// Copyright 2021 The Chromium Authors // Use of this source code is governed by a BSD-style license that can be // found in the LICENSE file. #include "extensions/browser/permissions_manager.h" #include <memory> #include "base/check.h" #include "base/containers/contains.h" #include "base/feature_list.h" #include "base/no_destructor.h" #include "base/observer_list.h" #include "base/ranges/algorithm.h" #include "base/values.h" #include "components/keyed_service/content/browser_context_dependency_manager.h" #include "components/keyed_service/content/browser_context_keyed_service_factory.h" #include "components/pref_registry/pref_registry_syncable.h" #include "components/prefs/pref_service.h" #include "components/prefs/scoped_user_pref_update.h" #include "content/public/browser/browser_context.h" #include "content/public/browser/browser_thread.h" #include "content/public/browser/render_process_host.h" #include "content/public/browser/web_contents.h" #include "extensions/browser/extension_prefs.h" #include "extensions/browser/extension_registry.h" #include "extensions/browser/extension_registry_factory.h" #include "extensions/browser/extension_util.h" #include "extensions/browser/extensions_browser_client.h" #include "extensions/browser/network_permissions_updater.h" #include "extensions/browser/pref_names.h" #include "extensions/browser/pref_types.h" #include "extensions/browser/renderer_startup_helper.h" #include "extensions/browser/site_access_requests_helper.h" #include "extensions/common/extension.h" #include "extensions/common/extension_features.h" #include "extensions/common/manifest_handlers/permissions_parser.h" #include "extensions/common/mojom/renderer.mojom.h" #include "extensions/common/permissions/permission_set.h" #include "extensions/common/permissions/permissions_data.h" namespace extensions { namespace { // Entries of `kUserPermissions` dictionary. const char kRestrictedSites[] = …; const char kPermittedSites[] = …; // Sets `pref` in `extension_prefs` if it doesn't exist, and appends // `origin` to its list. void AddSiteToPrefs(ExtensionPrefs* extension_prefs, const char* pref, const url::Origin& origin) { … } // Removes `origin` from `pref` in `extension_prefs`. void RemoveSiteFromPrefs(ExtensionPrefs* extension_prefs, const char* pref, const url::Origin& origin) { … } // Returns sites from `pref` in `extension_prefs`. std::set<url::Origin> GetSitesFromPrefs(ExtensionPrefs* extension_prefs, const char* pref) { … } // Returns the set of permissions that the extension is allowed to have after // withholding any that should not be granted. `desired_permissions` is the set // of permissions the extension wants, `runtime_granted_permissions` are the // permissions the user explicitly granted the extension at runtime, and // `user_granted_permissions` are permissions that the user has indicated any // extension may have. // This should only be called for extensions that have permissions withheld. std::unique_ptr<PermissionSet> GetAllowedPermissionsAfterWithholding( const PermissionSet& desired_permissions, const PermissionSet& runtime_granted_permissions, const PermissionSet& user_granted_permissions) { … } class PermissionsManagerFactory : public BrowserContextKeyedServiceFactory { … }; PermissionsManagerFactory::PermissionsManagerFactory() : … { … } PermissionsManager* PermissionsManagerFactory::GetForBrowserContext( content::BrowserContext* browser_context) { … } content::BrowserContext* PermissionsManagerFactory::GetBrowserContextToUse( content::BrowserContext* browser_context) const { … } KeyedService* PermissionsManagerFactory::BuildServiceInstanceFor( content::BrowserContext* browser_context) const { … } } // namespace // Implementation of UserPermissionsSettings. PermissionsManager::UserPermissionsSettings::UserPermissionsSettings() = default; PermissionsManager::UserPermissionsSettings::~UserPermissionsSettings() = default; // Implementation of PermissionsManager. PermissionsManager::PermissionsManager(content::BrowserContext* browser_context) : … { … } PermissionsManager::~PermissionsManager() { … } // static PermissionsManager* PermissionsManager::Get( content::BrowserContext* browser_context) { … } // static BrowserContextKeyedServiceFactory* PermissionsManager::GetFactory() { … } // static void PermissionsManager::RegisterProfilePrefs( user_prefs::PrefRegistrySyncable* registry) { … } void PermissionsManager::UpdateUserSiteSetting(const url::Origin& origin, UserSiteSetting site_setting) { … } void PermissionsManager::AddUserRestrictedSite(const url::Origin& origin) { … } void PermissionsManager::RemoveUserRestrictedSite(const url::Origin& origin) { … } void PermissionsManager::AddUserPermittedSite(const url::Origin& origin) { … } void PermissionsManager::UpdatePermissionsWithUserSettings( const Extension& extension, const PermissionSet& user_permitted_set) { … } void PermissionsManager::RemoveUserPermittedSite(const url::Origin& origin) { … } const PermissionsManager::UserPermissionsSettings& PermissionsManager::GetUserPermissionsSettings() const { … } PermissionsManager::UserSiteSetting PermissionsManager::GetUserSiteSetting( const url::Origin& origin) const { … } PermissionsManager::UserSiteAccess PermissionsManager::GetUserSiteAccess( const Extension& extension, const GURL& gurl) const { … } PermissionsManager::ExtensionSiteAccess PermissionsManager::GetSiteAccess( const Extension& extension, const GURL& url) const { … } bool PermissionsManager::ExtensionRequestsHostPermissionsOrActiveTab( const Extension& extension) const { … } bool PermissionsManager::CanAffectExtension(const Extension& extension) const { … } bool PermissionsManager::CanUserSelectSiteAccess( const Extension& extension, const GURL& url, UserSiteAccess site_access) const { … } bool PermissionsManager::HasGrantedHostPermission(const Extension& extension, const GURL& url) const { … } bool PermissionsManager::HasBroadGrantedHostPermissions( const Extension& extension) { … } bool PermissionsManager::HasWithheldHostPermissions( const Extension& extension) const { … } bool PermissionsManager::HasActiveTabAndCanAccess(const Extension& extension, const GURL& url) const { … } std::unique_ptr<PermissionSet> PermissionsManager::GetRuntimePermissionsFromPrefs( const Extension& extension) const { … } std::unique_ptr<PermissionSet> PermissionsManager::GetBoundedExtensionDesiredPermissions( const Extension& extension) const { … } std::unique_ptr<PermissionSet> PermissionsManager::GetEffectivePermissionsToGrant( const Extension& extension, const PermissionSet& desired_permissions) const { … } std::unique_ptr<const PermissionSet> PermissionsManager::GetRevokablePermissions(const Extension& extension) const { … } std::unique_ptr<const PermissionSet> PermissionsManager::GetExtensionGrantedPermissions( const Extension& extension) const { … } void PermissionsManager::AddSiteAccessRequest( content::WebContents* web_contents, int tab_id, const Extension& extension, const std::optional<URLPattern>& filter) { … } bool PermissionsManager::RemoveSiteAccessRequest( int tab_id, const ExtensionId& extension_id, const std::optional<URLPattern>& filter) { … } void PermissionsManager::UserDismissedSiteAccessRequest( content::WebContents* web_contents, int tab_id, const ExtensionId& extension_id) { … } bool PermissionsManager::HasActiveSiteAccessRequest( int tab_id, const ExtensionId& extension_id) { … } void PermissionsManager::AddExtensionToPreviousBroadSiteAccessSet( const ExtensionId& extension_id) { … } void PermissionsManager::RemoveExtensionFromPreviousBroadSiteAccessSet( const ExtensionId& extension_id) { … } bool PermissionsManager::HasPreviousBroadSiteAccess( const ExtensionId& extension_id) { … } void PermissionsManager::NotifyExtensionPermissionsUpdated( const Extension& extension, const PermissionSet& permissions, UpdateReason reason) { … } void PermissionsManager::NotifyActiveTabPermisssionGranted( content::WebContents* web_contents, int tab_id, const Extension& extension) { … } void PermissionsManager::AddObserver(Observer* observer) { … } void PermissionsManager::RemoveObserver(Observer* observer) { … } void PermissionsManager::OnUserPermissionsSettingsChanged() { … } bool PermissionsManager::RemovePermittedSiteAndUpdatePrefs( const url::Origin& origin) { … } bool PermissionsManager::RemoveRestrictedSiteAndUpdatePrefs( const url::Origin& origin) { … } SiteAccessRequestsHelper* PermissionsManager::GetSiteAccessRequestsHelperFor( int tab_id) { … } SiteAccessRequestsHelper* PermissionsManager::GetOrCreateSiteAccessRequestsHelperFor( content::WebContents* web_contents, int tab_id) { … } void PermissionsManager::DeleteSiteAccessRequestHelperFor(int tab_id) { … } void PermissionsManager::NotifyUserPermissionSettingsChanged() { … } void PermissionsManager::NotifySiteAccessRequestsCleared(int tab_id) { … } void PermissionsManager::NotifyShowAccessRequestsInToolbarChanged( const extensions::ExtensionId& extension_id, bool can_show_requests) { … } } // namespace extensions
Codebase Browser
chromium