Move permission warning message handling from PermissionSet to PermissionMessageProvider.

chrome/common/extensions/permissions/permission_set_unittest.cc

 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "base/command_line.h"
 #include "base/json/json_file_value_serializer.h"
 #include "base/logging.h"
 #include "base/path_service.h"
 #include "base/strings/utf_string_conversions.h"
 #include "chrome/common/chrome_paths.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/extensions/extension.h"
 #include "chrome/common/extensions/extension_test_util.h"
 #include "chrome/common/extensions/features/feature_channel.h"
+#include "chrome/common/extensions/permissions/app_permission_message_provider.h"
+#include "chrome/common/extensions/permissions/extension_permission_message_provider.h"
+#include "chrome/common/extensions/permissions/permission_message_util.h"
 #include "chrome/common/extensions/permissions/permission_set.h"
 #include "chrome/common/extensions/permissions/permissions_data.h"
 #include "chrome/common/extensions/permissions/socket_permission.h"
 #include "extensions/common/error_utils.h"
+#include "extensions/common/permissions/permission_message_provider.h"
 #include "extensions/common/permissions/permissions_info.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using extension_test_util::LoadManifest;
 
 namespace extensions {
 
 namespace {
 
 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
@@ skipping 529 matching lines @@
   EXPECT_EQ(expected_apis, new_set->apis());
   EXPECT_EQ(expected_explicit_hosts, new_set->explicit_hosts());
   EXPECT_EQ(expected_scriptable_hosts, new_set->scriptable_hosts());
   EXPECT_EQ(effective_hosts, new_set->effective_hosts());
 
   // |set3| = |set1| - |set2| --> |set3| intersect |set2| == empty_set
   set1 = PermissionSet::CreateIntersection(new_set.get(), set2.get());
   EXPECT_TRUE(set1->IsEmpty());
 }
 
-TEST(PermissionsTest, HasLessPrivilegesThan) {
+TEST(PermissionsTest, IsPrivilegeIncrease) {
   const struct {
     const char* base_name;
     bool expect_increase;
   } kTests[] = {
     { "allhosts1", false },  // all -> all
     { "allhosts2", false },  // all -> one
     { "allhosts3", true },  // one -> all
     { "hosts1", false },  // http://a,http://b -> http://a,http://b
     { "hosts2", true },  // http://a,http://b -> https://a,http://*.b
     { "hosts3", false },  // http://a,http://b -> http://a
@@ skipping 35 matching lines @@
     if (!new_extension.get())
       continue;
 
     scoped_refptr<const PermissionSet> old_p(
         old_extension->GetActivePermissions());
     scoped_refptr<const PermissionSet> new_p(
         new_extension->GetActivePermissions());
     Manifest::Type extension_type = old_extension->GetType();
 
     EXPECT_EQ(kTests[i].expect_increase,
-              old_p->HasLessPrivilegesThan(new_p.get(), extension_type))
+              PermissionMessageProvider::Get(extension_type)->
+                  IsPrivilegeIncrease(old_p.get(), new_p.get()))
         << kTests[i].base_name;
   }
 }
 
 TEST(PermissionsTest, PermissionMessages) {
   // Ensure that all permissions that needs to show install UI actually have
   // strings associated with them.
   APIPermissionSet skip;
 
   // These are considered "nuisance" or "trivial" permissions that don't need
@@ skipping 128 matching lines @@
   }
 }
 
 TEST(PermissionsTest, FileSystemPermissionMessages) {
   APIPermissionSet api_permissions;
   api_permissions.insert(APIPermission::kFileSystemWrite);
   api_permissions.insert(APIPermission::kFileSystemDirectory);
   scoped_refptr<PermissionSet> permissions(
       new PermissionSet(api_permissions, URLPatternSet(), URLPatternSet()));
   PermissionMessages messages =
-      permissions->GetPermissionMessages(Manifest::TYPE_PLATFORM_APP);
+      PermissionMessageProvider::Get(Manifest::TYPE_PLATFORM_APP)->
+          GetPermissionMessages(permissions);
   ASSERT_EQ(2u, messages.size());
   std::sort(messages.begin(), messages.end());
   std::set<PermissionMessage::ID> ids;
   for (PermissionMessages::const_iterator it = messages.begin();
        it != messages.end(); ++it) {
     ids.insert(it->id());
   }
   EXPECT_TRUE(ContainsKey(ids, PermissionMessage::kFileSystemDirectory));
   EXPECT_TRUE(ContainsKey(ids, PermissionMessage::kFileSystemWrite));
 }
 
 TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {
   APIPermissionSet api_permissions;
   api_permissions.insert(APIPermission::kFileSystemWrite);
   api_permissions.insert(APIPermission::kFileSystemDirectory);
   api_permissions.insert(APIPermission::kFileSystemWriteDirectory);
   scoped_refptr<PermissionSet> permissions(
       new PermissionSet(api_permissions, URLPatternSet(), URLPatternSet()));
   PermissionMessages messages =
-      permissions->GetPermissionMessages(Manifest::TYPE_PLATFORM_APP);
+      PermissionMessageProvider::Get(Manifest::TYPE_PLATFORM_APP)->
+          GetPermissionMessages(permissions);
   ASSERT_EQ(1u, messages.size());
   EXPECT_EQ(PermissionMessage::kFileSystemWriteDirectory, messages[0].id());
 }
 
 TEST(PermissionsTest, MergedFileSystemPermissionComparison) {
   APIPermissionSet write_api_permissions;
   write_api_permissions.insert(APIPermission::kFileSystemWrite);
   scoped_refptr<PermissionSet> write_permissions(new PermissionSet(
       write_api_permissions, URLPatternSet(), URLPatternSet()));
 
   APIPermissionSet directory_api_permissions;
   directory_api_permissions.insert(APIPermission::kFileSystemDirectory);
   scoped_refptr<PermissionSet> directory_permissions(new PermissionSet(
       directory_api_permissions, URLPatternSet(), URLPatternSet()));
 
   APIPermissionSet write_directory_api_permissions;
   write_directory_api_permissions.insert(
       APIPermission::kFileSystemWriteDirectory);
   scoped_refptr<PermissionSet> write_directory_permissions(new PermissionSet(
       write_directory_api_permissions, URLPatternSet(), URLPatternSet()));
 
-  EXPECT_FALSE(write_directory_permissions->HasLessPrivilegesThan(
-      write_permissions, Manifest::TYPE_PLATFORM_APP));
-  EXPECT_FALSE(write_directory_permissions->HasLessPrivilegesThan(
-      directory_permissions, Manifest::TYPE_PLATFORM_APP));
-  EXPECT_TRUE(write_permissions->HasLessPrivilegesThan(
-      directory_permissions, Manifest::TYPE_PLATFORM_APP));
-  EXPECT_TRUE(write_permissions->HasLessPrivilegesThan(
-      write_directory_permissions, Manifest::TYPE_PLATFORM_APP));
-  EXPECT_TRUE(directory_permissions->HasLessPrivilegesThan(
-      write_permissions, Manifest::TYPE_PLATFORM_APP));
-  EXPECT_TRUE(directory_permissions->HasLessPrivilegesThan(
-      write_directory_permissions, Manifest::TYPE_PLATFORM_APP));
+  PermissionMessageProvider* provider =
+      PermissionMessageProvider::Get(Manifest::TYPE_PLATFORM_APP);
+  EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
+                                             write_permissions));
+  EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
+                                             directory_permissions));
+  EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
+                                            directory_permissions));
+  EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
+                                            write_directory_permissions));
+  EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions,
+                                            write_permissions));
+  EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions,
+                                            write_directory_permissions));
 }
 
 TEST(PermissionsTest, GetWarningMessages_ManyHosts) {
   scoped_refptr<Extension> extension;
 
   extension = LoadManifest("permissions", "many-hosts.json");
   std::vector<string16> warnings =
       PermissionsData::GetPermissionMessageStrings(extension.get());
   ASSERT_EQ(1u, warnings.size());
   EXPECT_EQ("Access your data on encrypted.google.com and www.google.com",
@@ skipping 15 matching lines @@
   ASSERT_EQ(1u, warnings.size());
   EXPECT_EQ("Access all data on your computer and the websites you visit",
             UTF16ToUTF8(warnings[0]));
 #endif
 }
 
 TEST(PermissionsTest, GetWarningMessages_AudioVideo) {
   // Both audio and video present.
   scoped_refptr<Extension> extension =
       LoadManifest("permissions", "audio-video.json");
+  PermissionMessageProvider* provider =
+      PermissionMessageProvider::Get(extension->GetType());
   PermissionSet* set =
       const_cast<PermissionSet*>(
           extension->GetActivePermissions().get());
-  std::vector<string16> warnings =
-      set->GetWarningMessages(extension->GetType());
+  std::vector<string16> warnings = provider->GetWarningMessages(set);
   EXPECT_FALSE(Contains(warnings, "Use your microphone"));
   EXPECT_FALSE(Contains(warnings, "Use your camera"));
   EXPECT_TRUE(Contains(warnings, "Use your microphone and camera"));
   size_t combined_index = IndexOf(warnings, "Use your microphone and camera");
   size_t combined_size = warnings.size();
 
   // Just audio present.
   set->apis_.erase(APIPermission::kVideoCapture);
-  warnings = set->GetWarningMessages(extension->GetType());
+  warnings = provider->GetWarningMessages(set);
   EXPECT_EQ(combined_size, warnings.size());
   EXPECT_EQ(combined_index, IndexOf(warnings, "Use your microphone"));
   EXPECT_FALSE(Contains(warnings, "Use your camera"));
   EXPECT_FALSE(Contains(warnings, "Use your microphone and camera"));
 
   // Just video present.
   set->apis_.erase(APIPermission::kAudioCapture);
   set->apis_.insert(APIPermission::kVideoCapture);
-  warnings = set->GetWarningMessages(extension->GetType());
+  warnings = provider->GetWarningMessages(set);
   EXPECT_EQ(combined_size, warnings.size());
   EXPECT_FALSE(Contains(warnings, "Use your microphone"));
   EXPECT_FALSE(Contains(warnings, "Use your microphone and camera"));
   EXPECT_TRUE(Contains(warnings, "Use your camera"));
 }
 
 TEST(PermissionsTest, GetWarningMessages_DeclarativeWebRequest) {
   // Test that if the declarativeWebRequest permission is present
   // in combination with all hosts permission, then only the warning
   // for host permissions is shown, because that covers the use of
   // declarativeWebRequest.
 
   // Until Declarative Web Request is in stable, let's make sure it is enabled
   // on the current channel.
   ScopedCurrentChannel sc(chrome::VersionInfo::CHANNEL_CANARY);
 
   // First verify that declarativeWebRequest produces a message when host
   // permissions do not cover all hosts.
   scoped_refptr<Extension> extension =
       LoadManifest("permissions", "web_request_com_host_permissions.json");
+  PermissionMessageProvider* provider =
+      PermissionMessageProvider::Get(extension->GetType());
   const PermissionSet* set = extension->GetActivePermissions().get();
-  std::vector<string16> warnings =
-      set->GetWarningMessages(extension->GetType());
+  std::vector<string16> warnings = provider->GetWarningMessages(set);
   EXPECT_TRUE(Contains(warnings, "Block parts of web pages"));
   EXPECT_FALSE(Contains(warnings, "Access your data on all websites"));
 
   // Now verify that declarativeWebRequest does not produce a message when host
   // permissions do cover all hosts.
   extension =
       LoadManifest("permissions", "web_request_all_host_permissions.json");
   set = extension->GetActivePermissions().get();
-  warnings = set->GetWarningMessages(extension->GetType());
+  warnings = provider->GetWarningMessages(set);
   EXPECT_FALSE(Contains(warnings, "Block parts of web pages"));
   EXPECT_TRUE(Contains(warnings, "Access your data on all websites"));
 }
 
 TEST(PermissionsTest, GetWarningMessages_Serial) {
   scoped_refptr<Extension> extension =
       LoadManifest("permissions", "serial.json");
 
   EXPECT_TRUE(extension->is_platform_app());
   EXPECT_TRUE(extension->HasAPIPermission(APIPermission::kSerial));
@@ skipping 94 matching lines @@
     SCOPED_TRACE("no dupes");
 
     // Simple list with no dupes.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.bar.com/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("two dupes");
 
     // Add some dupes.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.baz.com/path"));
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("schemes differ");
 
     // Add a pattern that differs only by scheme. This should be filtered out.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTPS, "https://www.bar.com/path"));
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("paths differ");
 
     // Add some dupes by path.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.bar.com/pathypath"));
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("subdomains differ");
 
     // We don't do anything special for subdomains.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://monkey.www.bar.com/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://bar.com/path"));
 
     expected.insert("monkey.www.bar.com");
     expected.insert("bar.com");
 
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("RCDs differ");
 
     // Now test for RCD uniquing.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.de/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca.us/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com.my/path"));
 
     // This is an unknown RCD, which shouldn't be uniqued out.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.xyzzy/path"));
     // But it should only occur once.
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.xyzzy/path"));
 
     expected.insert("www.foo.xyzzy");
 
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("wildcards");
 
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com/*"));
 
     expected.insert("*.google.com");
 
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 
   {
     SCOPED_TRACE("scriptable hosts");
 
     APIPermissionSet empty_perms;
     explicit_hosts.ClearPatterns();
     URLPatternSet scriptable_hosts;
     expected.clear();
 
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com/*"));
     scriptable_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_HTTP, "http://*.example.com/*"));
 
     expected.insert("*.google.com");
     expected.insert("*.example.com");
 
     scoped_refptr<PermissionSet> perm_set(new PermissionSet(
         empty_perms, explicit_hosts, scriptable_hosts));
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(perm_set->effective_hosts(),
-                                              true, true));
+              permission_message_util::GetDistinctHosts(
+                  perm_set->effective_hosts(), true, true));
   }
 
   {
     // We don't display warnings for file URLs because they are off by default.
     SCOPED_TRACE("file urls");
 
     explicit_hosts.ClearPatterns();
     expected.clear();
 
     explicit_hosts.AddPattern(
         URLPattern(URLPattern::SCHEME_FILE, "file:///*"));
 
     EXPECT_EQ(expected,
-              PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+              permission_message_util::GetDistinctHosts(
+                  explicit_hosts, true, true));
   }
 }
 
 TEST(PermissionsTest, GetDistinctHosts_ComIsBestRcd) {
   URLPatternSet explicit_hosts;
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.com/path"));
 
   std::set<std::string> expected;
   expected.insert("www.foo.com");
   EXPECT_EQ(expected,
-            PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+            permission_message_util::GetDistinctHosts(
+                explicit_hosts, true, true));
 }
 
 TEST(PermissionsTest, GetDistinctHosts_NetIs2ndBestRcd) {
   URLPatternSet explicit_hosts;
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.net/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
   // No http://www.foo.com/path
 
   std::set<std::string> expected;
   expected.insert("www.foo.net");
   EXPECT_EQ(expected,
-            PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+            permission_message_util::GetDistinctHosts(
+                explicit_hosts, true, true));
 }
 
 TEST(PermissionsTest, GetDistinctHosts_OrgIs3rdBestRcd) {
   URLPatternSet explicit_hosts;
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.org/path"));
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
   // No http://www.foo.net/path
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
   // No http://www.foo.com/path
 
   std::set<std::string> expected;
   expected.insert("www.foo.org");
   EXPECT_EQ(expected,
-            PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+            permission_message_util::GetDistinctHosts(
+                explicit_hosts, true, true));
 }
 
 TEST(PermissionsTest, GetDistinctHosts_FirstInListIs4thBestRcd) {
   URLPatternSet explicit_hosts;
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.ca/path"));
   // No http://www.foo.org/path
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.co.uk/path"));
   // No http://www.foo.net/path
   explicit_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.foo.jp/path"));
   // No http://www.foo.com/path
 
   std::set<std::string> expected;
   expected.insert("www.foo.ca");
   EXPECT_EQ(expected,
-            PermissionSet::GetDistinctHosts(explicit_hosts, true, true));
+            permission_message_util::GetDistinctHosts(
+                explicit_hosts, true, true));
 }
 
-TEST(PermissionsTest, HasLessHostPrivilegesThan) {
-  Manifest::Type extension_type = Manifest::TYPE_EXTENSION;
+TEST(PermissionsTest, IsHostPrivilegeIncrease) {
+  ExtensionPermissionMessageProvider* provider =
+      static_cast<ExtensionPermissionMessageProvider*>(
+          PermissionMessageProvider::Get(Manifest::TYPE_EXTENSION));
   URLPatternSet elist1;
   URLPatternSet elist2;
   URLPatternSet slist1;
   URLPatternSet slist2;
   scoped_refptr<PermissionSet> set1;
   scoped_refptr<PermissionSet> set2;
   APIPermissionSet empty_perms;
   elist1.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
   elist1.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
 
   // Test that the host order does not matter.
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/path"));
 
   set1 = new PermissionSet(empty_perms, elist1, slist1);
   set2 = new PermissionSet(empty_perms, elist2, slist2);
 
-  EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set2, set1));
 
   // Test that paths are ignored.
   elist2.ClearPatterns();
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));
   set2 = new PermissionSet(empty_perms, elist2, slist2);
-  EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set2, set1));
 
   // Test that RCDs are ignored.
   elist2.ClearPatterns();
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));
   set2 = new PermissionSet(empty_perms, elist2, slist2);
-  EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set2, set1));
 
   // Test that subdomain wildcards are handled properly.
   elist2.ClearPatterns();
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*"));
   set2 = new PermissionSet(empty_perms, elist2, slist2);
-  EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
+  EXPECT_TRUE(provider->IsHostPrivilegeIncrease(set1, set2));
   // TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337
   // EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get()));
 
   // Test that different domains count as different hosts.
   elist2.ClearPatterns();
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/path"));
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));
   set2 = new PermissionSet(empty_perms, elist2, slist2);
-  EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  EXPECT_TRUE(provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_FALSE(provider->IsHostPrivilegeIncrease(set2, set1));
 
   // Test that different subdomains count as different hosts.
   elist2.ClearPatterns();
   elist2.AddPattern(
       URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
   set2 = new PermissionSet(empty_perms, elist2, slist2);
-  EXPECT_TRUE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_TRUE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  EXPECT_TRUE(provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_TRUE(provider->IsHostPrivilegeIncrease(set2, set1));
 
   // Test that platform apps do not have host permissions increases.
-  extension_type = Manifest::TYPE_PLATFORM_APP;
-  EXPECT_FALSE(set1->HasLessHostPrivilegesThan(set2.get(), extension_type));
-  EXPECT_FALSE(set2->HasLessHostPrivilegesThan(set1.get(), extension_type));
+  AppPermissionMessageProvider* app_provider =
+      static_cast<AppPermissionMessageProvider*>(
+          PermissionMessageProvider::Get(Manifest::TYPE_PLATFORM_APP));
+  EXPECT_FALSE(app_provider->IsHostPrivilegeIncrease(set1, set2));
+  EXPECT_FALSE(app_provider->IsHostPrivilegeIncrease(set2, set1));
 }
 
 TEST(PermissionsTest, GetAPIsAsStrings) {
   APIPermissionSet apis;
   URLPatternSet empty_set;
 
   apis.insert(APIPermission::kProxy);
   apis.insert(APIPermission::kBackground);
   apis.insert(APIPermission::kNotification);
   apis.insert(APIPermission::kTab);
@@ skipping 71 matching lines @@
 TEST(PermissionsTest, ChromeURLs) {
   URLPatternSet allowed_hosts;
   allowed_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/"));
   allowed_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_ALL, "chrome://favicon/"));
   allowed_hosts.AddPattern(
       URLPattern(URLPattern::SCHEME_ALL, "chrome://thumb/"));
   scoped_refptr<PermissionSet> permissions(
       new PermissionSet(APIPermissionSet(), allowed_hosts, URLPatternSet()));
-  permissions->GetPermissionMessages(Manifest::TYPE_EXTENSION);
+  PermissionMessageProvider::Get(Manifest::TYPE_EXTENSION)->
+      GetPermissionMessages(permissions);
 }
 
-TEST(PermissionsTest, HasLessPrivilegesThan_DeclarativeWebRequest) {
+TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {
   scoped_refptr<Extension> extension(
       LoadManifest("permissions", "permissions_all_urls.json"));
   scoped_refptr<const PermissionSet> permissions(
       extension->GetActivePermissions());
 
   scoped_refptr<Extension> extension_dwr(
       LoadManifest("permissions", "web_request_all_host_permissions.json"));
   scoped_refptr<const PermissionSet> permissions_dwr(
       extension_dwr->GetActivePermissions());
 
-  EXPECT_FALSE(permissions->HasLessPrivilegesThan(permissions_dwr.get(),
-                                                  extension->GetType()));
+  EXPECT_FALSE(PermissionMessageProvider::Get(extension->GetType())->
+                   IsPrivilegeIncrease(permissions.get(),
+                                       permissions_dwr.get()));
 }
 }  // namespace extensions