| Index: chrome/browser/supervised_user/supervised_user_service.h
|
| diff --git a/chrome/browser/supervised_user/supervised_user_service.h b/chrome/browser/supervised_user/supervised_user_service.h
|
| index 8e93e7576efa31e5e2a529401eb1d559d8a2536a..f15ea20b79a10f82be255832e7e98022f56261b2 100644
|
| --- a/chrome/browser/supervised_user/supervised_user_service.h
|
| +++ b/chrome/browser/supervised_user/supervised_user_service.h
|
| @@ -30,6 +30,7 @@
|
| #include "components/prefs/pref_change_registrar.h"
|
| #include "components/sync_driver/sync_service_observer.h"
|
| #include "components/sync_driver/sync_type_preference_provider.h"
|
| +#include "extensions/browser/extension_registry_observer.h"
|
| #include "net/url_request/url_request_context_getter.h"
|
|
|
| #if defined(ENABLE_EXTENSIONS)
|
| @@ -69,6 +70,7 @@ class PrefRegistrySyncable;
|
| // manual whitelist/blacklist overrides).
|
| class SupervisedUserService : public KeyedService,
|
| #if defined(ENABLE_EXTENSIONS)
|
| + public extensions::ExtensionRegistryObserver,
|
| public extensions::ManagementPolicy::Provider,
|
| #endif
|
| public SyncTypePreferenceProvider,
|
| @@ -125,6 +127,15 @@ class SupervisedUserService : public KeyedService,
|
| // inappropriate URL.
|
| void ReportURL(const GURL& url, const SuccessCallback& callback);
|
|
|
| + // Adds an install request for the given WebStore item (App/Extension).
|
| + void AddExtensionInstallRequest(const std::string& extension_id,
|
| + const base::Version& version,
|
| + const SuccessCallback& callback);
|
| +
|
| + // Same as above, but without a callback, just logging errors on failure.
|
| + void AddExtensionInstallRequest(const std::string& extension_id,
|
| + const base::Version& version);
|
| +
|
| // Adds an update request for the given WebStore item (App/Extension).
|
| void AddExtensionUpdateRequest(const std::string& extension_id,
|
| const base::Version& version,
|
| @@ -134,11 +145,16 @@ class SupervisedUserService : public KeyedService,
|
| void AddExtensionUpdateRequest(const std::string& extension_id,
|
| const base::Version& version);
|
|
|
| - // Get the string used to identify an extension update request. Public for
|
| - // testing.
|
| - static std::string GetExtensionUpdateRequestId(
|
| - const std::string& extension_id,
|
| - const base::Version& version);
|
| + // Get the string used to identify an extension install or update request.
|
| + // Public for testing.
|
| + static std::string GetExtensionRequestId(const std::string& extension_id,
|
| + const base::Version& version);
|
| +
|
| + // Updates the approved version of the extensions in the
|
| + // approved_extensions_map_ and re-enables the extension if the approved
|
| + // version now matches the installed version.
|
| + void UpdateApprovedExtensionVersion(const std::string& extension_id,
|
| + const base::Version& version);
|
|
|
| // Returns the email address of the custodian.
|
| std::string GetCustodianEmailAddress() const;
|
| @@ -214,8 +230,12 @@ class SupervisedUserService : public KeyedService,
|
| friend class SupervisedUserServiceFactory;
|
| FRIEND_TEST_ALL_PREFIXES(SingleClientSupervisedUserSettingsSyncTest, Sanity);
|
| FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest, ClearOmitOnRegistration);
|
| - FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceExtensionTest,
|
| - ExtensionManagementPolicyProvider);
|
| + FRIEND_TEST_ALL_PREFIXES(
|
| + SupervisedUserServiceExtensionTest,
|
| + ExtensionManagementPolicyProviderWithoutSUInitiatedInstalls);
|
| + FRIEND_TEST_ALL_PREFIXES(
|
| + SupervisedUserServiceExtensionTest,
|
| + ExtensionManagementPolicyProviderWithSUInitiatedInstalls);
|
|
|
| using CreatePermissionRequestCallback =
|
| base::Callback<void(PermissionRequestCreator*, const SuccessCallback&)>;
|
| @@ -297,9 +317,35 @@ class SupervisedUserService : public KeyedService,
|
| base::string16* error) const override;
|
| bool MustRemainInstalled(const extensions::Extension* extension,
|
| base::string16* error) const override;
|
| + bool MustRemainDisabled(const extensions::Extension* extension,
|
| + extensions::Extension::DisableReason* reason,
|
| + base::string16* error) const override;
|
| +
|
| + // extensions::ExtensionRegistryObserver overrides:
|
| + void OnExtensionInstalled(content::BrowserContext* browser_context,
|
| + const extensions::Extension* extension,
|
| + bool is_update) override;
|
| +
|
| + // An extension can be in one of the following states:
|
| + //
|
| + // FORCED: if it is installed by the custodian.
|
| + // REQUIRE_APPROVAL: if it is installed by the supervised user and
|
| + // hasn't been approved by the custodian yet.
|
| + // ALLOWED: Components, Themes, Default extensions ..etc
|
| + // are generally allowed. Extensions that have been approved by the
|
| + // custodian are also allowed.
|
| + // BLOCKED: if it is not ALLOWED or FORCED
|
| + // and supervised users initiated installs are disabled.
|
| + enum class ExtensionState { FORCED, BLOCKED, ALLOWED, REQUIRE_APPROVAL };
|
| +
|
| + ExtensionState GetExtensionState(
|
| + const extensions::Extension& extension) const;
|
|
|
| // Extensions helper to SetActive().
|
| void SetExtensionsActive();
|
| +
|
| + // Checks the disable reasons and enables the extension if possible.
|
| + void EnableExtensionIfPossible(const std::string& extension_id);
|
| #endif
|
|
|
| SupervisedUserSettingsService* GetSettingsService();
|
| @@ -352,6 +398,10 @@ class SupervisedUserService : public KeyedService,
|
| // corresponding preference is changed.
|
| void UpdateManualURLs();
|
|
|
| + // Updates the map of approved extensions when the corresponding preference
|
| + // is changed.
|
| + void UpdateApprovedExtensions();
|
| +
|
| // Returns the human readable name of the supervised user.
|
| std::string GetSupervisedUserName() const;
|
|
|
| @@ -388,6 +438,10 @@ class SupervisedUserService : public KeyedService,
|
|
|
| URLFilterContext url_filter_context_;
|
|
|
| + // Stores a map from extension_id -> approved version by the custodian.
|
| + // It is only relevant for SU-initiated installs.
|
| + std::map<std::string, base::Version> approved_extensions_map_;
|
| +
|
| enum class BlacklistLoadState {
|
| NOT_LOADED,
|
| LOAD_STARTED,
|
|
|
Chromium Code Reviews
Issue 2004043002:
Supervised Users Initiated Installs v2 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@kid_initiated_install