Create withheld permissions

extensions/common/permissions/permissions_data_unittest.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/memory/ref_counted.h"
 #include "base/strings/string16.h"
 #include "base/strings/utf_string_conversions.h"
@@ skipping 56 matching lines @@
               .Set("description", "an extension")
               .Set("manifest_version", 2)
               .Set("version", "1.0.0")
               .Set("permissions", permissions.Pass())
               .Build())
       .SetLocation(location)
       .SetID(id)
       .Build();
 }
 
-bool RequiresActionForScriptExecution(const std::string& extension_id,
-                                      const std::string& host_permissions,
-                                      Manifest::Location location) {
-  scoped_refptr<const Extension> extension =
-      GetExtensionWithHostPermission(extension_id,
-                                     host_permissions,
-                                     location);
-  return extension->permissions_data()->RequiresActionForScriptExecution(
-      extension,
-      -1,  // Ignore tab id for these.
-      GURL::EmptyGURL());
-}
-
 // Checks that urls are properly restricted for the given extension.
 void CheckRestrictedUrls(const Extension* extension,
                          bool block_chrome_urls) {
   // We log the name so we know _which_ extension failed here.
   const std::string& name = extension->name();
   const GURL chrome_settings_url("chrome://settings/");
   const GURL chrome_extension_url("chrome-extension://foo/bar.html");
   const GURL google_url("https://www.google.com/");
   const GURL self_url("chrome-extension://" + extension->id() + "/foo.html");
   const GURL invalid_url("chrome-debugger://foo/bar.html");
@@ skipping 159 matching lines @@
         extension, SocketPermissionRequest::UDP_BIND, "", 8888));
 
   EXPECT_FALSE(CheckSocketPermission(
         extension, SocketPermissionRequest::UDP_SEND_TO, "example.com", 1900));
   EXPECT_TRUE(CheckSocketPermission(
         extension,
         SocketPermissionRequest::UDP_SEND_TO,
         "239.255.255.250", 1900));
 }
 
-TEST(ExtensionPermissionsTest, RequiresActionForScriptExecution) {
-  // Extensions with all_hosts should require action.
-  EXPECT_TRUE(RequiresActionForScriptExecution(
-      "all_hosts_permissions", kAllHostsPermission, Manifest::INTERNAL));
-  // Extensions with nearly all hosts are treated the same way.
-  EXPECT_TRUE(RequiresActionForScriptExecution(
-      "pseudo_all_hosts_permissions", "*://*.com/*", Manifest::INTERNAL));
-  // Extensions with explicit permissions shouldn't require action.
-  EXPECT_FALSE(RequiresActionForScriptExecution(
-      "explicit_permissions", "https://www.google.com/*", Manifest::INTERNAL));
-  // Policy extensions are exempt...
-  EXPECT_FALSE(RequiresActionForScriptExecution(
-      "policy", kAllHostsPermission, Manifest::EXTERNAL_POLICY));
-  // ... as are component extensions.
-  EXPECT_FALSE(RequiresActionForScriptExecution(
-      "component", kAllHostsPermission, Manifest::COMPONENT));
-  // Throw in an external pref extension to make sure that it's not just working
-  // for everything non-internal.
-  EXPECT_TRUE(RequiresActionForScriptExecution(
-      "external_pref", kAllHostsPermission, Manifest::EXTERNAL_PREF));
-
-  // If we grant an extension tab permissions, then it should no longer require
-  // action.
-  scoped_refptr<const Extension> extension =
-      GetExtensionWithHostPermission("all_hosts_permissions",
-                                     kAllHostsPermission,
-                                     Manifest::INTERNAL);
-  URLPatternSet allowed_hosts;
-  allowed_hosts.AddPattern(
-      URLPattern(URLPattern::SCHEME_HTTPS, "https://www.google.com/*"));
-  scoped_refptr<PermissionSet> tab_permissions(
-      new PermissionSet(APIPermissionSet(),
-                        ManifestPermissionSet(),
-                        allowed_hosts,
-                        URLPatternSet()));
-  extension->permissions_data()->UpdateTabSpecificPermissions(0,
-                                                              tab_permissions);
-  EXPECT_FALSE(extension->permissions_data()->RequiresActionForScriptExecution(
-      extension, 0, GURL("https://www.google.com/")));
-}
-
 TEST(ExtensionPermissionsTest, IsRestrictedUrl) {
   scoped_refptr<const Extension> extension =
       GetExtensionWithHostPermission("normal_extension",
                                      kAllHostsPermission,
                                      Manifest::INTERNAL);
   // Chrome urls should be blocked for normal extensions.
   CheckRestrictedUrls(extension, true);
 
   scoped_refptr<const Extension> component =
       GetExtensionWithHostPermission("component",
@@ skipping 480 matching lines @@
 
   permissions_data->ClearTabSpecificPermissions(1);
   EXPECT_FALSE(permissions_data->GetTabSpecificPermissionsForTesting(1));
 
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 0));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 1));
   EXPECT_TRUE(ScriptAllowedExclusivelyOnTab(extension.get(), no_urls, 2));
 }
 
 }  // namespace extensions