1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/memory/scoped_ptr.h"
6 #include "chrome/browser/extensions/extension_service.h"
7 #include "chrome/browser/extensions/permissions_updater.h"
8 #include "chrome/browser/extensions/test_extension_environment.h"
9 #include "chrome/common/extensions/permissions/chrome_permission_message_provider.h"
10 #include "chrome/grit/generated_resources.h"
11 #include "chrome/test/base/testing_profile.h"
12 #include "components/crx_file/id_util.h"
13 #include "extensions/browser/extension_prefs.h"
14 #include "extensions/common/extension.h"
15 #include "extensions/common/extension_builder.h"
16 #include "extensions/common/manifest.h"
17 #include "extensions/common/manifest_handlers/permissions_parser.h"
18 #include "extensions/common/permissions/permission_set.h"
19 #include "extensions/common/permissions/permissions_data.h"
20 #include "extensions/common/test_util.h"
21 #include "extensions/common/value_builder.h"
22 #include "testing/gtest/include/gtest/gtest.h"
23 #include "ui/base/l10n/l10n_util.h"
25 namespace extensions
{
27 // Tests that ChromePermissionMessageProvider provides not only correct, but
28 // meaningful permission messages that coalesce correctly where appropriate.
29 // There are 3 types of permission messages that need to be tested:
30 // 1. The combined list of active permissions, displayed at install time (or
31 // when the app has been disabled automatically and needs to be re-enabled)
32 // 2. The split list of active permissions, displayed in the App Info dialog,
33 // where the optional permissions are individually revokable
34 // 3. The list of requested optional permissions, displayed in a prompt to the
35 // user when the app requests these during runtime
36 // Some of these tests are prefixed AntiTest_, since they demonstrate existing
37 // problematic functionality. These tests are prefixed with AntiTest_ and will
38 // be changed as the correct behaviour is implemented. TODOs in the test explain
39 // the currently problematic behaviour.
40 class PermissionMessagesUnittest
: public testing::Test
{
42 PermissionMessagesUnittest()
43 : message_provider_(new ChromePermissionMessageProvider()) {}
44 ~PermissionMessagesUnittest() override
{}
46 // Overridden from testing::Test:
47 void SetUp() override
{
48 testing::Test::SetUp();
49 // Force creation of ExtensionPrefs before adding extensions.
50 env_
.GetExtensionPrefs();
54 void CreateAndInstallAppWithPermissions(ListBuilder
& required_permissions
,
55 ListBuilder
& optional_permissions
) {
56 app_
= test_util::BuildApp(ExtensionBuilder().Pass())
59 .Set("permissions", required_permissions
)
60 .Set("optional_permissions", optional_permissions
))
61 .SetID(crx_file::id_util::GenerateId("app"))
62 .SetLocation(Manifest::INTERNAL
)
64 env_
.GetExtensionService()->AddExtension(app_
.get());
67 void CreateAndInstallExtensionWithPermissions(
68 ListBuilder
& required_permissions
,
69 ListBuilder
& optional_permissions
) {
70 app_
= test_util::BuildExtension(ExtensionBuilder().Pass())
73 .Set("permissions", required_permissions
)
74 .Set("optional_permissions", optional_permissions
))
75 .SetID(crx_file::id_util::GenerateId("extension"))
76 .SetLocation(Manifest::INTERNAL
)
78 env_
.GetExtensionService()->AddExtension(app_
.get());
81 // Returns the permission messages that would display in the prompt that
82 // requests all the optional permissions for the current |app_|.
83 std::vector
<base::string16
> GetOptionalPermissionMessages() {
84 scoped_refptr
<const PermissionSet
> granted_permissions
=
85 env_
.GetExtensionPrefs()->GetGrantedPermissions(app_
->id());
86 scoped_refptr
<const PermissionSet
> optional_permissions
=
87 PermissionsParser::GetOptionalPermissions(app_
.get());
88 scoped_refptr
<const PermissionSet
> requested_permissions
=
89 PermissionSet::CreateDifference(optional_permissions
.get(),
90 granted_permissions
.get());
91 return GetMessages(requested_permissions
);
94 void GrantOptionalPermissions() {
95 PermissionsUpdater
perms_updater(env_
.profile());
96 perms_updater
.AddPermissions(
98 PermissionsParser::GetOptionalPermissions(app_
.get()).get());
101 std::vector
<base::string16
> active_permissions() {
102 return GetMessages(app_
->permissions_data()->active_permissions());
105 std::vector
<base::string16
> required_permissions() {
106 return GetMessages(PermissionsParser::GetRequiredPermissions(app_
.get()));
109 std::vector
<base::string16
> optional_permissions() {
110 return GetMessages(PermissionsParser::GetOptionalPermissions(app_
.get()));
114 std::vector
<base::string16
> GetMessages(
115 scoped_refptr
<const PermissionSet
> permissions
) {
116 return message_provider_
->GetLegacyWarningMessages(permissions
.get(),
120 extensions::TestExtensionEnvironment env_
;
121 scoped_ptr
<ChromePermissionMessageProvider
> message_provider_
;
122 scoped_refptr
<const Extension
> app_
;
124 DISALLOW_COPY_AND_ASSIGN(PermissionMessagesUnittest
);
127 // If an app has both the 'history' and 'tabs' permission, one should hide the
128 // other (the 'history' permission has superset permissions).
129 TEST_F(PermissionMessagesUnittest
, HistoryHidesTabsMessage
) {
130 CreateAndInstallExtensionWithPermissions(
131 ListBuilder().Append("tabs").Append("history").Pass(),
132 ListBuilder().Pass());
134 ASSERT_EQ(1U, required_permissions().size());
136 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
137 required_permissions()[0]);
139 ASSERT_EQ(0U, optional_permissions().size());
142 // If an app requests the 'history' permission, but already has the 'tabs'
143 // permission, only the new coalesced message is displayed.
144 TEST_F(PermissionMessagesUnittest
, MixedPermissionMessagesCoalesceOnceGranted
) {
145 CreateAndInstallExtensionWithPermissions(
146 ListBuilder().Append("tabs").Pass(),
147 ListBuilder().Append("history").Pass());
149 ASSERT_EQ(1U, required_permissions().size());
151 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
152 required_permissions()[0]);
154 ASSERT_EQ(1U, optional_permissions().size());
156 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
157 optional_permissions()[0]);
159 ASSERT_EQ(1U, active_permissions().size());
161 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
162 active_permissions()[0]);
164 ASSERT_EQ(1U, GetOptionalPermissionMessages().size());
166 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
167 GetOptionalPermissionMessages()[0]);
169 GrantOptionalPermissions();
171 ASSERT_EQ(1U, active_permissions().size());
173 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
174 active_permissions()[0]);
177 // AntiTest: This behavior should be changed and improved.
178 // If an app requests the 'tabs' permission but already has the 'history'
179 // permission, a prompt is displayed. However, no prompt should appear at all,
180 // since 'tabs' is a subset of 'history' and the final list of permissions are
181 // not affected by this grant.
182 TEST_F(PermissionMessagesUnittest
,
183 AntiTest_PromptCanRequestSubsetOfAlreadyGrantedPermissions
) {
184 CreateAndInstallExtensionWithPermissions(
185 ListBuilder().Append("history").Pass(),
186 ListBuilder().Append("tabs").Pass());
188 ASSERT_EQ(1U, required_permissions().size());
190 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
191 required_permissions()[0]);
193 ASSERT_EQ(1U, optional_permissions().size());
195 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
196 optional_permissions()[0]);
198 ASSERT_EQ(1U, active_permissions().size());
200 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
201 active_permissions()[0]);
203 // TODO(sashab): This prompt should display no permissions, since READ is a
204 // subset permission of WRITE.
205 ASSERT_EQ(1U, GetOptionalPermissionMessages().size());
207 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
208 GetOptionalPermissionMessages()[0]);
210 GrantOptionalPermissions();
212 ASSERT_EQ(1U, active_permissions().size());
214 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE
),
215 active_permissions()[0]);
218 // AntiTest: This behavior should be changed and improved.
219 // If an app requests the 'sessions' permission, nothing is displayed in the
220 // permission request prompt. However, the required permissions for the app are
221 // actually modified, so the prompt *should* display a message to prevent this
222 // permission from being granted for free.
223 TEST_F(PermissionMessagesUnittest
,
224 AntiTest_PromptCanBeEmptyButCausesChangeInPermissions
) {
225 CreateAndInstallExtensionWithPermissions(
226 ListBuilder().Append("tabs").Pass(),
227 ListBuilder().Append("sessions").Pass());
229 ASSERT_EQ(1U, required_permissions().size());
231 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
232 required_permissions()[0]);
234 ASSERT_EQ(0U, optional_permissions().size());
236 ASSERT_EQ(1U, active_permissions().size());
238 l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ
),
239 active_permissions()[0]);
241 // TODO(sashab): This prompt should display the sessions permission message,
242 // as well as warn the user that it can affect the existing 'tab' permission.
243 ASSERT_EQ(0U, GetOptionalPermissionMessages().size());
245 GrantOptionalPermissions();
247 ASSERT_EQ(1U, active_permissions().size());
248 EXPECT_EQ(l10n_util::GetStringUTF16(
249 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS
),
250 active_permissions()[0]);
253 } // namespace extensions