[Extensions] Update renderers when all-urls is granted

Review URL: https://codereview.chromium.org/939803002

Cr-Commit-Position: refs/heads/master@{#317183}

chrome/browser/extensions/active_script_controller.cc

@@ -39,6 +39,7 @@ namespace extensions {
 ActiveScriptController::ActiveScriptController(
     content::WebContents* web_contents)
     : content::WebContentsObserver(web_contents),
+      num_page_requests_(0),
       browser_context_(web_contents->GetBrowserContext()),
       was_used_on_page_(false),
       extension_registry_observer_(this) {
@@ -237,6 +238,8 @@ void ActiveScriptController::OnRequestScriptInjectionPermission(
     return;
   }
 
+  ++num_page_requests_;
+
   switch (RequiresUserConsentForScriptInjection(extension, script_type)) {
     case PermissionsData::ACCESS_ALLOWED:
       PermitScriptInjection(request_id);
@@ -315,6 +318,7 @@ void ActiveScriptController::DidNavigateMainFrame(
     return;
 
   LogUMA();
+  num_page_requests_ = 0;
   permitted_extensions_.clear();
   pending_requests_.clear();
   was_used_on_page_ = false;

chrome/browser/extensions/active_script_controller.h

@@ -68,6 +68,8 @@ class ActiveScriptController : public content::WebContentsObserver,
   // run.
   bool WantsToRun(const Extension* extension);
 
+  int num_page_requests() const { return num_page_requests_; }
+
 #if defined(UNIT_TEST)
   // Only used in tests.
   PermissionsData::AccessType RequiresUserConsentForScriptInjectionForTesting(
@@ -127,6 +129,11 @@ class ActiveScriptController : public content::WebContentsObserver,
                            const Extension* extension,
                            UnloadedExtensionInfo::Reason reason) override;
 
+  // The total number of requests from the renderer on the current page,
+  // including any that are pending or were immediately granted.
+  // Right now, used only in tests.
+  int num_page_requests_;
+
   // The associated browser context.
   content::BrowserContext* browser_context_;
 

chrome/browser/extensions/active_script_controller_browsertest.cc

@@ -8,6 +8,7 @@
 #include "chrome/browser/extensions/active_script_controller.h"
 #include "chrome/browser/extensions/extension_action.h"
 #include "chrome/browser/extensions/extension_browsertest.h"
+#include "chrome/browser/extensions/extension_util.h"
 #include "chrome/browser/extensions/tab_helper.h"
 #include "chrome/browser/extensions/test_extension_dir.h"
 #include "chrome/browser/ui/browser.h"
@@ -402,6 +403,59 @@ IN_PROC_BROWSER_TEST_F(ActiveScriptControllerBrowserTest,
   inject_success_listener.WaitUntilSatisfied();
 }
 
+// Test that granting the extension all urls permission allows it to run on
+// pages, and that the permission update is sent to existing renderers.
+IN_PROC_BROWSER_TEST_F(ActiveScriptControllerBrowserTest,
+                       GrantExtensionAllUrlsPermission) {
+
+  // Loadup an extension and navigate.
+  const Extension* extension = CreateExtension(ALL_HOSTS, CONTENT_SCRIPT);
+  ASSERT_TRUE(extension);
+
+  content::WebContents* web_contents =
+      browser()->tab_strip_model()->GetActiveWebContents();
+  ASSERT_TRUE(web_contents);
+  ActiveScriptController* active_script_controller =
+      ActiveScriptController::GetForWebContents(web_contents);
+  ASSERT_TRUE(active_script_controller);
+
+  ExtensionTestMessageListener inject_success_listener(
+      new ExtensionTestMessageListener(kInjectSucceeded,
+                                       false /* won't reply */));
+  inject_success_listener.set_extension_id(extension->id());
+
+  ASSERT_TRUE(embedded_test_server()->InitializeAndWaitUntilReady());
+  GURL url = embedded_test_server()->GetURL("/extensions/test_file.html");
+  ui_test_utils::NavigateToURL(browser(), url);
+
+  // The extension shouldn't be allowed to run.
+  EXPECT_TRUE(active_script_controller->WantsToRun(extension));
+  EXPECT_EQ(1, active_script_controller->num_page_requests());
+  EXPECT_FALSE(inject_success_listener.was_satisfied());
+
+  // Enable the extension to run on all urls.
+  util::SetAllowedScriptingOnAllUrls(extension->id(), profile(), true);
+  EXPECT_TRUE(RunAllPendingInRenderer(web_contents));
+
+  // Navigate again - this time, the extension should execute immediately (and
+  // should not need to ask the script controller for permission).
+  ui_test_utils::NavigateToURL(browser(), url);
+  EXPECT_FALSE(active_script_controller->WantsToRun(extension));
+  EXPECT_EQ(0, active_script_controller->num_page_requests());
+  EXPECT_TRUE(inject_success_listener.WaitUntilSatisfied());
+
+  // Revoke all urls permissions.
+  inject_success_listener.Reset();
+  util::SetAllowedScriptingOnAllUrls(extension->id(), profile(), false);
+  EXPECT_TRUE(RunAllPendingInRenderer(web_contents));
+
+  // Re-navigate; the extension should again need permission to run.
+  ui_test_utils::NavigateToURL(browser(), url);
+  EXPECT_TRUE(active_script_controller->WantsToRun(extension));
+  EXPECT_EQ(1, active_script_controller->num_page_requests());
+  EXPECT_FALSE(inject_success_listener.was_satisfied());
+}
+
 // A version of the test with the flag off, in order to test that everything
 // still works as expected.
 class FlagOffActiveScriptControllerBrowserTest

chrome/browser/extensions/permissions_updater.cc

@@ -253,16 +253,29 @@ void PermissionsUpdater::WithholdImpliedAllHosts(const Extension* extension) {
                           &active_explicit,
                           &withheld_explicit);
 
+  URLPatternSet delta_explicit;
+  URLPatternSet::CreateDifference(
+      active->explicit_hosts(), active_explicit, &delta_explicit);
+  URLPatternSet delta_scriptable;
+  URLPatternSet::CreateDifference(
+      active->scriptable_hosts(), active_scriptable, &delta_scriptable);
+
   SetPermissions(extension,
                  new PermissionSet(active->apis(),
                                    active->manifest_permissions(),
                                    active_explicit,
                                    active_scriptable),
-                  new PermissionSet(withheld->apis(),
-                                    withheld->manifest_permissions(),
-                                    withheld_explicit,
-                                    withheld_scriptable));
-  // TODO(rdevlin.cronin) We should notify the observers/renderer.
+                 new PermissionSet(withheld->apis(),
+                                   withheld->manifest_permissions(),
+                                   withheld_explicit,
+                                   withheld_scriptable));
+
+  scoped_refptr<const PermissionSet> delta(new PermissionSet(
+      APIPermissionSet(),
+      ManifestPermissionSet(),
+      delta_explicit,
+      delta_scriptable));
+  NotifyPermissionsUpdated(REMOVED, extension, delta.get());
 }
 
 void PermissionsUpdater::GrantWithheldImpliedAllHosts(
@@ -284,6 +297,13 @@ void PermissionsUpdater::GrantWithheldImpliedAllHosts(
                              withheld->scriptable_hosts(),
                              &scriptable_hosts);
 
+  URLPatternSet delta_explicit;
+  URLPatternSet::CreateDifference(
+      explicit_hosts, active->explicit_hosts(), &delta_explicit);
+  URLPatternSet delta_scriptable;
+  URLPatternSet::CreateDifference(
+      scriptable_hosts, active->scriptable_hosts(), &delta_scriptable);
+
   // Since we only withhold host permissions (so far), we know that withheld
   // permissions will be empty.
   SetPermissions(extension,
@@ -292,7 +312,13 @@ void PermissionsUpdater::GrantWithheldImpliedAllHosts(
                                    explicit_hosts,
                                    scriptable_hosts),
                  new PermissionSet());
-  // TODO(rdevlin.cronin) We should notify the observers/renderer.
+
+  scoped_refptr<const PermissionSet> delta(new PermissionSet(
+      APIPermissionSet(),
+      ManifestPermissionSet(),
+      delta_explicit,
+      delta_scriptable));
+  NotifyPermissionsUpdated(ADDED, extension, delta.get());
 }
 
 void PermissionsUpdater::SetPermissions(