Revert of Communicate ExtensionSettings policy to renderers

chrome/common/extensions/permissions/permissions_data_unittest.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <stdint.h>
 
 #include <utility>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/strings/string16.h"
 #include "base/strings/utf_string_conversions.h"
 #include "build/build_config.h"
 #include "chrome/common/extensions/extension_test_util.h"
 #include "components/crx_file/id_util.h"
 #include "content/public/common/socket_permission_request.h"
-#include "extensions/common/constants.h"
 #include "extensions/common/error_utils.h"
 #include "extensions/common/extension.h"
 #include "extensions/common/extension_builder.h"
 #include "extensions/common/manifest.h"
 #include "extensions/common/manifest_constants.h"
 #include "extensions/common/permissions/api_permission.h"
 #include "extensions/common/permissions/permission_message_test_util.h"
 #include "extensions/common/permissions/permission_set.h"
 #include "extensions/common/permissions/permissions_data.h"
 #include "extensions/common/permissions/socket_permission.h"
@@ skipping 189 matching lines @@
   EXPECT_TRUE(hosts.MatchesURL(GURL("http://www.google.com")));
   EXPECT_TRUE(extension->permissions_data()->HasEffectiveAccessToAllHosts());
 
   // Tab-specific permissions should be included in the effective hosts.
   GURL tab_url("http://www.example.com/");
   URLPatternSet new_hosts;
   new_hosts.AddOrigin(URLPattern::SCHEME_ALL, tab_url);
   extension->permissions_data()->UpdateTabSpecificPermissions(
       1, PermissionSet(APIPermissionSet(), ManifestPermissionSet(), new_hosts,
                        URLPatternSet()));
-  EXPECT_TRUE(
-      extension->permissions_data()->GetEffectiveHostPermissions().MatchesURL(
-          tab_url));
+  EXPECT_TRUE(extension->permissions_data()->GetEffectiveHostPermissions().
+      MatchesURL(tab_url));
   extension->permissions_data()->ClearTabSpecificPermissions(1);
-  EXPECT_FALSE(
-      extension->permissions_data()->GetEffectiveHostPermissions().MatchesURL(
-          tab_url));
+  EXPECT_FALSE(extension->permissions_data()->GetEffectiveHostPermissions().
+      MatchesURL(tab_url));
 }
 
 TEST(PermissionsDataTest, SocketPermissions) {
   scoped_refptr<Extension> extension;
   std::string error;
 
   extension = LoadManifest("socket_permissions", "empty.json");
-  EXPECT_FALSE(CheckSocketPermission(
-      extension, SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
+  EXPECT_FALSE(CheckSocketPermission(extension,
+      SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
 
   extension = LoadManifestUnchecked("socket_permissions",
                                     "socket1.json",
                                     Manifest::INTERNAL, Extension::NO_FLAGS,
                                     &error);
   EXPECT_TRUE(extension.get() == NULL);
   std::string expected_error_msg_header = ErrorUtils::FormatErrorMessage(
       manifest_errors::kInvalidPermissionWithDetail,
       "socket",
       "NULL or empty permission list");
   EXPECT_EQ(expected_error_msg_header, error);
 
   extension = LoadManifest("socket_permissions", "socket2.json");
+  EXPECT_TRUE(CheckSocketPermission(extension,
+      SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
+  EXPECT_FALSE(CheckSocketPermission(
+        extension, SocketPermissionRequest::UDP_BIND, "", 80));
   EXPECT_TRUE(CheckSocketPermission(
-      extension, SocketPermissionRequest::TCP_CONNECT, "www.example.com", 80));
-  EXPECT_FALSE(CheckSocketPermission(
-      extension, SocketPermissionRequest::UDP_BIND, "", 80));
-  EXPECT_TRUE(CheckSocketPermission(
-      extension, SocketPermissionRequest::UDP_BIND, "", 8888));
+        extension, SocketPermissionRequest::UDP_BIND, "", 8888));
 
   EXPECT_FALSE(CheckSocketPermission(
-      extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
-  EXPECT_TRUE(CheckSocketPermission(extension,
-                                    SocketPermissionRequest::UDP_SEND_TO,
-                                    "239.255.255.250", 1900));
+        extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
+  EXPECT_TRUE(CheckSocketPermission(
+        extension,
+        SocketPermissionRequest::UDP_SEND_TO,
+        "239.255.255.250", 1900));
 }
 
 TEST(PermissionsDataTest, IsRestrictedUrl) {
   scoped_refptr<const Extension> extension =
       GetExtensionWithHostPermission("normal_extension",
                                      kAllHostsPermission,
                                      Manifest::INTERNAL);
   // Chrome urls should be blocked for normal extensions.
   CheckRestrictedUrls(extension.get(), true);
 
@@ skipping 97 matching lines @@
 }
 
 // Base class for testing the CanAccessPage and CanCaptureVisiblePage
 // methods of Extension for extensions with various permissions.
 class ExtensionScriptAndCaptureVisibleTest : public testing::Test {
  protected:
   ExtensionScriptAndCaptureVisibleTest()
       : http_url("http://www.google.com"),
         http_url_with_path("http://www.google.com/index.html"),
         https_url("https://www.google.com"),
-        example_com("https://example.com"),
-        test_example_com("https://test.example.com"),
-        sample_example_com("https://sample.example.com"),
         file_url("file:///foo/bar"),
         favicon_url("chrome://favicon/http://www.google.com"),
         extension_url("chrome-extension://" +
                       crx_file::id_util::GenerateIdForPath(
                           base::FilePath(FILE_PATH_LITERAL("foo")))),
         settings_url("chrome://settings"),
         about_url("about:flags") {
     urls_.insert(http_url);
     urls_.insert(http_url_with_path);
     urls_.insert(https_url);
-    urls_.insert(example_com);
-    urls_.insert(test_example_com);
-    urls_.insert(sample_example_com);
     urls_.insert(file_url);
     urls_.insert(favicon_url);
     urls_.insert(extension_url);
     urls_.insert(settings_url);
     urls_.insert(about_url);
     // Ignore the policy delegate for this test.
     PermissionsData::SetPolicyDelegate(NULL);
   }
 
   bool AllowedScript(const Extension* extension, const GURL& url) {
@@ skipping 65 matching lines @@
         result &= Blocked(extension, url, tab_id);
     }
     return result;
   }
 
   // URLs that are "safe" to provide scripting and capture visible tab access
   // to if the permissions allow it.
   const GURL http_url;
   const GURL http_url_with_path;
   const GURL https_url;
-  const GURL example_com;
-  const GURL test_example_com;
-  const GURL sample_example_com;
   const GURL file_url;
 
   // We should allow host permission but not scripting permission for favicon
   // urls.
   const GURL favicon_url;
 
   // URLs that regular extensions should never get access to.
   const GURL extension_url;
   const GURL settings_url;
   const GURL about_url;
@@ skipping 96 matching lines @@
   EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
 }
 
 TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) {
   base::CommandLine::ForCurrentProcess()->AppendSwitch(
       switches::kExtensionsOnChromeURLs);
 
   scoped_refptr<Extension> extension;
 
   // Test <all_urls> for regular extensions.
-  extension =
-      LoadManifestStrict("script_and_capture", "extension_regular_all.json");
+  extension = LoadManifestStrict("script_and_capture",
+      "extension_regular_all.json");
   EXPECT_TRUE(Allowed(extension.get(), http_url));
   EXPECT_TRUE(Allowed(extension.get(), https_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
   EXPECT_TRUE(Allowed(extension.get(), favicon_url));  // chrome:// requested
   EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
   EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
 
   // Test access to iframed content.
   GURL within_extension_url = extension->GetResourceURL("page.html");
   EXPECT_TRUE(AllowedScript(extension.get(), http_url));
   EXPECT_TRUE(AllowedScript(extension.get(), http_url_with_path));
   EXPECT_TRUE(AllowedScript(extension.get(), https_url));
   EXPECT_TRUE(BlockedScript(extension.get(), within_extension_url));
   EXPECT_TRUE(BlockedScript(extension.get(), extension_url));
 
   const PermissionsData* permissions_data = extension->permissions_data();
   EXPECT_FALSE(permissions_data->HasHostPermission(settings_url));
   EXPECT_FALSE(permissions_data->HasHostPermission(about_url));
   EXPECT_TRUE(permissions_data->HasHostPermission(favicon_url));
 
   // Test * for scheme, which implies just the http/https schemes.
-  extension =
-      LoadManifestStrict("script_and_capture", "extension_wildcard.json");
+  extension = LoadManifestStrict("script_and_capture",
+      "extension_wildcard.json");
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), https_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   extension =
       LoadManifest("script_and_capture", "extension_wildcard_settings.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
 
   // Having chrome://*/ should work for regular extensions with the flag
   // enabled.
   std::string error;
   extension = LoadManifestUnchecked("script_and_capture",
                                     "extension_wildcard_chrome.json",
                                     Manifest::INTERNAL, Extension::NO_FLAGS,
                                     &error);
   EXPECT_FALSE(extension.get() == NULL);
   EXPECT_TRUE(Blocked(extension.get(), http_url));
   EXPECT_TRUE(Blocked(extension.get(), https_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url));
 
   // Having chrome://favicon/* should not give you chrome://*
   extension = LoadManifestStrict("script_and_capture",
-                                 "extension_chrome_favicon_wildcard.json");
+      "extension_chrome_favicon_wildcard.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(ScriptOnly(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
 
   // Having http://favicon should not give you chrome://favicon
-  extension =
-      LoadManifestStrict("script_and_capture", "extension_http_favicon.json");
+  extension = LoadManifestStrict("script_and_capture",
+      "extension_http_favicon.json");
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
 
   // Component extensions with <all_urls> should get everything.
   extension = LoadManifest("script_and_capture", "extension_component_all.json",
-                           Manifest::COMPONENT, Extension::NO_FLAGS);
+      Manifest::COMPONENT, Extension::NO_FLAGS);
   EXPECT_TRUE(Allowed(extension.get(), http_url));
   EXPECT_TRUE(Allowed(extension.get(), https_url));
   EXPECT_TRUE(Allowed(extension.get(), settings_url));
   EXPECT_TRUE(Allowed(extension.get(), about_url));
   EXPECT_TRUE(Allowed(extension.get(), favicon_url));
   EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
 
   // Component extensions should only get access to what they ask for.
-  extension =
-      LoadManifest("script_and_capture", "extension_component_google.json",
-                   Manifest::COMPONENT, Extension::NO_FLAGS);
+  extension = LoadManifest("script_and_capture",
+      "extension_component_google.json", Manifest::COMPONENT,
+      Extension::NO_FLAGS);
   EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
   EXPECT_TRUE(Blocked(extension.get(), https_url));
   EXPECT_TRUE(Blocked(extension.get(), file_url));
   EXPECT_TRUE(Blocked(extension.get(), settings_url));
   EXPECT_TRUE(Blocked(extension.get(), favicon_url));
   EXPECT_TRUE(Blocked(extension.get(), about_url));
   EXPECT_TRUE(Blocked(extension.get(), extension_url));
   EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
 }
 
@@ skipping 141 matching lines @@
                                                              kTabId, &error))
           << extension->name() << ": " << url;
       EXPECT_EQ(PermissionsData::ACCESS_DENIED,
                 extension->permissions_data()->GetContentScriptAccess(
                     extension, url, kTabId, &error))
           << extension->name() << ": " << url;
     }
   }
 }
 
-TEST_F(ExtensionScriptAndCaptureVisibleTest, PolicyHostRestrictionsSwap) {
-  // Makes sure when an extension gets an individual policy for host
-  // restrictions it overrides the default policy. Also tests transitioning back
-  // to the default policy when an individual policy is removed.
-  URLPattern example_com_pattern =
-      URLPattern(URLPattern::SCHEME_ALL, "*://*.example.com/*");
-  URLPattern test_example_com_pattern =
-      URLPattern(URLPattern::SCHEME_ALL, "*://test.example.com/*");
-  URLPatternSet default_blocked;
-  URLPatternSet default_allowed;
-  default_blocked.AddPattern(example_com_pattern);
-  default_allowed.AddPattern(test_example_com_pattern);
-
-  // Test <all_urls> for regular extensions.
-  scoped_refptr<Extension> extension =
-      LoadManifestStrict("script_and_capture", "extension_regular_all.json");
-  extension->permissions_data()->SetDefaultPolicyHostRestrictions(
-      default_blocked, default_allowed);
-
-  // The default policy applies to all extensions at this point. The extension
-  // should be able to access test.example.com but be blocked from
-  // accessing any other subdomains of example.com or example.com itself.
-  EXPECT_TRUE(CaptureOnly(extension.get(), example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), sample_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-
-  URLPatternSet blocked;
-  blocked.AddPattern(test_example_com_pattern);
-  URLPatternSet allowed;
-  extension->permissions_data()->SetPolicyHostRestrictions(blocked, allowed);
-
-  // We've applied an individual policy which overrides the default policy.
-  // The only URL that should be blocked is test.example.com.
-  EXPECT_TRUE(Allowed(extension.get(), example_com));
-  EXPECT_TRUE(Allowed(extension.get(), sample_example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), test_example_com));
-
-  blocked.AddPattern(example_com_pattern);
-  allowed.AddPattern(test_example_com_pattern);
-  extension->permissions_data()->SetPolicyHostRestrictions(blocked, allowed);
-
-  // Adding example.com and all its subdomains to the blocked list and
-  // test.example.com to the whitelist. This is still the individual policy
-  // Since the whitelist overrides a blacklist we expect to allow access to
-  // test.example.com but block access to all other example.com subdomains
-  // (sample.example.com) and example.com itself.
-  EXPECT_TRUE(CaptureOnly(extension.get(), example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), sample_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-
-  blocked.ClearPatterns();
-  allowed.ClearPatterns();
-  extension->permissions_data()->SetPolicyHostRestrictions(blocked, allowed);
-
-  // Cleared all URLs from the individual policy, so all URLs should have
-  // access. We want to make sure that a block at the default level doesn't
-  // apply since we're still definining an individual policy.
-  EXPECT_TRUE(Allowed(extension.get(), example_com));
-  EXPECT_TRUE(Allowed(extension.get(), sample_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-
-  // Flip back to using default policy for this extension.
-  extension->permissions_data()->SetUsesDefaultHostRestrictions();
-
-  // Make sure the default policy has the same effect as before we defined an
-  // individual policy. Access to test.example.com should be allowed, but all
-  // other subdomains and example.com itself should be blocked.
-  EXPECT_TRUE(CaptureOnly(extension.get(), example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), sample_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-}
-
-TEST_F(ExtensionScriptAndCaptureVisibleTest, PolicyHostRestrictions) {
-  // Test that host restrictions applied by policy take effect on normal URLs,
-  // iframe urls, different schemes, and components.
-  URLPatternSet default_blocked;
-  URLPatternSet default_allowed;
-  default_blocked.AddPattern(
-      URLPattern(URLPattern::SCHEME_ALL, "https://*.example.com/*"));
-  default_allowed.AddPattern(
-      URLPattern(URLPattern::SCHEME_ALL, "https://test.example.com/*"));
-
-  // In all of these tests, test.example.com should have scripting allowed, with
-  // all other subdomains and example.com itself blocked.
-
-  // Test <all_urls> for regular extensions.
-  scoped_refptr<Extension> extension =
-      LoadManifestStrict("script_and_capture", "extension_regular_all.json");
-  extension->permissions_data()->SetDefaultPolicyHostRestrictions(
-      default_blocked, default_allowed);
-
-  EXPECT_TRUE(Allowed(extension.get(), http_url));
-  EXPECT_TRUE(Allowed(extension.get(), https_url));
-  EXPECT_TRUE(CaptureOnly(extension.get(), example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), sample_example_com));
-  EXPECT_TRUE(CaptureOnly(extension.get(), file_url));
-  EXPECT_TRUE(CaptureOnly(extension.get(), settings_url));
-  EXPECT_TRUE(CaptureOnly(extension.get(), favicon_url));
-  EXPECT_TRUE(CaptureOnly(extension.get(), about_url));
-  EXPECT_TRUE(CaptureOnly(extension.get(), extension_url));
-
-  // Test access to iframed content.
-  GURL within_extension_url = extension->GetResourceURL("page.html");
-  EXPECT_TRUE(AllowedScript(extension.get(), http_url));
-  EXPECT_TRUE(AllowedScript(extension.get(), http_url_with_path));
-  EXPECT_TRUE(BlockedScript(extension.get(), example_com));
-  EXPECT_TRUE(AllowedScript(extension.get(), test_example_com));
-  EXPECT_TRUE(BlockedScript(extension.get(), sample_example_com));
-  EXPECT_TRUE(AllowedScript(extension.get(), https_url));
-  EXPECT_TRUE(BlockedScript(extension.get(), within_extension_url));
-  EXPECT_TRUE(BlockedScript(extension.get(), extension_url));
-
-  // Supress host permission for example.com since its on the blocklist
-  EXPECT_FALSE(extension->permissions_data()->HasHostPermission(example_com));
-  // Allow host permission for test.example.com since its on the whitelist and
-  // blacklist. The whitelist overrides the blacklist.
-  EXPECT_TRUE(
-      extension->permissions_data()->HasHostPermission(test_example_com));
-  EXPECT_FALSE(extension->permissions_data()->HasHostPermission(settings_url));
-  EXPECT_FALSE(extension->permissions_data()->HasHostPermission(about_url));
-  EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
-
-  // Test * for scheme, which implies just the http/https schemes.
-  extension =
-      LoadManifestStrict("script_and_capture", "extension_wildcard.json");
-  extension->permissions_data()->SetDefaultPolicyHostRestrictions(
-      default_blocked, default_allowed);
-  EXPECT_TRUE(ScriptOnly(extension.get(), http_url));
-  EXPECT_TRUE(Blocked(extension.get(), example_com));
-  EXPECT_TRUE(ScriptOnly(extension.get(), test_example_com));
-  EXPECT_TRUE(Blocked(extension.get(), sample_example_com));
-  EXPECT_TRUE(ScriptOnly(extension.get(), https_url));
-  EXPECT_TRUE(Blocked(extension.get(), settings_url));
-  EXPECT_TRUE(Blocked(extension.get(), about_url));
-  EXPECT_TRUE(Blocked(extension.get(), file_url));
-  EXPECT_TRUE(Blocked(extension.get(), favicon_url));
-  extension =
-      LoadManifest("script_and_capture", "extension_wildcard_settings.json");
-  extension->permissions_data()->SetDefaultPolicyHostRestrictions(
-      default_blocked, default_allowed);
-  EXPECT_TRUE(Blocked(extension.get(), settings_url));
-
-  // Component extensions with <all_urls> should get everything regardless of
-  // policy.
-  extension = LoadManifest("script_and_capture", "extension_component_all.json",
-                           Manifest::COMPONENT, Extension::NO_FLAGS);
-  extension->permissions_data()->SetDefaultPolicyHostRestrictions(
-      default_blocked, default_allowed);
-  EXPECT_TRUE(Allowed(extension.get(), http_url));
-  EXPECT_TRUE(Allowed(extension.get(), https_url));
-  EXPECT_TRUE(Allowed(extension.get(), example_com));
-  EXPECT_TRUE(Allowed(extension.get(), test_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), sample_example_com));
-  EXPECT_TRUE(Allowed(extension.get(), settings_url));
-  EXPECT_TRUE(Allowed(extension.get(), about_url));
-  EXPECT_TRUE(Allowed(extension.get(), favicon_url));
-  EXPECT_TRUE(extension->permissions_data()->HasHostPermission(favicon_url));
-}
-
 }  // namespace extensions