extensions/browser/api/device_permissions_manager.h

   1 // Copyright 2014 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #ifndef EXTENSIONS_DEVICE_PERMISSION_MANAGER_H_
   6 #define EXTENSIONS_DEVICE_PERMISSION_MANAGER_H_
   7
   8 #include <map>
   9 #include <set>
  10 #include <vector>
  11
  12 #include "base/gtest_prod_util.h"
  13 #include "base/macros.h"
  14 #include "base/memory/ref_counted.h"
  15 #include "base/memory/scoped_ptr.h"
  16 #include "base/scoped_observer.h"
  17 #include "base/strings/string16.h"
  18 #include "base/threading/thread_checker.h"
  19 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
  20 #include "components/keyed_service/core/keyed_service.h"
  21 #include "device/hid/hid_service.h"
  22 #include "device/usb/usb_service.h"
  23 #include "extensions/browser/process_manager_observer.h"
  24
  25 template <typename T>
  26 struct DefaultSingletonTraits;
  27
  28 namespace base {
  29 class Value;
  30 }
  31
  32 namespace content {
  33 class BrowserContext;
  34 }
  35
  36 namespace extensions {
  37
  38 class ProcessManager;
  39
  40 // Stores information about a device saved with access granted.
  41 class DevicePermissionEntry : public base::RefCounted<DevicePermissionEntry> {
  42  public:
  43   enum class Type {
  44     USB,
  45     HID,
  46   };
  47
  48   DevicePermissionEntry(scoped_refptr<device::UsbDevice> device);
  49   DevicePermissionEntry(scoped_refptr<device::HidDeviceInfo> device);
  50   DevicePermissionEntry(Type type,
  51                         uint16_t vendor_id,
  52                         uint16_t product_id,
  53                         const base::string16& serial_number,
  54                         const base::string16& manufacturer_string,
  55                         const base::string16& product_string,
  56                         const base::Time& last_used);
  57
  58   // A persistent device is one that can be recognized when it is reconnected
  59   // and can therefore be remembered persistently by writing information about
  60   // it to ExtensionPrefs. Currently this means it has a serial number string.
  61   bool IsPersistent() const;
  62
  63   // Convert the device to a serializable value, returns a null pointer if the
  64   // entry is not persistent.
  65   scoped_ptr<base::Value> ToValue() const;
  66
  67   base::string16 GetPermissionMessageString() const;
  68
  69   Type type() const { return type_; }
  70   uint16_t vendor_id() const { return vendor_id_; }
  71   uint16_t product_id() const { return product_id_; }
  72   const base::string16& serial_number() const { return serial_number_; }
  73   const base::Time& last_used() const { return last_used_; }
  74
  75   base::string16 GetManufacturer() const;
  76   base::string16 GetProduct() const;
  77
  78  private:
  79   friend class base::RefCounted<DevicePermissionEntry>;
  80   friend class DevicePermissionsManager;
  81
  82   ~DevicePermissionEntry();
  83
  84   void set_last_used(const base::Time& last_used) { last_used_ = last_used; }
  85
  86   // The USB device tracked by this entry. Will be nullptr if this entry was
  87   // restored from ExtensionPrefs or type_ is not Type::USB.
  88   scoped_refptr<device::UsbDevice> usb_device_;
  89   // The HID device tracked by this entry. Will be nullptr if this entry was
  90   // restored from ExtensionPrefs or type_ is not Type::HID.
  91   scoped_refptr<device::HidDeviceInfo> hid_device_;
  92
  93   // The type of device this entry represents.
  94   Type type_;
  95   // The vendor ID of this device.
  96   uint16_t vendor_id_;
  97   // The product ID of this device.
  98   uint16_t product_id_;
  99   // The serial number (possibly alphanumeric) of this device.
 100   base::string16 serial_number_;
 101   // The manufacturer string read from the device (optional).
 102   base::string16 manufacturer_string_;
 103   // The product string read from the device (optional).
 104   base::string16 product_string_;
 105   // The last time this device was used by the extension.
 106   base::Time last_used_;
 107 };
 108
 109 // Stores device permissions associated with a particular extension.
 110 class DevicePermissions {
 111  public:
 112   virtual ~DevicePermissions();
 113
 114   // Attempts to find a permission entry matching the given device.
 115   scoped_refptr<DevicePermissionEntry> FindUsbDeviceEntry(
 116       scoped_refptr<device::UsbDevice> device) const;
 117   scoped_refptr<DevicePermissionEntry> FindHidDeviceEntry(
 118       scoped_refptr<device::HidDeviceInfo> device) const;
 119
 120   const std::set<scoped_refptr<DevicePermissionEntry>>& entries() const {
 121     return entries_;
 122   }
 123
 124  private:
 125   friend class DevicePermissionsManager;
 126
 127   // Reads permissions out of ExtensionPrefs.
 128   DevicePermissions(content::BrowserContext* context,
 129                     const std::string& extension_id);
 130
 131   std::set<scoped_refptr<DevicePermissionEntry>> entries_;
 132   std::map<device::UsbDevice*, scoped_refptr<DevicePermissionEntry>>
 133       ephemeral_usb_devices_;
 134   std::map<device::HidDeviceInfo*, scoped_refptr<DevicePermissionEntry>>
 135       ephemeral_hid_devices_;
 136
 137   DISALLOW_COPY_AND_ASSIGN(DevicePermissions);
 138 };
 139
 140 // Manages saved device permissions for all extensions.
 141 class DevicePermissionsManager : public KeyedService,
 142                                  public ProcessManagerObserver,
 143                                  public device::UsbService::Observer,
 144                                  public device::HidService::Observer {
 145  public:
 146   static DevicePermissionsManager* Get(content::BrowserContext* context);
 147
 148   static base::string16 GetPermissionMessage(
 149       uint16 vendor_id,
 150       uint16 product_id,
 151       const base::string16& manufacturer_string,
 152       const base::string16& product_string,
 153       const base::string16& serial_number,
 154       bool always_include_manufacturer);
 155
 156   // The DevicePermissions object for a given extension.
 157   DevicePermissions* GetForExtension(const std::string& extension_id);
 158
 159   // Equivalent to calling GetForExtension and extracting the permission string
 160   // for each entry.
 161   std::vector<base::string16> GetPermissionMessageStrings(
 162       const std::string& extension_id) const;
 163
 164   void AllowUsbDevice(const std::string& extension_id,
 165                       scoped_refptr<device::UsbDevice> device);
 166   void AllowHidDevice(const std::string& extension_id,
 167                       scoped_refptr<device::HidDeviceInfo> device);
 168
 169   // Updates the "last used" timestamp on the given device entry and writes it
 170   // out to ExtensionPrefs.
 171   void UpdateLastUsed(const std::string& extension_id,
 172                       scoped_refptr<DevicePermissionEntry> entry);
 173
 174   // Revokes permission for the extension to access the given device.
 175   void RemoveEntry(const std::string& extension_id,
 176                    scoped_refptr<DevicePermissionEntry> entry);
 177
 178   // Revokes permission for the extension to access all allowed devices.
 179   void Clear(const std::string& extension_id);
 180
 181  private:
 182
 183   friend class DevicePermissionsManagerFactory;
 184   FRIEND_TEST_ALL_PREFIXES(DevicePermissionsManagerTest, SuspendExtension);
 185
 186   DevicePermissionsManager(content::BrowserContext* context);
 187   ~DevicePermissionsManager() override;
 188
 189   DevicePermissions* GetInternal(const std::string& extension_id) const;
 190
 191   // ProcessManagerObserver implementation
 192   void OnBackgroundHostClose(const std::string& extension_id) override;
 193
 194   // UsbService::Observer implementation
 195   void OnDeviceRemovedCleanup(scoped_refptr<device::UsbDevice> device) override;
 196
 197   // HidService::Observer implementation
 198   void OnDeviceRemovedCleanup(
 199       scoped_refptr<device::HidDeviceInfo> device) override;
 200
 201   base::ThreadChecker thread_checker_;
 202   content::BrowserContext* context_;
 203   std::map<std::string, DevicePermissions*> extension_id_to_device_permissions_;
 204   ScopedObserver<ProcessManager, ProcessManagerObserver>
 205       process_manager_observer_;
 206   ScopedObserver<device::UsbService, device::UsbService::Observer>
 207       usb_service_observer_;
 208   ScopedObserver<device::HidService, device::HidService::Observer>
 209       hid_service_observer_;
 210
 211   DISALLOW_COPY_AND_ASSIGN(DevicePermissionsManager);
 212 };
 213
 214 class DevicePermissionsManagerFactory
 215     : public BrowserContextKeyedServiceFactory {
 216  public:
 217   static DevicePermissionsManager* GetForBrowserContext(
 218       content::BrowserContext* context);
 219   static DevicePermissionsManagerFactory* GetInstance();
 220
 221  private:
 222   friend struct DefaultSingletonTraits<DevicePermissionsManagerFactory>;
 223
 224   DevicePermissionsManagerFactory();
 225   ~DevicePermissionsManagerFactory() override;
 226
 227   // BrowserContextKeyedServiceFactory implementation
 228   KeyedService* BuildServiceInstanceFor(
 229       content::BrowserContext* context) const override;
 230   content::BrowserContext* GetBrowserContextToUse(
 231       content::BrowserContext* context) const override;
 232
 233   DISALLOW_COPY_AND_ASSIGN(DevicePermissionsManagerFactory);
 234 };
 235
 236 }  // namespace extensions
 237
 238 #endif  // EXTENSIONS_DEVICE_PERMISSION_MANAGER_H_