Chromium Code Reviews Chromium Code Reviews
Issue 13119011:
Enable WebContents elevation for managed users. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/ui/webui/extensions/extension_settings_handler.cc |
| diff --git a/chrome/browser/ui/webui/extensions/extension_settings_handler.cc b/chrome/browser/ui/webui/extensions/extension_settings_handler.cc |
| index 5ce90be5cd8826e0b280b042bc3db7aa9621f7d0..678eebf9bcacf29ecfa383d064581636e5b8d638 100644 |
| --- a/chrome/browser/ui/webui/extensions/extension_settings_handler.cc |
| +++ b/chrome/browser/ui/webui/extensions/extension_settings_handler.cc |
| @@ -32,8 +32,10 @@ |
| #include "chrome/browser/extensions/unpacked_installer.h" |
| #include "chrome/browser/extensions/updater/extension_updater.h" |
| #include "chrome/browser/google/google_util.h" |
| +#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h" |
| #include "chrome/browser/managed_mode/managed_user_service.h" |
| #include "chrome/browser/managed_mode/managed_user_service_factory.h" |
| +#include "chrome/browser/managed_mode/scoped_extension_elevation.h" |
| #include "chrome/browser/profiles/profile.h" |
| #include "chrome/browser/tab_contents/background_contents.h" |
| #include "chrome/browser/ui/browser_finder.h" |
| @@ -131,7 +133,7 @@ DictionaryValue* ExtensionSettingsHandler::CreateExtensionDetailValue( |
| extension->GetBasicInfo(enabled, extension_data); |
| extension_data->SetBoolean("userModifiable", |
| - management_policy_->UserMayModifySettings(extension, NULL)); |
| + CheckUserMayModifySettings(extension)); |
| GURL icon = |
| ExtensionIconSource::GetIconURL(extension, |
| @@ -554,8 +556,10 @@ void ExtensionSettingsHandler::ReloadUnpackedExtensions() { |
| void ExtensionSettingsHandler::PassphraseDialogCallback(bool success) { |
| if (!success) |
| return; |
| - Profile* profile = Profile::FromWebUI(web_ui()); |
| - ManagedUserServiceFactory::GetForProfile(profile)->SetElevated(true); |
| + ManagedModeNavigationObserver* observer = |
| + ManagedModeNavigationObserver::FromWebContents( |
| + web_ui()->GetWebContents()); |
| + observer->set_elevated(true); |
| HandleRequestExtensionsData(NULL); |
| } |
| @@ -570,11 +574,27 @@ void ExtensionSettingsHandler::ManagedUserSetElevated(const ListValue* args) { |
| base::Bind(&ExtensionSettingsHandler::PassphraseDialogCallback, |
| base::Unretained(this))); |
| } else { |
| - service->SetElevated(false); |
| + ManagedModeNavigationObserver* observer = |
| + ManagedModeNavigationObserver::FromWebContents( |
| + web_ui()->GetWebContents()); |
| + observer->set_elevated(false); |
| HandleRequestExtensionsData(NULL); |
| } |
| } |
| +bool ExtensionSettingsHandler::CheckUserMayModifySettings( |
| + const Extension* extension) { |
| + ManagedUserService* service = ManagedUserServiceFactory::GetForProfile( |
| + Profile::FromWebUI(web_ui())); |
| + scoped_ptr<ScopedExtensionElevation> elevation; |
| + if (service->ProfileIsManaged() && |
| + service->IsElevatedForWebContents(web_ui()->GetWebContents())) { |
| + elevation.reset(new ScopedExtensionElevation(service)); |
| + elevation->AddExtension(extension->id()); |
| + } |
| + return management_policy_->UserMayModifySettings(extension, NULL); |
| +} |
| + |
| void ExtensionSettingsHandler::HandleRequestExtensionsData( |
| const ListValue* args) { |
| DictionaryValue results; |
| @@ -624,7 +644,8 @@ void ExtensionSettingsHandler::HandleRequestExtensionsData( |
| ManagedUserServiceFactory::GetForProfile(profile); |
| bool is_managed = service->ProfileIsManaged(); |
| - bool is_elevated = service->IsElevated(); |
| + bool is_elevated = |
| + service->IsElevatedForWebContents(web_ui()->GetWebContents()); |
| bool developer_mode = |
| (!is_managed || is_elevated) && |
| profile->GetPrefs()->GetBoolean(prefs::kExtensionsUIDeveloperMode); |
| @@ -735,8 +756,7 @@ void ExtensionSettingsHandler::HandleEnableMessage(const ListValue* args) { |
| const Extension* extension = |
| extension_service_->GetInstalledExtension(extension_id); |
| - if (!extension || |
| - !management_policy_->UserMayModifySettings(extension, NULL)) { |
| + if (!extension || !CheckUserMayModifySettings(extension)) { |
| LOG(ERROR) << "Attempt to enable an extension that is non-usermanagable was" |
| << "made. Extension id: " << extension->id(); |
| return; |
| @@ -766,6 +786,14 @@ void ExtensionSettingsHandler::HandleEnableMessage(const ListValue* args) { |
| prefs->SetBrowserActionVisibility(extension, true); |
| } |
| } else { |
| + ManagedUserService* service = ManagedUserServiceFactory::GetForProfile( |
| + Profile::FromWebUI(web_ui())); |
| + scoped_ptr<ScopedExtensionElevation> elevation; |
|
Bernhard Bauer
2013/03/28 15:52:01
The nice thing is that now you can construct the o
Adrian Kuegel
2013/03/28 16:05:53
Done.
|
| + if (service->ProfileIsManaged() && |
| + service->IsElevatedForWebContents(web_ui()->GetWebContents())) { |
| + elevation.reset(new ScopedExtensionElevation(service)); |
| + elevation->AddExtension(extension_id); |
| + } |
| extension_service_->DisableExtension( |
| extension_id, Extension::DISABLE_USER_ACTION); |
| } |
| @@ -810,7 +838,7 @@ void ExtensionSettingsHandler::HandleAllowFileAccessMessage( |
| if (!extension) |
| return; |
| - if (!management_policy_->UserMayModifySettings(extension, NULL)) { |
| + if (!CheckUserMayModifySettings(extension)) { |
| LOG(ERROR) << "Attempt to change allow file access of an extension that is " |
| << "non-usermanagable was made. Extension id : " |
| << extension->id(); |
| @@ -829,7 +857,7 @@ void ExtensionSettingsHandler::HandleUninstallMessage(const ListValue* args) { |
| if (!extension) |
| return; |
| - if (!management_policy_->UserMayModifySettings(extension, NULL)) { |
| + if (!CheckUserMayModifySettings(extension)) { |
| LOG(ERROR) << "Attempt to uninstall an extension that is non-usermanagable " |
| << "was made. Extension id : " << extension->id(); |
| return; |
