Create withheld permissions

chrome/browser/extensions/permissions_updater_unittest.cc

Index: chrome/browser/extensions/permissions_updater_unittest.cc
diff --git a/chrome/browser/extensions/permissions_updater_unittest.cc b/chrome/browser/extensions/permissions_updater_unittest.cc
index 73f5935ebb981c1a99024e42cc898ec0385cc53e..fbb26e79b4cf9b6fcfd5c0c5a6c6ba9b5fbc0900 100644
--- a/chrome/browser/extensions/permissions_updater_unittest.cc
+++ b/chrome/browser/extensions/permissions_updater_unittest.cc
@@ -7,6 +7,7 @@
 #include "base/memory/ref_counted.h"
 #include "base/path_service.h"
 #include "base/run_loop.h"
+#include "base/strings/stringprintf.h"
 #include "base/values.h"
 #include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/extension_service.h"
@@ -20,8 +21,11 @@
 #include "content/public/browser/notification_service.h"
 #include "extensions/browser/extension_prefs.h"
 #include "extensions/common/extension.h"
+#include "extensions/common/extension_builder.h"
+#include "extensions/common/feature_switch.h"
 #include "extensions/common/permissions/permission_set.h"
 #include "extensions/common/permissions/permissions_data.h"
+#include "extensions/common/value_builder.h"
 #include "testing/gtest/include/gtest/gtest.h"
 
 using extension_test_util::LoadManifest;
@@ -30,6 +34,67 @@ namespace extensions {
 
 namespace {
 
+scoped_refptr<const Extension> CreateExtensionWithPermissions(
+    const std::set<URLPattern>& scriptable_hosts,
+    const std::set<URLPattern>& explicit_hosts,
+    Manifest::Location location) {
+  ListBuilder scriptable_host_list;
+  for (std::set<URLPattern>::const_iterator pattern = scriptable_hosts.begin();
+       pattern != scriptable_hosts.end();
+       ++pattern) {
+    scriptable_host_list.Append(pattern->GetAsString());
+  }
+
+  ListBuilder explicit_host_list;
+  for (std::set<URLPattern>::const_iterator pattern = explicit_hosts.begin();
+       pattern != explicit_hosts.end();
+       ++pattern) {
+    explicit_host_list.Append(pattern->GetAsString());
+  }
+
+  DictionaryBuilder script;
+  script.Set("matches", scriptable_host_list.Pass())
+      .Set("js", ListBuilder().Append("foo.js"));
+
+  return ExtensionBuilder()
+      .SetLocation(location)
+      .SetManifest(
+           DictionaryBuilder()
+               .Set("name", "extension")
+               .Set("description", "foo")
+               .Set("manifest_version", 2)
+               .Set("version", "0.1.2.3")
+               .Set("content_scripts", ListBuilder().Append(script.Pass()))
+               .Set("permissions", explicit_host_list.Pass()))
+      .Build();
+}
+
+testing::AssertionResult SetsAreEqual(const std::set<URLPattern>& set1,
+                                      const std::set<URLPattern>& set2) {
+  // Take the (set1 - set2) U (set2 - set1). This is then the set of all
+  // elements which are in either set1 or set2, but not both.
+  // If the sets are equal, this is none.
+  std::set<URLPattern> difference = base::STLSetUnion<std::set<URLPattern> >(
+      base::STLSetDifference<std::set<URLPattern> >(set1, set2),
+      base::STLSetDifference<std::set<URLPattern> >(set2, set1));
+
+  std::string error;
+  for (std::set<URLPattern>::const_iterator iter = difference.begin();
+       iter != difference.end();
+       ++iter) {
+    if (iter->GetAsString() == "chrome://favicon/*")
+      continue;  // Grr... This is auto-added for extensions with <all_urls>
+    error = base::StringPrintf("%s\n%s contains %s and the other does not.",
+                               error.c_str(),
+                               (set1.count(*iter) ? "Set1" : "Set2"),
+                               iter->GetAsString().c_str());
+  }
+
+  if (!error.empty())
+    return testing::AssertionFailure() << error;
+  return testing::AssertionSuccess();
+}
+
 // A helper class that listens for NOTIFICATION_EXTENSION_PERMISSIONS_UPDATED.
 class PermissionsUpdaterListener : public content::NotificationObserver {
  public:
@@ -110,7 +175,7 @@ void AddPattern(URLPatternSet* extent, const std::string& pattern) {
 
 // Test that the PermissionUpdater can correctly add and remove active
 // permissions. This tests all of PermissionsUpdater's public methods because
-// GrantActivePermissions and SetActivePermissions are used by AddPermissions.
+// GrantActivePermissions and SetPermissions are used by AddPermissions.
 TEST_F(PermissionsUpdaterTest, AddAndRemovePermissions) {
   InitializeEmptyExtensionService();
 
@@ -208,4 +273,131 @@ TEST_F(PermissionsUpdaterTest, AddAndRemovePermissions) {
   ASSERT_EQ(*granted_permissions.get(), *from_prefs.get());
 }
 
+TEST_F(PermissionsUpdaterTest, WithholdAllHosts) {
+  InitializeEmptyExtensionService();
+
+  // Permissions are only withheld with the appropriate switch turned on.
+  scoped_ptr<FeatureSwitch::ScopedOverride> switch_override(
+      new FeatureSwitch::ScopedOverride(FeatureSwitch::scripts_require_action(),
+                                        FeatureSwitch::OVERRIDE_ENABLED));
+
+  URLPattern google(URLPattern::SCHEME_ALL, "http://www.google.com/*");
+  URLPattern sub_google(URLPattern::SCHEME_ALL, "http://*.google.com/*");
+  URLPattern all_http(URLPattern::SCHEME_ALL, "http://*/*");
+  URLPattern all_hosts(URLPattern::SCHEME_ALL, "<all_urls>");
+  URLPattern all_com(URLPattern::SCHEME_ALL, "http://*.com/*");
+
+  std::set<URLPattern> all_host_patterns;
+  std::set<URLPattern> safe_patterns;
+
+  all_host_patterns.insert(all_http);
+  all_host_patterns.insert(all_hosts);
+  all_host_patterns.insert(all_com);
+
+  safe_patterns.insert(google);
+  safe_patterns.insert(sub_google);
+
+  std::set<URLPattern> all_patterns = base::STLSetUnion<std::set<URLPattern> >(
+      all_host_patterns, safe_patterns);
+
+  scoped_refptr<const Extension> extension = CreateExtensionWithPermissions(
+      all_patterns, all_patterns, Manifest::INTERNAL);
+  const PermissionsData* permissions_data = extension->permissions_data();
+  PermissionsUpdater updater(profile_.get());
+  updater.InitializePermissions(extension);
+
+  // At first, the active permissions should have only the safe patterns and
+  // the withheld permissions should have only the all host patterns.
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->scriptable_hosts().patterns(),
+      safe_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->explicit_hosts().patterns(),
+      safe_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
+      all_host_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->withheld_permissions()->explicit_hosts().patterns(),
+      all_host_patterns));
+
+  // Then, we grant the withheld all-hosts permissions.
+  updater.GrantWithheldImpliedAllHosts(extension);
+  // Now, active permissions should have all patterns, and withheld permissions
+  // should have none.
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->scriptable_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->scriptable_hosts()
+                  .patterns()
+                  .empty());
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->explicit_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->explicit_hosts()
+                  .patterns()
+                  .empty());
+
+  // Finally, we revoke the all hosts permissions.
+  updater.WithholdImpliedAllHosts(extension);
+
+  // We should be back to our initial state - all_hosts should be withheld, and
+  // the safe patterns should be granted.
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->scriptable_hosts().patterns(),
+      safe_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->explicit_hosts().patterns(),
+      safe_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
+      all_host_patterns));
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->withheld_permissions()->explicit_hosts().patterns(),
+      all_host_patterns));
+
+  // Creating a component extension should result in no withheld permissions.
+  extension = CreateExtensionWithPermissions(
+      all_patterns, all_patterns, Manifest::COMPONENT);
+  permissions_data = extension->permissions_data();
+  updater.InitializePermissions(extension);
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->scriptable_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->scriptable_hosts()
+                  .patterns()
+                  .empty());
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->explicit_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->explicit_hosts()
+                  .patterns()
+                  .empty());
+
+  // Without the switch, we shouldn't withhold anything.
+  switch_override.reset();
+  extension = CreateExtensionWithPermissions(
+      all_patterns, all_patterns, Manifest::INTERNAL);
+  permissions_data = extension->permissions_data();
+  updater.InitializePermissions(extension);
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->scriptable_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->scriptable_hosts()
+                  .patterns()
+                  .empty());
+  EXPECT_TRUE(SetsAreEqual(
+      permissions_data->active_permissions()->explicit_hosts().patterns(),
+      all_patterns));
+  EXPECT_TRUE(permissions_data->withheld_permissions()
+                  ->explicit_hosts()
+                  .patterns()
+                  .empty());
+}
+
 }  // namespace extensions