1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/common/extensions/permissions/chrome_api_permissions.h" 6 7 #include "chrome/grit/generated_resources.h" 8 #include "extensions/common/permissions/api_permission.h" 9 #include "extensions/common/permissions/api_permission_set.h" 10 #include "extensions/common/permissions/media_galleries_permission.h" 11 #include "extensions/common/permissions/permission_message.h" 12 #include "extensions/common/permissions/permissions_info.h" 13 #include "extensions/strings/grit/extensions_strings.h" 14 15 namespace extensions { 16 17 namespace { 18 19 const char kOldUnlimitedStoragePermission[] = "unlimited_storage"; 20 const char kWindowsPermission[] = "windows"; 21 22 template<typename T> APIPermission* CreateAPIPermission( 23 const APIPermissionInfo* permission) { 24 return new T(permission); 25 } 26 27 } // namespace 28 29 std::vector<APIPermissionInfo*> ChromeAPIPermissions::GetAllPermissions() 30 const { 31 APIPermissionInfo::InitInfo permissions_to_register[] = { 32 // Register permissions for all extension types. 33 {APIPermission::kAppView, "appview", 34 APIPermissionInfo::kFlagCannotBeOptional}, 35 {APIPermission::kBackground, "background"}, 36 {APIPermission::kClipboardRead, "clipboardRead", 37 APIPermissionInfo::kFlagNone, IDS_EXTENSION_PROMPT_WARNING_CLIPBOARD, 38 PermissionMessage::kClipboard}, 39 {APIPermission::kClipboardWrite, "clipboardWrite"}, 40 {APIPermission::kDeclarativeContent, "declarativeContent"}, 41 {APIPermission::kDeclarativeWebRequest, "declarativeWebRequest", 42 APIPermissionInfo::kFlagNone, 43 IDS_EXTENSION_PROMPT_WARNING_DECLARATIVE_WEB_REQUEST, 44 PermissionMessage::kDeclarativeWebRequest}, 45 {APIPermission::kDesktopCapture, "desktopCapture", 46 APIPermissionInfo::kFlagNone, 47 IDS_EXTENSION_PROMPT_WARNING_DESKTOP_CAPTURE, 48 PermissionMessage::kDesktopCapture}, 49 {APIPermission::kDownloads, "downloads", APIPermissionInfo::kFlagNone, 50 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS, PermissionMessage::kDownloads}, 51 {APIPermission::kDownloadsOpen, "downloads.open", 52 APIPermissionInfo::kFlagNone, 53 IDS_EXTENSION_PROMPT_WARNING_DOWNLOADS_OPEN, 54 PermissionMessage::kDownloadsOpen}, 55 {APIPermission::kDownloadsShelf, "downloads.shelf"}, 56 {APIPermission::kEasyUnlockPrivate, "easyUnlockPrivate"}, 57 {APIPermission::kIdentity, "identity"}, 58 {APIPermission::kIdentityEmail, "identity.email", 59 APIPermissionInfo::kFlagNone, 60 IDS_EXTENSION_PROMPT_WARNING_IDENTITY_EMAIL, 61 PermissionMessage::kIdentityEmail}, 62 {APIPermission::kExperimental, "experimental", 63 APIPermissionInfo::kFlagCannotBeOptional}, 64 {APIPermission::kEmbeddedExtensionOptions, "embeddedExtensionOptions", 65 APIPermissionInfo::kFlagCannotBeOptional}, 66 {APIPermission::kGeolocation, "geolocation", 67 APIPermissionInfo::kFlagCannotBeOptional, 68 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION, 69 PermissionMessage::kGeolocation}, 70 {APIPermission::kNotifications, "notifications"}, 71 {APIPermission::kUnlimitedStorage, "unlimitedStorage", 72 APIPermissionInfo::kFlagCannotBeOptional}, 73 {APIPermission::kGcdPrivate, "gcdPrivate"}, 74 {APIPermission::kGcm, "gcm"}, 75 {APIPermission::kNotificationProvider, "notificationProvider"}, 76 77 // Register extension permissions. 78 {APIPermission::kAccessibilityFeaturesModify, 79 "accessibilityFeatures.modify", APIPermissionInfo::kFlagNone, 80 IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_MODIFY, 81 PermissionMessage::kAccessibilityFeaturesModify}, 82 {APIPermission::kAccessibilityFeaturesRead, "accessibilityFeatures.read", 83 APIPermissionInfo::kFlagNone, 84 IDS_EXTENSION_PROMPT_WARNING_ACCESSIBILITY_FEATURES_READ, 85 PermissionMessage::kAccessibilityFeaturesRead}, 86 {APIPermission::kAccessibilityPrivate, "accessibilityPrivate", 87 APIPermissionInfo::kFlagCannotBeOptional}, 88 {APIPermission::kActiveTab, "activeTab"}, 89 {APIPermission::kAlarms, "alarms"}, 90 {APIPermission::kBookmark, "bookmarks", APIPermissionInfo::kFlagNone, 91 IDS_EXTENSION_PROMPT_WARNING_BOOKMARKS, PermissionMessage::kBookmarks}, 92 {APIPermission::kBrailleDisplayPrivate, "brailleDisplayPrivate", 93 APIPermissionInfo::kFlagCannotBeOptional}, 94 {APIPermission::kBrowsingData, "browsingData"}, 95 {APIPermission::kContentSettings, "contentSettings", 96 APIPermissionInfo::kFlagNone, 97 IDS_EXTENSION_PROMPT_WARNING_CONTENT_SETTINGS, 98 PermissionMessage::kContentSettings}, 99 {APIPermission::kContextMenus, "contextMenus"}, 100 {APIPermission::kCookie, "cookies"}, 101 {APIPermission::kCopresence, "copresence", APIPermissionInfo::kFlagNone, 102 IDS_EXTENSION_PROMPT_WARNING_COPRESENCE, PermissionMessage::kCopresence}, 103 {APIPermission::kCopresencePrivate, "copresencePrivate"}, 104 {APIPermission::kEnterprisePlatformKeys, "enterprise.platformKeys"}, 105 {APIPermission::kFileBrowserHandler, "fileBrowserHandler", 106 APIPermissionInfo::kFlagCannotBeOptional}, 107 {APIPermission::kFontSettings, "fontSettings", 108 APIPermissionInfo::kFlagCannotBeOptional}, 109 {APIPermission::kHistory, "history", APIPermissionInfo::kFlagNone, 110 IDS_EXTENSION_PROMPT_WARNING_HISTORY_WRITE, 111 PermissionMessage::kBrowsingHistory}, 112 {APIPermission::kIdltest, "idltest"}, 113 {APIPermission::kIdle, "idle"}, 114 {APIPermission::kInfobars, "infobars"}, 115 {APIPermission::kInput, "input", APIPermissionInfo::kFlagNone, 116 IDS_EXTENSION_PROMPT_WARNING_INPUT, PermissionMessage::kInput}, 117 {APIPermission::kLocation, "location", 118 APIPermissionInfo::kFlagCannotBeOptional, 119 IDS_EXTENSION_PROMPT_WARNING_GEOLOCATION, 120 PermissionMessage::kGeolocation}, 121 {APIPermission::kManagement, "management", APIPermissionInfo::kFlagNone, 122 IDS_EXTENSION_PROMPT_WARNING_MANAGEMENT, PermissionMessage::kManagement}, 123 {APIPermission::kNativeMessaging, "nativeMessaging", 124 APIPermissionInfo::kFlagNone, 125 IDS_EXTENSION_PROMPT_WARNING_NATIVE_MESSAGING, 126 PermissionMessage::kNativeMessaging}, 127 {APIPermission::kPrivacy, "privacy", APIPermissionInfo::kFlagNone, 128 IDS_EXTENSION_PROMPT_WARNING_PRIVACY, PermissionMessage::kPrivacy}, 129 {APIPermission::kProcesses, "processes", APIPermissionInfo::kFlagNone, 130 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, PermissionMessage::kTabs}, 131 {APIPermission::kSessions, "sessions"}, 132 {APIPermission::kSignedInDevices, "signedInDevices", 133 APIPermissionInfo::kFlagNone, 134 IDS_EXTENSION_PROMPT_WARNING_SIGNED_IN_DEVICES, 135 PermissionMessage::kSignedInDevices}, 136 {APIPermission::kSyncFileSystem, "syncFileSystem", 137 APIPermissionInfo::kFlagNone, 138 IDS_EXTENSION_PROMPT_WARNING_SYNCFILESYSTEM, 139 PermissionMessage::kSyncFileSystem}, 140 {APIPermission::kTab, "tabs", APIPermissionInfo::kFlagNone, 141 IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, PermissionMessage::kTabs}, 142 {APIPermission::kTopSites, "topSites", APIPermissionInfo::kFlagNone, 143 IDS_EXTENSION_PROMPT_WARNING_TOPSITES, PermissionMessage::kTopSites}, 144 {APIPermission::kTts, "tts", 0, APIPermissionInfo::kFlagCannotBeOptional}, 145 {APIPermission::kTtsEngine, "ttsEngine", 146 APIPermissionInfo::kFlagCannotBeOptional, 147 IDS_EXTENSION_PROMPT_WARNING_TTS_ENGINE, PermissionMessage::kTtsEngine}, 148 {APIPermission::kWallpaper, "wallpaper", 149 APIPermissionInfo::kFlagCannotBeOptional, 150 IDS_EXTENSION_PROMPT_WARNING_WALLPAPER, PermissionMessage::kWallpaper}, 151 {APIPermission::kWebNavigation, "webNavigation", 152 APIPermissionInfo::kFlagNone, IDS_EXTENSION_PROMPT_WARNING_HISTORY_READ, 153 PermissionMessage::kTabs}, 154 {APIPermission::kWebRequest, "webRequest"}, 155 {APIPermission::kWebRequestBlocking, "webRequestBlocking"}, 156 157 // Register private permissions. 158 {APIPermission::kScreenlockPrivate, "screenlockPrivate", 159 APIPermissionInfo::kFlagCannotBeOptional, 160 IDS_EXTENSION_PROMPT_WARNING_SCREENLOCK_PRIVATE, 161 PermissionMessage::kScreenlockPrivate}, 162 {APIPermission::kActivityLogPrivate, "activityLogPrivate", 163 APIPermissionInfo::kFlagCannotBeOptional, 164 IDS_EXTENSION_PROMPT_WARNING_ACTIVITY_LOG_PRIVATE, 165 PermissionMessage::kActivityLogPrivate}, 166 {APIPermission::kAutoTestPrivate, "autotestPrivate", 167 APIPermissionInfo::kFlagCannotBeOptional}, 168 {APIPermission::kBookmarkManagerPrivate, "bookmarkManagerPrivate", 169 APIPermissionInfo::kFlagCannotBeOptional}, 170 {APIPermission::kCast, "cast", APIPermissionInfo::kFlagCannotBeOptional}, 171 {APIPermission::kChromeosInfoPrivate, "chromeosInfoPrivate", 172 APIPermissionInfo::kFlagCannotBeOptional}, 173 {APIPermission::kCommandsAccessibility, "commands.accessibility", 174 APIPermissionInfo::kFlagCannotBeOptional}, 175 {APIPermission::kCommandLinePrivate, "commandLinePrivate", 176 APIPermissionInfo::kFlagCannotBeOptional}, 177 {APIPermission::kDeveloperPrivate, "developerPrivate", 178 APIPermissionInfo::kFlagCannotBeOptional}, 179 {APIPermission::kDiagnostics, "diagnostics", 180 APIPermissionInfo::kFlagCannotBeOptional}, 181 {APIPermission::kDial, "dial", APIPermissionInfo::kFlagCannotBeOptional}, 182 {APIPermission::kDownloadsInternal, "downloadsInternal"}, 183 {APIPermission::kExperienceSamplingPrivate, "experienceSamplingPrivate", 184 APIPermissionInfo::kFlagCannotBeOptional, 185 IDS_EXTENSION_PROMPT_WARNING_EXPERIENCE_SAMPLING_PRIVATE, 186 PermissionMessage::kExperienceSamplingPrivate}, 187 {APIPermission::kFileBrowserHandlerInternal, "fileBrowserHandlerInternal", 188 APIPermissionInfo::kFlagCannotBeOptional}, 189 {APIPermission::kFileManagerPrivate, "fileManagerPrivate", 190 APIPermissionInfo::kFlagCannotBeOptional}, 191 {APIPermission::kHotwordPrivate, "hotwordPrivate", 192 APIPermissionInfo::kFlagCannotBeOptional}, 193 {APIPermission::kIdentityPrivate, "identityPrivate", 194 APIPermissionInfo::kFlagCannotBeOptional}, 195 {APIPermission::kLogPrivate, "logPrivate", 196 APIPermissionInfo::kFlagCannotBeOptional}, 197 {APIPermission::kWebcamPrivate, "webcamPrivate"}, 198 {APIPermission::kNetworkingPrivate, "networkingPrivate", 199 APIPermissionInfo::kFlagCannotBeOptional, 200 IDS_EXTENSION_PROMPT_WARNING_NETWORKING_PRIVATE, 201 PermissionMessage::kNetworkingPrivate}, 202 {APIPermission::kMediaPlayerPrivate, "mediaPlayerPrivate", 203 APIPermissionInfo::kFlagCannotBeOptional}, 204 {APIPermission::kMetricsPrivate, "metricsPrivate", 205 APIPermissionInfo::kFlagCannotBeOptional}, 206 {APIPermission::kMDns, "mdns", APIPermissionInfo::kFlagCannotBeOptional}, 207 {APIPermission::kMusicManagerPrivate, "musicManagerPrivate", 208 APIPermissionInfo::kFlagCannotBeOptional, 209 IDS_EXTENSION_PROMPT_WARNING_MUSIC_MANAGER_PRIVATE, 210 PermissionMessage::kMusicManagerPrivate}, 211 {APIPermission::kPreferencesPrivate, "preferencesPrivate", 212 APIPermissionInfo::kFlagCannotBeOptional}, 213 {APIPermission::kSystemPrivate, "systemPrivate", 214 APIPermissionInfo::kFlagCannotBeOptional}, 215 {APIPermission::kCloudPrintPrivate, "cloudPrintPrivate", 216 APIPermissionInfo::kFlagCannotBeOptional}, 217 {APIPermission::kInputMethodPrivate, "inputMethodPrivate", 218 APIPermissionInfo::kFlagCannotBeOptional}, 219 {APIPermission::kEchoPrivate, "echoPrivate", 220 APIPermissionInfo::kFlagCannotBeOptional}, 221 {APIPermission::kFeedbackPrivate, "feedbackPrivate", 222 APIPermissionInfo::kFlagCannotBeOptional}, 223 {APIPermission::kImageWriterPrivate, "imageWriterPrivate", 224 APIPermissionInfo::kFlagCannotBeOptional}, 225 {APIPermission::kReadingListPrivate, "readingListPrivate", 226 APIPermissionInfo::kFlagCannotBeOptional}, 227 {APIPermission::kRtcPrivate, "rtcPrivate", 228 APIPermissionInfo::kFlagCannotBeOptional}, 229 {APIPermission::kSyncedNotificationsPrivate, 230 "syncedNotificationsPrivate"}, 231 {APIPermission::kTerminalPrivate, "terminalPrivate", 232 APIPermissionInfo::kFlagCannotBeOptional}, 233 {APIPermission::kVirtualKeyboardPrivate, "virtualKeyboardPrivate", 234 APIPermissionInfo::kFlagCannotBeOptional}, 235 {APIPermission::kWallpaperPrivate, "wallpaperPrivate", 236 APIPermissionInfo::kFlagCannotBeOptional}, 237 {APIPermission::kWebstorePrivate, "webstorePrivate", 238 APIPermissionInfo::kFlagCannotBeOptional}, 239 {APIPermission::kMediaGalleriesPrivate, "mediaGalleriesPrivate", 240 APIPermissionInfo::kFlagCannotBeOptional}, 241 {APIPermission::kStreamsPrivate, "streamsPrivate", 242 APIPermissionInfo::kFlagCannotBeOptional}, 243 {APIPermission::kEnterprisePlatformKeysPrivate, 244 "enterprise.platformKeysPrivate", 245 APIPermissionInfo::kFlagCannotBeOptional}, 246 {APIPermission::kWebrtcAudioPrivate, "webrtcAudioPrivate", 247 APIPermissionInfo::kFlagCannotBeOptional}, 248 {APIPermission::kWebrtcLoggingPrivate, "webrtcLoggingPrivate", 249 APIPermissionInfo::kFlagCannotBeOptional}, 250 {APIPermission::kPrincipalsPrivate, "principalsPrivate", 251 APIPermissionInfo::kFlagCannotBeOptional}, 252 {APIPermission::kFirstRunPrivate, "firstRunPrivate", 253 APIPermissionInfo::kFlagCannotBeOptional}, 254 {APIPermission::kBluetoothPrivate, "bluetoothPrivate", 255 APIPermissionInfo::kFlagCannotBeOptional, 256 IDS_EXTENSION_PROMPT_WARNING_BLUETOOTH_PRIVATE, 257 PermissionMessage::kBluetoothPrivate}, 258 259 // Full url access permissions. 260 {APIPermission::kDebugger, "debugger", 261 APIPermissionInfo::kFlagImpliesFullURLAccess | 262 APIPermissionInfo::kFlagCannotBeOptional, 263 IDS_EXTENSION_PROMPT_WARNING_DEBUGGER, PermissionMessage::kDebugger}, 264 {APIPermission::kDevtools, "devtools", 265 APIPermissionInfo::kFlagImpliesFullURLAccess | 266 APIPermissionInfo::kFlagCannotBeOptional | 267 APIPermissionInfo::kFlagInternal}, 268 {APIPermission::kPageCapture, "pageCapture", 269 APIPermissionInfo::kFlagImpliesFullURLAccess}, 270 {APIPermission::kTabCapture, "tabCapture", 271 APIPermissionInfo::kFlagImpliesFullURLAccess}, 272 {APIPermission::kTabCaptureForTab, "tabCaptureForTab", 273 APIPermissionInfo::kFlagInternal}, 274 {APIPermission::kPlugin, "plugin", 275 APIPermissionInfo::kFlagImpliesFullURLAccess | 276 APIPermissionInfo::kFlagImpliesFullAccess | 277 APIPermissionInfo::kFlagCannotBeOptional | 278 APIPermissionInfo::kFlagInternal, 279 IDS_EXTENSION_PROMPT_WARNING_FULL_ACCESS, 280 PermissionMessage::kFullAccess}, 281 {APIPermission::kProxy, "proxy", 282 APIPermissionInfo::kFlagImpliesFullURLAccess | 283 APIPermissionInfo::kFlagCannotBeOptional}, 284 285 // Platform-app permissions. 286 287 // The permission string for "fileSystem" is only shown when 288 // "write" or "directory" is present. Read-only access is only 289 // granted after the user has been shown a file or directory 290 // chooser dialog and selected a file or directory. Selecting 291 // the file or directory is considered consent to read it. 292 {APIPermission::kFileSystem, "fileSystem"}, 293 {APIPermission::kFileSystemDirectory, "fileSystem.directory", 294 APIPermissionInfo::kFlagNone, 295 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_DIRECTORY, 296 PermissionMessage::kFileSystemDirectory}, 297 {APIPermission::kFileSystemProvider, "fileSystemProvider"}, 298 {APIPermission::kFileSystemRetainEntries, "fileSystem.retainEntries"}, 299 {APIPermission::kFileSystemWrite, "fileSystem.write"}, 300 {APIPermission::kFileSystemWriteDirectory, "fileSystem.writeDirectory", 301 APIPermissionInfo::kFlagNone, 302 IDS_EXTENSION_PROMPT_WARNING_FILE_SYSTEM_WRITE_DIRECTORY, 303 PermissionMessage::kFileSystemWriteDirectory}, 304 // Because warning messages for the "mediaGalleries" permission 305 // vary based on the permissions parameters, no message ID or 306 // message text is specified here. The message ID and text used 307 // will be determined at run-time in the 308 // |MediaGalleriesPermission| class. 309 {APIPermission::kMediaGalleries, "mediaGalleries", 310 APIPermissionInfo::kFlagNone, 0, PermissionMessage::kNone, 311 &CreateAPIPermission<MediaGalleriesPermission>}, 312 {APIPermission::kPushMessaging, "pushMessaging", 313 APIPermissionInfo::kFlagCannotBeOptional}, 314 {APIPermission::kPointerLock, "pointerLock"}, 315 {APIPermission::kAudio, "audio"}, 316 {APIPermission::kCastStreaming, "cast.streaming"}, 317 {APIPermission::kBrowser, "browser"}, 318 319 // Settings override permissions. 320 {APIPermission::kHomepage, "homepage", 321 APIPermissionInfo::kFlagCannotBeOptional | 322 APIPermissionInfo::kFlagInternal, 323 IDS_EXTENSION_PROMPT_WARNING_HOME_PAGE_SETTING_OVERRIDE, 324 PermissionMessage::kHomepage}, 325 {APIPermission::kSearchProvider, "searchProvider", 326 APIPermissionInfo::kFlagCannotBeOptional | 327 APIPermissionInfo::kFlagInternal, 328 IDS_EXTENSION_PROMPT_WARNING_SEARCH_SETTINGS_OVERRIDE, 329 PermissionMessage::kSearchProvider}, 330 {APIPermission::kStartupPages, "startupPages", 331 APIPermissionInfo::kFlagCannotBeOptional | 332 APIPermissionInfo::kFlagInternal, 333 IDS_EXTENSION_PROMPT_WARNING_START_PAGE_SETTING_OVERRIDE, 334 PermissionMessage::kStartupPages}, 335 }; 336 337 std::vector<APIPermissionInfo*> permissions; 338 339 for (size_t i = 0; i < ARRAYSIZE_UNSAFE(permissions_to_register); ++i) 340 permissions.push_back(new APIPermissionInfo(permissions_to_register[i])); 341 return permissions; 342 } 343 344 std::vector<PermissionsProvider::AliasInfo> 345 ChromeAPIPermissions::GetAllAliases() const { 346 // Register aliases. 347 std::vector<PermissionsProvider::AliasInfo> aliases; 348 aliases.push_back(PermissionsProvider::AliasInfo( 349 "unlimitedStorage", kOldUnlimitedStoragePermission)); 350 aliases.push_back(PermissionsProvider::AliasInfo( 351 "tabs", kWindowsPermission)); 352 return aliases; 353 } 354 355 } // namespace extensions 356
