#include "extensions/browser/extension_prefs.h"
#include "extensions/common/extension.h"
#include "extensions/common/extension_messages.h"
-#include "extensions/common/feature_switch.h"
#include "extensions/common/manifest_handlers/permissions_parser.h"
#include "extensions/common/permissions/permission_set.h"
#include "extensions/common/permissions/permissions_data.h"
// If the extension has used the optional permissions API, it will have a
// custom set of active permissions defined in the extension prefs. Here,
// we update the extension's active permissions based on the prefs.
- if (!active_permissions)
+ if (!active_permissions.get())
return extension->permissions_data()->active_permissions();
scoped_refptr<const PermissionSet> required_permissions =
// a) active permissions must be a subset of optional + default permissions
// b) active permissions must contains all default permissions
scoped_refptr<PermissionSet> total_permissions = PermissionSet::CreateUnion(
- required_permissions,
- PermissionsParser::GetOptionalPermissions(extension));
+ required_permissions.get(),
+ PermissionsParser::GetOptionalPermissions(extension).get());
// Make sure the active permissions contain no more than optional + default.
scoped_refptr<PermissionSet> adjusted_active =
- PermissionSet::CreateIntersection(total_permissions, active_permissions);
+ PermissionSet::CreateIntersection(total_permissions.get(),
+ active_permissions.get());
// Make sure the active permissions contain the default permissions.
- adjusted_active =
- PermissionSet::CreateUnion(required_permissions, adjusted_active);
+ adjusted_active = PermissionSet::CreateUnion(required_permissions.get(),
+ adjusted_active.get());
return adjusted_active;
}
} // namespace
PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context)
- : browser_context_(browser_context) {
+ : browser_context_(browser_context), init_flag_(INIT_FLAG_NONE) {
+}
+
+PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context,
+ InitFlag init_flag)
+ : browser_context_(browser_context), init_flag_(init_flag) {
}
PermissionsUpdater::~PermissionsUpdater() {}
}
void PermissionsUpdater::InitializePermissions(const Extension* extension) {
- scoped_refptr<const PermissionSet> active_permissions =
- ExtensionPrefs::Get(browser_context_)
- ->GetActivePermissions(extension->id());
- scoped_refptr<const PermissionSet> bounded_active =
- GetBoundedActivePermissions(extension, active_permissions);
-
- // We withhold permissions iff the switch to do so is enabled, the extension
- // shows up in chrome:extensions (so the user can grant withheld permissions),
- // the extension is not part of chrome or corporate policy, and also not on
- // the scripting whitelist. Additionally, we don't withhold if the extension
- // has the preference to allow scripting on all urls.
+ scoped_refptr<const PermissionSet> active_permissions(NULL);
+ scoped_refptr<const PermissionSet> bounded_active(NULL);
+ // If |extension| is a transient dummy extension, we do not want to look for
+ // it in preferences.
+ if (init_flag_ & INIT_FLAG_TRANSIENT) {
+ bounded_active = active_permissions =
+ extension->permissions_data()->active_permissions();
+ } else {
+ active_permissions = ExtensionPrefs::Get(browser_context_)
+ ->GetActivePermissions(extension->id());
+ bounded_active = GetBoundedActivePermissions(extension, active_permissions);
+ }
+
+ // Withhold permissions if the switch applies to this extension.
+ // Non-transient extensions also must not have the preference to allow
+ // scripting on all urls.
bool should_withhold_permissions =
- FeatureSwitch::scripts_require_action()->IsEnabled() &&
- extension->ShouldDisplayInExtensionSettings() &&
- !Manifest::IsPolicyLocation(extension->location()) &&
- !Manifest::IsComponentLocation(extension->location()) &&
- !PermissionsData::CanExecuteScriptEverywhere(extension) &&
- !util::AllowedScriptingOnAllUrls(extension->id(), browser_context_);
+ util::ScriptsMayRequireActionForExtension(extension);
+ if ((init_flag_ & INIT_FLAG_TRANSIENT) == 0) {
+ should_withhold_permissions &=
+ !util::AllowedScriptingOnAllUrls(extension->id(), browser_context_);
+ }
URLPatternSet granted_explicit_hosts;
URLPatternSet withheld_explicit_hosts;
// For example, the union of <all_urls> and "example.com" is <all_urls>, so
// we may lose "example.com". However, "example.com" is important once
// <all_urls> is stripped during withholding.
- if (active_permissions) {
+ if (active_permissions.get()) {
granted_explicit_hosts.AddPatterns(
FilterSingleOriginPermissions(active_permissions->explicit_hosts(),
bounded_active->explicit_hosts()));
withheld = withheld.get() ? withheld
: extension->permissions_data()->withheld_permissions();
extension->permissions_data()->SetPermissions(active, withheld);
- ExtensionPrefs::Get(browser_context_)->SetActivePermissions(
- extension->id(), active.get());
+ if ((init_flag_ & INIT_FLAG_TRANSIENT) == 0) {
+ ExtensionPrefs::Get(browser_context_)
+ ->SetActivePermissions(extension->id(), active.get());
+ }
}
void PermissionsUpdater::DispatchEvent(
EventType event_type,
const Extension* extension,
const PermissionSet* changed) {
+ DCHECK((init_flag_ & INIT_FLAG_TRANSIENT) == 0);
if (!changed || changed->IsEmpty())
return;
ExtensionMsg_UpdatePermissions_Params params;
params.extension_id = extension->id();
params.active_permissions = ExtensionMsg_PermissionSetStruct(
- extension->permissions_data()->active_permissions());
+ *extension->permissions_data()->active_permissions());
params.withheld_permissions = ExtensionMsg_PermissionSetStruct(
- extension->permissions_data()->withheld_permissions());
+ *extension->permissions_data()->withheld_permissions());
// Send the new permissions to the renderers.
for (RenderProcessHost::iterator i(RenderProcessHost::AllHostsIterator());