chrome/browser/extensions/permissions_updater.cc - Issue 2794803003: PS - Remove Clipboard Read permission from extensions in Public Sessions (except for whitelisted on…

Side by Side Diff: chrome/browser/extensions/permissions_updater.cc

Issue 2794803003: PS - Remove Clipboard Read permission from extensions in Public Sessions (except for whitelisted on… (Closed)

Patch Set: Using a platform delegate Created 3 years, 8 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « chrome/browser/extensions/permissions_updater.h ('k') | chrome/browser/extensions/permissions_updater_delegate_chromeos.h » ('j') | chrome/browser/extensions/permissions_updater_delegate_chromeos.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/extensions/permissions_updater.h"	5 #include "chrome/browser/extensions/permissions_updater.h"

6	6

7 #include <utility>	7 #include <utility>

8	8

9 #include "base/memory/ref_counted.h"	9 #include "base/memory/ref_counted.h"

10 #include "base/values.h"	10 #include "base/values.h"

11 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"	11 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"

	12 #include "chrome/browser/extensions/permissions_updater_delegate_chromeos.h"

12 #include "chrome/browser/extensions/scripting_permissions_modifier.h"	13 #include "chrome/browser/extensions/scripting_permissions_modifier.h"

13 #include "chrome/browser/profiles/profile.h"	14 #include "chrome/browser/profiles/profile.h"

14 #include "chrome/common/extensions/api/permissions.h"	15 #include "chrome/common/extensions/api/permissions.h"

15 #include "content/public/browser/notification_observer.h"	16 #include "content/public/browser/notification_observer.h"

16 #include "content/public/browser/notification_registrar.h"	17 #include "content/public/browser/notification_registrar.h"

17 #include "content/public/browser/notification_service.h"	18 #include "content/public/browser/notification_service.h"

18 #include "content/public/browser/render_process_host.h"	19 #include "content/public/browser/render_process_host.h"

19 #include "extensions/browser/event_router.h"	20 #include "extensions/browser/event_router.h"

20 #include "extensions/browser/extension_prefs.h"	21 #include "extensions/browser/extension_prefs.h"

21 #include "extensions/browser/notification_types.h"	22 #include "extensions/browser/notification_types.h"

(...skipping 40 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
62 PermissionSet::CreateIntersection(*total_permissions,	63 PermissionSet::CreateIntersection(*total_permissions,

63 *active_permissions);	64 *active_permissions);

64	65

65 // Make sure the active permissions contain the default permissions.	66 // Make sure the active permissions contain the default permissions.

66 adjusted_active =	67 adjusted_active =

67 PermissionSet::CreateUnion(required_permissions, *adjusted_active);	68 PermissionSet::CreateUnion(required_permissions, *adjusted_active);

68	69

69 return adjusted_active;	70 return adjusted_active;

70 }	71 }

71	72

	73 PermissionsUpdater::Delegate* g_delegate = nullptr;

	74

72 } // namespace	75 } // namespace

73	76

74 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context)	77 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context)

75 : browser_context_(browser_context), init_flag_(INIT_FLAG_NONE) {	78 : browser_context_(browser_context), init_flag_(INIT_FLAG_NONE) {

	79 #if defined(OS_CHROMEOS)

	80 if (!g_delegate)
	Ivan Šandrk 2017/04/04 15:41:56 I'm not sure if the SetPlatformDelegate function i I'm not sure if the SetPlatformDelegate function is needed at all. And I'm also not sure if doing it like this is ok. Devlin 2017/04/05 14:35:20 I think what would be better would be instead movi Show quoted text On 2017/04/04 15:41:56, Ivan Šandrk wrote: > I'm not sure if the SetPlatformDelegate function is needed at all. And I'm also > not sure if doing it like this is ok. I think what would be better would be instead moving this call to SetDelegate to chromeos session code. I don't know that code well, but I'm assuming there's some point at which we know that we're in a public session. From there, we set the delegate, since that's the only case we need. Then, we don't need any #ifdefs in this file! :) Ivan Šandrk 2017/04/07 14:39:40 Right, done. Show quoted text On 2017/04/05 14:35:20, Devlin wrote: > On 2017/04/04 15:41:56, Ivan Šandrk wrote: > > I'm not sure if the SetPlatformDelegate function is needed at all. And I'm > also > > not sure if doing it like this is ok. > > I think what would be better would be instead moving this call to SetDelegate to > chromeos session code. I don't know that code well, but I'm assuming there's > some point at which we know that we're in a public session. From there, we set > the delegate, since that's the only case we need. Then, we don't need any > #ifdefs in this file! :) Right, done.
	81 SetPlatformDelegate(new PermissionsUpdaterDelegateChromeOS());

	82 #endif

76 }	83 }

77	84

78 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context,	85 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context,

79 InitFlag init_flag)	86 InitFlag init_flag)

80 : browser_context_(browser_context), init_flag_(init_flag) {	87 : browser_context_(browser_context), init_flag_(init_flag) {

81 }	88 }

82	89

83 PermissionsUpdater::~PermissionsUpdater() {}	90 PermissionsUpdater::~PermissionsUpdater() {}

84	91

	92 // static

	93 void PermissionsUpdater::SetPlatformDelegate(Delegate* delegate) {

	94 g_delegate = delegate;

	95 }

	96

85 void PermissionsUpdater::AddPermissions(const Extension* extension,	97 void PermissionsUpdater::AddPermissions(const Extension* extension,

86 const PermissionSet& permissions) {	98 const PermissionSet& permissions) {

87 const PermissionSet& active =	99 const PermissionSet& active =

88 extension->permissions_data()->active_permissions();	100 extension->permissions_data()->active_permissions();

89 std::unique_ptr<const PermissionSet> total =	101 std::unique_ptr<const PermissionSet> total =

90 PermissionSet::CreateUnion(active, permissions);	102 PermissionSet::CreateUnion(active, permissions);

91 std::unique_ptr<const PermissionSet> added =	103 std::unique_ptr<const PermissionSet> added =

92 PermissionSet::CreateDifference(*total, active);	104 PermissionSet::CreateDifference(*total, active);

93	105

94 std::unique_ptr<const PermissionSet> new_withheld =	106 std::unique_ptr<const PermissionSet> new_withheld =

(...skipping 97 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
192	204

193 std::unique_ptr<const PermissionSet> granted_permissions;	205 std::unique_ptr<const PermissionSet> granted_permissions;

194 std::unique_ptr<const PermissionSet> withheld_permissions;	206 std::unique_ptr<const PermissionSet> withheld_permissions;

195 ScriptingPermissionsModifier(browser_context_, make_scoped_refptr(extension))	207 ScriptingPermissionsModifier(browser_context_, make_scoped_refptr(extension))

196 .WithholdPermissions(*bounded_active, &granted_permissions,	208 .WithholdPermissions(*bounded_active, &granted_permissions,

197 &withheld_permissions,	209 &withheld_permissions,

198 (init_flag_ & INIT_FLAG_TRANSIENT) != 0);	210 (init_flag_ & INIT_FLAG_TRANSIENT) != 0);

199	211

200 SetPermissions(extension, std::move(granted_permissions),	212 SetPermissions(extension, std::move(granted_permissions),

201 std::move(withheld_permissions));	213 std::move(withheld_permissions));

	214

	215 if (g_delegate)

	216 g_delegate->InitializePermissions(this, extension);

202 }	217 }

203	218

204 void PermissionsUpdater::SetPermissions(	219 void PermissionsUpdater::SetPermissions(

205 const Extension* extension,	220 const Extension* extension,

206 std::unique_ptr<const PermissionSet> active,	221 std::unique_ptr<const PermissionSet> active,

207 std::unique_ptr<const PermissionSet> withheld) {	222 std::unique_ptr<const PermissionSet> withheld) {

208 DCHECK(active);	223 DCHECK(active);

209 const PermissionSet& active_weak = *active;	224 const PermissionSet& active_weak = *active;

210 if (withheld) {	225 if (withheld) {

211 extension->permissions_data()->SetPermissions(std::move(active),	226 extension->permissions_data()->SetPermissions(std::move(active),

(...skipping 24 matching lines...) Expand all Loading...
236 std::unique_ptr<Event> event(	251 std::unique_ptr<Event> event(

237 new Event(histogram_value, event_name, std::move(value)));	252 new Event(histogram_value, event_name, std::move(value)));

238 event->restrict_to_browser_context = browser_context_;	253 event->restrict_to_browser_context = browser_context_;

239 event_router->DispatchEventToExtension(extension_id, std::move(event));	254 event_router->DispatchEventToExtension(extension_id, std::move(event));

240 }	255 }

241	256

242 void PermissionsUpdater::NotifyPermissionsUpdated(	257 void PermissionsUpdater::NotifyPermissionsUpdated(

243 EventType event_type,	258 EventType event_type,

244 const Extension* extension,	259 const Extension* extension,

245 const PermissionSet& changed) {	260 const PermissionSet& changed) {

246 DCHECK((init_flag_ & INIT_FLAG_TRANSIENT) == 0);	261 DCHECK_EQ(init_flag_ & INIT_FLAG_TRANSIENT, 0);
	Ivan Šandrk 2017/04/04 15:41:57 Fixed linter error. Fixed linter error. Devlin 2017/04/05 14:35:20 Thanks! But prefer DCHECK_EQ(expected, actual), s Show quoted text On 2017/04/04 15:41:57, Ivan Šandrk wrote: > Fixed linter error. Thanks! But prefer DCHECK_EQ(expected, actual), so DCHECK_EQ(0, init_flag & INIT_FLAG_TRANSIENT); Ivan Šandrk 2017/04/07 14:39:40 Done. Show quoted text On 2017/04/05 14:35:20, Devlin wrote: > On 2017/04/04 15:41:57, Ivan Šandrk wrote: > > Fixed linter error. > > Thanks! But prefer DCHECK_EQ(expected, actual), so > DCHECK_EQ(0, init_flag & INIT_FLAG_TRANSIENT); Done.
247 if (changed.IsEmpty())	262 if (changed.IsEmpty())

248 return;	263 return;

249	264

250 UpdatedExtensionPermissionsInfo::Reason reason;	265 UpdatedExtensionPermissionsInfo::Reason reason;

251 events::HistogramValue histogram_value;	266 events::HistogramValue histogram_value;

252 const char* event_name = NULL;	267 const char* event_name = NULL;

253	268

254 if (event_type == REMOVED) {	269 if (event_type == REMOVED) {

255 reason = UpdatedExtensionPermissionsInfo::REMOVED;	270 reason = UpdatedExtensionPermissionsInfo::REMOVED;

256 histogram_value = events::PERMISSIONS_ON_REMOVED;	271 histogram_value = events::PERMISSIONS_ON_REMOVED;

(...skipping 29 matching lines...) Expand all Loading...
286 Profile::FromBrowserContext(host->GetBrowserContext()))) {	301 Profile::FromBrowserContext(host->GetBrowserContext()))) {

287 host->Send(new ExtensionMsg_UpdatePermissions(params));	302 host->Send(new ExtensionMsg_UpdatePermissions(params));

288 }	303 }

289 }	304 }

290	305

291 // Trigger the onAdded and onRemoved events in the extension.	306 // Trigger the onAdded and onRemoved events in the extension.

292 DispatchEvent(extension->id(), histogram_value, event_name, changed);	307 DispatchEvent(extension->id(), histogram_value, event_name, changed);

293 }	308 }

294	309

295 } // namespace extensions	310 } // namespace extensions

OLD	NEW