1 // Copyright 2017 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/chromeos/extensions/permissions_updater_delegate_chromeos.h"
6
7 #include <string>
8
9 #include "base/files/file_path.h"
10 #include "base/values.h"
11 #include "chromeos/login/login_state/login_state.h"
12 #include "chromeos/login/login_state/scoped_test_public_session_login_state.h"
13 #include "extensions/common/extension.h"
14 #include "extensions/common/extension_builder.h"
15 #include "extensions/common/manifest.h"
16 #include "extensions/common/manifest_constants.h"
17 #include "extensions/common/permissions/api_permission.h"
18 #include "extensions/common/permissions/api_permission_set.h"
19 #include "extensions/common/permissions/manifest_permission_set.h"
20 #include "extensions/common/permissions/mock_manifest_permission.h"
21 #include "extensions/common/permissions/permission_set.h"
22 #include "extensions/common/url_pattern.h"
23 #include "extensions/common/url_pattern_set.h"
24 #include "testing/gtest/include/gtest/gtest.h"
25
26 namespace extensions {
27
28 namespace {
29
30 const char kWhitelistedId[] = "cbkkbcmdlboombapidmoeolnmdacpkch";
31 const char kBogusId[] = "bogus";
32
CreateExtension(const std::string & id)33 scoped_refptr<const Extension> CreateExtension(const std::string& id) {
34 return ExtensionBuilder("test")
35 .SetLocation(Manifest::INTERNAL)
36 .SetID(id)
37 .Build();
38 }
39
CreatePermissions(bool include_clipboard=true)40 std::unique_ptr<const PermissionSet> CreatePermissions(
41 bool include_clipboard = true) {
42 APIPermissionSet apis;
43 apis.insert(APIPermission::kAudio);
44 apis.insert(APIPermission::kFullscreen);
45 if (include_clipboard)
46 apis.insert(APIPermission::kClipboardRead);
47 ManifestPermissionSet manifest;
48 manifest.insert(std::make_unique<MockManifestPermission>("author"));
49 manifest.insert(std::make_unique<MockManifestPermission>("background"));
50 URLPatternSet explicit_hosts({
51 URLPattern(URLPattern::SCHEME_ALL, "http://www.google.com/*"),
52 URLPattern(URLPattern::SCHEME_ALL, "<all_urls>")});
53 URLPatternSet scriptable_hosts({
54 URLPattern(URLPattern::SCHEME_ALL, "http://www.wikipedia.com/*")});
55 auto permissions = std::make_unique<const PermissionSet>(
56 std::move(apis), std::move(manifest), std::move(explicit_hosts),
57 std::move(scriptable_hosts));
58 return permissions;
59 }
60
61 } // namespace
62
TEST(PermissionsUpdaterDelegateChromeOSTest,NoFilteringOutsidePublicSession)63 TEST(PermissionsUpdaterDelegateChromeOSTest, NoFilteringOutsidePublicSession) {
64 PermissionsUpdaterDelegateChromeOS delegate;
65 ASSERT_FALSE(chromeos::LoginState::IsInitialized());
66
67 // Whitelisted extension outside PS, nothing filtered.
68 auto extension = CreateExtension(kWhitelistedId);
69 auto granted_permissions = CreatePermissions();
70 delegate.InitializePermissions(extension.get(), &granted_permissions);
71 EXPECT_EQ(*CreatePermissions(), *granted_permissions);
72
73 // Bogus extension ID (never whitelisted) outside PS, nothing filtered.
74 extension = CreateExtension(kBogusId);
75 granted_permissions = CreatePermissions();
76 delegate.InitializePermissions(extension.get(), &granted_permissions);
77 EXPECT_EQ(*CreatePermissions(), *granted_permissions);
78 }
79
TEST(PermissionsUpdaterDelegateChromeOSTest,FilterNonWhitelistedInsidePublicSession)80 TEST(PermissionsUpdaterDelegateChromeOSTest,
81 FilterNonWhitelistedInsidePublicSession) {
82 chromeos::ScopedTestPublicSessionLoginState login_state;
83 PermissionsUpdaterDelegateChromeOS delegate;
84
85 // Whitelisted extension, nothing gets filtered.
86 auto extension = CreateExtension(kWhitelistedId);
87 auto granted_permissions = CreatePermissions();
88 delegate.InitializePermissions(extension.get(), &granted_permissions);
89 EXPECT_EQ(*CreatePermissions(), *granted_permissions);
90
91 // Bogus extension ID (never whitelisted), ClipboardRead filtered out,
92 // everything else stays.
93 extension = CreateExtension(kBogusId);
94 granted_permissions = CreatePermissions();
95 delegate.InitializePermissions(extension.get(), &granted_permissions);
96 EXPECT_EQ(*CreatePermissions(false), *granted_permissions);
97 }
98
99 } // namespace extensions
100