1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ 6 #define CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ 7 8 #include <map> 9 #include <set> 10 #include <string> 11 12 #include "base/callback.h" 13 #include "base/memory/scoped_ptr.h" 14 #include "base/pickle.h" 15 #include "base/values.h" 16 #include "chrome/common/extensions/permissions/permission_message.h" 17 18 namespace IPC { 19 class Message; 20 } 21 22 namespace extensions { 23 24 class APIPermissionInfo; 25 class ChromeAPIPermissions; 26 27 // APIPermission is for handling some complex permissions. Please refer to 28 // extensions::SocketPermission as an example. 29 // There is one instance per permission per loaded extension. 30 class APIPermission { 31 public: 32 enum ID { 33 // Error codes. 34 kInvalid = -2, 35 kUnknown = -1, 36 37 // Real permissions. 38 kActiveTab, 39 kActivityLogPrivate, 40 kAdView, 41 kAlarms, 42 kAppCurrentWindowInternal, 43 kAppRuntime, 44 kAppWindow, 45 kAudio, 46 kAudioCapture, 47 kAutoTestPrivate, 48 kBackground, 49 kBluetooth, 50 kBookmark, 51 kBookmarkManagerPrivate, 52 kBrowsingData, 53 kChromeosInfoPrivate, 54 kClipboardRead, 55 kClipboardWrite, 56 kCloudPrintPrivate, 57 kCommandLinePrivate, 58 kContentSettings, 59 kContextMenus, 60 kCookie, 61 kDiagnostics, 62 kDial, 63 kDebugger, 64 kDeclarative, 65 kDeclarativeContent, 66 kDeclarativeWebRequest, 67 kDeveloperPrivate, 68 kDevtools, 69 kDownloads, 70 kDownloadsInternal, 71 kDownloadsOpen, 72 kDownloadsShelf, 73 kEchoPrivate, 74 kEnterprisePlatformKeysPrivate, 75 kExperimental, 76 kFeedbackPrivate, 77 kFileBrowserHandler, 78 kFileBrowserHandlerInternal, 79 kFileBrowserPrivate, 80 kFileSystem, 81 kFileSystemRetainEntries, 82 kFileSystemWrite, 83 kFontSettings, 84 kFullscreen, 85 kGeolocation, 86 kHistory, 87 kIdentity, 88 kIdentityPrivate, 89 kIdle, 90 kInfobars, 91 kInput, 92 kInputMethodPrivate, 93 kLocation, 94 kLogPrivate, 95 kManagement, 96 kMediaGalleries, 97 kMediaGalleriesPrivate, 98 kMediaPlayerPrivate, 99 kMetricsPrivate, 100 kMusicManagerPrivate, 101 kNativeMessaging, 102 kNetworkingPrivate, 103 kNotification, 104 kPageCapture, 105 kPointerLock, 106 kPlugin, 107 kPower, 108 kPreferencesPrivate, 109 kPrivacy, 110 kProxy, 111 kPushMessaging, 112 kRecoveryPrivate, 113 kRtcPrivate, 114 kScreensaver, 115 kSerial, 116 kSessionRestore, 117 kSocket, 118 kStorage, 119 kStreamsPrivate, 120 kSyncFileSystem, 121 kSystemPrivate, 122 kSystemIndicator, 123 kSystemDisplay, 124 kSystemStorage, 125 kTab, 126 kTabCapture, 127 kTerminalPrivate, 128 kTopSites, 129 kTts, 130 kTtsEngine, 131 kUnlimitedStorage, 132 kUsb, 133 kUsbDevice, 134 kVideoCapture, 135 kWallpaperPrivate, 136 kWebConnectable, // for externally_connectable manifest key 137 kWebNavigation, 138 kWebRequest, 139 kWebRequestBlocking, 140 kWebRequestInternal, 141 kWebstorePrivate, 142 kWebView, 143 kSystemCpu, 144 kSystemMemory, 145 kSystemInfoCpu, 146 kSystemInfoMemory, 147 kEnumBoundary 148 }; 149 150 struct CheckParam { 151 }; 152 153 explicit APIPermission(const APIPermissionInfo* info); 154 155 virtual ~APIPermission(); 156 157 // Returns the id of this permission. 158 ID id() const; 159 160 // Returns the name of this permission. 161 const char* name() const; 162 163 // Returns the APIPermission of this permission. 164 const APIPermissionInfo* info() const { 165 return info_; 166 } 167 168 // Returns true if this permission cannot be found in the manifest. 169 virtual bool ManifestEntryForbidden() const; 170 171 // Returns true if this permission has any PermissionMessages. 172 virtual bool HasMessages() const = 0; 173 174 // Returns the localized permission messages of this permission. 175 virtual PermissionMessages GetMessages() const = 0; 176 177 // Returns true if the given permission is allowed. 178 virtual bool Check(const CheckParam* param) const = 0; 179 180 // Returns true if |rhs| is a subset of this. 181 virtual bool Contains(const APIPermission* rhs) const = 0; 182 183 // Returns true if |rhs| is equal to this. 184 virtual bool Equal(const APIPermission* rhs) const = 0; 185 186 // Parses the APIPermission from |value|. Returns false if error happens. 187 virtual bool FromValue(const base::Value* value) = 0; 188 189 // Stores this into a new created |value|. 190 virtual scoped_ptr<base::Value> ToValue() const = 0; 191 192 // Clones this. 193 virtual APIPermission* Clone() const = 0; 194 195 // Returns a new API permission which equals this - |rhs|. 196 virtual APIPermission* Diff(const APIPermission* rhs) const = 0; 197 198 // Returns a new API permission which equals the union of this and |rhs|. 199 virtual APIPermission* Union(const APIPermission* rhs) const = 0; 200 201 // Returns a new API permission which equals the intersect of this and |rhs|. 202 virtual APIPermission* Intersect(const APIPermission* rhs) const = 0; 203 204 // IPC functions 205 // Writes this into the given IPC message |m|. 206 virtual void Write(IPC::Message* m) const = 0; 207 208 // Reads from the given IPC message |m|. 209 virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0; 210 211 // Logs this permission. 212 virtual void Log(std::string* log) const = 0; 213 214 protected: 215 // Returns the localized permission message associated with this api. 216 // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. 217 PermissionMessage GetMessage_() const; 218 219 private: 220 const APIPermissionInfo* const info_; 221 }; 222 223 224 // The APIPermissionInfo is an immutable class that describes a single 225 // named permission (API permission). 226 // There is one instance per permission. 227 class APIPermissionInfo { 228 public: 229 enum Flag { 230 kFlagNone = 0, 231 232 // Indicates if the permission implies full access (native code). 233 kFlagImpliesFullAccess = 1 << 0, 234 235 // Indicates if the permission implies full URL access. 236 kFlagImpliesFullURLAccess = 1 << 1, 237 238 // Indicates that extensions cannot specify the permission as optional. 239 kFlagCannotBeOptional = 1 << 3, 240 241 // Indicates that the permission is internal to the extensions 242 // system and cannot be specified in the "permissions" list. 243 kFlagInternal = 1 << 4, 244 }; 245 246 typedef APIPermission* (*APIPermissionConstructor)(const APIPermissionInfo*); 247 248 typedef std::set<APIPermission::ID> IDSet; 249 250 ~APIPermissionInfo(); 251 252 // Creates a APIPermission instance. 253 APIPermission* CreateAPIPermission() const; 254 255 int flags() const { return flags_; } 256 257 APIPermission::ID id() const { return id_; } 258 259 // Returns the message id associated with this permission. 260 PermissionMessage::ID message_id() const { 261 return message_id_; 262 } 263 264 // Returns the name of this permission. 265 const char* name() const { return name_; } 266 267 // Returns true if this permission implies full access (e.g., native code). 268 bool implies_full_access() const { 269 return (flags_ & kFlagImpliesFullAccess) != 0; 270 } 271 272 // Returns true if this permission implies full URL access. 273 bool implies_full_url_access() const { 274 return (flags_ & kFlagImpliesFullURLAccess) != 0; 275 } 276 277 // Returns true if this permission can be added and removed via the 278 // optional permissions extension API. 279 bool supports_optional() const { 280 return (flags_ & kFlagCannotBeOptional) == 0; 281 } 282 283 // Returns true if this permission is internal rather than a 284 // "permissions" list entry. 285 bool is_internal() const { 286 return (flags_ & kFlagInternal) != 0; 287 } 288 289 private: 290 // Instances should only be constructed from within a 291 // PermissionsInfo::Delegate. 292 friend class ChromeAPIPermissions; 293 // Implementations of APIPermission will want to get the permission message, 294 // but this class's implementation should be hidden from everyone else. 295 friend class APIPermission; 296 297 explicit APIPermissionInfo( 298 APIPermission::ID id, 299 const char* name, 300 int l10n_message_id, 301 PermissionMessage::ID message_id, 302 int flags, 303 APIPermissionConstructor api_permission_constructor); 304 305 // Returns the localized permission message associated with this api. 306 // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows. 307 PermissionMessage GetMessage_() const; 308 309 const APIPermission::ID id_; 310 const char* const name_; 311 const int flags_; 312 const int l10n_message_id_; 313 const PermissionMessage::ID message_id_; 314 const APIPermissionConstructor api_permission_constructor_; 315 }; 316 317 } // namespace extensions 318 319 #endif // CHROME_COMMON_EXTENSIONS_PERMISSIONS_API_PERMISSION_H_ 320