| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/managed_mode/managed_user_service.h" | 5 #include "chrome/browser/managed_mode/managed_user_service.h" |
| 6 | 6 |
| 7 #include "base/memory/ref_counted.h" | 7 #include "base/memory/ref_counted.h" |
| 8 #include "base/prefs/pref_service.h" | 8 #include "base/prefs/pref_service.h" |
| 9 #include "base/sequenced_task_runner.h" | 9 #include "base/sequenced_task_runner.h" |
| 10 #include "chrome/browser/extensions/extension_service.h" | 10 #include "chrome/browser/extensions/extension_service.h" |
| (...skipping 86 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 97 void ManagedUserService::URLFilterContext::SetManualURLs( | 97 void ManagedUserService::URLFilterContext::SetManualURLs( |
| 98 scoped_ptr<std::map<GURL, bool> > url_map) { | 98 scoped_ptr<std::map<GURL, bool> > url_map) { |
| 99 ui_url_filter_->SetManualURLs(url_map.get()); | 99 ui_url_filter_->SetManualURLs(url_map.get()); |
| 100 BrowserThread::PostTask( | 100 BrowserThread::PostTask( |
| 101 BrowserThread::IO, | 101 BrowserThread::IO, |
| 102 FROM_HERE, | 102 FROM_HERE, |
| 103 base::Bind(&ManagedModeURLFilter::SetManualURLs, | 103 base::Bind(&ManagedModeURLFilter::SetManualURLs, |
| 104 io_url_filter_, base::Owned(url_map.release()))); | 104 io_url_filter_, base::Owned(url_map.release()))); |
| 105 } | 105 } |
| 106 | 106 |
| 107 ManagedUserService::ManagedUserService(Profile* profile) | 107 ManagedUserService::ManagedUserService(Profile* profile) : profile_(profile) { |
| 108 : profile_(profile), | |
| 109 is_elevated_(false) { | |
| 110 } | 108 } |
| 111 | 109 |
| 112 ManagedUserService::~ManagedUserService() { | 110 ManagedUserService::~ManagedUserService() { |
| 113 } | 111 } |
| 114 | 112 |
| 115 bool ManagedUserService::ProfileIsManaged() const { | 113 bool ManagedUserService::ProfileIsManaged() const { |
| 116 return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); | 114 return profile_->GetPrefs()->GetBoolean(prefs::kProfileIsManaged); |
| 117 } | 115 } |
| 118 | 116 |
| 119 bool ManagedUserService::IsElevated() const { | |
| 120 return is_elevated_; | |
| 121 } | |
| 122 | |
| 123 bool ManagedUserService::IsElevatedForWebContents( | 117 bool ManagedUserService::IsElevatedForWebContents( |
| 124 const content::WebContents* web_contents) const { | 118 const content::WebContents* web_contents) const { |
| 125 const ManagedModeNavigationObserver* observer = | 119 const ManagedModeNavigationObserver* observer = |
| 126 ManagedModeNavigationObserver::FromWebContents(web_contents); | 120 ManagedModeNavigationObserver::FromWebContents(web_contents); |
| 127 return observer->is_elevated(); | 121 return observer ? observer->is_elevated() : false; |
| 128 } | 122 } |
| 129 | 123 |
| 130 bool ManagedUserService::IsPassphraseEmpty() const { | 124 bool ManagedUserService::IsPassphraseEmpty() const { |
| 131 PrefService* pref_service = profile_->GetPrefs(); | 125 PrefService* pref_service = profile_->GetPrefs(); |
| 132 return pref_service->GetString(prefs::kManagedModeLocalPassphrase).empty(); | 126 return pref_service->GetString(prefs::kManagedModeLocalPassphrase).empty(); |
| 133 } | 127 } |
| 134 | 128 |
| 135 bool ManagedUserService::CanSkipPassphraseDialog() { | |
| 136 // If the profile is already elevated or there is no passphrase set, no | |
| 137 // authentication is needed. | |
| 138 return IsElevated() || IsPassphraseEmpty(); | |
| 139 } | |
| 140 | |
| 141 bool ManagedUserService::CanSkipPassphraseDialog( | 129 bool ManagedUserService::CanSkipPassphraseDialog( |
| 142 const content::WebContents* web_contents) const { | 130 const content::WebContents* web_contents) const { |
| 143 return IsElevated() || | 131 return IsElevatedForWebContents(web_contents) || |
| 144 IsElevatedForWebContents(web_contents) || | 132 IsPassphraseEmpty(); |
| 145 IsPassphraseEmpty(); | |
| 146 } | 133 } |
| 147 | 134 |
| 148 void ManagedUserService::RequestAuthorization( | 135 void ManagedUserService::RequestAuthorization( |
| 149 content::WebContents* web_contents, | 136 content::WebContents* web_contents, |
| 150 const PassphraseCheckedCallback& callback) { | 137 const PassphraseCheckedCallback& callback) { |
| 151 if (CanSkipPassphraseDialog(web_contents)) { | 138 if (CanSkipPassphraseDialog(web_contents)) { |
| 152 callback.Run(true); | 139 callback.Run(true); |
| 153 return; | 140 return; |
| 154 } | 141 } |
| 155 | 142 |
| 156 // Is deleted automatically when the dialog is closed. | 143 // Is deleted automatically when the dialog is closed. |
| 157 new ManagedUserPassphraseDialog(web_contents, callback); | 144 new ManagedUserPassphraseDialog(web_contents, callback); |
| 158 } | 145 } |
| 159 | 146 |
| 160 void ManagedUserService::RequestAuthorizationUsingActiveWebContents( | |
| 161 Browser* browser, | |
| 162 const PassphraseCheckedCallback& callback) { | |
| 163 RequestAuthorization( | |
| 164 browser->tab_strip_model()->GetActiveWebContents(), | |
| 165 callback); | |
| 166 } | |
| 167 | |
| 168 // static | 147 // static |
| 169 void ManagedUserService::RegisterUserPrefs(PrefRegistrySyncable* registry) { | 148 void ManagedUserService::RegisterUserPrefs(PrefRegistrySyncable* registry) { |
| 170 registry->RegisterDictionaryPref(prefs::kManagedModeManualHosts, | 149 registry->RegisterDictionaryPref(prefs::kManagedModeManualHosts, |
| 171 PrefRegistrySyncable::UNSYNCABLE_PREF); | 150 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 172 registry->RegisterDictionaryPref(prefs::kManagedModeManualURLs, | 151 registry->RegisterDictionaryPref(prefs::kManagedModeManualURLs, |
| 173 PrefRegistrySyncable::UNSYNCABLE_PREF); | 152 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 174 registry->RegisterIntegerPref(prefs::kDefaultManagedModeFilteringBehavior, | 153 registry->RegisterIntegerPref(prefs::kDefaultManagedModeFilteringBehavior, |
| 175 ManagedModeURLFilter::BLOCK, | 154 ManagedModeURLFilter::BLOCK, |
| 176 PrefRegistrySyncable::UNSYNCABLE_PREF); | 155 PrefRegistrySyncable::UNSYNCABLE_PREF); |
| 177 registry->RegisterStringPref(prefs::kManagedModeLocalPassphrase, | 156 registry->RegisterStringPref(prefs::kManagedModeLocalPassphrase, |
| (...skipping 105 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 283 } | 262 } |
| 284 case chrome::NOTIFICATION_EXTENSION_UNLOADED: { | 263 case chrome::NOTIFICATION_EXTENSION_UNLOADED: { |
| 285 const extensions::UnloadedExtensionInfo* extension_info = | 264 const extensions::UnloadedExtensionInfo* extension_info = |
| 286 content::Details<extensions::UnloadedExtensionInfo>(details).ptr(); | 265 content::Details<extensions::UnloadedExtensionInfo>(details).ptr(); |
| 287 if (!extensions::ManagedModeInfo::GetContentPackSiteList( | 266 if (!extensions::ManagedModeInfo::GetContentPackSiteList( |
| 288 extension_info->extension).empty()) { | 267 extension_info->extension).empty()) { |
| 289 UpdateSiteLists(); | 268 UpdateSiteLists(); |
| 290 } | 269 } |
| 291 break; | 270 break; |
| 292 } | 271 } |
| 272 case chrome::NOTIFICATION_EXTENSION_INSTALLED: |
| 273 case chrome::NOTIFICATION_EXTENSION_UNINSTALLED: { |
| 274 // When an extension was installed or uninstalled, remove the temporary |
| 275 // elevation. |
| 276 const extensions::Extension* extension = |
| 277 content::Details<extensions::Extension>(details).ptr(); |
| 278 RemoveElevationForExtension(extension->id()); |
| 279 break; |
| 280 } |
| 293 default: | 281 default: |
| 294 NOTREACHED(); | 282 NOTREACHED(); |
| 295 } | 283 } |
| 296 } | 284 } |
| 297 | 285 |
| 298 bool ManagedUserService::ExtensionManagementPolicyImpl( | 286 bool ManagedUserService::ExtensionManagementPolicyImpl( |
| 299 const std::string& extension_id, | 287 const std::string& extension_id, |
| 300 string16* error) const { | 288 string16* error) const { |
| 301 if (!ProfileIsManaged()) | 289 if (!ProfileIsManaged()) |
| 302 return true; | 290 return true; |
| 303 | 291 |
| 304 if (is_elevated_) | |
| 305 return true; | |
| 306 | |
| 307 if (elevated_for_extensions_.count(extension_id)) | 292 if (elevated_for_extensions_.count(extension_id)) |
| 308 return true; | 293 return true; |
| 309 | 294 |
| 310 if (error) | 295 if (error) |
| 311 *error = l10n_util::GetStringUTF16(IDS_EXTENSIONS_LOCKED_MANAGED_MODE); | 296 *error = l10n_util::GetStringUTF16(IDS_EXTENSIONS_LOCKED_MANAGED_MODE); |
| 312 return false; | 297 return false; |
| 313 } | 298 } |
| 314 | 299 |
| 315 ScopedVector<ManagedModeSiteList> ManagedUserService::GetActiveSiteLists() { | 300 ScopedVector<ManagedModeSiteList> ManagedUserService::GetActiveSiteLists() { |
| 316 ScopedVector<ManagedModeSiteList> site_lists; | 301 ScopedVector<ManagedModeSiteList> site_lists; |
| (...skipping 100 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 417 std::vector<GURL>* urls) { | 402 std::vector<GURL>* urls) { |
| 418 const DictionaryValue* dict = | 403 const DictionaryValue* dict = |
| 419 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); | 404 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); |
| 420 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { | 405 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { |
| 421 GURL url(it.key()); | 406 GURL url(it.key()); |
| 422 if (url.host() == host) | 407 if (url.host() == host) |
| 423 urls->push_back(url); | 408 urls->push_back(url); |
| 424 } | 409 } |
| 425 } | 410 } |
| 426 | 411 |
| 427 // TODO(akuegel): Rename to SetElevatedForTesting when all callers are changed | |
| 428 // to set elevation on the ManagedModeNavigationObserver. | |
| 429 void ManagedUserService::SetElevated(bool is_elevated) { | |
| 430 is_elevated_ = is_elevated; | |
| 431 } | |
| 432 | |
| 433 void ManagedUserService::AddElevationForExtension( | 412 void ManagedUserService::AddElevationForExtension( |
| 434 const std::string& extension_id) { | 413 const std::string& extension_id) { |
| 435 elevated_for_extensions_.insert(extension_id); | 414 elevated_for_extensions_.insert(extension_id); |
| 436 } | 415 } |
| 437 | 416 |
| 438 void ManagedUserService::RemoveElevationForExtension( | 417 void ManagedUserService::RemoveElevationForExtension( |
| 439 const std::string& extension_id) { | 418 const std::string& extension_id) { |
| 440 elevated_for_extensions_.erase(extension_id); | 419 elevated_for_extensions_.erase(extension_id); |
| 441 } | 420 } |
| 442 | 421 |
| 443 void ManagedUserService::Init() { | 422 void ManagedUserService::Init() { |
| 444 if (!ProfileIsManaged()) | 423 if (!ProfileIsManaged()) |
| 445 return; | 424 return; |
| 446 | 425 |
| 447 extensions::ExtensionSystem* extension_system = | 426 extensions::ExtensionSystem* extension_system = |
| 448 extensions::ExtensionSystem::Get(profile_); | 427 extensions::ExtensionSystem::Get(profile_); |
| 449 extensions::ManagementPolicy* management_policy = | 428 extensions::ManagementPolicy* management_policy = |
| 450 extension_system->management_policy(); | 429 extension_system->management_policy(); |
| 451 if (management_policy) | 430 if (management_policy) |
| 452 extension_system->management_policy()->RegisterProvider(this); | 431 extension_system->management_policy()->RegisterProvider(this); |
| 453 | 432 |
| 454 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_LOADED, | 433 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_LOADED, |
| 455 content::Source<Profile>(profile_)); | 434 content::Source<Profile>(profile_)); |
| 456 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNLOADED, | 435 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNLOADED, |
| 457 content::Source<Profile>(profile_)); | 436 content::Source<Profile>(profile_)); |
| 437 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_INSTALLED, |
| 438 content::Source<Profile>(profile_)); |
| 439 registrar_.Add(this, chrome::NOTIFICATION_EXTENSION_UNINSTALLED, |
| 440 content::Source<Profile>(profile_)); |
| 458 pref_change_registrar_.Init(profile_->GetPrefs()); | 441 pref_change_registrar_.Init(profile_->GetPrefs()); |
| 459 pref_change_registrar_.Add( | 442 pref_change_registrar_.Add( |
| 460 prefs::kDefaultManagedModeFilteringBehavior, | 443 prefs::kDefaultManagedModeFilteringBehavior, |
| 461 base::Bind( | 444 base::Bind( |
| 462 &ManagedUserService::OnDefaultFilteringBehaviorChanged, | 445 &ManagedUserService::OnDefaultFilteringBehaviorChanged, |
| 463 base::Unretained(this))); | 446 base::Unretained(this))); |
| 464 | 447 |
| 465 // TODO(bauerb): Setting the default value here does not currently trigger | 448 // TODO(bauerb): Setting the default value here does not currently trigger |
| 466 // the proper notification. Once that is fixed use SetDefaultPrefValue | 449 // the proper notification. Once that is fixed use SetDefaultPrefValue |
| 467 // instead. | 450 // instead. |
| (...skipping 26 matching lines...) Expand all Loading... |
| 494 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); | 477 profile_->GetPrefs()->GetDictionary(prefs::kManagedModeManualURLs); |
| 495 scoped_ptr<std::map<GURL, bool> > url_map(new std::map<GURL, bool>()); | 478 scoped_ptr<std::map<GURL, bool> > url_map(new std::map<GURL, bool>()); |
| 496 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { | 479 for (DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { |
| 497 bool allow = false; | 480 bool allow = false; |
| 498 bool result = it.value().GetAsBoolean(&allow); | 481 bool result = it.value().GetAsBoolean(&allow); |
| 499 DCHECK(result); | 482 DCHECK(result); |
| 500 (*url_map)[GURL(it.key())] = allow; | 483 (*url_map)[GURL(it.key())] = allow; |
| 501 } | 484 } |
| 502 url_filter_context_.SetManualURLs(url_map.Pass()); | 485 url_filter_context_.SetManualURLs(url_map.Pass()); |
| 503 } | 486 } |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 13119011:
Enable WebContents elevation for managed users. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src