[Extensions Click-to-Script] Add testing for permissions API behavior

Add a unittest to verify that permissions.contains() and permissions.getAll() correctly return the current permissions for an extension, even if it's affected by the runtime host permissions feature. Bug: 889654 Change-Id: I1ec42ed12208647cbee5784e4908a196e4b69994 Reviewed-on: https://chromium-review.googlesource.com/1247226Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#594838}

[Extensions Click-to-Script] Add testing for permissions API behavior
Add a unittest to verify that permissions.contains() and permissions.getAll() correctly return the current permissions for an extension, even if it's affected by the runtime host permissions feature. Bug: 889654 Change-Id: I1ec42ed12208647cbee5784e4908a196e4b69994 Reviewed-on: https://chromium-review.googlesource.com/1247226Reviewed-by: Karan Bhatia <karandeepb@chromium.org> Commit-Queue: Devlin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/master@{#594838}
d7d3e1f6 · Devlin Cronin · Commit Bot · e337262e · d7d3e1f6
Commit d7d3e1f6 authored Sep 27, 2018 by Devlin Cronin Committed by Commit Bot Sep 27, 2018
Hide whitespace changes
Inline Side-by-side

Showing with 85 additions and 1 deletion

chrome/browser/extensions/api/permissions/permissions_api_unittest.cc ...er/extensions/api/permissions/permissions_api_unittest.cc +85 -1

No files found.
--- a/chrome/browser/extensions/api/permissions/permissions_api_unittest.cc
+++ b/chrome/browser/extensions/api/permissions/permissions_api_unittest.cc
@@ -2,16 +2,22 @@
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.

-#include "base/json/json_reader.h"
 #include "chrome/browser/extensions/api/permissions/permissions_api.h"
+#include "base/json/json_reader.h"
+#include "base/json/json_writer.h"
+#include "base/test/scoped_feature_list.h"
 #include "chrome/browser/extensions/extension_api_unittest.h"
 #include "chrome/browser/extensions/extension_function_test_utils.h"
 #include "chrome/browser/extensions/extension_service.h"
 #include "chrome/browser/extensions/extension_service_test_with_install.h"
 #include "chrome/browser/extensions/extension_util.h"
+#include "chrome/browser/extensions/permissions_updater.h"
+#include "chrome/browser/extensions/scripting_permissions_modifier.h"
 #include "chrome/test/base/testing_profile.h"
 #include "components/crx_file/id_util.h"
 #include "extensions/common/extension_builder.h"
+#include "extensions/common/extension_features.h"
+#include "testing/gmock/include/gmock/gmock.h"
 #include "testing/gtest/include/gtest/gtest.h"

 namespace extensions {
@@ -120,4 +126,82 @@ TEST_F(PermissionsAPIUnitTest, Contains) {
  EXPECT_EQ(expected_has_permission, has_permission);
 }

+TEST_F(PermissionsAPIUnitTest, ContainsAndGetAllWithRuntimeHostPermissions) {
+  // This test relies on the click-to-script feature.
+  base::test::ScopedFeatureList scoped_feature_list;
+  scoped_feature_list.InitAndEnableFeature(
+      extensions_features::kRuntimeHostPermissions);
+
+  scoped_refptr<const Extension> extension =
+      ExtensionBuilder("extension")
+          .AddPermissions({"https://example.com/"})
+          .Build();
+  PermissionsUpdater updater(profile());
+  updater.InitializePermissions(extension.get());
+  updater.GrantActivePermissions(extension.get());
+  service()->AddExtension(extension.get());
+
+  auto contains_origin = [this, &extension](const char* origin) {
+    auto function = base::MakeRefCounted<PermissionsContainsFunction>();
+    function->set_extension(extension.get());
+    if (!extension_function_test_utils::RunFunction(
+            function.get(),
+            base::StringPrintf(R"([{"origins": ["%s"]}])", origin), browser(),
+            api_test_utils::NONE)) {
+      ADD_FAILURE() << "Running function failed: " << function->GetError();
+    }
+
+    return function->GetResultList()->GetList()[0].GetBool();
+  };
+
+  auto get_all = [this, &extension]() {
+    auto function = base::MakeRefCounted<PermissionsGetAllFunction>();
+    function->set_extension(extension.get());
+
+    std::vector<std::string> origins;
+    if (!extension_function_test_utils::RunFunction(
+            function.get(), "[]", browser(), api_test_utils::NONE)) {
+      ADD_FAILURE() << "Running function failed: " << function->GetError();
+      return origins;
+    }
+
+    const base::Value* results = function->GetResultList();
+    if (results->GetList().size() != 1u || !results->GetList()[0].is_dict()) {
+      ADD_FAILURE() << "Invalid result value";
+      return origins;
+    }
+
+    const base::Value* origins_value =
+        results->GetList()[0].FindKeyOfType("origins", base::Value::Type::LIST);
+    for (const auto& value : origins_value->GetList())
+      origins.push_back(value.GetString());
+
+    return origins;
+  };
+
+  // Currently, the extension should have access to example.com (since
+  // permissions are not withheld).
+  constexpr char kExampleCom[] = "https://example.com/*";
+  EXPECT_TRUE(contains_origin(kExampleCom));
+  EXPECT_THAT(get_all(), testing::ElementsAre(kExampleCom));
+
+  ScriptingPermissionsModifier modifier(profile(), extension);
+  modifier.SetWithholdHostPermissions(true);
+
+  // Once we withhold the permission, the contains function should correctly
+  // report the value.
+  EXPECT_FALSE(contains_origin(kExampleCom));
+  EXPECT_THAT(get_all(), testing::IsEmpty());
+
+  constexpr char kChromiumOrg[] = "https://chromium.org/";
+  modifier.GrantHostPermission(GURL(kChromiumOrg));
+
+  // The permissions API only reports active permissions, rather than granted
+  // permissions. This means it will not report values for permissions that
+  // aren't requested. This is probably good, because the extension wouldn't be
+  // able to use them anyway (since they aren't active).
+  EXPECT_FALSE(contains_origin(kChromiumOrg));
+  EXPECT_THAT(get_all(), testing::IsEmpty());
+}
+
 }  // namespace extensions