Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(1660)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/api/permissions/permissions_apitest.cc

Issue 595363002: Add policy controlled permission block list for extensions (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ext-fix
Patch Set: add extension api test Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/extensions/api/permissions/permissions_api.cc ('k') | chrome/browser/extensions/extension_management.h » ('j') | chrome/browser/extensions/extension_management.h » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/api/permissions/permissions_apitest.cc
diff --git a/chrome/browser/extensions/api/permissions/permissions_apitest.cc b/chrome/browser/extensions/api/permissions/permissions_apitest.cc
index 798b2b56eba01d8fbd4f76670ad46ea209e13c82..396488314a9c5c13e1c1989216b108f64e05da7f 100644
--- a/chrome/browser/extensions/api/permissions/permissions_apitest.cc
+++ b/chrome/browser/extensions/api/permissions/permissions_apitest.cc
@@ -4,8 +4,11 @@
#include "chrome/browser/extensions/api/permissions/permissions_api.h"
#include "chrome/browser/extensions/extension_apitest.h"
+#include "chrome/browser/extensions/extension_management_test_util.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/browser.h"
+#include "components/policy/core/browser/browser_policy_connector.h"
+#include "components/policy/core/common/mock_configuration_policy_provider.h"
#include "extensions/browser/extension_prefs.h"
#include "extensions/common/permissions/permission_set.h"
#include "extensions/common/switches.h"
@@ -30,6 +33,21 @@ public:
}
};
+class ExtensionApiTestWithManagementPolicy : public ExtensionApiTest {
+ public:
+ void SetUpInProcessBrowserTestFixture() override {
+ ExtensionApiTest::SetUpInProcessBrowserTestFixture();
+ EXPECT_CALL(policy_provider_, IsInitializationComplete(testing::_))
+ .WillRepeatedly(testing::Return(true));
+ policy_provider_.SetAutoRefresh();
+ policy::BrowserPolicyConnector::SetPolicyProviderForTesting(
+ &policy_provider_);
+ }
+
+ protected:
+ policy::MockConfigurationPolicyProvider policy_provider_;
+};
+
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, PermissionsFail) {
ASSERT_TRUE(RunExtensionTest("permissions/disabled")) << message_;
@@ -128,6 +146,22 @@ IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsRetainGesture) {
<< message_;
}
+// Test that optional permissions blocked by enterprise policy will be denied
+// automatically.
+IN_PROC_BROWSER_TEST_F(ExtensionApiTestWithManagementPolicy,
+ OptionalPermissionsPolicyBlocked) {
+ // Set enterprise policy to block some API permissions.
+ {
+ ExtensionManagementPolicyUpdater pref(&policy_provider_);
+ pref.AddBlockedPermission("*", "management");
+ }
+ // Set auto confirm UI flag.
+ PermissionsRequestFunction::SetAutoConfirmForTests(true);
+ PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
+ EXPECT_TRUE(RunExtensionTest("permissions/optional_policy_blocked"))
+ << message_;
+}
+
// Tests that an extension can't gain access to file: URLs without the checkbox
// entry in prefs. There shouldn't be a warning either.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsFileAccess) {
« no previous file with comments | « chrome/browser/extensions/api/permissions/permissions_api.cc ('k') | chrome/browser/extensions/extension_management.h » ('j') | chrome/browser/extensions/extension_management.h » ('J')

Powered by Google App Engine
This is Rietveld 408576698