search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Extensions: Switch to new permission message system, part I
[chromium-blink-merge.git] / chrome / common / extensions / permissions / chrome_permission_message_rules.cc
blobcab50dcedd2eef73bb1f7736a93b9679c31cc708
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/common/extensions/permissions/chrome_permission_message_rules.h"
6
7 #include "base/stl_util.h"
8 #include "base/strings/string_util.h"
9 #include "chrome/grit/generated_resources.h"
10 #include "extensions/common/permissions/api_permission_set.h"
11 #include "extensions/common/permissions/coalesced_permission_message.h"
12 #include "grit/extensions_strings.h"
13 #include "ui/base/l10n/l10n_util.h"
14
15 namespace extensions {
16
17 namespace {
18
19 // The default formatter for a permission message. Simply displays the message
20 // with the given ID.
21 class DefaultPermissionMessageFormatter
22 : public ChromePermissionMessageFormatter {
23 public:
24 explicit DefaultPermissionMessageFormatter(int message_id)
25 : message_id_(message_id) {}
26 ~DefaultPermissionMessageFormatter() override {}
27
28 CoalescedPermissionMessage GetPermissionMessage(
29 PermissionIDSet permissions) const override {
30 return CoalescedPermissionMessage(l10n_util::GetStringUTF16(message_id_),
31 permissions);
32 }
33
34 private:
35 int message_id_;
36
37 // DISALLOW_COPY_AND_ASSIGN(DefaultPermissionMessageFormatter);
38 };
39
40 // A formatter that substitutes the parameter into the message using string
41 // formatting.
42 // NOTE: Only one permission with the given ID is substituted using this rule.
43 class SingleParameterFormatter : public ChromePermissionMessageFormatter {
44 public:
45 explicit SingleParameterFormatter(int message_id) : message_id_(message_id) {}
46 ~SingleParameterFormatter() override {}
47
48 CoalescedPermissionMessage GetPermissionMessage(
49 PermissionIDSet permissions) const override {
50 DCHECK(permissions.size() > 0);
51 std::vector<base::string16> parameters =
52 permissions.GetAllPermissionParameters();
53 DCHECK_EQ(1U, parameters.size())
54 << "Only one message with each ID can be parameterized.";
55 return CoalescedPermissionMessage(
56 l10n_util::GetStringFUTF16(message_id_, parameters[0]), permissions);
57 }
58
59 private:
60 int message_id_;
61 };
62
63 // Adds each parameter to a growing list, with the given |root_message_id| as
64 // the message at the top of the list.
65 class SimpleListFormatter : public ChromePermissionMessageFormatter {
66 public:
67 explicit SimpleListFormatter(int root_message_id)
68 : root_message_id_(root_message_id) {}
69 ~SimpleListFormatter() override {}
70
71 CoalescedPermissionMessage GetPermissionMessage(
72 PermissionIDSet permissions) const override {
73 DCHECK(permissions.size() > 0);
74 return CoalescedPermissionMessage(
75 l10n_util::GetStringUTF16(root_message_id_), permissions,
76 permissions.GetAllPermissionParameters());
77 }
78
79 private:
80 int root_message_id_;
81 };
82
83 // Creates a space-separated list of permissions with the given PermissionID.
84 // The list is inserted into the messages with the given IDs: one for the case
85 // where there is a single permission, and the other for the case where there
86 // are multiple.
87 // TODO(sashab): Extend this to pluralize correctly in all languages.
88 class SpaceSeparatedListFormatter : public ChromePermissionMessageFormatter {
89 public:
90 SpaceSeparatedListFormatter(int message_id_for_one_host,
91 int message_id_for_multiple_hosts)
92 : message_id_for_one_host_(message_id_for_one_host),
93 message_id_for_multiple_hosts_(message_id_for_multiple_hosts) {}
94 ~SpaceSeparatedListFormatter() override {}
95
96 CoalescedPermissionMessage GetPermissionMessage(
97 PermissionIDSet permissions) const override {
98 DCHECK(permissions.size() > 0);
99 std::vector<base::string16> hostnames =
100 permissions.GetAllPermissionParameters();
101 base::string16 hosts_string = JoinString(
102 std::vector<base::string16>(hostnames.begin(), hostnames.end()), ' ');
103 return CoalescedPermissionMessage(
104 l10n_util::GetStringFUTF16(hostnames.size() == 1
105 ? message_id_for_one_host_
106 : message_id_for_multiple_hosts_,
107 hosts_string),
108 permissions);
109 }
110
111 private:
112 int message_id_for_one_host_;
113 int message_id_for_multiple_hosts_;
114 };
115
116 // Creates a comma-separated list of permissions with the given PermissionID.
117 // The list is inserted into the messages with the given IDs: one for each case
118 // of 1-3 permissions, and the other for the case where there are 4 or more
119 // permissions. In the case of 4 or more permissions, rather than insert the
120 // list into the message, the permissions are displayed as submessages in the
121 // resultant CoalescedPermissionMessage.
122 class CommaSeparatedListFormatter : public ChromePermissionMessageFormatter {
123 public:
124 CommaSeparatedListFormatter(int message_id_for_one_host,
125 int message_id_for_two_hosts,
126 int message_id_for_three_hosts,
127 int message_id_for_many_hosts)
128 : message_id_for_one_host_(message_id_for_one_host),
129 message_id_for_two_hosts_(message_id_for_two_hosts),
130 message_id_for_three_hosts_(message_id_for_three_hosts),
131 message_id_for_many_hosts_(message_id_for_many_hosts) {}
132 ~CommaSeparatedListFormatter() override {}
133
134 CoalescedPermissionMessage GetPermissionMessage(
135 PermissionIDSet permissions) const override {
136 DCHECK(permissions.size() > 0);
137 std::vector<base::string16> hostnames =
138 permissions.GetAllPermissionParameters();
139 CoalescedPermissionMessages messages;
140 if (hostnames.size() <= 3) {
141 return CoalescedPermissionMessage(
142 l10n_util::GetStringFUTF16(message_id_for_hosts(hostnames.size()),
143 hostnames, NULL),
144 permissions);
145 }
146
147 return CoalescedPermissionMessage(
148 l10n_util::GetStringUTF16(message_id_for_many_hosts_), permissions,
149 hostnames);
150 }
151
152 private:
153 int message_id_for_hosts(int number_of_hosts) const {
154 switch (number_of_hosts) {
155 case 1:
156 return message_id_for_one_host_;
157 case 2:
158 return message_id_for_two_hosts_;
159 case 3:
160 return message_id_for_three_hosts_;
161 default:
162 return message_id_for_many_hosts_;
163 }
164 }
165
166 int message_id_for_one_host_;
167 int message_id_for_two_hosts_;
168 int message_id_for_three_hosts_;
169 int message_id_for_many_hosts_;
170 };
171
172 } // namespace
173
174 ChromePermissionMessageRule::ChromePermissionMessageRule(
175 int message_id,
176 PermissionIDSetInitializer required,
177 PermissionIDSetInitializer optional)
178 : required_permissions_(required),
179 optional_permissions_(optional),
180 formatter_(new DefaultPermissionMessageFormatter(message_id)) {
181 }
182
183 ChromePermissionMessageRule::ChromePermissionMessageRule(
184 ChromePermissionMessageFormatter* formatter,
185 PermissionIDSetInitializer required,
186 PermissionIDSetInitializer optional)
187 : required_permissions_(required),
188 optional_permissions_(optional),
189 formatter_(formatter) {
190 }
191
192 ChromePermissionMessageRule::~ChromePermissionMessageRule() {
193 }
194
195 std::set<APIPermission::ID> ChromePermissionMessageRule::required_permissions()
196 const {
197 return required_permissions_;
198 }
199 std::set<APIPermission::ID> ChromePermissionMessageRule::optional_permissions()
200 const {
201 return optional_permissions_;
202 }
203 ChromePermissionMessageFormatter* ChromePermissionMessageRule::formatter()
204 const {
205 return formatter_.get();
206 }
207
208 std::set<APIPermission::ID> ChromePermissionMessageRule::all_permissions()
209 const {
210 return base::STLSetUnion<std::set<APIPermission::ID>>(required_permissions(),
211 optional_permissions());
212 }
213
214 // static
215 std::vector<ChromePermissionMessageRule>
216 ChromePermissionMessageRule::GetAllRules() {
217 // The rules for generating messages from permissions. Any new rules should be
218 // added directly to this list, not elsewhere in the code, so that all the
219 // logic of generating and coalescing permission messages happens here.
220 //
221 // Each rule has 3 components:
222 // 1. The message itself
223 // 2. The permissions that need to be present for the message to appear
224 // 3. Permissions that, if present, also contribute to the message, but do not
225 // form the message on their own
226 //
227 // Rules are applied in precedence order: rules that come first consume
228 // permissions (both required and optional) so they can not be used in later
229 // rules.
230 // NOTE: The order of this list matters - be careful when adding new rules!
231 // If unsure, add them near related rules and add tests to
232 // permission_message_combinations_unittest.cc (or elsewhere) to ensure your
233 // messages are being generated/coalesced correctly.
234 //
235 // Rules are not transitive: This means that if the kTab permission 'absorbs'
236 // (suppresses) the messages for kTopSites and kFavicon, and the kHistory
237 // permission suppresses kTab, be careful to also add kTopSites and kFavicon
238 // to the kHistory absorb list. Ideally, the rules system should be simple
239 // enough that rules like this should not occur; the visibility of the rules
240 // system should allow us to design a system that is simple enough to explain
241 // yet powerful enough to encapsulate all the messages we want to display.
242 //
243 // TODO(sashab): Once existing message sites are deprecated, reorder this list
244 // to better describe the rules generated, rather than the callsites they are
245 // migrated from.
246 ChromePermissionMessageRule rules_arr[] = {
247 // Full url access permission messages.
248 {IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, {APIPermission::kDebugger}, {}},
249 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
250 {APIPermission::kPlugin},
251 {APIPermission::kFullAccess,
252 APIPermission::kHostsAll,
253 APIPermission::kHostsAllReadOnly,
254 APIPermission::kDeclarativeWebRequest,
255 APIPermission::kTopSites,
256 APIPermission::kTab}},
257 {IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS,
258 {APIPermission::kFullAccess},
259 {APIPermission::kHostsAll,
260 APIPermission::kHostsAllReadOnly,
261 APIPermission::kDeclarativeWebRequest,
262 APIPermission::kTopSites,
263 APIPermission::kTab}},
264
265 // Parameterized permission messages:
266 // Messages generated by the sockets permission.
267 {new SpaceSeparatedListFormatter(
268 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAIN,
269 IDS_EXTENSION_PROMPT_WARNING_SOCKET_HOSTS_IN_DOMAINS),
270 {APIPermission::kSocketDomainHosts},
271 {}},
272 {new SpaceSeparatedListFormatter(
273 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOST,
274 IDS_EXTENSION_PROMPT_WARNING_SOCKET_SPECIFIC_HOSTS),
275 {APIPermission::kSocketSpecificHosts},
276 {}},
277
278 // Messages generated by host permissions.
279 {new CommaSeparatedListFormatter(
280 IDS_EXTENSION_PROMPT_WARNING_1_HOST_READ_ONLY,
281 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS_READ_ONLY,
282 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS_READ_ONLY,
283 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST_READ_ONLY),
284 {APIPermission::kHostReadOnly},
285 {}},
286 {new CommaSeparatedListFormatter(IDS_EXTENSION_PROMPT_WARNING_1_HOST,
287 IDS_EXTENSION_PROMPT_WARNING_2_HOSTS,
288 IDS_EXTENSION_PROMPT_WARNING_3_HOSTS,
289 IDS_EXTENSION_PROMPT_WARNING_HOSTS_LIST),
290 {APIPermission::kHostReadWrite},
291 {}},
292
293 // USB Device Permission rules:
294 // TODO(sashab, reillyg): Rework the permission message logic for USB
295 // devices to generate more meaningful messages and better fit the current
296 // rules system. Maybe model it similarly to host or socket permissions
297 // above.
298 {new SingleParameterFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE),
299 {APIPermission::kUsbDevice},
300 {}},
301 {new SingleParameterFormatter(
302 IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_PRODUCT),
303 {APIPermission::kUsbDeviceUnknownProduct},
304 {}},
305 {new SimpleListFormatter(IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_LIST),
306 {APIPermission::kUsbDeviceList},
307 {}},
308
309 // Coalesced message rules taken from
310 // ChromePermissionMessageProvider::GetWarningMessages():
311
312 // Access to users' devices should provide a single warning message
313 // specifying the transport method used; serial and/or Bluetooth.
314 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_SERIAL,
315 {APIPermission::kBluetooth, APIPermission::kSerial},
316 {APIPermission::kBluetoothDevices}},
317
318 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ_MODIFY,
319 {APIPermission::kAccessibilityFeaturesModify,
320 APIPermission::kAccessibilityFeaturesRead},
321 {}},
322
323 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_AND_VIDEO_CAPTURE,
324 {APIPermission::kAudioCapture, APIPermission::kVideoCapture},
325 {}},
326
327 // TODO(sashab): Add the missing combinations of media galleries
328 // permissions so a valid permission is generated for all combinations.
329 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE_DELETE,
330 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
331 APIPermission::kMediaGalleriesAllGalleriesDelete,
332 APIPermission::kMediaGalleriesAllGalleriesRead},
333 {}},
334 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_WRITE,
335 {APIPermission::kMediaGalleriesAllGalleriesCopyTo,
336 APIPermission::kMediaGalleriesAllGalleriesRead},
337 {}},
338 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ_DELETE,
339 {APIPermission::kMediaGalleriesAllGalleriesDelete,
340 APIPermission::kMediaGalleriesAllGalleriesRead},
341 {}},
342 {IDS_EXTENSION_PROMPT_WARNING_MEDIA_GALLERIES_READ,
343 {APIPermission::kMediaGalleriesAllGalleriesRead},
344 {}},
345
346 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS,
347 {APIPermission::kSessions, APIPermission::kHistory},
348 {APIPermission::kTab,
349 APIPermission::kFavicon,
350 APIPermission::kProcesses,
351 APIPermission::kTopSites,
352 APIPermission::kWebNavigation}},
353 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS,
354 {APIPermission::kSessions, APIPermission::kTab},
355 {APIPermission::kFavicon,
356 APIPermission::kProcesses,
357 APIPermission::kTopSites,
358 APIPermission::kWebNavigation}},
359
360 // Suppression list taken from
361 // ChromePermissionMessageProvider::GetPermissionMessages():
362 // Some warnings are more generic and/or powerful and supercede other
363 // warnings. In that case, the first message suppresses the second one.
364 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH,
365 {APIPermission::kBluetooth},
366 {APIPermission::kBluetoothDevices}},
367 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS,
368 {APIPermission::kBookmark},
369 {APIPermission::kOverrideBookmarksUI}},
370 // History already allows reading favicons, tab access and accessing the
371 // list of most frequently visited sites.
372 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
373 {APIPermission::kHistory},
374 {APIPermission::kFavicon,
375 APIPermission::kTab,
376 APIPermission::kTopSites}},
377 // A special hack: If kFileSystemWriteDirectory would be displayed, hide
378 // kFileSystemDirectory as the write directory message implies it.
379 // TODO(sashab): Remove kFileSystemWriteDirectory; it's no longer needed
380 // since this rules system can represent the rule. See crbug.com/284849.
381 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
382 {APIPermission::kFileSystemWrite, APIPermission::kFileSystemDirectory},
383 {APIPermission::kFileSystemWriteDirectory}},
384 // Full access already allows DeclarativeWebRequest, reading the list of
385 // most frequently visited sites, and tab access.
386 // The warning message for declarativeWebRequest
387 // permissions speaks about blocking parts of pages, which is a
388 // subset of what the "<all_urls>" access allows. Therefore we
389 // display only the "<all_urls>" warning message if both permissions
390 // are required.
391 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS,
392 {APIPermission::kHostsAll},
393 {APIPermission::kDeclarativeWebRequest,
394 APIPermission::kTopSites,
395 APIPermission::kTab,
396 APIPermission::kFavicon,
397 APIPermission::kTopSites,
398 APIPermission::kHostsAllReadOnly}},
399 // AutomationManifestPermission:
400 {IDS_EXTENSION_PROMPT_WARNING_ALL_HOSTS_READ_ONLY,
401 {APIPermission::kHostsAllReadOnly},
402 {}},
403 // Tabs already allows reading favicons and reading the list of most
404 // frequently visited sites.
405 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
406 {APIPermission::kTab},
407 {APIPermission::kFavicon, APIPermission::kTopSites}},
408
409 // Individual message rules taken from
410 // ChromeAPIPermissions::GetAllPermissions():
411 // Permission messages for all extension types:
412
413 {IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD,
414 {APIPermission::kClipboardRead},
415 {}},
416 {IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE,
417 {APIPermission::kDesktopCapture},
418 {}},
419 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, {APIPermission::kDownloads}, {}},
420 {IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN,
421 {APIPermission::kDownloadsOpen},
422 {}},
423 {IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL,
424 {APIPermission::kIdentityEmail},
425 {}},
426 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
427 {APIPermission::kGeolocation},
428 {}},
429
430 // Permission messages for extensions:
431 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY,
432 {APIPermission::kAccessibilityFeaturesModify},
433 {}},
434 {IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ,
435 {APIPermission::kAccessibilityFeaturesRead},
436 {}},
437 {IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, {APIPermission::kBookmark}, {}},
438 {IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS,
439 {APIPermission::kContentSettings},
440 {}},
441 {IDS_EXTENSION_PROMPT_WARNING_COPRESENCE,
442 {APIPermission::kCopresence},
443 {}},
444 {IDS_EXTENSION_PROMPT_WARNING_DOCUMENT_SCAN,
445 {APIPermission::kDocumentScan},
446 {}},
447 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE,
448 {APIPermission::kHistory},
449 {}},
450 {IDS_EXTENSION_PROMPT_WARNING_INPUT, {APIPermission::kInput}, {}},
451 {IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION,
452 {APIPermission::kLocation},
453 {}},
454 {IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT,
455 {APIPermission::kManagement},
456 {}},
457 {IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING,
458 {APIPermission::kNativeMessaging},
459 {}},
460 {IDS_EXTENSION_PROMPT_WARNING_PRIVACY, {APIPermission::kPrivacy}, {}},
461 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
462 {APIPermission::kProcesses},
463 {}},
464 {IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES,
465 {APIPermission::kSignedInDevices},
466 {}},
467 {IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM,
468 {APIPermission::kSyncFileSystem},
469 {}},
470 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, {APIPermission::kTab}, {}},
471 {IDS_EXTENSION_PROMPT_WARNING_TOPSITES, {APIPermission::kTopSites}, {}},
472 {IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE,
473 {APIPermission::kTtsEngine},
474 {}},
475 {IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, {APIPermission::kWallpaper}, {}},
476 {IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ,
477 {APIPermission::kWebNavigation},
478 {}},
479
480 // Permission messages for private permissions:
481 {IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE,
482 {APIPermission::kScreenlockPrivate},
483 {}},
484 {IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE,
485 {APIPermission::kActivityLogPrivate},
486 {}},
487 {IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE,
488 {APIPermission::kExperienceSamplingPrivate},
489 {}},
490 {IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE,
491 {APIPermission::kNetworkingPrivate},
492 {}},
493 {IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE,
494 {APIPermission::kMusicManagerPrivate},
495 {}},
496
497 // Platform-app permission messages.
498
499 // The permission string for "fileSystem" is only shown when
500 // "write" or "directory" is present. Read-only access is only
501 // granted after the user has been shown a file or directory
502 // chooser dialog and selected a file or directory. Selecting
503 // the file or directory is considered consent to read it.
504 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY,
505 {APIPermission::kFileSystemDirectory},
506 {}},
507 {IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY,
508 {APIPermission::kFileSystemWriteDirectory},
509 {}},
510
511 // Because warning messages for the "mediaGalleries" permission
512 // vary based on the permissions parameters, no message ID or
513 // message text is specified here. The message ID and text used
514 // will be determined at run-time in the
515 // |MediaGalleriesPermission| class.
516
517 {IDS_EXTENSION_PROMPT_WARNING_INTERCEPT_ALL_KEYS,
518 {APIPermission::kInterceptAllKeys},
519 {}},
520
521 // Settings override permission messages.
522 {IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
523 {APIPermission::kHomepage},
524 {}},
525 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
526 {APIPermission::kSearchProvider},
527 {}},
528 {IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
529 {APIPermission::kStartupPages},
530 {}},
531
532 // Individual message rules taken from
533 // ExtensionsAPIPermissions::GetAllPermissions():
534 {IDS_EXTENSION_PROMPT_WARNING_AUDIO_CAPTURE,
535 {APIPermission::kAudioCapture},
536 {}},
537 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE,
538 {APIPermission::kBluetoothPrivate},
539 {}},
540 {IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST,
541 {APIPermission::kDeclarativeWebRequest},
542 {}},
543 {IDS_EXTENSION_PROMPT_WARNING_SERIAL, {APIPermission::kSerial}, {}},
544
545 // Because warning messages for the "socket" permission vary based
546 // on the permissions parameters, no message ID or message text is
547 // specified here. The message ID and text used will be
548 // determined at run-time in the |SocketPermission| class.
549 {IDS_EXTENSION_PROMPT_WARNING_U2F_DEVICES,
550 {APIPermission::kU2fDevices},
551 {}},
552 {IDS_EXTENSION_PROMPT_WARNING_VIDEO_CAPTURE,
553 {APIPermission::kVideoCapture},
554 {}},
555 {IDS_EXTENSION_PROMPT_WARNING_VPN, {APIPermission::kVpnProvider}, {}},
556 {IDS_EXTENSION_PROMPT_WARNING_WEB_CONNECTABLE,
557 {APIPermission::kWebConnectable},
558 {}},
559
560 // Rules from ManifestPermissions:
561 // BluetoothManifestPermission:
562 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH, {APIPermission::kBluetooth}, {}},
563 {IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_DEVICES,
564 {APIPermission::kBluetoothDevices},
565 {}},
566
567 // SocketsManifestPermission:
568 {IDS_EXTENSION_PROMPT_WARNING_SOCKET_ANY_HOST,
569 {APIPermission::kSocketAnyHost},
570 {}},
571 {IDS_EXTENSION_PROMPT_WARNING_NETWORK_STATE,
572 {APIPermission::kNetworkState},
573 {}},
574
575 // API permission rules:
576 // SettingsOverrideAPIPermission:
577 {IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE,
578 {APIPermission::kHomepage},
579 {}},
580 {IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE,
581 {APIPermission::kStartupPages},
582 {}},
583 {IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE,
584 {APIPermission::kSearchProvider},
585 {}},
586
587 // USBDevicePermission:
588 {IDS_EXTENSION_PROMPT_WARNING_USB_DEVICE_UNKNOWN_VENDOR,
589 {APIPermission::kUsbDeviceUnknownVendor},
590 {}},
591
592 // Other rules:
593 // From ChromeExtensionsClient::FilterHostPermissions():
594 {IDS_EXTENSION_PROMPT_WARNING_FAVICON, {APIPermission::kFavicon}, {}},
595 };
596
597 std::vector<ChromePermissionMessageRule> rules;
598 for (size_t i = 0; i < arraysize(rules_arr); i++) {
599 rules.push_back(rules_arr[i]);
600 }
601 return rules;
602 }
603
604 ChromePermissionMessageRule::PermissionIDSetInitializer::
605 PermissionIDSetInitializer() {
606 }
607 ChromePermissionMessageRule::PermissionIDSetInitializer::
608 PermissionIDSetInitializer(APIPermission::ID permission_one) {
609 insert(permission_one);
610 }
611 ChromePermissionMessageRule::PermissionIDSetInitializer::
612 PermissionIDSetInitializer(APIPermission::ID permission_one,
613 APIPermission::ID permission_two) {
614 insert(permission_one);
615 insert(permission_two);
616 }
617 ChromePermissionMessageRule::PermissionIDSetInitializer::
618 PermissionIDSetInitializer(APIPermission::ID permission_one,
619 APIPermission::ID permission_two,
620 APIPermission::ID permission_three) {
621 insert(permission_one);
622 insert(permission_two);
623 insert(permission_three);
624 }
625 ChromePermissionMessageRule::PermissionIDSetInitializer::
626 PermissionIDSetInitializer(APIPermission::ID permission_one,
627 APIPermission::ID permission_two,
628 APIPermission::ID permission_three,
629 APIPermission::ID permission_four) {
630 insert(permission_one);
631 insert(permission_two);
632 insert(permission_three);
633 insert(permission_four);
634 }
635 ChromePermissionMessageRule::PermissionIDSetInitializer::
636 PermissionIDSetInitializer(APIPermission::ID permission_one,
637 APIPermission::ID permission_two,
638 APIPermission::ID permission_three,
639 APIPermission::ID permission_four,
640 APIPermission::ID permission_five) {
641 insert(permission_one);
642 insert(permission_two);
643 insert(permission_three);
644 insert(permission_four);
645 insert(permission_five);
646 }
647 ChromePermissionMessageRule::PermissionIDSetInitializer::
648 PermissionIDSetInitializer(APIPermission::ID permission_one,
649 APIPermission::ID permission_two,
650 APIPermission::ID permission_three,
651 APIPermission::ID permission_four,
652 APIPermission::ID permission_five,
653 APIPermission::ID permission_six) {
654 insert(permission_one);
655 insert(permission_two);
656 insert(permission_three);
657 insert(permission_four);
658 insert(permission_five);
659 insert(permission_six);
660 }
661
662 ChromePermissionMessageRule::PermissionIDSetInitializer::
663 ~PermissionIDSetInitializer() {
664 }
665
666 } // namespace extensions