OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
7 | 7 |
8 #include <map> | 8 #include <map> |
9 #include <memory> | 9 #include <memory> |
10 #include <string> | 10 #include <string> |
(...skipping 240 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
251 // methods instead (e.g. CanAccessPage()). | 251 // methods instead (e.g. CanAccessPage()). |
252 const URLPatternSet policy_blocked_hosts() const; | 252 const URLPatternSet policy_blocked_hosts() const; |
253 | 253 |
254 // Returns list of hosts this extension may interact with regardless of | 254 // Returns list of hosts this extension may interact with regardless of |
255 // what is defined by policy_blocked_hosts(). | 255 // what is defined by policy_blocked_hosts(). |
256 // This should only be used for 1. Serialization when initializing renderers | 256 // This should only be used for 1. Serialization when initializing renderers |
257 // or 2. Called from utility methods above. For all other uses, call utility | 257 // or 2. Called from utility methods above. For all other uses, call utility |
258 // methods instead (e.g. CanAccessPage()). | 258 // methods instead (e.g. CanAccessPage()). |
259 const URLPatternSet policy_allowed_hosts() const; | 259 const URLPatternSet policy_allowed_hosts() const; |
260 | 260 |
| 261 // Check if a specific URL is blocked by policy from extension use at runtime. |
| 262 bool IsRuntimeBlockedHost(const GURL& url) const { |
| 263 base::AutoLock auto_lock(runtime_lock_); |
| 264 return IsRuntimeBlockedHostUnsafe(url); |
| 265 } |
| 266 |
261 #if defined(UNIT_TEST) | 267 #if defined(UNIT_TEST) |
262 const PermissionSet* GetTabSpecificPermissionsForTesting(int tab_id) const { | 268 const PermissionSet* GetTabSpecificPermissionsForTesting(int tab_id) const { |
263 base::AutoLock auto_lock(runtime_lock_); | 269 base::AutoLock auto_lock(runtime_lock_); |
264 return GetTabSpecificPermissions(tab_id); | 270 return GetTabSpecificPermissions(tab_id); |
265 } | 271 } |
266 | |
267 bool IsRuntimeBlockedHostForTesting(const GURL& url) const { | |
268 base::AutoLock auto_lock(runtime_lock_); | |
269 return IsRuntimeBlockedHost(url); | |
270 } | |
271 #endif | 272 #endif |
272 | 273 |
273 private: | 274 private: |
274 // Gets the tab-specific host permissions of |tab_id|, or NULL if there | 275 // Gets the tab-specific host permissions of |tab_id|, or NULL if there |
275 // aren't any. | 276 // aren't any. |
276 // Must be called with |runtime_lock_| acquired. | 277 // Must be called with |runtime_lock_| acquired. |
277 const PermissionSet* GetTabSpecificPermissions(int tab_id) const; | 278 const PermissionSet* GetTabSpecificPermissions(int tab_id) const; |
278 | 279 |
279 // Returns true if the |extension| has tab-specific permission to operate on | 280 // Returns true if the |extension| has tab-specific permission to operate on |
280 // the tab specified by |tab_id| with the given |url|. | 281 // the tab specified by |tab_id| with the given |url|. |
281 // Note that if this returns false, it doesn't mean the extension can't run on | 282 // Note that if this returns false, it doesn't mean the extension can't run on |
282 // the given tab, only that it does not have tab-specific permission to do so. | 283 // the given tab, only that it does not have tab-specific permission to do so. |
283 // Must be called with |runtime_lock_| acquired. | 284 // Must be called with |runtime_lock_| acquired. |
284 bool HasTabSpecificPermissionToExecuteScript(int tab_id, | 285 bool HasTabSpecificPermissionToExecuteScript(int tab_id, |
285 const GURL& url) const; | 286 const GURL& url) const; |
286 | 287 |
287 // Returns whether or not the extension is permitted to run on the given page, | 288 // Returns whether or not the extension is permitted to run on the given page, |
288 // checking against |permitted_url_patterns| in addition to blocking special | 289 // checking against |permitted_url_patterns| in addition to blocking special |
289 // sites (like the webstore or chrome:// urls). | 290 // sites (like the webstore or chrome:// urls). |
290 // Must be called with |runtime_lock_| acquired. | 291 // Must be called with |runtime_lock_| acquired. |
291 AccessType CanRunOnPage(const Extension* extension, | 292 AccessType CanRunOnPage(const Extension* extension, |
292 const GURL& document_url, | 293 const GURL& document_url, |
293 int tab_id, | 294 int tab_id, |
294 const URLPatternSet& permitted_url_patterns, | 295 const URLPatternSet& permitted_url_patterns, |
295 const URLPatternSet& withheld_url_patterns, | 296 const URLPatternSet& withheld_url_patterns, |
296 std::string* error) const; | 297 std::string* error) const; |
297 | 298 |
298 // Check if a specific URL is blocked by policy from extension use at runtime. | 299 // Check if a specific URL is blocked by policy from extension use at runtime. |
299 bool IsRuntimeBlockedHost(const GURL& url) const; | 300 // You must acquire the runtime_lock_ before calling. |
| 301 bool IsRuntimeBlockedHostUnsafe(const GURL& url) const; |
300 | 302 |
301 // Same as policy_blocked_hosts but instead returns a reference. | 303 // Same as policy_blocked_hosts but instead returns a reference. |
302 // You must acquire runtime_lock_ before calling this. | 304 // You must acquire runtime_lock_ before calling this. |
303 const URLPatternSet& PolicyBlockedHostsUnsafe() const; | 305 const URLPatternSet& PolicyBlockedHostsUnsafe() const; |
304 | 306 |
305 // Same as policy_allowed_hosts but instead returns a reference. | 307 // Same as policy_allowed_hosts but instead returns a reference. |
306 // You must acquire runtime_lock_ before calling this. | 308 // You must acquire runtime_lock_ before calling this. |
307 const URLPatternSet& PolicyAllowedHostsUnsafe() const; | 309 const URLPatternSet& PolicyAllowedHostsUnsafe() const; |
308 | 310 |
309 // The associated extension's id. | 311 // The associated extension's id. |
(...skipping 35 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
345 mutable TabPermissionsMap tab_specific_permissions_; | 347 mutable TabPermissionsMap tab_specific_permissions_; |
346 | 348 |
347 mutable std::unique_ptr<base::ThreadChecker> thread_checker_; | 349 mutable std::unique_ptr<base::ThreadChecker> thread_checker_; |
348 | 350 |
349 DISALLOW_COPY_AND_ASSIGN(PermissionsData); | 351 DISALLOW_COPY_AND_ASSIGN(PermissionsData); |
350 }; | 352 }; |
351 | 353 |
352 } // namespace extensions | 354 } // namespace extensions |
353 | 355 |
354 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ | 356 #endif // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_ |
OLD | NEW |