Add ENABLE_MEDIA_ROUTER define to builds other than Android and iOS.
[chromium-blink-merge.git] / chrome / browser / extensions / permission_message_combinations_unittest.cc
blob7581ff1d42618ca91b4167cdc2b85899086ceaf3
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/command_line.h"
6 #include "base/memory/scoped_ptr.h"
7 #include "base/test/values_test_util.h"
8 #include "chrome/browser/extensions/test_extension_environment.h"
9 #include "chrome/common/extensions/permissions/chrome_permission_message_provider.h"
10 #include "extensions/common/extension.h"
11 #include "extensions/common/permissions/permission_message_test_util.h"
12 #include "extensions/common/permissions/permissions_data.h"
13 #include "extensions/common/switches.h"
14 #include "testing/gmock/include/gmock/gmock-matchers.h"
15 #include "testing/gtest/include/gtest/gtest.h"
17 namespace extensions {
19 // Tests that ChromePermissionMessageProvider produces the expected messages for
20 // various combinations of app/extension permissions.
21 class PermissionMessageCombinationsUnittest : public testing::Test {
22 public:
23 PermissionMessageCombinationsUnittest()
24 : message_provider_(new ChromePermissionMessageProvider()) {}
25 ~PermissionMessageCombinationsUnittest() override {}
27 // Overridden from testing::Test:
28 void SetUp() override {
29 testing::Test::SetUp();
30 // Force creation of ExtensionPrefs before adding extensions.
31 env_.GetExtensionPrefs();
34 protected:
35 // Create and install an app or extension with the given manifest JSON string.
36 // Single-quotes in the string will be replaced with double quotes.
37 void CreateAndInstall(const std::string& json_manifest) {
38 std::string json_manifest_with_double_quotes = json_manifest;
39 std::replace(json_manifest_with_double_quotes.begin(),
40 json_manifest_with_double_quotes.end(), '\'', '"');
41 app_ = env_.MakeExtension(
42 *base::test::ParseJson(json_manifest_with_double_quotes));
43 // Add the app to any whitelists so we can test all permissions.
44 base::CommandLine::ForCurrentProcess()->AppendSwitchASCII(
45 switches::kWhitelistedExtensionID, app_->id());
48 // Checks whether the currently installed app or extension produces the given
49 // permission messages. Call this after installing an app with the expected
50 // permission messages. The messages are tested for existence in any order.
51 testing::AssertionResult CheckManifestProducesPermissions() {
52 return VerifyNoPermissionMessages(app_->permissions_data());
54 testing::AssertionResult CheckManifestProducesPermissions(
55 const std::string& expected_message_1) {
56 return VerifyOnePermissionMessage(app_->permissions_data(),
57 expected_message_1);
59 testing::AssertionResult CheckManifestProducesPermissions(
60 const std::string& expected_message_1,
61 const std::string& expected_message_2) {
62 return VerifyTwoPermissionMessages(app_->permissions_data(),
63 expected_message_1, expected_message_2,
64 false);
66 testing::AssertionResult CheckManifestProducesPermissions(
67 const std::string& expected_message_1,
68 const std::string& expected_message_2,
69 const std::string& expected_message_3) {
70 std::vector<std::string> expected_messages;
71 expected_messages.push_back(expected_message_1);
72 expected_messages.push_back(expected_message_2);
73 expected_messages.push_back(expected_message_3);
74 return VerifyPermissionMessages(app_->permissions_data(), expected_messages,
75 false);
77 testing::AssertionResult CheckManifestProducesPermissions(
78 const std::string& expected_message_1,
79 const std::string& expected_message_2,
80 const std::string& expected_message_3,
81 const std::string& expected_message_4) {
82 std::vector<std::string> expected_messages;
83 expected_messages.push_back(expected_message_1);
84 expected_messages.push_back(expected_message_2);
85 expected_messages.push_back(expected_message_3);
86 expected_messages.push_back(expected_message_4);
87 return VerifyPermissionMessages(app_->permissions_data(), expected_messages,
88 false);
90 testing::AssertionResult CheckManifestProducesPermissions(
91 const std::string& expected_message_1,
92 const std::string& expected_message_2,
93 const std::string& expected_message_3,
94 const std::string& expected_message_4,
95 const std::string& expected_message_5) {
96 std::vector<std::string> expected_messages;
97 expected_messages.push_back(expected_message_1);
98 expected_messages.push_back(expected_message_2);
99 expected_messages.push_back(expected_message_3);
100 expected_messages.push_back(expected_message_4);
101 expected_messages.push_back(expected_message_5);
102 return VerifyPermissionMessages(app_->permissions_data(), expected_messages,
103 false);
105 testing::AssertionResult CheckManifestProducesPermissions(
106 const std::string& expected_message_1,
107 const std::vector<std::string>& expected_submessages_1) {
108 return VerifyOnePermissionMessageWithSubmessages(
109 app_->permissions_data(), expected_message_1, expected_submessages_1);
111 testing::AssertionResult CheckManifestProducesPermissions(
112 const std::string& expected_message_1,
113 const std::vector<std::string>& expected_submessages_1,
114 const std::string& expected_message_2,
115 const std::vector<std::string>& expected_submessages_2) {
116 std::vector<std::string> expected_messages;
117 expected_messages.push_back(expected_message_1);
118 expected_messages.push_back(expected_message_2);
119 std::vector<std::vector<std::string>> expected_submessages;
120 expected_submessages.push_back(expected_submessages_1);
121 expected_submessages.push_back(expected_submessages_2);
122 return VerifyPermissionMessagesWithSubmessages(app_->permissions_data(),
123 expected_messages,
124 expected_submessages, false);
126 testing::AssertionResult CheckManifestProducesPermissions(
127 const std::string& expected_message_1,
128 const std::vector<std::string>& expected_submessages_1,
129 const std::string& expected_message_2,
130 const std::vector<std::string>& expected_submessages_2,
131 const std::string& expected_message_3,
132 const std::vector<std::string>& expected_submessages_3) {
133 std::vector<std::string> expected_messages;
134 expected_messages.push_back(expected_message_1);
135 expected_messages.push_back(expected_message_2);
136 expected_messages.push_back(expected_message_3);
137 std::vector<std::vector<std::string>> expected_submessages;
138 expected_submessages.push_back(expected_submessages_1);
139 expected_submessages.push_back(expected_submessages_2);
140 expected_submessages.push_back(expected_submessages_3);
141 return VerifyPermissionMessagesWithSubmessages(app_->permissions_data(),
142 expected_messages,
143 expected_submessages, false);
145 testing::AssertionResult CheckManifestProducesPermissions(
146 const std::string& expected_message_1,
147 const std::vector<std::string>& expected_submessages_1,
148 const std::string& expected_message_2,
149 const std::vector<std::string>& expected_submessages_2,
150 const std::string& expected_message_3,
151 const std::vector<std::string>& expected_submessages_3,
152 const std::string& expected_message_4,
153 const std::vector<std::string>& expected_submessages_4) {
154 std::vector<std::string> expected_messages;
155 expected_messages.push_back(expected_message_1);
156 expected_messages.push_back(expected_message_2);
157 expected_messages.push_back(expected_message_3);
158 expected_messages.push_back(expected_message_4);
159 std::vector<std::vector<std::string>> expected_submessages;
160 expected_submessages.push_back(expected_submessages_1);
161 expected_submessages.push_back(expected_submessages_2);
162 expected_submessages.push_back(expected_submessages_3);
163 expected_submessages.push_back(expected_submessages_4);
164 return VerifyPermissionMessagesWithSubmessages(app_->permissions_data(),
165 expected_messages,
166 expected_submessages, false);
168 testing::AssertionResult CheckManifestProducesPermissions(
169 const std::string& expected_message_1,
170 const std::vector<std::string>& expected_submessages_1,
171 const std::string& expected_message_2,
172 const std::vector<std::string>& expected_submessages_2,
173 const std::string& expected_message_3,
174 const std::vector<std::string>& expected_submessages_3,
175 const std::string& expected_message_4,
176 const std::vector<std::string>& expected_submessages_4,
177 const std::string& expected_message_5,
178 const std::vector<std::string>& expected_submessages_5) {
179 std::vector<std::string> expected_messages;
180 expected_messages.push_back(expected_message_1);
181 expected_messages.push_back(expected_message_2);
182 expected_messages.push_back(expected_message_3);
183 expected_messages.push_back(expected_message_4);
184 expected_messages.push_back(expected_message_5);
185 std::vector<std::vector<std::string>> expected_submessages;
186 expected_submessages.push_back(expected_submessages_1);
187 expected_submessages.push_back(expected_submessages_2);
188 expected_submessages.push_back(expected_submessages_3);
189 expected_submessages.push_back(expected_submessages_4);
190 expected_submessages.push_back(expected_submessages_5);
191 return VerifyPermissionMessagesWithSubmessages(app_->permissions_data(),
192 expected_messages,
193 expected_submessages, false);
196 private:
197 extensions::TestExtensionEnvironment env_;
198 scoped_ptr<ChromePermissionMessageProvider> message_provider_;
199 scoped_refptr<const Extension> app_;
201 DISALLOW_COPY_AND_ASSIGN(PermissionMessageCombinationsUnittest);
204 // Test that the USB, Bluetooth and Serial permissions do not coalesce on their
205 // own, but do coalesce when more than 1 is present.
206 TEST_F(PermissionMessageCombinationsUnittest, USBSerialBluetoothCoalescing) {
207 // Test that the USB permission does not coalesce on its own.
208 CreateAndInstall(
210 " 'app': {"
211 " 'background': {"
212 " 'scripts': ['background.js']"
213 " }"
214 " },"
215 " 'permissions': ["
216 " { 'usbDevices': [{ 'vendorId': 123, 'productId': 456 }] }"
217 " ]"
218 "}");
219 ASSERT_TRUE(CheckManifestProducesPermissions(
220 "Access USB devices from an unknown vendor"));
222 CreateAndInstall(
224 " 'app': {"
225 " 'background': {"
226 " 'scripts': ['background.js']"
227 " }"
228 " },"
229 " 'permissions': ["
230 " { 'usbDevices': [{ 'vendorId': 123, 'productId': 456 }] }"
231 " ]"
232 "}");
233 ASSERT_TRUE(CheckManifestProducesPermissions(
234 "Access USB devices from an unknown vendor"));
236 // Test that the serial permission does not coalesce on its own.
237 CreateAndInstall(
239 " 'app': {"
240 " 'background': {"
241 " 'scripts': ['background.js']"
242 " }"
243 " },"
244 " 'permissions': ["
245 " 'serial'"
246 " ]"
247 "}");
248 ASSERT_TRUE(CheckManifestProducesPermissions("Access your serial devices"));
250 // Test that the bluetooth permission does not coalesce on its own.
251 CreateAndInstall(
253 " 'app': {"
254 " 'background': {"
255 " 'scripts': ['background.js']"
256 " }"
257 " },"
258 " 'bluetooth': {}"
259 "}");
260 ASSERT_TRUE(CheckManifestProducesPermissions(
261 "Access information about Bluetooth devices paired with your system and "
262 "discover nearby Bluetooth devices."));
264 // Test that the bluetooth permission does not coalesce on its own, even
265 // when it specifies additional permissions.
266 CreateAndInstall(
268 " 'app': {"
269 " 'background': {"
270 " 'scripts': ['background.js']"
271 " }"
272 " },"
273 " 'bluetooth': {"
274 " 'uuids': ['1105', '1106']"
275 " }"
276 "}");
277 ASSERT_TRUE(CheckManifestProducesPermissions(
278 "Access information about Bluetooth devices paired with your system and "
279 "discover nearby Bluetooth devices."));
281 // Test that the USB and Serial permissions coalesce.
282 CreateAndInstall(
284 " 'app': {"
285 " 'background': {"
286 " 'scripts': ['background.js']"
287 " }"
288 " },"
289 " 'permissions': ["
290 " { 'usbDevices': [{ 'vendorId': 123, 'productId': 456 }] },"
291 " 'serial'"
292 " ]"
293 "}");
294 ASSERT_TRUE(CheckManifestProducesPermissions(
295 "Access USB devices from an unknown vendor",
296 "Access your serial devices"));
298 // Test that the USB, Serial and Bluetooth permissions coalesce.
299 CreateAndInstall(
301 " 'app': {"
302 " 'background': {"
303 " 'scripts': ['background.js']"
304 " }"
305 " },"
306 " 'permissions': ["
307 " { 'usbDevices': [{ 'vendorId': 123, 'productId': 456 }] },"
308 " 'serial'"
309 " ],"
310 " 'bluetooth': {}"
311 "}");
312 ASSERT_TRUE(CheckManifestProducesPermissions(
313 "Access USB devices from an unknown vendor",
314 "Access your Bluetooth and Serial devices"));
316 // Test that the USB, Serial and Bluetooth permissions coalesce even when
317 // Bluetooth specifies multiple additional permissions.
318 CreateAndInstall(
320 " 'app': {"
321 " 'background': {"
322 " 'scripts': ['background.js']"
323 " }"
324 " },"
325 " 'permissions': ["
326 " { 'usbDevices': [{ 'vendorId': 123, 'productId': 456 }] },"
327 " 'serial'"
328 " ],"
329 " 'bluetooth': {"
330 " 'uuids': ['1105', '1106'],"
331 " 'socket': true,"
332 " 'low_energy': true"
333 " }"
334 "}");
335 ASSERT_TRUE(CheckManifestProducesPermissions(
336 "Access USB devices from an unknown vendor",
337 "Access your Bluetooth and Serial devices"));
340 // Test that the History permission takes precedence over the Tabs permission,
341 // and that the Sessions permission modifies this final message.
342 TEST_F(PermissionMessageCombinationsUnittest, TabsHistorySessionsCoalescing) {
343 CreateAndInstall(
345 " 'permissions': ["
346 " 'tabs'"
347 " ]"
348 "}");
349 ASSERT_TRUE(CheckManifestProducesPermissions("Read your browsing history"));
351 CreateAndInstall(
353 " 'permissions': ["
354 " 'tabs', 'sessions'"
355 " ]"
356 "}");
357 ASSERT_TRUE(CheckManifestProducesPermissions(
358 "Read your browsing history on all your signed-in devices"));
360 CreateAndInstall(
362 " 'permissions': ["
363 " 'tabs', 'history'"
364 " ]"
365 "}");
366 ASSERT_TRUE(CheckManifestProducesPermissions(
367 "Read and change your browsing history"));
369 CreateAndInstall(
371 " 'permissions': ["
372 " 'tabs', 'history', 'sessions'"
373 " ]"
374 "}");
375 ASSERT_TRUE(CheckManifestProducesPermissions(
376 "Read and change your browsing history on all your signed-in devices"));
379 // Test that the fileSystem permission produces no messages by itself, unless it
380 // has both the 'write' and 'directory' additional permissions, in which case it
381 // displays a message.
382 TEST_F(PermissionMessageCombinationsUnittest, FileSystemReadWriteCoalescing) {
383 CreateAndInstall(
385 " 'app': {"
386 " 'background': {"
387 " 'scripts': ['background.js']"
388 " }"
389 " },"
390 " 'permissions': ["
391 " 'fileSystem'"
392 " ]"
393 "}");
394 ASSERT_TRUE(CheckManifestProducesPermissions());
396 CreateAndInstall(
398 " 'app': {"
399 " 'background': {"
400 " 'scripts': ['background.js']"
401 " }"
402 " },"
403 " 'permissions': ["
404 " 'fileSystem', {'fileSystem': ['retainEntries', 'write']}"
405 " ]"
406 "}");
407 ASSERT_TRUE(CheckManifestProducesPermissions());
409 CreateAndInstall(
411 " 'app': {"
412 " 'background': {"
413 " 'scripts': ['background.js']"
414 " }"
415 " },"
416 " 'permissions': ["
417 " 'fileSystem', {'fileSystem': ["
418 " 'retainEntries', 'write', 'directory'"
419 " ]}"
420 " ]"
421 "}");
422 ASSERT_TRUE(CheckManifestProducesPermissions(
423 "Write to files and folders that you open in the application"));
426 // Check that host permission messages are generated correctly when URLs are
427 // entered as permissions.
428 TEST_F(PermissionMessageCombinationsUnittest, HostsPermissionMessages) {
429 CreateAndInstall(
431 " 'permissions': ["
432 " 'http://www.blogger.com/',"
433 " ]"
434 "}");
435 ASSERT_TRUE(CheckManifestProducesPermissions(
436 "Read and change your data on www.blogger.com"));
438 CreateAndInstall(
440 " 'permissions': ["
441 " 'http://*.google.com/',"
442 " ]"
443 "}");
444 ASSERT_TRUE(CheckManifestProducesPermissions(
445 "Read and change your data on all google.com sites"));
447 CreateAndInstall(
449 " 'permissions': ["
450 " 'http://www.blogger.com/',"
451 " 'http://*.google.com/',"
452 " ]"
453 "}");
454 ASSERT_TRUE(CheckManifestProducesPermissions(
455 "Read and change your data on all google.com sites and "
456 "www.blogger.com"));
458 CreateAndInstall(
460 " 'permissions': ["
461 " 'http://www.blogger.com/',"
462 " 'http://*.google.com/',"
463 " 'http://*.news.com/',"
464 " ]"
465 "}");
466 ASSERT_TRUE(CheckManifestProducesPermissions(
467 "Read and change your data on all google.com sites, all news.com sites, "
468 "and www.blogger.com"));
470 CreateAndInstall(
472 " 'permissions': ["
473 " 'http://www.blogger.com/',"
474 " 'http://*.google.com/',"
475 " 'http://*.news.com/',"
476 " 'http://www.foobar.com/',"
477 " ]"
478 "}");
479 std::vector<std::string> submessages;
480 submessages.push_back("All google.com sites");
481 submessages.push_back("All news.com sites");
482 submessages.push_back("www.blogger.com");
483 submessages.push_back("www.foobar.com");
484 ASSERT_TRUE(CheckManifestProducesPermissions(
485 "Read and change your data on a number of websites", submessages));
487 CreateAndInstall(
489 " 'permissions': ["
490 " 'http://www.blogger.com/',"
491 " 'http://*.google.com/',"
492 " 'http://*.news.com/',"
493 " 'http://www.foobar.com/',"
494 " 'http://*.go.com/',"
495 " ]"
496 "}");
497 submessages.clear();
498 submessages.push_back("All go.com sites");
499 submessages.push_back("All google.com sites");
500 submessages.push_back("All news.com sites");
501 submessages.push_back("www.blogger.com");
502 submessages.push_back("www.foobar.com");
503 ASSERT_TRUE(CheckManifestProducesPermissions(
504 "Read and change your data on a number of websites", submessages));
506 CreateAndInstall(
508 " 'permissions': ["
509 " 'http://*.go.com/',"
510 " 'chrome://favicon/',"
511 " ]"
512 "}");
513 ASSERT_TRUE(CheckManifestProducesPermissions(
514 "Read and change your data on all go.com sites",
515 "Read the icons of the websites you visit"));
517 // Having the 'all sites' permission doesn't change the permission message,
518 // since its pseudo-granted at runtime.
519 CreateAndInstall(
521 " 'permissions': ["
522 " 'http://*.go.com/',"
523 " 'chrome://favicon/',"
524 " 'http://*.*',"
525 " ]"
526 "}");
527 ASSERT_TRUE(CheckManifestProducesPermissions(
528 "Read and change your data on all go.com sites",
529 "Read the icons of the websites you visit"));
532 // Check that permission messages are generated correctly for
533 // SocketsManifestPermission, which has host-like permission messages.
534 TEST_F(PermissionMessageCombinationsUnittest,
535 SocketsManifestPermissionMessages) {
536 CreateAndInstall(
538 " 'app': {"
539 " 'background': {"
540 " 'scripts': ['background.js']"
541 " }"
542 " },"
543 " 'sockets': {"
544 " 'udp': {'send': '*'},"
545 " }"
546 "}");
547 ASSERT_TRUE(CheckManifestProducesPermissions(
548 "Exchange data with any computer on the local network or internet"));
550 CreateAndInstall(
552 " 'app': {"
553 " 'background': {"
554 " 'scripts': ['background.js']"
555 " }"
556 " },"
557 " 'sockets': {"
558 " 'udp': {'send': ':99'},"
559 " }"
560 "}");
561 ASSERT_TRUE(CheckManifestProducesPermissions(
562 "Exchange data with any computer on the local network or internet"));
564 CreateAndInstall(
566 " 'app': {"
567 " 'background': {"
568 " 'scripts': ['background.js']"
569 " }"
570 " },"
571 " 'sockets': {"
572 " 'tcp': {'connect': '127.0.0.1:80'},"
573 " }"
574 "}");
575 ASSERT_TRUE(CheckManifestProducesPermissions(
576 "Exchange data with the computer named 127.0.0.1"));
578 CreateAndInstall(
580 " 'app': {"
581 " 'background': {"
582 " 'scripts': ['background.js']"
583 " }"
584 " },"
585 " 'sockets': {"
586 " 'tcp': {'connect': 'www.example.com:23'},"
587 " }"
588 "}");
589 ASSERT_TRUE(CheckManifestProducesPermissions(
590 "Exchange data with the computer named www.example.com"));
592 CreateAndInstall(
594 " 'app': {"
595 " 'background': {"
596 " 'scripts': ['background.js']"
597 " }"
598 " },"
599 " 'sockets': {"
600 " 'tcpServer': {'listen': '127.0.0.1:80'}"
601 " }"
602 "}");
603 ASSERT_TRUE(CheckManifestProducesPermissions(
604 "Exchange data with the computer named 127.0.0.1"));
606 CreateAndInstall(
608 " 'app': {"
609 " 'background': {"
610 " 'scripts': ['background.js']"
611 " }"
612 " },"
613 " 'sockets': {"
614 " 'tcpServer': {'listen': ':8080'}"
615 " }"
616 "}");
617 ASSERT_TRUE(CheckManifestProducesPermissions(
618 "Exchange data with any computer on the local network or internet"));
620 CreateAndInstall(
622 " 'app': {"
623 " 'background': {"
624 " 'scripts': ['background.js']"
625 " }"
626 " },"
627 " 'sockets': {"
628 " 'tcpServer': {"
629 " 'listen': ["
630 " '127.0.0.1:80',"
631 " 'www.google.com',"
632 " 'www.example.com:*',"
633 " 'www.foo.com:200',"
634 " 'www.bar.com:200'"
635 " ]"
636 " }"
637 " }"
638 "}");
639 ASSERT_TRUE(CheckManifestProducesPermissions(
640 "Exchange data with the computers named: 127.0.0.1 www.bar.com "
641 "www.example.com www.foo.com www.google.com"));
643 CreateAndInstall(
645 " 'app': {"
646 " 'background': {"
647 " 'scripts': ['background.js']"
648 " }"
649 " },"
650 " 'sockets': {"
651 " 'tcp': {"
652 " 'connect': ["
653 " 'www.abc.com:*',"
654 " 'www.mywebsite.com:320',"
655 " 'www.freestuff.com',"
656 " 'www.foo.com:34',"
657 " 'www.test.com'"
658 " ]"
659 " },"
660 " 'tcpServer': {"
661 " 'listen': ["
662 " '127.0.0.1:80',"
663 " 'www.google.com',"
664 " 'www.example.com:*',"
665 " 'www.foo.com:200',"
666 " ]"
667 " }"
668 " }"
669 "}");
670 ASSERT_TRUE(CheckManifestProducesPermissions(
671 "Exchange data with the computers named: 127.0.0.1 www.abc.com "
672 "www.example.com www.foo.com www.freestuff.com www.google.com "
673 "www.mywebsite.com www.test.com"));
675 CreateAndInstall(
677 " 'app': {"
678 " 'background': {"
679 " 'scripts': ['background.js']"
680 " }"
681 " },"
682 " 'sockets': {"
683 " 'tcp': {'send': '*:*'},"
684 " 'tcpServer': {'listen': '*:*'},"
685 " }"
686 "}");
687 ASSERT_TRUE(CheckManifestProducesPermissions(
688 "Exchange data with any computer on the local network or internet"));
691 // Check that permission messages are generated correctly for
692 // MediaGalleriesPermission (an API permission with custom messages).
693 TEST_F(PermissionMessageCombinationsUnittest,
694 MediaGalleriesPermissionMessages) {
695 CreateAndInstall(
697 " 'app': {"
698 " 'background': {"
699 " 'scripts': ['background.js']"
700 " }"
701 " },"
702 " 'permissions': ["
703 " { 'mediaGalleries': ['read'] }"
704 " ]"
705 "}");
706 ASSERT_TRUE(CheckManifestProducesPermissions());
708 CreateAndInstall(
710 " 'app': {"
711 " 'background': {"
712 " 'scripts': ['background.js']"
713 " }"
714 " },"
715 " 'permissions': ["
716 " { 'mediaGalleries': ['read', 'allAutoDetected'] }"
717 " ]"
718 "}");
719 ASSERT_TRUE(CheckManifestProducesPermissions(
720 "Access photos, music, and other media from your computer"));
722 // TODO(sashab): Add a test for the
723 // IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE message (generated
724 // with the 'read' and 'copyTo' permissions, but not the 'delete' permission),
725 // if it's possible to get this message. Otherwise, remove it from the code.
727 CreateAndInstall(
729 " 'app': {"
730 " 'background': {"
731 " 'scripts': ['background.js']"
732 " }"
733 " },"
734 " 'permissions': ["
735 " { 'mediaGalleries': ['read', 'delete', 'allAutoDetected'] }"
736 " ]"
737 "}");
738 ASSERT_TRUE(CheckManifestProducesPermissions(
739 "Read and delete photos, music, and other media from your computer"));
741 CreateAndInstall(
743 " 'app': {"
744 " 'background': {"
745 " 'scripts': ['background.js']"
746 " }"
747 " },"
748 " 'permissions': ["
749 " { 'mediaGalleries':"
750 " [ 'read', 'delete', 'copyTo', 'allAutoDetected' ] }"
751 " ]"
752 "}");
753 ASSERT_TRUE(CheckManifestProducesPermissions(
754 "Read, change and delete photos, music, and other media from your "
755 "computer"));
757 // Without the allAutoDetected permission, there should be no install-time
758 // permission messages.
759 CreateAndInstall(
761 " 'app': {"
762 " 'background': {"
763 " 'scripts': ['background.js']"
764 " }"
765 " },"
766 " 'permissions': ["
767 " { 'mediaGalleries': ['read', 'delete', 'copyTo'] }"
768 " ]"
769 "}");
770 ASSERT_TRUE(CheckManifestProducesPermissions());
773 // TODO(sashab): Add tests for SettingsOverrideAPIPermission (an API permission
774 // with custom messages).
776 // Check that permission messages are generated correctly for SocketPermission
777 // (an API permission with custom messages).
778 TEST_F(PermissionMessageCombinationsUnittest, SocketPermissionMessages) {
779 CreateAndInstall(
781 " 'app': {"
782 " 'background': {"
783 " 'scripts': ['background.js']"
784 " }"
785 " },"
786 " 'permissions': ["
787 " { 'socket': ['tcp-connect:*:*'] }"
788 " ]"
789 "}");
790 ASSERT_TRUE(CheckManifestProducesPermissions(
791 "Exchange data with any computer on the local network or internet"));
793 CreateAndInstall(
795 " 'app': {"
796 " 'background': {"
797 " 'scripts': ['background.js']"
798 " }"
799 " },"
800 " 'permissions': ["
801 " { 'socket': ["
802 " 'tcp-connect:*:443',"
803 " 'tcp-connect:*:50032',"
804 " 'tcp-connect:*:23',"
805 " ] }"
806 " ]"
807 "}");
808 ASSERT_TRUE(CheckManifestProducesPermissions(
809 "Exchange data with any computer on the local network or internet"));
811 CreateAndInstall(
813 " 'app': {"
814 " 'background': {"
815 " 'scripts': ['background.js']"
816 " }"
817 " },"
818 " 'permissions': ["
819 " { 'socket': ['tcp-connect:foo.example.com:443'] }"
820 " ]"
821 "}");
822 ASSERT_TRUE(CheckManifestProducesPermissions(
823 "Exchange data with the computer named foo.example.com"));
825 CreateAndInstall(
827 " 'app': {"
828 " 'background': {"
829 " 'scripts': ['background.js']"
830 " }"
831 " },"
832 " 'permissions': ["
833 " { 'socket': ['tcp-connect:foo.example.com:443', 'udp-send-to'] }"
834 " ]"
835 "}");
836 ASSERT_TRUE(CheckManifestProducesPermissions(
837 "Exchange data with any computer on the local network or internet"));
839 CreateAndInstall(
841 " 'app': {"
842 " 'background': {"
843 " 'scripts': ['background.js']"
844 " }"
845 " },"
846 " 'permissions': ["
847 " { 'socket': ["
848 " 'tcp-connect:foo.example.com:443',"
849 " 'udp-send-to:test.ping.com:50032',"
850 " ] }"
851 " ]"
852 "}");
853 ASSERT_TRUE(CheckManifestProducesPermissions(
854 "Exchange data with the computers named: foo.example.com test.ping.com"));
856 CreateAndInstall(
858 " 'app': {"
859 " 'background': {"
860 " 'scripts': ['background.js']"
861 " }"
862 " },"
863 " 'permissions': ["
864 " { 'socket': ["
865 " 'tcp-connect:foo.example.com:443',"
866 " 'udp-send-to:test.ping.com:50032',"
867 " 'udp-send-to:www.ping.com:50032',"
868 " 'udp-send-to:test2.ping.com:50032',"
869 " 'udp-bind:test.ping.com:50032',"
870 " ] }"
871 " ]"
872 "}");
873 ASSERT_TRUE(CheckManifestProducesPermissions(
874 "Exchange data with the computers named: foo.example.com test.ping.com "
875 "test2.ping.com www.ping.com"));
877 CreateAndInstall(
879 " 'app': {"
880 " 'background': {"
881 " 'scripts': ['background.js']"
882 " }"
883 " },"
884 " 'permissions': ["
885 " { 'socket': ["
886 " 'tcp-connect:foo.example.com:443',"
887 " 'udp-send-to:test.ping.com:50032',"
888 " 'tcp-connect:*:23',"
889 " ] }"
890 " ]"
891 "}");
892 ASSERT_TRUE(CheckManifestProducesPermissions(
893 "Exchange data with any computer on the local network or internet"));
896 // Check that permission messages are generated correctly for
897 // USBDevicePermission (an API permission with custom messages).
898 TEST_F(PermissionMessageCombinationsUnittest, USBDevicePermissionMessages) {
899 CreateAndInstall(
901 " 'app': {"
902 " 'background': {"
903 " 'scripts': ['background.js']"
904 " }"
905 " },"
906 " 'permissions': ["
907 " { 'usbDevices': ["
908 " { 'vendorId': 0, 'productId': 0 },"
909 " ] }"
910 " ]"
911 "}");
912 ASSERT_TRUE(CheckManifestProducesPermissions(
913 "Access USB devices from an unknown vendor"));
915 CreateAndInstall(
917 " 'app': {"
918 " 'background': {"
919 " 'scripts': ['background.js']"
920 " }"
921 " },"
922 " 'permissions': ["
923 " { 'usbDevices': ["
924 " { 'vendorId': 4179, 'productId': 529 },"
925 " ] }"
926 " ]"
927 "}");
928 ASSERT_TRUE(CheckManifestProducesPermissions(
929 "Access USB devices from Immanuel Electronics Co., Ltd"));
931 CreateAndInstall(
933 " 'app': {"
934 " 'background': {"
935 " 'scripts': ['background.js']"
936 " }"
937 " },"
938 " 'permissions': ["
939 " { 'usbDevices': ["
940 " { 'vendorId': 6353, 'productId': 8192 },"
941 " ] }"
942 " ]"
943 "}");
944 ASSERT_TRUE(
945 CheckManifestProducesPermissions("Access USB devices from Google Inc."));
947 CreateAndInstall(
949 " 'app': {"
950 " 'background': {"
951 " 'scripts': ['background.js']"
952 " }"
953 " },"
954 " 'permissions': ["
955 " { 'usbDevices': ["
956 " { 'vendorId': 4179, 'productId': 529 },"
957 " { 'vendorId': 6353, 'productId': 8192 },"
958 " ] }"
959 " ]"
960 "}");
961 std::vector<std::string> submessages;
962 submessages.push_back("unknown devices from Immanuel Electronics Co., Ltd");
963 submessages.push_back("unknown devices from Google Inc.");
964 ASSERT_TRUE(CheckManifestProducesPermissions(
965 "Access any of these USB devices", submessages));
967 // TODO(sashab): Add a test with a valid product/vendor USB device.
970 // Test that hosted apps are not given any messages for host permissions.
971 TEST_F(PermissionMessageCombinationsUnittest,
972 PackagedAppsHaveNoHostPermissions) {
973 CreateAndInstall(
975 " 'app': {"
976 " 'background': {"
977 " 'scripts': ['background.js']"
978 " }"
979 " },"
980 " 'permissions': ["
981 " 'http://www.blogger.com/',"
982 " 'http://*.google.com/',"
983 " ]"
984 "}");
985 ASSERT_TRUE(CheckManifestProducesPermissions());
987 CreateAndInstall(
989 " 'app': {"
990 " 'background': {"
991 " 'scripts': ['background.js']"
992 " }"
993 " },"
994 " 'permissions': ["
995 " 'serial',"
996 " 'http://www.blogger.com/',"
997 " 'http://*.google.com/',"
998 " ]"
999 "}");
1000 ASSERT_TRUE(CheckManifestProducesPermissions("Access your serial devices"));
1003 // Test various apps with lots of permissions, including those with no
1004 // permission messages, or those that only apply to apps or extensions even when
1005 // the given manifest is for a different type.
1006 TEST_F(PermissionMessageCombinationsUnittest, PermissionMessageCombos) {
1007 CreateAndInstall(
1009 " 'permissions': ["
1010 " 'tabs',"
1011 " 'bookmarks',"
1012 " 'http://www.blogger.com/',"
1013 " 'http://*.google.com/',"
1014 " 'unlimitedStorage',"
1015 " ]"
1016 "}");
1017 ASSERT_TRUE(CheckManifestProducesPermissions(
1018 "Read and change your data on all google.com sites and www.blogger.com",
1019 "Read your browsing history", "Read and change your bookmarks"));
1021 CreateAndInstall(
1023 " 'permissions': ["
1024 " 'tabs',"
1025 " 'sessions',"
1026 " 'bookmarks',"
1027 " 'unlimitedStorage',"
1028 " 'syncFileSystem',"
1029 " 'http://www.blogger.com/',"
1030 " 'http://*.google.com/',"
1031 " 'http://*.news.com/',"
1032 " 'http://www.foobar.com/',"
1033 " 'http://*.go.com/',"
1034 " ]"
1035 "}");
1036 std::vector<std::string> submessages;
1037 submessages.push_back("All go.com sites");
1038 submessages.push_back("All google.com sites");
1039 submessages.push_back("All news.com sites");
1040 submessages.push_back("www.blogger.com");
1041 submessages.push_back("www.foobar.com");
1042 ASSERT_TRUE(CheckManifestProducesPermissions(
1043 "Read your browsing history on all your signed-in devices",
1044 std::vector<std::string>(), "Read and change your bookmarks",
1045 std::vector<std::string>(),
1046 "Read and change your data on a number of websites", submessages));
1048 CreateAndInstall(
1050 " 'permissions': ["
1051 " 'tabs',"
1052 " 'sessions',"
1053 " 'bookmarks',"
1054 " 'accessibilityFeatures.read',"
1055 " 'accessibilityFeatures.modify',"
1056 " 'alarms',"
1057 " 'browsingData',"
1058 " 'cookies',"
1059 " 'desktopCapture',"
1060 " 'gcm',"
1061 " 'topSites',"
1062 " 'storage',"
1063 " 'unlimitedStorage',"
1064 " 'syncFileSystem',"
1065 " 'http://www.blogger.com/',"
1066 " 'http://*.google.com/',"
1067 " 'http://*.news.com/',"
1068 " 'http://www.foobar.com/',"
1069 " 'http://*.go.com/',"
1070 " ]"
1071 "}");
1073 submessages.clear();
1074 submessages.push_back("All go.com sites");
1075 submessages.push_back("All google.com sites");
1076 submessages.push_back("All news.com sites");
1077 submessages.push_back("www.blogger.com");
1078 submessages.push_back("www.foobar.com");
1079 ASSERT_TRUE(CheckManifestProducesPermissions(
1080 "Read your browsing history on all your signed-in devices",
1081 std::vector<std::string>(), "Capture content of your screen",
1082 std::vector<std::string>(), "Read and change your bookmarks",
1083 std::vector<std::string>(),
1084 "Read and change your data on a number of websites", submessages,
1085 "Read and change your accessibility settings",
1086 std::vector<std::string>()));
1088 // Create an App instead, ensuring that the host permission messages are not
1089 // added.
1090 CreateAndInstall(
1092 " 'app': {"
1093 " 'background': {"
1094 " 'scripts': ['background.js']"
1095 " }"
1096 " },"
1097 " 'permissions': ["
1098 " 'contextMenus',"
1099 " 'permissions',"
1100 " 'accessibilityFeatures.read',"
1101 " 'accessibilityFeatures.modify',"
1102 " 'alarms',"
1103 " 'power',"
1104 " 'cookies',"
1105 " 'serial',"
1106 " 'usb',"
1107 " 'storage',"
1108 " 'gcm',"
1109 " 'topSites',"
1110 " 'storage',"
1111 " 'unlimitedStorage',"
1112 " 'syncFileSystem',"
1113 " 'http://www.blogger.com/',"
1114 " 'http://*.google.com/',"
1115 " 'http://*.news.com/',"
1116 " 'http://www.foobar.com/',"
1117 " 'http://*.go.com/',"
1118 " ]"
1119 "}");
1121 ASSERT_TRUE(CheckManifestProducesPermissions(
1122 "Access your serial devices", "Store data in your Google Drive account",
1123 "Read and change your accessibility settings"));
1127 // Tests that the 'plugin' manifest key produces the correct permission.
1128 TEST_F(PermissionMessageCombinationsUnittest, PluginPermission) {
1129 // Extensions can have plugins.
1130 CreateAndInstall(
1132 " 'plugins': ["
1133 " { 'path': 'extension_plugin.dll' }"
1134 " ]"
1135 "}");
1137 #ifdef OS_CHROMEOS
1138 ASSERT_TRUE(CheckManifestProducesPermissions());
1139 #else
1140 ASSERT_TRUE(CheckManifestProducesPermissions(
1141 "Read and change all your data on your computer and the websites you "
1142 "visit"));
1143 #endif
1145 // Apps can't have plugins.
1146 CreateAndInstall(
1148 " 'app': {"
1149 " 'background': {"
1150 " 'scripts': ['background.js']"
1151 " }"
1152 " },"
1153 " 'plugins': ["
1154 " { 'path': 'extension_plugin.dll' }"
1155 " ]"
1156 "}");
1157 ASSERT_TRUE(CheckManifestProducesPermissions());
1160 // TODO(sashab): Add a test that checks that messages are generated correctly
1161 // for withheld permissions, when an app is granted the 'all sites' permission.
1163 // TODO(sashab): Add a test that ensures that all permissions that can generate
1164 // a coalesced message can also generate a message on their own (i.e. ensure
1165 // that no permissions only modify other permissions).
1167 // TODO(sashab): Add a test for every permission message combination that can
1168 // generate a message.
1170 // TODO(aboxhall): Add tests for the automation API permission messages.
1172 } // namespace extensions