search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Update CrOS OOBE throbber to MD throbber; delete old asset
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_permission_message_rules.cc
blob977a21a47c92d819e69c645e2af3575a09a430dc
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
6
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "base/strings/utf_string_conversions.h"
10 #include "chrome/grit/generated_resources.h"
11 #include "extensions/common/permissions/api_permission_set.h"
12 #include "extensions/common/permissions/coalesced_permission_message.h"
13 #include "grit/extensions_strings.h"
14 #include "ui/base/l10n/l10n_util.h"
15
16 namespace extensions {
17
18 namespace {
19
20 // The default formatter for a permission message. Simply displays the message
21 // with the given ID.
22 class DefaultPermissionMessageFormatter
23 : public ChromePermissionMessageFormatter {
24 public:
25 explicit DefaultPermissionMessageFormatter(int message_id)
26 : message_id_(message_id) {}
27 ~DefaultPermissionMessageFormatter() override {}
28
29 CoalescedPermissionMessage GetPermissionMessage(
30 const PermissionIDSet& permissions) const override {
31 return CoalescedPermissionMessage(l10n_util::GetStringUTF16(message_id_),
32 permissions);
33 }
34
35 private:
36 int message_id_;
37
38 DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter);
39 };
40
41 // A formatter that substitutes the parameter into the message using string
42 // formatting.
43 // NOTE: Only one permission with the given ID is substituted using this rule.
44 class SingleParameterFormatter : public ChromePermissionMessageFormatter {
45 public:
46 explicit SingleParameterFormatter(int message_id) : message_id_(message_id) {}
47 ~SingleParameterFormatter() override {}
48
49 CoalescedPermissionMessage GetPermissionMessage(
50 const PermissionIDSet& permissions) const override {
51 DCHECK(permissions.size() > 0);
52 std::vector<base::string16> parameters =
53 permissions.GetAllPermissionParameters();
54 DCHECK_EQ(1U, parameters.size())
55 << "Only one message with each ID can be parameterized.";
56 return CoalescedPermissionMessage(
57 l10n_util::GetStringFUTF16(message_id_, parameters[0]), permissions);
58 }
59
60 private:
61 int message_id_;
62
63 DISALLOW_COPY_AND_ASSIGN(SingleParameterFormatter);
64 };
65
66 // Adds each parameter to a growing list, with the given |root_message_id| as
67 // the message at the top of the list.
68 class SimpleListFormatter : public ChromePermissionMessageFormatter {
69 public:
70 explicit SimpleListFormatter(int root_message_id)
71 : root_message_id_(root_message_id) {}
72 ~SimpleListFormatter() override {}
73
74 CoalescedPermissionMessage GetPermissionMessage(
75 const PermissionIDSet& permissions) const override {
76 DCHECK(permissions.size() > 0);
77 return CoalescedPermissionMessage(
78 l10n_util::GetStringUTF16(root_message_id_), permissions,
79 permissions.GetAllPermissionParameters());
80 }
81
82 private:
83 int root_message_id_;
84
85 DISALLOW_COPY_AND_ASSIGN(SimpleListFormatter);
86 };
87
88 // Creates a space-separated list of permissions with the given PermissionID.
89 // The list is inserted into the messages with the given IDs: one for the case
90 // where there is a single permission, and the other for the case where there
91 // are multiple.
92 // TODO(sashab): Extend this to pluralize correctly in all languages.
93 class SpaceSeparatedListFormatter : public ChromePermissionMessageFormatter {
94 public:
95 SpaceSeparatedListFormatter(int message_id_for_one_host,
96 int message_id_for_multiple_hosts)
97 : message_id_for_one_host_(message_id_for_one_host),
98 message_id_for_multiple_hosts_(message_id_for_multiple_hosts) {}
99 ~SpaceSeparatedListFormatter() override {}
100
101 CoalescedPermissionMessage GetPermissionMessage(
102 const PermissionIDSet& permissions) const override {
103 DCHECK(permissions.size() > 0);
104 std::vector<base::string16> hostnames =
105 permissions.GetAllPermissionParameters();
106 base::string16 hosts_string =
107 base::JoinString(hostnames, base::ASCIIToUTF16(" "));
108 return CoalescedPermissionMessage(
109 l10n_util::GetStringFUTF16(hostnames.size() == 1
110 ? message_id_for_one_host_
111 : message_id_for_multiple_hosts_,
112 hosts_string),
113 permissions);
114 }
115
116 private:
117 int message_id_for_one_host_;
118 int message_id_for_multiple_hosts_;
119
120 DISALLOW_COPY_AND_ASSIGN(SpaceSeparatedListFormatter);
121 };
122
123 // Creates a comma-separated list of permissions with the given PermissionID.
124 // The list is inserted into the messages with the given IDs: one for each case
125 // of 1-3 permissions, and the other for the case where there are 4 or more
126 // permissions. In the case of 4 or more permissions, rather than insert the
127 // list into the message, the permissions are displayed as submessages in the
128 // resultant CoalescedPermissionMessage.
129 class CommaSeparatedListFormatter : public ChromePermissionMessageFormatter {
130 public:
131 CommaSeparatedListFormatter(int message_id_for_one_host,
132 int message_id_for_two_hosts,
133 int message_id_for_three_hosts,
134 int message_id_for_many_hosts)
135 : message_id_for_one_host_(message_id_for_one_host),
136 message_id_for_two_hosts_(message_id_for_two_hosts),
137 message_id_for_three_hosts_(message_id_for_three_hosts),
138 message_id_for_many_hosts_(message_id_for_many_hosts) {}
139 ~CommaSeparatedListFormatter() override {}
140
141 CoalescedPermissionMessage GetPermissionMessage(
142 const PermissionIDSet& permissions) const override {
143 DCHECK(permissions.size() > 0);
144 std::vector<base::string16> hostnames =
145 permissions.GetAllPermissionParameters();
146 CoalescedPermissionMessages messages;
147 if (hostnames.size() <= 3) {
148 return CoalescedPermissionMessage(
149 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames.size()),
150 hostnames, NULL),
151 permissions);
152 }
153
154 return CoalescedPermissionMessage(
155 l10n_util::GetStringUTF16(message_id_for_many_hosts_), permissions,
156 hostnames);
157 }
158
159 private:
160 int message_id_for_hosts(int number_of_hosts) const {
161 switch (number_of_hosts) {
162 case 1:
163 return message_id_for_one_host_;
164 case 2:
165 return message_id_for_two_hosts_;
166 case 3:
167 return message_id_for_three_hosts_;
168 default:
169 return message_id_for_many_hosts_;
170 }
171 }
172
173 int message_id_for_one_host_;
174 int message_id_for_two_hosts_;
175 int message_id_for_three_hosts_;
176 int message_id_for_many_hosts_;
177
178 DISALLOW_COPY_AND_ASSIGN(CommaSeparatedListFormatter);
179 };
180
181 class USBDevicesFormatter : public ChromePermissionMessageFormatter {
182 public:
183 USBDevicesFormatter() {}
184 ~USBDevicesFormatter() override {}
185
186 CoalescedPermissionMessage GetPermissionMessage(
187 const PermissionIDSet& permissions) const override {
188 DCHECK(permissions.size() > 0);
189 return permissions.size() == 1 ? GetItemMessage(permissions)
190 : GetMultiItemMessage(permissions);
191 }
192
193 private:
194 CoalescedPermissionMessage GetItemMessage(
195 const PermissionIDSet& permissions) const {
196 DCHECK(permissions.size() == 1);
197 const PermissionID& permission = *permissions.begin();
198 base::string16 msg;
199 switch (permission.id()) {
200 case APIPermission::kUsbDevice:
201 msg = l10n_util::GetStringFUTF16(
202 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE, permission.parameter());
203 break;
204 case APIPermission::kUsbDeviceUnknownProduct:
205 msg = l10n_util::GetStringFUTF16(
206 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT,
207 permission.parameter());
208 break;
209 case APIPermission::kUsbDeviceUnknownVendor:
210 msg = l10n_util::GetStringUTF16(
211 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR);
212 break;
213 default:
214 NOTREACHED();
215 }
216 return CoalescedPermissionMessage(msg, permissions);
217 }
218
219 CoalescedPermissionMessage GetMultiItemMessage(
220 const PermissionIDSet& permissions) const {
221 DCHECK(permissions.size() > 1);
222 // Put all the individual items into submessages.
223 std::vector<base::string16> submessages;
224 std::vector<base::string16> devices =
225 permissions.GetAllPermissionsWithID(APIPermission::kUsbDevice)
226 .GetAllPermissionParameters();
227 for (const base::string16& device : devices) {
228 submessages.push_back(l10n_util::GetStringFUTF16(
229 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM, device));
230 }
231 std::vector<base::string16> vendors =
232 permissions.GetAllPermissionsWithID(
233 APIPermission::kUsbDeviceUnknownProduct)
234 .GetAllPermissionParameters();
235 for (const base::string16& vendor : vendors) {
236 submessages.push_back(l10n_util::GetStringFUTF16(
237 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_PRODUCT,
238 vendor));
239 }
240 if (permissions.ContainsID(APIPermission::kUsbDeviceUnknownVendor)) {
241 submessages.push_back(l10n_util::GetStringUTF16(
242 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_VENDOR));
243 }
244
245 return CoalescedPermissionMessage(
246 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
247 permissions, submessages);
248 }
249
250 DISALLOW_COPY_AND_ASSIGN(USBDevicesFormatter);
251 };
252
253 } // namespace
254
255 ChromePermissionMessageRule::ChromePermissionMessageRule(
256 int message_id,
257 PermissionIDSetInitializer required,
258 PermissionIDSetInitializer optional)
259 : required_permissions_(required),
260 optional_permissions_(optional),
261 formatter_(new DefaultPermissionMessageFormatter(message_id)) {
262 }
263
264 ChromePermissionMessageRule::ChromePermissionMessageRule(
265 ChromePermissionMessageFormatter* formatter,
266 PermissionIDSetInitializer required,
267 PermissionIDSetInitializer optional)
268 : required_permissions_(required),
269 optional_permissions_(optional),
270 formatter_(formatter) {
271 }
272
273 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
274 }
275
276 std::set<APIPermission::ID> ChromePermissionMessageRule::required_permissions()
277 const {
278 return required_permissions_;
279 }
280 std::set<APIPermission::ID> ChromePermissionMessageRule::optional_permissions()
281 const {
282 return optional_permissions_;
283 }
284
285 std::set<APIPermission::ID> ChromePermissionMessageRule::all_permissions()
286 const {
287 return base::STLSetUnion<std::set<APIPermission::ID>>(required_permissions(),
288 optional_permissions());
289 }
290
291 CoalescedPermissionMessage ChromePermissionMessageRule::GetPermissionMessage(
292 const PermissionIDSet& permissions) const {
293 return formatter_->GetPermissionMessage(permissions);
294 }
295
296 // static
297 std::vector<ChromePermissionMessageRule>
298 ChromePermissionMessageRule::GetAllRules() {
299 // The rules for generating messages from permissions. Any new rules should be
300 // added directly to this list, not elsewhere in the code, so that all the
301 // logic of generating and coalescing permission messages happens here.
302 //
303 // Each rule has 3 components:
304 // 1. The message itself
305 // 2. The permissions that need to be present for the message to appear
306 // 3. Permissions that, if present, also contribute to the message, but do not
307 // form the message on their own
308 //
309 // Rules are applied in precedence order: rules that come first consume
310 // permissions (both required and optional) so they can not be used in later
311 // rules.
312 // NOTE: The order of this list matters - be careful when adding new rules!
313 // If unsure, add them near related rules and add tests to
314 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
315 // messages are being generated/coalesced correctly.
316 //
317 // Rules are not transitive: This means that if the kTab permission 'absorbs'
318 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
319 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
320 // to the kHistory absorb list. Ideally, the rules system should be simple
321 // enough that rules like this should not occur; the visibility of the rules
322 // system should allow us to design a system that is simple enough to explain
323 // yet powerful enough to encapsulate all the messages we want to display.
324 //
325 // TODO(sashab): Once existing message sites are deprecated, reorder this list
326 // to better describe the rules generated, rather than the callsites they are
327 // migrated from.
328 ChromePermissionMessageRule rules_arr[] = {
329 // Full url access permission messages.
330 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
331 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
332 {APIPermission::kPlugin},
333 {APIPermission::kFullAccess, APIPermission::kHostsAll,
334 APIPermission::kHostsAllReadOnly, APIPermission::kDeclarativeWebRequest,
335 APIPermission::kTopSites, APIPermission::kTab}},
336 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
337 {APIPermission::kFullAccess},
338 {APIPermission::kHostsAll, APIPermission::kHostsAllReadOnly,
339 APIPermission::kDeclarativeWebRequest, APIPermission::kTopSites,
340 APIPermission::kTab}},
341
342 // Parameterized permission messages:
343 // Messages generated by the sockets permission.
344 {new SpaceSeparatedListFormatter(
345 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
346 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
347 {APIPermission::kSocketDomainHosts},
348 {}},
349 {new SpaceSeparatedListFormatter(
350 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST,
351 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS),
352 {APIPermission::kSocketSpecificHosts},
353 {}},
354
355 // Messages generated by host permissions.
356 {new CommaSeparatedListFormatter(
357 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY,
358 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY,
359 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY,
360 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY),
361 {APIPermission::kHostReadOnly},
362 {}},
363 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
364 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
365 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
366 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
367 {APIPermission::kHostReadWrite},
368 {}},
369
370 // USB Device Permission rules:
371 {new USBDevicesFormatter,
372 {},
373 {APIPermission::kUsbDevice, APIPermission::kUsbDeviceUnknownProduct,
374 APIPermission::kUsbDeviceUnknownVendor}},
375
376 // Coalesced message rules taken from
377 // ChromePermissionMessageProvider::GetWarningMessages():
378
379 // Access to users' devices should provide a single warning message
380 // specifying the transport method used; serial and/or Bluetooth.
381 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
382 {APIPermission::kBluetooth, APIPermission::kSerial},
383 {APIPermission::kBluetoothDevices}},
384
385 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY,
386 {APIPermission::kAccessibilityFeaturesModify,
387 APIPermission::kAccessibilityFeaturesRead},
388 {}},
389
390 // TODO(sashab): Add the missing combinations of media galleries
391 // permissions so a valid permission is generated for all combinations.
392 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE,
393 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
394 APIPermission::kMediaGalleriesAllGalleriesDelete,
395 APIPermission::kMediaGalleriesAllGalleriesRead},
396 {}},
397 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE,
398 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
399 APIPermission::kMediaGalleriesAllGalleriesRead},
400 {}},
401 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
402 {APIPermission::kMediaGalleriesAllGalleriesDelete,
403 APIPermission::kMediaGalleriesAllGalleriesRead},
404 {}},
405 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
406 {APIPermission::kMediaGalleriesAllGalleriesRead},
407 {}},
408
409 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
410 {APIPermission::kSessions, APIPermission::kHistory},
411 {APIPermission::kFavicon, APIPermission::kProcesses, APIPermission::kTab,
412 APIPermission::kTopSites, APIPermission::kWebNavigation}},
413 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
414 {APIPermission::kSessions, APIPermission::kTab},
415 {APIPermission::kFavicon, APIPermission::kProcesses,
416 APIPermission::kTopSites, APIPermission::kWebNavigation}},
417
418 // Suppression list taken from
419 // ChromePermissionMessageProvider::GetPermissionMessages():
420 // Some warnings are more generic and/or powerful and supercede other
421 // warnings. In that case, the first message suppresses the second one.
422 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
423 {APIPermission::kBluetooth},
424 {APIPermission::kBluetoothDevices}},
425 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
426 {APIPermission::kBookmark},
427 {APIPermission::kOverrideBookmarksUI}},
428 // History already allows reading favicons, tab access and accessing the
429 // list of most frequently visited sites.
430 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
431 {APIPermission::kHistory},
432 {APIPermission::kFavicon, APIPermission::kProcesses, APIPermission::kTab,
433 APIPermission::kTopSites, APIPermission::kWebNavigation}},
434 // A special hack: If kFileSystemWriteDirectory would be displayed, hide
435 // kFileSystemDirectory as the write directory message implies it.
436 // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
437 // since this rules system can represent the rule. See crbug.com/284849.
438 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
439 {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
440 {APIPermission::kFileSystemWriteDirectory}},
441 // Full access already allows DeclarativeWebRequest, reading the list of
442 // most frequently visited sites, and tab access.
443 // The warning message for declarativeWebRequest
444 // permissions speaks about blocking parts of pages, which is a
445 // subset of what the "<all_urls>" access allows. Therefore we
446 // display only the "<all_urls>" warning message if both permissions
447 // are required.
448 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
449 {APIPermission::kHostsAll},
450 {APIPermission::kDeclarativeWebRequest, APIPermission::kTopSites,
451 APIPermission::kTab, APIPermission::kFavicon, APIPermission::kTopSites,
452 APIPermission::kHostsAllReadOnly}},
453 // AutomationManifestPermission:
454 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
455 {APIPermission::kHostsAllReadOnly},
456 {}}, // TODO(treib): This should probably include kTab?
457 // Tabs already allows reading favicons and reading the list of most
458 // frequently visited sites.
459 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
460 {APIPermission::kTab},
461 {APIPermission::kFavicon, APIPermission::kProcesses,
462 APIPermission::kTopSites, APIPermission::kWebNavigation}},
463
464 // Individual message rules taken from
465 // ChromeAPIPermissions::GetAllPermissions():
466 // Permission messages for all extension types:
467
468 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
469 {APIPermission::kClipboardRead},
470 {}},
471 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
472 {APIPermission::kDesktopCapture},
473 {}},
474 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, {APIPermission::kDownloads}, {}},
475 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
476 {APIPermission::kDownloadsOpen},
477 {}},
478 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
479 {APIPermission::kIdentityEmail},
480 {}},
481 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
482 {APIPermission::kGeolocation},
483 {}},
484
485 // Permission messages for extensions:
486 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
487 {APIPermission::kAccessibilityFeaturesModify},
488 {}},
489 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
490 {APIPermission::kAccessibilityFeaturesRead},
491 {}},
492 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, {APIPermission::kBookmark}, {}},
493 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
494 {APIPermission::kContentSettings},
495 {}},
496 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
497 {APIPermission::kCopresence},
498 {}},
499 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN,
500 {APIPermission::kDocumentScan},
501 {}},
502 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
503 {APIPermission::kHistory},
504 {}},
505 {IDS_EXTENSION_PROMPT_WARNING_INPUT, {APIPermission::kInput}, {}},
506 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
507 {APIPermission::kLocation},
508 {}},
509 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
510 {APIPermission::kManagement},
511 {}},
512 {IDS_EXTENSION_PROMPT_WARNING_MDNS, {APIPermission::kMDns}, {}},
513 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
514 {APIPermission::kNativeMessaging},
515 {}},
516 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY, {APIPermission::kPrivacy}, {}},
517 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
518 {APIPermission::kProcesses},
519 {}},
520 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
521 {APIPermission::kSignedInDevices},
522 {}},
523 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
524 {APIPermission::kSyncFileSystem},
525 {}},
526 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES, {APIPermission::kTopSites}, {}},
527 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
528 {APIPermission::kTtsEngine},
529 {}},
530 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, {APIPermission::kWallpaper}, {}},
531 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
532 {APIPermission::kWebNavigation},
533 {}},
534 {IDS_EXTENSION_PROMPT_WARNING_PLATFORMKEYS,
535 {APIPermission::kPlatformKeys},
536 {}},
537
538 // Permission messages for private permissions:
539 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
540 {APIPermission::kScreenlockPrivate},
541 {}},
542 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
543 {APIPermission::kActivityLogPrivate},
544 {}},
545 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
546 {APIPermission::kExperienceSamplingPrivate},
547 {}},
548 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
549 {APIPermission::kNetworkingPrivate},
550 {}},
551 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
552 {APIPermission::kMusicManagerPrivate},
553 {}},
554 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE,
555 {APIPermission::kSearchEnginesPrivate},
556 {}},
557 {IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE,
558 {APIPermission::kSettingsPrivate},
559 {}},
560 {IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE,
561 {APIPermission::kAutofillPrivate},
562 {}},
563 {IDS_EXTENSION_PROMPT_WARNING_PASSWORDS_PRIVATE,
564 {APIPermission::kPasswordsPrivate},
565 {}},
566 {IDS_EXTENSION_PROMPT_WARNING_USERS_PRIVATE,
567 {APIPermission::kUsersPrivate},
568 {}},
569
570 // Platform-app permission messages.
571
572 // The permission string for "fileSystem" is only shown when
573 // "write" or "directory" is present. Read-only access is only
574 // granted after the user has been shown a file or directory
575 // chooser dialog and selected a file or directory. Selecting
576 // the file or directory is considered consent to read it.
577 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
578 {APIPermission::kFileSystemDirectory},
579 {}},
580 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
581 {APIPermission::kFileSystemWriteDirectory},
582 {}},
583
584 // Because warning messages for the "mediaGalleries" permission
585 // vary based on the permissions parameters, no message ID or
586 // message text is specified here. The message ID and text used
587 // will be determined at run-time in the
588 // |MediaGalleriesPermission| class.
589
590 {IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
591 {APIPermission::kInterceptAllKeys},
592 {}},
593
594 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE,
595 {APIPermission::kAudioCapture, APIPermission::kVideoCapture},
596 {}},
597
598 // Individual message rules taken from
599 // ExtensionsAPIPermissions::GetAllPermissions():
600 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
601 {APIPermission::kAudioCapture},
602 {}},
603 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE,
604 {APIPermission::kBluetoothPrivate},
605 {}},
606 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
607 {APIPermission::kDeclarativeWebRequest},
608 {}},
609 {IDS_EXTENSION_PROMPT_WARNING_SERIAL, {APIPermission::kSerial}, {}},
610 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_CONFIG,
611 {APIPermission::kNetworkingConfig},
612 {}},
613
614 // Because warning messages for the "socket" permission vary based
615 // on the permissions parameters, no message ID or message text is
616 // specified here. The message ID and text used will be
617 // determined at run-time in the |SocketPermission| class.
618 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES,
619 {APIPermission::kU2fDevices},
620 {}},
621 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
622 {APIPermission::kVideoCapture},
623 {}},
624 {IDS_EXTENSION_PROMPT_WARNING_VPN, {APIPermission::kVpnProvider}, {}},
625 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
626 {APIPermission::kWebConnectable},
627 {}},
628
629 // Rules from ManifestPermissions:
630 // BluetoothManifestPermission:
631 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH, {APIPermission::kBluetooth}, {}},
632 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES,
633 {APIPermission::kBluetoothDevices},
634 {}},
635
636 // SocketsManifestPermission:
637 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST,
638 {APIPermission::kSocketAnyHost},
639 {}},
640 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE,
641 {APIPermission::kNetworkState},
642 {}},
643
644 // API permission rules:
645 // SettingsOverrideAPIPermission:
646 {new SingleParameterFormatter(
647 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE),
648 {APIPermission::kHomepage},
649 {}},
650 {new SingleParameterFormatter(
651 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE),
652 {APIPermission::kSearchProvider},
653 {}},
654 {new SingleParameterFormatter(
655 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE),
656 {APIPermission::kStartupPages},
657 {}},
658
659 // Other rules:
660 // From ChromeExtensionsClient::FilterHostPermissions():
661 {IDS_EXTENSION_PROMPT_WARNING_FAVICON, {APIPermission::kFavicon}, {}},
662 };
663
664 return std::vector<ChromePermissionMessageRule>(
665 rules_arr, rules_arr + arraysize(rules_arr));
666 }
667
668 ChromePermissionMessageRule::PermissionIDSetInitializer::
669 PermissionIDSetInitializer() {
670 }
671 ChromePermissionMessageRule::PermissionIDSetInitializer::
672 PermissionIDSetInitializer(APIPermission::ID permission_one) {
673 insert(permission_one);
674 }
675 ChromePermissionMessageRule::PermissionIDSetInitializer::
676 PermissionIDSetInitializer(APIPermission::ID permission_one,
677 APIPermission::ID permission_two) {
678 insert(permission_one);
679 insert(permission_two);
680 }
681 ChromePermissionMessageRule::PermissionIDSetInitializer::
682 PermissionIDSetInitializer(APIPermission::ID permission_one,
683 APIPermission::ID permission_two,
684 APIPermission::ID permission_three) {
685 insert(permission_one);
686 insert(permission_two);
687 insert(permission_three);
688 }
689 ChromePermissionMessageRule::PermissionIDSetInitializer::
690 PermissionIDSetInitializer(APIPermission::ID permission_one,
691 APIPermission::ID permission_two,
692 APIPermission::ID permission_three,
693 APIPermission::ID permission_four) {
694 insert(permission_one);
695 insert(permission_two);
696 insert(permission_three);
697 insert(permission_four);
698 }
699 ChromePermissionMessageRule::PermissionIDSetInitializer::
700 PermissionIDSetInitializer(APIPermission::ID permission_one,
701 APIPermission::ID permission_two,
702 APIPermission::ID permission_three,
703 APIPermission::ID permission_four,
704 APIPermission::ID permission_five) {
705 insert(permission_one);
706 insert(permission_two);
707 insert(permission_three);
708 insert(permission_four);
709 insert(permission_five);
710 }
711 ChromePermissionMessageRule::PermissionIDSetInitializer::
712 PermissionIDSetInitializer(APIPermission::ID permission_one,
713 APIPermission::ID permission_two,
714 APIPermission::ID permission_three,
715 APIPermission::ID permission_four,
716 APIPermission::ID permission_five,
717 APIPermission::ID permission_six) {
718 insert(permission_one);
719 insert(permission_two);
720 insert(permission_three);
721 insert(permission_four);
722 insert(permission_five);
723 insert(permission_six);
724 }
725
726 ChromePermissionMessageRule::PermissionIDSetInitializer::
727 ~PermissionIDSetInitializer() {
728 }
729
730 } // namespace extensions