search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Disable view source for Developer Tools.
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_api_permissions.cc
blobe939dc002d17bf6cf554299a27bcd3eb0aa46640
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_api_permissions.h"
6
7 #include "chrome/common/extensions/permissions/bluetooth_permission.h"
8 #include "chrome/common/extensions/permissions/media_galleries_permission.h"
9 #include "chrome/common/extensions/permissions/socket_permission.h"
10 #include "chrome/common/extensions/permissions/usb_device_permission.h"
11 #include "extensions/common/permissions/api_permission.h"
12 #include "extensions/common/permissions/api_permission_set.h"
13 #include "extensions/common/permissions/permission_message.h"
14 #include "extensions/common/permissions/permissions_info.h"
15 #include "grit/generated_resources.h"
16
17 namespace extensions {
18
19 namespace {
20
21 const char kOldUnlimitedStoragePermission[] = "unlimited_storage";
22 const char kWindowsPermission[] = "windows";
23
24 template<typename T> APIPermission* CreateAPIPermission(
25 const APIPermissionInfo* permission) {
26 return new T(permission);
27 }
28
29 } // namespace
30
31 std::vector<APIPermissionInfo*> ChromeAPIPermissions::GetAllPermissions()
32 const {
33 struct PermissionRegistration {
34 APIPermission::ID id;
35 const char* name;
36 int flags;
37 int l10n_message_id;
38 PermissionMessage::ID message_id;
39 APIPermissionInfo::APIPermissionConstructor constructor;
40 } PermissionsToRegister[] = {
41 // Register permissions for all extension types.
42 { APIPermission::kBackground, "background" },
43 { APIPermission::kClipboardRead, "clipboardRead",
44 APIPermissionInfo::kFlagNone,
45 IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
46 PermissionMessage::kClipboard },
47 { APIPermission::kClipboardWrite, "clipboardWrite" },
48 { APIPermission::kDeclarativeContent, "declarativeContent" },
49 { APIPermission::kDeclarativeWebRequest, "declarativeWebRequest",
50 APIPermissionInfo::kFlagNone,
51 IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
52 PermissionMessage::kDeclarativeWebRequest },
53 { APIPermission::kDesktopCapture, "desktopCapture",
54 APIPermissionInfo::kFlagNone,
55 IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
56 PermissionMessage::kDesktopCapture },
57 { APIPermission::kDns, "dns" },
58 { APIPermission::kDownloads, "downloads", APIPermissionInfo::kFlagNone,
59 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS,
60 PermissionMessage::kDownloads },
61 { APIPermission::kDownloadsOpen, "downloads.open",
62 APIPermissionInfo::kFlagNone,
63 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
64 PermissionMessage::kDownloadsOpen },
65 { APIPermission::kDownloadsShelf, "downloads.shelf" },
66 { APIPermission::kIdentity, "identity" },
67 { APIPermission::kExperimental, "experimental",
68 APIPermissionInfo::kFlagCannotBeOptional },
69 // NOTE(kalman): this is provided by a manifest property but needs to
70 // appear in the install permission dialogue, so we need a fake
71 // permission for it. See http://crbug.com/247857.
72 { APIPermission::kWebConnectable, "webConnectable",
73 APIPermissionInfo::kFlagCannotBeOptional |
74 APIPermissionInfo::kFlagInternal,
75 IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
76 PermissionMessage::kWebConnectable},
77 { APIPermission::kGeolocation, "geolocation",
78 APIPermissionInfo::kFlagCannotBeOptional,
79 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
80 PermissionMessage::kGeolocation },
81 { APIPermission::kNotification, "notifications" },
82 { APIPermission::kUnlimitedStorage, "unlimitedStorage",
83 APIPermissionInfo::kFlagCannotBeOptional },
84 { APIPermission::kGcm, "gcm" },
85
86 // Register extension permissions.
87 { APIPermission::kActiveTab, "activeTab" },
88 { APIPermission::kAdView, "adview" },
89 { APIPermission::kAlarms, "alarms" },
90 { APIPermission::kBookmark, "bookmarks", APIPermissionInfo::kFlagNone,
91 IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
92 PermissionMessage::kBookmarks },
93 { APIPermission::kBrailleDisplayPrivate, "brailleDisplayPrivate",
94 APIPermissionInfo::kFlagCannotBeOptional },
95 { APIPermission::kBrowsingData, "browsingData" },
96 { APIPermission::kContentSettings, "contentSettings",
97 APIPermissionInfo::kFlagNone,
98 IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
99 PermissionMessage::kContentSettings },
100 { APIPermission::kContextMenus, "contextMenus" },
101 { APIPermission::kCookie, "cookies" },
102 { APIPermission::kFileBrowserHandler, "fileBrowserHandler",
103 APIPermissionInfo::kFlagCannotBeOptional },
104 { APIPermission::kFontSettings, "fontSettings",
105 APIPermissionInfo::kFlagCannotBeOptional },
106 { APIPermission::kHistory, "history", APIPermissionInfo::kFlagNone,
107 IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY,
108 PermissionMessage::kBrowsingHistory },
109 { APIPermission::kIdltest, "idltest" },
110 { APIPermission::kIdle, "idle" },
111 { APIPermission::kInfobars, "infobars" },
112 { APIPermission::kInput, "input", APIPermissionInfo::kFlagNone,
113 IDS_EXTENSION_PROMPT_WARNING_INPUT,
114 PermissionMessage::kInput },
115 { APIPermission::kLocation, "location",
116 APIPermissionInfo::kFlagCannotBeOptional,
117 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
118 PermissionMessage::kGeolocation },
119 { APIPermission::kManagement, "management", APIPermissionInfo::kFlagNone,
120 IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
121 PermissionMessage::kManagement },
122 { APIPermission::kNativeMessaging, "nativeMessaging",
123 APIPermissionInfo::kFlagNone,
124 IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
125 PermissionMessage::kNativeMessaging },
126 { APIPermission::kPower, "power", },
127 { APIPermission::kPrivacy, "privacy", APIPermissionInfo::kFlagNone,
128 IDS_EXTENSION_PROMPT_WARNING_PRIVACY,
129 PermissionMessage::kPrivacy },
130 { APIPermission::kProcesses, "processes", APIPermissionInfo::kFlagNone,
131 IDS_EXTENSION_PROMPT_WARNING_TABS,
132 PermissionMessage::kTabs },
133 { APIPermission::kSessions, "sessions" },
134 { APIPermission::kSignedInDevices, "signedInDevices",
135 APIPermissionInfo::kFlagNone,
136 IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
137 PermissionMessage::kSignedInDevices },
138 { APIPermission::kStorage, "storage" },
139 { APIPermission::kSyncFileSystem, "syncFileSystem",
140 APIPermissionInfo::kFlagNone,
141 IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
142 PermissionMessage::kSyncFileSystem },
143 { APIPermission::kTab, "tabs", APIPermissionInfo::kFlagNone,
144 IDS_EXTENSION_PROMPT_WARNING_TABS,
145 PermissionMessage::kTabs },
146 { APIPermission::kTopSites, "topSites", APIPermissionInfo::kFlagNone,
147 IDS_EXTENSION_PROMPT_WARNING_BROWSING_HISTORY,
148 PermissionMessage::kBrowsingHistory },
149 { APIPermission::kTts, "tts", 0, APIPermissionInfo::kFlagCannotBeOptional },
150 { APIPermission::kTtsEngine, "ttsEngine",
151 APIPermissionInfo::kFlagCannotBeOptional,
152 IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
153 PermissionMessage::kTtsEngine },
154 { APIPermission::kWallpaper, "wallpaper",
155 APIPermissionInfo::kFlagCannotBeOptional,
156 IDS_EXTENSION_PROMPT_WARNING_WALLPAPER,
157 PermissionMessage::kWallpaper },
158 { APIPermission::kWebNavigation, "webNavigation",
159 APIPermissionInfo::kFlagNone,
160 IDS_EXTENSION_PROMPT_WARNING_TABS, PermissionMessage::kTabs },
161 { APIPermission::kWebRequest, "webRequest" },
162 { APIPermission::kWebRequestBlocking, "webRequestBlocking" },
163 { APIPermission::kWebView, "webview",
164 APIPermissionInfo::kFlagCannotBeOptional },
165
166 // Register private permissions.
167 { APIPermission::kScreenlockPrivate, "screenlockPrivate",
168 APIPermissionInfo::kFlagCannotBeOptional,
169 IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
170 PermissionMessage::kScreenlockPrivate },
171 { APIPermission::kActivityLogPrivate, "activityLogPrivate",
172 APIPermissionInfo::kFlagCannotBeOptional,
173 IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
174 PermissionMessage::kActivityLogPrivate },
175 { APIPermission::kAutoTestPrivate, "autotestPrivate",
176 APIPermissionInfo::kFlagCannotBeOptional },
177 { APIPermission::kBookmarkManagerPrivate, "bookmarkManagerPrivate",
178 APIPermissionInfo::kFlagCannotBeOptional },
179 { APIPermission::kCast, "cast",
180 APIPermissionInfo::kFlagCannotBeOptional },
181 { APIPermission::kChromeosInfoPrivate, "chromeosInfoPrivate",
182 APIPermissionInfo::kFlagCannotBeOptional },
183 { APIPermission::kCommandLinePrivate, "commandLinePrivate",
184 APIPermissionInfo::kFlagCannotBeOptional },
185 { APIPermission::kDeveloperPrivate, "developerPrivate",
186 APIPermissionInfo::kFlagCannotBeOptional },
187 { APIPermission::kDiagnostics, "diagnostics",
188 APIPermissionInfo::kFlagCannotBeOptional },
189 { APIPermission::kDial, "dial", APIPermissionInfo::kFlagCannotBeOptional },
190 { APIPermission::kDownloadsInternal, "downloadsInternal" },
191 { APIPermission::kFileBrowserHandlerInternal, "fileBrowserHandlerInternal",
192 APIPermissionInfo::kFlagCannotBeOptional },
193 { APIPermission::kFileBrowserPrivate, "fileBrowserPrivate",
194 APIPermissionInfo::kFlagCannotBeOptional },
195 { APIPermission::kIdentityPrivate, "identityPrivate",
196 APIPermissionInfo::kFlagCannotBeOptional },
197 { APIPermission::kLogPrivate, "logPrivate"},
198 { APIPermission::kNetworkingPrivate, "networkingPrivate",
199 APIPermissionInfo::kFlagCannotBeOptional,
200 IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
201 PermissionMessage::kNetworkingPrivate },
202 { APIPermission::kMediaPlayerPrivate, "mediaPlayerPrivate",
203 APIPermissionInfo::kFlagCannotBeOptional },
204 { APIPermission::kMetricsPrivate, "metricsPrivate",
205 APIPermissionInfo::kFlagCannotBeOptional },
206 { APIPermission::kMDns, "mdns", APIPermissionInfo::kFlagCannotBeOptional },
207 { APIPermission::kMusicManagerPrivate, "musicManagerPrivate",
208 APIPermissionInfo::kFlagCannotBeOptional,
209 IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
210 PermissionMessage::kMusicManagerPrivate },
211 { APIPermission::kPreferencesPrivate, "preferencesPrivate",
212 APIPermissionInfo::kFlagCannotBeOptional },
213 { APIPermission::kSystemPrivate, "systemPrivate",
214 APIPermissionInfo::kFlagCannotBeOptional },
215 { APIPermission::kCloudPrintPrivate, "cloudPrintPrivate",
216 APIPermissionInfo::kFlagCannotBeOptional },
217 { APIPermission::kInputMethodPrivate, "inputMethodPrivate",
218 APIPermissionInfo::kFlagCannotBeOptional },
219 { APIPermission::kEchoPrivate, "echoPrivate",
220 APIPermissionInfo::kFlagCannotBeOptional },
221 { APIPermission::kFeedbackPrivate, "feedbackPrivate",
222 APIPermissionInfo::kFlagCannotBeOptional },
223 { APIPermission::kImageWriterPrivate, "imageWriterPrivate",
224 APIPermissionInfo::kFlagCannotBeOptional },
225 { APIPermission::kReadingListPrivate, "readingListPrivate",
226 APIPermissionInfo::kFlagCannotBeOptional },
227 { APIPermission::kRtcPrivate, "rtcPrivate",
228 APIPermissionInfo::kFlagCannotBeOptional },
229 { APIPermission::kTerminalPrivate, "terminalPrivate",
230 APIPermissionInfo::kFlagCannotBeOptional },
231 { APIPermission::kVirtualKeyboardPrivate, "virtualKeyboardPrivate",
232 APIPermissionInfo::kFlagCannotBeOptional },
233 { APIPermission::kWallpaperPrivate, "wallpaperPrivate",
234 APIPermissionInfo::kFlagCannotBeOptional },
235 { APIPermission::kWebRequestInternal, "webRequestInternal" },
236 { APIPermission::kWebstorePrivate, "webstorePrivate",
237 APIPermissionInfo::kFlagCannotBeOptional },
238 { APIPermission::kMediaGalleriesPrivate, "mediaGalleriesPrivate",
239 APIPermissionInfo::kFlagCannotBeOptional },
240 { APIPermission::kStreamsPrivate, "streamsPrivate",
241 APIPermissionInfo::kFlagCannotBeOptional },
242 { APIPermission::kEnterprisePlatformKeysPrivate,
243 "enterprise.platformKeysPrivate",
244 APIPermissionInfo::kFlagCannotBeOptional },
245 { APIPermission::kWebrtcAudioPrivate, "webrtcAudioPrivate",
246 APIPermissionInfo::kFlagCannotBeOptional },
247 { APIPermission::kWebrtcLoggingPrivate, "webrtcLoggingPrivate",
248 APIPermissionInfo::kFlagCannotBeOptional },
249 { APIPermission::kPrincipalsPrivate, "principalsPrivate",
250 APIPermissionInfo::kFlagCannotBeOptional },
251 { APIPermission::kFirstRunPrivate, "firstRunPrivate",
252 APIPermissionInfo::kFlagCannotBeOptional},
253
254 // Full url access permissions.
255 { APIPermission::kDebugger, "debugger",
256 APIPermissionInfo::kFlagImpliesFullURLAccess |
257 APIPermissionInfo::kFlagCannotBeOptional,
258 IDS_EXTENSION_PROMPT_WARNING_DEBUGGER,
259 PermissionMessage::kDebugger },
260 { APIPermission::kDevtools, "devtools",
261 APIPermissionInfo::kFlagImpliesFullURLAccess |
262 APIPermissionInfo::kFlagCannotBeOptional |
263 APIPermissionInfo::kFlagInternal },
264 { APIPermission::kPageCapture, "pageCapture",
265 APIPermissionInfo::kFlagImpliesFullURLAccess },
266 { APIPermission::kTabCapture, "tabCapture",
267 APIPermissionInfo::kFlagImpliesFullURLAccess },
268 { APIPermission::kTabCaptureForTab, "tabCaptureForTab",
269 APIPermissionInfo::kFlagInternal },
270 { APIPermission::kPlugin, "plugin",
271 APIPermissionInfo::kFlagImpliesFullURLAccess |
272 APIPermissionInfo::kFlagImpliesFullAccess |
273 APIPermissionInfo::kFlagCannotBeOptional |
274 APIPermissionInfo::kFlagInternal,
275 IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
276 PermissionMessage::kFullAccess },
277 { APIPermission::kProxy, "proxy",
278 APIPermissionInfo::kFlagImpliesFullURLAccess |
279 APIPermissionInfo::kFlagCannotBeOptional },
280
281 // Platform-app permissions.
282 { APIPermission::kSerial, "serial", APIPermissionInfo::kFlagNone,
283 IDS_EXTENSION_PROMPT_WARNING_SERIAL,
284 PermissionMessage::kSerial },
285 // Because warning messages for the "socket" permission vary based on the
286 // permissions parameters, no message ID or message text is specified here.
287 // The message ID and text used will be determined at run-time in the
288 // |SocketPermission| class.
289 { APIPermission::kSocket, "socket",
290 APIPermissionInfo::kFlagCannotBeOptional, 0,
291 PermissionMessage::kNone, &CreateAPIPermission<SocketPermission> },
292 { APIPermission::kAppCurrentWindowInternal, "app.currentWindowInternal" },
293 { APIPermission::kAppRuntime, "app.runtime" },
294 { APIPermission::kAppWindow, "app.window" },
295 { APIPermission::kAlwaysOnTopWindows, "alwaysOnTopWindows" },
296 { APIPermission::kAudioCapture, "audioCapture",
297 APIPermissionInfo::kFlagNone,
298 IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
299 PermissionMessage::kAudioCapture },
300 { APIPermission::kVideoCapture, "videoCapture",
301 APIPermissionInfo::kFlagNone,
302 IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
303 PermissionMessage::kVideoCapture },
304 // The permission string for "fileSystem" is only shown when "write" or
305 // "directory" is present. Read-only access is only granted after the user
306 // has been shown a file or directory chooser dialog and selected a file or
307 // directory . Selecting the file or directory is considered consent to
308 // read it.
309 { APIPermission::kFileSystem, "fileSystem" },
310 { APIPermission::kFileSystemDirectory, "fileSystem.directory",
311 APIPermissionInfo::kFlagNone,
312 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
313 PermissionMessage::kFileSystemDirectory },
314 { APIPermission::kFileSystemProvider, "fileSystemProvider" },
315 { APIPermission::kFileSystemRetainEntries, "fileSystem.retainEntries" },
316 { APIPermission::kFileSystemWrite, "fileSystem.write",
317 APIPermissionInfo::kFlagNone,
318 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE,
319 PermissionMessage::kFileSystemWrite },
320 { APIPermission::kFileSystemWriteDirectory, "fileSystem.writeDirectory",
321 APIPermissionInfo::kFlagNone,
322 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
323 PermissionMessage::kFileSystemWriteDirectory },
324 // Because warning messages for the "mediaGalleries" permission vary based
325 // on the permissions parameters, no message ID or message text is
326 // specified here.
327 // The message ID and text used will be determined at run-time in the
328 // |MediaGalleriesPermission| class.
329 { APIPermission::kMediaGalleries, "mediaGalleries",
330 APIPermissionInfo::kFlagNone, 0,
331 PermissionMessage::kNone,
332 &CreateAPIPermission<MediaGalleriesPermission> },
333 { APIPermission::kPushMessaging, "pushMessaging",
334 APIPermissionInfo::kFlagCannotBeOptional },
335 // Because warning messages for the "bluetooth" permission vary based on
336 // the permissions parameters, no message ID or message text is specified
337 // here. The message ID and text used will be determined at run-time in the
338 // |BluetoothPermission| class.
339 { APIPermission::kBluetooth, "bluetooth", APIPermissionInfo::kFlagNone,
340 0, PermissionMessage::kNone,
341 &CreateAPIPermission<BluetoothPermission> },
342 { APIPermission::kUsb, "usb", APIPermissionInfo::kFlagNone,
343 IDS_EXTENSION_PROMPT_WARNING_USB,
344 PermissionMessage::kUsb },
345 { APIPermission::kUsbDevice, "usbDevices",
346 APIPermissionInfo::kFlagNone, 0, PermissionMessage::kNone,
347 &CreateAPIPermission<UsbDevicePermission> },
348 { APIPermission::kSystemIndicator, "systemIndicator",
349 APIPermissionInfo::kFlagNone,
350 IDS_EXTENSION_PROMPT_WARNING_SYSTEM_INDICATOR,
351 PermissionMessage::kSystemIndicator },
352 { APIPermission::kSystemCpu, "system.cpu" },
353 { APIPermission::kSystemMemory, "system.memory" },
354 { APIPermission::kSystemNetwork, "system.network" },
355 { APIPermission::kSystemDisplay, "system.display" },
356 { APIPermission::kSystemStorage, "system.storage" },
357 { APIPermission::kPointerLock, "pointerLock" },
358 { APIPermission::kFullscreen, "fullscreen" },
359 { APIPermission::kAudio, "audio" },
360 { APIPermission::kCastStreaming, "cast.streaming" },
361 { APIPermission::kOverrideEscFullscreen, "overrideEscFullscreen" },
362
363 // Settings override permissions.
364 { APIPermission::kHomepage, "homepage",
365 APIPermissionInfo::kFlagCannotBeOptional |
366 APIPermissionInfo::kFlagInternal,
367 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
368 PermissionMessage::kHomepage },
369 { APIPermission::kSearchProvider, "searchProvider",
370 APIPermissionInfo::kFlagCannotBeOptional |
371 APIPermissionInfo::kFlagInternal,
372 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
373 PermissionMessage::kSearchProvider },
374 { APIPermission::kStartupPages, "startupPages",
375 APIPermissionInfo::kFlagCannotBeOptional |
376 APIPermissionInfo::kFlagInternal,
377 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
378 PermissionMessage::kStartupPages },
379 };
380
381 std::vector<APIPermissionInfo*> permissions;
382
383 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(PermissionsToRegister); ++i) {
384 const PermissionRegistration& pr = PermissionsToRegister[i];
385 permissions.push_back(new APIPermissionInfo(
386 pr.id, pr.name, pr.l10n_message_id,
387 pr.message_id ? pr.message_id : PermissionMessage::kNone,
388 pr.flags,
389 pr.constructor));
390 }
391 return permissions;
392 }
393
394 std::vector<PermissionsProvider::AliasInfo>
395 ChromeAPIPermissions::GetAllAliases() const {
396 // Register aliases.
397 std::vector<PermissionsProvider::AliasInfo> aliases;
398 aliases.push_back(PermissionsProvider::AliasInfo(
399 "unlimitedStorage", kOldUnlimitedStoragePermission));
400 aliases.push_back(PermissionsProvider::AliasInfo(
401 "tabs", kWindowsPermission));
402 return aliases;
403 }
404
405 } // namespace extensions