commit 582db61df3c481f784b77d3d429bfe51aa75883c
author Devlin Cronin <rdevlin.cronin@chromium.org> Thu May 17 00:38:31 2018
committer Commit Bot <commit-bot@chromium.org> Thu May 17 00:38:31 2018
tree 36daf4c830b1220bca77c25887f9325d039f0358
parent 9c1cb561a10ef426987990ce69230c5799d01a44

[Extensions Click-to-Script] Only apply behavior with the feature enabled

Ensure that click-to-script functionality is only applied if the feature
is enabled. This guarantees that users have an escape hatch.

Bug: 841465

Change-Id: Ieaf7aa19af449329f536fc46ec3b4dedf09c66b8
Reviewed-on: https://chromium-review.googlesource.com/1053049
Reviewed-by: Karan Bhatia <karandeepb@chromium.org>
Commit-Queue: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#559365}

chrome/browser/extensions/permissions_updater.cc

diff --git a/chrome/browser/extensions/permissions_updater.cc b/chrome/browser/extensions/permissions_updater.cc
index 6eaf151b9..1e1d5890 100644
--- a/chrome/browser/extensions/permissions_updater.cc
+++ b/chrome/browser/extensions/permissions_updater.cc
@@ -229,14 +229,14 @@
 void PermissionsUpdater::InitializePermissions(const Extension* extension) {
   std::unique_ptr<const PermissionSet> bounded_wrapper;
   const PermissionSet* bounded_active = nullptr;
+  ExtensionPrefs* prefs = ExtensionPrefs::Get(browser_context_);
   // If |extension| is a transient dummy extension, we do not want to look for
   // it in preferences.
   if (init_flag_ & INIT_FLAG_TRANSIENT) {
     bounded_active = &extension->permissions_data()->active_permissions();
   } else {
     std::unique_ptr<const PermissionSet> active_permissions =
-        ExtensionPrefs::Get(browser_context_)
-            ->GetActivePermissions(extension->id());
+        prefs->GetActivePermissions(extension->id());
     bounded_wrapper =
         GetBoundedActivePermissions(extension, active_permissions.get());
     bounded_active = bounded_wrapper.get();
@@ -244,10 +244,9 @@
 
   std::unique_ptr<const PermissionSet> granted_permissions;
   std::unique_ptr<const PermissionSet> withheld_permissions;
-  ScriptingPermissionsModifier(browser_context_,
-                               base::WrapRefCounted(extension))
-      .WithholdPermissions(*bounded_active, &granted_permissions,
-                           &withheld_permissions);
+  ScriptingPermissionsModifier::WithholdPermissionsIfNecessary(
+      *extension, *prefs, *bounded_active, &granted_permissions,
+      &withheld_permissions);
 
   if (g_delegate)
     g_delegate->InitializePermissions(extension, &granted_permissions);