Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / extensions / permissions_updater_unittest.cc
blob6179b5030b67a75232eeb0fdd29840252f1b5705
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/files/file_path.h"
6 #include "base/json/json_file_value_serializer.h"
7 #include "base/memory/ref_counted.h"
8 #include "base/run_loop.h"
9 #include "base/strings/stringprintf.h"
10 #include "base/values.h"
11 #include "chrome/browser/chrome_notification_types.h"
12 #include "chrome/browser/extensions/extension_service.h"
13 #include "chrome/browser/extensions/extension_service_test_base.h"
14 #include "chrome/browser/extensions/extension_util.h"
15 #include "chrome/browser/extensions/permissions_updater.h"
16 #include "chrome/common/chrome_paths.h"
17 #include "chrome/common/extensions/extension_test_util.h"
18 #include "chrome/test/base/testing_profile.h"
19 #include "components/crx_file/id_util.h"
20 #include "content/public/browser/notification_observer.h"
21 #include "content/public/browser/notification_registrar.h"
22 #include "content/public/browser/notification_service.h"
23 #include "extensions/browser/extension_prefs.h"
24 #include "extensions/common/extension.h"
25 #include "extensions/common/extension_builder.h"
26 #include "extensions/common/feature_switch.h"
27 #include "extensions/common/permissions/permission_set.h"
28 #include "extensions/common/permissions/permissions_data.h"
29 #include "extensions/common/value_builder.h"
30 #include "testing/gtest/include/gtest/gtest.h"
32 using extension_test_util::LoadManifest;
34 namespace extensions {
36 namespace {
38 scoped_refptr<const Extension> CreateExtensionWithPermissions(
39 const std::set<URLPattern>& scriptable_hosts,
40 const std::set<URLPattern>& explicit_hosts,
41 Manifest::Location location,
42 const std::string& name) {
43 ListBuilder scriptable_host_list;
44 for (std::set<URLPattern>::const_iterator pattern = scriptable_hosts.begin();
45 pattern != scriptable_hosts.end();
46 ++pattern) {
47 scriptable_host_list.Append(pattern->GetAsString());
50 ListBuilder explicit_host_list;
51 for (std::set<URLPattern>::const_iterator pattern = explicit_hosts.begin();
52 pattern != explicit_hosts.end();
53 ++pattern) {
54 explicit_host_list.Append(pattern->GetAsString());
57 DictionaryBuilder script;
58 script.Set("matches", scriptable_host_list.Pass())
59 .Set("js", ListBuilder().Append("foo.js"));
61 return ExtensionBuilder()
62 .SetLocation(location)
63 .SetManifest(
64 DictionaryBuilder()
65 .Set("name", name)
66 .Set("description", "foo")
67 .Set("manifest_version", 2)
68 .Set("version", "0.1.2.3")
69 .Set("content_scripts", ListBuilder().Append(script.Pass()))
70 .Set("permissions", explicit_host_list.Pass()))
71 .SetID(crx_file::id_util::GenerateId(name))
72 .Build();
75 testing::AssertionResult SetsAreEqual(const std::set<URLPattern>& set1,
76 const std::set<URLPattern>& set2) {
77 // Take the (set1 - set2) U (set2 - set1). This is then the set of all
78 // elements which are in either set1 or set2, but not both.
79 // If the sets are equal, this is none.
80 std::set<URLPattern> difference = base::STLSetUnion<std::set<URLPattern> >(
81 base::STLSetDifference<std::set<URLPattern> >(set1, set2),
82 base::STLSetDifference<std::set<URLPattern> >(set2, set1));
84 std::string error;
85 for (std::set<URLPattern>::const_iterator iter = difference.begin();
86 iter != difference.end();
87 ++iter) {
88 if (iter->GetAsString() == "chrome://favicon/*")
89 continue; // Grr... This is auto-added for extensions with <all_urls>
90 error = base::StringPrintf("%s\n%s contains %s and the other does not.",
91 error.c_str(),
92 (set1.count(*iter) ? "Set1" : "Set2"),
93 iter->GetAsString().c_str());
96 if (!error.empty())
97 return testing::AssertionFailure() << error;
98 return testing::AssertionSuccess();
101 // A helper class that listens for NOTIFICATION_EXTENSION_PERMISSIONS_UPDATED.
102 class PermissionsUpdaterListener : public content::NotificationObserver {
103 public:
104 PermissionsUpdaterListener()
105 : received_notification_(false), waiting_(false) {
106 registrar_.Add(this,
107 extensions::NOTIFICATION_EXTENSION_PERMISSIONS_UPDATED,
108 content::NotificationService::AllSources());
111 void Reset() {
112 received_notification_ = false;
113 waiting_ = false;
114 extension_ = NULL;
115 permissions_ = NULL;
118 void Wait() {
119 if (received_notification_)
120 return;
122 waiting_ = true;
123 base::RunLoop run_loop;
124 run_loop.Run();
127 bool received_notification() const { return received_notification_; }
128 const Extension* extension() const { return extension_.get(); }
129 const PermissionSet* permissions() const { return permissions_.get(); }
130 UpdatedExtensionPermissionsInfo::Reason reason() const { return reason_; }
132 private:
133 void Observe(int type,
134 const content::NotificationSource& source,
135 const content::NotificationDetails& details) override {
136 received_notification_ = true;
137 UpdatedExtensionPermissionsInfo* info =
138 content::Details<UpdatedExtensionPermissionsInfo>(details).ptr();
140 extension_ = info->extension;
141 permissions_ = info->permissions;
142 reason_ = info->reason;
144 if (waiting_) {
145 waiting_ = false;
146 base::MessageLoopForUI::current()->Quit();
150 bool received_notification_;
151 bool waiting_;
152 content::NotificationRegistrar registrar_;
153 scoped_refptr<const Extension> extension_;
154 scoped_refptr<const PermissionSet> permissions_;
155 UpdatedExtensionPermissionsInfo::Reason reason_;
158 class PermissionsUpdaterTest : public ExtensionServiceTestBase {
161 scoped_refptr<Extension> LoadOurManifest() {
162 base::FilePath path;
163 path = path.AppendASCII("api_test")
164 .AppendASCII("permissions")
165 .AppendASCII("optional");
166 return LoadManifest(path.AsUTF8Unsafe(),
167 "manifest.json",
168 Manifest::INTERNAL,
169 Extension::NO_FLAGS);
172 void AddPattern(URLPatternSet* extent, const std::string& pattern) {
173 int schemes = URLPattern::SCHEME_ALL;
174 extent->AddPattern(URLPattern(schemes, pattern));
177 } // namespace
179 // Test that the PermissionUpdater can correctly add and remove active
180 // permissions. This tests all of PermissionsUpdater's public methods because
181 // GrantActivePermissions and SetPermissions are used by AddPermissions.
182 TEST_F(PermissionsUpdaterTest, AddAndRemovePermissions) {
183 InitializeEmptyExtensionService();
185 // Load the test extension.
186 scoped_refptr<Extension> extension = LoadOurManifest();
187 ASSERT_TRUE(extension.get());
189 APIPermissionSet default_apis;
190 default_apis.insert(APIPermission::kManagement);
191 ManifestPermissionSet empty_manifest_permissions;
193 URLPatternSet default_hosts;
194 AddPattern(&default_hosts, "http://a.com/*");
195 scoped_refptr<PermissionSet> default_permissions =
196 new PermissionSet(default_apis, empty_manifest_permissions,
197 default_hosts, URLPatternSet());
199 // Make sure it loaded properly.
200 scoped_refptr<const PermissionSet> permissions =
201 extension->permissions_data()->active_permissions();
202 ASSERT_EQ(*default_permissions.get(),
203 *extension->permissions_data()->active_permissions().get());
205 // Add a few permissions.
206 APIPermissionSet apis;
207 apis.insert(APIPermission::kTab);
208 apis.insert(APIPermission::kNotifications);
209 URLPatternSet hosts;
210 AddPattern(&hosts, "http://*.c.com/*");
212 scoped_refptr<PermissionSet> delta =
213 new PermissionSet(apis, empty_manifest_permissions,
214 hosts, URLPatternSet());
216 PermissionsUpdaterListener listener;
217 PermissionsUpdater updater(profile_.get());
218 updater.AddPermissions(extension.get(), delta.get());
220 listener.Wait();
222 // Verify that the permission notification was sent correctly.
223 ASSERT_TRUE(listener.received_notification());
224 ASSERT_EQ(extension.get(), listener.extension());
225 ASSERT_EQ(UpdatedExtensionPermissionsInfo::ADDED, listener.reason());
226 ASSERT_EQ(*delta.get(), *listener.permissions());
228 // Make sure the extension's active permissions reflect the change.
229 scoped_refptr<PermissionSet> active_permissions =
230 PermissionSet::CreateUnion(default_permissions.get(), delta.get());
231 ASSERT_EQ(*active_permissions.get(),
232 *extension->permissions_data()->active_permissions().get());
234 // Verify that the new granted and active permissions were also stored
235 // in the extension preferences. In this case, the granted permissions should
236 // be equal to the active permissions.
237 ExtensionPrefs* prefs = ExtensionPrefs::Get(profile_.get());
238 scoped_refptr<PermissionSet> granted_permissions =
239 active_permissions;
241 scoped_refptr<PermissionSet> from_prefs =
242 prefs->GetActivePermissions(extension->id());
243 ASSERT_EQ(*active_permissions.get(), *from_prefs.get());
245 from_prefs = prefs->GetGrantedPermissions(extension->id());
246 ASSERT_EQ(*active_permissions.get(), *from_prefs.get());
248 // In the second part of the test, we'll remove the permissions that we
249 // just added except for 'notifications'.
250 apis.erase(APIPermission::kNotifications);
251 delta = new PermissionSet(apis, empty_manifest_permissions,
252 hosts, URLPatternSet());
254 listener.Reset();
255 updater.RemovePermissions(extension.get(), delta.get());
256 listener.Wait();
258 // Verify that the notification was correct.
259 ASSERT_TRUE(listener.received_notification());
260 ASSERT_EQ(extension.get(), listener.extension());
261 ASSERT_EQ(UpdatedExtensionPermissionsInfo::REMOVED, listener.reason());
262 ASSERT_EQ(*delta.get(), *listener.permissions());
264 // Make sure the extension's active permissions reflect the change.
265 active_permissions =
266 PermissionSet::CreateDifference(active_permissions.get(), delta.get());
267 ASSERT_EQ(*active_permissions.get(),
268 *extension->permissions_data()->active_permissions().get());
270 // Verify that the extension prefs hold the new active permissions and the
271 // same granted permissions.
272 from_prefs = prefs->GetActivePermissions(extension->id());
273 ASSERT_EQ(*active_permissions.get(), *from_prefs.get());
275 from_prefs = prefs->GetGrantedPermissions(extension->id());
276 ASSERT_EQ(*granted_permissions.get(), *from_prefs.get());
279 TEST_F(PermissionsUpdaterTest, WithholdAllHosts) {
280 InitializeEmptyExtensionService();
282 // Permissions are only withheld with the appropriate switch turned on.
283 scoped_ptr<FeatureSwitch::ScopedOverride> switch_override(
284 new FeatureSwitch::ScopedOverride(FeatureSwitch::scripts_require_action(),
285 FeatureSwitch::OVERRIDE_ENABLED));
287 URLPattern google(URLPattern::SCHEME_ALL, "http://www.google.com/*");
288 URLPattern sub_google(URLPattern::SCHEME_ALL, "http://*.google.com/*");
289 URLPattern all_http(URLPattern::SCHEME_ALL, "http://*/*");
290 URLPattern all_hosts(URLPattern::SCHEME_ALL, "<all_urls>");
291 URLPattern all_com(URLPattern::SCHEME_ALL, "http://*.com/*");
293 std::set<URLPattern> all_host_patterns;
294 std::set<URLPattern> safe_patterns;
296 all_host_patterns.insert(all_http);
297 all_host_patterns.insert(all_hosts);
298 all_host_patterns.insert(all_com);
300 safe_patterns.insert(google);
301 safe_patterns.insert(sub_google);
303 std::set<URLPattern> all_patterns = base::STLSetUnion<std::set<URLPattern> >(
304 all_host_patterns, safe_patterns);
306 scoped_refptr<const Extension> extension = CreateExtensionWithPermissions(
307 all_patterns, all_patterns, Manifest::INTERNAL, "a");
308 const PermissionsData* permissions_data = extension->permissions_data();
309 PermissionsUpdater updater(profile_.get());
310 updater.InitializePermissions(extension.get());
312 // At first, the active permissions should have only the safe patterns and
313 // the withheld permissions should have only the all host patterns.
314 EXPECT_TRUE(SetsAreEqual(
315 permissions_data->active_permissions()->scriptable_hosts().patterns(),
316 safe_patterns));
317 EXPECT_TRUE(SetsAreEqual(
318 permissions_data->active_permissions()->explicit_hosts().patterns(),
319 safe_patterns));
320 EXPECT_TRUE(SetsAreEqual(
321 permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
322 all_host_patterns));
323 EXPECT_TRUE(SetsAreEqual(
324 permissions_data->withheld_permissions()->explicit_hosts().patterns(),
325 all_host_patterns));
327 // Then, we grant the withheld all-hosts permissions.
328 updater.GrantWithheldImpliedAllHosts(extension.get());
329 // Now, active permissions should have all patterns, and withheld permissions
330 // should have none.
331 EXPECT_TRUE(SetsAreEqual(
332 permissions_data->active_permissions()->scriptable_hosts().patterns(),
333 all_patterns));
334 EXPECT_TRUE(permissions_data->withheld_permissions()
335 ->scriptable_hosts()
336 .patterns()
337 .empty());
338 EXPECT_TRUE(SetsAreEqual(
339 permissions_data->active_permissions()->explicit_hosts().patterns(),
340 all_patterns));
341 EXPECT_TRUE(permissions_data->withheld_permissions()
342 ->explicit_hosts()
343 .patterns()
344 .empty());
346 // Finally, we revoke the all hosts permissions.
347 updater.WithholdImpliedAllHosts(extension.get());
349 // We should be back to our initial state - all_hosts should be withheld, and
350 // the safe patterns should be granted.
351 EXPECT_TRUE(SetsAreEqual(
352 permissions_data->active_permissions()->scriptable_hosts().patterns(),
353 safe_patterns));
354 EXPECT_TRUE(SetsAreEqual(
355 permissions_data->active_permissions()->explicit_hosts().patterns(),
356 safe_patterns));
357 EXPECT_TRUE(SetsAreEqual(
358 permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
359 all_host_patterns));
360 EXPECT_TRUE(SetsAreEqual(
361 permissions_data->withheld_permissions()->explicit_hosts().patterns(),
362 all_host_patterns));
364 // Creating a component extension should result in no withheld permissions.
365 extension = CreateExtensionWithPermissions(
366 all_patterns, all_patterns, Manifest::COMPONENT, "b");
367 permissions_data = extension->permissions_data();
368 updater.InitializePermissions(extension.get());
369 EXPECT_TRUE(SetsAreEqual(
370 permissions_data->active_permissions()->scriptable_hosts().patterns(),
371 all_patterns));
372 EXPECT_TRUE(permissions_data->withheld_permissions()
373 ->scriptable_hosts()
374 .patterns()
375 .empty());
376 EXPECT_TRUE(SetsAreEqual(
377 permissions_data->active_permissions()->explicit_hosts().patterns(),
378 all_patterns));
379 EXPECT_TRUE(permissions_data->withheld_permissions()
380 ->explicit_hosts()
381 .patterns()
382 .empty());
384 // Without the switch, we shouldn't withhold anything.
385 switch_override.reset();
386 extension = CreateExtensionWithPermissions(
387 all_patterns, all_patterns, Manifest::INTERNAL, "c");
388 permissions_data = extension->permissions_data();
389 updater.InitializePermissions(extension.get());
390 EXPECT_TRUE(SetsAreEqual(
391 permissions_data->active_permissions()->scriptable_hosts().patterns(),
392 all_patterns));
393 EXPECT_TRUE(permissions_data->withheld_permissions()
394 ->scriptable_hosts()
395 .patterns()
396 .empty());
397 EXPECT_TRUE(SetsAreEqual(
398 permissions_data->active_permissions()->explicit_hosts().patterns(),
399 all_patterns));
400 EXPECT_TRUE(permissions_data->withheld_permissions()
401 ->explicit_hosts()
402 .patterns()
403 .empty());
406 // Tests that withholding all hosts behaves properly with extensions installed
407 // when the switch is turned on and off.
408 TEST_F(PermissionsUpdaterTest, WithholdAllHostsWithTransientSwitch) {
409 InitializeEmptyExtensionService();
411 URLPattern all_hosts(URLPattern::SCHEME_ALL, "<all_urls>");
412 std::set<URLPattern> all_host_patterns;
413 all_host_patterns.insert(all_hosts);
415 scoped_refptr<const Extension> extension_a = CreateExtensionWithPermissions(
416 all_host_patterns, all_host_patterns, Manifest::INTERNAL, "a");
417 PermissionsUpdater updater(profile());
418 updater.InitializePermissions(extension_a.get());
419 const PermissionsData* permissions_data = extension_a->permissions_data();
421 // Since the extension was created without the switch on, it should default
422 // to having all urls access.
423 EXPECT_TRUE(SetsAreEqual(
424 permissions_data->active_permissions()->scriptable_hosts().patterns(),
425 all_host_patterns));
426 EXPECT_TRUE(
427 permissions_data->withheld_permissions()->scriptable_hosts().is_empty());
428 EXPECT_TRUE(util::AllowedScriptingOnAllUrls(extension_a->id(), profile()));
430 // Enable the switch, and re-init permission for the extension.
431 scoped_ptr<FeatureSwitch::ScopedOverride> switch_override(
432 new FeatureSwitch::ScopedOverride(FeatureSwitch::scripts_require_action(),
433 FeatureSwitch::OVERRIDE_ENABLED));
434 updater.InitializePermissions(extension_a.get());
436 // Since the extension was installed when the switch was off, it should still
437 // have the all urls pref.
438 permissions_data = extension_a->permissions_data();
439 EXPECT_TRUE(SetsAreEqual(
440 permissions_data->active_permissions()->scriptable_hosts().patterns(),
441 all_host_patterns));
442 EXPECT_TRUE(
443 permissions_data->withheld_permissions()->scriptable_hosts().is_empty());
444 EXPECT_TRUE(util::AllowedScriptingOnAllUrls(extension_a->id(), profile()));
446 // Load a new extension, which also has all urls. Since the switch is now on,
447 // the permissions should be withheld.
448 scoped_refptr<const Extension> extension_b = CreateExtensionWithPermissions(
449 all_host_patterns, all_host_patterns, Manifest::INTERNAL, "b");
450 updater.InitializePermissions(extension_b.get());
451 permissions_data = extension_b->permissions_data();
453 EXPECT_TRUE(
454 permissions_data->active_permissions()->scriptable_hosts().is_empty());
455 EXPECT_TRUE(SetsAreEqual(
456 permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
457 all_host_patterns));
458 EXPECT_FALSE(util::AllowedScriptingOnAllUrls(extension_b->id(), profile()));
460 // Disable the switch, and reload the extension.
461 switch_override.reset();
462 updater.InitializePermissions(extension_b.get());
464 // Since the extension was installed with the switch on, it should still be
465 // restricted with the switch off.
466 permissions_data = extension_b->permissions_data();
467 EXPECT_TRUE(
468 permissions_data->active_permissions()->scriptable_hosts().is_empty());
469 EXPECT_TRUE(SetsAreEqual(
470 permissions_data->withheld_permissions()->scriptable_hosts().patterns(),
471 all_host_patterns));
472 EXPECT_FALSE(util::AllowedScriptingOnAllUrls(extension_b->id(), profile()));
475 } // namespace extensions