1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
7 #include "base/compiler_specific.h"
8 #include "base/memory/scoped_ptr.h"
9 #include "base/message_loop/message_loop.h"
10 #include "base/values.h"
11 #include "chrome/browser/chrome_notification_types.h"
12 #include "chrome/browser/extensions/active_tab_permission_granter.h"
13 #include "chrome/browser/extensions/tab_helper.h"
14 #include "chrome/browser/profiles/profile.h"
15 #include "chrome/browser/sessions/session_id.h"
16 #include "chrome/common/extensions/features/feature_channel.h"
17 #include "chrome/test/base/chrome_render_view_host_test_harness.h"
18 #include "content/public/browser/browser_thread.h"
19 #include "content/public/browser/navigation_details.h"
20 #include "content/public/browser/navigation_entry.h"
21 #include "content/public/browser/notification_service.h"
22 #include "content/public/browser/notification_types.h"
23 #include "content/public/browser/web_contents.h"
24 #include "content/public/common/frame_navigate_params.h"
25 #include "content/public/common/page_transition_types.h"
26 #include "content/public/test/test_browser_thread.h"
27 #include "extensions/browser/extension_registry.h"
28 #include "extensions/common/extension.h"
29 #include "extensions/common/extension_builder.h"
30 #include "extensions/common/features/feature.h"
31 #include "extensions/common/permissions/permissions_data.h"
32 #include "extensions/common/value_builder.h"
34 using base::DictionaryValue;
35 using base::ListValue;
36 using content::BrowserThread;
37 using content::NavigationController;
39 namespace extensions {
42 scoped_refptr<const Extension> CreateTestExtension(
43 const std::string& id,
44 bool has_active_tab_permission,
45 bool has_tab_capture_permission) {
46 ListBuilder permissions;
47 if (has_active_tab_permission)
48 permissions.Append("activeTab");
49 if (has_tab_capture_permission)
50 permissions.Append("tabCapture");
51 return ExtensionBuilder()
52 .SetManifest(DictionaryBuilder()
53 .Set("name", "Extension with ID " + id)
54 .Set("version", "1.0")
55 .Set("manifest_version", 2)
56 .Set("permissions", permissions))
61 enum PermittedFeature {
63 PERMITTED_SCRIPT_ONLY,
64 PERMITTED_CAPTURE_ONLY,
68 class ActiveTabTest : public ChromeRenderViewHostTestHarness {
71 : current_channel(chrome::VersionInfo::CHANNEL_DEV),
72 extension(CreateTestExtension("deadbeef", true, false)),
73 another_extension(CreateTestExtension("feedbeef", true, false)),
74 extension_without_active_tab(CreateTestExtension("badbeef",
77 extension_with_tab_capture(CreateTestExtension("cafebeef",
81 virtual void SetUp() OVERRIDE {
82 ChromeRenderViewHostTestHarness::SetUp();
83 TabHelper::CreateForWebContents(web_contents());
87 return SessionID::IdForTab(web_contents());
90 ActiveTabPermissionGranter* active_tab_permission_granter() {
91 return extensions::TabHelper::FromWebContents(web_contents())->
92 active_tab_permission_granter();
95 bool IsAllowed(const scoped_refptr<const Extension>& extension,
97 return IsAllowed(extension, url, PERMITTED_BOTH, tab_id());
100 bool IsAllowed(const scoped_refptr<const Extension>& extension,
102 PermittedFeature feature) {
103 return IsAllowed(extension, url, feature, tab_id());
106 bool IsAllowed(const scoped_refptr<const Extension>& extension,
108 PermittedFeature feature,
110 bool script = PermissionsData::CanExecuteScriptOnPage(
111 extension.get(), url, url, tab_id, NULL, -1, NULL);
112 bool capture = HasTabsPermission(extension, tab_id) &&
113 PermissionsData::CanCaptureVisiblePage(extension.get(), tab_id, NULL);
115 case PERMITTED_SCRIPT_ONLY:
116 return script && !capture;
117 case PERMITTED_CAPTURE_ONLY:
118 return capture && !script;
120 return script && capture;
122 return !script && !capture;
128 bool IsBlocked(const scoped_refptr<const Extension>& extension,
130 return IsBlocked(extension, url, tab_id());
133 bool IsBlocked(const scoped_refptr<const Extension>& extension,
136 return IsAllowed(extension, url, PERMITTED_NONE, tab_id);
139 bool HasTabsPermission(const scoped_refptr<const Extension>& extension) {
140 return HasTabsPermission(extension, tab_id());
143 bool HasTabsPermission(const scoped_refptr<const Extension>& extension,
145 return PermissionsData::HasAPIPermissionForTab(
146 extension.get(), tab_id, APIPermission::kTab);
149 bool IsGrantedForTab(const Extension* extension,
150 const content::WebContents* web_contents) {
151 return PermissionsData::HasAPIPermissionForTab(
153 SessionID::IdForTab(web_contents),
154 APIPermission::kTab);
157 // TODO(justinlin): Remove when tabCapture is moved to stable.
158 ScopedCurrentChannel current_channel;
160 // An extension with the activeTab permission.
161 scoped_refptr<const Extension> extension;
163 // Another extension with activeTab (for good measure).
164 scoped_refptr<const Extension> another_extension;
166 // An extension without the activeTab permission.
167 scoped_refptr<const Extension> extension_without_active_tab;
169 // An extension with both the activeTab and tabCapture permission.
170 scoped_refptr<const Extension> extension_with_tab_capture;
173 TEST_F(ActiveTabTest, GrantToSinglePage) {
174 GURL google("http://www.google.com");
175 NavigateAndCommit(google);
177 // No access unless it's been granted.
178 EXPECT_TRUE(IsBlocked(extension, google));
179 EXPECT_TRUE(IsBlocked(another_extension, google));
180 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
182 EXPECT_FALSE(HasTabsPermission(extension));
183 EXPECT_FALSE(HasTabsPermission(another_extension));
184 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab));
186 active_tab_permission_granter()->GrantIfRequested(extension.get());
187 active_tab_permission_granter()->GrantIfRequested(
188 extension_without_active_tab.get());
190 // Granted to extension and extension_without_active_tab, but the latter
191 // doesn't have the activeTab permission so not granted.
192 EXPECT_TRUE(IsAllowed(extension, google));
193 EXPECT_TRUE(IsBlocked(another_extension, google));
194 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
196 // Other subdomains shouldn't be given access.
197 GURL mail_google("http://mail.google.com");
198 EXPECT_TRUE(IsAllowed(extension, mail_google, PERMITTED_CAPTURE_ONLY));
199 EXPECT_TRUE(IsBlocked(another_extension, mail_google));
200 EXPECT_TRUE(IsBlocked(extension_without_active_tab, mail_google));
202 // Reloading the page should clear the active permissions.
205 EXPECT_TRUE(IsBlocked(extension, google));
206 EXPECT_TRUE(IsBlocked(another_extension, google));
207 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
209 EXPECT_FALSE(HasTabsPermission(extension));
210 EXPECT_FALSE(HasTabsPermission(another_extension));
211 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab));
213 // But they should still be able to be granted again.
214 active_tab_permission_granter()->GrantIfRequested(extension.get());
216 EXPECT_TRUE(IsAllowed(extension, google));
217 EXPECT_TRUE(IsBlocked(another_extension, google));
218 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
220 // And grant a few more times redundantly for good measure.
221 active_tab_permission_granter()->GrantIfRequested(extension.get());
222 active_tab_permission_granter()->GrantIfRequested(extension.get());
223 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
224 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
225 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
226 active_tab_permission_granter()->GrantIfRequested(extension.get());
227 active_tab_permission_granter()->GrantIfRequested(extension.get());
228 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
229 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
231 EXPECT_TRUE(IsAllowed(extension, google));
232 EXPECT_TRUE(IsAllowed(another_extension, google));
233 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
235 // Navigating to a new URL should clear the active permissions.
236 GURL chromium("http://www.chromium.org");
237 NavigateAndCommit(chromium);
239 EXPECT_TRUE(IsBlocked(extension, google));
240 EXPECT_TRUE(IsBlocked(another_extension, google));
241 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
243 EXPECT_TRUE(IsBlocked(extension, chromium));
244 EXPECT_TRUE(IsBlocked(another_extension, chromium));
245 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium));
247 EXPECT_FALSE(HasTabsPermission(extension));
248 EXPECT_FALSE(HasTabsPermission(another_extension));
249 EXPECT_FALSE(HasTabsPermission(extension_without_active_tab));
251 // Should be able to grant to multiple extensions at the same time (if they
252 // have the activeTab permission, of course).
253 active_tab_permission_granter()->GrantIfRequested(extension.get());
254 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
255 active_tab_permission_granter()->GrantIfRequested(
256 extension_without_active_tab.get());
258 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_CAPTURE_ONLY));
259 EXPECT_TRUE(IsAllowed(another_extension, google, PERMITTED_CAPTURE_ONLY));
260 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
262 EXPECT_TRUE(IsAllowed(extension, chromium));
263 EXPECT_TRUE(IsAllowed(another_extension, chromium));
264 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium));
266 // Should be able to go back to URLs that were previously cleared.
267 NavigateAndCommit(google);
269 active_tab_permission_granter()->GrantIfRequested(extension.get());
270 active_tab_permission_granter()->GrantIfRequested(another_extension.get());
271 active_tab_permission_granter()->GrantIfRequested(
272 extension_without_active_tab.get());
274 EXPECT_TRUE(IsAllowed(extension, google));
275 EXPECT_TRUE(IsAllowed(another_extension, google));
276 EXPECT_TRUE(IsBlocked(extension_without_active_tab, google));
278 EXPECT_TRUE(IsAllowed(extension, chromium, PERMITTED_CAPTURE_ONLY));
279 EXPECT_TRUE(IsAllowed(another_extension, chromium, PERMITTED_CAPTURE_ONLY));
280 EXPECT_TRUE(IsBlocked(extension_without_active_tab, chromium));
283 TEST_F(ActiveTabTest, Uninstalling) {
284 // Some semi-arbitrary setup.
285 GURL google("http://www.google.com");
286 NavigateAndCommit(google);
288 active_tab_permission_granter()->GrantIfRequested(extension.get());
290 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents()));
291 EXPECT_TRUE(IsAllowed(extension, google));
293 // Uninstalling the extension should clear its tab permissions.
294 ExtensionRegistry* registry =
295 ExtensionRegistry::Get(web_contents()->GetBrowserContext());
296 registry->TriggerOnUnloaded(extension.get(),
297 UnloadedExtensionInfo::REASON_DISABLE);
299 // Note: can't EXPECT_FALSE(IsAllowed) here because uninstalled extensions
300 // are just that... considered to be uninstalled, and the manager might
301 // just ignore them from here on.
303 // Granting the extension again should give them back.
304 active_tab_permission_granter()->GrantIfRequested(extension.get());
306 EXPECT_TRUE(IsGrantedForTab(extension.get(), web_contents()));
307 EXPECT_TRUE(IsAllowed(extension, google));
310 TEST_F(ActiveTabTest, OnlyActiveTab) {
311 GURL google("http://www.google.com");
312 NavigateAndCommit(google);
314 active_tab_permission_granter()->GrantIfRequested(extension.get());
316 EXPECT_TRUE(IsAllowed(extension, google, PERMITTED_BOTH, tab_id()));
317 EXPECT_TRUE(IsBlocked(extension, google, tab_id() + 1));
318 EXPECT_FALSE(HasTabsPermission(extension, tab_id() + 1));
321 TEST_F(ActiveTabTest, NavigateInPage) {
322 GURL google("http://www.google.com");
323 NavigateAndCommit(google);
325 active_tab_permission_granter()->GrantIfRequested(extension.get());
327 // Perform an in-page navigation. The extension should not lose the temporary
329 GURL google_h1("http://www.google.com#h1");
330 NavigateAndCommit(google_h1);
332 EXPECT_TRUE(IsAllowed(extension, google));
333 EXPECT_TRUE(IsAllowed(extension, google_h1));
335 GURL chromium("http://www.chromium.org");
336 NavigateAndCommit(chromium);
338 EXPECT_FALSE(IsAllowed(extension, google));
339 EXPECT_FALSE(IsAllowed(extension, google_h1));
340 EXPECT_FALSE(IsAllowed(extension, chromium));
342 active_tab_permission_granter()->GrantIfRequested(extension.get());
344 EXPECT_FALSE(IsAllowed(extension, google));
345 EXPECT_FALSE(IsAllowed(extension, google_h1));
346 EXPECT_TRUE(IsAllowed(extension, chromium));
348 GURL chromium_h1("http://www.chromium.org#h1");
349 NavigateAndCommit(chromium_h1);
351 EXPECT_FALSE(IsAllowed(extension, google));
352 EXPECT_FALSE(IsAllowed(extension, google_h1));
353 EXPECT_TRUE(IsAllowed(extension, chromium));
354 EXPECT_TRUE(IsAllowed(extension, chromium_h1));
358 EXPECT_FALSE(IsAllowed(extension, google));
359 EXPECT_FALSE(IsAllowed(extension, google_h1));
360 EXPECT_FALSE(IsAllowed(extension, chromium));
361 EXPECT_FALSE(IsAllowed(extension, chromium_h1));
364 TEST_F(ActiveTabTest, ChromeUrlGrants) {
365 GURL internal("chrome://version");
366 NavigateAndCommit(internal);
367 active_tab_permission_granter()->GrantIfRequested(
368 extension_with_tab_capture.get());
369 // Do not grant tabs/hosts permissions for tab.
370 EXPECT_TRUE(IsAllowed(extension_with_tab_capture, internal,
371 PERMITTED_CAPTURE_ONLY));
372 EXPECT_TRUE(PermissionsData::HasAPIPermissionForTab(
373 extension_with_tab_capture.get(),
375 APIPermission::kTabCaptureForTab));
377 EXPECT_TRUE(IsBlocked(extension_with_tab_capture, internal, tab_id() + 1));
378 EXPECT_FALSE(PermissionsData::HasAPIPermissionForTab(
379 extension_with_tab_capture.get(),
381 APIPermission::kTabCaptureForTab));
385 } // namespace extensions