search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Supervised user import: Listen for profile creation/deletion
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_api_permissions.cc
blob4eb4d675d1d5aa4efc14a9995fef2d3be58d4617
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_api_permissions.h"
6
7 #include "chrome/grit/generated_resources.h"
8 #include "extensions/common/permissions/api_permission.h"
9 #include "extensions/common/permissions/api_permission_set.h"
10 #include "extensions/common/permissions/media_galleries_permission.h"
11 #include "extensions/common/permissions/permission_message.h"
12 #include "extensions/common/permissions/permissions_info.h"
13 #include "extensions/strings/grit/extensions_strings.h"
14
15 namespace extensions {
16
17 namespace {
18
19 const char kWindowsPermission[] = "windows";
20
21 template <typename T>
22 APIPermission* CreateAPIPermission(const APIPermissionInfo* permission) {
23 return new T(permission);
24 }
25
26 } // namespace
27
28 std::vector<APIPermissionInfo*> ChromeAPIPermissions::GetAllPermissions()
29 const {
30 // WARNING: If you are modifying a permission message in this list, be sure to
31 // add the corresponding permission message rule to
32 // ChromePermissionMessageProvider::GetCoalescedPermissionMessages as well.
33 // TODO(sashab): Remove all permission messages from this list, once
34 // GetCoalescedPermissionMessages() is the only way of generating permission
35 // messages.
36 APIPermissionInfo::InitInfo permissions_to_register[] = {
37 // Register permissions for all extension types.
38 {APIPermission::kBackground, "background"},
39 {APIPermission::kDeclarativeContent, "declarativeContent"},
40 {APIPermission::kDesktopCapture,
41 "desktopCapture",
42 APIPermissionInfo::kFlagNone,
43 IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
44 PermissionMessage::kDesktopCapture},
45 {APIPermission::kDesktopCapturePrivate, "desktopCapturePrivate"},
46 {APIPermission::kDownloads,
47 "downloads",
48 APIPermissionInfo::kFlagNone,
49 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS,
50 PermissionMessage::kDownloads},
51 {APIPermission::kDownloadsOpen,
52 "downloads.open",
53 APIPermissionInfo::kFlagNone,
54 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
55 PermissionMessage::kDownloadsOpen},
56 {APIPermission::kDownloadsShelf, "downloads.shelf"},
57 {APIPermission::kEasyUnlockPrivate, "easyUnlockPrivate"},
58 {APIPermission::kIdentity, "identity"},
59 {APIPermission::kIdentityEmail,
60 "identity.email",
61 APIPermissionInfo::kFlagNone,
62 IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
63 PermissionMessage::kIdentityEmail},
64 {APIPermission::kExperimental,
65 "experimental",
66 APIPermissionInfo::kFlagCannotBeOptional},
67 {APIPermission::kEmbeddedExtensionOptions,
68 "embeddedExtensionOptions",
69 APIPermissionInfo::kFlagCannotBeOptional},
70 {APIPermission::kGeolocation,
71 "geolocation",
72 APIPermissionInfo::kFlagCannotBeOptional,
73 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
74 PermissionMessage::kGeolocation},
75 {APIPermission::kNotifications, "notifications"},
76 {APIPermission::kGcdPrivate, "gcdPrivate"},
77 {APIPermission::kGcm, "gcm"},
78 {APIPermission::kNotificationProvider, "notificationProvider"},
79
80 // Register extension permissions.
81 {APIPermission::kAccessibilityFeaturesModify,
82 "accessibilityFeatures.modify",
83 APIPermissionInfo::kFlagNone,
84 IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
85 PermissionMessage::kAccessibilityFeaturesModify},
86 {APIPermission::kAccessibilityFeaturesRead,
87 "accessibilityFeatures.read",
88 APIPermissionInfo::kFlagNone,
89 IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
90 PermissionMessage::kAccessibilityFeaturesRead},
91 {APIPermission::kAccessibilityPrivate,
92 "accessibilityPrivate",
93 APIPermissionInfo::kFlagCannotBeOptional},
94 {APIPermission::kActiveTab, "activeTab"},
95 {APIPermission::kAudioModem, "audioModem"},
96 {APIPermission::kBookmark,
97 "bookmarks",
98 APIPermissionInfo::kFlagNone,
99 IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
100 PermissionMessage::kBookmarks},
101 {APIPermission::kBrailleDisplayPrivate,
102 "brailleDisplayPrivate",
103 APIPermissionInfo::kFlagCannotBeOptional},
104 {APIPermission::kBrowsingData, "browsingData"},
105 {APIPermission::kContentSettings,
106 "contentSettings",
107 APIPermissionInfo::kFlagNone,
108 IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
109 PermissionMessage::kContentSettings},
110 {APIPermission::kContextMenus, "contextMenus"},
111 {APIPermission::kCookie, "cookies"},
112 {APIPermission::kCopresence,
113 "copresence",
114 APIPermissionInfo::kFlagNone,
115 IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
116 PermissionMessage::kCopresence},
117 {APIPermission::kCopresencePrivate, "copresencePrivate"},
118 {APIPermission::kCryptotokenPrivate, "cryptotokenPrivate"},
119 {APIPermission::kDataReductionProxy,
120 "dataReductionProxy",
121 APIPermissionInfo::kFlagImpliesFullURLAccess |
122 APIPermissionInfo::kFlagCannotBeOptional},
123 {APIPermission::kEnterprisePlatformKeys, "enterprise.platformKeys"},
124 {APIPermission::kFileBrowserHandler,
125 "fileBrowserHandler",
126 APIPermissionInfo::kFlagCannotBeOptional},
127 {APIPermission::kFontSettings,
128 "fontSettings",
129 APIPermissionInfo::kFlagCannotBeOptional},
130 {APIPermission::kHistory,
131 "history",
132 APIPermissionInfo::kFlagNone,
133 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
134 PermissionMessage::kBrowsingHistory},
135 {APIPermission::kIdltest, "idltest"},
136 {APIPermission::kInput,
137 "input",
138 APIPermissionInfo::kFlagNone,
139 IDS_EXTENSION_PROMPT_WARNING_INPUT,
140 PermissionMessage::kInput},
141 {APIPermission::kLocation,
142 "location",
143 APIPermissionInfo::kFlagCannotBeOptional,
144 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
145 PermissionMessage::kGeolocation},
146 {APIPermission::kManagement,
147 "management",
148 APIPermissionInfo::kFlagNone,
149 IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
150 PermissionMessage::kManagement},
151 {APIPermission::kMDns,
152 "mdns",
153 APIPermissionInfo::kFlagCannotBeOptional,
154 IDS_EXTENSION_PROMPT_WARNING_MDNS,
155 PermissionMessage::kMDns},
156 {APIPermission::kNativeMessaging,
157 "nativeMessaging",
158 APIPermissionInfo::kFlagNone,
159 IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
160 PermissionMessage::kNativeMessaging},
161 {APIPermission::kPlatformKeys,
162 "platformKeys",
163 APIPermissionInfo::kFlagNone,
164 IDS_EXTENSION_PROMPT_WARNING_PLATFORMKEYS,
165 PermissionMessage::kPlatformKeys},
166 {APIPermission::kPrivacy,
167 "privacy",
168 APIPermissionInfo::kFlagNone,
169 IDS_EXTENSION_PROMPT_WARNING_PRIVACY,
170 PermissionMessage::kPrivacy},
171 {APIPermission::kProcesses,
172 "processes",
173 APIPermissionInfo::kFlagNone,
174 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
175 PermissionMessage::kTabs},
176 {APIPermission::kSessions, "sessions"},
177 {APIPermission::kSignedInDevices,
178 "signedInDevices",
179 APIPermissionInfo::kFlagNone,
180 IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
181 PermissionMessage::kSignedInDevices},
182 {APIPermission::kSyncFileSystem,
183 "syncFileSystem",
184 APIPermissionInfo::kFlagNone,
185 IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
186 PermissionMessage::kSyncFileSystem},
187 {APIPermission::kTab,
188 "tabs",
189 APIPermissionInfo::kFlagNone,
190 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
191 PermissionMessage::kTabs},
192 {APIPermission::kTopSites,
193 "topSites",
194 APIPermissionInfo::kFlagNone,
195 IDS_EXTENSION_PROMPT_WARNING_TOPSITES,
196 PermissionMessage::kTopSites},
197 {APIPermission::kTts, "tts", 0, APIPermissionInfo::kFlagCannotBeOptional},
198 {APIPermission::kTtsEngine,
199 "ttsEngine",
200 APIPermissionInfo::kFlagCannotBeOptional,
201 IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
202 PermissionMessage::kTtsEngine},
203 {APIPermission::kWallpaper,
204 "wallpaper",
205 APIPermissionInfo::kFlagCannotBeOptional,
206 IDS_EXTENSION_PROMPT_WARNING_WALLPAPER,
207 PermissionMessage::kWallpaper},
208 {APIPermission::kWebNavigation,
209 "webNavigation",
210 APIPermissionInfo::kFlagNone,
211 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
212 PermissionMessage::kTabs},
213
214 // Register private permissions.
215 {APIPermission::kScreenlockPrivate,
216 "screenlockPrivate",
217 APIPermissionInfo::kFlagCannotBeOptional,
218 IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
219 PermissionMessage::kScreenlockPrivate},
220 {APIPermission::kActivityLogPrivate,
221 "activityLogPrivate",
222 APIPermissionInfo::kFlagCannotBeOptional,
223 IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
224 PermissionMessage::kActivityLogPrivate},
225 {APIPermission::kAutoTestPrivate,
226 "autotestPrivate",
227 APIPermissionInfo::kFlagCannotBeOptional},
228 {APIPermission::kBookmarkManagerPrivate,
229 "bookmarkManagerPrivate",
230 APIPermissionInfo::kFlagCannotBeOptional},
231 {APIPermission::kCast, "cast", APIPermissionInfo::kFlagCannotBeOptional},
232 {APIPermission::kChromeosInfoPrivate,
233 "chromeosInfoPrivate",
234 APIPermissionInfo::kFlagCannotBeOptional},
235 {APIPermission::kCommandsAccessibility,
236 "commands.accessibility",
237 APIPermissionInfo::kFlagCannotBeOptional},
238 {APIPermission::kCommandLinePrivate,
239 "commandLinePrivate",
240 APIPermissionInfo::kFlagCannotBeOptional},
241 {APIPermission::kDeveloperPrivate,
242 "developerPrivate",
243 APIPermissionInfo::kFlagCannotBeOptional},
244 {APIPermission::kDial, "dial", APIPermissionInfo::kFlagCannotBeOptional},
245 {APIPermission::kDownloadsInternal, "downloadsInternal"},
246 {APIPermission::kExperienceSamplingPrivate,
247 "experienceSamplingPrivate",
248 APIPermissionInfo::kFlagCannotBeOptional,
249 IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
250 PermissionMessage::kExperienceSamplingPrivate},
251 {APIPermission::kFileBrowserHandlerInternal,
252 "fileBrowserHandlerInternal",
253 APIPermissionInfo::kFlagCannotBeOptional},
254 {APIPermission::kFileManagerPrivate,
255 "fileManagerPrivate",
256 APIPermissionInfo::kFlagCannotBeOptional},
257 {APIPermission::kHotwordPrivate,
258 "hotwordPrivate",
259 APIPermissionInfo::kFlagCannotBeOptional},
260 {APIPermission::kIdentityPrivate,
261 "identityPrivate",
262 APIPermissionInfo::kFlagCannotBeOptional},
263 {APIPermission::kLogPrivate,
264 "logPrivate",
265 APIPermissionInfo::kFlagCannotBeOptional},
266 {APIPermission::kWebcamPrivate, "webcamPrivate"},
267 {APIPermission::kMediaPlayerPrivate,
268 "mediaPlayerPrivate",
269 APIPermissionInfo::kFlagCannotBeOptional},
270 {APIPermission::kMediaRouterPrivate,
271 "mediaRouterPrivate",
272 APIPermissionInfo::kFlagCannotBeOptional},
273 {APIPermission::kMetricsPrivate,
274 "metricsPrivate",
275 APIPermissionInfo::kFlagCannotBeOptional},
276 {APIPermission::kMusicManagerPrivate,
277 "musicManagerPrivate",
278 APIPermissionInfo::kFlagCannotBeOptional,
279 IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
280 PermissionMessage::kMusicManagerPrivate},
281 {APIPermission::kPreferencesPrivate,
282 "preferencesPrivate",
283 APIPermissionInfo::kFlagCannotBeOptional},
284 {APIPermission::kSystemPrivate,
285 "systemPrivate",
286 APIPermissionInfo::kFlagCannotBeOptional},
287 {APIPermission::kCloudPrintPrivate,
288 "cloudPrintPrivate",
289 APIPermissionInfo::kFlagCannotBeOptional},
290 {APIPermission::kInputMethodPrivate,
291 "inputMethodPrivate",
292 APIPermissionInfo::kFlagCannotBeOptional},
293 {APIPermission::kEchoPrivate,
294 "echoPrivate",
295 APIPermissionInfo::kFlagCannotBeOptional},
296 {APIPermission::kFeedbackPrivate,
297 "feedbackPrivate",
298 APIPermissionInfo::kFlagCannotBeOptional},
299 {APIPermission::kImageWriterPrivate,
300 "imageWriterPrivate",
301 APIPermissionInfo::kFlagCannotBeOptional},
302 {APIPermission::kReadingListPrivate,
303 "readingListPrivate",
304 APIPermissionInfo::kFlagCannotBeOptional},
305 {APIPermission::kRtcPrivate,
306 "rtcPrivate",
307 APIPermissionInfo::kFlagCannotBeOptional},
308 {APIPermission::kTerminalPrivate,
309 "terminalPrivate",
310 APIPermissionInfo::kFlagCannotBeOptional},
311 {APIPermission::kVirtualKeyboardPrivate,
312 "virtualKeyboardPrivate",
313 APIPermissionInfo::kFlagCannotBeOptional},
314 {APIPermission::kWallpaperPrivate,
315 "wallpaperPrivate",
316 APIPermissionInfo::kFlagCannotBeOptional},
317 {APIPermission::kWebstorePrivate,
318 "webstorePrivate",
319 APIPermissionInfo::kFlagCannotBeOptional},
320 {APIPermission::kStreamsPrivate,
321 "streamsPrivate",
322 APIPermissionInfo::kFlagCannotBeOptional},
323 {APIPermission::kEnterprisePlatformKeysPrivate,
324 "enterprise.platformKeysPrivate",
325 APIPermissionInfo::kFlagCannotBeOptional},
326 {APIPermission::kWebrtcAudioPrivate,
327 "webrtcAudioPrivate",
328 APIPermissionInfo::kFlagCannotBeOptional},
329 {APIPermission::kWebrtcLoggingPrivate,
330 "webrtcLoggingPrivate",
331 APIPermissionInfo::kFlagCannotBeOptional},
332 {APIPermission::kPrincipalsPrivate,
333 "principalsPrivate",
334 APIPermissionInfo::kFlagCannotBeOptional},
335 {APIPermission::kFirstRunPrivate,
336 "firstRunPrivate",
337 APIPermissionInfo::kFlagCannotBeOptional},
338 {APIPermission::kInlineInstallPrivate, "inlineInstallPrivate"},
339 {APIPermission::kSettingsPrivate,
340 "settingsPrivate",
341 APIPermissionInfo::kFlagCannotBeOptional,
342 IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE,
343 PermissionMessage::kSettingsPrivate},
344 {APIPermission::kSearchEnginesPrivate,
345 "searchEnginesPrivate",
346 APIPermissionInfo::kFlagCannotBeOptional,
347 IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE,
348 PermissionMessage::kSearchEnginesPrivate},
349 {APIPermission::kAutofillPrivate,
350 "autofillPrivate",
351 APIPermissionInfo::kFlagCannotBeOptional,
352 IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE,
353 PermissionMessage::kAutofillPrivate},
354
355 // Full url access permissions.
356 {APIPermission::kDebugger,
357 "debugger",
358 APIPermissionInfo::kFlagImpliesFullURLAccess |
359 APIPermissionInfo::kFlagCannotBeOptional,
360 IDS_EXTENSION_PROMPT_WARNING_DEBUGGER,
361 PermissionMessage::kDebugger},
362 {APIPermission::kDevtools,
363 "devtools",
364 APIPermissionInfo::kFlagImpliesFullURLAccess |
365 APIPermissionInfo::kFlagCannotBeOptional |
366 APIPermissionInfo::kFlagInternal},
367 {APIPermission::kPageCapture,
368 "pageCapture",
369 APIPermissionInfo::kFlagImpliesFullURLAccess},
370 {APIPermission::kTabCapture,
371 "tabCapture",
372 APIPermissionInfo::kFlagImpliesFullURLAccess},
373 {APIPermission::kTabCaptureForTab,
374 "tabCaptureForTab",
375 APIPermissionInfo::kFlagInternal},
376 {APIPermission::kPlugin,
377 "plugin",
378 APIPermissionInfo::kFlagImpliesFullURLAccess |
379 APIPermissionInfo::kFlagImpliesFullAccess |
380 APIPermissionInfo::kFlagCannotBeOptional |
381 APIPermissionInfo::kFlagInternal,
382 IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
383 PermissionMessage::kFullAccess},
384 {APIPermission::kProxy,
385 "proxy",
386 APIPermissionInfo::kFlagImpliesFullURLAccess |
387 APIPermissionInfo::kFlagCannotBeOptional},
388
389 // Platform-app permissions.
390
391 // The permission string for "fileSystem" is only shown when
392 // "write" or "directory" is present. Read-only access is only
393 // granted after the user has been shown a file or directory
394 // chooser dialog and selected a file or directory. Selecting
395 // the file or directory is considered consent to read it.
396 {APIPermission::kFileSystem, "fileSystem"},
397 {APIPermission::kFileSystemDirectory,
398 "fileSystem.directory",
399 APIPermissionInfo::kFlagNone,
400 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
401 PermissionMessage::kFileSystemDirectory},
402 {APIPermission::kFileSystemProvider, "fileSystemProvider"},
403 {APIPermission::kFileSystemRequestFileSystem,
404 "fileSystem.requestFileSystem"},
405 {APIPermission::kFileSystemRetainEntries, "fileSystem.retainEntries"},
406 {APIPermission::kFileSystemWrite, "fileSystem.write"},
407 {APIPermission::kFileSystemWriteDirectory,
408 "fileSystem.writeDirectory",
409 APIPermissionInfo::kFlagNone,
410 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
411 PermissionMessage::kFileSystemWriteDirectory},
412 // Because warning messages for the "mediaGalleries" permission
413 // vary based on the permissions parameters, no message ID or
414 // message text is specified here. The message ID and text used
415 // will be determined at run-time in the
416 // |MediaGalleriesPermission| class.
417 {APIPermission::kMediaGalleries,
418 "mediaGalleries",
419 APIPermissionInfo::kFlagNone,
420 0,
421 PermissionMessage::kNone,
422 &CreateAPIPermission<MediaGalleriesPermission>},
423 {APIPermission::kPointerLock, "pointerLock"},
424 {APIPermission::kCastStreaming, "cast.streaming"},
425 {APIPermission::kBrowser, "browser"},
426 {APIPermission::kInterceptAllKeys,
427 "app.window.interceptAllKeys",
428 APIPermissionInfo::kFlagNone,
429 IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
430 PermissionMessage::kInterceptAllKeys},
431 {APIPermission::kLauncherSearchProvider, "launcherSearchProvider"},
432
433 // Settings override permissions.
434 {APIPermission::kHomepage,
435 "homepage",
436 APIPermissionInfo::kFlagCannotBeOptional |
437 APIPermissionInfo::kFlagInternal,
438 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
439 PermissionMessage::kHomepage},
440 {APIPermission::kSearchProvider,
441 "searchProvider",
442 APIPermissionInfo::kFlagCannotBeOptional |
443 APIPermissionInfo::kFlagInternal,
444 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
445 PermissionMessage::kSearchProvider},
446 {APIPermission::kStartupPages,
447 "startupPages",
448 APIPermissionInfo::kFlagCannotBeOptional |
449 APIPermissionInfo::kFlagInternal,
450 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
451 PermissionMessage::kStartupPages},
452 };
453
454 std::vector<APIPermissionInfo*> permissions;
455
456 for (size_t i = 0; i < arraysize(permissions_to_register); ++i)
457 permissions.push_back(new APIPermissionInfo(permissions_to_register[i]));
458 return permissions;
459 }
460
461 std::vector<PermissionsProvider::AliasInfo>
462 ChromeAPIPermissions::GetAllAliases() const {
463 // Register aliases.
464 std::vector<PermissionsProvider::AliasInfo> aliases;
465 aliases.push_back(PermissionsProvider::AliasInfo("tabs", kWindowsPermission));
466 return aliases;
467 }
468
469 } // namespace extensions