Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / extensions / extension_special_storage_policy.h
blob31412c715993bedb4709985ed5e11616793c0333
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_SPECIAL_STORAGE_POLICY_H_
6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_SPECIAL_STORAGE_POLICY_H_
8 #include <map>
9 #include <string>
11 #include "base/synchronization/lock.h"
12 #include "extensions/common/extension_set.h"
13 #include "storage/browser/quota/special_storage_policy.h"
14 #include "url/gurl.h"
16 namespace content {
17 class BrowserContext;
20 namespace content_settings {
21 class CookieSettings;
24 namespace extensions {
25 class Extension;
28 // Special rights are granted to 'extensions' and 'applications'. The
29 // storage subsystems and the browsing data remover query this interface
30 // to determine which origins have these rights.
31 class ExtensionSpecialStoragePolicy : public storage::SpecialStoragePolicy {
32 public:
33 explicit ExtensionSpecialStoragePolicy(
34 content_settings::CookieSettings* cookie_settings);
36 // storage::SpecialStoragePolicy methods used by storage subsystems and the
37 // browsing data remover. These methods are safe to call on any thread.
38 bool IsStorageProtected(const GURL& origin) override;
39 bool IsStorageUnlimited(const GURL& origin) override;
40 bool IsStorageSessionOnly(const GURL& origin) override;
41 bool CanQueryDiskSize(const GURL& origin) override;
42 bool HasIsolatedStorage(const GURL& origin) override;
43 bool HasSessionOnlyOrigins() override;
44 bool IsStorageDurable(const GURL& origin) override;
46 // Methods used by the ExtensionService to populate this class.
47 void GrantRightsForExtension(const extensions::Extension* extension,
48 content::BrowserContext* browser_context);
49 void RevokeRightsForExtension(const extensions::Extension* extension);
50 void RevokeRightsForAllExtensions();
52 // Decides whether the storage for |extension|'s web extent needs protection.
53 bool NeedsProtection(const extensions::Extension* extension);
55 // Returns the set of extensions protecting this origin. The caller does not
56 // take ownership of the return value.
57 const extensions::ExtensionSet* ExtensionsProtectingOrigin(
58 const GURL& origin);
60 protected:
61 ~ExtensionSpecialStoragePolicy() override;
63 private:
64 class SpecialCollection {
65 public:
66 SpecialCollection();
67 ~SpecialCollection();
69 bool Contains(const GURL& origin);
70 bool GrantsCapabilitiesTo(const GURL& origin);
71 const extensions::ExtensionSet* ExtensionsContaining(const GURL& origin);
72 bool ContainsExtension(const std::string& extension_id);
73 bool Add(const extensions::Extension* extension);
74 bool Remove(const extensions::Extension* extension);
75 void Clear();
77 private:
78 typedef std::map<GURL, extensions::ExtensionSet*> CachedResults;
80 void ClearCache();
82 extensions::ExtensionSet extensions_;
83 CachedResults cached_results_;
86 void NotifyGranted(const GURL& origin, int change_flags);
87 void NotifyRevoked(const GURL& origin, int change_flags);
88 void NotifyCleared();
90 base::Lock lock_; // Synchronize all access to the collections.
91 SpecialCollection protected_apps_;
92 SpecialCollection installed_apps_;
93 SpecialCollection unlimited_extensions_;
94 SpecialCollection file_handler_extensions_;
95 SpecialCollection isolated_extensions_;
96 SpecialCollection content_capabilities_unlimited_extensions_;
97 scoped_refptr<content_settings::CookieSettings> cookie_settings_;
100 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_SPECIAL_STORAGE_POLICY_H_