search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Remove INJECT_EVENTS permissions from test APKs.
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_permission_message_rules.cc
blob7b68bfaab97fd03fa5aa5c54c4759757fef72642
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
6
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "chrome/grit/generated_resources.h"
10 #include "extensions/common/permissions/api_permission_set.h"
11 #include "extensions/common/permissions/coalesced_permission_message.h"
12 #include "grit/extensions_strings.h"
13 #include "ui/base/l10n/l10n_util.h"
14
15 namespace extensions {
16
17 namespace {
18
19 // The default formatter for a permission message. Simply displays the message
20 // with the given ID.
21 class DefaultPermissionMessageFormatter
22 : public ChromePermissionMessageFormatter {
23 public:
24 explicit DefaultPermissionMessageFormatter(int message_id)
25 : message_id_(message_id) {}
26 ~DefaultPermissionMessageFormatter() override {}
27
28 CoalescedPermissionMessage GetPermissionMessage(
29 PermissionIDSet permissions) const override {
30 return CoalescedPermissionMessage(l10n_util::GetStringUTF16(message_id_),
31 permissions);
32 }
33
34 private:
35 int message_id_;
36
37 // DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter);
38 };
39
40 // A formatter that substitutes the parameter into the message using string
41 // formatting.
42 // NOTE: Only one permission with the given ID is substituted using this rule.
43 class SingleParameterFormatter : public ChromePermissionMessageFormatter {
44 public:
45 explicit SingleParameterFormatter(int message_id) : message_id_(message_id) {}
46 ~SingleParameterFormatter() override {}
47
48 CoalescedPermissionMessage GetPermissionMessage(
49 PermissionIDSet permissions) const override {
50 DCHECK(permissions.size() > 0);
51 std::vector<base::string16> parameters =
52 permissions.GetAllPermissionParameters();
53 DCHECK_EQ(1U, parameters.size())
54 << "Only one message with each ID can be parameterized.";
55 return CoalescedPermissionMessage(
56 l10n_util::GetStringFUTF16(message_id_, parameters[0]), permissions);
57 }
58
59 private:
60 int message_id_;
61 };
62
63 // Adds each parameter to a growing list, with the given |root_message_id| as
64 // the message at the top of the list.
65 class SimpleListFormatter : public ChromePermissionMessageFormatter {
66 public:
67 explicit SimpleListFormatter(int root_message_id)
68 : root_message_id_(root_message_id) {}
69 ~SimpleListFormatter() override {}
70
71 CoalescedPermissionMessage GetPermissionMessage(
72 PermissionIDSet permissions) const override {
73 DCHECK(permissions.size() > 0);
74 return CoalescedPermissionMessage(
75 l10n_util::GetStringUTF16(root_message_id_), permissions,
76 permissions.GetAllPermissionParameters());
77 }
78
79 private:
80 int root_message_id_;
81 };
82
83 // Creates a space-separated list of permissions with the given PermissionID.
84 // The list is inserted into the messages with the given IDs: one for the case
85 // where there is a single permission, and the other for the case where there
86 // are multiple.
87 // TODO(sashab): Extend this to pluralize correctly in all languages.
88 class SpaceSeparatedListFormatter : public ChromePermissionMessageFormatter {
89 public:
90 SpaceSeparatedListFormatter(int message_id_for_one_host,
91 int message_id_for_multiple_hosts)
92 : message_id_for_one_host_(message_id_for_one_host),
93 message_id_for_multiple_hosts_(message_id_for_multiple_hosts) {}
94 ~SpaceSeparatedListFormatter() override {}
95
96 CoalescedPermissionMessage GetPermissionMessage(
97 PermissionIDSet permissions) const override {
98 DCHECK(permissions.size() > 0);
99 std::vector<base::string16> hostnames =
100 permissions.GetAllPermissionParameters();
101 base::string16 hosts_string = JoinString(
102 std::vector<base::string16>(hostnames.begin(), hostnames.end()), ' ');
103 return CoalescedPermissionMessage(
104 l10n_util::GetStringFUTF16(hostnames.size() == 1
105 ? message_id_for_one_host_
106 : message_id_for_multiple_hosts_,
107 hosts_string),
108 permissions);
109 }
110
111 private:
112 int message_id_for_one_host_;
113 int message_id_for_multiple_hosts_;
114 };
115
116 // Creates a comma-separated list of permissions with the given PermissionID.
117 // The list is inserted into the messages with the given IDs: one for each case
118 // of 1-3 permissions, and the other for the case where there are 4 or more
119 // permissions. In the case of 4 or more permissions, rather than insert the
120 // list into the message, the permissions are displayed as submessages in the
121 // resultant CoalescedPermissionMessage.
122 class CommaSeparatedListFormatter : public ChromePermissionMessageFormatter {
123 public:
124 CommaSeparatedListFormatter(int message_id_for_one_host,
125 int message_id_for_two_hosts,
126 int message_id_for_three_hosts,
127 int message_id_for_many_hosts)
128 : message_id_for_one_host_(message_id_for_one_host),
129 message_id_for_two_hosts_(message_id_for_two_hosts),
130 message_id_for_three_hosts_(message_id_for_three_hosts),
131 message_id_for_many_hosts_(message_id_for_many_hosts) {}
132 ~CommaSeparatedListFormatter() override {}
133
134 CoalescedPermissionMessage GetPermissionMessage(
135 PermissionIDSet permissions) const override {
136 DCHECK(permissions.size() > 0);
137 std::vector<base::string16> hostnames =
138 permissions.GetAllPermissionParameters();
139 CoalescedPermissionMessages messages;
140 if (hostnames.size() <= 3) {
141 return CoalescedPermissionMessage(
142 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames.size()),
143 hostnames, NULL),
144 permissions);
145 }
146
147 return CoalescedPermissionMessage(
148 l10n_util::GetStringUTF16(message_id_for_many_hosts_), permissions,
149 hostnames);
150 }
151
152 private:
153 int message_id_for_hosts(int number_of_hosts) const {
154 switch (number_of_hosts) {
155 case 1:
156 return message_id_for_one_host_;
157 case 2:
158 return message_id_for_two_hosts_;
159 case 3:
160 return message_id_for_three_hosts_;
161 default:
162 return message_id_for_many_hosts_;
163 }
164 }
165
166 int message_id_for_one_host_;
167 int message_id_for_two_hosts_;
168 int message_id_for_three_hosts_;
169 int message_id_for_many_hosts_;
170 };
171
172 } // namespace
173
174 ChromePermissionMessageRule::ChromePermissionMessageRule(
175 int message_id,
176 PermissionIDSetInitializer required,
177 PermissionIDSetInitializer optional)
178 : required_permissions_(required),
179 optional_permissions_(optional),
180 formatter_(new DefaultPermissionMessageFormatter(message_id)) {
181 }
182
183 ChromePermissionMessageRule::ChromePermissionMessageRule(
184 ChromePermissionMessageFormatter* formatter,
185 PermissionIDSetInitializer required,
186 PermissionIDSetInitializer optional)
187 : required_permissions_(required),
188 optional_permissions_(optional),
189 formatter_(formatter) {
190 }
191
192 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
193 }
194
195 std::set<APIPermission::ID> ChromePermissionMessageRule::required_permissions()
196 const {
197 return required_permissions_;
198 }
199 std::set<APIPermission::ID> ChromePermissionMessageRule::optional_permissions()
200 const {
201 return optional_permissions_;
202 }
203 ChromePermissionMessageFormatter* ChromePermissionMessageRule::formatter()
204 const {
205 return formatter_.get();
206 }
207
208 std::set<APIPermission::ID> ChromePermissionMessageRule::all_permissions()
209 const {
210 return base::STLSetUnion<std::set<APIPermission::ID>>(required_permissions(),
211 optional_permissions());
212 }
213
214 // static
215 std::vector<ChromePermissionMessageRule>
216 ChromePermissionMessageRule::GetAllRules() {
217 // The rules for generating messages from permissions. Any new rules should be
218 // added directly to this list, not elsewhere in the code, so that all the
219 // logic of generating and coalescing permission messages happens here.
220 //
221 // Each rule has 3 components:
222 // 1. The message itself
223 // 2. The permissions that need to be present for the message to appear
224 // 3. Permissions that, if present, also contribute to the message, but do not
225 // form the message on their own
226 //
227 // Rules are applied in precedence order: rules that come first consume
228 // permissions (both required and optional) so they can not be used in later
229 // rules.
230 // NOTE: The order of this list matters - be careful when adding new rules!
231 // If unsure, add them near related rules and add tests to
232 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
233 // messages are being generated/coalesced correctly.
234 //
235 // Rules are not transitive: This means that if the kTab permission 'absorbs'
236 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
237 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
238 // to the kHistory absorb list. Ideally, the rules system should be simple
239 // enough that rules like this should not occur; the visibility of the rules
240 // system should allow us to design a system that is simple enough to explain
241 // yet powerful enough to encapsulate all the messages we want to display.
242 //
243 // TODO(sashab): Once existing message sites are deprecated, reorder this list
244 // to better describe the rules generated, rather than the callsites they are
245 // migrated from.
246 ChromePermissionMessageRule rules_arr[] = {
247 // Full url access permission messages.
248 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
249 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
250 {APIPermission::kPlugin},
251 {APIPermission::kFullAccess,
252 APIPermission::kHostsAll,
253 APIPermission::kHostsAllReadOnly,
254 APIPermission::kDeclarativeWebRequest,
255 APIPermission::kTopSites,
256 APIPermission::kTab}},
257 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
258 {APIPermission::kFullAccess},
259 {APIPermission::kHostsAll,
260 APIPermission::kHostsAllReadOnly,
261 APIPermission::kDeclarativeWebRequest,
262 APIPermission::kTopSites,
263 APIPermission::kTab}},
264
265 // Parameterized permission messages:
266 // Messages generated by the sockets permission.
267 {new SpaceSeparatedListFormatter(
268 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
269 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
270 {APIPermission::kSocketDomainHosts},
271 {}},
272 {new SpaceSeparatedListFormatter(
273 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST,
274 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS),
275 {APIPermission::kSocketSpecificHosts},
276 {}},
277
278 // Messages generated by host permissions.
279 {new CommaSeparatedListFormatter(
280 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY,
281 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY,
282 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY,
283 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY),
284 {APIPermission::kHostReadOnly},
285 {}},
286 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
287 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
288 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
289 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
290 {APIPermission::kHostReadWrite},
291 {}},
292
293 // USB Device Permission rules:
294 // TODO(sashab, reillyg): Rework the permission message logic for USB
295 // devices to generate more meaningful messages and better fit the current
296 // rules system. Maybe model it similarly to host or socket permissions
297 // above.
298 {new SingleParameterFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE),
299 {APIPermission::kUsbDevice},
300 {}},
301 {new SingleParameterFormatter(
302 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT),
303 {APIPermission::kUsbDeviceUnknownProduct},
304 {}},
305 {IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR,
306 {APIPermission::kUsbDeviceUnknownVendor},
307 {}},
308 {new SimpleListFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
309 {APIPermission::kUsbDeviceList},
310 {}},
311
312 // Coalesced message rules taken from
313 // ChromePermissionMessageProvider::GetWarningMessages():
314
315 // Access to users' devices should provide a single warning message
316 // specifying the transport method used; serial and/or Bluetooth.
317 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
318 {APIPermission::kBluetooth, APIPermission::kSerial},
319 {APIPermission::kBluetoothDevices}},
320
321 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY,
322 {APIPermission::kAccessibilityFeaturesModify,
323 APIPermission::kAccessibilityFeaturesRead},
324 {}},
325
326 // TODO(sashab): Add the missing combinations of media galleries
327 // permissions so a valid permission is generated for all combinations.
328 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE,
329 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
330 APIPermission::kMediaGalleriesAllGalleriesDelete,
331 APIPermission::kMediaGalleriesAllGalleriesRead},
332 {}},
333 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE,
334 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
335 APIPermission::kMediaGalleriesAllGalleriesRead},
336 {}},
337 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
338 {APIPermission::kMediaGalleriesAllGalleriesDelete,
339 APIPermission::kMediaGalleriesAllGalleriesRead},
340 {}},
341 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
342 {APIPermission::kMediaGalleriesAllGalleriesRead},
343 {}},
344
345 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
346 {APIPermission::kSessions, APIPermission::kHistory},
347 {APIPermission::kFavicon,
348 APIPermission::kProcesses,
349 APIPermission::kTab,
350 APIPermission::kTopSites,
351 APIPermission::kWebNavigation}},
352 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
353 {APIPermission::kSessions, APIPermission::kTab},
354 {APIPermission::kFavicon,
355 APIPermission::kProcesses,
356 APIPermission::kTopSites,
357 APIPermission::kWebNavigation}},
358
359 // Suppression list taken from
360 // ChromePermissionMessageProvider::GetPermissionMessages():
361 // Some warnings are more generic and/or powerful and supercede other
362 // warnings. In that case, the first message suppresses the second one.
363 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
364 {APIPermission::kBluetooth},
365 {APIPermission::kBluetoothDevices}},
366 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
367 {APIPermission::kBookmark},
368 {APIPermission::kOverrideBookmarksUI}},
369 // History already allows reading favicons, tab access and accessing the
370 // list of most frequently visited sites.
371 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
372 {APIPermission::kHistory},
373 {APIPermission::kFavicon,
374 APIPermission::kProcesses,
375 APIPermission::kTab,
376 APIPermission::kTopSites,
377 APIPermission::kWebNavigation}},
378 // A special hack: If kFileSystemWriteDirectory would be displayed, hide
379 // kFileSystemDirectory as the write directory message implies it.
380 // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
381 // since this rules system can represent the rule. See crbug.com/284849.
382 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
383 {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
384 {APIPermission::kFileSystemWriteDirectory}},
385 // Full access already allows DeclarativeWebRequest, reading the list of
386 // most frequently visited sites, and tab access.
387 // The warning message for declarativeWebRequest
388 // permissions speaks about blocking parts of pages, which is a
389 // subset of what the "<all_urls>" access allows. Therefore we
390 // display only the "<all_urls>" warning message if both permissions
391 // are required.
392 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
393 {APIPermission::kHostsAll},
394 {APIPermission::kDeclarativeWebRequest,
395 APIPermission::kTopSites,
396 APIPermission::kTab,
397 APIPermission::kFavicon,
398 APIPermission::kTopSites,
399 APIPermission::kHostsAllReadOnly}},
400 // AutomationManifestPermission:
401 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
402 {APIPermission::kHostsAllReadOnly},
403 {}},
404 // Tabs already allows reading favicons and reading the list of most
405 // frequently visited sites.
406 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
407 {APIPermission::kTab},
408 {APIPermission::kFavicon,
409 APIPermission::kProcesses,
410 APIPermission::kTopSites,
411 APIPermission::kWebNavigation}},
412
413 // Individual message rules taken from
414 // ChromeAPIPermissions::GetAllPermissions():
415 // Permission messages for all extension types:
416
417 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
418 {APIPermission::kClipboardRead},
419 {}},
420 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
421 {APIPermission::kDesktopCapture},
422 {}},
423 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, {APIPermission::kDownloads}, {}},
424 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
425 {APIPermission::kDownloadsOpen},
426 {}},
427 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
428 {APIPermission::kIdentityEmail},
429 {}},
430 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
431 {APIPermission::kGeolocation},
432 {}},
433
434 // Permission messages for extensions:
435 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
436 {APIPermission::kAccessibilityFeaturesModify},
437 {}},
438 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
439 {APIPermission::kAccessibilityFeaturesRead},
440 {}},
441 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, {APIPermission::kBookmark}, {}},
442 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
443 {APIPermission::kContentSettings},
444 {}},
445 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
446 {APIPermission::kCopresence},
447 {}},
448 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN,
449 {APIPermission::kDocumentScan},
450 {}},
451 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
452 {APIPermission::kHistory},
453 {}},
454 {IDS_EXTENSION_PROMPT_WARNING_INPUT, {APIPermission::kInput}, {}},
455 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
456 {APIPermission::kLocation},
457 {}},
458 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
459 {APIPermission::kManagement},
460 {}},
461 {IDS_EXTENSION_PROMPT_WARNING_MDNS, {APIPermission::kMDns}, {}},
462 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
463 {APIPermission::kNativeMessaging},
464 {}},
465 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY, {APIPermission::kPrivacy}, {}},
466 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
467 {APIPermission::kProcesses},
468 {}},
469 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
470 {APIPermission::kSignedInDevices},
471 {}},
472 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
473 {APIPermission::kSyncFileSystem},
474 {}},
475 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, {APIPermission::kTab}, {}},
476 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES, {APIPermission::kTopSites}, {}},
477 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
478 {APIPermission::kTtsEngine},
479 {}},
480 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, {APIPermission::kWallpaper}, {}},
481 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
482 {APIPermission::kWebNavigation},
483 {}},
484 {IDS_EXTENSION_PROMPT_WARNING_PLATFORMKEYS,
485 {APIPermission::kPlatformKeys},
486 {}},
487
488 // Permission messages for private permissions:
489 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
490 {APIPermission::kScreenlockPrivate},
491 {}},
492 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
493 {APIPermission::kActivityLogPrivate},
494 {}},
495 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
496 {APIPermission::kExperienceSamplingPrivate},
497 {}},
498 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
499 {APIPermission::kNetworkingPrivate},
500 {}},
501 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
502 {APIPermission::kMusicManagerPrivate},
503 {}},
504 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE,
505 {APIPermission::kSearchEnginesPrivate},
506 {}},
507 {IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE,
508 {APIPermission::kSettingsPrivate},
509 {}},
510 {IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE,
511 {APIPermission::kAutofillPrivate},
512 {}},
513 {IDS_EXTENSION_PROMPT_WARNING_PASSWORDS_PRIVATE,
514 {APIPermission::kPasswordsPrivate},
515 {}},
516 {IDS_EXTENSION_PROMPT_WARNING_USERS_PRIVATE,
517 {APIPermission::kUsersPrivate},
518 {}},
519
520 // Platform-app permission messages.
521
522 // The permission string for "fileSystem" is only shown when
523 // "write" or "directory" is present. Read-only access is only
524 // granted after the user has been shown a file or directory
525 // chooser dialog and selected a file or directory. Selecting
526 // the file or directory is considered consent to read it.
527 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
528 {APIPermission::kFileSystemDirectory},
529 {}},
530 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
531 {APIPermission::kFileSystemWriteDirectory},
532 {}},
533
534 // Because warning messages for the "mediaGalleries" permission
535 // vary based on the permissions parameters, no message ID or
536 // message text is specified here. The message ID and text used
537 // will be determined at run-time in the
538 // |MediaGalleriesPermission| class.
539
540 {IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
541 {APIPermission::kInterceptAllKeys},
542 {}},
543
544 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE,
545 {APIPermission::kAudioCapture, APIPermission::kVideoCapture},
546 {}},
547
548 // Individual message rules taken from
549 // ExtensionsAPIPermissions::GetAllPermissions():
550 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
551 {APIPermission::kAudioCapture},
552 {}},
553 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE,
554 {APIPermission::kBluetoothPrivate},
555 {}},
556 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
557 {APIPermission::kDeclarativeWebRequest},
558 {}},
559 {IDS_EXTENSION_PROMPT_WARNING_SERIAL, {APIPermission::kSerial}, {}},
560
561 // Because warning messages for the "socket" permission vary based
562 // on the permissions parameters, no message ID or message text is
563 // specified here. The message ID and text used will be
564 // determined at run-time in the |SocketPermission| class.
565 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES,
566 {APIPermission::kU2fDevices},
567 {}},
568 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
569 {APIPermission::kVideoCapture},
570 {}},
571 {IDS_EXTENSION_PROMPT_WARNING_VPN, {APIPermission::kVpnProvider}, {}},
572 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
573 {APIPermission::kWebConnectable},
574 {}},
575
576 // Rules from ManifestPermissions:
577 // BluetoothManifestPermission:
578 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH, {APIPermission::kBluetooth}, {}},
579 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES,
580 {APIPermission::kBluetoothDevices},
581 {}},
582
583 // SocketsManifestPermission:
584 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST,
585 {APIPermission::kSocketAnyHost},
586 {}},
587 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE,
588 {APIPermission::kNetworkState},
589 {}},
590
591 // API permission rules:
592 // SettingsOverrideAPIPermission:
593 {new SingleParameterFormatter(
594 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE),
595 {APIPermission::kHomepage},
596 {}},
597 {new SingleParameterFormatter(
598 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE),
599 {APIPermission::kSearchProvider},
600 {}},
601 {new SingleParameterFormatter(
602 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE),
603 {APIPermission::kStartupPages},
604 {}},
605
606 // Other rules:
607 // From ChromeExtensionsClient::FilterHostPermissions():
608 {IDS_EXTENSION_PROMPT_WARNING_FAVICON, {APIPermission::kFavicon}, {}},
609 };
610
611 std::vector<ChromePermissionMessageRule> rules;
612 for (size_t i = 0; i < arraysize(rules_arr); i++) {
613 rules.push_back(rules_arr[i]);
614 }
615 return rules;
616 }
617
618 ChromePermissionMessageRule::PermissionIDSetInitializer::
619 PermissionIDSetInitializer() {
620 }
621 ChromePermissionMessageRule::PermissionIDSetInitializer::
622 PermissionIDSetInitializer(APIPermission::ID permission_one) {
623 insert(permission_one);
624 }
625 ChromePermissionMessageRule::PermissionIDSetInitializer::
626 PermissionIDSetInitializer(APIPermission::ID permission_one,
627 APIPermission::ID permission_two) {
628 insert(permission_one);
629 insert(permission_two);
630 }
631 ChromePermissionMessageRule::PermissionIDSetInitializer::
632 PermissionIDSetInitializer(APIPermission::ID permission_one,
633 APIPermission::ID permission_two,
634 APIPermission::ID permission_three) {
635 insert(permission_one);
636 insert(permission_two);
637 insert(permission_three);
638 }
639 ChromePermissionMessageRule::PermissionIDSetInitializer::
640 PermissionIDSetInitializer(APIPermission::ID permission_one,
641 APIPermission::ID permission_two,
642 APIPermission::ID permission_three,
643 APIPermission::ID permission_four) {
644 insert(permission_one);
645 insert(permission_two);
646 insert(permission_three);
647 insert(permission_four);
648 }
649 ChromePermissionMessageRule::PermissionIDSetInitializer::
650 PermissionIDSetInitializer(APIPermission::ID permission_one,
651 APIPermission::ID permission_two,
652 APIPermission::ID permission_three,
653 APIPermission::ID permission_four,
654 APIPermission::ID permission_five) {
655 insert(permission_one);
656 insert(permission_two);
657 insert(permission_three);
658 insert(permission_four);
659 insert(permission_five);
660 }
661 ChromePermissionMessageRule::PermissionIDSetInitializer::
662 PermissionIDSetInitializer(APIPermission::ID permission_one,
663 APIPermission::ID permission_two,
664 APIPermission::ID permission_three,
665 APIPermission::ID permission_four,
666 APIPermission::ID permission_five,
667 APIPermission::ID permission_six) {
668 insert(permission_one);
669 insert(permission_two);
670 insert(permission_three);
671 insert(permission_four);
672 insert(permission_five);
673 insert(permission_six);
674 }
675
676 ChromePermissionMessageRule::PermissionIDSetInitializer::
677 ~PermissionIDSetInitializer() {
678 }
679
680 } // namespace extensions