skip.insert(APIPermission::kAudio);
skip.insert(APIPermission::kBrowsingData);
skip.insert(APIPermission::kCastStreaming);
+ skip.insert(APIPermission::kCommandsAccessibility);
skip.insert(APIPermission::kContextMenus);
- skip.insert(APIPermission::kCopresence);
skip.insert(APIPermission::kCopresencePrivate);
skip.insert(APIPermission::kDiagnostics);
skip.insert(APIPermission::kDns);
skip.insert(APIPermission::kGcm);
skip.insert(APIPermission::kIdle);
skip.insert(APIPermission::kIdltest);
- skip.insert(APIPermission::kLedger);
skip.insert(APIPermission::kLogPrivate);
skip.insert(APIPermission::kNotifications);
skip.insert(APIPermission::kNotificationProvider);
skip.insert(APIPermission::kEnterprisePlatformKeysPrivate);
skip.insert(APIPermission::kFeedbackPrivate);
skip.insert(APIPermission::kFileBrowserHandlerInternal);
- skip.insert(APIPermission::kFileBrowserPrivate);
+ skip.insert(APIPermission::kFileManagerPrivate);
skip.insert(APIPermission::kFirstRunPrivate);
skip.insert(APIPermission::kGcdPrivate);
skip.insert(APIPermission::kHotwordPrivate);
skip.insert(APIPermission::kSocket);
skip.insert(APIPermission::kUsbDevice);
+ // We already have a generic message for declaring externally_connectable.
+ skip.insert(APIPermission::kExternallyConnectableAllUrls);
+
PermissionsInfo* info = PermissionsInfo::GetInstance();
APIPermissionSet permissions = info->GetAll();
for (APIPermissionSet::const_iterator i = permissions.begin();
URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_PLATFORM_APP);
+ permissions.get(), Manifest::TYPE_PLATFORM_APP);
ASSERT_EQ(1u, messages.size());
std::sort(messages.begin(), messages.end());
std::set<PermissionMessage::ID> ids;
EXPECT_TRUE(ContainsKey(ids, PermissionMessage::kFileSystemDirectory));
}
+// The file system permissions have a special-case hack to show a warning for
+// write and directory at the same time.
+// TODO(sammc): Remove this. See http://crbug.com/284849.
+TEST(PermissionsTest, FileSystemImplicitPermissions) {
+ APIPermissionSet apis;
+ apis.insert(APIPermission::kFileSystemWrite);
+ apis.AddImpliedPermissions();
+
+ EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(),
+ APIPermission::kFileSystemWrite);
+ EXPECT_EQ(apis.size(), 1u);
+
+ apis.erase(APIPermission::kFileSystemWrite);
+ apis.insert(APIPermission::kFileSystemDirectory);
+ apis.AddImpliedPermissions();
+
+ EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(),
+ APIPermission::kFileSystemDirectory);
+ EXPECT_EQ(apis.size(), 1u);
+
+ apis.insert(APIPermission::kFileSystemWrite);
+ apis.AddImpliedPermissions();
+
+ EXPECT_EQ(apis.find(APIPermission::kFileSystemWrite)->id(),
+ APIPermission::kFileSystemWrite);
+ EXPECT_EQ(apis.find(APIPermission::kFileSystemDirectory)->id(),
+ APIPermission::kFileSystemDirectory);
+ EXPECT_EQ(apis.find(APIPermission::kFileSystemWriteDirectory)->id(),
+ APIPermission::kFileSystemWriteDirectory);
+ EXPECT_EQ(apis.size(), 3u);
+}
+
TEST(PermissionsTest, HiddenFileSystemPermissionMessages) {
APIPermissionSet api_permissions;
api_permissions.insert(APIPermission::kFileSystemWrite);
URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_PLATFORM_APP);
+ permissions.get(), Manifest::TYPE_PLATFORM_APP);
ASSERT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kFileSystemWriteDirectory, messages[0].id());
}
TEST(PermissionsTest, SuppressedPermissionMessages) {
{
+ // Tabs warning suppresses favicon warning.
APIPermissionSet api_permissions;
api_permissions.insert(APIPermission::kTab);
URLPatternSet hosts;
hosts, URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kTabs, messages[0].id());
}
{
+ // History warning suppresses favicon warning.
APIPermissionSet api_permissions;
api_permissions.insert(APIPermission::kHistory);
URLPatternSet hosts;
hosts, URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kBrowsingHistory, messages[0].id());
}
{
+ // All sites warning suppresses tabs warning.
APIPermissionSet api_permissions;
URLPatternSet hosts;
hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
+ EXPECT_EQ(1u, messages.size());
+ EXPECT_EQ(PermissionMessage::kHostsAll, messages[0].id());
+ }
+ {
+ // All sites warning suppresses topSites warning.
+ APIPermissionSet api_permissions;
+ URLPatternSet hosts;
+ hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
+ api_permissions.insert(APIPermission::kTopSites);
+ scoped_refptr<PermissionSet> permissions(new PermissionSet(
+ api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));
+ PermissionMessages messages =
+ PermissionMessageProvider::Get()->GetPermissionMessages(
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kHostsAll, messages[0].id());
}
{
+ // All sites warning suppresses declarativeWebRequest warning.
APIPermissionSet api_permissions;
URLPatternSet hosts;
hosts.AddPattern(URLPattern(URLPattern::SCHEME_CHROMEUI, "*://*/*"));
api_permissions, ManifestPermissionSet(), hosts, URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kHostsAll, messages[0].id());
}
{
+ // BrowsingHistory warning suppresses all history read/write warnings.
APIPermissionSet api_permissions;
api_permissions.insert(APIPermission::kHistory);
api_permissions.insert(APIPermission::kTab);
URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kBrowsingHistory, messages[0].id());
}
{
+ // Tabs warning suppresses all read-only history warnings.
APIPermissionSet api_permissions;
api_permissions.insert(APIPermission::kTab);
api_permissions.insert(APIPermission::kTopSites);
URLPatternSet(), URLPatternSet()));
PermissionMessages messages =
PermissionMessageProvider::Get()->GetPermissionMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(PermissionMessage::kTabs, messages[0].id());
}
URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB),
messages[0]);
URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB),
messages[0]);
URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_SERIAL),
messages[0]);
URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(
l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_SERIAL),
URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(
l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_SERIAL),
URLPatternSet()));
const PermissionMessageProvider* provider = PermissionMessageProvider::Get();
- EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
- write_permissions,
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(),
+ write_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions,
- directory_permissions,
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(write_directory_permissions.get(),
+ directory_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
- directory_permissions,
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(),
+ directory_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions,
- write_directory_permissions,
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(write_permissions.get(),
+ write_directory_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(directory_permissions,
- write_permissions,
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(directory_permissions.get(),
+ write_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
- EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions,
- write_directory_permissions,
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(directory_permissions.get(),
+ write_directory_permissions.get(),
Manifest::TYPE_PLATFORM_APP));
}
URLPatternSet(), URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(l10n_util::GetStringUTF16(
IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS),
URLPatternSet(), URLPatternSet()));
std::vector<base::string16> messages =
PermissionMessageProvider::Get()->GetWarningMessages(
- permissions, Manifest::TYPE_EXTENSION);
+ permissions.get(), Manifest::TYPE_EXTENSION);
EXPECT_EQ(1u, messages.size());
EXPECT_EQ(l10n_util::GetStringUTF16(
IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE_AND_SESSIONS),
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
// Test that paths are ignored.
elist2.ClearPatterns();
URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com/*"));
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
// Test that RCDs are ignored.
elist2.ClearPatterns();
URLPattern(URLPattern::SCHEME_HTTP, "http://www.google.com.hk/*"));
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
// Test that subdomain wildcards are handled properly.
elist2.ClearPatterns();
URLPattern(URLPattern::SCHEME_HTTP, "http://*.google.com.hk/*"));
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
// TODO(jstritar): Does not match subdomains properly. http://crbug.com/65337
// EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
URLPattern(URLPattern::SCHEME_HTTP, "http://www.example.org/path"));
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
// Test that different subdomains count as different hosts.
elist2.ClearPatterns();
URLPattern(URLPattern::SCHEME_HTTP, "http://mail.google.com/*"));
set2 = new PermissionSet(empty_perms, empty_manifest_permissions,
elist2, slist2);
- EXPECT_TRUE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_TRUE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_TRUE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
// Test that platform apps do not have host permissions increases.
type = Manifest::TYPE_PLATFORM_APP;
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set1, set2, type));
- EXPECT_FALSE(provider->IsPrivilegeIncrease(set2, set1, type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set1.get(), set2.get(), type));
+ EXPECT_FALSE(provider->IsPrivilegeIncrease(set2.get(), set1.get(), type));
}
TEST(PermissionsTest, GetAPIsAsStrings) {
scoped_refptr<PermissionSet> permissions(
new PermissionSet(APIPermissionSet(), ManifestPermissionSet(),
allowed_hosts, URLPatternSet()));
- PermissionMessageProvider::Get()->
- GetPermissionMessages(permissions, Manifest::TYPE_EXTENSION);
+ PermissionMessageProvider::Get()->GetPermissionMessages(
+ permissions.get(), Manifest::TYPE_EXTENSION);
}
TEST(PermissionsTest, IsPrivilegeIncrease_DeclarativeWebRequest) {