Chromium Code Reviews Chromium Code Reviews
Issue 795543002:
Added PermissionIDSet to APIPermissions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@permissions_patch_1_static_initializer_fix| OLD | NEW |
|---|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ | 5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ |
| 6 #define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ | 6 #define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ |
| 7 | 7 |
| 8 | 8 |
| 9 #include "extensions/common/permissions/api_permission.h" | 9 #include "extensions/common/permissions/api_permission.h" |
| 10 #include "extensions/common/permissions/base_set_operators.h" | 10 #include "extensions/common/permissions/base_set_operators.h" |
| 11 | 11 |
| 12 namespace base { | 12 namespace base { |
| 13 class ListValue; | 13 class ListValue; |
| 14 } // namespace base | 14 } // namespace base |
| 15 | 15 |
| 16 namespace extensions { | 16 namespace extensions { |
| 17 | 17 |
| 18 class APIPermissionSet; | |
| 18 class Extension; | 19 class Extension; |
| 19 class APIPermissionSet; | 20 class PermissionIDSet; |
| 20 | 21 |
| 21 template<> | 22 template<> |
| 22 struct BaseSetOperatorsTraits<APIPermissionSet> { | 23 struct BaseSetOperatorsTraits<APIPermissionSet> { |
| 23 typedef APIPermission ElementType; | 24 typedef APIPermission ElementType; |
| 24 typedef APIPermission::ID ElementIDType; | 25 typedef APIPermission::ID ElementIDType; |
| 25 }; | 26 }; |
| 26 | 27 |
| 27 class APIPermissionSet : public BaseSetOperators<APIPermissionSet> { | 28 class APIPermissionSet : public BaseSetOperators<APIPermissionSet> { |
| 28 public: | 29 public: |
| 29 enum ParseSource { | 30 enum ParseSource { |
| (...skipping 23 matching lines...) Expand all Loading... | |
| 53 static bool ParseFromJSON( | 54 static bool ParseFromJSON( |
| 54 const base::ListValue* permissions, | 55 const base::ListValue* permissions, |
| 55 ParseSource source, | 56 ParseSource source, |
| 56 APIPermissionSet* api_permissions, | 57 APIPermissionSet* api_permissions, |
| 57 base::string16* error, | 58 base::string16* error, |
| 58 std::vector<std::string>* unhandled_permissions); | 59 std::vector<std::string>* unhandled_permissions); |
| 59 | 60 |
| 60 void AddImpliedPermissions(); | 61 void AddImpliedPermissions(); |
| 61 }; | 62 }; |
| 62 | 63 |
| 64 // An ID representing a single permission that belongs to an app or extension. | |
| 65 // | |
| 66 // Each PermissionID has a required ID to identify the permission. For most | |
| 67 // permissions, this is all. | |
|
Yoyo Zhou
2014/12/11 00:54:11
nit: "this is all" is easy to misread. Maybe "ther
sashab
2014/12/11 04:15:36
Yeah... Couldn't think of a better way to say this
| |
| 68 // | |
| 69 // Some more complex permissions have a parameter, which acts like an argument | |
| 70 // for the permission. For example, host permissions might have the ID | |
| 71 // kReadOnlyHost and the argument 'www.google.com' (the host which is | |
| 72 // read-only). Parameters are passed to the permission message rules for this | |
| 73 // permission, so they can affect the displayed message. | |
| 74 // | |
| 75 // TODO(sashab): Move this to the same file as PermissionIDSet once that moves | |
| 76 // to its own file. | |
| 77 class PermissionID : public std::pair<APIPermission::ID, base::string16> { | |
| 78 public: | |
| 79 PermissionID(APIPermission::ID id); | |
| 80 PermissionID(APIPermission::ID id, const base::string16& parameter); | |
| 81 virtual ~PermissionID(); | |
| 82 | |
| 83 const APIPermission::ID& id() const { return this->first; } | |
| 84 const base::string16& parameter() const { return this->second; } | |
| 85 }; | |
| 86 | |
| 63 // A set of permissions for an app or extension. Used for passing around groups | 87 // A set of permissions for an app or extension. Used for passing around groups |
| 64 // of permissions, such as required or optional permissions. Has convenience | 88 // of permissions, such as required or optional permissions. Has convenience |
| 65 // constructors so that it can be constructed inline. | 89 // constructors so that it can be constructed inline. |
| 66 // | 90 // |
| 67 // Each permission can also store a string, such as a hostname or device number, | 91 // Each permission can also store a string, such as a hostname or device number, |
| 68 // as a parameter that helps identify the permission. This parameter can then | 92 // as a parameter that helps identify the permission. This parameter can then |
| 69 // be used when the permission message is generated. For example, the permission | 93 // be used when the permission message is generated. For example, the permission |
| 70 // kHostReadOnly might have the parameter "google.com", which means that the app | 94 // kHostReadOnly might have the parameter "google.com", which means that the app |
| 71 // or extension has the permission to read the host google.com. This parameter | 95 // or extension has the permission to read the host google.com. This parameter |
| 72 // may then be included in the permission message when it is generated later. | 96 // may then be included in the permission message when it is generated later. |
| 73 // | 97 // |
| 74 // Example: | 98 // Example: |
| 75 // // Create a PermissionIDSet. | 99 // // Create a PermissionIDSet. |
| 76 // PermissionIDSet p(APIPermission::kBluetooth, APIPermission::kFavicon); | 100 // PermissionIDSet p(APIPermission::kBluetooth, APIPermission::kFavicon); |
| 77 // // Add a permission to the set. | 101 // // Add a permission to the set. |
| 78 // p.insertPermission(APIPermission::kNetworkState); | 102 // p.insertPermission(APIPermission::kNetworkState); |
| 79 // // Add a permission with a detail to the set. | 103 // // Add a permission with a detail to the set. |
| 80 // p.insertPermission(APIPermission::kHostReadOnly, | 104 // p.insertPermission(APIPermission::kHostReadOnly, |
| 81 // base::ASCIIToUTF16("http://www.google.com")); | 105 // base::ASCIIToUTF16("http://www.google.com")); |
| 82 // | 106 // |
| 83 // TODO(sashab): Move this to its own file and rename it to PermissionSet after | 107 // TODO(sashab): Move this to its own file and rename it to PermissionSet after |
| 84 // APIPermission is removed, the current PermissionSet is no longer used, and | 108 // APIPermission is removed, the current PermissionSet is no longer used, and |
| 85 // APIPermission::ID is the only type of Permission ID. | 109 // APIPermission::ID is the only type of Permission ID. |
| 86 typedef std::pair<APIPermission::ID, base::string16> PermissionID; | 110 // TODO(sashab): Change BaseSetOperators to support storing plain objects |
| 111 // instead of pointers and change this to extend BaseSetOperators<PermissionID>. | |
| 87 class PermissionIDSet { | 112 class PermissionIDSet { |
| 88 public: | 113 public: |
| 89 PermissionIDSet(); | 114 PermissionIDSet(); |
| 90 virtual ~PermissionIDSet(); | 115 virtual ~PermissionIDSet(); |
| 91 | 116 |
| 92 // Convenience constructors for inline initialization. | 117 // Convenience constructors for inline initialization. |
| 93 PermissionIDSet(APIPermission::ID permission_one); | 118 PermissionIDSet(APIPermission::ID permission_one); |
| 94 PermissionIDSet(APIPermission::ID permission_one, | 119 PermissionIDSet(APIPermission::ID permission_one, |
| 95 APIPermission::ID permission_two); | 120 APIPermission::ID permission_two); |
| 96 PermissionIDSet(APIPermission::ID permission_one, | 121 PermissionIDSet(APIPermission::ID permission_one, |
| 97 APIPermission::ID permission_two, | 122 APIPermission::ID permission_two, |
| 98 APIPermission::ID permission_three); | 123 APIPermission::ID permission_three); |
| 99 PermissionIDSet(APIPermission::ID permission_one, | 124 PermissionIDSet(APIPermission::ID permission_one, |
| 100 APIPermission::ID permission_two, | 125 APIPermission::ID permission_two, |
| 101 APIPermission::ID permission_three, | 126 APIPermission::ID permission_three, |
| 102 APIPermission::ID permission_four); | 127 APIPermission::ID permission_four); |
| 128 PermissionIDSet(APIPermission::ID permission_one, | |
| 129 APIPermission::ID permission_two, | |
| 130 APIPermission::ID permission_three, | |
| 131 APIPermission::ID permission_four, | |
| 132 APIPermission::ID permission_five); | |
| 133 PermissionIDSet(APIPermission::ID permission_one, | |
| 134 APIPermission::ID permission_two, | |
| 135 APIPermission::ID permission_three, | |
| 136 APIPermission::ID permission_four, | |
| 137 APIPermission::ID permission_five, | |
| 138 APIPermission::ID permission_six); | |
| 103 | 139 |
| 104 // Adds the given permission, and an optional permission detail, to the set. | 140 // Adds the given permission, and an optional permission detail, to the set. |
| 105 void insert(APIPermission::ID permission); | 141 void insert(APIPermission::ID permission_id); |
| 106 void insert(APIPermission::ID permission, base::string16 permission_detail); | 142 void insert(APIPermission::ID permission_id, |
| 143 base::string16 permission_parameter); | |
|
Yoyo Zhou
2014/12/11 00:54:11
nit: Why rename this from detail? "detail" still a
sashab
2014/12/11 04:15:36
'parameter' now matches the name in PermissionID,
| |
| 107 | 144 |
| 108 private: | 145 private: |
| 109 std::set<PermissionID> permissions; | 146 std::set<PermissionID> permissions_; |
| 110 }; | 147 }; |
| 111 | 148 |
| 112 } // namespace extensions | 149 } // namespace extensions |
| 113 | 150 |
| 114 #endif // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ | 151 #endif // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_ |
| OLD | NEW |
