extensions/common/permissions/permission_set.h

   1 // Copyright 2013 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_
   6 #define EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_
   7
   8 #include <set>
   9 #include <string>
  10
  11 #include "base/gtest_prod_util.h"
  12 #include "base/memory/ref_counted.h"
  13 #include "extensions/common/permissions/api_permission.h"
  14 #include "extensions/common/permissions/api_permission_set.h"
  15 #include "extensions/common/permissions/manifest_permission.h"
  16 #include "extensions/common/permissions/manifest_permission_set.h"
  17 #include "extensions/common/url_pattern_set.h"
  18
  19 namespace extensions {
  20
  21 // The PermissionSet is an immutable class that encapsulates an
  22 // extension's permissions. The class exposes set operations for combining and
  23 // manipulating the permissions.
  24 // TODO(sashab): PermissionIDSet should be called PermissionSet. Once
  25 // PermissionMessageProvider::GetCoalescedPermissionMessages() is the only
  26 // method used for generating permission messages, find the other users of this
  27 // class and deprecate or rename it as appropriate.
  28 class PermissionSet
  29     : public base::RefCountedThreadSafe<PermissionSet> {
  30  public:
  31   // Creates an empty permission set (e.g. default permissions).
  32   PermissionSet();
  33
  34   // Creates a new permission set based on the specified data: the API
  35   // permissions, manifest key permissions, host permissions, and scriptable
  36   // hosts. The effective hosts of the newly created permission set will be
  37   // inferred from the given host permissions.
  38   PermissionSet(const APIPermissionSet& apis,
  39                 const ManifestPermissionSet& manifest_permissions,
  40                 const URLPatternSet& explicit_hosts,
  41                 const URLPatternSet& scriptable_hosts);
  42
  43   // Creates a new permission set equal to |set1| - |set2|, passing ownership of
  44   // the new set to the caller.
  45   static PermissionSet* CreateDifference(
  46       const PermissionSet* set1, const PermissionSet* set2);
  47
  48   // Creates a new permission set equal to the intersection of |set1| and
  49   // |set2|, passing ownership of the new set to the caller.
  50   static PermissionSet* CreateIntersection(
  51       const PermissionSet* set1, const PermissionSet* set2);
  52
  53   // Creates a new permission set equal to the union of |set1| and |set2|.
  54   // Passes ownership of the new set to the caller.
  55   static PermissionSet* CreateUnion(
  56       const PermissionSet* set1, const PermissionSet* set2);
  57
  58   bool operator==(const PermissionSet& rhs) const;
  59   bool operator!=(const PermissionSet& rhs) const;
  60
  61   // Returns true if every API or host permission available to |set| is also
  62   // available to this. In other words, if the API permissions of |set| are a
  63   // subset of this, and the host permissions in this encompass those in |set|.
  64   bool Contains(const PermissionSet& set) const;
  65
  66   // Gets the API permissions in this set as a set of strings.
  67   std::set<std::string> GetAPIsAsStrings() const;
  68
  69   // Returns true if this is an empty set (e.g., the default permission set).
  70   bool IsEmpty() const;
  71
  72   // Returns true if the set has the specified API permission.
  73   bool HasAPIPermission(APIPermission::ID permission) const;
  74
  75   // Returns true if the |extension| explicitly requests access to the given
  76   // |permission_name|. Note this does not include APIs without no corresponding
  77   // permission, like "runtime" or "browserAction".
  78   bool HasAPIPermission(const std::string& permission_name) const;
  79
  80   // Returns true if the set allows the given permission with the default
  81   // permission detal.
  82   bool CheckAPIPermission(APIPermission::ID permission) const;
  83
  84   // Returns true if the set allows the given permission and permission param.
  85   bool CheckAPIPermissionWithParam(APIPermission::ID permission,
  86       const APIPermission::CheckParam* param) const;
  87
  88   // Returns true if this includes permission to access |origin|.
  89   bool HasExplicitAccessToOrigin(const GURL& origin) const;
  90
  91   // Returns true if this permission set includes access to script |url|.
  92   bool HasScriptableAccessToURL(const GURL& url) const;
  93
  94   // Returns true if this permission set includes effective access to all
  95   // origins.
  96   bool HasEffectiveAccessToAllHosts() const;
  97
  98   // Returns true if this permission set has access to so many hosts, that we
  99   // should treat it as all hosts for warning purposes.
 100   // For example, '*://*.com/*'.
 101   bool ShouldWarnAllHosts() const;
 102
 103   // Returns true if this permission set includes effective access to |url|.
 104   bool HasEffectiveAccessToURL(const GURL& url) const;
 105
 106   // Returns true if this permission set effectively represents full access
 107   // (e.g. native code).
 108   bool HasEffectiveFullAccess() const;
 109
 110   const APIPermissionSet& apis() const { return apis_; }
 111
 112   const ManifestPermissionSet& manifest_permissions() const {
 113       return manifest_permissions_;
 114   }
 115
 116   const URLPatternSet& effective_hosts() const { return effective_hosts_; }
 117
 118   const URLPatternSet& explicit_hosts() const { return explicit_hosts_; }
 119
 120   const URLPatternSet& scriptable_hosts() const { return scriptable_hosts_; }
 121
 122  private:
 123   FRIEND_TEST_ALL_PREFIXES(PermissionsTest, GetWarningMessages_AudioVideo);
 124   FRIEND_TEST_ALL_PREFIXES(PermissionsTest, AccessToDevicesMessages);
 125   friend class base::RefCountedThreadSafe<PermissionSet>;
 126
 127   ~PermissionSet();
 128
 129   // Adds permissions implied independently of other context.
 130   void InitImplicitPermissions();
 131
 132   // Initializes the effective host permission based on the data in this set.
 133   void InitEffectiveHosts();
 134
 135   // Initializes |has_access_to_most_hosts_|.
 136   void InitShouldWarnAllHosts() const;
 137
 138   // The api list is used when deciding if an extension can access certain
 139   // extension APIs and features.
 140   APIPermissionSet apis_;
 141
 142   // The manifest key permission list is used when deciding if an extension
 143   // can access certain extension APIs and features.
 144   ManifestPermissionSet manifest_permissions_;
 145
 146   // The list of hosts that can be accessed directly from the extension.
 147   // TODO(jstritar): Rename to "hosts_"?
 148   URLPatternSet explicit_hosts_;
 149
 150   // The list of hosts that can be scripted by content scripts.
 151   // TODO(jstritar): Rename to "user_script_hosts_"?
 152   URLPatternSet scriptable_hosts_;
 153
 154   // The list of hosts this effectively grants access to.
 155   URLPatternSet effective_hosts_;
 156
 157   enum ShouldWarnAllHostsType {
 158     UNINITIALIZED = 0,
 159     WARN_ALL_HOSTS,
 160     DONT_WARN_ALL_HOSTS
 161   };
 162   // Whether or not this permission set includes access to so many origins, we
 163   // should treat it as all_hosts for warning purposes.
 164   // Lazily initialized (and therefore mutable).
 165   mutable ShouldWarnAllHostsType should_warn_all_hosts_;
 166 };
 167
 168 }  // namespace extensions
 169
 170 #endif  // EXTENSIONS_COMMON_PERMISSIONS_PERMISSION_SET_H_