| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/managed_mode/managed_user_service.h" | 5 #include "chrome/browser/managed_mode/managed_user_service.h" |
| 6 | 6 |
| 7 #include "base/memory/ref_counted.h" | 7 #include "base/memory/ref_counted.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "base/sequenced_task_runner.h" | 9 #include "base/sequenced_task_runner.h" |
| 10 #include "chrome/browser/extensions/extension_service.h" | 10 #include "chrome/browser/extensions/extension_service.h" |
| (...skipping 85 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 96 void ManagedUserService::URLFilterContext::SetManualURLs( | 96 void ManagedUserService::URLFilterContext::SetManualURLs( |
| 97 scoped_ptr<std::map<GURL, bool> > url_map) { | 97 scoped_ptr<std::map<GURL, bool> > url_map) { |
| 98 ui_url_filter_->SetManualURLs(url_map.get()); | 98 ui_url_filter_->SetManualURLs(url_map.get()); |
| 99 BrowserThread::PostTask( | 99 BrowserThread::PostTask( |
| 100 BrowserThread::IO, | 100 BrowserThread::IO, |
| 101 FROM_HERE, | 101 FROM_HERE, |
| 102 base::Bind(&ManagedModeURLFilter::SetManualURLs, | 102 base::Bind(&ManagedModeURLFilter::SetManualURLs, |
| 103 io_url_filter_, base::Owned(url_map.release()))); | 103 io_url_filter_, base::Owned(url_map.release()))); |
| 104 } | 104 } |
| 105 | 105 |
| 106 ManagedUserService::ManagedUserService(Profile* profile) | 106 ManagedUserService::ManagedUserService(Profile* profile) : profile_(profile) { |
| 107 : profile_(profile), | |
| 108 is_elevated_(false) { | |
| 109 } | 107 } |
| 110 | 108 |
| 111 ManagedUserService::~ManagedUserService() { | 109 ManagedUserService::~ManagedUserService() { |
| 112 } | 110 } |
| 113 | 111 |
| 114 bool ManagedUserService::ProfileIsManaged() const { | 112 bool ManagedUserService::ProfileIsManaged() const { |
| 115 return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); | 113 return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); |
| 116 } | 114 } |
| 117 | 115 |
| 118 bool ManagedUserService::IsElevated() const { | |
| 119 return is_elevated_; | |
| 120 } | |
| 121 | |
| 122 bool ManagedUserService::IsElevatedForWebContents( | 116 bool ManagedUserService::IsElevatedForWebContents( |
| 123 const content::WebContents* web_contents) const { | 117 const content::WebContents* web_contents) const { |
| 124 const ManagedModeNavigationObserver* observer = | 118 const ManagedModeNavigationObserver* observer = |
| 125 ManagedModeNavigationObserver::FromWebContents(web_contents); | 119 ManagedModeNavigationObserver::FromWebContents(web_contents); |
| 126 return observer->is_elevated(); | 120 return observer->is_elevated(); |
| 127 } | 121 } |
| 128 | 122 |
| 129 bool ManagedUserService::IsPassphraseEmpty() const { | 123 bool ManagedUserService::IsPassphraseEmpty() const { |
| 130 PrefService* pref_service = profile_->GetPrefs(); | 124 PrefService* pref_service = profile_->GetPrefs(); |
| 131 return pref_service->GetString(prefs::kManagedModeLocalPassphrase).empty(); | 125 return pref_service->GetString(prefs::kManagedModeLocalPassphrase).empty(); |
| 132 } | 126 } |
| 133 | 127 |
| 134 bool ManagedUserService::CanSkipPassphraseDialog() { | |
| 135 // If the profile is already elevated or there is no passphrase set, no | |
| 136 // authentication is needed. | |
| 137 return IsElevated() || IsPassphraseEmpty(); | |
| 138 } | |
| 139 | |
| 140 bool ManagedUserService::CanSkipPassphraseDialog( | 128 bool ManagedUserService::CanSkipPassphraseDialog( |
| 141 const content::WebContents* web_contents) const { | 129 const content::WebContents* web_contents) const { |
| 142 return IsElevated() || | 130 return IsElevatedForWebContents(web_contents) || |
| 143 IsElevatedForWebContents(web_contents) || | 131 IsPassphraseEmpty(); |
| 144 IsPassphraseEmpty(); | |
| 145 } | 132 } |
| 146 | 133 |
| 147 void ManagedUserService::RequestAuthorization( | 134 void ManagedUserService::RequestAuthorization( |
| 148 content::WebContents* web_contents, | 135 content::WebContents* web_contents, |
| 149 const PassphraseCheckedCallback& callback) { | 136 const PassphraseCheckedCallback& callback) { |
| 150 if (CanSkipPassphraseDialog(web_contents)) { | 137 if (CanSkipPassphraseDialog(web_contents)) { |
| 151 callback.Run(true); | 138 callback.Run(true); |
| 152 return; | 139 return; |
| 153 } | 140 } |
| 154 | 141 |
| 155 // Is deleted automatically when the dialog is closed. | 142 // Is deleted automatically when the dialog is closed. |
| 156 new ManagedUserPassphraseDialog(web_contents, callback); | 143 new ManagedUserPassphraseDialog(web_contents, callback); |
| 157 } | 144 } |
| 158 | 145 |
| 159 void ManagedUserService::RequestAuthorizationUsingActiveWebContents( | |
| 160 Browser* browser, | |
| 161 const PassphraseCheckedCallback& callback) { | |
| 162 RequestAuthorization( | |
| 163 browser->tab_strip_model()->GetActiveWebContents(), | |
| 164 callback); | |
| 165 } | |
| 166 | |
| 167 // static | 146 // static |
| 168 void ManagedUserService::RegisterUserPrefs(PrefRegistrySyncable* registry) { | 147 void ManagedUserService::RegisterUserPrefs(PrefRegistrySyncable* registry) { |
| 169 registry->RegisterDictionaryPref(prefs::kManagedModeManualHosts, | 148 registry->RegisterDictionaryPref(prefs::kManagedModeManualHosts, |
| 170 PrefRegistrySyncable::UNSYNCABLE_PREF); | 149 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 171 registry->RegisterDictionaryPref(prefs::kManagedModeManualURLs, | 150 registry->RegisterDictionaryPref(prefs::kManagedModeManualURLs, |
| 172 PrefRegistrySyncable::UNSYNCABLE_PREF); | 151 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 173 registry->RegisterIntegerPref(prefs::kDefaultManagedModeFilteringBehavior, | 152 registry->RegisterIntegerPref(prefs::kDefaultManagedModeFilteringBehavior, |
| 174 ManagedModeURLFilter::BLOCK, | 153 ManagedModeURLFilter::BLOCK, |
| 175 PrefRegistrySyncable::UNSYNCABLE_PREF); | 154 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 176 registry->RegisterStringPref(prefs::kManagedModeLocalPassphrase, | 155 registry->RegisterStringPref(prefs::kManagedModeLocalPassphrase, |
| (...skipping 103 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 280 break; | 259 break; |
| 281 } | 260 } |
| 282 case chrome::NOTIFICATION_EXTENSION_UNLOADED: { | 261 case chrome::NOTIFICATION_EXTENSION_UNLOADED: { |
| 283 const extensions::UnloadedExtensionInfo* extension_info = | 262 const extensions::UnloadedExtensionInfo* extension_info = |
| 284 content::Details<extensions::UnloadedExtensionInfo>(details).ptr(); | 263 content::Details<extensions::UnloadedExtensionInfo>(details).ptr(); |
| 285 if (!extension_info->extension->GetContentPackSiteList().empty()) | 264 if (!extension_info->extension->GetContentPackSiteList().empty()) |
| 286 UpdateSiteLists(); | 265 UpdateSiteLists(); |
| 287 | 266 |
| 288 break; | 267 break; |
| 289 } | 268 } |
| 269 case chrome::NOTIFICATION_EXTENSION_INSTALLED: |
| 270 case chrome::NOTIFICATION_EXTENSION_UNINSTALLED: { |
| 271 // When an extension was installed or uninstalled, remove the temporary |
| 272 // elevation. |
| 273 const extensions::Extension* extension = |
| 274 content::Details<extensions::Extension>(details).ptr(); |
| 275 RemoveElevationForExtension(extension->id()); |
| 276 break; |
| 277 } |
| 290 default: | 278 default: |
| 291 NOTREACHED(); | 279 NOTREACHED(); |
| 292 } | 280 } |
| 293 } | 281 } |
| 294 | 282 |
| 295 bool ManagedUserService::ExtensionManagementPolicyImpl( | 283 bool ManagedUserService::ExtensionManagementPolicyImpl( |
| 296 const std::string& extension_id, | 284 const std::string& extension_id, |
| 297 string16* error) const { | 285 string16* error) const { |
| 298 if (!ProfileIsManaged()) | 286 if (!ProfileIsManaged()) |
| 299 return true; | 287 return true; |
| 300 | 288 |
| 301 if (is_elevated_) | |
| 302 return true; | |
| 303 | |
| 304 if (elevated_for_extensions_.count(extension_id)) | 289 if (elevated_for_extensions_.count(extension_id)) |
| 305 return true; | 290 return true; |
| 306 | 291 |
| 307 if (error) | 292 if (error) |
| 308 *error = l10n_util::GetStringUTF16(IDS_EXTENSIONS_LOCKED_MANAGED_MODE); | 293 *error = l10n_util::GetStringUTF16(IDS_EXTENSIONS_LOCKED_MANAGED_MODE); |
| 309 return false; | 294 return false; |
| 310 } | 295 } |
| 311 | 296 |
| 312 ScopedVector<ManagedModeSiteList> ManagedUserService::GetActiveSiteLists() { | 297 ScopedVector<ManagedModeSiteList> ManagedUserService::GetActiveSiteLists() { |
| 313 ScopedVector<ManagedModeSiteList> site_lists; | 298 ScopedVector<ManagedModeSiteList> site_lists; |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 414 std::vector<GURL>* urls) { | 399 std::vector<GURL>* urls) { |
| 415 const DictionaryValue* dict = | 400 const DictionaryValue* dict = |
| 416 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); | 401 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); |
| 417 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { | 402 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { |
| 418 GURL url(it.key()); | 403 GURL url(it.key()); |
| 419 if (url.host() == host) | 404 if (url.host() == host) |
| 420 urls->push_back(url); | 405 urls->push_back(url); |
| 421 } | 406 } |
| 422 } | 407 } |
| 423 | 408 |
| 424 // TODO(akuegel): Rename to SetElevatedForTesting when all callers are changed | |
| 425 // to set elevation on the ManagedModeNavigationObserver. | |
| 426 void ManagedUserService::SetElevated(bool is_elevated) { | |
| 427 is_elevated_ = is_elevated; | |
| 428 } | |
| 429 | |
| 430 void ManagedUserService::AddElevationForExtension( | 409 void ManagedUserService::AddElevationForExtension( |
| 431 const std::string& extension_id) { | 410 const std::string& extension_id) { |
| 432 elevated_for_extensions_.insert(extension_id); | 411 elevated_for_extensions_.insert(extension_id); |
| 433 } | 412 } |
| 434 | 413 |
| 435 void ManagedUserService::RemoveElevationForExtension( | 414 void ManagedUserService::RemoveElevationForExtension( |
| 436 const std::string& extension_id) { | 415 const std::string& extension_id) { |
| 437 elevated_for_extensions_.erase(extension_id); | 416 elevated_for_extensions_.erase(extension_id); |
| 438 } | 417 } |
| 439 | 418 |
| 440 void ManagedUserService::Init() { | 419 void ManagedUserService::Init() { |
| 441 if (!ProfileIsManaged()) | 420 if (!ProfileIsManaged()) |
| 442 return; | 421 return; |
| 443 | 422 |
| 444 extensions::ExtensionSystem* extension_system = | 423 extensions::ExtensionSystem* extension_system = |
| 445 extensions::ExtensionSystem::Get(profile_); | 424 extensions::ExtensionSystem::Get(profile_); |
| 446 extensions::ManagementPolicy* management_policy = | 425 extensions::ManagementPolicy* management_policy = |
| 447 extension_system->management_policy(); | 426 extension_system->management_policy(); |
| 448 if (management_policy) | 427 if (management_policy) |
| 449 extension_system->management_policy()->RegisterProvider(this); | 428 extension_system->management_policy()->RegisterProvider(this); |
| 450 | 429 |
| 451 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_LOADED, | 430 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_LOADED, |
| 452 content::Source<Profile>(profile_)); | 431 content::Source<Profile>(profile_)); |
| 453 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNLOADED, | 432 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNLOADED, |
| 454 content::Source<Profile>(profile_)); | 433 content::Source<Profile>(profile_)); |
| 434 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_INSTALLED, |
| 435 content::Source<Profile>(profile_)); |
| 436 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNINSTALLED, |
| 437 content::Source<Profile>(profile_)); |
| 455 pref_change_registrar_.Init(profile_->GetPrefs()); | 438 pref_change_registrar_.Init(profile_->GetPrefs()); |
| 456 pref_change_registrar_.Add( | 439 pref_change_registrar_.Add( |
| 457 prefs::kDefaultManagedModeFilteringBehavior, | 440 prefs::kDefaultManagedModeFilteringBehavior, |
| 458 base::Bind( | 441 base::Bind( |
| 459 &ManagedUserService::OnDefaultFilteringBehaviorChanged, | 442 &ManagedUserService::OnDefaultFilteringBehaviorChanged, |
| 460 base::Unretained(this))); | 443 base::Unretained(this))); |
| 461 | 444 |
| 462 // TODO(bauerb): Setting the default value here does not currently trigger | 445 // TODO(bauerb): Setting the default value here does not currently trigger |
| 463 // the proper notification. Once that is fixed use SetDefaultPrefValue | 446 // the proper notification. Once that is fixed use SetDefaultPrefValue |
| 464 // instead. | 447 // instead. |
| (...skipping 26 matching lines...) Expand all Loading... |
| 491 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); | 474 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); |
| 492 scoped_ptr<std::map<GURL, bool> > url_map(new std::map<GURL, bool>()); | 475 scoped_ptr<std::map<GURL, bool> > url_map(new std::map<GURL, bool>()); |
| 493 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { | 476 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { |
| 494 bool allow = false; | 477 bool allow = false; |
| 495 bool result = it.value().GetAsBoolean(&allow); | 478 bool result = it.value().GetAsBoolean(&allow); |
| 496 DCHECK(result); | 479 DCHECK(result); |
| 497 (*url_map)[GURL(it.key())] = allow; | 480 (*url_map)[GURL(it.key())] = allow; |
| 498 } | 481 } |
| 499 url_filter_context_.SetManualURLs(url_map.Pass()); | 482 url_filter_context_.SetManualURLs(url_map.Pass()); |
| 500 } | 483 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 13119011:
Enable WebContents elevation for managed users. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src