extensions/common/permissions/permissions_data_unittest.cc - Issue 293003008: Make ActiveScriptController use Active Tab-style permissions

Unified Diff: extensions/common/permissions/permissions_data_unittest.cc

Issue 293003008: Make ActiveScriptController use Active Tab-style permissions (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Created 6 years, 7 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« extensions/common/permissions/permissions_data.cc ('K') | « extensions/common/permissions/permissions_data.cc ('k') | extensions/renderer/user_script_slave.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: extensions/common/permissions/permissions_data_unittest.cc

diff --git a/extensions/common/permissions/permissions_data_unittest.cc b/extensions/common/permissions/permissions_data_unittest.cc

index c1596167b2d21c4d17a903b9f2886de08f280c87..aee14a0941c8651f6bb87cfb0ea28321c2ba3ff7 100644

--- a/extensions/common/permissions/permissions_data_unittest.cc

+++ b/extensions/common/permissions/permissions_data_unittest.cc

@@ -14,7 +14,9 @@

#include "content/public/common/socket_permission_request.h"

#include "extensions/common/error_utils.h"

#include "extensions/common/extension.h"

+#include "extensions/common/extension_builder.h"

#include "extensions/common/id_util.h"

+#include "extensions/common/manifest.h"

#include "extensions/common/manifest_constants.h"

#include "extensions/common/permissions/api_permission.h"

#include "extensions/common/permissions/permission_set.h"

@@ -22,7 +24,9 @@

#include "extensions/common/permissions/socket_permission.h"

#include "extensions/common/switches.h"

#include "extensions/common/url_pattern_set.h"

+#include "extensions/common/value_builder.h"

#include "testing/gtest/include/gtest/gtest.h"

+#include "url/gurl.h"

using base::UTF16ToUTF8;

using content::SocketPermissionRequest;

@@ -34,6 +38,8 @@ namespace extensions {

namespace {

+const char kAllHostsPermission[] = "*://*/*";

bool CheckSocketPermission(

scoped_refptr<Extension> extension,

SocketPermissionRequest::OperationType type,

@@ -44,6 +50,43 @@ bool CheckSocketPermission(

extension.get(), APIPermission::kSocket, &param);

}

+// Creates and returns an extension with the given |id|, |host_permissions|, and

+// manifest |location|.

+scoped_refptr<const Extension> GetExtensionWithHostPermission(

+ const std::string& id,

+ const std::string& host_permissions,

+ Manifest::Location location) {

+ ListBuilder permissions;

+ if (!host_permissions.empty())

+ permissions.Append(host_permissions);

+ return ExtensionBuilder()

+ .SetManifest(

+ DictionaryBuilder()

+ .Set("name", id)

+ .Set("description", "an extension")

+ .Set("manifest_version", 2)

+ .Set("version", "1.0.0")

+ .Set("permissions", permissions.Pass())

+ .Build())

+ .SetLocation(location)

+ .SetID(id)

+ .Build();

+bool RequiresActionForScriptExecution(const std::string& extension_id,

+ const std::string& host_permissions,

+ Manifest::Location location) {

+ scoped_refptr<const Extension> extension =

+ GetExtensionWithHostPermission(extension_id,

+ host_permissions,

+ location);

+ return PermissionsData::RequiresActionForScriptExecution(

+ extension,

+ -1, // Ignore tab id for these.

+ GURL::EmptyGURL());

} // namespace

TEST(ExtensionPermissionsTest, EffectiveHostPermissions) {

@@ -153,6 +196,46 @@ TEST(ExtensionPermissionsTest, SocketPermissions) {

"239.255.255.250", 1900));

}

+TEST(ExtensionPermissionsTest, RequiresActionForScriptExecution) {

+ // Extensions with all_hosts should require action.

+ EXPECT_TRUE(RequiresActionForScriptExecution(

+ "all_hosts_permissions", kAllHostsPermission, Manifest::INTERNAL));

+ // Extensions with nearly all hosts are treated the same way.

+ EXPECT_TRUE(RequiresActionForScriptExecution(

+ "pseudo_all_hosts_permissions", "*://*.com/*", Manifest::INTERNAL));

+ // Extensions with explicit permissions shouldn't require action.

+ EXPECT_FALSE(RequiresActionForScriptExecution(

+ "explicit_permissions", "https://www.google.com/*", Manifest::INTERNAL));

+ // Policy extensions are exempt...

+ EXPECT_FALSE(RequiresActionForScriptExecution(

+ "policy", kAllHostsPermission, Manifest::EXTERNAL_POLICY));

+ // ... as are component extensions.

+ EXPECT_FALSE(RequiresActionForScriptExecution(

+ "component", kAllHostsPermission, Manifest::COMPONENT));

+ // Throw in an external pref extension to make sure that it's not just working

+ // for everything non-internal.

+ EXPECT_TRUE(RequiresActionForScriptExecution(

+ "external_pref", kAllHostsPermission, Manifest::EXTERNAL_PREF));

+ // If we grant an extension tab permissions, then it should no longer require

+ // action.

+ scoped_refptr<const Extension> extension =

+ GetExtensionWithHostPermission("all_hosts_permissions",

+ kAllHostsPermission,

+ Manifest::INTERNAL);

+ URLPatternSet allowed_hosts;

+ allowed_hosts.AddPattern(

+ URLPattern(URLPattern::SCHEME_HTTPS, "https://www.google.com/*"));

+ scoped_refptr<PermissionSet> tab_permissions(

+ new PermissionSet(APIPermissionSet(),

+ ManifestPermissionSet(),

+ allowed_hosts,

+ URLPatternSet()));

+ PermissionsData::UpdateTabSpecificPermissions(extension, 0, tab_permissions);

+ EXPECT_FALSE(PermissionsData::RequiresActionForScriptExecution(

+ extension, 0, GURL("https://www.google.com/")));

TEST(ExtensionPermissionsTest, GetPermissionMessages_ManyAPIPermissions) {

scoped_refptr<Extension> extension;

extension = LoadManifest("permissions", "many-apis.json");