Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(193)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc

Issue 145083016: Merge 246868 "Whitelist extensions from EXTERNAL_COMPONENT for p..." (Closed) Base URL: svn://svn.chromium.org/chrome/branches/1700/src/
Patch Set: Created 6 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « no previous file | chrome/browser/chromeos/extensions/device_local_account_management_policy_provider_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc
===================================================================
--- chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc (revision 247008)
+++ chrome/browser/chromeos/extensions/device_local_account_management_policy_provider.cc (working copy)
@@ -17,8 +17,8 @@
namespace {
-// Apps/extensions explicitly whitelisted for use in device-local accounts.
-const char* kDeviceLocalAccountWhitelist[] = {
+// Apps/extensions explicitly whitelisted for use in public sessions.
+const char* kPublicSessionWhitelist[] = {
// Public sessions in general:
"cbkkbcmdlboombapidmoeolnmdacpkch", // Chrome RDP
"djflhoibgkdhkhhcedjiklpkjnoahfmg", // User Agent Switcher
@@ -90,23 +90,27 @@
bool DeviceLocalAccountManagementPolicyProvider::UserMayLoad(
const extensions::Extension* extension,
string16* error) const {
- if (account_type_ == policy::DeviceLocalAccount::TYPE_KIOSK_APP) {
- // For single-app kiosk sessions, allow only platform apps.
- if (extension->GetType() == extensions::Manifest::TYPE_PLATFORM_APP)
+ if (account_type_ == policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION) {
+ // Allow extension if it is an externally hosted component of Chrome.
+ if (extension->location() ==
+ extensions::Manifest::EXTERNAL_COMPONENT) {
return true;
+ }
- } else {
- // Allow extension if its type is whitelisted for use in device-local
- // accounts.
+ // Allow extension if its type is whitelisted for use in public sessions.
if (extension->GetType() == extensions::Manifest::TYPE_HOSTED_APP)
return true;
- // Allow extension if its specific ID is whitelisted for use in device-local
- // accounts.
- for (size_t i = 0; i < arraysize(kDeviceLocalAccountWhitelist); ++i) {
- if (extension->id() == kDeviceLocalAccountWhitelist[i])
+ // Allow extension if its specific ID is whitelisted for use in public
+ // sessions.
+ for (size_t i = 0; i < arraysize(kPublicSessionWhitelist); ++i) {
+ if (extension->id() == kPublicSessionWhitelist[i])
return true;
}
+ } else if (account_type_ == policy::DeviceLocalAccount::TYPE_KIOSK_APP) {
+ // For single-app kiosk sessions, allow only platform apps.
+ if (extension->GetType() == extensions::Manifest::TYPE_PLATFORM_APP)
+ return true;
}
// Disallow all other extensions.
« no previous file with comments | « no previous file | chrome/browser/chromeos/extensions/device_local_account_management_policy_provider_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698