| // Copyright 2014 The Chromium Authors. All rights reserved. |
| // Use of this source code is governed by a BSD-style license that can be |
| // found in the LICENSE file. |
| |
| #include "base/memory/scoped_ptr.h" |
| #include "chrome/browser/extensions/extension_service.h" |
| #include "chrome/browser/extensions/extension_service_test_base.h" |
| #include "chrome/browser/extensions/permissions_updater.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/common/extensions/permissions/chrome_permission_message_provider.h" |
| #include "chrome/grit/generated_resources.h" |
| #include "components/crx_file/id_util.h" |
| #include "extensions/browser/extension_prefs.h" |
| #include "extensions/browser/extension_registry.h" |
| #include "extensions/common/extension_builder.h" |
| #include "extensions/common/manifest.h" |
| #include "extensions/common/manifest_handlers/permissions_parser.h" |
| #include "extensions/common/permissions/permissions_data.h" |
| #include "extensions/common/test_util.h" |
| #include "testing/gtest/include/gtest/gtest.h" |
| #include "ui/base/l10n/l10n_util.h" |
| |
| namespace extensions { |
| |
| // Tests that ChromePermissionMessageProvider provides not only correct, but |
| // meaningful permission messages that coalesce correctly where appropriate. |
| // There are 3 types of permission messages that need to be tested: |
| // 1. The combined list of active permissions, displayed at install time (or |
| // when the app has been disabled automatically and needs to be re-enabled) |
| // 2. The split list of active permissions, displayed in the App Info dialog, |
| // where the optional permissions are individually revokable |
| // 3. The list of requested optional permissions, displayed in a prompt to the |
| // user when the app requests these during runtime |
| // Some of these tests are prefixed AntiTest_, since they demonstrate existing |
| // problematic functionality. These tests are prefixed with AntiTest_ and will |
| // be changed as the correct behaviour is implemented. TODOs in the test explain |
| // the currently problematic behaviour. |
| class PermissionMessagesUnittest : public ExtensionServiceTestBase { |
| public: |
| PermissionMessagesUnittest() |
| : message_provider_(new ChromePermissionMessageProvider()) {} |
| ~PermissionMessagesUnittest() override {} |
| |
| // Overridden from testing::Test: |
| void SetUp() override { |
| ExtensionServiceTestBase::SetUp(); |
| InitializeExtensionService(CreateDefaultInitParams()); |
| } |
| |
| protected: |
| void CreateAndInstallAppWithPermissions(ListBuilder& required_permissions, |
| ListBuilder& optional_permissions) { |
| app_ = test_util::BuildApp(ExtensionBuilder().Pass()) |
| .MergeManifest( |
| DictionaryBuilder() |
| .Set("permissions", required_permissions) |
| .Set("optional_permissions", optional_permissions)) |
| .SetID(crx_file::id_util::GenerateId("app")) |
| .SetLocation(Manifest::INTERNAL) |
| .Build(); |
| service()->AddExtension(app_.get()); |
| } |
| |
| void CreateAndInstallExtensionWithPermissions( |
| ListBuilder& required_permissions, |
| ListBuilder& optional_permissions) { |
| app_ = test_util::BuildExtension(ExtensionBuilder().Pass()) |
| .MergeManifest( |
| DictionaryBuilder() |
| .Set("permissions", required_permissions) |
| .Set("optional_permissions", optional_permissions)) |
| .SetID(crx_file::id_util::GenerateId("extension")) |
| .SetLocation(Manifest::INTERNAL) |
| .Build(); |
| service()->AddExtension(app_.get()); |
| } |
| |
| // Returns the permission messages that would display in the prompt that |
| // requests all the optional permissions for the current |app_|. |
| std::vector<base::string16> GetOptionalPermissionMessages() { |
| scoped_refptr<const PermissionSet> granted_permissions = |
| ExtensionPrefs::Get(profile())->GetGrantedPermissions(app_->id()); |
| scoped_refptr<const PermissionSet> optional_permissions = |
| PermissionsParser::GetOptionalPermissions(app_.get()); |
| scoped_refptr<const PermissionSet> requested_permissions = |
| PermissionSet::CreateDifference(optional_permissions.get(), |
| granted_permissions.get()); |
| return GetMessages(requested_permissions); |
| } |
| |
| void GrantOptionalPermissions() { |
| PermissionsUpdater perms_updater(profile()); |
| perms_updater.AddPermissions( |
| app_.get(), |
| PermissionsParser::GetOptionalPermissions(app_.get()).get()); |
| } |
| |
| std::vector<base::string16> active_permissions() { |
| return GetMessages(app_->permissions_data()->active_permissions()); |
| } |
| |
| std::vector<base::string16> withheld_permissions() { |
| return GetMessages(app_->permissions_data()->withheld_permissions()); |
| } |
| |
| std::vector<base::string16> granted_permissions() { |
| return GetMessages( |
| ExtensionPrefs::Get(profile())->GetGrantedPermissions(app_->id())); |
| } |
| |
| std::vector<base::string16> required_permissions() { |
| return GetMessages(PermissionsParser::GetRequiredPermissions(app_.get())); |
| } |
| |
| std::vector<base::string16> optional_permissions() { |
| return GetMessages(PermissionsParser::GetOptionalPermissions(app_.get())); |
| } |
| |
| private: |
| std::vector<base::string16> GetMessages( |
| scoped_refptr<const PermissionSet> permissions) { |
| return message_provider_->GetWarningMessages(permissions.get(), |
| app_->GetType()); |
| } |
| |
| scoped_ptr<ChromePermissionMessageProvider> message_provider_; |
| scoped_refptr<const Extension> app_; |
| |
| DISALLOW_COPY_AND_ASSIGN(PermissionMessagesUnittest); |
| }; |
| |
| // If an app has both the 'serial' and 'USB' permission, they should coalesce |
| // into a single permission message. |
| TEST_F(PermissionMessagesUnittest, RequiredPermissionMessagesCoalesce) { |
| CreateAndInstallAppWithPermissions( |
| ListBuilder().Append("serial").Append("usb").Pass(), |
| ListBuilder().Pass()); |
| |
| ASSERT_EQ(1U, required_permissions().size()); |
| EXPECT_EQ(l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_USB_SERIAL), |
| required_permissions()[0]); |
| |
| ASSERT_EQ(0U, optional_permissions().size()); |
| } |
| |
| // If an app has both the 'history' and 'tabs' permission, one should hide the |
| // other (the 'history' permission has superset permissions). |
| TEST_F(PermissionMessagesUnittest, HistoryHidesTabsMessage) { |
| CreateAndInstallExtensionWithPermissions( |
| ListBuilder().Append("tabs").Append("history").Pass(), |
| ListBuilder().Pass()); |
| |
| ASSERT_EQ(1U, required_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| required_permissions()[0]); |
| |
| ASSERT_EQ(0U, optional_permissions().size()); |
| } |
| |
| // If an app requests the 'history' permission, but already has the 'tabs' |
| // permission, only the new coalesced message is displayed. |
| TEST_F(PermissionMessagesUnittest, MixedPermissionMessagesCoalesceOnceGranted) { |
| CreateAndInstallExtensionWithPermissions( |
| ListBuilder().Append("tabs").Pass(), |
| ListBuilder().Append("history").Pass()); |
| |
| ASSERT_EQ(1U, required_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| required_permissions()[0]); |
| |
| ASSERT_EQ(1U, optional_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| optional_permissions()[0]); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| active_permissions()[0]); |
| |
| ASSERT_EQ(1U, GetOptionalPermissionMessages().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| GetOptionalPermissionMessages()[0]); |
| |
| GrantOptionalPermissions(); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| active_permissions()[0]); |
| } |
| |
| // AntiTest: This behavior should be changed and improved. |
| // If an app requests the 'tabs' permission but already has the 'history' |
| // permission, a prompt is displayed. However, no prompt should appear at all, |
| // since 'tabs' is a subset of 'history' and the final list of permissions are |
| // not affected by this grant. |
| TEST_F(PermissionMessagesUnittest, |
| AntiTest_PromptCanRequestSubsetOfAlreadyGrantedPermissions) { |
| CreateAndInstallExtensionWithPermissions( |
| ListBuilder().Append("history").Pass(), |
| ListBuilder().Append("tabs").Pass()); |
| |
| ASSERT_EQ(1U, required_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| required_permissions()[0]); |
| |
| ASSERT_EQ(1U, optional_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| optional_permissions()[0]); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| active_permissions()[0]); |
| |
| // TODO(sashab): This prompt should display no permissions, since READ is a |
| // subset permission of WRITE. |
| ASSERT_EQ(1U, GetOptionalPermissionMessages().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| GetOptionalPermissionMessages()[0]); |
| |
| GrantOptionalPermissions(); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE), |
| active_permissions()[0]); |
| } |
| |
| // AntiTest: This behavior should be changed and improved. |
| // If an app requests the 'sessions' permission, nothing is displayed in the |
| // permission request prompt. However, the required permissions for the app are |
| // actually modified, so the prompt *should* display a message to prevent this |
| // permission from being granted for free. |
| TEST_F(PermissionMessagesUnittest, |
| AntiTest_PromptCanBeEmptyButCausesChangeInPermissions) { |
| CreateAndInstallExtensionWithPermissions( |
| ListBuilder().Append("tabs").Pass(), |
| ListBuilder().Append("sessions").Pass()); |
| |
| ASSERT_EQ(1U, required_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| required_permissions()[0]); |
| |
| ASSERT_EQ(0U, optional_permissions().size()); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ( |
| l10n_util::GetStringUTF16(IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ), |
| active_permissions()[0]); |
| |
| // TODO(sashab): This prompt should display the sessions permission message, |
| // as well as warn the user that it can affect the existing 'tab' permission. |
| ASSERT_EQ(0U, GetOptionalPermissionMessages().size()); |
| |
| GrantOptionalPermissions(); |
| |
| ASSERT_EQ(1U, active_permissions().size()); |
| EXPECT_EQ(l10n_util::GetStringUTF16( |
| IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ_AND_SESSIONS), |
| active_permissions()[0]); |
| } |
| |
| } // namespace extensions |