Add new certificateProvider extension API.
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_api_permissions.cc
blob729b1e2e08f34ce0b8ff956ece0602853032c56b
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/common/extensions/permissions/chrome_api_permissions.h"
7 #include "chrome/grit/generated_resources.h"
8 #include "extensions/common/permissions/api_permission.h"
9 #include "extensions/common/permissions/api_permission_set.h"
10 #include "extensions/common/permissions/media_galleries_permission.h"
11 #include "extensions/common/permissions/permissions_info.h"
12 #include "extensions/strings/grit/extensions_strings.h"
14 namespace extensions {
16 namespace {
18 const char kWindowsPermission[] = "windows";
20 template <typename T>
21 APIPermission* CreateAPIPermission(const APIPermissionInfo* permission) {
22 return new T(permission);
25 } // namespace
27 std::vector<APIPermissionInfo*> ChromeAPIPermissions::GetAllPermissions()
28 const {
29 // WARNING: If you are modifying a permission message in this list, be sure to
30 // add the corresponding permission message rule to
31 // ChromePermissionMessageProvider::GetCoalescedPermissionMessages as well.
32 APIPermissionInfo::InitInfo permissions_to_register[] = {
33 // Register permissions for all extension types.
34 {APIPermission::kBackground, "background"},
35 {APIPermission::kDeclarativeContent, "declarativeContent"},
36 {APIPermission::kDesktopCapture, "desktopCapture"},
37 {APIPermission::kDesktopCapturePrivate, "desktopCapturePrivate"},
38 {APIPermission::kDownloads, "downloads"},
39 {APIPermission::kDownloadsOpen, "downloads.open"},
40 {APIPermission::kDownloadsShelf, "downloads.shelf"},
41 {APIPermission::kEasyUnlockPrivate, "easyUnlockPrivate"},
42 {APIPermission::kIdentity, "identity"},
43 {APIPermission::kIdentityEmail, "identity.email"},
44 {APIPermission::kExperimental, "experimental",
45 APIPermissionInfo::kFlagCannotBeOptional},
46 {APIPermission::kEmbeddedExtensionOptions, "embeddedExtensionOptions",
47 APIPermissionInfo::kFlagCannotBeOptional},
48 {APIPermission::kGeolocation, "geolocation",
49 APIPermissionInfo::kFlagCannotBeOptional},
50 {APIPermission::kNotifications, "notifications"},
51 {APIPermission::kGcdPrivate, "gcdPrivate"},
52 {APIPermission::kGcm, "gcm"},
53 {APIPermission::kNotificationProvider, "notificationProvider"},
55 // Register extension permissions.
56 {APIPermission::kAccessibilityFeaturesModify,
57 "accessibilityFeatures.modify"},
58 {APIPermission::kAccessibilityFeaturesRead, "accessibilityFeatures.read"},
59 {APIPermission::kAccessibilityPrivate, "accessibilityPrivate",
60 APIPermissionInfo::kFlagCannotBeOptional},
61 {APIPermission::kActiveTab, "activeTab"},
62 {APIPermission::kAudioModem, "audioModem"},
63 {APIPermission::kBookmark, "bookmarks"},
64 {APIPermission::kBrailleDisplayPrivate, "brailleDisplayPrivate",
65 APIPermissionInfo::kFlagCannotBeOptional},
66 {APIPermission::kBrowsingData, "browsingData"},
67 {APIPermission::kCertificateProvider, "certificateProvider"},
68 {APIPermission::kContentSettings, "contentSettings"},
69 {APIPermission::kContextMenus, "contextMenus"},
70 {APIPermission::kCookie, "cookies"},
71 {APIPermission::kCopresence, "copresence"},
72 {APIPermission::kCopresencePrivate, "copresencePrivate"},
73 {APIPermission::kCryptotokenPrivate, "cryptotokenPrivate"},
74 {APIPermission::kDataReductionProxy, "dataReductionProxy",
75 APIPermissionInfo::kFlagImpliesFullURLAccess |
76 APIPermissionInfo::kFlagCannotBeOptional},
77 {APIPermission::kEnterpriseDeviceAttributes,
78 "enterprise.deviceAttributes"},
79 {APIPermission::kEnterprisePlatformKeys, "enterprise.platformKeys"},
80 {APIPermission::kFileBrowserHandler, "fileBrowserHandler",
81 APIPermissionInfo::kFlagCannotBeOptional},
82 {APIPermission::kFontSettings, "fontSettings",
83 APIPermissionInfo::kFlagCannotBeOptional},
84 {APIPermission::kHistory, "history"},
85 {APIPermission::kIdltest, "idltest"},
86 {APIPermission::kInput, "input"},
87 {APIPermission::kLocation, "location",
88 APIPermissionInfo::kFlagCannotBeOptional},
89 {APIPermission::kManagement, "management"},
90 {APIPermission::kMDns, "mdns", APIPermissionInfo::kFlagCannotBeOptional},
91 {APIPermission::kNativeMessaging, "nativeMessaging"},
92 {APIPermission::kPlatformKeys, "platformKeys"},
93 {APIPermission::kPrivacy, "privacy"},
94 {APIPermission::kProcesses, "processes"},
95 {APIPermission::kSessions, "sessions"},
96 {APIPermission::kSignedInDevices, "signedInDevices"},
97 {APIPermission::kSyncFileSystem, "syncFileSystem"},
98 {APIPermission::kTab, "tabs"},
99 {APIPermission::kTopSites, "topSites"},
100 {APIPermission::kTts, "tts", APIPermissionInfo::kFlagCannotBeOptional},
101 {APIPermission::kTtsEngine, "ttsEngine",
102 APIPermissionInfo::kFlagCannotBeOptional},
103 {APIPermission::kWallpaper, "wallpaper",
104 APIPermissionInfo::kFlagCannotBeOptional},
105 {APIPermission::kWebNavigation, "webNavigation"},
107 // Register private permissions.
108 {APIPermission::kScreenlockPrivate, "screenlockPrivate",
109 APIPermissionInfo::kFlagCannotBeOptional},
110 {APIPermission::kActivityLogPrivate, "activityLogPrivate",
111 APIPermissionInfo::kFlagCannotBeOptional},
112 {APIPermission::kAutoTestPrivate, "autotestPrivate",
113 APIPermissionInfo::kFlagCannotBeOptional},
114 {APIPermission::kBookmarkManagerPrivate, "bookmarkManagerPrivate",
115 APIPermissionInfo::kFlagCannotBeOptional},
116 {APIPermission::kCast, "cast", APIPermissionInfo::kFlagCannotBeOptional},
117 {APIPermission::kChromeosInfoPrivate, "chromeosInfoPrivate",
118 APIPermissionInfo::kFlagCannotBeOptional},
119 {APIPermission::kCommandsAccessibility, "commands.accessibility",
120 APIPermissionInfo::kFlagCannotBeOptional},
121 {APIPermission::kCommandLinePrivate, "commandLinePrivate",
122 APIPermissionInfo::kFlagCannotBeOptional},
123 {APIPermission::kDeveloperPrivate, "developerPrivate",
124 APIPermissionInfo::kFlagCannotBeOptional},
125 {APIPermission::kDial, "dial", APIPermissionInfo::kFlagCannotBeOptional},
126 {APIPermission::kDownloadsInternal, "downloadsInternal"},
127 {APIPermission::kExperienceSamplingPrivate, "experienceSamplingPrivate",
128 APIPermissionInfo::kFlagCannotBeOptional},
129 {APIPermission::kFileBrowserHandlerInternal, "fileBrowserHandlerInternal",
130 APIPermissionInfo::kFlagCannotBeOptional},
131 {APIPermission::kFileManagerPrivate, "fileManagerPrivate",
132 APIPermissionInfo::kFlagCannotBeOptional},
133 {APIPermission::kHotwordPrivate, "hotwordPrivate",
134 APIPermissionInfo::kFlagCannotBeOptional},
135 {APIPermission::kIdentityPrivate, "identityPrivate",
136 APIPermissionInfo::kFlagCannotBeOptional},
137 {APIPermission::kLogPrivate, "logPrivate",
138 APIPermissionInfo::kFlagCannotBeOptional},
139 {APIPermission::kWebcamPrivate, "webcamPrivate"},
140 {APIPermission::kMediaPlayerPrivate, "mediaPlayerPrivate",
141 APIPermissionInfo::kFlagCannotBeOptional},
142 {APIPermission::kMediaRouterPrivate, "mediaRouterPrivate",
143 APIPermissionInfo::kFlagCannotBeOptional},
144 {APIPermission::kMetricsPrivate, "metricsPrivate",
145 APIPermissionInfo::kFlagCannotBeOptional},
146 {APIPermission::kMusicManagerPrivate, "musicManagerPrivate",
147 APIPermissionInfo::kFlagCannotBeOptional},
148 {APIPermission::kPreferencesPrivate, "preferencesPrivate",
149 APIPermissionInfo::kFlagCannotBeOptional},
150 {APIPermission::kSystemPrivate, "systemPrivate",
151 APIPermissionInfo::kFlagCannotBeOptional},
152 {APIPermission::kCloudPrintPrivate, "cloudPrintPrivate",
153 APIPermissionInfo::kFlagCannotBeOptional},
154 {APIPermission::kInputMethodPrivate, "inputMethodPrivate",
155 APIPermissionInfo::kFlagCannotBeOptional},
156 {APIPermission::kEchoPrivate, "echoPrivate",
157 APIPermissionInfo::kFlagCannotBeOptional},
158 {APIPermission::kFeedbackPrivate, "feedbackPrivate",
159 APIPermissionInfo::kFlagCannotBeOptional},
160 {APIPermission::kImageWriterPrivate, "imageWriterPrivate",
161 APIPermissionInfo::kFlagCannotBeOptional},
162 {APIPermission::kReadingListPrivate, "readingListPrivate",
163 APIPermissionInfo::kFlagCannotBeOptional},
164 {APIPermission::kRtcPrivate, "rtcPrivate",
165 APIPermissionInfo::kFlagCannotBeOptional},
166 {APIPermission::kTerminalPrivate, "terminalPrivate",
167 APIPermissionInfo::kFlagCannotBeOptional},
168 {APIPermission::kVirtualKeyboardPrivate, "virtualKeyboardPrivate",
169 APIPermissionInfo::kFlagCannotBeOptional},
170 {APIPermission::kWallpaperPrivate, "wallpaperPrivate",
171 APIPermissionInfo::kFlagCannotBeOptional},
172 {APIPermission::kWebstorePrivate, "webstorePrivate",
173 APIPermissionInfo::kFlagCannotBeOptional},
174 {APIPermission::kStreamsPrivate, "streamsPrivate",
175 APIPermissionInfo::kFlagCannotBeOptional},
176 {APIPermission::kEnterprisePlatformKeysPrivate,
177 "enterprise.platformKeysPrivate",
178 APIPermissionInfo::kFlagCannotBeOptional},
179 {APIPermission::kWebrtcAudioPrivate, "webrtcAudioPrivate",
180 APIPermissionInfo::kFlagCannotBeOptional},
181 {APIPermission::kWebrtcDesktopCapturePrivate,
182 "webrtcDesktopCapturePrivate", APIPermissionInfo::kFlagCannotBeOptional},
183 {APIPermission::kWebrtcLoggingPrivate, "webrtcLoggingPrivate",
184 APIPermissionInfo::kFlagCannotBeOptional},
185 {APIPermission::kPrincipalsPrivate, "principalsPrivate",
186 APIPermissionInfo::kFlagCannotBeOptional},
187 {APIPermission::kFirstRunPrivate, "firstRunPrivate",
188 APIPermissionInfo::kFlagCannotBeOptional},
189 {APIPermission::kInlineInstallPrivate, "inlineInstallPrivate"},
190 {APIPermission::kSettingsPrivate, "settingsPrivate",
191 APIPermissionInfo::kFlagCannotBeOptional},
192 {APIPermission::kSearchEnginesPrivate, "searchEnginesPrivate",
193 APIPermissionInfo::kFlagCannotBeOptional},
194 {APIPermission::kAutofillPrivate, "autofillPrivate",
195 APIPermissionInfo::kFlagCannotBeOptional},
196 {APIPermission::kWebstoreWidgetPrivate, "webstoreWidgetPrivate",
197 APIPermissionInfo::kFlagCannotBeOptional},
198 {APIPermission::kPasswordsPrivate, "passwordsPrivate",
199 APIPermissionInfo::kFlagCannotBeOptional},
200 {APIPermission::kUsersPrivate, "usersPrivate",
201 APIPermissionInfo::kFlagCannotBeOptional},
202 {APIPermission::kLanguageSettingsPrivate, "languageSettingsPrivate",
203 APIPermissionInfo::kFlagCannotBeOptional},
205 // Full url access permissions.
206 {APIPermission::kDebugger, "debugger",
207 APIPermissionInfo::kFlagImpliesFullURLAccess |
208 APIPermissionInfo::kFlagCannotBeOptional},
209 {APIPermission::kDevtools, "devtools",
210 APIPermissionInfo::kFlagImpliesFullURLAccess |
211 APIPermissionInfo::kFlagCannotBeOptional |
212 APIPermissionInfo::kFlagInternal},
213 {APIPermission::kPageCapture, "pageCapture",
214 APIPermissionInfo::kFlagImpliesFullURLAccess},
215 {APIPermission::kTabCapture, "tabCapture",
216 APIPermissionInfo::kFlagImpliesFullURLAccess},
217 {APIPermission::kTabCaptureForTab, "tabCaptureForTab",
218 APIPermissionInfo::kFlagInternal},
219 {APIPermission::kPlugin, "plugin",
220 APIPermissionInfo::kFlagImpliesFullURLAccess |
221 APIPermissionInfo::kFlagImpliesFullAccess |
222 APIPermissionInfo::kFlagCannotBeOptional |
223 APIPermissionInfo::kFlagInternal},
224 {APIPermission::kProxy, "proxy",
225 APIPermissionInfo::kFlagImpliesFullURLAccess |
226 APIPermissionInfo::kFlagCannotBeOptional},
228 // Platform-app permissions.
230 // The permission string for "fileSystem" is only shown when
231 // "write" or "directory" is present. Read-only access is only
232 // granted after the user has been shown a file or directory
233 // chooser dialog and selected a file or directory. Selecting
234 // the file or directory is considered consent to read it.
235 {APIPermission::kFileSystem, "fileSystem"},
236 {APIPermission::kFileSystemDirectory, "fileSystem.directory"},
237 {APIPermission::kFileSystemProvider, "fileSystemProvider"},
238 {APIPermission::kFileSystemRequestFileSystem,
239 "fileSystem.requestFileSystem"},
240 {APIPermission::kFileSystemRetainEntries, "fileSystem.retainEntries"},
241 {APIPermission::kFileSystemWrite, "fileSystem.write"},
242 {APIPermission::kMediaGalleries, "mediaGalleries",
243 APIPermissionInfo::kFlagNone,
244 &CreateAPIPermission<MediaGalleriesPermission>},
245 {APIPermission::kPointerLock, "pointerLock"},
246 {APIPermission::kCastStreaming, "cast.streaming"},
247 {APIPermission::kBrowser, "browser"},
248 {APIPermission::kInterceptAllKeys, "app.window.interceptAllKeys"},
249 {APIPermission::kLauncherSearchProvider, "launcherSearchProvider"},
251 // Settings override permissions.
252 {APIPermission::kHomepage, "homepage",
253 APIPermissionInfo::kFlagCannotBeOptional |
254 APIPermissionInfo::kFlagInternal},
255 {APIPermission::kSearchProvider, "searchProvider",
256 APIPermissionInfo::kFlagCannotBeOptional |
257 APIPermissionInfo::kFlagInternal},
258 {APIPermission::kStartupPages, "startupPages",
259 APIPermissionInfo::kFlagCannotBeOptional |
260 APIPermissionInfo::kFlagInternal},
263 std::vector<APIPermissionInfo*> permissions;
265 for (size_t i = 0; i < arraysize(permissions_to_register); ++i)
266 permissions.push_back(new APIPermissionInfo(permissions_to_register[i]));
267 return permissions;
270 std::vector<PermissionsProvider::AliasInfo>
271 ChromeAPIPermissions::GetAllAliases() const {
272 // Register aliases.
273 std::vector<PermissionsProvider::AliasInfo> aliases;
274 aliases.push_back(PermissionsProvider::AliasInfo("tabs", kWindowsPermission));
275 return aliases;
278 } // namespace extensions