[Extensions] Revoke permission when updating to incognito mode

In this CL, we make code changes to revoke extension's permission when updating to incognito mode. We also add a unit test to verify the expected behavior. Bug: 633706 Change-Id: I617092c1ed954b7d10b71f8d61a08154657f9262 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2293077 Commit-Queue: Ghazale Hosseinabadi <ghazale@chromium.org> Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#791511}

[Extensions] Revoke permission when updating to incognito mode
In this CL, we make code changes to revoke extension's permission when updating to incognito mode. We also add a unit test to verify the expected behavior. Bug: 633706 Change-Id: I617092c1ed954b7d10b71f8d61a08154657f9262 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2293077 Commit-Queue: Ghazale Hosseinabadi <ghazale@chromium.org> Reviewed-by: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#791511}
23cc27bf · Ghazale Hosseinabadi · Commit Bot · 034ba027 · 23cc27bf · 23cc27bf
Commit 23cc27bf authored Jul 25, 2020 by Ghazale Hosseinabadi Committed by Commit Bot Jul 25, 2020
Showing with 64 additions and 0 deletions

chrome/browser/extensions/extension_service.cc chrome/browser/extensions/extension_service.cc +8 -0

chrome/browser/extensions/extension_service_unittest.cc chrome/browser/extensions/extension_service_unittest.cc +56 -0

No files found.
--- a/chrome/browser/extensions/extension_service.cc
+++ b/chrome/browser/extensions/extension_service.cc
@@ -99,6 +99,7 @@
 #include "extensions/common/feature_switch.h"
 #include "extensions/common/features/feature_channel.h"
 #include "extensions/common/manifest_constants.h"
+#include "extensions/common/manifest_handlers/incognito_info.h"
 #include "extensions/common/manifest_handlers/shared_module_info.h"
 #include "extensions/common/manifest_url_handlers.h"
 #include "extensions/common/permissions/api_permission.h"
@@ -2076,6 +2077,13 @@ void ExtensionService::OnUpgradeRecommended() {
 void ExtensionService::PreAddExtension(const Extension* extension,
                                       const Extension* old_extension) {
+  // An extension may have updated to no longer support incognito. When this
+  // is the case, we don't show the toggle in the chrome://extensions page.
+  // In order to ensure an extension doesn't keep an unrevokable permission,
+  // reset the stored pref.
+  if (old_extension && !IncognitoInfo::IsIncognitoAllowed(extension))
+    extension_prefs_->SetIsIncognitoEnabled(extension->id(), false);
  // Check if the extension's privileges have changed and mark the
  // extension disabled if necessary.
  CheckPermissionsIncrease(extension, !!old_extension);

--- a/chrome/browser/extensions/extension_service_unittest.cc
+++ b/chrome/browser/extensions/extension_service_unittest.cc
@@ -1891,6 +1891,62 @@ TEST_F(ExtensionServiceTest,
  EXPECT_EQ(tabs_permission_set, get_active_permissions()->apis());
 }
+// Tests that updating incognito to not_allowed revokes extension's permission
+// to run in incognito.
+TEST_F(ExtensionServiceTest, UpdateIncognitoMode) {
+  InitializeEmptyExtensionService();
+  // Borrow a PEM for consistent IDs.
+  const base::FilePath path = data_dir().AppendASCII("permissions/update.pem");
+  ASSERT_TRUE(base::PathExists(path));
+  constexpr char kManifestTemplate[] =
+      R"({
+           "name": "Test",
+           "description": "Test incognito mode update flow",
+           "manifest_version": 2,
+           "version": "%s",
+           "incognito": "%s"
+         })";
+  // Install version 1, which has incognito set to split.
+  TestExtensionDir version1;
+  version1.WriteManifest(base::StringPrintf(kManifestTemplate, "1", "split"));
+  const Extension* extension =
+      PackAndInstallCRX(version1.UnpackedPath(), path, INSTALL_NEW);
+  ASSERT_TRUE(extension);
+  const std::string id = extension->id();
+  EXPECT_EQ(0u, GetErrors().size());
+  ASSERT_TRUE(registry()->enabled_extensions().Contains(id));
+  util::SetIsIncognitoEnabled(id, profile(), true);
+  EXPECT_TRUE(util::IsIncognitoEnabled(id, profile()));
+  // Version 2 updates the incognito mode to not_allowed. This should revoke its
+  // permissions, i.e., the extension should not be allowed to run in incognito.
+  TestExtensionDir version2;
+  version2.WriteManifest(
+      base::StringPrintf(kManifestTemplate, "2", "not_allowed"));
+  PackCRXAndUpdateExtension(id, version2.UnpackedPath(), path, ENABLED);
+  EXPECT_TRUE(registry()->enabled_extensions().Contains(id));
+  EXPECT_FALSE(util::IsIncognitoEnabled(id, profile()));
+  // Version 3 updates the incognito mode to split. The extension should not
+  // have the permissions.
+  TestExtensionDir version3;
+  version3.WriteManifest(base::StringPrintf(kManifestTemplate, "3", "split"));
+  service()->EnableExtension(id);
+  PackCRXAndUpdateExtension(id, version3.UnpackedPath(), path, ENABLED);
+  EXPECT_TRUE(registry()->enabled_extensions().Contains(id));
+  EXPECT_FALSE(util::IsIncognitoEnabled(id, profile()));
+}
 #if !defined(OS_CHROMEOS)
 // This tests that the granted permissions preferences are correctly set for
 // default apps.