chrome/browser/extensions/permissions_updater.cc - Issue 396033002: Support "always allow" for runtime script execution

Side by Side Diff: chrome/browser/extensions/permissions_updater.cc

Issue 396033002: Support "always allow" for runtime script execution (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Replaced persisted permissions with granted permissions Created 6 years, 4 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/extensions/extension_context_menu_model.cc ('K') | « chrome/browser/extensions/permissions_updater.h ('k') | tools/metrics/histograms/histograms.xml » ('j') | tools/metrics/histograms/histograms.xml » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/extensions/permissions_updater.h"	5 #include "chrome/browser/extensions/permissions_updater.h"

6	6

7 #include "base/json/json_writer.h"	7 #include "base/json/json_writer.h"

8 #include "base/memory/ref_counted.h"	8 #include "base/memory/ref_counted.h"

9 #include "base/values.h"	9 #include "base/values.h"

10 #include "chrome/browser/chrome_notification_types.h"	10 #include "chrome/browser/chrome_notification_types.h"

(...skipping 168 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
179 bounded_active->manifest_permissions(),	179 bounded_active->manifest_permissions(),

180 granted_explicit_hosts,	180 granted_explicit_hosts,

181 granted_scriptable_hosts);	181 granted_scriptable_hosts);

182	182

183 scoped_refptr<const PermissionSet> withheld =	183 scoped_refptr<const PermissionSet> withheld =

184 new PermissionSet(APIPermissionSet(),	184 new PermissionSet(APIPermissionSet(),

185 ManifestPermissionSet(),	185 ManifestPermissionSet(),

186 withheld_explicit_hosts,	186 withheld_explicit_hosts,

187 withheld_scriptable_hosts);	187 withheld_scriptable_hosts);

188 SetPermissions(extension, bounded_active, withheld);	188 SetPermissions(extension, bounded_active, withheld);

	189 ActivateGrantedHosts(extension);
	gpdavis 2014/08/07 20:50:39 Once we're done initializing permissions (we use B Once we're done initializing permissions (we use BoundedActivePermissions to set up granted and withheld permissions within this function), we call ActivateGrantedHosts...
189 }	190 }

190	191

191 void PermissionsUpdater::WithholdImpliedAllHosts(const Extension* extension) {	192 void PermissionsUpdater::WithholdImpliedAllHosts(const Extension* extension) {

192 scoped_refptr<const PermissionSet> active =	193 scoped_refptr<const PermissionSet> active =

193 extension->permissions_data()->active_permissions();	194 extension->permissions_data()->active_permissions();

194 scoped_refptr<const PermissionSet> withheld =	195 scoped_refptr<const PermissionSet> withheld =

195 extension->permissions_data()->withheld_permissions();	196 extension->permissions_data()->withheld_permissions();

196	197

197 URLPatternSet withheld_scriptable = withheld->scriptable_hosts();	198 URLPatternSet withheld_scriptable = withheld->scriptable_hosts();

198 URLPatternSet active_scriptable;	199 URLPatternSet active_scriptable;

(...skipping 44 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
243 // permissions will be empty.	244 // permissions will be empty.

244 SetPermissions(extension,	245 SetPermissions(extension,

245 new PermissionSet(active->apis(),	246 new PermissionSet(active->apis(),

246 active->manifest_permissions(),	247 active->manifest_permissions(),

247 explicit_hosts,	248 explicit_hosts,

248 scriptable_hosts),	249 scriptable_hosts),

249 new PermissionSet());	250 new PermissionSet());

250 // TODO(rdevlin.cronin) We should notify the observers/renderer.	251 // TODO(rdevlin.cronin) We should notify the observers/renderer.

251 }	252 }

252	253

	254 void PermissionsUpdater::ActivateGrantedHosts(

	255 const Extension* extension) {

	256 scoped_refptr<const PermissionSet> active =

	257 extension->permissions_data()->active_permissions();

	258 scoped_refptr<const PermissionSet> withheld =

	259 extension->permissions_data()->withheld_permissions();

	260

	261 PermissionSet* granted = ExtensionPrefs::Get(browser_context_)

	262 ->GetGrantedPermissions(extension->id());

	263 URLPatternSet new_explicit_hosts(active->explicit_hosts());

	264 URLPatternSet new_scriptable_hosts(active->scriptable_hosts());

	265

	266 for (URLPatternSet::const_iterator iter = granted->explicit_hosts().begin();

	267 iter != granted->explicit_hosts().end();

	268 ++iter) {

	269 if (!iter->ImpliesAllHosts())

	270 new_explicit_hosts.AddPattern(*iter);

	271 }

	272

	273 for (URLPatternSet::const_iterator iter = granted->scriptable_hosts().begin();

	274 iter != granted->scriptable_hosts().end();

	275 ++iter) {

	276 if (!iter->ImpliesAllHosts())

	277 new_scriptable_hosts.AddPattern(*iter);

	278 }

	279

	280 SetPermissions(extension,

	281 new PermissionSet(active->apis(),

	282 active->manifest_permissions(),

	283 new_explicit_hosts,

	284 new_scriptable_hosts),

	285 withheld);
	gpdavis 2014/08/07 20:50:39 ... ActivateGrantedHosts will crawl through the gr ... ActivateGrantedHosts will crawl through the granted permissions and move them to active if they dont imply all hosts. Create new explicit and scriptable hosts URLPatternSets that are initialized with the current active hosts. Iterate through granted_permissions and copy any permissions that are not all hosts into the new host permissions. Then we SetPermissions. What do you think about this approach? Is there any harm to adding all granted permissions that aren't for all hosts? This approach passes all the current unittests. If this is acceptable, I can go ahead and clean this patch up and work on expanding the unit tests.
	286 }

	287

253 void PermissionsUpdater::SetPermissions(	288 void PermissionsUpdater::SetPermissions(

254 const Extension* extension,	289 const Extension* extension,

255 const scoped_refptr<const PermissionSet>& active,	290 const scoped_refptr<const PermissionSet>& active,

256 scoped_refptr<const PermissionSet> withheld) {	291 scoped_refptr<const PermissionSet> withheld) {

257 withheld = withheld.get() ? withheld	292 withheld = withheld.get() ? withheld

258 : extension->permissions_data()->withheld_permissions();	293 : extension->permissions_data()->withheld_permissions();

259 extension->permissions_data()->SetPermissions(active, withheld);	294 extension->permissions_data()->SetPermissions(active, withheld);

260 ExtensionPrefs::Get(browser_context_)->SetActivePermissions(	295 ExtensionPrefs::Get(browser_context_)->SetActivePermissions(

261 extension->id(), active.get());	296 extension->id(), active.get());

262 }	297 }

(...skipping 58 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
321 Profile::FromBrowserContext(host->GetBrowserContext()))) {	356 Profile::FromBrowserContext(host->GetBrowserContext()))) {

322 host->Send(new ExtensionMsg_UpdatePermissions(params));	357 host->Send(new ExtensionMsg_UpdatePermissions(params));

323 }	358 }

324 }	359 }

325	360

326 // Trigger the onAdded and onRemoved events in the extension.	361 // Trigger the onAdded and onRemoved events in the extension.

327 DispatchEvent(extension->id(), event_name, changed);	362 DispatchEvent(extension->id(), event_name, changed);

328 }	363 }

329	364

330 } // namespace extensions	365 } // namespace extensions

OLD	NEW