// Copyright (c) 2013 The Chromium Authors. All rights reserved.
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.

#ifndef EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_
#define EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_

#include <map>
#include <vector>

#include "base/memory/ref_counted.h"
#include "base/memory/scoped_ptr.h"
#include "base/strings/string16.h"
#include "base/synchronization/lock.h"
#include "extensions/common/permissions/api_permission.h"
#include "extensions/common/permissions/permission_message.h"

class GURL;

namespace extensions {

class PermissionSet;
class APIPermissionSet;
class Extension;
class ManifestPermissionSet;
class URLPatternSet;
class UserScript;

// A container for the permissions data of the extension; also responsible for
// parsing the "permissions" and "optional_permissions" manifest keys. This
// class also contains the active (runtime) permissions for the extension.
class PermissionsData {
 public:
  PermissionsData();
  ~PermissionsData();

  // Delegate class to allow different contexts (e.g. browser vs renderer) to
  // have control over policy decisions.
  class PolicyDelegate {
   public:
    virtual ~PolicyDelegate() {}

    // Returns false if script access should be blocked on this page.
    // Otherwise, default policy should decide.
    virtual bool CanExecuteScriptOnPage(const Extension* extension,
                                        const GURL& document_url,
                                        const GURL& top_document_url,
                                        int tab_id,
                                        const UserScript* script,
                                        int process_id,
                                        std::string* error) = 0;
  };

  static void SetPolicyDelegate(PolicyDelegate* delegate);

  // Return the optional or required permission set for the given |extension|.
  static const PermissionSet* GetOptionalPermissions(
      const Extension* extension);
  static const PermissionSet* GetRequiredPermissions(
      const Extension* extension);

  // Return the temporary API permission set which is used during extension
  // initialization. Once initialization completes, this is NULL.
  static const APIPermissionSet* GetInitialAPIPermissions(
      const Extension* extension);
  static APIPermissionSet* GetInitialAPIPermissions(Extension* extension);

  // Set the scriptable hosts for the given |extension| during initialization.
  static void SetInitialScriptableHosts(Extension* extension,
                                        const URLPatternSet& scriptable_hosts);

  // Return the active (runtime) permissions for the given |extension|.
  static scoped_refptr<const PermissionSet> GetActivePermissions(
      const Extension* extension);
  // Sets the runtime permissions of the given |extension| to |permissions|.
  static void SetActivePermissions(const Extension* extension,
                                   const PermissionSet* active);

  // Gets the tab-specific host permissions of |tab_id|, or NULL if there
  // aren't any.
  static scoped_refptr<const PermissionSet> GetTabSpecificPermissions(
      const Extension* extension,
      int tab_id);
  // Updates the tab-specific permissions of |tab_id| to include those from
  // |permissions|.
  static void UpdateTabSpecificPermissions(
      const Extension* extension,
      int tab_id,
      scoped_refptr<const PermissionSet> permissions);
  // Clears the tab-specific permissions of |tab_id|.
  static void ClearTabSpecificPermissions(const Extension* extension,
                                          int tab_id);

  // Returns true if the |extension| has the given |permission|. Prefer
  // IsExtensionWithPermissionOrSuggestInConsole when developers may be using an
  // api that requires a permission they didn't know about, e.g. open web apis.
  // Note this does not include APIs with no corresponding permission, like
  // "runtime" or "browserAction".
  // TODO(mpcomplete): drop the "API" from these names, it's confusing.
  static bool HasAPIPermission(const Extension* extension,
                               APIPermission::ID permission);
  static bool HasAPIPermission(const Extension* extension,
                               const std::string& permission_name);
  static bool HasAPIPermissionForTab(const Extension* extension,
                                     int tab_id,
                                     APIPermission::ID permission);

  static bool CheckAPIPermissionWithParam(
      const Extension* extension,
      APIPermission::ID permission,
      const APIPermission::CheckParam* param);

  static const URLPatternSet& GetEffectiveHostPermissions(
      const Extension* extension);

  // Returns true if the |extension| can silently increase its permission level.
  // Users must approve permissions for unpacked and packed extensions in the
  // following situations:
  //  - when installing or upgrading packed extensions
  //  - when installing unpacked extensions that have NPAPI plugins
  //  - when either type of extension requests optional permissions
  static bool CanSilentlyIncreasePermissions(const Extension* extension);

  // Returns true if the extension does not require permission warnings
  // to be displayed at install time.
  static bool ShouldSkipPermissionWarnings(const Extension* extension);

  // Whether the |extension| has access to the given |url|.
  static bool HasHostPermission(const Extension* extension, const GURL& url);

  // Whether the |extension| has effective access to all hosts. This is true if
  // there is a content script that matches all hosts, if there is a host
  // permission grants access to all hosts (like <all_urls>) or an api
  // permission that effectively grants access to all hosts (e.g. proxy,
  // network, etc.)
  static bool HasEffectiveAccessToAllHosts(const Extension* extension);

  // Returns the full list of permission messages that the given |extension|
  // should display at install time.
  static PermissionMessages GetPermissionMessages(const Extension* extension);
  // Returns the full list of permission messages that the given |extension|
  // should display at install time. The messages are returned as strings
  // for convenience.
  static std::vector<string16> GetPermissionMessageStrings(
      const Extension* extension);

  // Returns the full list of permission details for messages that the given
  // |extension| should display at install time. The messages are returned as
  // strings for convenience.
  static std::vector<string16> GetPermissionMessageDetailsStrings(
      const Extension* extension);

  // Returns true if the given |extension| can execute script on a page. If a
  // UserScript object is passed, permission to run that specific script is
  // checked (using its matches list). Otherwise, permission to execute script
  // programmatically is checked (using the extension's host permission).
  //
  // This method is also aware of certain special pages that extensions are
  // usually not allowed to run script on.
  static bool CanExecuteScriptOnPage(const Extension* extension,
                                     const GURL& document_url,
                                     const GURL& top_document_url,
                                     int tab_id,
                                     const UserScript* script,
                                     int process_id,
                                     std::string* error);

  // Returns true if the given |extension| is a COMPONENT extension, or if it is
  // on the whitelist of extensions that can script all pages.
  static bool CanExecuteScriptEverywhere(const Extension* extension);

  // Returns true if the |extension| is allowed to obtain the contents of a
  // page as an image.  Since a page may contain sensitive information, this
  // is restricted to the extension's host permissions as well as the
  // extension page itself.
  static bool CanCaptureVisiblePage(const Extension* extension,
                                    const GURL& page_url,
                                    int tab_id,
                                    std::string* error);

  // Parse the permissions of a given extension in the initialization process.
  bool ParsePermissions(Extension* extension, string16* error);

  // Ensure manifest handlers provide their custom manifest permissions.
  void InitializeManifestPermissions(Extension* extension);

  // Finalize permissions after the initialization process completes.
  void FinalizePermissions(Extension* extension);

 private:
  struct InitialPermissions;
  typedef std::map<int, scoped_refptr<const PermissionSet> > TabPermissionsMap;

  // Temporary permissions during the initialization process; NULL after
  // initialization completes.
  scoped_ptr<InitialPermissions> initial_required_permissions_;
  scoped_ptr<InitialPermissions> initial_optional_permissions_;

  // The set of permissions the extension can request at runtime.
  scoped_refptr<const PermissionSet> optional_permission_set_;

  // The extension's required / default set of permissions.
  scoped_refptr<const PermissionSet> required_permission_set_;

  mutable base::Lock runtime_lock_;

  // The permission's which are currently active on the extension during
  // runtime.
  mutable scoped_refptr<const PermissionSet> active_permissions_;

  mutable TabPermissionsMap tab_specific_permissions_;

  DISALLOW_COPY_AND_ASSIGN(PermissionsData);
};

}  // namespace extensions

#endif  // EXTENSIONS_COMMON_PERMISSIONS_PERMISSIONS_DATA_H_