OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" | 5 #include "chrome/browser/extensions/api/permissions/permissions_api.h" |
6 #include "chrome/browser/extensions/extension_apitest.h" | 6 #include "chrome/browser/extensions/extension_apitest.h" |
7 #include "chrome/browser/extensions/extension_management_test_util.h" | 7 #include "chrome/browser/extensions/extension_management_test_util.h" |
8 #include "chrome/browser/extensions/extension_with_management_policy_apitest.h" | 8 #include "chrome/browser/extensions/extension_with_management_policy_apitest.h" |
9 #include "chrome/browser/profiles/profile.h" | 9 #include "chrome/browser/profiles/profile.h" |
10 #include "chrome/browser/ui/browser.h" | 10 #include "chrome/browser/ui/browser.h" |
(...skipping 16 matching lines...) Expand all Loading... |
27 } // namespace | 27 } // namespace |
28 | 28 |
29 class ExperimentalApiTest : public ExtensionApiTest { | 29 class ExperimentalApiTest : public ExtensionApiTest { |
30 public: | 30 public: |
31 void SetUpCommandLine(base::CommandLine* command_line) override { | 31 void SetUpCommandLine(base::CommandLine* command_line) override { |
32 ExtensionApiTest::SetUpCommandLine(command_line); | 32 ExtensionApiTest::SetUpCommandLine(command_line); |
33 command_line->AppendSwitch(switches::kEnableExperimentalExtensionApis); | 33 command_line->AppendSwitch(switches::kEnableExperimentalExtensionApis); |
34 } | 34 } |
35 }; | 35 }; |
36 | 36 |
37 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, PermissionsFail) { | 37 class PermissionsApiTest : public ExtensionApiTest { |
| 38 public: |
| 39 void SetUpOnMainThread() override { |
| 40 ExtensionApiTest::SetUpOnMainThread(); |
| 41 host_resolver()->AddRule("*", "127.0.0.1"); |
| 42 } |
| 43 }; |
| 44 |
| 45 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, PermissionsFail) { |
38 ASSERT_TRUE(RunExtensionTest("permissions/disabled")) << message_; | 46 ASSERT_TRUE(RunExtensionTest("permissions/disabled")) << message_; |
39 | 47 |
40 // Since the experimental APIs require a flag, this will fail even though | 48 // Since the experimental APIs require a flag, this will fail even though |
41 // it's enabled. | 49 // it's enabled. |
42 // TODO(erikkay) This test is currently broken because LoadExtension in | 50 // TODO(erikkay) This test is currently broken because LoadExtension in |
43 // ExtensionBrowserTest doesn't actually fail, it just times out. To fix this | 51 // ExtensionBrowserTest doesn't actually fail, it just times out. To fix this |
44 // I'll need to add an EXTENSION_LOAD_ERROR notification, which is probably | 52 // I'll need to add an EXTENSION_LOAD_ERROR notification, which is probably |
45 // too much for the branch. I'll enable this on trunk later. | 53 // too much for the branch. I'll enable this on trunk later. |
46 // ASSERT_FALSE(RunExtensionTest("permissions/enabled"))) << message_; | 54 // ASSERT_FALSE(RunExtensionTest("permissions/enabled"))) << message_; |
47 } | 55 } |
48 | 56 |
49 IN_PROC_BROWSER_TEST_F(ExperimentalApiTest, PermissionsSucceed) { | 57 IN_PROC_BROWSER_TEST_F(ExperimentalApiTest, PermissionsSucceed) { |
50 ASSERT_TRUE(RunExtensionTest("permissions/enabled")) << message_; | 58 ASSERT_TRUE(RunExtensionTest("permissions/enabled")) << message_; |
51 } | 59 } |
52 | 60 |
53 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, ExperimentalPermissionsFail) { | 61 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, ExperimentalPermissionsFail) { |
54 // At the time this test is being created, there is no experimental | 62 // At the time this test is being created, there is no experimental |
55 // function that will not be graduating soon, and does not require a | 63 // function that will not be graduating soon, and does not require a |
56 // tab id as an argument. So, we need the tab permission to get | 64 // tab id as an argument. So, we need the tab permission to get |
57 // a tab id. | 65 // a tab id. |
58 ASSERT_TRUE(RunExtensionTest("permissions/experimental_disabled")) | 66 ASSERT_TRUE(RunExtensionTest("permissions/experimental_disabled")) |
59 << message_; | 67 << message_; |
60 } | 68 } |
61 | 69 |
62 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, FaviconPermission) { | 70 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, FaviconPermission) { |
63 ASSERT_TRUE(RunExtensionTest("permissions/favicon")) << message_; | 71 ASSERT_TRUE(RunExtensionTest("permissions/favicon")) << message_; |
64 } | 72 } |
65 | 73 |
66 // Test functions and APIs that are always allowed (even if you ask for no | 74 // Test functions and APIs that are always allowed (even if you ask for no |
67 // permissions). | 75 // permissions). |
68 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, AlwaysAllowed) { | 76 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, AlwaysAllowed) { |
69 ASSERT_TRUE(RunExtensionTest("permissions/always_allowed")) << message_; | 77 ASSERT_TRUE(RunExtensionTest("permissions/always_allowed")) << message_; |
70 } | 78 } |
71 | 79 |
72 // Tests that the optional permissions API works correctly. | 80 // Tests that the optional permissions API works correctly. |
73 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGranted) { | 81 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsGranted) { |
74 // Mark all the tested APIs as granted to bypass the confirmation UI. | 82 // Mark all the tested APIs as granted to bypass the confirmation UI. |
75 APIPermissionSet apis; | 83 APIPermissionSet apis; |
76 apis.insert(APIPermission::kBookmark); | 84 apis.insert(APIPermission::kBookmark); |
77 ManifestPermissionSet manifest_permissions; | 85 ManifestPermissionSet manifest_permissions; |
78 URLPatternSet explicit_hosts; | 86 URLPatternSet explicit_hosts; |
79 AddPattern(&explicit_hosts, "http://*.c.com/*"); | 87 AddPattern(&explicit_hosts, "http://*.c.com/*"); |
80 | 88 |
81 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile()); | 89 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile()); |
82 prefs->AddGrantedPermissions("kjmkgkdkpedkejedfhmfcenooemhbpbo", | 90 prefs->AddGrantedPermissions("kjmkgkdkpedkejedfhmfcenooemhbpbo", |
83 PermissionSet(apis, manifest_permissions, | 91 PermissionSet(apis, manifest_permissions, |
84 explicit_hosts, URLPatternSet())); | 92 explicit_hosts, URLPatternSet())); |
85 | 93 |
86 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 94 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
87 host_resolver()->AddRule("*.com", "127.0.0.1"); | |
88 ASSERT_TRUE(StartEmbeddedTestServer()); | 95 ASSERT_TRUE(StartEmbeddedTestServer()); |
89 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_; | 96 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_; |
90 } | 97 } |
91 | 98 |
92 // Tests that the optional permissions API works correctly. | 99 // Tests that the optional permissions API works correctly. |
93 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsAutoConfirm) { | 100 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsAutoConfirm) { |
94 // Rather than setting the granted permissions, set the UI autoconfirm flag | 101 // Rather than setting the granted permissions, set the UI autoconfirm flag |
95 // and run the same tests. | 102 // and run the same tests. |
96 PermissionsRequestFunction::SetAutoConfirmForTests(true); | 103 PermissionsRequestFunction::SetAutoConfirmForTests(true); |
97 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 104 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
98 host_resolver()->AddRule("*.com", "127.0.0.1"); | |
99 ASSERT_TRUE(StartEmbeddedTestServer()); | 105 ASSERT_TRUE(StartEmbeddedTestServer()); |
100 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_; | 106 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_; |
101 } | 107 } |
102 | 108 |
103 // Test that denying the optional permissions confirmation dialog works. | 109 // Test that denying the optional permissions confirmation dialog works. |
104 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsDeny) { | 110 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsDeny) { |
105 PermissionsRequestFunction::SetAutoConfirmForTests(false); | 111 PermissionsRequestFunction::SetAutoConfirmForTests(false); |
106 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 112 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
107 host_resolver()->AddRule("*.com", "127.0.0.1"); | |
108 ASSERT_TRUE(StartEmbeddedTestServer()); | 113 ASSERT_TRUE(StartEmbeddedTestServer()); |
109 EXPECT_TRUE(RunExtensionTest("permissions/optional_deny")) << message_; | 114 EXPECT_TRUE(RunExtensionTest("permissions/optional_deny")) << message_; |
110 } | 115 } |
111 | 116 |
112 // Tests that the permissions.request function must be called from within a | 117 // Tests that the permissions.request function must be called from within a |
113 // user gesture. | 118 // user gesture. |
114 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGesture) { | 119 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsGesture) { |
115 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false); | 120 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false); |
116 host_resolver()->AddRule("*.com", "127.0.0.1"); | |
117 ASSERT_TRUE(StartEmbeddedTestServer()); | 121 ASSERT_TRUE(StartEmbeddedTestServer()); |
118 EXPECT_TRUE(RunExtensionTest("permissions/optional_gesture")) << message_; | 122 EXPECT_TRUE(RunExtensionTest("permissions/optional_gesture")) << message_; |
119 } | 123 } |
120 | 124 |
121 // Tests that the user gesture is retained in the permissions.request function | 125 // Tests that the user gesture is retained in the permissions.request function |
122 // callback. | 126 // callback. |
123 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsRetainGesture) { | 127 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsRetainGesture) { |
124 PermissionsRequestFunction::SetAutoConfirmForTests(true); | 128 PermissionsRequestFunction::SetAutoConfirmForTests(true); |
125 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false); | 129 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false); |
126 host_resolver()->AddRule("*.com", "127.0.0.1"); | |
127 ASSERT_TRUE(StartEmbeddedTestServer()); | 130 ASSERT_TRUE(StartEmbeddedTestServer()); |
128 EXPECT_TRUE(RunExtensionTest("permissions/optional_retain_gesture")) | 131 EXPECT_TRUE(RunExtensionTest("permissions/optional_retain_gesture")) |
129 << message_; | 132 << message_; |
130 } | 133 } |
131 | 134 |
132 // Test that optional permissions blocked by enterprise policy will be denied | 135 // Test that optional permissions blocked by enterprise policy will be denied |
133 // automatically. | 136 // automatically. |
134 IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy, | 137 IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy, |
135 OptionalPermissionsPolicyBlocked) { | 138 OptionalPermissionsPolicyBlocked) { |
136 // Set enterprise policy to block some API permissions. | 139 // Set enterprise policy to block some API permissions. |
137 { | 140 { |
138 ExtensionManagementPolicyUpdater pref(&policy_provider_); | 141 ExtensionManagementPolicyUpdater pref(&policy_provider_); |
139 pref.AddBlockedPermission("*", "management"); | 142 pref.AddBlockedPermission("*", "management"); |
140 } | 143 } |
141 // Set auto confirm UI flag. | 144 // Set auto confirm UI flag. |
142 PermissionsRequestFunction::SetAutoConfirmForTests(true); | 145 PermissionsRequestFunction::SetAutoConfirmForTests(true); |
143 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 146 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
144 EXPECT_TRUE(RunExtensionTest("permissions/optional_policy_blocked")) | 147 EXPECT_TRUE(RunExtensionTest("permissions/optional_policy_blocked")) |
145 << message_; | 148 << message_; |
146 } | 149 } |
147 | 150 |
148 // Tests that an extension can't gain access to file: URLs without the checkbox | 151 // Tests that an extension can't gain access to file: URLs without the checkbox |
149 // entry in prefs. There shouldn't be a warning either. | 152 // entry in prefs. There shouldn't be a warning either. |
150 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsFileAccess) { | 153 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsFileAccess) { |
151 // There shouldn't be a warning, so we shouldn't need to autoconfirm. | 154 // There shouldn't be a warning, so we shouldn't need to autoconfirm. |
152 PermissionsRequestFunction::SetAutoConfirmForTests(false); | 155 PermissionsRequestFunction::SetAutoConfirmForTests(false); |
153 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 156 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
154 | 157 |
155 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile()); | 158 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile()); |
156 | 159 |
157 EXPECT_TRUE( | 160 EXPECT_TRUE( |
158 RunExtensionTestNoFileAccess("permissions/file_access_no")) << message_; | 161 RunExtensionTestNoFileAccess("permissions/file_access_no")) << message_; |
159 EXPECT_FALSE(prefs->AllowFileAccess("dgloelfbnddbdacakahpogklfdcccbib")); | 162 EXPECT_FALSE(prefs->AllowFileAccess("dgloelfbnddbdacakahpogklfdcccbib")); |
160 | 163 |
161 EXPECT_TRUE(RunExtensionTest("permissions/file_access_yes")) << message_; | 164 EXPECT_TRUE(RunExtensionTest("permissions/file_access_yes")) << message_; |
162 // TODO(kalman): ugh, it would be nice to test this condition, but it seems | 165 // TODO(kalman): ugh, it would be nice to test this condition, but it seems |
163 // like there's somehow a race here where the prefs aren't updated in time | 166 // like there's somehow a race here where the prefs aren't updated in time |
164 // with the "allow file access" bit, so we'll just have to trust that | 167 // with the "allow file access" bit, so we'll just have to trust that |
165 // RunExtensionTest (unlike RunExtensionTestNoFileAccess) does indeed | 168 // RunExtensionTest (unlike RunExtensionTestNoFileAccess) does indeed |
166 // not set the allow file access bit. Otherwise this test doesn't mean | 169 // not set the allow file access bit. Otherwise this test doesn't mean |
167 // a whole lot (i.e. file access works - but it'd better not be the case | 170 // a whole lot (i.e. file access works - but it'd better not be the case |
168 // that the extension actually has file access, since that'd be the bug | 171 // that the extension actually has file access, since that'd be the bug |
169 // that this is supposed to be testing). | 172 // that this is supposed to be testing). |
170 // EXPECT_TRUE(prefs->AllowFileAccess("hlonmbgfjccgolnaboonlakjckinmhmd")); | 173 // EXPECT_TRUE(prefs->AllowFileAccess("hlonmbgfjccgolnaboonlakjckinmhmd")); |
171 } | 174 } |
172 | 175 |
173 // Test requesting, querying, and removing host permissions for host | 176 // Test requesting, querying, and removing host permissions for host |
174 // permissions that are a subset of the optional permissions. | 177 // permissions that are a subset of the optional permissions. |
175 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, HostSubsets) { | 178 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, HostSubsets) { |
176 PermissionsRequestFunction::SetAutoConfirmForTests(true); | 179 PermissionsRequestFunction::SetAutoConfirmForTests(true); |
177 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); | 180 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true); |
178 EXPECT_TRUE(RunExtensionTest("permissions/host_subsets")) << message_; | 181 EXPECT_TRUE(RunExtensionTest("permissions/host_subsets")) << message_; |
179 } | 182 } |
180 | 183 |
181 // Tests that requesting an optional permission from a background page, with | 184 // Tests that requesting an optional permission from a background page, with |
182 // another window open, grants the permission and updates the bindings | 185 // another window open, grants the permission and updates the bindings |
183 // (chrome.whatever, in this case chrome.alarms). Regression test for | 186 // (chrome.whatever, in this case chrome.alarms). Regression test for |
184 // crbug.com/435141, see details there for trickiness. | 187 // crbug.com/435141, see details there for trickiness. |
185 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsUpdatesBindings) { | 188 IN_PROC_BROWSER_TEST_F(PermissionsApiTest, OptionalPermissionsUpdatesBindings) { |
186 ASSERT_TRUE(RunExtensionTest("permissions/optional_updates_bindings")) | 189 ASSERT_TRUE(RunExtensionTest("permissions/optional_updates_bindings")) |
187 << message_; | 190 << message_; |
188 } | 191 } |
189 | 192 |
190 } // namespace extensions | 193 } // namespace extensions |
OLD | NEW |