src/chrome/browser/extensions/active_tab_permission_granter.cc

   1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
   2 // Use of this source code is governed by a BSD-style license that can be
   3 // found in the LICENSE file.
   4
   5 #include "chrome/browser/extensions/active_tab_permission_granter.h"
   6
   7 #include "chrome/browser/extensions/active_script_controller.h"
   8 #include "chrome/browser/profiles/profile.h"
   9 #include "content/public/browser/navigation_details.h"
  10 #include "content/public/browser/navigation_entry.h"
  11 #include "content/public/browser/web_contents.h"
  12 #include "extensions/browser/extension_registry.h"
  13 #include "extensions/common/extension_messages.h"
  14 #include "extensions/common/permissions/permission_set.h"
  15 #include "extensions/common/permissions/permissions_data.h"
  16 #include "extensions/common/user_script.h"
  17 #include "url/gurl.h"
  18
  19 using content::RenderProcessHost;
  20 using content::WebContentsObserver;
  21
  22 namespace extensions {
  23
  24 ActiveTabPermissionGranter::ActiveTabPermissionGranter(
  25     content::WebContents* web_contents,
  26     int tab_id,
  27     Profile* profile)
  28     : WebContentsObserver(web_contents),
  29       tab_id_(tab_id),
  30       extension_registry_observer_(this) {
  31   extension_registry_observer_.Add(ExtensionRegistry::Get(profile));
  32 }
  33
  34 ActiveTabPermissionGranter::~ActiveTabPermissionGranter() {}
  35
  36 void ActiveTabPermissionGranter::GrantIfRequested(const Extension* extension) {
  37   if (granted_extensions_.Contains(extension->id()))
  38     return;
  39
  40   APIPermissionSet new_apis;
  41   URLPatternSet new_hosts;
  42
  43   const PermissionsData* permissions_data = extension->permissions_data();
  44
  45   // If the extension requires action for script execution, we grant it
  46   // active tab-style permissions, even if it doesn't have the activeTab
  47   // permission in the manifest.
  48   // We don't take tab id into account, because we want to know if the extension
  49   // should require active tab in general (not for the current tab).
  50   bool requires_action_for_script_execution =
  51       permissions_data->RequiresActionForScriptExecution(extension,
  52                                                          -1,  // No tab id.
  53                                                          GURL());
  54
  55   if (extension->permissions_data()->HasAPIPermission(
  56           APIPermission::kActiveTab) ||
  57       requires_action_for_script_execution) {
  58     URLPattern pattern(UserScript::ValidUserScriptSchemes());
  59     // Pattern parsing could fail if this is an unsupported URL e.g. chrome://.
  60     if (pattern.Parse(web_contents()->GetURL().spec()) ==
  61             URLPattern::PARSE_SUCCESS) {
  62       new_hosts.AddPattern(pattern);
  63     }
  64     new_apis.insert(APIPermission::kTab);
  65   }
  66
  67   if (extension->permissions_data()->HasAPIPermission(
  68           APIPermission::kTabCapture))
  69     new_apis.insert(APIPermission::kTabCaptureForTab);
  70
  71   if (!new_apis.empty() || !new_hosts.is_empty()) {
  72     granted_extensions_.Insert(extension);
  73     scoped_refptr<const PermissionSet> new_permissions =
  74         new PermissionSet(new_apis, ManifestPermissionSet(),
  75                           new_hosts, URLPatternSet());
  76     permissions_data->UpdateTabSpecificPermissions(tab_id_, new_permissions);
  77     const content::NavigationEntry* navigation_entry =
  78         web_contents()->GetController().GetVisibleEntry();
  79     if (navigation_entry) {
  80       Send(new ExtensionMsg_UpdateTabSpecificPermissions(
  81           navigation_entry->GetPageID(),
  82           tab_id_,
  83           extension->id(),
  84           new_hosts));
  85       // If more things ever need to know about this, we should consider making
  86       // an observer class.
  87       // It's important that this comes after the IPC is sent to the renderer,
  88       // so that any tasks executing in the renderer occur after it has the
  89       // updated permissions.
  90       ActiveScriptController::GetForWebContents(web_contents())
  91           ->OnActiveTabPermissionGranted(extension);
  92     }
  93   }
  94 }
  95
  96 void ActiveTabPermissionGranter::DidNavigateMainFrame(
  97     const content::LoadCommittedDetails& details,
  98     const content::FrameNavigateParams& params) {
  99   if (details.is_in_page)
 100     return;
 101   DCHECK(details.is_main_frame);  // important: sub-frames don't get granted!
 102   ClearActiveExtensionsAndNotify();
 103 }
 104
 105 void ActiveTabPermissionGranter::WebContentsDestroyed() {
 106   ClearActiveExtensionsAndNotify();
 107 }
 108
 109 void ActiveTabPermissionGranter::OnExtensionUnloaded(
 110     content::BrowserContext* browser_context,
 111     const Extension* extension,
 112     UnloadedExtensionInfo::Reason reason) {
 113   // Note: don't need to clear the permissions (nor tell the renderer about it)
 114   // because it's being unloaded anyway.
 115   granted_extensions_.Remove(extension->id());
 116 }
 117
 118 void ActiveTabPermissionGranter::ClearActiveExtensionsAndNotify() {
 119   if (granted_extensions_.is_empty())
 120     return;
 121
 122   std::vector<std::string> extension_ids;
 123
 124   for (ExtensionSet::const_iterator it = granted_extensions_.begin();
 125        it != granted_extensions_.end(); ++it) {
 126     it->get()->permissions_data()->ClearTabSpecificPermissions(tab_id_);
 127     extension_ids.push_back((*it)->id());
 128   }
 129
 130   Send(new ExtensionMsg_ClearTabSpecificPermissions(tab_id_, extension_ids));
 131   granted_extensions_.Clear();
 132 }
 133
 134 }  // namespace extensions