Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(106)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/ui/webui/extensions/extension_settings_handler.cc

Issue 13119011: Enable WebContents elevation for managed users. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address review comments. Created 7 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/ui/webui/extensions/extension_settings_handler.h ('k') | chrome/browser/ui/webui/history_ui.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/ui/webui/extensions/extension_settings_handler.cc
diff --git a/chrome/browser/ui/webui/extensions/extension_settings_handler.cc b/chrome/browser/ui/webui/extensions/extension_settings_handler.cc
index 5ce90be5cd8826e0b280b042bc3db7aa9621f7d0..25406d0c3ef5bb2b5cd37c162411955d09b1f473 100644
--- a/chrome/browser/ui/webui/extensions/extension_settings_handler.cc
+++ b/chrome/browser/ui/webui/extensions/extension_settings_handler.cc
@@ -32,6 +32,7 @@
#include "chrome/browser/extensions/unpacked_installer.h"
#include "chrome/browser/extensions/updater/extension_updater.h"
#include "chrome/browser/google/google_util.h"
+#include "chrome/browser/managed_mode/managed_mode_navigation_observer.h"
#include "chrome/browser/managed_mode/managed_user_service.h"
#include "chrome/browser/managed_mode/managed_user_service_factory.h"
#include "chrome/browser/profiles/profile.h"
@@ -82,6 +83,32 @@ using extensions::ExtensionWarning;
using extensions::ManagementPolicy;
using extensions::Manifest;
+namespace {
Bernhard Bauer 2013/03/27 16:23:13 Nit: newline
+// Used to allow managed users to install extensions if they are currently in
+// elevated state.
+class ScopedExtensionElevation {
+ public:
+ ScopedExtensionElevation(ManagedUserService* service,
+ std::string extension_id);
+ ~ScopedExtensionElevation();
+
+ private:
+ ManagedUserService* service_;
+ std::string extension_id_;
Bernhard Bauer 2013/03/27 16:23:13 You could have a vector of extension IDs and a met
Adrian Kuegel 2013/03/27 16:52:25 Done.
+};
+
+ScopedExtensionElevation::ScopedExtensionElevation(ManagedUserService* service,
+ std::string extension_id)
+ : service_(service), extension_id_(extension_id) {
+ service_->AddElevationForExtension(extension_id_);
+}
+
+ScopedExtensionElevation::~ScopedExtensionElevation() {
+ service_->RemoveElevationForExtension(extension_id_);
+}
+
+} // namespace
+
///////////////////////////////////////////////////////////////////////////////
//
// ExtensionSettingsHandler
@@ -131,7 +158,7 @@ DictionaryValue* ExtensionSettingsHandler::CreateExtensionDetailValue(
extension->GetBasicInfo(enabled, extension_data);
extension_data->SetBoolean("userModifiable",
- management_policy_->UserMayModifySettings(extension, NULL));
+ CheckUserMayModifySettings(extension));
GURL icon =
ExtensionIconSource::GetIconURL(extension,
@@ -554,8 +581,10 @@ void ExtensionSettingsHandler::ReloadUnpackedExtensions() {
void ExtensionSettingsHandler::PassphraseDialogCallback(bool success) {
if (!success)
return;
- Profile* profile = Profile::FromWebUI(web_ui());
- ManagedUserServiceFactory::GetForProfile(profile)->SetElevated(true);
+ ManagedModeNavigationObserver* observer =
+ ManagedModeNavigationObserver::FromWebContents(
+ web_ui()->GetWebContents());
+ observer->set_elevated(true);
HandleRequestExtensionsData(NULL);
}
@@ -570,11 +599,26 @@ void ExtensionSettingsHandler::ManagedUserSetElevated(const ListValue* args) {
base::Bind(&ExtensionSettingsHandler::PassphraseDialogCallback,
base::Unretained(this)));
} else {
- service->SetElevated(false);
+ ManagedModeNavigationObserver* observer =
+ ManagedModeNavigationObserver::FromWebContents(
+ web_ui()->GetWebContents());
+ observer->set_elevated(false);
HandleRequestExtensionsData(NULL);
}
}
+bool ExtensionSettingsHandler::CheckUserMayModifySettings(
+ const Extension* extension) {
+ ManagedUserService* service = ManagedUserServiceFactory::GetForProfile(
+ Profile::FromWebUI(web_ui()));
+ scoped_ptr<ScopedExtensionElevation> elevation;
+ if (service->ProfileIsManaged() &&
+ service->IsElevatedForWebContents(web_ui()->GetWebContents())) {
+ elevation.reset(new ScopedExtensionElevation(service, extension->id()));
+ }
+ return management_policy_->UserMayModifySettings(extension, NULL);
+}
+
void ExtensionSettingsHandler::HandleRequestExtensionsData(
const ListValue* args) {
DictionaryValue results;
@@ -624,7 +668,8 @@ void ExtensionSettingsHandler::HandleRequestExtensionsData(
ManagedUserServiceFactory::GetForProfile(profile);
bool is_managed = service->ProfileIsManaged();
- bool is_elevated = service->IsElevated();
+ bool is_elevated =
+ service->IsElevatedForWebContents(web_ui()->GetWebContents());
bool developer_mode =
(!is_managed || is_elevated) &&
profile->GetPrefs()->GetBoolean(prefs::kExtensionsUIDeveloperMode);
@@ -735,8 +780,7 @@ void ExtensionSettingsHandler::HandleEnableMessage(const ListValue* args) {
const Extension* extension =
extension_service_->GetInstalledExtension(extension_id);
- if (!extension ||
- !management_policy_->UserMayModifySettings(extension, NULL)) {
+ if (!extension || !CheckUserMayModifySettings(extension)) {
LOG(ERROR) << "Attempt to enable an extension that is non-usermanagable was"
<< "made. Extension id: " << extension->id();
return;
@@ -766,6 +810,13 @@ void ExtensionSettingsHandler::HandleEnableMessage(const ListValue* args) {
prefs->SetBrowserActionVisibility(extension, true);
}
} else {
+ ManagedUserService* service = ManagedUserServiceFactory::GetForProfile(
+ Profile::FromWebUI(web_ui()));
+ scoped_ptr<ScopedExtensionElevation> elevation;
+ if (service->ProfileIsManaged() &&
+ service->IsElevatedForWebContents(web_ui()->GetWebContents())) {
+ elevation.reset(new ScopedExtensionElevation(service, extension_id));
+ }
extension_service_->DisableExtension(
extension_id, Extension::DISABLE_USER_ACTION);
}
@@ -810,7 +861,7 @@ void ExtensionSettingsHandler::HandleAllowFileAccessMessage(
if (!extension)
return;
- if (!management_policy_->UserMayModifySettings(extension, NULL)) {
+ if (!CheckUserMayModifySettings(extension)) {
LOG(ERROR) << "Attempt to change allow file access of an extension that is "
<< "non-usermanagable was made. Extension id : "
<< extension->id();
@@ -829,7 +880,7 @@ void ExtensionSettingsHandler::HandleUninstallMessage(const ListValue* args) {
if (!extension)
return;
- if (!management_policy_->UserMayModifySettings(extension, NULL)) {
+ if (!CheckUserMayModifySettings(extension)) {
LOG(ERROR) << "Attempt to uninstall an extension that is non-usermanagable "
<< "was made. Extension id : " << extension->id();
return;
« no previous file with comments | « chrome/browser/ui/webui/extensions/extension_settings_handler.h ('k') | chrome/browser/ui/webui/history_ui.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698