search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Supervised user whitelists: Cleanup
[chromium-blink-merge.git] / extensions / common / permissions / permissions_data.cc
blobfb909d03d9d6639ffe5e3e7c7431580bab4deed2
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "extensions/common/permissions/permissions_data.h"
6
7 #include "base/command_line.h"
8 #include "content/public/common/url_constants.h"
9 #include "extensions/common/constants.h"
10 #include "extensions/common/error_utils.h"
11 #include "extensions/common/extension.h"
12 #include "extensions/common/extensions_client.h"
13 #include "extensions/common/manifest.h"
14 #include "extensions/common/manifest_constants.h"
15 #include "extensions/common/manifest_handlers/permissions_parser.h"
16 #include "extensions/common/permissions/permission_message_util.h"
17 #include "extensions/common/switches.h"
18 #include "extensions/common/url_pattern_set.h"
19 #include "url/gurl.h"
20 #include "url/url_constants.h"
21
22 namespace extensions {
23
24 namespace {
25
26 PermissionsData::PolicyDelegate* g_policy_delegate = NULL;
27
28 } // namespace
29
30 PermissionsData::PermissionsData(const Extension* extension)
31 : extension_id_(extension->id()), manifest_type_(extension->GetType()) {
32 base::AutoLock auto_lock(runtime_lock_);
33 scoped_refptr<const PermissionSet> required_permissions =
34 PermissionsParser::GetRequiredPermissions(extension);
35 active_permissions_unsafe_ =
36 new PermissionSet(required_permissions->apis(),
37 required_permissions->manifest_permissions(),
38 required_permissions->explicit_hosts(),
39 required_permissions->scriptable_hosts());
40 withheld_permissions_unsafe_ = new PermissionSet();
41 }
42
43 PermissionsData::~PermissionsData() {
44 }
45
46 // static
47 void PermissionsData::SetPolicyDelegate(PolicyDelegate* delegate) {
48 g_policy_delegate = delegate;
49 }
50
51 // static
52 bool PermissionsData::CanExecuteScriptEverywhere(const Extension* extension) {
53 if (extension->location() == Manifest::COMPONENT)
54 return true;
55
56 const ExtensionsClient::ScriptingWhitelist& whitelist =
57 ExtensionsClient::Get()->GetScriptingWhitelist();
58
59 return std::find(whitelist.begin(), whitelist.end(), extension->id()) !=
60 whitelist.end();
61 }
62
63 // static
64 bool PermissionsData::ScriptsMayRequireActionForExtension(
65 const Extension* extension,
66 const PermissionSet* permissions) {
67 // An extension may require user action to execute scripts iff the extension
68 // shows up in chrome:extensions (so the user can grant withheld permissions),
69 // is not part of chrome or corporate policy, not on the scripting whitelist,
70 // and requires enough permissions that we should withhold them.
71 return extension->ShouldDisplayInExtensionSettings() &&
72 !Manifest::IsPolicyLocation(extension->location()) &&
73 !Manifest::IsComponentLocation(extension->location()) &&
74 !CanExecuteScriptEverywhere(extension) &&
75 permissions->ShouldWarnAllHosts();
76 }
77
78 bool PermissionsData::ShouldSkipPermissionWarnings(
79 const std::string& extension_id) {
80 // See http://b/4946060 for more details.
81 return extension_id == std::string("nckgahadagoaajjgafhacjanaoiihapd");
82 }
83
84 // static
85 bool PermissionsData::IsRestrictedUrl(const GURL& document_url,
86 const GURL& top_frame_url,
87 const Extension* extension,
88 std::string* error) {
89 if (extension && CanExecuteScriptEverywhere(extension))
90 return false;
91
92 // Check if the scheme is valid for extensions. If not, return.
93 if (!URLPattern::IsValidSchemeForExtensions(document_url.scheme()) &&
94 document_url.spec() != url::kAboutBlankURL) {
95 if (error) {
96 *error = ErrorUtils::FormatErrorMessage(
97 manifest_errors::kCannotAccessPage,
98 document_url.spec());
99 }
100 return true;
101 }
102
103 if (!ExtensionsClient::Get()->IsScriptableURL(document_url, error))
104 return true;
105
106 bool allow_on_chrome_urls = base::CommandLine::ForCurrentProcess()->HasSwitch(
107 switches::kExtensionsOnChromeURLs);
108 if (document_url.SchemeIs(content::kChromeUIScheme) &&
109 !allow_on_chrome_urls) {
110 if (error)
111 *error = manifest_errors::kCannotAccessChromeUrl;
112 return true;
113 }
114
115 if (extension && top_frame_url.SchemeIs(kExtensionScheme) &&
116 top_frame_url.host() != extension->id() && !allow_on_chrome_urls) {
117 if (error)
118 *error = manifest_errors::kCannotAccessExtensionUrl;
119 return true;
120 }
121
122 return false;
123 }
124
125 void PermissionsData::SetPermissions(
126 const scoped_refptr<const PermissionSet>& active,
127 const scoped_refptr<const PermissionSet>& withheld) const {
128 base::AutoLock auto_lock(runtime_lock_);
129 active_permissions_unsafe_ = active;
130 withheld_permissions_unsafe_ = withheld;
131 }
132
133 void PermissionsData::UpdateTabSpecificPermissions(
134 int tab_id,
135 scoped_refptr<const PermissionSet> permissions) const {
136 base::AutoLock auto_lock(runtime_lock_);
137 CHECK_GE(tab_id, 0);
138 TabPermissionsMap::iterator iter = tab_specific_permissions_.find(tab_id);
139 if (iter == tab_specific_permissions_.end())
140 tab_specific_permissions_[tab_id] = permissions;
141 else
142 iter->second =
143 PermissionSet::CreateUnion(iter->second.get(), permissions.get());
144 }
145
146 void PermissionsData::ClearTabSpecificPermissions(int tab_id) const {
147 base::AutoLock auto_lock(runtime_lock_);
148 CHECK_GE(tab_id, 0);
149 tab_specific_permissions_.erase(tab_id);
150 }
151
152 bool PermissionsData::HasAPIPermission(APIPermission::ID permission) const {
153 return active_permissions()->HasAPIPermission(permission);
154 }
155
156 bool PermissionsData::HasAPIPermission(
157 const std::string& permission_name) const {
158 return active_permissions()->HasAPIPermission(permission_name);
159 }
160
161 bool PermissionsData::HasAPIPermissionForTab(
162 int tab_id,
163 APIPermission::ID permission) const {
164 if (HasAPIPermission(permission))
165 return true;
166
167 scoped_refptr<const PermissionSet> tab_permissions =
168 GetTabSpecificPermissions(tab_id);
169
170 // Place autolock below the HasAPIPermission() and
171 // GetTabSpecificPermissions(), since each already acquires the lock.
172 base::AutoLock auto_lock(runtime_lock_);
173 return tab_permissions.get() && tab_permissions->HasAPIPermission(permission);
174 }
175
176 bool PermissionsData::CheckAPIPermissionWithParam(
177 APIPermission::ID permission,
178 const APIPermission::CheckParam* param) const {
179 return active_permissions()->CheckAPIPermissionWithParam(permission, param);
180 }
181
182 URLPatternSet PermissionsData::GetEffectiveHostPermissions() const {
183 base::AutoLock auto_lock(runtime_lock_);
184 URLPatternSet effective_hosts = active_permissions_unsafe_->effective_hosts();
185 for (const auto& val : tab_specific_permissions_)
186 effective_hosts.AddPatterns(val.second->effective_hosts());
187 return effective_hosts;
188 }
189
190 bool PermissionsData::HasHostPermission(const GURL& url) const {
191 return active_permissions()->HasExplicitAccessToOrigin(url);
192 }
193
194 bool PermissionsData::HasEffectiveAccessToAllHosts() const {
195 return active_permissions()->HasEffectiveAccessToAllHosts();
196 }
197
198 PermissionMessageIDs PermissionsData::GetLegacyPermissionMessageIDs() const {
199 if (ShouldSkipPermissionWarnings(extension_id_)) {
200 return PermissionMessageIDs();
201 } else {
202 return PermissionMessageProvider::Get()->GetLegacyPermissionMessageIDs(
203 active_permissions().get(), manifest_type_);
204 }
205 }
206
207 PermissionMessageStrings PermissionsData::GetPermissionMessageStrings() const {
208 if (ShouldSkipPermissionWarnings(extension_id_))
209 return PermissionMessageStrings();
210 return PermissionMessageProvider::Get()->GetPermissionMessageStrings(
211 active_permissions().get(), manifest_type_);
212 }
213
214 CoalescedPermissionMessages PermissionsData::GetCoalescedPermissionMessages()
215 const {
216 return PermissionMessageProvider::Get()->GetCoalescedPermissionMessages(
217 PermissionMessageProvider::Get()->GetAllPermissionIDs(
218 active_permissions().get(), manifest_type_));
219 }
220
221 bool PermissionsData::HasWithheldImpliedAllHosts() const {
222 // Since we currently only withhold all_hosts, it's sufficient to check
223 // that either set is not empty.
224 return !withheld_permissions()->explicit_hosts().is_empty() ||
225 !withheld_permissions()->scriptable_hosts().is_empty();
226 }
227
228 bool PermissionsData::CanAccessPage(const Extension* extension,
229 const GURL& document_url,
230 const GURL& top_frame_url,
231 int tab_id,
232 int process_id,
233 std::string* error) const {
234 AccessType result = CanRunOnPage(extension,
235 document_url,
236 top_frame_url,
237 tab_id,
238 process_id,
239 active_permissions()->explicit_hosts(),
240 withheld_permissions()->explicit_hosts(),
241 error);
242 // TODO(rdevlin.cronin) Update callers so that they only need ACCESS_ALLOWED.
243 return result == ACCESS_ALLOWED || result == ACCESS_WITHHELD;
244 }
245
246 PermissionsData::AccessType PermissionsData::GetPageAccess(
247 const Extension* extension,
248 const GURL& document_url,
249 const GURL& top_frame_url,
250 int tab_id,
251 int process_id,
252 std::string* error) const {
253 return CanRunOnPage(extension,
254 document_url,
255 top_frame_url,
256 tab_id,
257 process_id,
258 active_permissions()->explicit_hosts(),
259 withheld_permissions()->explicit_hosts(),
260 error);
261 }
262
263 bool PermissionsData::CanRunContentScriptOnPage(const Extension* extension,
264 const GURL& document_url,
265 const GURL& top_frame_url,
266 int tab_id,
267 int process_id,
268 std::string* error) const {
269 AccessType result = CanRunOnPage(extension,
270 document_url,
271 top_frame_url,
272 tab_id,
273 process_id,
274 active_permissions()->scriptable_hosts(),
275 withheld_permissions()->scriptable_hosts(),
276 error);
277 // TODO(rdevlin.cronin) Update callers so that they only need ACCESS_ALLOWED.
278 return result == ACCESS_ALLOWED || result == ACCESS_WITHHELD;
279 }
280
281 PermissionsData::AccessType PermissionsData::GetContentScriptAccess(
282 const Extension* extension,
283 const GURL& document_url,
284 const GURL& top_frame_url,
285 int tab_id,
286 int process_id,
287 std::string* error) const {
288 return CanRunOnPage(extension,
289 document_url,
290 top_frame_url,
291 tab_id,
292 process_id,
293 active_permissions()->scriptable_hosts(),
294 withheld_permissions()->scriptable_hosts(),
295 error);
296 }
297
298 bool PermissionsData::CanCaptureVisiblePage(int tab_id,
299 std::string* error) const {
300 const URLPattern all_urls(URLPattern::SCHEME_ALL,
301 URLPattern::kAllUrlsPattern);
302
303 if (active_permissions()->explicit_hosts().ContainsPattern(all_urls))
304 return true;
305
306 if (tab_id >= 0) {
307 scoped_refptr<const PermissionSet> tab_permissions =
308 GetTabSpecificPermissions(tab_id);
309 if (tab_permissions.get() &&
310 tab_permissions->HasAPIPermission(APIPermission::kTab)) {
311 return true;
312 }
313 if (error)
314 *error = manifest_errors::kActiveTabPermissionNotGranted;
315 return false;
316 }
317
318 if (error)
319 *error = manifest_errors::kAllURLOrActiveTabNeeded;
320 return false;
321 }
322
323 scoped_refptr<const PermissionSet> PermissionsData::GetTabSpecificPermissions(
324 int tab_id) const {
325 base::AutoLock auto_lock(runtime_lock_);
326 CHECK_GE(tab_id, 0);
327 TabPermissionsMap::const_iterator iter =
328 tab_specific_permissions_.find(tab_id);
329 return (iter != tab_specific_permissions_.end()) ? iter->second : NULL;
330 }
331
332 bool PermissionsData::HasTabSpecificPermissionToExecuteScript(
333 int tab_id,
334 const GURL& url) const {
335 if (tab_id >= 0) {
336 scoped_refptr<const PermissionSet> tab_permissions =
337 GetTabSpecificPermissions(tab_id);
338 if (tab_permissions.get() &&
339 tab_permissions->explicit_hosts().MatchesSecurityOrigin(url)) {
340 return true;
341 }
342 }
343 return false;
344 }
345
346 PermissionsData::AccessType PermissionsData::CanRunOnPage(
347 const Extension* extension,
348 const GURL& document_url,
349 const GURL& top_frame_url,
350 int tab_id,
351 int process_id,
352 const URLPatternSet& permitted_url_patterns,
353 const URLPatternSet& withheld_url_patterns,
354 std::string* error) const {
355 if (g_policy_delegate &&
356 !g_policy_delegate->CanExecuteScriptOnPage(
357 extension, document_url, top_frame_url, tab_id, process_id, error)) {
358 return ACCESS_DENIED;
359 }
360
361 if (IsRestrictedUrl(document_url, top_frame_url, extension, error))
362 return ACCESS_DENIED;
363
364 if (HasTabSpecificPermissionToExecuteScript(tab_id, top_frame_url))
365 return ACCESS_ALLOWED;
366
367 if (permitted_url_patterns.MatchesURL(document_url))
368 return ACCESS_ALLOWED;
369
370 if (withheld_url_patterns.MatchesURL(document_url))
371 return ACCESS_WITHHELD;
372
373 if (error) {
374 *error = ErrorUtils::FormatErrorMessage(manifest_errors::kCannotAccessPage,
375 document_url.spec());
376 }
377 return ACCESS_DENIED;
378 }
379
380 } // namespace extensions