chromium/chrome/common/extensions/permissions/permissions_data_unittest.cc

// Copyright 2013 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#include <stdint.h>

#include <string>
#include <utility>
#include <vector>

#include "base/command_line.h"
#include "base/memory/ref_counted.h"
#include "base/strings/string_util.h"
#include "base/strings/stringprintf.h"
#include "base/strings/utf_string_conversions.h"
#include "base/test/scoped_feature_list.h"
#include "base/values.h"
#include "chrome/common/extensions/extension_test_util.h"
#include "chrome/common/webui_url_constants.h"
#include "components/crx_file/id_util.h"
#include "content/public/common/socket_permission_request.h"
#include "extensions/common/constants.h"
#include "extensions/common/error_utils.h"
#include "extensions/common/extension.h"
#include "extensions/common/extension_builder.h"
#include "extensions/common/extension_features.h"
#include "extensions/common/extensions_client.h"
#include "extensions/common/manifest.h"
#include "extensions/common/manifest_constants.h"
#include "extensions/common/permissions/api_permission.h"
#include "extensions/common/permissions/permission_message_test_util.h"
#include "extensions/common/permissions/permission_set.h"
#include "extensions/common/permissions/permissions_data.h"
#include "extensions/common/permissions/socket_permission.h"
#include "extensions/common/switches.h"
#include "extensions/common/url_pattern_set.h"
#include "extensions/common/user_script.h"
#include "testing/gtest/include/gtest/gtest.h"
#include "url/gurl.h"
#include "url/origin.h"

UTF16ToUTF8;
SocketPermissionRequest;
LoadManifest;
LoadManifestStrict;
LoadManifestUnchecked;
APIPermissionID;
ManifestLocation;

namespace extensions {

namespace {

const char kAllHostsPermission[] = …;

const char kChromeUntrustedURL[] = …;

GURL GetFaviconURL(const char* path) { … }

bool CheckSocketPermission(scoped_refptr<Extension> extension,
                           SocketPermissionRequest::OperationType type,
                           const char* host,
                           uint16_t port) { … }

// Creates and returns an extension with the given |id|, |host_permissions|, and
// manifest |location|.
scoped_refptr<const Extension> GetExtensionWithHostPermission(
    const std::string& id,
    const std::string& host_permissions,
    ManifestLocation location) { … }

// Checks that urls are properly restricted for the given extension.
void CheckRestrictedUrls(const Extension* extension,
                         bool block_chrome_urls,
                         bool block_chrome_untrusted_urls) { … }

}  // namespace

// NOTE: These tests run in Chrome's unit_tests suite because they depend on
// extension manifest keys (like "content_scripts") that do not exist yet in the
// src/extensions module.
TEST(PermissionsDataTest, EffectiveHostPermissions) { … }

TEST(PermissionsDataTest, SocketPermissions) { … }

TEST(PermissionsDataTest, IsRestrictedUrl) { … }

TEST(PermissionsDataTest, GetPermissionMessages_ManyAPIPermissions) { … }

TEST(PermissionsDataTest, GetPermissionMessages_ManyHostsPermissions) { … }

TEST(PermissionsDataTest, GetPermissionMessages_ManyHosts) { … }

TEST(PermissionsDataTest, ExtensionScheme) { … }

// Base class for testing the CanAccessPage and CanCaptureVisiblePage
// methods of Extension for extensions with various permissions.
class ExtensionScriptAndCaptureVisibleTest : public testing::Test { … };

TEST_F(ExtensionScriptAndCaptureVisibleTest, Permissions) { … }

TEST_F(ExtensionScriptAndCaptureVisibleTest, PermissionsWithChromeURLsEnabled) { … }

TEST_F(ExtensionScriptAndCaptureVisibleTest, TabSpecific) { … }

// Test that activeTab is required for capturing chrome:// urls with
// tabs.captureVisibleTab. https://crbug.com/810220.
TEST_F(ExtensionScriptAndCaptureVisibleTest, CaptureChromeURLs) { … }

// chrome-untrusted:// can never be captured.
TEST_F(ExtensionScriptAndCaptureVisibleTest, CaptureChromeUntrustedURLs) { … }

TEST_F(ExtensionScriptAndCaptureVisibleTest, CaptureFileURLs) { … }

// Check that both the old and new webstore URL are inaccessible.
TEST(PermissionsDataTest, ChromeWebstoreUrl) { … }

TEST_F(ExtensionScriptAndCaptureVisibleTest, PolicyHostRestrictionsSwap) { … }

TEST_F(ExtensionScriptAndCaptureVisibleTest, PolicyHostRestrictions) { … }

// Tests that user host restrictions disallow normal extensions from running
// on specified pages.
TEST_F(ExtensionScriptAndCaptureVisibleTest,
       UserHostRestrictions_Restrictions) { … }

// Tests that user host restrictions don't apply to exempt extensions (like
// policy-installed and component extensions).
TEST_F(ExtensionScriptAndCaptureVisibleTest,
       UserHostRestrictions_ExemptExtensions) { … }

// Tests that user host restrictions don't let extensions run on URLs that the
// extension doesn't request.
TEST_F(ExtensionScriptAndCaptureVisibleTest,
       UserHostRestrictions_DontGrantUnrequestedPermissions) { … }

// Tests that a user specifying an otherwise-restricted URL as "allowed" does
// not allow extensions to run on that URL.
TEST_F(ExtensionScriptAndCaptureVisibleTest,
       UserHostRestrictions_ForbiddenURLs) { … }

// Tests that user host restrictions are not applied when the corresponding
// feature is disabled.
TEST_F(ExtensionScriptAndCaptureVisibleTest,
       UserHostRestrictions_FeatureDisabled) { … }

class CaptureVisiblePageTest : public testing::Test { … };

TEST_F(CaptureVisiblePageTest, URLsCapturableWithEitherActiveTabOrAllURLs) { … }

TEST_F(CaptureVisiblePageTest, URLsCapturableOnlyWithActiveTab) { … }

// TODO(crbug.com/40667841): Add support for capturing chrome-untrusted://.
TEST_F(CaptureVisiblePageTest, ChromeUntrustedSchemeNotCaptured) { … }

TEST_F(CaptureVisiblePageTest, SelfExtensionURLs) { … }

TEST_F(CaptureVisiblePageTest, NoPermissions) { … }

TEST_F(CaptureVisiblePageTest, PolicyBlockedURLs) { … }

}  // namespace extensions