| OLD | NEW |
|---|
| (Empty) | |
| 1 // Copyright 2017 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "content/browser/permissions/permission_service_impl.h" |
| 6 |
| 7 #include "base/run_loop.h" |
| 8 #include "base/test/scoped_feature_list.h" |
| 9 #include "content/browser/permissions/permission_service_context.h" |
| 10 #include "content/public/browser/web_contents.h" |
| 11 #include "content/public/common/content_features.h" |
| 12 #include "content/public/test/test_browser_context.h" |
| 13 #include "content/public/test/test_renderer_host.h" |
| 14 #include "content/test/mock_permission_manager.h" |
| 15 #include "mojo/public/cpp/bindings/interface_request.h" |
| 16 #include "third_party/WebKit/public/platform/WebFeaturePolicy.h" |
| 17 #include "third_party/WebKit/public/platform/modules/permissions/permission.mojo
m.h" |
| 18 #include "url/origin.h" |
| 19 |
| 20 using blink::mojom::PermissionStatus; |
| 21 using blink::mojom::PermissionName; |
| 22 |
| 23 namespace content { |
| 24 |
| 25 namespace { |
| 26 |
| 27 blink::mojom::PermissionDescriptorPtr CreatePermissionDescriptor( |
| 28 PermissionName name) { |
| 29 auto descriptor = blink::mojom::PermissionDescriptor::New(); |
| 30 descriptor->name = name; |
| 31 return descriptor; |
| 32 } |
| 33 |
| 34 class TestPermissionManager : public MockPermissionManager { |
| 35 public: |
| 36 ~TestPermissionManager() override = default; |
| 37 |
| 38 PermissionStatus GetPermissionStatus(PermissionType permission, |
| 39 const GURL& requesting_origin, |
| 40 const GURL& embedding_origin) override { |
| 41 // Always return granted. |
| 42 return PermissionStatus::GRANTED; |
| 43 } |
| 44 |
| 45 int RequestPermissions( |
| 46 const std::vector<PermissionType>& permissions, |
| 47 RenderFrameHost* render_frame_host, |
| 48 const GURL& requesting_origin, |
| 49 bool user_gesture, |
| 50 const base::Callback<void(const std::vector<PermissionStatus>&)>& |
| 51 callback) override { |
| 52 callback.Run(std::vector<PermissionStatus>(permissions.size(), |
| 53 PermissionStatus::GRANTED)); |
| 54 return 0; |
| 55 } |
| 56 }; |
| 57 |
| 58 } // namespace |
| 59 |
| 60 class PermissionServiceImplTest : public RenderViewHostTestHarness { |
| 61 public: |
| 62 PermissionServiceImplTest() : origin_(GURL("https://www.google.com")) {} |
| 63 |
| 64 void SetUp() override { |
| 65 RenderViewHostTestHarness::SetUp(); |
| 66 static_cast<TestBrowserContext*>(browser_context()) |
| 67 ->SetPermissionManager(base::MakeUnique<TestPermissionManager>()); |
| 68 NavigateAndCommit(origin_.GetURL()); |
| 69 service_context_.reset(new PermissionServiceContext(main_rfh())); |
| 70 service_impl_.reset(new PermissionServiceImpl(service_context_.get())); |
| 71 } |
| 72 |
| 73 void TearDown() override { |
| 74 service_impl_.reset(); |
| 75 service_context_.reset(); |
| 76 RenderViewHostTestHarness::TearDown(); |
| 77 } |
| 78 |
| 79 protected: |
| 80 // The header policy should only be set once on page load, so we refresh the |
| 81 // page to simulate that. |
| 82 void RefreshPageAndSetHeaderPolicy(blink::WebFeaturePolicyFeature feature, |
| 83 bool enabled) { |
| 84 NavigateAndCommit(origin_.GetURL()); |
| 85 std::vector<url::Origin> whitelist; |
| 86 if (enabled) |
| 87 whitelist.push_back(origin_); |
| 88 RenderFrameHostTester::For(main_rfh()) |
| 89 ->SimulateFeaturePolicyHeader(feature, whitelist); |
| 90 } |
| 91 |
| 92 PermissionStatus HasPermission(PermissionName permission) { |
| 93 base::Callback<void(PermissionStatus)> callback = |
| 94 base::Bind(&PermissionServiceImplTest::PermissionStatusCallback, |
| 95 base::Unretained(this)); |
| 96 service_impl_->HasPermission(CreatePermissionDescriptor(permission), |
| 97 origin_, callback); |
| 98 EXPECT_EQ(1u, last_permission_statuses_.size()); |
| 99 return last_permission_statuses_[0]; |
| 100 } |
| 101 |
| 102 std::vector<PermissionStatus> RequestPermissions( |
| 103 const std::vector<PermissionName>& permissions) { |
| 104 std::vector<blink::mojom::PermissionDescriptorPtr> descriptors; |
| 105 for (PermissionName name : permissions) |
| 106 descriptors.push_back(CreatePermissionDescriptor(name)); |
| 107 base::Callback<void(const std::vector<PermissionStatus>&)> callback = |
| 108 base::Bind(&PermissionServiceImplTest::RequestPermissionsCallback, |
| 109 base::Unretained(this)); |
| 110 service_impl_->RequestPermissions(std::move(descriptors), origin_, |
| 111 /*user_gesture=*/false, callback); |
| 112 EXPECT_EQ(permissions.size(), last_permission_statuses_.size()); |
| 113 return last_permission_statuses_; |
| 114 } |
| 115 |
| 116 private: |
| 117 void PermissionStatusCallback(blink::mojom::PermissionStatus status) { |
| 118 last_permission_statuses_ = std::vector<PermissionStatus>{status}; |
| 119 } |
| 120 |
| 121 void RequestPermissionsCallback( |
| 122 const std::vector<PermissionStatus>& statuses) { |
| 123 last_permission_statuses_ = statuses; |
| 124 } |
| 125 |
| 126 url::Origin origin_; |
| 127 |
| 128 base::Closure quit_closure_; |
| 129 |
| 130 std::vector<PermissionStatus> last_permission_statuses_; |
| 131 |
| 132 std::unique_ptr<PermissionServiceImpl> service_impl_; |
| 133 std::unique_ptr<PermissionServiceContext> service_context_; |
| 134 }; |
| 135 |
| 136 // Basic tests for feature policy checks through the PermissionService. These |
| 137 // tests are not meant to cover every edge case as the FeaturePolicy class |
| 138 // itself is tested thoroughly in feature_policy_unittest.cc and in |
| 139 // render_frame_host_feature_policy_unittest.cc. |
| 140 TEST_F(PermissionServiceImplTest, HasPermissionWithFeaturePolicy) { |
| 141 base::test::ScopedFeatureList feature_list; |
| 142 feature_list.InitAndEnableFeature(features::kUseFeaturePolicyForPermissions); |
| 143 // Geolocation should be enabled by default for a frame (if permission is |
| 144 // granted). |
| 145 EXPECT_EQ(PermissionStatus::GRANTED, |
| 146 HasPermission(PermissionName::GEOLOCATION)); |
| 147 |
| 148 RefreshPageAndSetHeaderPolicy(blink::WebFeaturePolicyFeature::kGeolocation, |
| 149 /*enabled=*/false); |
| 150 EXPECT_EQ(PermissionStatus::DENIED, |
| 151 HasPermission(PermissionName::GEOLOCATION)); |
| 152 |
| 153 // Midi should be allowed even though geolocation was disabled. |
| 154 EXPECT_EQ(PermissionStatus::GRANTED, HasPermission(PermissionName::MIDI)); |
| 155 |
| 156 // Now block midi. |
| 157 RefreshPageAndSetHeaderPolicy(blink::WebFeaturePolicyFeature::kMidiFeature, |
| 158 /*enabled=*/false); |
| 159 EXPECT_EQ(PermissionStatus::DENIED, HasPermission(PermissionName::MIDI)); |
| 160 |
| 161 // Ensure that the policy is ignored if kUseFeaturePolicyForPermissions is |
| 162 // disabled. |
| 163 base::test::ScopedFeatureList empty_feature_list; |
| 164 empty_feature_list.Init(); |
| 165 EXPECT_EQ(PermissionStatus::GRANTED, HasPermission(PermissionName::MIDI)); |
| 166 } |
| 167 |
| 168 TEST_F(PermissionServiceImplTest, RequestPermissionsWithFeaturePolicy) { |
| 169 base::test::ScopedFeatureList feature_list; |
| 170 feature_list.InitAndEnableFeature(features::kUseFeaturePolicyForPermissions); |
| 171 |
| 172 // Disable midi. |
| 173 RefreshPageAndSetHeaderPolicy(blink::WebFeaturePolicyFeature::kMidiFeature, |
| 174 /*enabled=*/false); |
| 175 |
| 176 std::vector<PermissionStatus> result = |
| 177 RequestPermissions(std::vector<PermissionName>{PermissionName::MIDI}); |
| 178 EXPECT_EQ(1u, result.size()); |
| 179 EXPECT_EQ(PermissionStatus::DENIED, result[0]); |
| 180 |
| 181 // Request midi along with geolocation. Geolocation should be granted. |
| 182 result = RequestPermissions(std::vector<PermissionName>{ |
| 183 PermissionName::MIDI, PermissionName::GEOLOCATION}); |
| 184 EXPECT_EQ(2u, result.size()); |
| 185 EXPECT_EQ(PermissionStatus::DENIED, result[0]); |
| 186 EXPECT_EQ(PermissionStatus::GRANTED, result[1]); |
| 187 } |
| 188 |
| 189 } // namespace |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2874053003:
Add checks for Feature Policy to the mojo Permission Service (Closed)
