chrome/browser/extensions/api/permissions/permissions_apitest.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/extensions/api/permissions/permissions_api.h"
   6 #include "chrome/browser/extensions/extension_apitest.h"
   7 #include "chrome/browser/profiles/profile.h"
   8 #include "chrome/browser/ui/browser.h"
   9 #include "extensions/browser/extension_prefs.h"
  10 #include "extensions/common/permissions/permission_set.h"
  11 #include "extensions/common/switches.h"
  12 #include "net/dns/mock_host_resolver.h"
  13
  14 namespace extensions {
  15
  16 namespace {
  17
  18 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
  19   int schemes = URLPattern::SCHEME_ALL;
  20   extent->AddPattern(URLPattern(schemes, pattern));
  21 }
  22
  23 }  // namespace
  24
  25 class ExperimentalApiTest : public ExtensionApiTest {
  26 public:
  27   virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE {
  28     ExtensionApiTest::SetUpCommandLine(command_line);
  29     command_line->AppendSwitch(switches::kEnableExperimentalExtensionApis);
  30   }
  31 };
  32
  33 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, PermissionsFail) {
  34   ASSERT_TRUE(RunExtensionTest("permissions/disabled")) << message_;
  35
  36   // Since the experimental APIs require a flag, this will fail even though
  37   // it's enabled.
  38   // TODO(erikkay) This test is currently broken because LoadExtension in
  39   // ExtensionBrowserTest doesn't actually fail, it just times out.  To fix this
  40   // I'll need to add an EXTENSION_LOAD_ERROR notification, which is probably
  41   // too much for the branch.  I'll enable this on trunk later.
  42   //ASSERT_FALSE(RunExtensionTest("permissions/enabled"))) << message_;
  43 }
  44
  45 IN_PROC_BROWSER_TEST_F(ExperimentalApiTest, PermissionsSucceed) {
  46   ASSERT_TRUE(RunExtensionTest("permissions/enabled")) << message_;
  47 }
  48
  49 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, ExperimentalPermissionsFail) {
  50   // At the time this test is being created, there is no experimental
  51   // function that will not be graduating soon, and does not require a
  52   // tab id as an argument.  So, we need the tab permission to get
  53   // a tab id.
  54   ASSERT_TRUE(RunExtensionTest("permissions/experimental_disabled"))
  55       << message_;
  56 }
  57
  58 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, FaviconPermission) {
  59   ASSERT_TRUE(RunExtensionTest("permissions/favicon")) << message_;
  60 }
  61
  62 // Test functions and APIs that are always allowed (even if you ask for no
  63 // permissions).
  64 // Disabled: http://crbug.com/125193
  65 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, DISABLED_AlwaysAllowed) {
  66   ASSERT_TRUE(RunExtensionTest("permissions/always_allowed")) << message_;
  67 }
  68
  69 // Tests that the optional permissions API works correctly.
  70 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGranted) {
  71   // Mark all the tested APIs as granted to bypass the confirmation UI.
  72   APIPermissionSet apis;
  73   apis.insert(APIPermission::kBookmark);
  74   ManifestPermissionSet manifest_permissions;
  75   URLPatternSet explicit_hosts;
  76   AddPattern(&explicit_hosts, "http://*.c.com/*");
  77   scoped_refptr<PermissionSet> granted_permissions =
  78       new PermissionSet(apis, manifest_permissions,
  79                         explicit_hosts, URLPatternSet());
  80
  81   ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile());
  82   prefs->AddGrantedPermissions("kjmkgkdkpedkejedfhmfcenooemhbpbo",
  83                                granted_permissions.get());
  84
  85   PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
  86   host_resolver()->AddRule("*.com", "127.0.0.1");
  87   ASSERT_TRUE(StartEmbeddedTestServer());
  88   EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_;
  89 }
  90
  91 // Tests that the optional permissions API works correctly.
  92 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsAutoConfirm) {
  93   // Rather than setting the granted permissions, set the UI autoconfirm flag
  94   // and run the same tests.
  95   PermissionsRequestFunction::SetAutoConfirmForTests(true);
  96   PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
  97   host_resolver()->AddRule("*.com", "127.0.0.1");
  98   ASSERT_TRUE(StartEmbeddedTestServer());
  99   EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_;
 100 }
 101
 102 // Test that denying the optional permissions confirmation dialog works.
 103 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsDeny) {
 104   PermissionsRequestFunction::SetAutoConfirmForTests(false);
 105   PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
 106   host_resolver()->AddRule("*.com", "127.0.0.1");
 107   ASSERT_TRUE(StartEmbeddedTestServer());
 108   EXPECT_TRUE(RunExtensionTest("permissions/optional_deny")) << message_;
 109 }
 110
 111 // Tests that the permissions.request function must be called from within a
 112 // user gesture.
 113 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGesture) {
 114   PermissionsRequestFunction::SetIgnoreUserGestureForTests(false);
 115   host_resolver()->AddRule("*.com", "127.0.0.1");
 116   ASSERT_TRUE(StartEmbeddedTestServer());
 117   EXPECT_TRUE(RunExtensionTest("permissions/optional_gesture")) << message_;
 118 }
 119
 120 // Tests that the user gesture is retained in the permissions.request function
 121 // callback.
 122 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsRetainGesture) {
 123   PermissionsRequestFunction::SetAutoConfirmForTests(true);
 124   PermissionsRequestFunction::SetIgnoreUserGestureForTests(false);
 125   host_resolver()->AddRule("*.com", "127.0.0.1");
 126   ASSERT_TRUE(StartEmbeddedTestServer());
 127   EXPECT_TRUE(RunExtensionTest("permissions/optional_retain_gesture"))
 128       << message_;
 129 }
 130
 131 // Tests that an extension can't gain access to file: URLs without the checkbox
 132 // entry in prefs. There shouldn't be a warning either.
 133 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsFileAccess) {
 134   // There shouldn't be a warning, so we shouldn't need to autoconfirm.
 135   PermissionsRequestFunction::SetAutoConfirmForTests(false);
 136   PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
 137
 138   ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile());
 139
 140   EXPECT_TRUE(
 141       RunExtensionTestNoFileAccess("permissions/file_access_no")) << message_;
 142   EXPECT_FALSE(prefs->AllowFileAccess("dgloelfbnddbdacakahpogklfdcccbib"));
 143
 144   EXPECT_TRUE(RunExtensionTest("permissions/file_access_yes")) << message_;
 145   // TODO(kalman): ugh, it would be nice to test this condition, but it seems
 146   // like there's somehow a race here where the prefs aren't updated in time
 147   // with the "allow file access" bit, so we'll just have to trust that
 148   // RunExtensionTest (unlike RunExtensionTestNoFileAccess) does indeed
 149   // not set the allow file access bit. Otherwise this test doesn't mean
 150   // a whole lot (i.e. file access works - but it'd better not be the case
 151   // that the extension actually has file access, since that'd be the bug
 152   // that this is supposed to be testing).
 153   //EXPECT_TRUE(prefs->AllowFileAccess("hlonmbgfjccgolnaboonlakjckinmhmd"));
 154 }
 155
 156 // Test requesting, querying, and removing host permissions for host
 157 // permissions that are a subset of the optional permissions.
 158 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, HostSubsets) {
 159   PermissionsRequestFunction::SetAutoConfirmForTests(true);
 160   PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
 161   EXPECT_TRUE(RunExtensionTest("permissions/host_subsets")) << message_;
 162 }
 163
 164 }  // namespace extensions