| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_service.h" | 5 #include "chrome/browser/extensions/extension_service.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <iterator> | 8 #include <iterator> |
| 9 #include <set> | 9 #include <set> |
| 10 | 10 |
| (...skipping 1565 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 1576 // will record the permissions it recognized, not including "omnibox." | 1576 // will record the permissions it recognized, not including "omnibox." |
| 1577 // When upgrading to Chrome 10, "omnibox" will be recognized and Chrome | 1577 // When upgrading to Chrome 10, "omnibox" will be recognized and Chrome |
| 1578 // will disable the extension and prompt the user to approve the increase | 1578 // will disable the extension and prompt the user to approve the increase |
| 1579 // in privileges. The extension could then release a new version that | 1579 // in privileges. The extension could then release a new version that |
| 1580 // removes the "omnibox" permission. When the user upgrades, Chrome will | 1580 // removes the "omnibox" permission. When the user upgrades, Chrome will |
| 1581 // still remember that "omnibox" had been granted, so that if the | 1581 // still remember that "omnibox" had been granted, so that if the |
| 1582 // extension once again includes "omnibox" in an upgrade, the extension | 1582 // extension once again includes "omnibox" in an upgrade, the extension |
| 1583 // can upgrade without requiring this user's approval. | 1583 // can upgrade without requiring this user's approval. |
| 1584 int disable_reasons = extension_prefs_->GetDisableReasons(extension->id()); | 1584 int disable_reasons = extension_prefs_->GetDisableReasons(extension->id()); |
| 1585 | 1585 |
| 1586 // Silently grant all active permissions to default apps and apps installed |
| 1587 // in kiosk mode. |
| 1586 bool auto_grant_permission = | 1588 bool auto_grant_permission = |
| 1587 (!is_extension_installed && extension->was_installed_by_default()) || | 1589 extension->was_installed_by_default() || |
| 1588 extensions::ExtensionsBrowserClient::Get()->IsRunningInForcedAppMode(); | 1590 extensions::ExtensionsBrowserClient::Get()->IsRunningInForcedAppMode(); |
| 1589 // Silently grant all active permissions to default apps only on install. | |
| 1590 // After install they should behave like other apps. | |
| 1591 // Silently grant all active permissions to apps install in kiosk mode on both | |
| 1592 // install and update. | |
| 1593 if (auto_grant_permission) | 1591 if (auto_grant_permission) |
| 1594 GrantPermissions(extension); | 1592 GrantPermissions(extension); |
| 1595 | 1593 |
| 1596 bool is_privilege_increase = false; | 1594 bool is_privilege_increase = false; |
| 1597 // We only need to compare the granted permissions to the current permissions | 1595 // We only need to compare the granted permissions to the current permissions |
| 1598 // if the extension is not allowed to silently increase its permissions. | 1596 // if the extension has not been auto-granted its permissions above and is |
| 1599 if (!extensions::PermissionsData::CanSilentlyIncreasePermissions(extension) && | 1597 // installed internally. |
| 1600 !auto_grant_permission) { | 1598 if (extension->location() == Manifest::INTERNAL && !auto_grant_permission) { |
| 1601 // Add all the recognized permissions if the granted permissions list | 1599 // Add all the recognized permissions if the granted permissions list |
| 1602 // hasn't been initialized yet. | 1600 // hasn't been initialized yet. |
| 1603 scoped_refptr<PermissionSet> granted_permissions = | 1601 scoped_refptr<PermissionSet> granted_permissions = |
| 1604 extension_prefs_->GetGrantedPermissions(extension->id()); | 1602 extension_prefs_->GetGrantedPermissions(extension->id()); |
| 1605 CHECK(granted_permissions.get()); | 1603 CHECK(granted_permissions.get()); |
| 1606 | 1604 |
| 1607 // Here, we check if an extension's privileges have increased in a manner | 1605 // Here, we check if an extension's privileges have increased in a manner |
| 1608 // that requires the user's approval. This could occur because the browser | 1606 // that requires the user's approval. This could occur because the browser |
| 1609 // upgraded and recognized additional privileges, or an extension upgrades | 1607 // upgraded and recognized additional privileges, or an extension upgrades |
| 1610 // to a version that requires additional privileges. | 1608 // to a version that requires additional privileges. |
| (...skipping 938 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 2549 } | 2547 } |
| 2550 | 2548 |
| 2551 void ExtensionService::OnProfileDestructionStarted() { | 2549 void ExtensionService::OnProfileDestructionStarted() { |
| 2552 ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs(); | 2550 ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs(); |
| 2553 for (ExtensionIdSet::iterator it = ids_to_unload.begin(); | 2551 for (ExtensionIdSet::iterator it = ids_to_unload.begin(); |
| 2554 it != ids_to_unload.end(); | 2552 it != ids_to_unload.end(); |
| 2555 ++it) { | 2553 ++it) { |
| 2556 UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN); | 2554 UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN); |
| 2557 } | 2555 } |
| 2558 } | 2556 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 934753005:
Automatically grant permissions to default-installed extensions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master