Add managed policies for Native Messaging

chrome/browser/extensions/api/messaging/message_service.cc

Index: chrome/browser/extensions/api/messaging/message_service.cc
diff --git a/chrome/browser/extensions/api/messaging/message_service.cc b/chrome/browser/extensions/api/messaging/message_service.cc
index 23cf172c4daf91ea7aad51f38e62cb18dca2c6cd..ac0ecc8f96a0f80a3199ca76c8303f46329bb007 100644
--- a/chrome/browser/extensions/api/messaging/message_service.cc
+++ b/chrome/browser/extensions/api/messaging/message_service.cc
@@ -63,6 +63,8 @@ const char kReceivingEndDoesntExistError[] =
 #if defined(OS_WIN) || defined(OS_MACOSX) || defined(OS_LINUX)
 const char kMissingPermissionError[] =
     "Access to native messaging requires nativeMessaging permission.";
+const char kProhibitedByPoliciesError[] =
+    "Access to then native messaging host is prohibited by system policies.";

[Joao da Silva, 2013/12/29 23:25:28]

*the

We often blame these restrictions on the system administrator :-)

Suggestion: "Access to the native messaging host was disabled by the system
administrator."

[Sergey Ulanov, 2014/01/06 23:21:55]

Done.

 #endif
 
 struct MessageService::MessageChannel {
@@ -358,6 +360,13 @@ void MessageService::OpenChannelToNativeApp(
     return;
   }
 
+  // Verify that the host is not blocked by policies.
+  if (!NativeMessageProcessHost::IsHostAllowed(profile->GetPrefs(),
+                                               native_app_name)) {
+    DispatchOnDisconnect(source, receiver_port_id, kProhibitedByPoliciesError);
+    return;
+  }
+
   scoped_ptr<MessageChannel> channel(new MessageChannel());
   channel->opener.reset(new ExtensionMessagePort(source, MSG_ROUTING_CONTROL,
                                                  source_extension_id));