Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / extensions / common / permissions / api_permission_set_unittest.cc
blob0574250d202ab09a979ea55c21c3b2b70e75815e
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/pickle.h"
6 #include "base/values.h"
7 #include "extensions/common/extension_messages.h"
8 #include "extensions/common/permissions/api_permission_set.h"
9 #include "extensions/common/permissions/permissions_info.h"
10 #include "ipc/ipc_message.h"
11 #include "testing/gtest/include/gtest/gtest.h"
13 namespace extensions {
15 TEST(APIPermissionSetTest, General) {
16 APIPermissionSet apis;
17 apis.insert(APIPermission::kAudioCapture);
18 apis.insert(APIPermission::kDns);
19 apis.insert(APIPermission::kHid);
20 apis.insert(APIPermission::kPower);
21 apis.insert(APIPermission::kSerial);
23 EXPECT_EQ(apis.find(APIPermission::kPower)->id(), APIPermission::kPower);
24 EXPECT_TRUE(apis.find(APIPermission::kSocket) == apis.end());
26 EXPECT_EQ(apis.size(), 5u);
28 EXPECT_EQ(apis.erase(APIPermission::kAudioCapture), 1u);
29 EXPECT_EQ(apis.size(), 4u);
31 EXPECT_EQ(apis.erase(APIPermission::kAudioCapture), 0u);
32 EXPECT_EQ(apis.size(), 4u);
35 TEST(APIPermissionSetTest, CreateUnion) {
36 APIPermission* permission = NULL;
38 APIPermissionSet apis1;
39 APIPermissionSet apis2;
40 APIPermissionSet expected_apis;
41 APIPermissionSet result;
43 const APIPermissionInfo* permission_info =
44 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
45 permission = permission_info->CreateAPIPermission();
47 scoped_ptr<base::ListValue> value(new base::ListValue());
48 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
49 value->Append(new base::StringValue("udp-bind::8080"));
50 value->Append(new base::StringValue("udp-send-to::8888"));
51 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
54 // Union with an empty set.
55 apis1.insert(APIPermission::kAudioCapture);
56 apis1.insert(APIPermission::kDns);
57 apis1.insert(permission->Clone());
58 expected_apis.insert(APIPermission::kAudioCapture);
59 expected_apis.insert(APIPermission::kDns);
60 expected_apis.insert(permission);
62 ASSERT_TRUE(apis2.empty());
63 APIPermissionSet::Union(apis1, apis2, &result);
65 EXPECT_TRUE(apis1.Contains(apis2));
66 EXPECT_TRUE(apis1.Contains(result));
67 EXPECT_FALSE(apis2.Contains(apis1));
68 EXPECT_FALSE(apis2.Contains(result));
69 EXPECT_TRUE(result.Contains(apis1));
70 EXPECT_TRUE(result.Contains(apis2));
72 EXPECT_EQ(expected_apis, result);
74 // Now use a real second set.
75 apis2.insert(APIPermission::kAudioCapture);
76 apis2.insert(APIPermission::kHid);
77 apis2.insert(APIPermission::kPower);
78 apis2.insert(APIPermission::kSerial);
80 permission = permission_info->CreateAPIPermission();
82 scoped_ptr<base::ListValue> value(new base::ListValue());
83 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
84 value->Append(new base::StringValue("udp-send-to::8899"));
85 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
87 apis2.insert(permission);
89 expected_apis.insert(APIPermission::kAudioCapture);
90 expected_apis.insert(APIPermission::kHid);
91 expected_apis.insert(APIPermission::kPower);
92 expected_apis.insert(APIPermission::kSerial);
94 permission = permission_info->CreateAPIPermission();
96 scoped_ptr<base::ListValue> value(new base::ListValue());
97 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
98 value->Append(new base::StringValue("udp-bind::8080"));
99 value->Append(new base::StringValue("udp-send-to::8888"));
100 value->Append(new base::StringValue("udp-send-to::8899"));
101 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
103 // Insert a new socket permission which will replace the old one.
104 expected_apis.insert(permission);
106 APIPermissionSet::Union(apis1, apis2, &result);
108 EXPECT_FALSE(apis1.Contains(apis2));
109 EXPECT_FALSE(apis1.Contains(result));
110 EXPECT_FALSE(apis2.Contains(apis1));
111 EXPECT_FALSE(apis2.Contains(result));
112 EXPECT_TRUE(result.Contains(apis1));
113 EXPECT_TRUE(result.Contains(apis2));
115 EXPECT_EQ(expected_apis, result);
118 TEST(APIPermissionSetTest, CreateIntersection) {
119 APIPermission* permission = NULL;
121 APIPermissionSet apis1;
122 APIPermissionSet apis2;
123 APIPermissionSet expected_apis;
124 APIPermissionSet result;
126 const APIPermissionInfo* permission_info =
127 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
129 // Intersection with an empty set.
130 apis1.insert(APIPermission::kAudioCapture);
131 apis1.insert(APIPermission::kDns);
132 permission = permission_info->CreateAPIPermission();
134 scoped_ptr<base::ListValue> value(new base::ListValue());
135 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
136 value->Append(new base::StringValue("udp-bind::8080"));
137 value->Append(new base::StringValue("udp-send-to::8888"));
138 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
140 apis1.insert(permission);
142 ASSERT_TRUE(apis2.empty());
143 APIPermissionSet::Intersection(apis1, apis2, &result);
145 EXPECT_TRUE(apis1.Contains(result));
146 EXPECT_TRUE(apis2.Contains(result));
147 EXPECT_TRUE(apis1.Contains(apis2));
148 EXPECT_FALSE(apis2.Contains(apis1));
149 EXPECT_FALSE(result.Contains(apis1));
150 EXPECT_TRUE(result.Contains(apis2));
152 EXPECT_TRUE(result.empty());
153 EXPECT_EQ(expected_apis, result);
155 // Now use a real second set.
156 apis2.insert(APIPermission::kAudioCapture);
157 apis2.insert(APIPermission::kHid);
158 apis2.insert(APIPermission::kPower);
159 apis2.insert(APIPermission::kSerial);
160 permission = permission_info->CreateAPIPermission();
162 scoped_ptr<base::ListValue> value(new base::ListValue());
163 value->Append(new base::StringValue("udp-bind::8080"));
164 value->Append(new base::StringValue("udp-send-to::8888"));
165 value->Append(new base::StringValue("udp-send-to::8899"));
166 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
168 apis2.insert(permission);
170 expected_apis.insert(APIPermission::kAudioCapture);
171 permission = permission_info->CreateAPIPermission();
173 scoped_ptr<base::ListValue> value(new base::ListValue());
174 value->Append(new base::StringValue("udp-bind::8080"));
175 value->Append(new base::StringValue("udp-send-to::8888"));
176 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
178 expected_apis.insert(permission);
180 APIPermissionSet::Intersection(apis1, apis2, &result);
182 EXPECT_TRUE(apis1.Contains(result));
183 EXPECT_TRUE(apis2.Contains(result));
184 EXPECT_FALSE(apis1.Contains(apis2));
185 EXPECT_FALSE(apis2.Contains(apis1));
186 EXPECT_FALSE(result.Contains(apis1));
187 EXPECT_FALSE(result.Contains(apis2));
189 EXPECT_EQ(expected_apis, result);
192 TEST(APIPermissionSetTest, CreateDifference) {
193 APIPermission* permission = NULL;
195 APIPermissionSet apis1;
196 APIPermissionSet apis2;
197 APIPermissionSet expected_apis;
198 APIPermissionSet result;
200 const APIPermissionInfo* permission_info =
201 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
203 // Difference with an empty set.
204 apis1.insert(APIPermission::kAudioCapture);
205 apis1.insert(APIPermission::kDns);
206 permission = permission_info->CreateAPIPermission();
208 scoped_ptr<base::ListValue> value(new base::ListValue());
209 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
210 value->Append(new base::StringValue("udp-bind::8080"));
211 value->Append(new base::StringValue("udp-send-to::8888"));
212 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
214 apis1.insert(permission);
216 ASSERT_TRUE(apis2.empty());
217 APIPermissionSet::Difference(apis1, apis2, &result);
219 EXPECT_EQ(apis1, result);
221 // Now use a real second set.
222 apis2.insert(APIPermission::kAudioCapture);
223 apis2.insert(APIPermission::kHid);
224 apis2.insert(APIPermission::kPower);
225 apis2.insert(APIPermission::kSerial);
226 permission = permission_info->CreateAPIPermission();
228 scoped_ptr<base::ListValue> value(new base::ListValue());
229 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
230 value->Append(new base::StringValue("udp-send-to::8899"));
231 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
233 apis2.insert(permission);
235 expected_apis.insert(APIPermission::kDns);
236 permission = permission_info->CreateAPIPermission();
238 scoped_ptr<base::ListValue> value(new base::ListValue());
239 value->Append(new base::StringValue("udp-bind::8080"));
240 value->Append(new base::StringValue("udp-send-to::8888"));
241 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
243 expected_apis.insert(permission);
245 APIPermissionSet::Difference(apis1, apis2, &result);
247 EXPECT_TRUE(apis1.Contains(result));
248 EXPECT_FALSE(apis2.Contains(result));
250 EXPECT_EQ(expected_apis, result);
252 // |result| = |apis1| - |apis2| --> |result| intersect |apis2| == empty_set
253 APIPermissionSet result2;
254 APIPermissionSet::Intersection(result, apis2, &result2);
255 EXPECT_TRUE(result2.empty());
258 TEST(APIPermissionSetTest, IPC) {
259 APIPermission* permission = NULL;
261 APIPermissionSet apis;
262 APIPermissionSet expected_apis;
264 const APIPermissionInfo* permission_info =
265 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket);
267 apis.insert(APIPermission::kAudioCapture);
268 apis.insert(APIPermission::kDns);
269 permission = permission_info->CreateAPIPermission();
271 scoped_ptr<base::ListValue> value(new base::ListValue());
272 value->Append(new base::StringValue("tcp-connect:*.example.com:80"));
273 value->Append(new base::StringValue("udp-bind::8080"));
274 value->Append(new base::StringValue("udp-send-to::8888"));
275 ASSERT_TRUE(permission->FromValue(value.get(), NULL, NULL));
277 apis.insert(permission);
279 EXPECT_NE(apis, expected_apis);
281 IPC::Message m;
282 WriteParam(&m, apis);
283 PickleIterator iter(m);
284 CHECK(ReadParam(&m, &iter, &expected_apis));
285 EXPECT_EQ(apis, expected_apis);
288 } // namespace extensions