Chromium Code Reviews Chromium Code Reviews
Issue 501273002:
Update extension install prompt to reflect withheld permissions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/permissions_updater.h" | 5 #include "chrome/browser/extensions/permissions_updater.h" |
| 6 | 6 |
| 7 #include "base/json/json_writer.h" | 7 #include "base/json/json_writer.h" |
| 8 #include "base/memory/ref_counted.h" | 8 #include "base/memory/ref_counted.h" |
| 9 #include "base/values.h" | 9 #include "base/values.h" |
| 10 #include "chrome/browser/chrome_notification_types.h" | 10 #include "chrome/browser/chrome_notification_types.h" |
| (...skipping 92 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 103 if (withhold_permissions && iter->ImpliesAllHosts()) | 103 if (withhold_permissions && iter->ImpliesAllHosts()) |
| 104 withheld->AddPattern(*iter); | 104 withheld->AddPattern(*iter); |
| 105 else | 105 else |
| 106 granted->AddPattern(*iter); | 106 granted->AddPattern(*iter); |
| 107 } | 107 } |
| 108 } | 108 } |
| 109 | 109 |
| 110 } // namespace | 110 } // namespace |
| 111 | 111 |
| 112 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context) | 112 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context) |
| 113 : browser_context_(browser_context) { | 113 : browser_context_(browser_context), init_flag_(INIT_FLAG_NONE) { |
| 114 } | |
| 115 | |
| 116 PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context, | |
| 117 InitFlag init_flag) | |
| 118 : browser_context_(browser_context), init_flag_(init_flag) { | |
| 114 } | 119 } |
| 115 | 120 |
| 116 PermissionsUpdater::~PermissionsUpdater() {} | 121 PermissionsUpdater::~PermissionsUpdater() {} |
| 117 | 122 |
| 118 void PermissionsUpdater::AddPermissions( | 123 void PermissionsUpdater::AddPermissions( |
| 119 const Extension* extension, const PermissionSet* permissions) { | 124 const Extension* extension, const PermissionSet* permissions) { |
| 120 scoped_refptr<const PermissionSet> existing( | 125 scoped_refptr<const PermissionSet> existing( |
| 121 extension->permissions_data()->active_permissions()); | 126 extension->permissions_data()->active_permissions()); |
| 122 scoped_refptr<PermissionSet> total( | 127 scoped_refptr<PermissionSet> total( |
| 123 PermissionSet::CreateUnion(existing.get(), permissions)); | 128 PermissionSet::CreateUnion(existing.get(), permissions)); |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 157 if (!Manifest::IsUnpackedLocation(extension->location()) && | 162 if (!Manifest::IsUnpackedLocation(extension->location()) && |
| 158 extension->location() != Manifest::INTERNAL) | 163 extension->location() != Manifest::INTERNAL) |
| 159 return; | 164 return; |
| 160 | 165 |
| 161 ExtensionPrefs::Get(browser_context_)->AddGrantedPermissions( | 166 ExtensionPrefs::Get(browser_context_)->AddGrantedPermissions( |
| 162 extension->id(), | 167 extension->id(), |
| 163 extension->permissions_data()->active_permissions().get()); | 168 extension->permissions_data()->active_permissions().get()); |
| 164 } | 169 } |
| 165 | 170 |
| 166 void PermissionsUpdater::InitializePermissions(const Extension* extension) { | 171 void PermissionsUpdater::InitializePermissions(const Extension* extension) { |
| 167 scoped_refptr<const PermissionSet> active_permissions = | 172 scoped_refptr<const PermissionSet> active_permissions(NULL); |
| 168 ExtensionPrefs::Get(browser_context_) | 173 scoped_refptr<const PermissionSet> bounded_active(NULL); |
| 169 ->GetActivePermissions(extension->id()); | 174 // If |extension| is a transient dummy extension, we do not want to look for |
| 170 scoped_refptr<const PermissionSet> bounded_active = | 175 // it in preferences. |
| 171 GetBoundedActivePermissions(extension, active_permissions); | 176 if (init_flag_ & INIT_FLAG_TRANSIENT) { |
| 177 bounded_active = active_permissions = | |
| 178 extension->permissions_data()->active_permissions(); | |
| 179 } else { | |
| 180 active_permissions = ExtensionPrefs::Get(browser_context_) | |
| 181 ->GetActivePermissions(extension->id()); | |
| 182 bounded_active = GetBoundedActivePermissions(extension, active_permissions); | |
| 183 } | |
| 172 | 184 |
| 173 // Withhold permissions only if the switch applies to this extension and the | 185 // Withhold permissions if the switch applies to this extension. |
| 174 // extension doesn't have the preference to allow scripting on all urls. | 186 // Non-transient extensions also must not have the preference to allow |
| 187 // scripting on all urls. | |
| 175 bool should_withhold_permissions = | 188 bool should_withhold_permissions = |
| 176 util::ScriptsMayRequireActionForExtension(extension) && | 189 util::ScriptsMayRequireActionForExtension(extension); |
| 177 !util::AllowedScriptingOnAllUrls(extension->id(), browser_context_); | 190 if ((init_flag_ & INIT_FLAG_TRANSIENT) == 0) { |
| 191 should_withhold_permissions &= | |
| 192 !util::AllowedScriptingOnAllUrls(extension->id(), browser_context_); | |
| 193 } | |
| 178 | 194 |
| 179 URLPatternSet granted_explicit_hosts; | 195 URLPatternSet granted_explicit_hosts; |
| 180 URLPatternSet withheld_explicit_hosts; | 196 URLPatternSet withheld_explicit_hosts; |
| 181 SegregateUrlPermissions(bounded_active->explicit_hosts(), | 197 SegregateUrlPermissions(bounded_active->explicit_hosts(), |
| 182 should_withhold_permissions, | 198 should_withhold_permissions, |
| 183 &granted_explicit_hosts, | 199 &granted_explicit_hosts, |
| 184 &withheld_explicit_hosts); | 200 &withheld_explicit_hosts); |
| 185 | 201 |
| 186 URLPatternSet granted_scriptable_hosts; | 202 URLPatternSet granted_scriptable_hosts; |
| 187 URLPatternSet withheld_scriptable_hosts; | 203 URLPatternSet withheld_scriptable_hosts; |
| (...skipping 91 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 279 // TODO(rdevlin.cronin) We should notify the observers/renderer. | 295 // TODO(rdevlin.cronin) We should notify the observers/renderer. |
| 280 } | 296 } |
| 281 | 297 |
| 282 void PermissionsUpdater::SetPermissions( | 298 void PermissionsUpdater::SetPermissions( |
| 283 const Extension* extension, | 299 const Extension* extension, |
| 284 const scoped_refptr<const PermissionSet>& active, | 300 const scoped_refptr<const PermissionSet>& active, |
| 285 scoped_refptr<const PermissionSet> withheld) { | 301 scoped_refptr<const PermissionSet> withheld) { |
| 286 withheld = withheld.get() ? withheld | 302 withheld = withheld.get() ? withheld |
| 287 : extension->permissions_data()->withheld_permissions(); | 303 : extension->permissions_data()->withheld_permissions(); |
| 288 extension->permissions_data()->SetPermissions(active, withheld); | 304 extension->permissions_data()->SetPermissions(active, withheld); |
| 289 ExtensionPrefs::Get(browser_context_)->SetActivePermissions( | 305 if ((init_flag_ & INIT_FLAG_TRANSIENT) == 0) { |
| 290 extension->id(), active.get()); | 306 ExtensionPrefs::Get(browser_context_) |
| 307 ->SetActivePermissions(extension->id(), active.get()); | |
| 308 } | |
| 291 } | 309 } |
| 292 | 310 |
| 293 void PermissionsUpdater::DispatchEvent( | 311 void PermissionsUpdater::DispatchEvent( |
| 294 const std::string& extension_id, | 312 const std::string& extension_id, |
| 295 const char* event_name, | 313 const char* event_name, |
| 296 const PermissionSet* changed_permissions) { | 314 const PermissionSet* changed_permissions) { |
|
Devlin
2014/09/11 21:18:53
Let's throw in a DCHECK here that we don't have IN
gpdavis
2014/09/12 00:11:54
Sure thing. We don't need this anywhere else, do
Devlin
2014/09/12 00:26:45
Whoops! Meant to put this comment in NotifyPermis
gpdavis
2014/09/12 00:30:57
Ah, that makes more sense. The reason I was askin
| |
| 297 EventRouter* event_router = EventRouter::Get(browser_context_); | 315 EventRouter* event_router = EventRouter::Get(browser_context_); |
| 298 if (!event_router) | 316 if (!event_router) |
| 299 return; | 317 return; |
| 300 | 318 |
| 301 scoped_ptr<base::ListValue> value(new base::ListValue()); | 319 scoped_ptr<base::ListValue> value(new base::ListValue()); |
| 302 scoped_ptr<api::permissions::Permissions> permissions = | 320 scoped_ptr<api::permissions::Permissions> permissions = |
| 303 PackPermissionSet(changed_permissions); | 321 PackPermissionSet(changed_permissions); |
| 304 value->Append(permissions->ToValue().release()); | 322 value->Append(permissions->ToValue().release()); |
| 305 scoped_ptr<Event> event(new Event(event_name, value.Pass())); | 323 scoped_ptr<Event> event(new Event(event_name, value.Pass())); |
| 306 event->restrict_to_browser_context = browser_context_; | 324 event->restrict_to_browser_context = browser_context_; |
| (...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 350 Profile::FromBrowserContext(host->GetBrowserContext()))) { | 368 Profile::FromBrowserContext(host->GetBrowserContext()))) { |
| 351 host->Send(new ExtensionMsg_UpdatePermissions(params)); | 369 host->Send(new ExtensionMsg_UpdatePermissions(params)); |
| 352 } | 370 } |
| 353 } | 371 } |
| 354 | 372 |
| 355 // Trigger the onAdded and onRemoved events in the extension. | 373 // Trigger the onAdded and onRemoved events in the extension. |
| 356 DispatchEvent(extension->id(), event_name, changed); | 374 DispatchEvent(extension->id(), event_name, changed); |
| 357 } | 375 } |
| 358 | 376 |
| 359 } // namespace extensions | 377 } // namespace extensions |
| OLD | NEW |
