Automatically grant permissions to default-installed extensions

chrome/browser/extensions/extension_service.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/extension_service.h"
 
 #include <algorithm>
 #include <iterator>
 #include <set>
 
@@ skipping 1565 matching lines @@
   // will record the permissions it recognized, not including "omnibox."
   // When upgrading to Chrome 10, "omnibox" will be recognized and Chrome
   // will disable the extension and prompt the user to approve the increase
   // in privileges. The extension could then release a new version that
   // removes the "omnibox" permission. When the user upgrades, Chrome will
   // still remember that "omnibox" had been granted, so that if the
   // extension once again includes "omnibox" in an upgrade, the extension
   // can upgrade without requiring this user's approval.
   int disable_reasons = extension_prefs_->GetDisableReasons(extension->id());
 
+  // Silently grant all active permissions to default apps and apps installed
+  // in kiosk mode.
   bool auto_grant_permission =
-      (!is_extension_installed && extension->was_installed_by_default()) ||
+      extension->was_installed_by_default() ||
       extensions::ExtensionsBrowserClient::Get()->IsRunningInForcedAppMode();
-  // Silently grant all active permissions to default apps only on install.
-  // After install they should behave like other apps.
-  // Silently grant all active permissions to apps install in kiosk mode on both
-  // install and update.
   if (auto_grant_permission)
     GrantPermissions(extension);
 
   bool is_privilege_increase = false;
   // We only need to compare the granted permissions to the current permissions
-  // if the extension is not allowed to silently increase its permissions.
-  if (!extensions::PermissionsData::CanSilentlyIncreasePermissions(extension) &&
-      !auto_grant_permission) {
+  // if the extension has not been auto-granted its permissions above and is not
+  // installed internally.

[not at google - send to devlin, 2015/02/17 18:34:41]

Second half of this comment is reversed, right?

+  if (extension->location() == Manifest::INTERNAL && !auto_grant_permission) {
     // Add all the recognized permissions if the granted permissions list
     // hasn't been initialized yet.
     scoped_refptr<PermissionSet> granted_permissions =
         extension_prefs_->GetGrantedPermissions(extension->id());
     CHECK(granted_permissions.get());
 
     // Here, we check if an extension's privileges have increased in a manner
     // that requires the user's approval. This could occur because the browser
     // upgraded and recognized additional privileges, or an extension upgrades
     // to a version that requires additional privileges.
@@ skipping 938 matching lines @@
 }
 
 void ExtensionService::OnProfileDestructionStarted() {
   ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs();
   for (ExtensionIdSet::iterator it = ids_to_unload.begin();
        it != ids_to_unload.end();
        ++it) {
     UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN);
   }
 }