1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
6#define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
7
8#include <map>
9#include <set>
10#include <string>
11
12#include "base/callback.h"
13#include "base/memory/scoped_ptr.h"
14#include "base/pickle.h"
15#include "base/values.h"
16#include "extensions/common/permissions/permission_message.h"
17
18namespace IPC {
19class Message;
20}
21
22namespace extensions {
23
24class APIPermissionInfo;
25class ChromeAPIPermissions;
26
27// APIPermission is for handling some complex permissions. Please refer to
28// extensions::SocketPermission as an example.
29// There is one instance per permission per loaded extension.
30class APIPermission {
31 public:
32  enum ID {
33    // Error codes.
34    kInvalid = -2,
35    kUnknown = -1,
36
37    // Real permissions.
38    kActiveTab,
39    kActivityLogPrivate,
40    kAdView,
41    kAlarms,
42    kAlwaysOnTopWindows,
43    kAppCurrentWindowInternal,
44    kAppRuntime,
45    kAppWindow,
46    kAudio,
47    kAudioCapture,
48    kAutoTestPrivate,
49    kBackground,
50    kBluetooth,
51    kBookmark,
52    kBookmarkManagerPrivate,
53    kBrailleDisplayPrivate,
54    kBrowsingData,
55    kCast,
56    kCastStreaming,
57    kChromeosInfoPrivate,
58    kClipboardRead,
59    kClipboardWrite,
60    kCloudPrintPrivate,
61    kCommandLinePrivate,
62    kContentSettings,
63    kContextMenus,
64    kCookie,
65    kDiagnostics,
66    kDial,
67    kDebugger,
68    kDeclarative,
69    kDeclarativeContent,
70    kDeclarativeWebRequest,
71    kDesktopCapture,
72    kDeveloperPrivate,
73    kDevtools,
74    kDns,
75    kDownloads,
76    kDownloadsInternal,
77    kDownloadsOpen,
78    kDownloadsShelf,
79    kEchoPrivate,
80    kEnterprisePlatformKeysPrivate,
81    kExperimental,
82    kFeedbackPrivate,
83    kFileBrowserHandler,
84    kFileBrowserHandlerInternal,
85    kFileBrowserPrivate,
86    kFileSystem,
87    kFileSystemDirectory,
88    kFileSystemProvider,
89    kFileSystemRetainEntries,
90    kFileSystemWrite,
91    kFileSystemWriteDirectory,
92    kFontSettings,
93    kFullscreen,
94    kGcm,
95    kGeolocation,
96    kHistory,
97    kHomepage,
98    kIdentity,
99    kIdentityPrivate,
100    kIdltest,
101    kIdle,
102    kInfobars,
103    kInput,
104    kInputMethodPrivate,
105    kLocation,
106    kLogPrivate,
107    kManagement,
108    kMediaGalleries,
109    kMediaGalleriesPrivate,
110    kMediaPlayerPrivate,
111    kMetricsPrivate,
112    kMDns,
113    kMusicManagerPrivate,
114    kNativeMessaging,
115    kNetworkingPrivate,
116    kNotification,
117    kOverrideEscFullscreen,
118    kPageCapture,
119    kPointerLock,
120    kPlugin,
121    kPower,
122    kPreferencesPrivate,
123    kPrincipalsPrivate,
124    kPrivacy,
125    kProcesses,
126    kProxy,
127    kPushMessaging,
128    kImageWriterPrivate,
129    kRtcPrivate,
130    kSearchProvider,
131    kSerial,
132    kSessions,
133    kSignedInDevices,
134    kSocket,
135    kStartupPages,
136    kStorage,
137    kStreamsPrivate,
138    kSyncFileSystem,
139    kSystemPrivate,
140    kSystemIndicator,
141    kSystemDisplay,
142    kSystemStorage,
143    kTab,
144    kTabCapture,
145    kTabCaptureForTab,
146    kTerminalPrivate,
147    kTopSites,
148    kTts,
149    kTtsEngine,
150    kUnlimitedStorage,
151    kUsb,
152    kUsbDevice,
153    kVideoCapture,
154    kVirtualKeyboardPrivate,
155    kWallpaper,
156    kWallpaperPrivate,
157    kWebConnectable,  // for externally_connectable manifest key
158    kWebNavigation,
159    kWebRequest,
160    kWebRequestBlocking,
161    kWebRequestInternal,
162    kWebrtcAudioPrivate,
163    kWebrtcLoggingPrivate,
164    kWebstorePrivate,
165    kWebView,
166    kScreenlockPrivate,
167    kSystemCpu,
168    kSystemMemory,
169    kSystemNetwork,
170    kSystemInfoCpu,
171    kSystemInfoMemory,
172    kFirstRunPrivate,
173    kEnumBoundary
174  };
175
176  struct CheckParam {
177  };
178
179  explicit APIPermission(const APIPermissionInfo* info);
180
181  virtual ~APIPermission();
182
183  // Returns the id of this permission.
184  ID id() const;
185
186  // Returns the name of this permission.
187  const char* name() const;
188
189  // Returns the APIPermission of this permission.
190  const APIPermissionInfo* info() const {
191    return info_;
192  }
193
194  // Returns true if this permission has any PermissionMessages.
195  virtual bool HasMessages() const = 0;
196
197  // Returns the localized permission messages of this permission.
198  virtual PermissionMessages GetMessages() const = 0;
199
200  // Returns true if the given permission is allowed.
201  virtual bool Check(const CheckParam* param) const = 0;
202
203  // Returns true if |rhs| is a subset of this.
204  virtual bool Contains(const APIPermission* rhs) const = 0;
205
206  // Returns true if |rhs| is equal to this.
207  virtual bool Equal(const APIPermission* rhs) const = 0;
208
209  // Parses the APIPermission from |value|. Returns false if error happens.
210  virtual bool FromValue(const base::Value* value) = 0;
211
212  // Stores this into a new created |value|.
213  virtual scoped_ptr<base::Value> ToValue() const = 0;
214
215  // Clones this.
216  virtual APIPermission* Clone() const = 0;
217
218  // Returns a new API permission which equals this - |rhs|.
219  virtual APIPermission* Diff(const APIPermission* rhs) const = 0;
220
221  // Returns a new API permission which equals the union of this and |rhs|.
222  virtual APIPermission* Union(const APIPermission* rhs) const = 0;
223
224  // Returns a new API permission which equals the intersect of this and |rhs|.
225  virtual APIPermission* Intersect(const APIPermission* rhs) const = 0;
226
227  // IPC functions
228  // Writes this into the given IPC message |m|.
229  virtual void Write(IPC::Message* m) const = 0;
230
231  // Reads from the given IPC message |m|.
232  virtual bool Read(const IPC::Message* m, PickleIterator* iter) = 0;
233
234  // Logs this permission.
235  virtual void Log(std::string* log) const = 0;
236
237 protected:
238  // Returns the localized permission message associated with this api.
239  // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows.
240  PermissionMessage GetMessage_() const;
241
242 private:
243  const APIPermissionInfo* const info_;
244};
245
246
247// The APIPermissionInfo is an immutable class that describes a single
248// named permission (API permission).
249// There is one instance per permission.
250class APIPermissionInfo {
251 public:
252  enum Flag {
253    kFlagNone = 0,
254
255    // Indicates if the permission implies full access (native code).
256    kFlagImpliesFullAccess = 1 << 0,
257
258    // Indicates if the permission implies full URL access.
259    kFlagImpliesFullURLAccess = 1 << 1,
260
261    // Indicates that extensions cannot specify the permission as optional.
262    kFlagCannotBeOptional = 1 << 3,
263
264    // Indicates that the permission is internal to the extensions
265    // system and cannot be specified in the "permissions" list.
266    kFlagInternal = 1 << 4,
267  };
268
269  typedef APIPermission* (*APIPermissionConstructor)(const APIPermissionInfo*);
270
271  typedef std::set<APIPermission::ID> IDSet;
272
273  ~APIPermissionInfo();
274
275  // Creates a APIPermission instance.
276  APIPermission* CreateAPIPermission() const;
277
278  int flags() const { return flags_; }
279
280  APIPermission::ID id() const { return id_; }
281
282  // Returns the message id associated with this permission.
283  PermissionMessage::ID message_id() const {
284    return message_id_;
285  }
286
287  // Returns the name of this permission.
288  const char* name() const { return name_; }
289
290  // Returns true if this permission implies full access (e.g., native code).
291  bool implies_full_access() const {
292    return (flags_ & kFlagImpliesFullAccess) != 0;
293  }
294
295  // Returns true if this permission implies full URL access.
296  bool implies_full_url_access() const {
297    return (flags_ & kFlagImpliesFullURLAccess) != 0;
298  }
299
300  // Returns true if this permission can be added and removed via the
301  // optional permissions extension API.
302  bool supports_optional() const {
303    return (flags_ & kFlagCannotBeOptional) == 0;
304  }
305
306  // Returns true if this permission is internal rather than a
307  // "permissions" list entry.
308  bool is_internal() const {
309    return (flags_ & kFlagInternal) != 0;
310  }
311
312 private:
313  // Instances should only be constructed from within a
314  // PermissionsInfo::Delegate.
315  friend class ChromeAPIPermissions;
316  // Implementations of APIPermission will want to get the permission message,
317  // but this class's implementation should be hidden from everyone else.
318  friend class APIPermission;
319
320  explicit APIPermissionInfo(
321      APIPermission::ID id,
322      const char* name,
323      int l10n_message_id,
324      PermissionMessage::ID message_id,
325      int flags,
326      APIPermissionConstructor api_permission_constructor);
327
328  // Returns the localized permission message associated with this api.
329  // Use GetMessage_ to avoid name conflict with macro GetMessage on Windows.
330  PermissionMessage GetMessage_() const;
331
332  const APIPermission::ID id_;
333  const char* const name_;
334  const int flags_;
335  const int l10n_message_id_;
336  const PermissionMessage::ID message_id_;
337  const APIPermissionConstructor api_permission_constructor_;
338};
339
340}  // namespace extensions
341
342#endif  // EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_H_
343