search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Elim cr-checkbox
[chromium-blink-merge.git] / chrome / browser / extensions / api / permissions / permissions_api.cc
blobe27912a908a9e5424dce11b35c7146a962efc58f
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/extensions/api/permissions/permissions_api.h"
6
7 #include "base/memory/scoped_ptr.h"
8 #include "chrome/browser/chrome_notification_types.h"
9 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"
10 #include "chrome/browser/extensions/extension_management.h"
11 #include "chrome/browser/extensions/permissions_updater.h"
12 #include "chrome/browser/profiles/profile.h"
13 #include "chrome/common/extensions/api/permissions.h"
14 #include "extensions/browser/extension_prefs.h"
15 #include "extensions/common/error_utils.h"
16 #include "extensions/common/extension.h"
17 #include "extensions/common/manifest_handlers/permissions_parser.h"
18 #include "extensions/common/permissions/permission_message_provider.h"
19 #include "extensions/common/permissions/permissions_data.h"
20 #include "extensions/common/permissions/permissions_info.h"
21
22 namespace extensions {
23
24 using api::permissions::Permissions;
25
26 namespace Contains = api::permissions::Contains;
27 namespace GetAll = api::permissions::GetAll;
28 namespace Remove = api::permissions::Remove;
29 namespace Request = api::permissions::Request;
30 namespace helpers = permissions_api_helpers;
31
32 namespace {
33
34 const char kBlockedByEnterprisePolicy[] =
35 "Permissions are blocked by enterprise policy.";
36 const char kCantRemoveRequiredPermissionsError[] =
37 "You cannot remove required permissions.";
38 const char kNotInOptionalPermissionsError[] =
39 "Optional permissions must be listed in extension manifest.";
40 const char kNotWhitelistedError[] =
41 "The optional permissions API does not support '*'.";
42 const char kUserGestureRequiredError[] =
43 "This function must be called during a user gesture";
44
45 enum AutoConfirmForTest {
46 DO_NOT_SKIP = 0,
47 PROCEED,
48 ABORT
49 };
50 AutoConfirmForTest auto_confirm_for_tests = DO_NOT_SKIP;
51 bool ignore_user_gesture_for_tests = false;
52
53 } // namespace
54
55 bool PermissionsContainsFunction::RunSync() {
56 scoped_ptr<Contains::Params> params(Contains::Params::Create(*args_));
57 EXTENSION_FUNCTION_VALIDATE(params);
58
59 scoped_refptr<const PermissionSet> permissions = helpers::UnpackPermissionSet(
60 params->permissions,
61 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()),
62 &error_);
63 if (!permissions.get())
64 return false;
65
66 results_ = Contains::Results::Create(
67 extension()->permissions_data()->active_permissions()->Contains(
68 *permissions.get()));
69 return true;
70 }
71
72 bool PermissionsGetAllFunction::RunSync() {
73 scoped_ptr<Permissions> permissions = helpers::PackPermissionSet(
74 extension()->permissions_data()->active_permissions().get());
75 results_ = GetAll::Results::Create(*permissions);
76 return true;
77 }
78
79 bool PermissionsRemoveFunction::RunSync() {
80 scoped_ptr<Remove::Params> params(Remove::Params::Create(*args_));
81 EXTENSION_FUNCTION_VALIDATE(params);
82
83 scoped_refptr<const PermissionSet> permissions = helpers::UnpackPermissionSet(
84 params->permissions,
85 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()),
86 &error_);
87 if (!permissions.get())
88 return false;
89
90 // Make sure they're only trying to remove permissions supported by this API.
91 APIPermissionSet apis = permissions->apis();
92 for (APIPermissionSet::const_iterator i = apis.begin();
93 i != apis.end(); ++i) {
94 if (!i->info()->supports_optional()) {
95 error_ = ErrorUtils::FormatErrorMessage(
96 kNotWhitelistedError, i->name());
97 return false;
98 }
99 }
100
101 // Make sure we only remove optional permissions, and not required
102 // permissions. Sadly, for some reason we support having a permission be both
103 // optional and required (and should assume its required), so we need both of
104 // these checks.
105 // TODO(devlin): *Why* do we support that? Should be a load error.
106 scoped_refptr<const PermissionSet> optional =
107 PermissionsParser::GetOptionalPermissions(extension());
108 scoped_refptr<const PermissionSet> required =
109 PermissionsParser::GetRequiredPermissions(extension());
110 if (!optional->Contains(*permissions) ||
111 !scoped_refptr<const PermissionSet>(
112 PermissionSet::CreateIntersection(*permissions, *required))
113 ->IsEmpty()) {
114 error_ = kCantRemoveRequiredPermissionsError;
115 return false;
116 }
117
118 // Only try and remove those permissions that are active on the extension.
119 // For backwards compatability with behavior before this check was added, just
120 // silently remove any that aren't present.
121 permissions = PermissionSet::CreateIntersection(
122 *permissions, *extension()->permissions_data()->active_permissions());
123
124 PermissionsUpdater(GetProfile())
125 .RemovePermissions(extension(), permissions.get(),
126 PermissionsUpdater::REMOVE_SOFT);
127 results_ = Remove::Results::Create(true);
128 return true;
129 }
130
131 // static
132 void PermissionsRequestFunction::SetAutoConfirmForTests(bool should_proceed) {
133 auto_confirm_for_tests = should_proceed ? PROCEED : ABORT;
134 }
135
136 // static
137 void PermissionsRequestFunction::SetIgnoreUserGestureForTests(
138 bool ignore) {
139 ignore_user_gesture_for_tests = ignore;
140 }
141
142 PermissionsRequestFunction::PermissionsRequestFunction() {}
143
144 void PermissionsRequestFunction::InstallUIProceed() {
145 PermissionsUpdater perms_updater(GetProfile());
146 perms_updater.AddPermissions(extension(), requested_permissions_.get());
147
148 results_ = Request::Results::Create(true);
149 SendResponse(true);
150
151 Release(); // Balanced in RunAsync().
152 }
153
154 void PermissionsRequestFunction::InstallUIAbort(bool user_initiated) {
155 SendResponse(true);
156
157 Release(); // Balanced in RunAsync().
158 }
159
160 PermissionsRequestFunction::~PermissionsRequestFunction() {}
161
162 bool PermissionsRequestFunction::RunAsync() {
163 results_ = Request::Results::Create(false);
164
165 if (!user_gesture() &&
166 !ignore_user_gesture_for_tests &&
167 extension_->location() != Manifest::COMPONENT) {
168 error_ = kUserGestureRequiredError;
169 return false;
170 }
171
172 scoped_ptr<Request::Params> params(Request::Params::Create(*args_));
173 EXTENSION_FUNCTION_VALIDATE(params);
174
175 requested_permissions_ = helpers::UnpackPermissionSet(
176 params->permissions,
177 ExtensionPrefs::Get(GetProfile())->AllowFileAccess(extension_->id()),
178 &error_);
179 if (!requested_permissions_.get())
180 return false;
181
182 // Make sure they're only requesting permissions supported by this API.
183 APIPermissionSet apis = requested_permissions_->apis();
184 for (APIPermissionSet::const_iterator i = apis.begin();
185 i != apis.end(); ++i) {
186 if (!i->info()->supports_optional()) {
187 error_ = ErrorUtils::FormatErrorMessage(
188 kNotWhitelistedError, i->name());
189 return false;
190 }
191 }
192
193 // The requested permissions must be defined as optional in the manifest.
194 if (!PermissionsParser::GetOptionalPermissions(extension())
195 ->Contains(*requested_permissions_.get())) {
196 error_ = kNotInOptionalPermissionsError;
197 return false;
198 }
199
200 // Automatically declines api permissions requests, which are blocked by
201 // enterprise policy.
202 if (!ExtensionManagementFactory::GetForBrowserContext(GetProfile())
203 ->IsPermissionSetAllowed(extension(), requested_permissions_)) {
204 error_ = kBlockedByEnterprisePolicy;
205 return false;
206 }
207
208 // We don't need to prompt the user if the requested permissions are a subset
209 // of the granted permissions set.
210 scoped_refptr<const PermissionSet> granted =
211 ExtensionPrefs::Get(GetProfile())
212 ->GetGrantedPermissions(extension()->id());
213 if (granted.get() && granted->Contains(*requested_permissions_.get())) {
214 PermissionsUpdater perms_updater(GetProfile());
215 perms_updater.AddPermissions(extension(), requested_permissions_.get());
216 results_ = Request::Results::Create(true);
217 SendResponse(true);
218 return true;
219 }
220
221 // Filter out the granted permissions so we only prompt for new ones.
222 requested_permissions_ =
223 PermissionSet::CreateDifference(*requested_permissions_, *granted);
224
225 // Filter out the active permissions.
226 requested_permissions_ = PermissionSet::CreateDifference(
227 *requested_permissions_.get(),
228 *extension()->permissions_data()->active_permissions());
229
230 AddRef(); // Balanced in InstallUIProceed() / InstallUIAbort().
231
232 // We don't need to show the prompt if there are no new warnings, or if
233 // we're skipping the confirmation UI. All extension types but INTERNAL
234 // are allowed to silently increase their permission level.
235 const PermissionMessageProvider* message_provider =
236 PermissionMessageProvider::Get();
237 bool has_no_warnings =
238 message_provider->GetPermissionMessages(
239 message_provider->GetAllPermissionIDs(
240 requested_permissions_.get(),
241 extension()->GetType())).empty();
242 if (auto_confirm_for_tests == PROCEED || has_no_warnings ||
243 extension_->location() == Manifest::COMPONENT) {
244 InstallUIProceed();
245 } else if (auto_confirm_for_tests == ABORT) {
246 // Pretend the user clicked cancel.
247 InstallUIAbort(true);
248 } else {
249 CHECK_EQ(DO_NOT_SKIP, auto_confirm_for_tests);
250 install_ui_.reset(new ExtensionInstallPrompt(GetAssociatedWebContents()));
251 install_ui_->ConfirmPermissions(
252 this, extension(), requested_permissions_.get());
253 }
254
255 return true;
256 }
257
258 } // namespace extensions