search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Extensions: Remove the intermediate PermissionMessageStrings interface
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_permission_message_rules.cc
blob41215d6bf2a37558267b70bede0eae200dd37c4c
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
6
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "base/strings/utf_string_conversions.h"
10 #include "chrome/grit/generated_resources.h"
11 #include "extensions/common/permissions/api_permission_set.h"
12 #include "extensions/common/permissions/coalesced_permission_message.h"
13 #include "grit/extensions_strings.h"
14 #include "ui/base/l10n/l10n_util.h"
15
16 namespace extensions {
17
18 namespace {
19
20 // The default formatter for a permission message. Simply displays the message
21 // with the given ID.
22 class DefaultPermissionMessageFormatter
23 : public ChromePermissionMessageFormatter {
24 public:
25 explicit DefaultPermissionMessageFormatter(int message_id)
26 : message_id_(message_id) {}
27 ~DefaultPermissionMessageFormatter() override {}
28
29 CoalescedPermissionMessage GetPermissionMessage(
30 const PermissionIDSet& permissions) const override {
31 return CoalescedPermissionMessage(l10n_util::GetStringUTF16(message_id_),
32 permissions);
33 }
34
35 private:
36 int message_id_;
37
38 DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter);
39 };
40
41 // A formatter that substitutes the parameter into the message using string
42 // formatting.
43 // NOTE: Only one permission with the given ID is substituted using this rule.
44 class SingleParameterFormatter : public ChromePermissionMessageFormatter {
45 public:
46 explicit SingleParameterFormatter(int message_id) : message_id_(message_id) {}
47 ~SingleParameterFormatter() override {}
48
49 CoalescedPermissionMessage GetPermissionMessage(
50 const PermissionIDSet& permissions) const override {
51 DCHECK(permissions.size() > 0);
52 std::vector<base::string16> parameters =
53 permissions.GetAllPermissionParameters();
54 DCHECK_EQ(1U, parameters.size())
55 << "Only one message with each ID can be parameterized.";
56 return CoalescedPermissionMessage(
57 l10n_util::GetStringFUTF16(message_id_, parameters[0]), permissions);
58 }
59
60 private:
61 int message_id_;
62
63 DISALLOW_COPY_AND_ASSIGN(SingleParameterFormatter);
64 };
65
66 // Adds each parameter to a growing list, with the given |root_message_id| as
67 // the message at the top of the list.
68 class SimpleListFormatter : public ChromePermissionMessageFormatter {
69 public:
70 explicit SimpleListFormatter(int root_message_id)
71 : root_message_id_(root_message_id) {}
72 ~SimpleListFormatter() override {}
73
74 CoalescedPermissionMessage GetPermissionMessage(
75 const PermissionIDSet& permissions) const override {
76 DCHECK(permissions.size() > 0);
77 return CoalescedPermissionMessage(
78 l10n_util::GetStringUTF16(root_message_id_), permissions,
79 permissions.GetAllPermissionParameters());
80 }
81
82 private:
83 int root_message_id_;
84
85 DISALLOW_COPY_AND_ASSIGN(SimpleListFormatter);
86 };
87
88 // Creates a space-separated list of permissions with the given PermissionID.
89 // The list is inserted into the messages with the given IDs: one for the case
90 // where there is a single permission, and the other for the case where there
91 // are multiple.
92 // TODO(sashab): Extend this to pluralize correctly in all languages.
93 class SpaceSeparatedListFormatter : public ChromePermissionMessageFormatter {
94 public:
95 SpaceSeparatedListFormatter(int message_id_for_one_host,
96 int message_id_for_multiple_hosts)
97 : message_id_for_one_host_(message_id_for_one_host),
98 message_id_for_multiple_hosts_(message_id_for_multiple_hosts) {}
99 ~SpaceSeparatedListFormatter() override {}
100
101 CoalescedPermissionMessage GetPermissionMessage(
102 const PermissionIDSet& permissions) const override {
103 DCHECK(permissions.size() > 0);
104 std::vector<base::string16> hostnames =
105 permissions.GetAllPermissionParameters();
106 base::string16 hosts_string =
107 base::JoinString(hostnames, base::ASCIIToUTF16(" "));
108 return CoalescedPermissionMessage(
109 l10n_util::GetStringFUTF16(hostnames.size() == 1
110 ? message_id_for_one_host_
111 : message_id_for_multiple_hosts_,
112 hosts_string),
113 permissions);
114 }
115
116 private:
117 int message_id_for_one_host_;
118 int message_id_for_multiple_hosts_;
119
120 DISALLOW_COPY_AND_ASSIGN(SpaceSeparatedListFormatter);
121 };
122
123 // Creates a comma-separated list of permissions with the given PermissionID.
124 // The list is inserted into the messages with the given IDs: one for each case
125 // of 1-3 permissions, and the other for the case where there are 4 or more
126 // permissions. In the case of 4 or more permissions, rather than insert the
127 // list into the message, the permissions are displayed as submessages in the
128 // resultant CoalescedPermissionMessage.
129 class CommaSeparatedListFormatter : public ChromePermissionMessageFormatter {
130 public:
131 CommaSeparatedListFormatter(int message_id_for_one_host,
132 int message_id_for_two_hosts,
133 int message_id_for_three_hosts,
134 int message_id_for_many_hosts)
135 : message_id_for_one_host_(message_id_for_one_host),
136 message_id_for_two_hosts_(message_id_for_two_hosts),
137 message_id_for_three_hosts_(message_id_for_three_hosts),
138 message_id_for_many_hosts_(message_id_for_many_hosts) {}
139 ~CommaSeparatedListFormatter() override {}
140
141 CoalescedPermissionMessage GetPermissionMessage(
142 const PermissionIDSet& permissions) const override {
143 DCHECK(permissions.size() > 0);
144 std::vector<base::string16> hostnames =
145 permissions.GetAllPermissionParameters();
146 CoalescedPermissionMessages messages;
147 if (hostnames.size() <= 3) {
148 return CoalescedPermissionMessage(
149 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames.size()),
150 hostnames, NULL),
151 permissions);
152 }
153
154 return CoalescedPermissionMessage(
155 l10n_util::GetStringUTF16(message_id_for_many_hosts_), permissions,
156 hostnames);
157 }
158
159 private:
160 int message_id_for_hosts(int number_of_hosts) const {
161 switch (number_of_hosts) {
162 case 1:
163 return message_id_for_one_host_;
164 case 2:
165 return message_id_for_two_hosts_;
166 case 3:
167 return message_id_for_three_hosts_;
168 default:
169 return message_id_for_many_hosts_;
170 }
171 }
172
173 int message_id_for_one_host_;
174 int message_id_for_two_hosts_;
175 int message_id_for_three_hosts_;
176 int message_id_for_many_hosts_;
177
178 DISALLOW_COPY_AND_ASSIGN(CommaSeparatedListFormatter);
179 };
180
181 } // namespace
182
183 ChromePermissionMessageRule::ChromePermissionMessageRule(
184 int message_id,
185 PermissionIDSetInitializer required,
186 PermissionIDSetInitializer optional)
187 : required_permissions_(required),
188 optional_permissions_(optional),
189 formatter_(new DefaultPermissionMessageFormatter(message_id)) {
190 }
191
192 ChromePermissionMessageRule::ChromePermissionMessageRule(
193 ChromePermissionMessageFormatter* formatter,
194 PermissionIDSetInitializer required,
195 PermissionIDSetInitializer optional)
196 : required_permissions_(required),
197 optional_permissions_(optional),
198 formatter_(formatter) {
199 }
200
201 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
202 }
203
204 std::set<APIPermission::ID> ChromePermissionMessageRule::required_permissions()
205 const {
206 return required_permissions_;
207 }
208 std::set<APIPermission::ID> ChromePermissionMessageRule::optional_permissions()
209 const {
210 return optional_permissions_;
211 }
212
213 std::set<APIPermission::ID> ChromePermissionMessageRule::all_permissions()
214 const {
215 return base::STLSetUnion<std::set<APIPermission::ID>>(required_permissions(),
216 optional_permissions());
217 }
218
219 CoalescedPermissionMessage ChromePermissionMessageRule::GetPermissionMessage(
220 const PermissionIDSet& permissions) const {
221 return formatter_->GetPermissionMessage(permissions);
222 }
223
224 // static
225 std::vector<ChromePermissionMessageRule>
226 ChromePermissionMessageRule::GetAllRules() {
227 // The rules for generating messages from permissions. Any new rules should be
228 // added directly to this list, not elsewhere in the code, so that all the
229 // logic of generating and coalescing permission messages happens here.
230 //
231 // Each rule has 3 components:
232 // 1. The message itself
233 // 2. The permissions that need to be present for the message to appear
234 // 3. Permissions that, if present, also contribute to the message, but do not
235 // form the message on their own
236 //
237 // Rules are applied in precedence order: rules that come first consume
238 // permissions (both required and optional) so they can not be used in later
239 // rules.
240 // NOTE: The order of this list matters - be careful when adding new rules!
241 // If unsure, add them near related rules and add tests to
242 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
243 // messages are being generated/coalesced correctly.
244 //
245 // Rules are not transitive: This means that if the kTab permission 'absorbs'
246 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
247 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
248 // to the kHistory absorb list. Ideally, the rules system should be simple
249 // enough that rules like this should not occur; the visibility of the rules
250 // system should allow us to design a system that is simple enough to explain
251 // yet powerful enough to encapsulate all the messages we want to display.
252 //
253 // TODO(sashab): Once existing message sites are deprecated, reorder this list
254 // to better describe the rules generated, rather than the callsites they are
255 // migrated from.
256 ChromePermissionMessageRule rules_arr[] = {
257 // Full url access permission messages.
258 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
259 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
260 {APIPermission::kPlugin},
261 {APIPermission::kFullAccess,
262 APIPermission::kHostsAll,
263 APIPermission::kHostsAllReadOnly,
264 APIPermission::kDeclarativeWebRequest,
265 APIPermission::kTopSites,
266 APIPermission::kTab}},
267 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
268 {APIPermission::kFullAccess},
269 {APIPermission::kHostsAll,
270 APIPermission::kHostsAllReadOnly,
271 APIPermission::kDeclarativeWebRequest,
272 APIPermission::kTopSites,
273 APIPermission::kTab}},
274
275 // Parameterized permission messages:
276 // Messages generated by the sockets permission.
277 {new SpaceSeparatedListFormatter(
278 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
279 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
280 {APIPermission::kSocketDomainHosts},
281 {}},
282 {new SpaceSeparatedListFormatter(
283 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST,
284 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS),
285 {APIPermission::kSocketSpecificHosts},
286 {}},
287
288 // Messages generated by host permissions.
289 {new CommaSeparatedListFormatter(
290 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY,
291 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY,
292 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY,
293 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY),
294 {APIPermission::kHostReadOnly},
295 {}},
296 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
297 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
298 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
299 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
300 {APIPermission::kHostReadWrite},
301 {}},
302
303 // USB Device Permission rules:
304 // TODO(sashab, reillyg): Rework the permission message logic for USB
305 // devices to generate more meaningful messages and better fit the current
306 // rules system. Maybe model it similarly to host or socket permissions
307 // above.
308 {new SingleParameterFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE),
309 {APIPermission::kUsbDevice},
310 {}},
311 {new SingleParameterFormatter(
312 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT),
313 {APIPermission::kUsbDeviceUnknownProduct},
314 {}},
315 {IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR,
316 {APIPermission::kUsbDeviceUnknownVendor},
317 {}},
318 {new SimpleListFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
319 {APIPermission::kUsbDeviceList},
320 {}},
321
322 // Coalesced message rules taken from
323 // ChromePermissionMessageProvider::GetWarningMessages():
324
325 // Access to users' devices should provide a single warning message
326 // specifying the transport method used; serial and/or Bluetooth.
327 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
328 {APIPermission::kBluetooth, APIPermission::kSerial},
329 {APIPermission::kBluetoothDevices}},
330
331 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY,
332 {APIPermission::kAccessibilityFeaturesModify,
333 APIPermission::kAccessibilityFeaturesRead},
334 {}},
335
336 // TODO(sashab): Add the missing combinations of media galleries
337 // permissions so a valid permission is generated for all combinations.
338 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE,
339 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
340 APIPermission::kMediaGalleriesAllGalleriesDelete,
341 APIPermission::kMediaGalleriesAllGalleriesRead},
342 {}},
343 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE,
344 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
345 APIPermission::kMediaGalleriesAllGalleriesRead},
346 {}},
347 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
348 {APIPermission::kMediaGalleriesAllGalleriesDelete,
349 APIPermission::kMediaGalleriesAllGalleriesRead},
350 {}},
351 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
352 {APIPermission::kMediaGalleriesAllGalleriesRead},
353 {}},
354
355 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
356 {APIPermission::kSessions, APIPermission::kHistory},
357 {APIPermission::kFavicon,
358 APIPermission::kProcesses,
359 APIPermission::kTab,
360 APIPermission::kTopSites,
361 APIPermission::kWebNavigation}},
362 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
363 {APIPermission::kSessions, APIPermission::kTab},
364 {APIPermission::kFavicon,
365 APIPermission::kProcesses,
366 APIPermission::kTopSites,
367 APIPermission::kWebNavigation}},
368
369 // Suppression list taken from
370 // ChromePermissionMessageProvider::GetPermissionMessages():
371 // Some warnings are more generic and/or powerful and supercede other
372 // warnings. In that case, the first message suppresses the second one.
373 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
374 {APIPermission::kBluetooth},
375 {APIPermission::kBluetoothDevices}},
376 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
377 {APIPermission::kBookmark},
378 {APIPermission::kOverrideBookmarksUI}},
379 // History already allows reading favicons, tab access and accessing the
380 // list of most frequently visited sites.
381 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
382 {APIPermission::kHistory},
383 {APIPermission::kFavicon,
384 APIPermission::kProcesses,
385 APIPermission::kTab,
386 APIPermission::kTopSites,
387 APIPermission::kWebNavigation}},
388 // A special hack: If kFileSystemWriteDirectory would be displayed, hide
389 // kFileSystemDirectory as the write directory message implies it.
390 // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
391 // since this rules system can represent the rule. See crbug.com/284849.
392 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
393 {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
394 {APIPermission::kFileSystemWriteDirectory}},
395 // Full access already allows DeclarativeWebRequest, reading the list of
396 // most frequently visited sites, and tab access.
397 // The warning message for declarativeWebRequest
398 // permissions speaks about blocking parts of pages, which is a
399 // subset of what the "<all_urls>" access allows. Therefore we
400 // display only the "<all_urls>" warning message if both permissions
401 // are required.
402 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
403 {APIPermission::kHostsAll},
404 {APIPermission::kDeclarativeWebRequest,
405 APIPermission::kTopSites,
406 APIPermission::kTab,
407 APIPermission::kFavicon,
408 APIPermission::kTopSites,
409 APIPermission::kHostsAllReadOnly}},
410 // AutomationManifestPermission:
411 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
412 {APIPermission::kHostsAllReadOnly},
413 {}},
414 // Tabs already allows reading favicons and reading the list of most
415 // frequently visited sites.
416 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
417 {APIPermission::kTab},
418 {APIPermission::kFavicon,
419 APIPermission::kProcesses,
420 APIPermission::kTopSites,
421 APIPermission::kWebNavigation}},
422
423 // Individual message rules taken from
424 // ChromeAPIPermissions::GetAllPermissions():
425 // Permission messages for all extension types:
426
427 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
428 {APIPermission::kClipboardRead},
429 {}},
430 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
431 {APIPermission::kDesktopCapture},
432 {}},
433 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, {APIPermission::kDownloads}, {}},
434 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
435 {APIPermission::kDownloadsOpen},
436 {}},
437 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
438 {APIPermission::kIdentityEmail},
439 {}},
440 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
441 {APIPermission::kGeolocation},
442 {}},
443
444 // Permission messages for extensions:
445 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
446 {APIPermission::kAccessibilityFeaturesModify},
447 {}},
448 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
449 {APIPermission::kAccessibilityFeaturesRead},
450 {}},
451 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, {APIPermission::kBookmark}, {}},
452 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
453 {APIPermission::kContentSettings},
454 {}},
455 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
456 {APIPermission::kCopresence},
457 {}},
458 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN,
459 {APIPermission::kDocumentScan},
460 {}},
461 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
462 {APIPermission::kHistory},
463 {}},
464 {IDS_EXTENSION_PROMPT_WARNING_INPUT, {APIPermission::kInput}, {}},
465 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
466 {APIPermission::kLocation},
467 {}},
468 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
469 {APIPermission::kManagement},
470 {}},
471 {IDS_EXTENSION_PROMPT_WARNING_MDNS, {APIPermission::kMDns}, {}},
472 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
473 {APIPermission::kNativeMessaging},
474 {}},
475 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY, {APIPermission::kPrivacy}, {}},
476 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
477 {APIPermission::kProcesses},
478 {}},
479 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
480 {APIPermission::kSignedInDevices},
481 {}},
482 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
483 {APIPermission::kSyncFileSystem},
484 {}},
485 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, {APIPermission::kTab}, {}},
486 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES, {APIPermission::kTopSites}, {}},
487 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
488 {APIPermission::kTtsEngine},
489 {}},
490 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, {APIPermission::kWallpaper}, {}},
491 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
492 {APIPermission::kWebNavigation},
493 {}},
494 {IDS_EXTENSION_PROMPT_WARNING_PLATFORMKEYS,
495 {APIPermission::kPlatformKeys},
496 {}},
497
498 // Permission messages for private permissions:
499 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
500 {APIPermission::kScreenlockPrivate},
501 {}},
502 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
503 {APIPermission::kActivityLogPrivate},
504 {}},
505 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
506 {APIPermission::kExperienceSamplingPrivate},
507 {}},
508 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
509 {APIPermission::kNetworkingPrivate},
510 {}},
511 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
512 {APIPermission::kMusicManagerPrivate},
513 {}},
514 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE,
515 {APIPermission::kSearchEnginesPrivate},
516 {}},
517 {IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE,
518 {APIPermission::kSettingsPrivate},
519 {}},
520 {IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE,
521 {APIPermission::kAutofillPrivate},
522 {}},
523 {IDS_EXTENSION_PROMPT_WARNING_PASSWORDS_PRIVATE,
524 {APIPermission::kPasswordsPrivate},
525 {}},
526 {IDS_EXTENSION_PROMPT_WARNING_USERS_PRIVATE,
527 {APIPermission::kUsersPrivate},
528 {}},
529
530 // Platform-app permission messages.
531
532 // The permission string for "fileSystem" is only shown when
533 // "write" or "directory" is present. Read-only access is only
534 // granted after the user has been shown a file or directory
535 // chooser dialog and selected a file or directory. Selecting
536 // the file or directory is considered consent to read it.
537 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
538 {APIPermission::kFileSystemDirectory},
539 {}},
540 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
541 {APIPermission::kFileSystemWriteDirectory},
542 {}},
543
544 // Because warning messages for the "mediaGalleries" permission
545 // vary based on the permissions parameters, no message ID or
546 // message text is specified here. The message ID and text used
547 // will be determined at run-time in the
548 // |MediaGalleriesPermission| class.
549
550 {IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
551 {APIPermission::kInterceptAllKeys},
552 {}},
553
554 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE,
555 {APIPermission::kAudioCapture, APIPermission::kVideoCapture},
556 {}},
557
558 // Individual message rules taken from
559 // ExtensionsAPIPermissions::GetAllPermissions():
560 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
561 {APIPermission::kAudioCapture},
562 {}},
563 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE,
564 {APIPermission::kBluetoothPrivate},
565 {}},
566 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
567 {APIPermission::kDeclarativeWebRequest},
568 {}},
569 {IDS_EXTENSION_PROMPT_WARNING_SERIAL, {APIPermission::kSerial}, {}},
570
571 // Because warning messages for the "socket" permission vary based
572 // on the permissions parameters, no message ID or message text is
573 // specified here. The message ID and text used will be
574 // determined at run-time in the |SocketPermission| class.
575 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES,
576 {APIPermission::kU2fDevices},
577 {}},
578 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
579 {APIPermission::kVideoCapture},
580 {}},
581 {IDS_EXTENSION_PROMPT_WARNING_VPN, {APIPermission::kVpnProvider}, {}},
582 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
583 {APIPermission::kWebConnectable},
584 {}},
585
586 // Rules from ManifestPermissions:
587 // BluetoothManifestPermission:
588 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH, {APIPermission::kBluetooth}, {}},
589 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES,
590 {APIPermission::kBluetoothDevices},
591 {}},
592
593 // SocketsManifestPermission:
594 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST,
595 {APIPermission::kSocketAnyHost},
596 {}},
597 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE,
598 {APIPermission::kNetworkState},
599 {}},
600
601 // API permission rules:
602 // SettingsOverrideAPIPermission:
603 {new SingleParameterFormatter(
604 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE),
605 {APIPermission::kHomepage},
606 {}},
607 {new SingleParameterFormatter(
608 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE),
609 {APIPermission::kSearchProvider},
610 {}},
611 {new SingleParameterFormatter(
612 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE),
613 {APIPermission::kStartupPages},
614 {}},
615
616 // Other rules:
617 // From ChromeExtensionsClient::FilterHostPermissions():
618 {IDS_EXTENSION_PROMPT_WARNING_FAVICON, {APIPermission::kFavicon}, {}},
619 };
620
621 return std::vector<ChromePermissionMessageRule>(
622 rules_arr, rules_arr + arraysize(rules_arr));
623 }
624
625 ChromePermissionMessageRule::PermissionIDSetInitializer::
626 PermissionIDSetInitializer() {
627 }
628 ChromePermissionMessageRule::PermissionIDSetInitializer::
629 PermissionIDSetInitializer(APIPermission::ID permission_one) {
630 insert(permission_one);
631 }
632 ChromePermissionMessageRule::PermissionIDSetInitializer::
633 PermissionIDSetInitializer(APIPermission::ID permission_one,
634 APIPermission::ID permission_two) {
635 insert(permission_one);
636 insert(permission_two);
637 }
638 ChromePermissionMessageRule::PermissionIDSetInitializer::
639 PermissionIDSetInitializer(APIPermission::ID permission_one,
640 APIPermission::ID permission_two,
641 APIPermission::ID permission_three) {
642 insert(permission_one);
643 insert(permission_two);
644 insert(permission_three);
645 }
646 ChromePermissionMessageRule::PermissionIDSetInitializer::
647 PermissionIDSetInitializer(APIPermission::ID permission_one,
648 APIPermission::ID permission_two,
649 APIPermission::ID permission_three,
650 APIPermission::ID permission_four) {
651 insert(permission_one);
652 insert(permission_two);
653 insert(permission_three);
654 insert(permission_four);
655 }
656 ChromePermissionMessageRule::PermissionIDSetInitializer::
657 PermissionIDSetInitializer(APIPermission::ID permission_one,
658 APIPermission::ID permission_two,
659 APIPermission::ID permission_three,
660 APIPermission::ID permission_four,
661 APIPermission::ID permission_five) {
662 insert(permission_one);
663 insert(permission_two);
664 insert(permission_three);
665 insert(permission_four);
666 insert(permission_five);
667 }
668 ChromePermissionMessageRule::PermissionIDSetInitializer::
669 PermissionIDSetInitializer(APIPermission::ID permission_one,
670 APIPermission::ID permission_two,
671 APIPermission::ID permission_three,
672 APIPermission::ID permission_four,
673 APIPermission::ID permission_five,
674 APIPermission::ID permission_six) {
675 insert(permission_one);
676 insert(permission_two);
677 insert(permission_three);
678 insert(permission_four);
679 insert(permission_five);
680 insert(permission_six);
681 }
682
683 ChromePermissionMessageRule::PermissionIDSetInitializer::
684 ~PermissionIDSetInitializer() {
685 }
686
687 } // namespace extensions