[Extensions Bindings] Introduce BindingAccessChecker

extensions/renderer/api_binding.cc

 // Copyright 2016 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "extensions/renderer/api_binding.h"
 
 #include <algorithm>
 
 #include "base/bind.h"
 #include "base/logging.h"
 #include "base/memory/ptr_util.h"
 #include "base/strings/string_util.h"
 #include "base/strings/stringprintf.h"
 #include "base/values.h"
 #include "extensions/common/extension_api.h"
 #include "extensions/renderer/api_binding_hooks.h"
 #include "extensions/renderer/api_binding_types.h"
 #include "extensions/renderer/api_event_handler.h"
 #include "extensions/renderer/api_invocation_errors.h"
 #include "extensions/renderer/api_request_handler.h"
 #include "extensions/renderer/api_signature.h"
 #include "extensions/renderer/api_type_reference_map.h"
+#include "extensions/renderer/binding_access_checker.h"
 #include "extensions/renderer/declarative_event.h"
 #include "extensions/renderer/v8_helpers.h"
 #include "gin/arguments.h"
 #include "gin/handle.h"
 #include "gin/per_context_data.h"
 #include "third_party/WebKit/public/web/WebUserGestureIndicator.h"
 
 namespace extensions {
 
 namespace {
@@ skipping 139 matching lines @@
 
   CreateCustomType create_custom_type;
 };
 
 APIBinding::APIBinding(const std::string& api_name,
                        const base::ListValue* function_definitions,
                        const base::ListValue* type_definitions,
                        const base::ListValue* event_definitions,
                        const base::DictionaryValue* property_definitions,
                        const CreateCustomType& create_custom_type,
-                       const AvailabilityCallback& is_available,
                        std::unique_ptr<APIBindingHooks> binding_hooks,
                        APITypeReferenceMap* type_refs,
                        APIRequestHandler* request_handler,
-                       APIEventHandler* event_handler)
+                       APIEventHandler* event_handler,
+                       BindingAccessChecker* access_checker)
     : api_name_(api_name),
       property_definitions_(property_definitions),
       create_custom_type_(create_custom_type),
-      is_available_(is_available),
       binding_hooks_(std::move(binding_hooks)),
       type_refs_(type_refs),
       request_handler_(request_handler),
       event_handler_(event_handler),
+      access_checker_(access_checker),
       weak_factory_(this) {
   // TODO(devlin): It might make sense to instantiate the object_template_
   // directly here, which would avoid the need to hold on to
   // |property_definitions_| and |enums_|. However, there are *some* cases where
   // we don't immediately stamp out an API from the template following
   // construction.
 
   if (function_definitions) {
     for (const auto& func : *function_definitions) {
       const base::DictionaryValue* func_dict = nullptr;
@@ skipping 133 matching lines @@
   v8::Local<v8::Object> object =
       object_template_.Get(isolate)->NewInstance(context).ToLocalChecked();
 
   // The object created from the template includes all methods, but some may
   // be unavailable in this context. Iterate over them and delete any that
   // aren't available.
   // TODO(devlin): Ideally, we'd only do this check on the methods that are
   // conditionally exposed. Or, we could have multiple templates for different
   // configurations, assuming there are a small number of possibilities.
   for (const auto& key_value : methods_) {
-    if (!is_available_.Run(context, key_value.second->full_name)) {
+    if (!access_checker_->HasAccess(context, key_value.second->full_name)) {
       v8::Maybe<bool> success = object->Delete(
           context, gin::StringToSymbol(isolate, key_value.first));
       CHECK(success.IsJust());
       CHECK(success.FromJust());
     }
   }
   for (const auto& event : events_) {
-    if (!is_available_.Run(context, event->full_name)) {
+    if (!access_checker_->HasAccess(context, event->full_name)) {
       v8::Maybe<bool> success = object->Delete(
           context, gin::StringToSymbol(isolate, event->exposed_name));
       CHECK(success.IsJust());
       CHECK(success.FromJust());
     }
   }
 
   return object;
 }
 
@@ skipping 168 matching lines @@
                             const binding::RequestThread thread,
                             gin::Arguments* arguments) {
   std::string error;
   v8::Isolate* isolate = arguments->isolate();
   v8::HandleScope handle_scope(isolate);
 
   // Since this is called synchronously from the JS entry point,
   // GetCurrentContext() should always be correct.
   v8::Local<v8::Context> context = isolate->GetCurrentContext();
 
-  if (!is_available_.Run(context, name)) {
+  if (!access_checker_->HasAccessOrThrowError(context, name)) {
     // TODO(devlin): Do we need handle this for events as well? I'm not sure the
     // currrent system does (though perhaps it should). Investigate.
-    isolate->ThrowException(v8::Exception::Error(gin::StringToV8(
-        isolate, base::StringPrintf("'%s' is not available in this context.",
-                                    name.c_str()))));
     return;
   }
 
   std::vector<v8::Local<v8::Value>> argument_list = arguments->GetAll();
 
   bool invalid_invocation = false;
   v8::Local<v8::Function> custom_callback;
   bool updated_args = false;
   {
     v8::TryCatch try_catch(isolate);
@@ skipping 65 matching lines @@
     arguments->ThrowTypeError(api_errors::InvocationError(
         name, signature->GetExpectedSignature(), error));
     return;
   }
 
   request_handler_->StartRequest(context, name, std::move(converted_arguments),
                                  callback, custom_callback, thread);
 }
 
 }  // namespace extensions