| blob | 476ad13ab88d78da762946b386336b6cc0f3a80f |
1 // Copyright 2013 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_
6 #define EXTENSIONS_COMMON_PERMISSIONS_API_PERMISSION_SET_H_
8 #include <set>
9 #include <string>
10 #include <vector>
29 };
34 // Don't allow internal permissions to be parsed (e.g. entries in the
35 // "permissions" list in a manifest).
36 kDisallowInternalPermissions,
38 // Allow internal permissions to be parsed (e.g. from the "api" field of a
39 // permissions list in the prefs).
40 kAllowInternalPermissions,
41 };
45 // Insert |permission| into the APIPermissionSet. The APIPermissionSet will
46 // take the ownership of |permission|,
49 // Parses permissions from |permissions| and adds the parsed permissions to
50 // |api_permissions|. If |source| is kDisallowInternalPermissions, treat
51 // permissions with kFlagInternal as errors. If |unhandled_permissions| is
52 // not NULL, the names of all permissions that couldn't be parsed will be
53 // added to this vector. If |error| is NULL, parsing will continue with the
54 // next permission if invalid data is detected. If |error| is not NULL, it
55 // will be set to an error message and false is returned when an invalid
56 // permission is found.
59 ParseSource source,
65 };
67 // An ID representing a single permission that belongs to an app or extension.
68 //
69 // Each PermissionID has a required ID to identify the permission. For most
70 // permissions, this is all they have.
71 //
72 // Some more complex permissions have a parameter, which acts like an argument
73 // for the permission. For example, host permissions might have the ID
74 // kReadOnlyHost and the argument 'www.google.com' (the host which is
75 // read-only). Parameters are passed to the permission message rules for this
76 // permission, so they can affect the displayed message.
77 //
78 // Note: Inheriting from std::pair automatically gives us an operator<
79 // (required for putting these into an std::set).
80 //
81 // TODO(sashab): Move this to the same file as PermissionIDSet once that moves
82 // to its own file.
91 };
93 // A set of permissions for an app or extension. Used for passing around groups
94 // of permissions, such as required or optional permissions.
95 //
96 // Each permission can also store a string, such as a hostname or device number,
97 // as a parameter that helps identify the permission. This parameter can then
98 // be used when the permission message is generated. For example, the permission
99 // kHostReadOnly might have the parameter "google.com", which means that the app
100 // or extension has the permission to read the host google.com. This parameter
101 // may then be included in the permission message when it is generated later.
102 //
103 // Example:
104 // // Create an empty PermissionIDSet.
105 // PermissionIDSet p;
106 // // Add a permission to the set.
107 // p.insert(APIPermission::kNetworkState);
108 // // Add a permission with a parameter to the set.
109 // p.insert(APIPermission::kHostReadOnly,
110 // base::ASCIIToUTF16("http://www.google.com"));
111 //
112 // TODO(sashab): Move this to its own file and rename it to PermissionSet after
113 // APIPermission is removed, the current PermissionSet is no longer used, and
114 // APIPermission::ID is the only type of Permission ID.
122 // Adds the given permission, and an optional parameter, to the set.
130 // Returns the parameters for all PermissionIDs in this set.
133 // Check if the set contains a permission with the given ID.
136 // Check if the set contains permissions with all the given IDs.
139 // Returns all the permissions in this set with one of the given IDs.
143 // Convenience functions for common set operations.
159 };