extensions/common/permissions/permission_set.h - Issue 293003008: Make ActiveScriptController use Active Tab-style permissions

Side by Side Diff: extensions/common/permissions/permission_set.h

Issue 293003008: Make ActiveScriptController use Active Tab-style permissions (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/browser/extensions/active_script_controller_unittest.cc ('K') | « chrome/common/extensions/permissions/chrome_permission_message_provider.cc ('k') | extensions/common/permissions/permission_set.cc » ('j') | extensions/common/permissions/permissions_data.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_	5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_

6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_	6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_

7	7

8 #include <map>	8 #include <map>

9 #include <set>	9 #include <set>

10 #include <string>	10 #include <string>

(...skipping 78 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
89 // Returns true if this includes permission to access \|origin\|.	89 // Returns true if this includes permission to access \|origin\|.

90 bool HasExplicitAccessToOrigin(const GURL& origin) const;	90 bool HasExplicitAccessToOrigin(const GURL& origin) const;

91	91

92 // Returns true if this permission set includes access to script \|url\|.	92 // Returns true if this permission set includes access to script \|url\|.

93 bool HasScriptableAccessToURL(const GURL& url) const;	93 bool HasScriptableAccessToURL(const GURL& url) const;

94	94

95 // Returns true if this permission set includes effective access to all	95 // Returns true if this permission set includes effective access to all

96 // origins.	96 // origins.

97 bool HasEffectiveAccessToAllHosts() const;	97 bool HasEffectiveAccessToAllHosts() const;

98	98

	99 // Returns true if this permission set has access to so many hosts, that we
	not at google - send to devlin 2014/05/21 20:10:20 Can we call this ShouldWarnForAllHosts then? "most Can we call this ShouldWarnForAllHosts then? "most" hosts is pretty vague, and probably not even correct. Devlin 2014/05/21 23:16:07 Done. Show quoted text On 2014/05/21 20:10:20, kalman wrote: > Can we call this ShouldWarnForAllHosts then? "most" hosts is pretty vague, and > probably not even correct. Done.
	100 // should treat it as all hosts for warning purposes.

	101 // For example, '://.com/*'.

	102 bool HasAccessToMostHosts() const;

	103

99 // Returns true if this permission set includes effective access to \|url\|.	104 // Returns true if this permission set includes effective access to \|url\|.

100 bool HasEffectiveAccessToURL(const GURL& url) const;	105 bool HasEffectiveAccessToURL(const GURL& url) const;

101	106

102 // Returns true if this permission set effectively represents full access	107 // Returns true if this permission set effectively represents full access

103 // (e.g. native code).	108 // (e.g. native code).

104 bool HasEffectiveFullAccess() const;	109 bool HasEffectiveFullAccess() const;

105	110

106 const APIPermissionSet& apis() const { return apis_; }	111 const APIPermissionSet& apis() const { return apis_; }

107	112

108 const ManifestPermissionSet& manifest_permissions() const {	113 const ManifestPermissionSet& manifest_permissions() const {

109 return manifest_permissions_;	114 return manifest_permissions_;

110 }	115 }

111	116

112 const URLPatternSet& effective_hosts() const { return effective_hosts_; }	117 const URLPatternSet& effective_hosts() const { return effective_hosts_; }

113	118

114 const URLPatternSet& explicit_hosts() const { return explicit_hosts_; }	119 const URLPatternSet& explicit_hosts() const { return explicit_hosts_; }

115	120

116 const URLPatternSet& scriptable_hosts() const { return scriptable_hosts_; }	121 const URLPatternSet& scriptable_hosts() const { return scriptable_hosts_; }

117	122

118 private:	123 private:

119 FRIEND_TEST_ALL_PREFIXES(PermissionsTest, GetWarningMessages_AudioVideo);	124 FRIEND_TEST_ALL_PREFIXES(PermissionsTest, GetWarningMessages_AudioVideo);

120 friend class base::RefCountedThreadSafe<PermissionSet>;	125 friend class base::RefCountedThreadSafe<PermissionSet>;

121	126

122 ~PermissionSet();	127 ~PermissionSet();

123	128

124 void AddAPIPermission(APIPermission::ID id);

125

126 // Adds permissions implied independently of other context.	129 // Adds permissions implied independently of other context.

127 void InitImplicitPermissions();	130 void InitImplicitPermissions();

128	131

129 // Initializes the effective host permission based on the data in this set.	132 // Initializes the effective host permission based on the data in this set.

130 void InitEffectiveHosts();	133 void InitEffectiveHosts();

131	134

	135 // Initializes \|has_access_to_most_hosts_\|.

	136 void InitHasAccessToMostHosts() const;

	137

132 // The api list is used when deciding if an extension can access certain	138 // The api list is used when deciding if an extension can access certain

133 // extension APIs and features.	139 // extension APIs and features.

134 APIPermissionSet apis_;	140 APIPermissionSet apis_;

135	141

136 // The manifest key permission list is used when deciding if an extension	142 // The manifest key permission list is used when deciding if an extension

137 // can access certain extension APIs and features.	143 // can access certain extension APIs and features.

138 ManifestPermissionSet manifest_permissions_;	144 ManifestPermissionSet manifest_permissions_;

139	145

140 // The list of hosts that can be accessed directly from the extension.	146 // The list of hosts that can be accessed directly from the extension.

141 // TODO(jstritar): Rename to "hosts_"?	147 // TODO(jstritar): Rename to "hosts_"?

142 URLPatternSet explicit_hosts_;	148 URLPatternSet explicit_hosts_;

143	149

144 // The list of hosts that can be scripted by content scripts.	150 // The list of hosts that can be scripted by content scripts.

145 // TODO(jstritar): Rename to "user_script_hosts_"?	151 // TODO(jstritar): Rename to "user_script_hosts_"?

146 URLPatternSet scriptable_hosts_;	152 URLPatternSet scriptable_hosts_;

147	153

148 // The list of hosts this effectively grants access to.	154 // The list of hosts this effectively grants access to.

149 URLPatternSet effective_hosts_;	155 URLPatternSet effective_hosts_;

	156

	157 // Whether or not this permission set includes access to so many origins, we

	158 // should treat it as all_hosts for warning purposes.

	159 // Lazily set upon first retrieval, and stored for performance sake.

	160 // Mutable, because setting this does not change the logical state of the

	161 // permission set, and is done only for performance purposes.

	162 mutable scoped_ptr<bool> has_access_to_most_hosts_;
	not at google - send to devlin 2014/05/21 20:10:20 a pointer for this seems like overkill. could you a pointer for this seems like overkill. could you make it a tri-state enum? Devlin 2014/05/21 23:16:07 Why not. Show quoted text On 2014/05/21 20:10:20, kalman wrote: > a pointer for this seems like overkill. could you make it a tri-state enum? Why not.
150 };	163 };

151	164

152 } // namespace extensions	165 } // namespace extensions

153	166

154 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_	167 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_

OLD	NEW