• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
6 #define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
7 
8 #include <map>
9 #include <set>
10 #include <string>
11 
12 #include "base/callback.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/pickle.h"
15 #include "base/values.h"
16 #include "extensions/common/permissions/permission_message.h"
17 
18 namespace IPC {
19 class Message;
20 }
21 
22 namespace extensions {
23 
24 class APIPermissionInfo;
25 class ChromeAPIPermissions;
26 
27 // APIPermission is for handling some complex permissions. Please refer to
28 // extensions::SocketPermission as an example.
29 // There is one instance per permission per loaded extension.
30 class APIPermission {
31  public:
32   enum ID {
33     // Error codes.
34     kInvalid = -2,
35     kUnknown = -1,
36 
37     // Real permissions.
38     kActiveTab,
39     kActivityLogPrivate,
40     kAdView,
41     kAlarms,
42     kAlwaysOnTopWindows,
43     kAppCurrentWindowInternal,
44     kAppRuntime,
45     kAppWindow,
46     kAudio,
47     kAudioCapture,
48     kAutoTestPrivate,
49     kBackground,
50     kBluetooth,
51     kBookmark,
52     kBookmarkManagerPrivate,
53     kBrailleDisplayPrivate,
54     kBrowsingData,
55     kCast,
56     kCastStreaming,
57     kChromeosInfoPrivate,
58     kClipboardRead,
59     kClipboardWrite,
60     kCloudPrintPrivate,
61     kCommandLinePrivate,
62     kContentSettings,
63     kContextMenus,
64     kCookie,
65     kDiagnostics,
66     kDial,
67     kDebugger,
68     kDeclarative,
69     kDeclarativeContent,
70     kDeclarativeWebRequest,
71     kDesktopCapture,
72     kDeveloperPrivate,
73     kDevtools,
74     kDns,
75     kDownloads,
76     kDownloadsInternal,
77     kDownloadsOpen,
78     kDownloadsShelf,
79     kEchoPrivate,
80     kEnterprisePlatformKeysPrivate,
81     kExperimental,
82     kFeedbackPrivate,
83     kFileBrowserHandler,
84     kFileBrowserHandlerInternal,
85     kFileBrowserPrivate,
86     kFileSystem,
87     kFileSystemDirectory,
88     kFileSystemProvider,
89     kFileSystemRetainEntries,
90     kFileSystemWrite,
91     kFileSystemWriteDirectory,
92     kFontSettings,
93     kFullscreen,
94     kGcm,
95     kGeolocation,
96     kHistory,
97     kHomepage,
98     kIdentity,
99     kIdentityPrivate,
100     kIdltest,
101     kIdle,
102     kInfobars,
103     kInput,
104     kInputMethodPrivate,
105     kLocation,
106     kLogPrivate,
107     kManagement,
108     kMediaGalleries,
109     kMediaGalleriesPrivate,
110     kMediaPlayerPrivate,
111     kMetricsPrivate,
112     kMDns,
113     kMusicManagerPrivate,
114     kNativeMessaging,
115     kNetworkingPrivate,
116     kNotification,
117     kOverrideEscFullscreen,
118     kPageCapture,
119     kPointerLock,
120     kPlugin,
121     kPower,
122     kPreferencesPrivate,
123     kPrincipalsPrivate,
124     kPrivacy,
125     kProcesses,
126     kProxy,
127     kPushMessaging,
128     kImageWriterPrivate,
129     kRtcPrivate,
130     kSearchProvider,
131     kSerial,
132     kSessions,
133     kSignedInDevices,
134     kSocket,
135     kStartupPages,
136     kStorage,
137     kStreamsPrivate,
138     kSyncFileSystem,
139     kSystemPrivate,
140     kSystemIndicator,
141     kSystemDisplay,
142     kSystemStorage,
143     kTab,
144     kTabCapture,
145     kTabCaptureForTab,
146     kTerminalPrivate,
147     kTopSites,
148     kTts,
149     kTtsEngine,
150     kUnlimitedStorage,
151     kUsb,
152     kUsbDevice,
153     kVideoCapture,
154     kVirtualKeyboardPrivate,
155     kWallpaper,
156     kWallpaperPrivate,
157     kWebConnectable,  // for externally_connectable manifest key
158     kWebNavigation,
159     kWebRequest,
160     kWebRequestBlocking,
161     kWebRequestInternal,
162     kWebrtcAudioPrivate,
163     kWebrtcLoggingPrivate,
164     kWebstorePrivate,
165     kWebView,
166     kScreenlockPrivate,
167     kSystemCpu,
168     kSystemMemory,
169     kSystemNetwork,
170     kSystemInfoCpu,
171     kSystemInfoMemory,
172     kFirstRunPrivate,
173     kEnumBoundary
174   };
175 
176   struct CheckParam {
177   };
178 
179   explicit APIPermission(const APIPermissionInfo* info);
180 
181   virtual ~APIPermission();
182 
183   // Returns the id of this permission.
184   ID id() const;
185 
186   // Returns the name of this permission.
187   const char* name() const;
188 
189   // Returns the APIPermission of this permission.
info()190   const APIPermissionInfo* info() const {
191     return info_;
192   }
193 
194   // Returns true if this permission has any PermissionMessages.
195   virtual bool HasMessages() const = 0;
196 
197   // Returns the localized permission messages of this permission.
198   virtual PermissionMessages GetMessages() const = 0;
199 
200   // Returns true if the given permission is allowed.
201   virtual bool Check(const CheckParam* param) const = 0;
202 
203   // Returns true if |rhs| is a subset of this.
204   virtual bool Contains(const APIPermission* rhs) const = 0;
205 
206   // Returns true if |rhs| is equal to this.
207   virtual bool Equal(const APIPermission* rhs) const = 0;
208 
209   // Parses the APIPermission from |value|. Returns false if error happens.
210   virtual bool FromValue(const base::Value* value) = 0;
211 
212   // Stores this into a new created |value|.
213   virtual scoped_ptr<base::Value> ToValue() const = 0;
214 
215   // Clones this.
216   virtual APIPermission* Clone() const = 0;
217 
218   // Returns a new API permission which equals this - |rhs|.
219   virtual APIPermission* Diff(const APIPermission* rhs) const = 0;
220 
221   // Returns a new API permission which equals the union of this and |rhs|.
222   virtual APIPermission* Union(const APIPermission* rhs) const = 0;
223 
224   // Returns a new API permission which equals the intersect of this and |rhs|.
225   virtual APIPermission* Intersect(const APIPermission* rhs) const = 0;
226 
227   // IPC functions
228   // Writes this into the given IPC message |m|.
229   virtual void Write(IPC::Message* m) const = 0;
230 
231   // Reads from the given IPC message |m|.
232   virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0;
233 
234   // Logs this permission.
235   virtual void Log(std::string* log) const = 0;
236 
237  protected:
238   // Returns the localized permission message associated with this api.
239   // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows.
240   PermissionMessage GetMessage_() const;
241 
242  private:
243   const APIPermissionInfo* const info_;
244 };
245 
246 
247 // The APIPermissionInfo is an immutable class that describes a single
248 // named permission (API permission).
249 // There is one instance per permission.
250 class APIPermissionInfo {
251  public:
252   enum Flag {
253     kFlagNone = 0,
254 
255     // Indicates if the permission implies full access (native code).
256     kFlagImpliesFullAccess = 1 << 0,
257 
258     // Indicates if the permission implies full URL access.
259     kFlagImpliesFullURLAccess = 1 << 1,
260 
261     // Indicates that extensions cannot specify the permission as optional.
262     kFlagCannotBeOptional = 1 << 3,
263 
264     // Indicates that the permission is internal to the extensions
265     // system and cannot be specified in the "permissions" list.
266     kFlagInternal = 1 << 4,
267   };
268 
269   typedef APIPermission* (*APIPermissionConstructor)(const APIPermissionInfo*);
270 
271   typedef std::set<APIPermission::ID> IDSet;
272 
273   ~APIPermissionInfo();
274 
275   // Creates a APIPermission instance.
276   APIPermission* CreateAPIPermission() const;
277 
flags()278   int flags() const { return flags_; }
279 
id()280   APIPermission::ID id() const { return id_; }
281 
282   // Returns the message id associated with this permission.
message_id()283   PermissionMessage::ID message_id() const {
284     return message_id_;
285   }
286 
287   // Returns the name of this permission.
name()288   const char* name() const { return name_; }
289 
290   // Returns true if this permission implies full access (e.g., native code).
implies_full_access()291   bool implies_full_access() const {
292     return (flags_ & kFlagImpliesFullAccess) != 0;
293   }
294 
295   // Returns true if this permission implies full URL access.
implies_full_url_access()296   bool implies_full_url_access() const {
297     return (flags_ & kFlagImpliesFullURLAccess) != 0;
298   }
299 
300   // Returns true if this permission can be added and removed via the
301   // optional permissions extension API.
supports_optional()302   bool supports_optional() const {
303     return (flags_ & kFlagCannotBeOptional) == 0;
304   }
305 
306   // Returns true if this permission is internal rather than a
307   // "permissions" list entry.
is_internal()308   bool is_internal() const {
309     return (flags_ & kFlagInternal) != 0;
310   }
311 
312  private:
313   // Instances should only be constructed from within a
314   // PermissionsInfo::Delegate.
315   friend class ChromeAPIPermissions;
316   // Implementations of APIPermission will want to get the permission message,
317   // but this class's implementation should be hidden from everyone else.
318   friend class APIPermission;
319 
320   explicit APIPermissionInfo(
321       APIPermission::ID id,
322       const char* name,
323       int l10n_message_id,
324       PermissionMessage::ID message_id,
325       int flags,
326       APIPermissionConstructor api_permission_constructor);
327 
328   // Returns the localized permission message associated with this api.
329   // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows.
330   PermissionMessage GetMessage_() const;
331 
332   const APIPermission::ID id_;
333   const char* const name_;
334   const int flags_;
335   const int l10n_message_id_;
336   const PermissionMessage::ID message_id_;
337   const APIPermissionConstructor api_permission_constructor_;
338 };
339 
340 }  // namespace extensions
341 
342 #endif  // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
343