search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Supervised user import: Listen for profile creation/deletion
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_permission_message_rules.cc
blob1f2ffae0f1f3052ac1782c1c3d602d1cb88d5f4c
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
6
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "chrome/grit/generated_resources.h"
10 #include "extensions/common/permissions/api_permission_set.h"
11 #include "extensions/common/permissions/coalesced_permission_message.h"
12 #include "grit/extensions_strings.h"
13 #include "ui/base/l10n/l10n_util.h"
14
15 namespace extensions {
16
17 namespace {
18
19 // The default formatter for a permission message. Simply displays the message
20 // with the given ID.
21 class DefaultPermissionMessageFormatter
22 : public ChromePermissionMessageFormatter {
23 public:
24 explicit DefaultPermissionMessageFormatter(int message_id)
25 : message_id_(message_id) {}
26 ~DefaultPermissionMessageFormatter() override {}
27
28 CoalescedPermissionMessage GetPermissionMessage(
29 PermissionIDSet permissions) const override {
30 return CoalescedPermissionMessage(l10n_util::GetStringUTF16(message_id_),
31 permissions);
32 }
33
34 private:
35 int message_id_;
36
37 // DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter);
38 };
39
40 // A formatter that substitutes the parameter into the message using string
41 // formatting.
42 // NOTE: Only one permission with the given ID is substituted using this rule.
43 class SingleParameterFormatter : public ChromePermissionMessageFormatter {
44 public:
45 explicit SingleParameterFormatter(int message_id) : message_id_(message_id) {}
46 ~SingleParameterFormatter() override {}
47
48 CoalescedPermissionMessage GetPermissionMessage(
49 PermissionIDSet permissions) const override {
50 DCHECK(permissions.size() > 0);
51 std::vector<base::string16> parameters =
52 permissions.GetAllPermissionParameters();
53 DCHECK_EQ(1U, parameters.size())
54 << "Only one message with each ID can be parameterized.";
55 return CoalescedPermissionMessage(
56 l10n_util::GetStringFUTF16(message_id_, parameters[0]), permissions);
57 }
58
59 private:
60 int message_id_;
61 };
62
63 // Adds each parameter to a growing list, with the given |root_message_id| as
64 // the message at the top of the list.
65 class SimpleListFormatter : public ChromePermissionMessageFormatter {
66 public:
67 explicit SimpleListFormatter(int root_message_id)
68 : root_message_id_(root_message_id) {}
69 ~SimpleListFormatter() override {}
70
71 CoalescedPermissionMessage GetPermissionMessage(
72 PermissionIDSet permissions) const override {
73 DCHECK(permissions.size() > 0);
74 return CoalescedPermissionMessage(
75 l10n_util::GetStringUTF16(root_message_id_), permissions,
76 permissions.GetAllPermissionParameters());
77 }
78
79 private:
80 int root_message_id_;
81 };
82
83 // Creates a space-separated list of permissions with the given PermissionID.
84 // The list is inserted into the messages with the given IDs: one for the case
85 // where there is a single permission, and the other for the case where there
86 // are multiple.
87 // TODO(sashab): Extend this to pluralize correctly in all languages.
88 class SpaceSeparatedListFormatter : public ChromePermissionMessageFormatter {
89 public:
90 SpaceSeparatedListFormatter(int message_id_for_one_host,
91 int message_id_for_multiple_hosts)
92 : message_id_for_one_host_(message_id_for_one_host),
93 message_id_for_multiple_hosts_(message_id_for_multiple_hosts) {}
94 ~SpaceSeparatedListFormatter() override {}
95
96 CoalescedPermissionMessage GetPermissionMessage(
97 PermissionIDSet permissions) const override {
98 DCHECK(permissions.size() > 0);
99 std::vector<base::string16> hostnames =
100 permissions.GetAllPermissionParameters();
101 base::string16 hosts_string = JoinString(
102 std::vector<base::string16>(hostnames.begin(), hostnames.end()), ' ');
103 return CoalescedPermissionMessage(
104 l10n_util::GetStringFUTF16(hostnames.size() == 1
105 ? message_id_for_one_host_
106 : message_id_for_multiple_hosts_,
107 hosts_string),
108 permissions);
109 }
110
111 private:
112 int message_id_for_one_host_;
113 int message_id_for_multiple_hosts_;
114 };
115
116 // Creates a comma-separated list of permissions with the given PermissionID.
117 // The list is inserted into the messages with the given IDs: one for each case
118 // of 1-3 permissions, and the other for the case where there are 4 or more
119 // permissions. In the case of 4 or more permissions, rather than insert the
120 // list into the message, the permissions are displayed as submessages in the
121 // resultant CoalescedPermissionMessage.
122 class CommaSeparatedListFormatter : public ChromePermissionMessageFormatter {
123 public:
124 CommaSeparatedListFormatter(int message_id_for_one_host,
125 int message_id_for_two_hosts,
126 int message_id_for_three_hosts,
127 int message_id_for_many_hosts)
128 : message_id_for_one_host_(message_id_for_one_host),
129 message_id_for_two_hosts_(message_id_for_two_hosts),
130 message_id_for_three_hosts_(message_id_for_three_hosts),
131 message_id_for_many_hosts_(message_id_for_many_hosts) {}
132 ~CommaSeparatedListFormatter() override {}
133
134 CoalescedPermissionMessage GetPermissionMessage(
135 PermissionIDSet permissions) const override {
136 DCHECK(permissions.size() > 0);
137 std::vector<base::string16> hostnames =
138 permissions.GetAllPermissionParameters();
139 CoalescedPermissionMessages messages;
140 if (hostnames.size() <= 3) {
141 return CoalescedPermissionMessage(
142 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames.size()),
143 hostnames, NULL),
144 permissions);
145 }
146
147 return CoalescedPermissionMessage(
148 l10n_util::GetStringUTF16(message_id_for_many_hosts_), permissions,
149 hostnames);
150 }
151
152 private:
153 int message_id_for_hosts(int number_of_hosts) const {
154 switch (number_of_hosts) {
155 case 1:
156 return message_id_for_one_host_;
157 case 2:
158 return message_id_for_two_hosts_;
159 case 3:
160 return message_id_for_three_hosts_;
161 default:
162 return message_id_for_many_hosts_;
163 }
164 }
165
166 int message_id_for_one_host_;
167 int message_id_for_two_hosts_;
168 int message_id_for_three_hosts_;
169 int message_id_for_many_hosts_;
170 };
171
172 } // namespace
173
174 ChromePermissionMessageRule::ChromePermissionMessageRule(
175 int message_id,
176 PermissionIDSetInitializer required,
177 PermissionIDSetInitializer optional)
178 : required_permissions_(required),
179 optional_permissions_(optional),
180 formatter_(new DefaultPermissionMessageFormatter(message_id)) {
181 }
182
183 ChromePermissionMessageRule::ChromePermissionMessageRule(
184 ChromePermissionMessageFormatter* formatter,
185 PermissionIDSetInitializer required,
186 PermissionIDSetInitializer optional)
187 : required_permissions_(required),
188 optional_permissions_(optional),
189 formatter_(formatter) {
190 }
191
192 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
193 }
194
195 std::set<APIPermission::ID> ChromePermissionMessageRule::required_permissions()
196 const {
197 return required_permissions_;
198 }
199 std::set<APIPermission::ID> ChromePermissionMessageRule::optional_permissions()
200 const {
201 return optional_permissions_;
202 }
203 ChromePermissionMessageFormatter* ChromePermissionMessageRule::formatter()
204 const {
205 return formatter_.get();
206 }
207
208 std::set<APIPermission::ID> ChromePermissionMessageRule::all_permissions()
209 const {
210 return base::STLSetUnion<std::set<APIPermission::ID>>(required_permissions(),
211 optional_permissions());
212 }
213
214 // static
215 std::vector<ChromePermissionMessageRule>
216 ChromePermissionMessageRule::GetAllRules() {
217 // The rules for generating messages from permissions. Any new rules should be
218 // added directly to this list, not elsewhere in the code, so that all the
219 // logic of generating and coalescing permission messages happens here.
220 //
221 // Each rule has 3 components:
222 // 1. The message itself
223 // 2. The permissions that need to be present for the message to appear
224 // 3. Permissions that, if present, also contribute to the message, but do not
225 // form the message on their own
226 //
227 // Rules are applied in precedence order: rules that come first consume
228 // permissions (both required and optional) so they can not be used in later
229 // rules.
230 // NOTE: The order of this list matters - be careful when adding new rules!
231 // If unsure, add them near related rules and add tests to
232 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
233 // messages are being generated/coalesced correctly.
234 //
235 // Rules are not transitive: This means that if the kTab permission 'absorbs'
236 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
237 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
238 // to the kHistory absorb list. Ideally, the rules system should be simple
239 // enough that rules like this should not occur; the visibility of the rules
240 // system should allow us to design a system that is simple enough to explain
241 // yet powerful enough to encapsulate all the messages we want to display.
242 //
243 // TODO(sashab): Once existing message sites are deprecated, reorder this list
244 // to better describe the rules generated, rather than the callsites they are
245 // migrated from.
246 ChromePermissionMessageRule rules_arr[] = {
247 // Full url access permission messages.
248 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
249 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
250 {APIPermission::kPlugin},
251 {APIPermission::kFullAccess,
252 APIPermission::kHostsAll,
253 APIPermission::kHostsAllReadOnly,
254 APIPermission::kDeclarativeWebRequest,
255 APIPermission::kTopSites,
256 APIPermission::kTab}},
257 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
258 {APIPermission::kFullAccess},
259 {APIPermission::kHostsAll,
260 APIPermission::kHostsAllReadOnly,
261 APIPermission::kDeclarativeWebRequest,
262 APIPermission::kTopSites,
263 APIPermission::kTab}},
264
265 // Parameterized permission messages:
266 // Messages generated by the sockets permission.
267 {new SpaceSeparatedListFormatter(
268 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
269 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
270 {APIPermission::kSocketDomainHosts},
271 {}},
272 {new SpaceSeparatedListFormatter(
273 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST,
274 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS),
275 {APIPermission::kSocketSpecificHosts},
276 {}},
277
278 // Messages generated by host permissions.
279 {new CommaSeparatedListFormatter(
280 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY,
281 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY,
282 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY,
283 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY),
284 {APIPermission::kHostReadOnly},
285 {}},
286 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
287 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
288 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
289 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
290 {APIPermission::kHostReadWrite},
291 {}},
292
293 // USB Device Permission rules:
294 // TODO(sashab, reillyg): Rework the permission message logic for USB
295 // devices to generate more meaningful messages and better fit the current
296 // rules system. Maybe model it similarly to host or socket permissions
297 // above.
298 {new SingleParameterFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE),
299 {APIPermission::kUsbDevice},
300 {}},
301 {new SingleParameterFormatter(
302 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT),
303 {APIPermission::kUsbDeviceUnknownProduct},
304 {}},
305 {new SimpleListFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
306 {APIPermission::kUsbDeviceList},
307 {}},
308
309 // Coalesced message rules taken from
310 // ChromePermissionMessageProvider::GetWarningMessages():
311
312 // Access to users' devices should provide a single warning message
313 // specifying the transport method used; serial and/or Bluetooth.
314 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
315 {APIPermission::kBluetooth, APIPermission::kSerial},
316 {APIPermission::kBluetoothDevices}},
317
318 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY,
319 {APIPermission::kAccessibilityFeaturesModify,
320 APIPermission::kAccessibilityFeaturesRead},
321 {}},
322
323 // TODO(sashab): Add the missing combinations of media galleries
324 // permissions so a valid permission is generated for all combinations.
325 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE,
326 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
327 APIPermission::kMediaGalleriesAllGalleriesDelete,
328 APIPermission::kMediaGalleriesAllGalleriesRead},
329 {}},
330 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE,
331 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
332 APIPermission::kMediaGalleriesAllGalleriesRead},
333 {}},
334 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
335 {APIPermission::kMediaGalleriesAllGalleriesDelete,
336 APIPermission::kMediaGalleriesAllGalleriesRead},
337 {}},
338 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
339 {APIPermission::kMediaGalleriesAllGalleriesRead},
340 {}},
341
342 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
343 {APIPermission::kSessions, APIPermission::kHistory},
344 {APIPermission::kFavicon,
345 APIPermission::kProcesses,
346 APIPermission::kTab,
347 APIPermission::kTopSites,
348 APIPermission::kWebNavigation}},
349 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
350 {APIPermission::kSessions, APIPermission::kTab},
351 {APIPermission::kFavicon,
352 APIPermission::kProcesses,
353 APIPermission::kTopSites,
354 APIPermission::kWebNavigation}},
355
356 // Suppression list taken from
357 // ChromePermissionMessageProvider::GetPermissionMessages():
358 // Some warnings are more generic and/or powerful and supercede other
359 // warnings. In that case, the first message suppresses the second one.
360 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
361 {APIPermission::kBluetooth},
362 {APIPermission::kBluetoothDevices}},
363 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
364 {APIPermission::kBookmark},
365 {APIPermission::kOverrideBookmarksUI}},
366 // History already allows reading favicons, tab access and accessing the
367 // list of most frequently visited sites.
368 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
369 {APIPermission::kHistory},
370 {APIPermission::kFavicon,
371 APIPermission::kProcesses,
372 APIPermission::kTab,
373 APIPermission::kTopSites,
374 APIPermission::kWebNavigation}},
375 // A special hack: If kFileSystemWriteDirectory would be displayed, hide
376 // kFileSystemDirectory as the write directory message implies it.
377 // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
378 // since this rules system can represent the rule. See crbug.com/284849.
379 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
380 {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
381 {APIPermission::kFileSystemWriteDirectory}},
382 // Full access already allows DeclarativeWebRequest, reading the list of
383 // most frequently visited sites, and tab access.
384 // The warning message for declarativeWebRequest
385 // permissions speaks about blocking parts of pages, which is a
386 // subset of what the "<all_urls>" access allows. Therefore we
387 // display only the "<all_urls>" warning message if both permissions
388 // are required.
389 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
390 {APIPermission::kHostsAll},
391 {APIPermission::kDeclarativeWebRequest,
392 APIPermission::kTopSites,
393 APIPermission::kTab,
394 APIPermission::kFavicon,
395 APIPermission::kTopSites,
396 APIPermission::kHostsAllReadOnly}},
397 // AutomationManifestPermission:
398 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
399 {APIPermission::kHostsAllReadOnly},
400 {}},
401 // Tabs already allows reading favicons and reading the list of most
402 // frequently visited sites.
403 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
404 {APIPermission::kTab},
405 {APIPermission::kFavicon,
406 APIPermission::kProcesses,
407 APIPermission::kTopSites,
408 APIPermission::kWebNavigation}},
409
410 // Individual message rules taken from
411 // ChromeAPIPermissions::GetAllPermissions():
412 // Permission messages for all extension types:
413
414 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
415 {APIPermission::kClipboardRead},
416 {}},
417 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
418 {APIPermission::kDesktopCapture},
419 {}},
420 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, {APIPermission::kDownloads}, {}},
421 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
422 {APIPermission::kDownloadsOpen},
423 {}},
424 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
425 {APIPermission::kIdentityEmail},
426 {}},
427 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
428 {APIPermission::kGeolocation},
429 {}},
430
431 // Permission messages for extensions:
432 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
433 {APIPermission::kAccessibilityFeaturesModify},
434 {}},
435 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
436 {APIPermission::kAccessibilityFeaturesRead},
437 {}},
438 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, {APIPermission::kBookmark}, {}},
439 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
440 {APIPermission::kContentSettings},
441 {}},
442 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
443 {APIPermission::kCopresence},
444 {}},
445 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN,
446 {APIPermission::kDocumentScan},
447 {}},
448 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
449 {APIPermission::kHistory},
450 {}},
451 {IDS_EXTENSION_PROMPT_WARNING_INPUT, {APIPermission::kInput}, {}},
452 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
453 {APIPermission::kLocation},
454 {}},
455 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
456 {APIPermission::kManagement},
457 {}},
458 {IDS_EXTENSION_PROMPT_WARNING_MDNS, {APIPermission::kMDns}, {}},
459 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
460 {APIPermission::kNativeMessaging},
461 {}},
462 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY, {APIPermission::kPrivacy}, {}},
463 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
464 {APIPermission::kProcesses},
465 {}},
466 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
467 {APIPermission::kSignedInDevices},
468 {}},
469 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
470 {APIPermission::kSyncFileSystem},
471 {}},
472 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, {APIPermission::kTab}, {}},
473 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES, {APIPermission::kTopSites}, {}},
474 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
475 {APIPermission::kTtsEngine},
476 {}},
477 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, {APIPermission::kWallpaper}, {}},
478 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
479 {APIPermission::kWebNavigation},
480 {}},
481
482 // Permission messages for private permissions:
483 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
484 {APIPermission::kScreenlockPrivate},
485 {}},
486 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
487 {APIPermission::kActivityLogPrivate},
488 {}},
489 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
490 {APIPermission::kExperienceSamplingPrivate},
491 {}},
492 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
493 {APIPermission::kNetworkingPrivate},
494 {}},
495 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
496 {APIPermission::kMusicManagerPrivate},
497 {}},
498 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_ENGINES_PRIVATE,
499 {APIPermission::kSearchEnginesPrivate},
500 {}},
501 {IDS_EXTENSION_PROMPT_WARNING_SETTINGS_PRIVATE,
502 {APIPermission::kSettingsPrivate},
503 {}},
504 {IDS_EXTENSION_PROMPT_WARNING_AUTOFILL_PRIVATE,
505 {APIPermission::kAutofillPrivate},
506 {}},
507
508 // Platform-app permission messages.
509
510 // The permission string for "fileSystem" is only shown when
511 // "write" or "directory" is present. Read-only access is only
512 // granted after the user has been shown a file or directory
513 // chooser dialog and selected a file or directory. Selecting
514 // the file or directory is considered consent to read it.
515 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
516 {APIPermission::kFileSystemDirectory},
517 {}},
518 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
519 {APIPermission::kFileSystemWriteDirectory},
520 {}},
521
522 // Because warning messages for the "mediaGalleries" permission
523 // vary based on the permissions parameters, no message ID or
524 // message text is specified here. The message ID and text used
525 // will be determined at run-time in the
526 // |MediaGalleriesPermission| class.
527
528 {IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
529 {APIPermission::kInterceptAllKeys},
530 {}},
531
532 // Settings override permission messages.
533 {IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
534 {APIPermission::kHomepage},
535 {}},
536 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
537 {APIPermission::kSearchProvider},
538 {}},
539 {IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
540 {APIPermission::kStartupPages},
541 {}},
542
543 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE,
544 {APIPermission::kAudioCapture, APIPermission::kVideoCapture},
545 {}},
546
547 // Individual message rules taken from
548 // ExtensionsAPIPermissions::GetAllPermissions():
549 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
550 {APIPermission::kAudioCapture},
551 {}},
552 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE,
553 {APIPermission::kBluetoothPrivate},
554 {}},
555 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
556 {APIPermission::kDeclarativeWebRequest},
557 {}},
558 {IDS_EXTENSION_PROMPT_WARNING_SERIAL, {APIPermission::kSerial}, {}},
559
560 // Because warning messages for the "socket" permission vary based
561 // on the permissions parameters, no message ID or message text is
562 // specified here. The message ID and text used will be
563 // determined at run-time in the |SocketPermission| class.
564 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES,
565 {APIPermission::kU2fDevices},
566 {}},
567 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
568 {APIPermission::kVideoCapture},
569 {}},
570 {IDS_EXTENSION_PROMPT_WARNING_VPN, {APIPermission::kVpnProvider}, {}},
571 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
572 {APIPermission::kWebConnectable},
573 {}},
574
575 // Rules from ManifestPermissions:
576 // BluetoothManifestPermission:
577 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH, {APIPermission::kBluetooth}, {}},
578 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES,
579 {APIPermission::kBluetoothDevices},
580 {}},
581
582 // SocketsManifestPermission:
583 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST,
584 {APIPermission::kSocketAnyHost},
585 {}},
586 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE,
587 {APIPermission::kNetworkState},
588 {}},
589
590 // API permission rules:
591 // SettingsOverrideAPIPermission:
592 {IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
593 {APIPermission::kHomepage},
594 {}},
595 {IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
596 {APIPermission::kStartupPages},
597 {}},
598 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
599 {APIPermission::kSearchProvider},
600 {}},
601
602 // USBDevicePermission:
603 {IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR,
604 {APIPermission::kUsbDeviceUnknownVendor},
605 {}},
606
607 // Other rules:
608 // From ChromeExtensionsClient::FilterHostPermissions():
609 {IDS_EXTENSION_PROMPT_WARNING_FAVICON, {APIPermission::kFavicon}, {}},
610 };
611
612 std::vector<ChromePermissionMessageRule> rules;
613 for (size_t i = 0; i < arraysize(rules_arr); i++) {
614 rules.push_back(rules_arr[i]);
615 }
616 return rules;
617 }
618
619 ChromePermissionMessageRule::PermissionIDSetInitializer::
620 PermissionIDSetInitializer() {
621 }
622 ChromePermissionMessageRule::PermissionIDSetInitializer::
623 PermissionIDSetInitializer(APIPermission::ID permission_one) {
624 insert(permission_one);
625 }
626 ChromePermissionMessageRule::PermissionIDSetInitializer::
627 PermissionIDSetInitializer(APIPermission::ID permission_one,
628 APIPermission::ID permission_two) {
629 insert(permission_one);
630 insert(permission_two);
631 }
632 ChromePermissionMessageRule::PermissionIDSetInitializer::
633 PermissionIDSetInitializer(APIPermission::ID permission_one,
634 APIPermission::ID permission_two,
635 APIPermission::ID permission_three) {
636 insert(permission_one);
637 insert(permission_two);
638 insert(permission_three);
639 }
640 ChromePermissionMessageRule::PermissionIDSetInitializer::
641 PermissionIDSetInitializer(APIPermission::ID permission_one,
642 APIPermission::ID permission_two,
643 APIPermission::ID permission_three,
644 APIPermission::ID permission_four) {
645 insert(permission_one);
646 insert(permission_two);
647 insert(permission_three);
648 insert(permission_four);
649 }
650 ChromePermissionMessageRule::PermissionIDSetInitializer::
651 PermissionIDSetInitializer(APIPermission::ID permission_one,
652 APIPermission::ID permission_two,
653 APIPermission::ID permission_three,
654 APIPermission::ID permission_four,
655 APIPermission::ID permission_five) {
656 insert(permission_one);
657 insert(permission_two);
658 insert(permission_three);
659 insert(permission_four);
660 insert(permission_five);
661 }
662 ChromePermissionMessageRule::PermissionIDSetInitializer::
663 PermissionIDSetInitializer(APIPermission::ID permission_one,
664 APIPermission::ID permission_two,
665 APIPermission::ID permission_three,
666 APIPermission::ID permission_four,
667 APIPermission::ID permission_five,
668 APIPermission::ID permission_six) {
669 insert(permission_one);
670 insert(permission_two);
671 insert(permission_three);
672 insert(permission_four);
673 insert(permission_five);
674 insert(permission_six);
675 }
676
677 ChromePermissionMessageRule::PermissionIDSetInitializer::
678 ~PermissionIDSetInitializer() {
679 }
680
681 } // namespace extensions