GitLab

Adjust the chrome.permissions API for use with withheld permissions as
a result of the RuntimeHostPermissions feature. This patch allows the
permissions API to be used to request withheld or optional host
permissions, rather than just optional host permissions.

This is important for extensions that want to be able to request
permissions at runtime using the chrome.permissions API as a workaround
to having required permisssions withheld.

Additionally, move requesting optional permissions to looking at the
runtime granted permission set, rather than the granted permission set.
This greatly simplifies the logic, as now all permission requests are
compared to the same permissions set, and we don't need to isolate host
permission requests versus API permission requests. This also ensures
we avoid granting a permission that was explicitly revoked by the user
(as could happen if we just checked granted permissions).

As of Chrome 70, all permissions granted through the permissions API
are added to the runtime granted set. However, this does mean that
optional permissions that were granted prior to M70, and then later
removed via permissions.remove(), will re-prompt the user. In practice,
this is very rare. This also means that optional permissions will not be
granted automatically for permissions that were used by previous versions
of the extension (similarly, very rare in practice).

This does *not* address the issue of scriptable hosts in requested
permissions; that is still an issue.

Bug: 889654

Change-Id: I8c20f03ec7b402cd61ae1db04b782447dc39414e
Reviewed-on: https://chromium-review.googlesource.com/c/1301851
Commit-Queue: Devlin <rdevlin.cronin@chromium.org>
Reviewed-by: Karan Bhatia <karandeepb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#607474}