same
+// permission. If a request comes for a permission that is currently being
+// prompted, its callback will be queued up to be invoked when the prompt is
+// resolved.
+//
+// Caller must ensure that web_contents is valid. Must be called on UI thread.
+void HandlePermissionRequest(const Extension& extension,
+                             const PermissionIDSet& requested_permissions,
+                             content::WebContents* web_contents,
+                             const RequestResolvedCallback& callback,
+                             const PromptFactory& prompt_factory);

[Andrew T Wilson (Slow), 2017/02/11 09:23:24]

nit: document that callers can pass in a null prompt_factory callback to get the
default behavior (i.e. it's only for tests)

[Ivan Šandrk, 2017/02/13 13:18:20]

Done.

+
+// Used to completely reset state in between tests.
+void ResetPermissionsForTesting();
+
+// Sets the ExtensionInstallPrompt to be used in HandlePermissionRequest, useful
+// in testing to mock out the ExtensionInstallPrompt.
+void SetExtensionInstallPromptForTesting(

[Andrew T Wilson (Slow), 2017/02/11 09:23:24]

This function is no longer necessary, correct?

[Ivan Šandrk, 2017/02/13 13:18:20]

Correct, removed.

+    ExtensionInstallPrompt* extension_install_prompt);
+
+}  // namespace permission_helper
+}  // namespace extensions
+
+#endif  // CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_