1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "base/strings/utf_string_conversions.h"
10 #include "chrome/grit/generated_resources.h"
11 #include "grit/extensions_strings.h"
12 #include "ui/base/l10n/l10n_util.h"
14 namespace extensions
{
18 // The default formatter for a permission message. Simply displays the message
20 class DefaultPermissionMessageFormatter
21 : public ChromePermissionMessageFormatter
{
23 explicit DefaultPermissionMessageFormatter(int message_id
)
24 : message_id_(message_id
) {}
25 ~DefaultPermissionMessageFormatter() override
{}
27 PermissionMessage
GetPermissionMessage(
28 const PermissionIDSet
& permissions
) const override
{
29 return PermissionMessage(l10n_util::GetStringUTF16(message_id_
),
36 DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter
);
39 // A formatter that substitutes the parameter into the message using string
41 // NOTE: Only one permission with the given ID is substituted using this rule.
42 class SingleParameterFormatter
: public ChromePermissionMessageFormatter
{
44 explicit SingleParameterFormatter(int message_id
) : message_id_(message_id
) {}
45 ~SingleParameterFormatter() override
{}
47 PermissionMessage
GetPermissionMessage(
48 const PermissionIDSet
& permissions
) const override
{
49 DCHECK(permissions
.size() > 0);
50 std::vector
<base::string16
> parameters
=
51 permissions
.GetAllPermissionParameters();
52 DCHECK_EQ(1U, parameters
.size())
53 << "Only one message with each ID can be parameterized.";
54 return PermissionMessage(
55 l10n_util::GetStringFUTF16(message_id_
, parameters
[0]), permissions
);
61 DISALLOW_COPY_AND_ASSIGN(SingleParameterFormatter
);
64 // Adds each parameter to a growing list, with the given |root_message_id| as
65 // the message at the top of the list.
66 class SimpleListFormatter
: public ChromePermissionMessageFormatter
{
68 explicit SimpleListFormatter(int root_message_id
)
69 : root_message_id_(root_message_id
) {}
70 ~SimpleListFormatter() override
{}
72 PermissionMessage
GetPermissionMessage(
73 const PermissionIDSet
& permissions
) const override
{
74 DCHECK(permissions
.size() > 0);
75 return PermissionMessage(l10n_util::GetStringUTF16(root_message_id_
),
77 permissions
.GetAllPermissionParameters());
83 DISALLOW_COPY_AND_ASSIGN(SimpleListFormatter
);
86 // Creates a space-separated list of permissions with the given PermissionID.
87 // The list is inserted into the messages with the given IDs: one for the case
88 // where there is a single permission, and the other for the case where there
90 // TODO(sashab): Extend this to pluralize correctly in all languages.
91 class SpaceSeparatedListFormatter
: public ChromePermissionMessageFormatter
{
93 SpaceSeparatedListFormatter(int message_id_for_one_host
,
94 int message_id_for_multiple_hosts
)
95 : message_id_for_one_host_(message_id_for_one_host
),
96 message_id_for_multiple_hosts_(message_id_for_multiple_hosts
) {}
97 ~SpaceSeparatedListFormatter() override
{}
99 PermissionMessage
GetPermissionMessage(
100 const PermissionIDSet
& permissions
) const override
{
101 DCHECK(permissions
.size() > 0);
102 std::vector
<base::string16
> hostnames
=
103 permissions
.GetAllPermissionParameters();
104 base::string16 hosts_string
=
105 base::JoinString(hostnames
, base::ASCIIToUTF16(" "));
106 return PermissionMessage(
107 l10n_util::GetStringFUTF16(hostnames
.size() == 1
108 ? message_id_for_one_host_
109 : message_id_for_multiple_hosts_
,
115 int message_id_for_one_host_
;
116 int message_id_for_multiple_hosts_
;
118 DISALLOW_COPY_AND_ASSIGN(SpaceSeparatedListFormatter
);
121 // Creates a comma-separated list of permissions with the given PermissionID.
122 // The list is inserted into the messages with the given IDs: one for each case
123 // of 1-3 permissions, and the other for the case where there are 4 or more
124 // permissions. In the case of 4 or more permissions, rather than insert the
125 // list into the message, the permissions are displayed as submessages in the
126 // resultant PermissionMessage.
127 class CommaSeparatedListFormatter
: public ChromePermissionMessageFormatter
{
129 CommaSeparatedListFormatter(int message_id_for_one_host
,
130 int message_id_for_two_hosts
,
131 int message_id_for_three_hosts
,
132 int message_id_for_many_hosts
)
133 : message_id_for_one_host_(message_id_for_one_host
),
134 message_id_for_two_hosts_(message_id_for_two_hosts
),
135 message_id_for_three_hosts_(message_id_for_three_hosts
),
136 message_id_for_many_hosts_(message_id_for_many_hosts
) {}
137 ~CommaSeparatedListFormatter() override
{}
139 PermissionMessage
GetPermissionMessage(
140 const PermissionIDSet
& permissions
) const override
{
141 DCHECK(permissions
.size() > 0);
142 std::vector
<base::string16
> hostnames
=
143 permissions
.GetAllPermissionParameters();
144 PermissionMessages messages
;
145 if (hostnames
.size() <= 3) {
146 return PermissionMessage(
147 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames
.size()),
152 return PermissionMessage(
153 l10n_util::GetStringUTF16(message_id_for_many_hosts_
), permissions
,
158 int message_id_for_hosts(int number_of_hosts
) const {
159 switch (number_of_hosts
) {
161 return message_id_for_one_host_
;
163 return message_id_for_two_hosts_
;
165 return message_id_for_three_hosts_
;
167 return message_id_for_many_hosts_
;
171 int message_id_for_one_host_
;
172 int message_id_for_two_hosts_
;
173 int message_id_for_three_hosts_
;
174 int message_id_for_many_hosts_
;
176 DISALLOW_COPY_AND_ASSIGN(CommaSeparatedListFormatter
);
179 class USBDevicesFormatter
: public ChromePermissionMessageFormatter
{
181 USBDevicesFormatter() {}
182 ~USBDevicesFormatter() override
{}
184 PermissionMessage
GetPermissionMessage(
185 const PermissionIDSet
& permissions
) const override
{
186 DCHECK(permissions
.size() > 0);
187 return permissions
.size() == 1 ? GetItemMessage(permissions
)
188 : GetMultiItemMessage(permissions
);
192 PermissionMessage
GetItemMessage(const PermissionIDSet
& permissions
) const {
193 DCHECK(permissions
.size() == 1);
194 const PermissionID
& permission
= *permissions
.begin();
196 switch (permission
.id()) {
197 case APIPermission::kUsbDevice
:
198 msg
= l10n_util::GetStringFUTF16(
199 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE
, permission
.parameter());
201 case APIPermission::kUsbDeviceUnknownProduct
:
202 msg
= l10n_util::GetStringFUTF16(
203 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT
,
204 permission
.parameter());
206 case APIPermission::kUsbDeviceUnknownVendor
:
207 msg
= l10n_util::GetStringUTF16(
208 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR
);
213 return PermissionMessage(msg
, permissions
);
216 PermissionMessage
GetMultiItemMessage(
217 const PermissionIDSet
& permissions
) const {
218 DCHECK(permissions
.size() > 1);
219 // Put all the individual items into submessages.
220 std::vector
<base::string16
> submessages
;
221 std::vector
<base::string16
> devices
=
222 permissions
.GetAllPermissionsWithID(APIPermission::kUsbDevice
)
223 .GetAllPermissionParameters();
224 for (const base::string16
& device
: devices
) {
225 submessages
.push_back(l10n_util::GetStringFUTF16(
226 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM
, device
));
228 std::vector
<base::string16
> vendors
=
229 permissions
.GetAllPermissionsWithID(
230 APIPermission::kUsbDeviceUnknownProduct
)
231 .GetAllPermissionParameters();
232 for (const base::string16
& vendor
: vendors
) {
233 submessages
.push_back(l10n_util::GetStringFUTF16(
234 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_PRODUCT
,
237 if (permissions
.ContainsID(APIPermission::kUsbDeviceUnknownVendor
)) {
238 submessages
.push_back(l10n_util::GetStringUTF16(
239 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST_ITEM_UNKNOWN_VENDOR
));
242 return PermissionMessage(
243 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST
),
244 permissions
, submessages
);
247 DISALLOW_COPY_AND_ASSIGN(USBDevicesFormatter
);
252 // Convenience constructors to allow inline initialization of the permission
254 // TODO(treib): Once we're allowed to use uniform initialization (and
255 // std::initializer_list), get rid of this helper.
256 class ChromePermissionMessageRule::PermissionIDSetInitializer
257 : public std::set
<APIPermission::ID
> {
259 template <typename
... IDs
>
260 PermissionIDSetInitializer(IDs
... ids
) {
261 // This effectively calls insert() with each of the ids.
262 ExpandHelper(insert(ids
)...);
265 virtual ~PermissionIDSetInitializer() {}
268 template <typename
... Args
>
269 void ExpandHelper(Args
&&...) {}
272 ChromePermissionMessageRule::ChromePermissionMessageRule(
274 const PermissionIDSetInitializer
& required
,
275 const PermissionIDSetInitializer
& optional
)
276 : ChromePermissionMessageRule(
277 new DefaultPermissionMessageFormatter(message_id
),
281 ChromePermissionMessageRule::ChromePermissionMessageRule(
282 ChromePermissionMessageFormatter
* formatter
,
283 const PermissionIDSetInitializer
& required
,
284 const PermissionIDSetInitializer
& optional
)
285 : required_permissions_(required
),
286 optional_permissions_(optional
),
287 formatter_(formatter
) {
288 DCHECK(!required_permissions_
.empty());
291 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
294 std::set
<APIPermission::ID
> ChromePermissionMessageRule::required_permissions()
296 return required_permissions_
;
298 std::set
<APIPermission::ID
> ChromePermissionMessageRule::optional_permissions()
300 return optional_permissions_
;
303 std::set
<APIPermission::ID
> ChromePermissionMessageRule::all_permissions()
305 return base::STLSetUnion
<std::set
<APIPermission::ID
>>(required_permissions(),
306 optional_permissions());
309 PermissionMessage
ChromePermissionMessageRule::GetPermissionMessage(
310 const PermissionIDSet
& permissions
) const {
311 return formatter_
->GetPermissionMessage(permissions
);
315 std::vector
<ChromePermissionMessageRule
>
316 ChromePermissionMessageRule::GetAllRules() {
317 // The rules for generating messages from permissions. Any new rules should be
318 // added directly to this list, not elsewhere in the code, so that all the
319 // logic of generating and coalescing permission messages happens here.
321 // Each rule has 3 components:
322 // 1. The message itself
323 // 2. The permissions that need to be present for the message to appear
324 // 3. Permissions that, if present, also contribute to the message, but do not
325 // form the message on their own
327 // Rules are applied in precedence order: rules that come first consume
328 // permissions (both required and optional) so they can not be used in later
330 // NOTE: The order of this list matters - be careful when adding new rules!
331 // If unsure, add them near related rules and add tests to
332 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
333 // messages are being generated/coalesced correctly.
335 // Rules are not transitive: This means that if the kTab permission 'absorbs'
336 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
337 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
338 // to the kHistory absorb list. Ideally, the rules system should be simple
339 // enough that rules like this should not occur; the visibility of the rules
340 // system should allow us to design a system that is simple enough to explain
341 // yet powerful enough to encapsulate all the messages we want to display.
342 ChromePermissionMessageRule rules_arr
[] = {
343 // Full access permission messages.
344 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER
, {APIPermission::kDebugger
}, {}},
345 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS
,
346 {APIPermission::kPlugin
},
347 {APIPermission::kDeclarativeWebRequest
, APIPermission::kFavicon
,
348 APIPermission::kFullAccess
, APIPermission::kHostsAll
,
349 APIPermission::kHostsAllReadOnly
, APIPermission::kProcesses
,
350 APIPermission::kTab
, APIPermission::kTopSites
,
351 APIPermission::kWebNavigation
}},
352 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS
,
353 {APIPermission::kFullAccess
},
354 {APIPermission::kDeclarativeWebRequest
, APIPermission::kFavicon
,
355 APIPermission::kHostsAll
, APIPermission::kHostsAllReadOnly
,
356 APIPermission::kProcesses
, APIPermission::kTab
,
357 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
359 // Hosts permission messages.
360 // Full host access already allows DeclarativeWebRequest, reading the list
361 // of most frequently visited sites, and tab access.
362 // The warning message for declarativeWebRequest permissions speaks about
363 // blocking parts of pages, which is a subset of what the "<all_urls>"
364 // access allows. Therefore we display only the "<all_urls>" warning
365 // message if both permissions are required.
366 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS
,
367 {APIPermission::kHostsAll
},
368 {APIPermission::kDeclarativeWebRequest
, APIPermission::kFavicon
,
369 APIPermission::kHostsAllReadOnly
, APIPermission::kHostReadOnly
,
370 APIPermission::kHostReadWrite
, APIPermission::kProcesses
,
371 APIPermission::kTab
, APIPermission::kTopSites
,
372 APIPermission::kWebNavigation
}},
373 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY
,
374 {APIPermission::kHostsAllReadOnly
},
375 {APIPermission::kFavicon
, APIPermission::kHostReadOnly
,
376 APIPermission::kProcesses
, APIPermission::kTab
,
377 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
379 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST
,
380 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS
,
381 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS
,
382 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST
),
383 {APIPermission::kHostReadWrite
},
385 {new CommaSeparatedListFormatter(
386 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY
,
387 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY
,
388 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY
,
389 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY
),
390 {APIPermission::kHostReadOnly
},
393 // History-related permission messages.
394 // History already allows reading favicons, tab access and accessing the
395 // list of most frequently visited sites.
396 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS
,
397 {APIPermission::kHistory
, APIPermission::kSessions
},
398 {APIPermission::kFavicon
, APIPermission::kProcesses
, APIPermission::kTab
,
399 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
400 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS
,
401 {APIPermission::kTab
, APIPermission::kSessions
},
402 {APIPermission::kFavicon
, APIPermission::kProcesses
,
403 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
404 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
,
405 {APIPermission::kHistory
},
406 {APIPermission::kFavicon
, APIPermission::kProcesses
, APIPermission::kTab
,
407 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
408 // Note: kSessions allows reading history from other devices only if kTab
409 // is also present. Therefore, there are no _AND_SESSIONS versions of
410 // the other rules that generate the HISTORY_READ warning.
411 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
,
412 {APIPermission::kTab
},
413 {APIPermission::kFavicon
, APIPermission::kProcesses
,
414 APIPermission::kTopSites
, APIPermission::kWebNavigation
}},
415 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
,
416 {APIPermission::kProcesses
},
417 {APIPermission::kFavicon
, APIPermission::kTopSites
,
418 APIPermission::kWebNavigation
}},
419 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
,
420 {APIPermission::kWebNavigation
},
421 {APIPermission::kFavicon
, APIPermission::kTopSites
}},
422 {IDS_EXTENSION_PROMPT_WARNING_FAVICON
, {APIPermission::kFavicon
}, {}},
423 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES
, {APIPermission::kTopSites
}, {}},
425 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST
,
426 {APIPermission::kDeclarativeWebRequest
},
429 // Messages generated by the sockets permission.
430 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST
,
431 {APIPermission::kSocketAnyHost
},
432 {APIPermission::kSocketDomainHosts
,
433 APIPermission::kSocketSpecificHosts
}},
434 {new SpaceSeparatedListFormatter(
435 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN
,
436 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS
),
437 {APIPermission::kSocketDomainHosts
},
439 {new SpaceSeparatedListFormatter(
440 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST
,
441 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS
),
442 {APIPermission::kSocketSpecificHosts
},
445 // Devices-related messages.
446 // USB Device Permission rules. Think of these three rules as a single one
447 // that applies when any of the three kUsb* IDs is there, and pulls them
448 // all into a single formatter.
449 {new USBDevicesFormatter
,
450 {APIPermission::kUsbDevice
},
451 {APIPermission::kUsbDeviceUnknownProduct
,
452 APIPermission::kUsbDeviceUnknownVendor
}},
453 {new USBDevicesFormatter
,
454 {APIPermission::kUsbDeviceUnknownProduct
},
455 {APIPermission::kUsbDeviceUnknownVendor
}},
456 {new USBDevicesFormatter
, {APIPermission::kUsbDeviceUnknownVendor
}, {}},
457 // Access to users' devices should provide a single warning message
458 // specifying the transport method used; serial and/or Bluetooth.
459 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL
,
460 {APIPermission::kBluetooth
, APIPermission::kSerial
},
461 {APIPermission::kBluetoothDevices
}},
462 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH
,
463 {APIPermission::kBluetooth
},
464 {APIPermission::kBluetoothDevices
}},
465 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES
,
466 {APIPermission::kBluetoothDevices
},
468 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE
,
469 {APIPermission::kBluetoothPrivate
},
471 {IDS_EXTENSION_PROMPT_WARNING_SERIAL
, {APIPermission::kSerial
}, {}},
472 // Universal 2nd Factor devices.
473 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES
,
474 {APIPermission::kU2fDevices
},
477 // Accessibility features.
478 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY
,
479 {APIPermission::kAccessibilityFeaturesModify
,
480 APIPermission::kAccessibilityFeaturesRead
},
482 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY
,
483 {APIPermission::kAccessibilityFeaturesModify
},
485 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ
,
486 {APIPermission::kAccessibilityFeaturesRead
},
489 // Media galleries permissions. We don't have strings for every possible
490 // combination, e.g. we don't bother with a special string for "write, but
491 // not read" - just show the "read and write" string instead, etc.
492 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE
,
493 {APIPermission::kMediaGalleriesAllGalleriesCopyTo
,
494 APIPermission::kMediaGalleriesAllGalleriesDelete
},
495 {APIPermission::kMediaGalleriesAllGalleriesRead
}},
496 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE
,
497 {APIPermission::kMediaGalleriesAllGalleriesCopyTo
},
498 {APIPermission::kMediaGalleriesAllGalleriesRead
}},
499 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE
,
500 {APIPermission::kMediaGalleriesAllGalleriesDelete
},
501 {APIPermission::kMediaGalleriesAllGalleriesRead
}},
502 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ
,
503 {APIPermission::kMediaGalleriesAllGalleriesRead
},
506 // The permission string for "fileSystem" is only shown when
507 // "write" or "directory" is present. Read-only access is only
508 // granted after the user has been shown a file or directory
509 // chooser dialog and selected a file or directory. Selecting
510 // the file or directory is considered consent to read it.
511 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY
,
512 {APIPermission::kFileSystemWrite
, APIPermission::kFileSystemDirectory
},
514 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY
,
515 {APIPermission::kFileSystemDirectory
},
518 // Video and audio capture.
519 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE
,
520 {APIPermission::kAudioCapture
, APIPermission::kVideoCapture
},
522 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE
,
523 {APIPermission::kAudioCapture
},
525 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE
,
526 {APIPermission::kVideoCapture
},
529 // Network-related permissions.
530 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE
,
531 {APIPermission::kNetworkingPrivate
},
533 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_CONFIG
,
534 {APIPermission::kNetworkingConfig
},
536 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE
,
537 {APIPermission::kNetworkState
},
539 {IDS_EXTENSION_PROMPT_WARNING_VPN
, {APIPermission::kVpnProvider
}, {}},
540 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE
,
541 {APIPermission::kWebConnectable
},
543 {new SingleParameterFormatter(
544 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE
),
545 {APIPermission::kHomepage
},
547 {new SingleParameterFormatter(
548 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE
),
549 {APIPermission::kSearchProvider
},
551 {new SingleParameterFormatter(
552 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE
),
553 {APIPermission::kStartupPages
},
556 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS
,
557 {APIPermission::kBookmark
},
558 {APIPermission::kOverrideBookmarksUI
}},
559 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD
,
560 {APIPermission::kClipboardRead
},
562 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE
,
563 {APIPermission::kDesktopCapture
},
565 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS
, {APIPermission::kDownloads
}, {}},
566 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN
,
567 {APIPermission::kDownloadsOpen
},
569 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL
,
570 {APIPermission::kIdentityEmail
},
572 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION
,
573 {APIPermission::kGeolocation
},
575 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION
,
576 {APIPermission::kLocation
},
579 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS
,
580 {APIPermission::kContentSettings
},
582 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE
,
583 {APIPermission::kCopresence
},
585 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN
,
586 {APIPermission::kDocumentScan
},
588 {IDS_EXTENSION_PROMPT_WARNING_INPUT
, {APIPermission::kInput
}, {}},
589 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT
,
590 {APIPermission::kManagement
},
592 {IDS_EXTENSION_PROMPT_WARNING_MDNS
, {APIPermission::kMDns
}, {}},
593 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING
,
594 {APIPermission::kNativeMessaging
},
596 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY
, {APIPermission::kPrivacy
}, {}},
597 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES
,
598 {APIPermission::kSignedInDevices
},
600 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM
,
601 {APIPermission::kSyncFileSystem
},
603 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE
,
604 {APIPermission::kTtsEngine
},
606 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER
, {APIPermission::kWallpaper
}, {}},
607 {IDS_EXTENSION_PROMPT_WARNING_PLATFORMKEYS
,
608 {APIPermission::kPlatformKeys
},
610 {IDS_EXTENSION_PROMPT_WARNING_CERTIFICATEPROVIDER
,
611 {APIPermission::kCertificateProvider
},
614 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE
,
615 {APIPermission::kScreenlockPrivate
},
617 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE
,
618 {APIPermission::kActivityLogPrivate
},
620 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE
,
621 {APIPermission::kExperienceSamplingPrivate
},
623 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE
,
624 {APIPermission::kMusicManagerPrivate
},
626 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE
,
627 {APIPermission::kSearchEnginesPrivate
},
629 {IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE
,
630 {APIPermission::kSettingsPrivate
},
632 {IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE
,
633 {APIPermission::kAutofillPrivate
},
635 {IDS_EXTENSION_PROMPT_WARNING_PASSWORDS_PRIVATE
,
636 {APIPermission::kPasswordsPrivate
},
638 {IDS_EXTENSION_PROMPT_WARNING_USERS_PRIVATE
,
639 {APIPermission::kUsersPrivate
},
643 return std::vector
<ChromePermissionMessageRule
>(
644 rules_arr
, rules_arr
+ arraysize(rules_arr
));
647 } // namespace extensions