1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #include "base/memory/scoped_ptr.h"
6 #include "base/values.h"
7 #include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"
8 #include "chrome/common/extensions/api/permissions.h"
9 #include "extensions/common/permissions/permission_set.h"
10 #include "extensions/common/url_pattern_set.h"
11 #include "testing/gtest/include/gtest/gtest.h"
14 using extensions::api::permissions::Permissions;
15 using extensions::permissions_api_helpers::PackPermissionSet;
16 using extensions::permissions_api_helpers::UnpackPermissionSet;
18 namespace extensions {
22 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
23 int schemes = URLPattern::SCHEME_ALL;
24 extent->AddPattern(URLPattern(schemes, pattern));
29 // Tests that we can convert PermissionSets to and from values.
30 TEST(ExtensionPermissionsAPIHelpers, Pack) {
31 APIPermissionSet apis;
32 apis.insert(APIPermission::kTab);
33 apis.insert(APIPermission::kWebRequest);
34 // Note: kWebRequest implies also kWebRequestInternal.
36 AddPattern(&hosts, "http://a.com/*");
37 AddPattern(&hosts, "http://b.com/*");
39 scoped_refptr<PermissionSet> permission_set =
40 new PermissionSet(apis, hosts, URLPatternSet());
42 // Pack the permission set to value and verify its contents.
43 scoped_ptr<Permissions> permissions(PackPermissionSet(permission_set.get()));
44 scoped_ptr<base::DictionaryValue> value(permissions->ToValue());
45 base::ListValue* api_list = NULL;
46 base::ListValue* origin_list = NULL;
47 EXPECT_TRUE(value->GetList("permissions", &api_list));
48 EXPECT_TRUE(value->GetList("origins", &origin_list));
50 EXPECT_EQ(3u, api_list->GetSize());
51 EXPECT_EQ(2u, origin_list->GetSize());
53 std::string expected_apis[] = { "tabs", "webRequest" };
54 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(expected_apis); ++i) {
55 scoped_ptr<Value> value(new base::StringValue(expected_apis[i]));
56 EXPECT_NE(api_list->end(), api_list->Find(*value));
59 std::string expected_origins[] = { "http://a.com/*", "http://b.com/*" };
60 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(expected_origins); ++i) {
61 scoped_ptr<Value> value(new base::StringValue(expected_origins[i]));
62 EXPECT_NE(origin_list->end(), origin_list->Find(*value));
65 // Unpack the value back to a permission set and make sure its equal to the
67 scoped_refptr<PermissionSet> from_value;
69 Permissions permissions_object;
70 EXPECT_TRUE(Permissions::Populate(*value, &permissions_object));
71 from_value = UnpackPermissionSet(permissions_object, true, &error);
72 EXPECT_TRUE(error.empty());
74 EXPECT_EQ(*permission_set.get(), *from_value.get());
77 // Tests various error conditions and edge cases when unpacking values
78 // into PermissionSets.
79 TEST(ExtensionPermissionsAPIHelpers, Unpack) {
80 scoped_ptr<base::ListValue> apis(new base::ListValue());
81 apis->Append(new base::StringValue("tabs"));
82 scoped_ptr<base::ListValue> origins(new base::ListValue());
83 origins->Append(new base::StringValue("http://a.com/*"));
85 scoped_ptr<base::DictionaryValue> value(new base::DictionaryValue());
86 scoped_refptr<PermissionSet> permissions;
89 // Origins shouldn't have to be present.
91 Permissions permissions_object;
92 value->Set("permissions", apis->DeepCopy());
93 EXPECT_TRUE(Permissions::Populate(*value, &permissions_object));
94 permissions = UnpackPermissionSet(permissions_object, true, &error);
95 EXPECT_TRUE(permissions->HasAPIPermission(APIPermission::kTab));
96 EXPECT_TRUE(permissions.get());
97 EXPECT_TRUE(error.empty());
100 // The api permissions don't need to be present either.
102 Permissions permissions_object;
104 value->Set("origins", origins->DeepCopy());
105 EXPECT_TRUE(Permissions::Populate(*value, &permissions_object));
106 permissions = UnpackPermissionSet(permissions_object, true, &error);
107 EXPECT_TRUE(permissions.get());
108 EXPECT_TRUE(error.empty());
109 EXPECT_TRUE(permissions->HasExplicitAccessToOrigin(GURL("http://a.com/")));
112 // Throw errors for non-string API permissions.
114 Permissions permissions_object;
116 scoped_ptr<base::ListValue> invalid_apis(apis->DeepCopy());
117 invalid_apis->Append(new base::FundamentalValue(3));
118 value->Set("permissions", invalid_apis->DeepCopy());
119 EXPECT_FALSE(Permissions::Populate(*value, &permissions_object));
122 // Throw errors for non-string origins.
124 Permissions permissions_object;
126 scoped_ptr<base::ListValue> invalid_origins(origins->DeepCopy());
127 invalid_origins->Append(new base::FundamentalValue(3));
128 value->Set("origins", invalid_origins->DeepCopy());
129 EXPECT_FALSE(Permissions::Populate(*value, &permissions_object));
132 // Throw errors when "origins" or "permissions" are not list values.
134 Permissions permissions_object;
136 value->Set("origins", new base::FundamentalValue(2));
137 EXPECT_FALSE(Permissions::Populate(*value, &permissions_object));
141 Permissions permissions_object;
143 value->Set("permissions", new base::FundamentalValue(2));
144 EXPECT_FALSE(Permissions::Populate(*value, &permissions_object));
147 // Additional fields should be allowed.
149 Permissions permissions_object;
151 value->Set("origins", origins->DeepCopy());
152 value->Set("random", new base::FundamentalValue(3));
153 EXPECT_TRUE(Permissions::Populate(*value, &permissions_object));
154 permissions = UnpackPermissionSet(permissions_object, true, &error);
155 EXPECT_TRUE(permissions.get());
156 EXPECT_TRUE(error.empty());
157 EXPECT_TRUE(permissions->HasExplicitAccessToOrigin(GURL("http://a.com/")));
160 // Unknown permissions should throw an error.
162 Permissions permissions_object;
164 scoped_ptr<base::ListValue> invalid_apis(apis->DeepCopy());
165 invalid_apis->Append(new base::StringValue("unknown_permission"));
166 value->Set("permissions", invalid_apis->DeepCopy());
167 EXPECT_TRUE(Permissions::Populate(*value, &permissions_object));
168 permissions = UnpackPermissionSet(permissions_object, true, &error);
169 EXPECT_FALSE(permissions.get());
170 EXPECT_FALSE(error.empty());
171 EXPECT_EQ(error, "'unknown_permission' is not a recognized permission.");
175 } // namespace extensions