OLD | NEW |
1 // Copyright 2017 The Chromium Authors. All rights reserved. | 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_ | 5 #ifndef CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_ |
6 #define CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_ | 6 #define CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H_ |
7 | 7 |
8 #include <memory> | 8 #include <memory> |
9 #include <set> | 9 #include <set> |
10 | 10 |
(...skipping 19 matching lines...) Expand all Loading... |
30 | 30 |
31 // In Public Sessions, extensions (and apps) are force-installed by admin policy | 31 // In Public Sessions, extensions (and apps) are force-installed by admin policy |
32 // so the user does not get a chance to review the permissions for these | 32 // so the user does not get a chance to review the permissions for these |
33 // extensions. This is not acceptable from a security/privacy standpoint, so | 33 // extensions. This is not acceptable from a security/privacy standpoint, so |
34 // when an extension uses one of the sensitive APIs for the first time, we show | 34 // when an extension uses one of the sensitive APIs for the first time, we show |
35 // the user a dialog where they can choose whether to allow the extension access | 35 // the user a dialog where they can choose whether to allow the extension access |
36 // to the API. | 36 // to the API. |
37 // | 37 // |
38 // This function sets up the prompt asking the user for additional | 38 // This function sets up the prompt asking the user for additional |
39 // permission(s), handles the result, caches it, and then runs the callback with | 39 // permission(s), handles the result, caches it, and then runs the callback with |
40 // the allowed permissions as the argument. | 40 // the allowed permissions as the argument. It returns true if this |
| 41 // permission(s) is already resolved, and false otherwise. |
41 // | 42 // |
42 // The user will be prompted about a certain permission only once, and that | 43 // The user will be prompted about a certain permission only once, and that |
43 // choice will be cached and used in any subsequent requests that use the same | 44 // choice will be cached and used in any subsequent requests that use the same |
44 // permission. If a request comes for a permission that is currently being | 45 // permission. If a request comes for a permission that is currently being |
45 // prompted, its callback will be queued up to be invoked when the prompt is | 46 // prompted, its callback will be queued up to be invoked when the prompt is |
46 // resolved. | 47 // resolved. |
47 // | 48 // |
48 // Caller must ensure that web_contents is valid. Must be called on UI thread. | 49 // Caller must ensure that web_contents is valid. Must be called on UI thread. |
49 // | 50 // |
| 51 // Callback can be null (permission_helper::RequestResolvedCallback()), in which |
| 52 // case it's not invoked but the permission prompt is still shown. |
| 53 // |
50 // Passing in a null prompt_factory (permission_helper::PromptFactory()) | 54 // Passing in a null prompt_factory (permission_helper::PromptFactory()) |
51 // callback gets the default behaviour (ie. it is is used only for tests). | 55 // callback gets the default behaviour (ie. it is is used only for tests). |
52 void HandlePermissionRequest(const Extension& extension, | 56 bool HandlePermissionRequest(const Extension& extension, |
53 const PermissionIDSet& requested_permissions, | 57 const PermissionIDSet& requested_permissions, |
54 content::WebContents* web_contents, | 58 content::WebContents* web_contents, |
55 const RequestResolvedCallback& callback, | 59 const RequestResolvedCallback& callback, |
56 const PromptFactory& prompt_factory); | 60 const PromptFactory& prompt_factory); |
57 | 61 |
| 62 // Returns true if user granted this permission to the extension. |
| 63 bool PermissionAllowed(const Extension* extension, |
| 64 APIPermission::ID permission); |
| 65 |
58 // Used to completely reset state in between tests. | 66 // Used to completely reset state in between tests. |
59 void ResetPermissionsForTesting(); | 67 void ResetPermissionsForTesting(); |
60 | 68 |
61 } // namespace permission_helper | 69 } // namespace permission_helper |
62 } // namespace extensions | 70 } // namespace extensions |
63 | 71 |
64 #endif // CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H
_ | 72 #endif // CHROME_BROWSER_CHROMEOS_EXTENSIONS_PUBLIC_SESSION_PERMISSION_HELPER_H
_ |
OLD | NEW |