Google Git
Sign in
android / platform / external / chromium_org / 8d048359bef2f9db1cf3276de6713fe54734fe2e / . / chrome / browser / extensions / permissions_updater.cc
blob: 9d4a7b6f9dcabf2084940fc0ab69304650d20910 [file] [log] [blame]
// Copyright (c) 2012 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/extensions/permissions_updater.h"
#include "base/json/json_writer.h"
#include "base/memory/ref_counted.h"
#include "base/values.h"
#include "chrome/browser/chrome_notification_types.h"
#include "chrome/browser/extensions/api/permissions/permissions_api_helpers.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/common/extensions/api/permissions.h"
#include "content/public/browser/notification_observer.h"
#include "content/public/browser/notification_registrar.h"
#include "content/public/browser/notification_service.h"
#include "content/public/browser/render_process_host.h"
#include "extensions/browser/event_router.h"
#include "extensions/browser/extension_prefs.h"
#include "extensions/common/extension.h"
#include "extensions/common/extension_messages.h"
#include "extensions/common/manifest_handlers/permissions_parser.h"
#include "extensions/common/permissions/permission_set.h"
#include "extensions/common/permissions/permissions_data.h"
using content::RenderProcessHost;
using extensions::permissions_api_helpers::PackPermissionSet;
namespace extensions {
namespace permissions = api::permissions;
PermissionsUpdater::PermissionsUpdater(content::BrowserContext* browser_context)
: browser_context_(browser_context) {
}
PermissionsUpdater::~PermissionsUpdater() {}
void PermissionsUpdater::AddPermissions(
const Extension* extension, const PermissionSet* permissions) {
scoped_refptr<const PermissionSet> existing(
extension->permissions_data()->active_permissions());
scoped_refptr<PermissionSet> total(
PermissionSet::CreateUnion(existing.get(), permissions));
scoped_refptr<PermissionSet> added(
PermissionSet::CreateDifference(total.get(), existing.get()));
SetActivePermissions(extension, total.get());
// Update the granted permissions so we don't auto-disable the extension.
GrantActivePermissions(extension);
NotifyPermissionsUpdated(ADDED, extension, added.get());
}
void PermissionsUpdater::RemovePermissions(
const Extension* extension, const PermissionSet* permissions) {
scoped_refptr<const PermissionSet> existing(
extension->permissions_data()->active_permissions());
scoped_refptr<PermissionSet> total(
PermissionSet::CreateDifference(existing.get(), permissions));
scoped_refptr<PermissionSet> removed(
PermissionSet::CreateDifference(existing.get(), total.get()));
// We update the active permissions, and not the granted permissions, because
// the extension, not the user, removed the permissions. This allows the
// extension to add them again without prompting the user.
SetActivePermissions(extension, total.get());
NotifyPermissionsUpdated(REMOVED, extension, removed.get());
}
void PermissionsUpdater::GrantActivePermissions(const Extension* extension) {
CHECK(extension);
// We only maintain the granted permissions prefs for INTERNAL and LOAD
// extensions.
if (!Manifest::IsUnpackedLocation(extension->location()) &&
extension->location() != Manifest::INTERNAL)
return;
ExtensionPrefs::Get(browser_context_)->AddGrantedPermissions(
extension->id(),
extension->permissions_data()->active_permissions().get());
}
void PermissionsUpdater::InitializeActivePermissions(
const Extension* extension) {
// If the extension has used the optional permissions API, it will have a
// custom set of active permissions defined in the extension prefs. Here,
// we update the extension's active permissions based on the prefs.
scoped_refptr<PermissionSet> active_permissions =
ExtensionPrefs::Get(browser_context_)->GetActivePermissions(
extension->id());
if (!active_permissions)
return;
// We restrict the active permissions to be within the bounds defined in the
// extension's manifest.
// a) active permissions must be a subset of optional + default permissions
// b) active permissions must contains all default permissions
scoped_refptr<PermissionSet> total_permissions = PermissionSet::CreateUnion(
PermissionsParser::GetRequiredPermissions(extension),
PermissionsParser::GetOptionalPermissions(extension));
// Make sure the active permissions contain no more than optional + default.
scoped_refptr<PermissionSet> adjusted_active =
PermissionSet::CreateIntersection(total_permissions, active_permissions);
// Make sure the active permissions contain the default permissions.
adjusted_active = PermissionSet::CreateUnion(
PermissionsParser::GetRequiredPermissions(extension),
adjusted_active);
SetActivePermissions(extension, adjusted_active);
}
void PermissionsUpdater::SetActivePermissions(
const Extension* extension, const PermissionSet* permissions) {
ExtensionPrefs::Get(browser_context_)->SetActivePermissions(
extension->id(), permissions);
extension->permissions_data()->SetActivePermissions(permissions);
}
void PermissionsUpdater::DispatchEvent(
const std::string& extension_id,
const char* event_name,
const PermissionSet* changed_permissions) {
EventRouter* event_router = EventRouter::Get(browser_context_);
if (!event_router)
return;
scoped_ptr<base::ListValue> value(new base::ListValue());
scoped_ptr<api::permissions::Permissions> permissions =
PackPermissionSet(changed_permissions);
value->Append(permissions->ToValue().release());
scoped_ptr<Event> event(new Event(event_name, value.Pass()));
event->restrict_to_browser_context = browser_context_;
event_router->DispatchEventToExtension(extension_id, event.Pass());
}
void PermissionsUpdater::NotifyPermissionsUpdated(
EventType event_type,
const Extension* extension,
const PermissionSet* changed) {
if (!changed || changed->IsEmpty())
return;
UpdatedExtensionPermissionsInfo::Reason reason;
const char* event_name = NULL;
if (event_type == REMOVED) {
reason = UpdatedExtensionPermissionsInfo::REMOVED;
event_name = permissions::OnRemoved::kEventName;
} else {
CHECK_EQ(ADDED, event_type);
reason = UpdatedExtensionPermissionsInfo::ADDED;
event_name = permissions::OnAdded::kEventName;
}
// Notify other APIs or interested parties.
UpdatedExtensionPermissionsInfo info = UpdatedExtensionPermissionsInfo(
extension, changed, reason);
Profile* profile = Profile::FromBrowserContext(browser_context_);
content::NotificationService::current()->Notify(
chrome::NOTIFICATION_EXTENSION_PERMISSIONS_UPDATED,
content::Source<Profile>(profile),
content::Details<UpdatedExtensionPermissionsInfo>(&info));
ExtensionMsg_UpdatePermissions_Params params;
params.reason_id = static_cast<int>(reason);
params.extension_id = extension->id();
params.apis = changed->apis();
params.manifest_permissions = changed->manifest_permissions();
params.explicit_hosts = changed->explicit_hosts();
params.scriptable_hosts = changed->scriptable_hosts();
// Send the new permissions to the renderers.
for (RenderProcessHost::iterator i(RenderProcessHost::AllHostsIterator());
!i.IsAtEnd(); i.Advance()) {
RenderProcessHost* host = i.GetCurrentValue();
if (profile->IsSameProfile(
Profile::FromBrowserContext(host->GetBrowserContext()))) {
host->Send(new ExtensionMsg_UpdatePermissions(params));
}
}
// Trigger the onAdded and onRemoved events in the extension.
DispatchEvent(extension->id(), event_name, changed);
}
} // namespace extensions