1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/extensions/api/permissions/permissions_api.h"
6 #include "chrome/browser/extensions/extension_apitest.h"
7 #include "chrome/browser/profiles/profile.h"
8 #include "chrome/browser/ui/browser.h"
9 #include "extensions/browser/extension_prefs.h"
10 #include "extensions/common/permissions/permission_set.h"
11 #include "extensions/common/switches.h"
12 #include "net/dns/mock_host_resolver.h"
13
14 namespace extensions {
15
16 namespace {
17
AddPattern(URLPatternSet * extent,const std::string & pattern)18 static void AddPattern(URLPatternSet* extent, const std::string& pattern) {
19 int schemes = URLPattern::SCHEME_ALL;
20 extent->AddPattern(URLPattern(schemes, pattern));
21 }
22
23 } // namespace
24
25 class ExperimentalApiTest : public ExtensionApiTest {
26 public:
SetUpCommandLine(CommandLine * command_line)27 virtual void SetUpCommandLine(CommandLine* command_line) OVERRIDE {
28 ExtensionApiTest::SetUpCommandLine(command_line);
29 command_line->AppendSwitch(switches::kEnableExperimentalExtensionApis);
30 }
31 };
32
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,PermissionsFail)33 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, PermissionsFail) {
34 ASSERT_TRUE(RunExtensionTest("permissions/disabled")) << message_;
35
36 // Since the experimental APIs require a flag, this will fail even though
37 // it's enabled.
38 // TODO(erikkay) This test is currently broken because LoadExtension in
39 // ExtensionBrowserTest doesn't actually fail, it just times out. To fix this
40 // I'll need to add an EXTENSION_LOAD_ERROR notification, which is probably
41 // too much for the branch. I'll enable this on trunk later.
42 //ASSERT_FALSE(RunExtensionTest("permissions/enabled"))) << message_;
43 }
44
IN_PROC_BROWSER_TEST_F(ExperimentalApiTest,PermissionsSucceed)45 IN_PROC_BROWSER_TEST_F(ExperimentalApiTest, PermissionsSucceed) {
46 ASSERT_TRUE(RunExtensionTest("permissions/enabled")) << message_;
47 }
48
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,ExperimentalPermissionsFail)49 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, ExperimentalPermissionsFail) {
50 // At the time this test is being created, there is no experimental
51 // function that will not be graduating soon, and does not require a
52 // tab id as an argument. So, we need the tab permission to get
53 // a tab id.
54 ASSERT_TRUE(RunExtensionTest("permissions/experimental_disabled"))
55 << message_;
56 }
57
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,FaviconPermission)58 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, FaviconPermission) {
59 ASSERT_TRUE(RunExtensionTest("permissions/favicon")) << message_;
60 }
61
62 // Test functions and APIs that are always allowed (even if you ask for no
63 // permissions).
64 // Disabled: http://crbug.com/125193
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,DISABLED_AlwaysAllowed)65 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, DISABLED_AlwaysAllowed) {
66 ASSERT_TRUE(RunExtensionTest("permissions/always_allowed")) << message_;
67 }
68
69 // Tests that the optional permissions API works correctly.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsGranted)70 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGranted) {
71 // Mark all the tested APIs as granted to bypass the confirmation UI.
72 APIPermissionSet apis;
73 apis.insert(APIPermission::kBookmark);
74 ManifestPermissionSet manifest_permissions;
75 URLPatternSet explicit_hosts;
76 AddPattern(&explicit_hosts, "http://*.c.com/*");
77 scoped_refptr<PermissionSet> granted_permissions =
78 new PermissionSet(apis, manifest_permissions,
79 explicit_hosts, URLPatternSet());
80
81 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile());
82 prefs->AddGrantedPermissions("kjmkgkdkpedkejedfhmfcenooemhbpbo",
83 granted_permissions.get());
84
85 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
86 host_resolver()->AddRule("*.com", "127.0.0.1");
87 ASSERT_TRUE(StartEmbeddedTestServer());
88 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_;
89 }
90
91 // Tests that the optional permissions API works correctly.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsAutoConfirm)92 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsAutoConfirm) {
93 // Rather than setting the granted permissions, set the UI autoconfirm flag
94 // and run the same tests.
95 PermissionsRequestFunction::SetAutoConfirmForTests(true);
96 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
97 host_resolver()->AddRule("*.com", "127.0.0.1");
98 ASSERT_TRUE(StartEmbeddedTestServer());
99 EXPECT_TRUE(RunExtensionTest("permissions/optional")) << message_;
100 }
101
102 // Test that denying the optional permissions confirmation dialog works.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsDeny)103 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsDeny) {
104 PermissionsRequestFunction::SetAutoConfirmForTests(false);
105 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
106 host_resolver()->AddRule("*.com", "127.0.0.1");
107 ASSERT_TRUE(StartEmbeddedTestServer());
108 EXPECT_TRUE(RunExtensionTest("permissions/optional_deny")) << message_;
109 }
110
111 // Tests that the permissions.request function must be called from within a
112 // user gesture.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsGesture)113 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsGesture) {
114 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false);
115 host_resolver()->AddRule("*.com", "127.0.0.1");
116 ASSERT_TRUE(StartEmbeddedTestServer());
117 EXPECT_TRUE(RunExtensionTest("permissions/optional_gesture")) << message_;
118 }
119
120 // Tests that the user gesture is retained in the permissions.request function
121 // callback.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsRetainGesture)122 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsRetainGesture) {
123 PermissionsRequestFunction::SetAutoConfirmForTests(true);
124 PermissionsRequestFunction::SetIgnoreUserGestureForTests(false);
125 host_resolver()->AddRule("*.com", "127.0.0.1");
126 ASSERT_TRUE(StartEmbeddedTestServer());
127 EXPECT_TRUE(RunExtensionTest("permissions/optional_retain_gesture"))
128 << message_;
129 }
130
131 // Tests that an extension can't gain access to file: URLs without the checkbox
132 // entry in prefs. There shouldn't be a warning either.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,OptionalPermissionsFileAccess)133 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, OptionalPermissionsFileAccess) {
134 // There shouldn't be a warning, so we shouldn't need to autoconfirm.
135 PermissionsRequestFunction::SetAutoConfirmForTests(false);
136 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
137
138 ExtensionPrefs* prefs = ExtensionPrefs::Get(browser()->profile());
139
140 EXPECT_TRUE(
141 RunExtensionTestNoFileAccess("permissions/file_access_no")) << message_;
142 EXPECT_FALSE(prefs->AllowFileAccess("dgloelfbnddbdacakahpogklfdcccbib"));
143
144 EXPECT_TRUE(RunExtensionTest("permissions/file_access_yes")) << message_;
145 // TODO(kalman): ugh, it would be nice to test this condition, but it seems
146 // like there's somehow a race here where the prefs aren't updated in time
147 // with the "allow file access" bit, so we'll just have to trust that
148 // RunExtensionTest (unlike RunExtensionTestNoFileAccess) does indeed
149 // not set the allow file access bit. Otherwise this test doesn't mean
150 // a whole lot (i.e. file access works - but it'd better not be the case
151 // that the extension actually has file access, since that'd be the bug
152 // that this is supposed to be testing).
153 //EXPECT_TRUE(prefs->AllowFileAccess("hlonmbgfjccgolnaboonlakjckinmhmd"));
154 }
155
156 // Test requesting, querying, and removing host permissions for host
157 // permissions that are a subset of the optional permissions.
IN_PROC_BROWSER_TEST_F(ExtensionApiTest,HostSubsets)158 IN_PROC_BROWSER_TEST_F(ExtensionApiTest, HostSubsets) {
159 PermissionsRequestFunction::SetAutoConfirmForTests(true);
160 PermissionsRequestFunction::SetIgnoreUserGestureForTests(true);
161 EXPECT_TRUE(RunExtensionTest("permissions/host_subsets")) << message_;
162 }
163
164 } // namespace extensions
165