1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/pickle.h"
6 #include "base/values.h"
7 #include "extensions/common/extension_messages.h"
8 #include "extensions/common/permissions/api_permission_set.h"
9 #include "extensions/common/permissions/permissions_info.h"
10 #include "ipc/ipc_message.h"
11 #include "testing/gtest/include/gtest/gtest.h"
13 namespace extensions
{
15 TEST(APIPermissionSetTest
, General
) {
16 APIPermissionSet apis
;
17 apis
.insert(APIPermission::kAudioCapture
);
18 apis
.insert(APIPermission::kDns
);
19 apis
.insert(APIPermission::kHid
);
20 apis
.insert(APIPermission::kPower
);
21 apis
.insert(APIPermission::kSerial
);
23 EXPECT_EQ(apis
.find(APIPermission::kPower
)->id(), APIPermission::kPower
);
24 EXPECT_TRUE(apis
.find(APIPermission::kSocket
) == apis
.end());
26 EXPECT_EQ(apis
.size(), 5u);
28 EXPECT_EQ(apis
.erase(APIPermission::kAudioCapture
), 1u);
29 EXPECT_EQ(apis
.size(), 4u);
31 EXPECT_EQ(apis
.erase(APIPermission::kAudioCapture
), 0u);
32 EXPECT_EQ(apis
.size(), 4u);
35 TEST(APIPermissionSetTest
, CreateUnion
) {
36 APIPermission
* permission
= NULL
;
38 APIPermissionSet apis1
;
39 APIPermissionSet apis2
;
40 APIPermissionSet expected_apis
;
41 APIPermissionSet result
;
43 const APIPermissionInfo
* permission_info
=
44 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket
);
45 permission
= permission_info
->CreateAPIPermission();
47 scoped_ptr
<base::ListValue
> value(new base::ListValue());
48 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
49 value
->Append(new base::StringValue("udp-bind::8080"));
50 value
->Append(new base::StringValue("udp-send-to::8888"));
51 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
54 // Union with an empty set.
55 apis1
.insert(APIPermission::kAudioCapture
);
56 apis1
.insert(APIPermission::kDns
);
57 apis1
.insert(permission
->Clone());
58 expected_apis
.insert(APIPermission::kAudioCapture
);
59 expected_apis
.insert(APIPermission::kDns
);
60 expected_apis
.insert(permission
);
62 ASSERT_TRUE(apis2
.empty());
63 APIPermissionSet::Union(apis1
, apis2
, &result
);
65 EXPECT_TRUE(apis1
.Contains(apis2
));
66 EXPECT_TRUE(apis1
.Contains(result
));
67 EXPECT_FALSE(apis2
.Contains(apis1
));
68 EXPECT_FALSE(apis2
.Contains(result
));
69 EXPECT_TRUE(result
.Contains(apis1
));
70 EXPECT_TRUE(result
.Contains(apis2
));
72 EXPECT_EQ(expected_apis
, result
);
74 // Now use a real second set.
75 apis2
.insert(APIPermission::kAudioCapture
);
76 apis2
.insert(APIPermission::kHid
);
77 apis2
.insert(APIPermission::kPower
);
78 apis2
.insert(APIPermission::kSerial
);
80 permission
= permission_info
->CreateAPIPermission();
82 scoped_ptr
<base::ListValue
> value(new base::ListValue());
83 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
84 value
->Append(new base::StringValue("udp-send-to::8899"));
85 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
87 apis2
.insert(permission
);
89 expected_apis
.insert(APIPermission::kAudioCapture
);
90 expected_apis
.insert(APIPermission::kHid
);
91 expected_apis
.insert(APIPermission::kPower
);
92 expected_apis
.insert(APIPermission::kSerial
);
94 permission
= permission_info
->CreateAPIPermission();
96 scoped_ptr
<base::ListValue
> value(new base::ListValue());
97 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
98 value
->Append(new base::StringValue("udp-bind::8080"));
99 value
->Append(new base::StringValue("udp-send-to::8888"));
100 value
->Append(new base::StringValue("udp-send-to::8899"));
101 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
103 // Insert a new socket permission which will replace the old one.
104 expected_apis
.insert(permission
);
106 APIPermissionSet::Union(apis1
, apis2
, &result
);
108 EXPECT_FALSE(apis1
.Contains(apis2
));
109 EXPECT_FALSE(apis1
.Contains(result
));
110 EXPECT_FALSE(apis2
.Contains(apis1
));
111 EXPECT_FALSE(apis2
.Contains(result
));
112 EXPECT_TRUE(result
.Contains(apis1
));
113 EXPECT_TRUE(result
.Contains(apis2
));
115 EXPECT_EQ(expected_apis
, result
);
118 TEST(APIPermissionSetTest
, CreateIntersection
) {
119 APIPermission
* permission
= NULL
;
121 APIPermissionSet apis1
;
122 APIPermissionSet apis2
;
123 APIPermissionSet expected_apis
;
124 APIPermissionSet result
;
126 const APIPermissionInfo
* permission_info
=
127 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket
);
129 // Intersection with an empty set.
130 apis1
.insert(APIPermission::kAudioCapture
);
131 apis1
.insert(APIPermission::kDns
);
132 permission
= permission_info
->CreateAPIPermission();
134 scoped_ptr
<base::ListValue
> value(new base::ListValue());
135 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
136 value
->Append(new base::StringValue("udp-bind::8080"));
137 value
->Append(new base::StringValue("udp-send-to::8888"));
138 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
140 apis1
.insert(permission
);
142 ASSERT_TRUE(apis2
.empty());
143 APIPermissionSet::Intersection(apis1
, apis2
, &result
);
145 EXPECT_TRUE(apis1
.Contains(result
));
146 EXPECT_TRUE(apis2
.Contains(result
));
147 EXPECT_TRUE(apis1
.Contains(apis2
));
148 EXPECT_FALSE(apis2
.Contains(apis1
));
149 EXPECT_FALSE(result
.Contains(apis1
));
150 EXPECT_TRUE(result
.Contains(apis2
));
152 EXPECT_TRUE(result
.empty());
153 EXPECT_EQ(expected_apis
, result
);
155 // Now use a real second set.
156 apis2
.insert(APIPermission::kAudioCapture
);
157 apis2
.insert(APIPermission::kHid
);
158 apis2
.insert(APIPermission::kPower
);
159 apis2
.insert(APIPermission::kSerial
);
160 permission
= permission_info
->CreateAPIPermission();
162 scoped_ptr
<base::ListValue
> value(new base::ListValue());
163 value
->Append(new base::StringValue("udp-bind::8080"));
164 value
->Append(new base::StringValue("udp-send-to::8888"));
165 value
->Append(new base::StringValue("udp-send-to::8899"));
166 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
168 apis2
.insert(permission
);
170 expected_apis
.insert(APIPermission::kAudioCapture
);
171 permission
= permission_info
->CreateAPIPermission();
173 scoped_ptr
<base::ListValue
> value(new base::ListValue());
174 value
->Append(new base::StringValue("udp-bind::8080"));
175 value
->Append(new base::StringValue("udp-send-to::8888"));
176 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
178 expected_apis
.insert(permission
);
180 APIPermissionSet::Intersection(apis1
, apis2
, &result
);
182 EXPECT_TRUE(apis1
.Contains(result
));
183 EXPECT_TRUE(apis2
.Contains(result
));
184 EXPECT_FALSE(apis1
.Contains(apis2
));
185 EXPECT_FALSE(apis2
.Contains(apis1
));
186 EXPECT_FALSE(result
.Contains(apis1
));
187 EXPECT_FALSE(result
.Contains(apis2
));
189 EXPECT_EQ(expected_apis
, result
);
192 TEST(APIPermissionSetTest
, CreateDifference
) {
193 APIPermission
* permission
= NULL
;
195 APIPermissionSet apis1
;
196 APIPermissionSet apis2
;
197 APIPermissionSet expected_apis
;
198 APIPermissionSet result
;
200 const APIPermissionInfo
* permission_info
=
201 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket
);
203 // Difference with an empty set.
204 apis1
.insert(APIPermission::kAudioCapture
);
205 apis1
.insert(APIPermission::kDns
);
206 permission
= permission_info
->CreateAPIPermission();
208 scoped_ptr
<base::ListValue
> value(new base::ListValue());
209 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
210 value
->Append(new base::StringValue("udp-bind::8080"));
211 value
->Append(new base::StringValue("udp-send-to::8888"));
212 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
214 apis1
.insert(permission
);
216 ASSERT_TRUE(apis2
.empty());
217 APIPermissionSet::Difference(apis1
, apis2
, &result
);
219 EXPECT_EQ(apis1
, result
);
221 // Now use a real second set.
222 apis2
.insert(APIPermission::kAudioCapture
);
223 apis2
.insert(APIPermission::kHid
);
224 apis2
.insert(APIPermission::kPower
);
225 apis2
.insert(APIPermission::kSerial
);
226 permission
= permission_info
->CreateAPIPermission();
228 scoped_ptr
<base::ListValue
> value(new base::ListValue());
229 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
230 value
->Append(new base::StringValue("udp-send-to::8899"));
231 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
233 apis2
.insert(permission
);
235 expected_apis
.insert(APIPermission::kDns
);
236 permission
= permission_info
->CreateAPIPermission();
238 scoped_ptr
<base::ListValue
> value(new base::ListValue());
239 value
->Append(new base::StringValue("udp-bind::8080"));
240 value
->Append(new base::StringValue("udp-send-to::8888"));
241 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
243 expected_apis
.insert(permission
);
245 APIPermissionSet::Difference(apis1
, apis2
, &result
);
247 EXPECT_TRUE(apis1
.Contains(result
));
248 EXPECT_FALSE(apis2
.Contains(result
));
250 EXPECT_EQ(expected_apis
, result
);
252 // |result| = |apis1| - |apis2| --> |result| intersect |apis2| == empty_set
253 APIPermissionSet result2
;
254 APIPermissionSet::Intersection(result
, apis2
, &result2
);
255 EXPECT_TRUE(result2
.empty());
258 TEST(APIPermissionSetTest
, IPC
) {
259 APIPermission
* permission
= NULL
;
261 APIPermissionSet apis
;
262 APIPermissionSet expected_apis
;
264 const APIPermissionInfo
* permission_info
=
265 PermissionsInfo::GetInstance()->GetByID(APIPermission::kSocket
);
267 apis
.insert(APIPermission::kAudioCapture
);
268 apis
.insert(APIPermission::kDns
);
269 permission
= permission_info
->CreateAPIPermission();
271 scoped_ptr
<base::ListValue
> value(new base::ListValue());
272 value
->Append(new base::StringValue("tcp-connect:*.example.com:80"));
273 value
->Append(new base::StringValue("udp-bind::8080"));
274 value
->Append(new base::StringValue("udp-send-to::8888"));
275 ASSERT_TRUE(permission
->FromValue(value
.get(), NULL
, NULL
));
277 apis
.insert(permission
);
279 EXPECT_NE(apis
, expected_apis
);
282 WriteParam(&m
, apis
);
283 base::PickleIterator
iter(m
);
284 CHECK(ReadParam(&m
, &iter
, &expected_apis
));
285 EXPECT_EQ(apis
, expected_apis
);
288 } // namespace extensions