| blob | a596a0e3461616b04ccd6a7ded73204c588cca01 |
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_
6 #define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_
8 #include <set>
9 #include <string>
10 #include <vector>
29 };
34 // Don't allow internal permissions to be parsed (e.g. entries in the
35 // "permissions" list in a manifest).
36 kDisallowInternalPermissions,
38 // Allow internal permissions to be parsed (e.g. from the "api" field of a
39 // permissions list in the prefs).
40 kAllowInternalPermissions,
41 };
45 // Insert |permission| into the APIPermissionSet. The APIPermissionSet will
46 // take the ownership of |permission|,
49 // Parses permissions from |permissions| and adds the parsed permissions to
50 // |api_permissions|. If |source| is kDisallowInternalPermissions, treat
51 // permissions with kFlagInternal as errors. If |unhandled_permissions| is
52 // not NULL, the names of all permissions that couldn't be parsed will be
53 // added to this vector. If |error| is NULL, parsing will continue with the
54 // next permission if invalid data is detected. If |error| is not NULL, it
55 // will be set to an error message and false is returned when an invalid
56 // permission is found.
59 ParseSource source,
63 };
65 // An ID representing a single permission that belongs to an app or extension.
66 //
67 // Each PermissionID has a required ID to identify the permission. For most
68 // permissions, this is all they have.
69 //
70 // Some more complex permissions have a parameter, which acts like an argument
71 // for the permission. For example, host permissions might have the ID
72 // kReadOnlyHost and the argument 'www.google.com' (the host which is
73 // read-only). Parameters are passed to the permission message rules for this
74 // permission, so they can affect the displayed message.
75 //
76 // Note: Inheriting from std::pair automatically gives us an operator<
77 // (required for putting these into an std::set).
78 //
79 // TODO(sashab): Move this to the same file as PermissionIDSet once that moves
80 // to its own file.
89 };
91 // A set of permissions for an app or extension. Used for passing around groups
92 // of permissions, such as required or optional permissions.
93 //
94 // Each permission can also store a string, such as a hostname or device number,
95 // as a parameter that helps identify the permission. This parameter can then
96 // be used when the permission message is generated. For example, the permission
97 // kHostReadOnly might have the parameter "google.com", which means that the app
98 // or extension has the permission to read the host google.com. This parameter
99 // may then be included in the permission message when it is generated later.
100 //
101 // Example:
102 // // Create an empty PermissionIDSet.
103 // PermissionIDSet p;
104 // // Add a permission to the set.
105 // p.insert(APIPermission::kNetworkState);
106 // // Add a permission with a parameter to the set.
107 // p.insert(APIPermission::kHostReadOnly,
108 // base::ASCIIToUTF16("http://www.google.com"));
109 //
110 // TODO(sashab): Move this to its own file and rename it to PermissionSet after
111 // APIPermission is removed, the current PermissionSet is no longer used, and
112 // APIPermission::ID is the only type of Permission ID.
120 // Adds the given permission, and an optional parameter, to the set.
128 // Returns the parameters for all PermissionIDs in this set.
131 // Check if the set contains a permission with the given ID.
134 // Check if the set contains permissions with all the given IDs.
137 // Check if the set contains any permission with one of the given IDs.
140 // Returns all the permissions in this set with the given ID.
144 // Returns all the permissions in this set with one of the given IDs.
148 // Convenience functions for common set operations.
164 };