[Extensions] Short-circuit activity logging if not enabled

chrome/browser/extensions/activity_log/activity_log.cc

 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/activity_log/activity_log.h"
 
 #include <stddef.h>
 #include <set>
 #include <utility>
 #include <vector>
 
 #include "base/command_line.h"
 #include "base/json/json_string_value_serializer.h"
 #include "base/lazy_instance.h"
 #include "base/logging.h"
 #include "base/macros.h"
 #include "base/strings/string_util.h"
 #include "base/strings/utf_string_conversions.h"
+#include "base/synchronization/lock.h"
 #include "base/threading/thread_checker.h"
+#include "chrome/browser/chrome_notification_types.h"
 #include "chrome/browser/extensions/activity_log/activity_action_constants.h"
 #include "chrome/browser/extensions/activity_log/counting_policy.h"
 #include "chrome/browser/extensions/activity_log/fullstream_ui_policy.h"
 #include "chrome/browser/extensions/api/activity_log_private/activity_log_private_api.h"
 #include "chrome/browser/extensions/extension_tab_util.h"
 #include "chrome/browser/prerender/prerender_manager.h"
 #include "chrome/browser/prerender/prerender_manager_factory.h"
 #include "chrome/browser/profiles/profile.h"
 #include "chrome/browser/ui/browser.h"
 #include "chrome/common/chrome_constants.h"
 #include "chrome/common/chrome_switches.h"
 #include "chrome/common/pref_names.h"
 #include "components/syncable_prefs/pref_service_syncable.h"
 #include "content/public/browser/browser_thread.h"
+#include "content/public/browser/notification_service.h"
+#include "content/public/browser/notification_source.h"
 #include "content/public/browser/web_contents.h"
+#include "extensions/browser/api_activity_monitor.h"
 #include "extensions/browser/extension_registry.h"
 #include "extensions/browser/extension_registry_factory.h"
 #include "extensions/browser/extension_system.h"
 #include "extensions/browser/extension_system_provider.h"
 #include "extensions/browser/extensions_browser_client.h"
 #include "extensions/common/extension.h"
 #include "extensions/common/one_shot_event.h"
 #include "third_party/re2/src/re2/re2.h"
 #include "url/gurl.h"
 
@@ skipping 281 matching lines @@
     default:
       NOTREACHED();
   }
 
   if (arg_url.is_valid()) {
     action->set_arg_incognito(arg_incognito);
     action->set_arg_url(arg_url);
   }
 }
 
+// A global, thread-safe record of activity log state.
+class ActivityLogState {
+ public:
+  ActivityLogState() {}
+  ~ActivityLogState() {}
+
+  void AddActiveContext(content::BrowserContext* context) {
+    DCHECK_CURRENTLY_ON(BrowserThread::UI);
+    base::AutoLock lock(lock_);
+    contexts_.insert(context);
+  }
+
+  void RemoveActiveContext(content::BrowserContext* context) {
+    DCHECK_CURRENTLY_ON(BrowserThread::UI);
+    base::AutoLock lock(lock_);
+    contexts_.erase(context);
+  }
+
+  bool IsActiveContext(content::BrowserContext* context) {
+    base::AutoLock lock(lock_);
+    return contexts_.count(context) > 0;
+  }
+
+  void AddWhitelistedId(const std::string& id) {
+    DCHECK_CURRENTLY_ON(BrowserThread::UI);
+    base::AutoLock lock(lock_);
+    whitelisted_ids_.insert(id);
+  }
+
+  // We don't remove the id entry from g_activity_log_state because it may be
+  // loaded in multiple profiles, and being whitelisted for the ActivityLog
+  // is a global permission.
+
+  bool IsWhitelistedId(const std::string& id) {
+    base::AutoLock lock(lock_);
+    return whitelisted_ids_.count(id) > 0;
+  }
+
+ private:
+  std::set<const content::BrowserContext*> contexts_;
+  std::set<std::string> whitelisted_ids_;
+  base::Lock lock_;
+
+  DISALLOW_COPY_AND_ASSIGN(ActivityLogState);
+};
+
+base::LazyInstance<ActivityLogState> g_activity_log_state =
+    LAZY_INSTANCE_INITIALIZER;
+
+// Calls into the ActivityLog to log an api event or function call.
+// Must be called on the UI thread.
+void LogApiActivityOnUI(content::BrowserContext* browser_context,
+                        const std::string& extension_id,
+                        const std::string& activity_name,
+                        std::unique_ptr<base::ListValue> args,
+                        Action::ActionType type) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  ActivityLog* activity_log = ActivityLog::GetInstance(browser_context);
+  if (!activity_log || !activity_log->ShouldLog(extension_id))
+    return;
+  scoped_refptr<Action> action =
+      new Action(extension_id, base::Time::Now(), type, activity_name);
+  action->set_args(std::move(args));
+  activity_log->LogAction(action);
+}
+
+// Generic thread-safe handler for API calls and events.
+void LogApiActivity(content::BrowserContext* browser_context,
+                    const std::string& extension_id,
+                    const std::string& activity_name,
+                    const base::ListValue& args,
+                    Action::ActionType type) {
+  ActivityLogState& state = g_activity_log_state.Get();
+  if (!state.IsActiveContext(browser_context) ||
+      state.IsWhitelistedId(extension_id))
+    return;
+  if (!BrowserThread::CurrentlyOn(BrowserThread::UI)) {
+    BrowserThread::PostTask(
+        BrowserThread::UI, FROM_HERE,
+        base::Bind(&LogApiActivityOnUI, browser_context, extension_id,
+                   activity_name, base::Passed(args.CreateDeepCopy()), type));
+    return;
+  }
+  LogApiActivityOnUI(browser_context, extension_id, activity_name,
+                     args.CreateDeepCopy(), type);
+}
+
+// Handler for API events. Thread-safe.
+void LogApiEvent(content::BrowserContext* browser_context,
+                 const std::string& extension_id,
+                 const std::string& event_name,
+                 const base::ListValue& args) {
+  LogApiActivity(browser_context, extension_id, event_name, args,
+                 Action::ACTION_API_EVENT);
+}
+
+// Handler for API function calls. Thread-safe.
+void LogApiFunction(content::BrowserContext* browser_context,
+                    const std::string& extension_id,
+                    const std::string& event_name,
+                    const base::ListValue& args) {
+  LogApiActivity(browser_context, extension_id, event_name, args,
+                 Action::ACTION_API_CALL);
+}
+
+// Calls into the ActivityLog to log a webRequest usage.
+// Must be called on the UI thread.
+void LogWebRequestActivityOnUI(content::BrowserContext* browser_context,
+                               const std::string& extension_id,
+                               const GURL& url,
+                               bool is_incognito,
+                               const std::string& api_call,
+                               std::unique_ptr<base::DictionaryValue> details) {
+  DCHECK_CURRENTLY_ON(BrowserThread::UI);
+  ActivityLog* activity_log = ActivityLog::GetInstance(browser_context);
+  if (!activity_log || !activity_log->ShouldLog(extension_id))
+    return;
+  scoped_refptr<Action> action = new Action(
+      extension_id, base::Time::Now(), Action::ACTION_WEB_REQUEST, api_call);
+  action->set_page_url(url);
+  action->set_page_incognito(is_incognito);
+  action->mutable_other()->Set(activity_log_constants::kActionWebRequest,
+                               std::move(details));
+  activity_log->LogAction(action);
+}
+
+// Handler for webRequest use. Thread-safe.
+void LogWebRequestActivity(content::BrowserContext* browser_context,
+                           const std::string& extension_id,
+                           const GURL& url,
+                           bool is_incognito,
+                           const std::string& api_call,
+                           std::unique_ptr<base::DictionaryValue> details) {
+  ActivityLogState& state = g_activity_log_state.Get();
+  if (!state.IsActiveContext(browser_context) ||
+      state.IsWhitelistedId(extension_id))
+    return;
+  if (!BrowserThread::CurrentlyOn(BrowserThread::UI)) {
+    BrowserThread::PostTask(
+        BrowserThread::UI, FROM_HERE,
+        base::Bind(&LogWebRequestActivityOnUI, browser_context, extension_id,
+                   url, is_incognito, api_call, base::Passed(&details)));
+    return;
+  }
+  LogWebRequestActivityOnUI(browser_context, extension_id, url, is_incognito,
+                            api_call, std::move(details));
+}
+
+void SetActivityHandlers() {
+  // Set up event handlers. We don't have to worry about unsetting these,
+  // because we check whether or not the activity log is active for the context
+  // in the monitor methods.
+  activity_monitor::Monitor current_function_monitor =
+      activity_monitor::GetApiFunctionMonitor();
+  DCHECK(!current_function_monitor ||
+         current_function_monitor == &LogApiFunction);
+  if (!current_function_monitor)
+    activity_monitor::SetApiFunctionMonitor(&LogApiFunction);
+
+  activity_monitor::Monitor current_event_monitor =
+      activity_monitor::GetApiEventMonitor();
+  DCHECK(!current_event_monitor || current_event_monitor == &LogApiEvent);
+  if (!current_function_monitor)
+    activity_monitor::SetApiEventMonitor(&LogApiEvent);
+
+  activity_monitor::WebRequestMonitor current_web_request_monitor =
+      activity_monitor::GetWebRequestMonitor();
+  DCHECK(!current_web_request_monitor ||
+         current_web_request_monitor == &LogWebRequestActivity);
+  if (!current_web_request_monitor)
+    activity_monitor::SetWebRequestMonitor(&LogWebRequestActivity);
+}
+
 }  // namespace
 
 // SET THINGS UP. --------------------------------------------------------------
 
 static base::LazyInstance<BrowserContextKeyedAPIFactory<ActivityLog> >
     g_factory = LAZY_INSTANCE_INITIALIZER;
 
 BrowserContextKeyedAPIFactory<ActivityLog>* ActivityLog::GetFactoryInstance() {
   return g_factory.Pointer();
 }
 
 // static
 ActivityLog* ActivityLog::GetInstance(content::BrowserContext* context) {
   return ActivityLog::GetFactoryInstance()->Get(
       Profile::FromBrowserContext(context));
 }
 
 // Use GetInstance instead of directly creating an ActivityLog.
 ActivityLog::ActivityLog(content::BrowserContext* context)
     : database_policy_(NULL),
       database_policy_type_(ActivityLogPolicy::POLICY_INVALID),
       profile_(Profile::FromBrowserContext(context)),
       db_enabled_(false),
       testing_mode_(false),
       has_threads_(true),
       extension_registry_observer_(this),
-      watchdog_apps_active_(0) {
+      watchdog_apps_active_(0),
+      is_active_(false) {
+  SetActivityHandlers();
+
   // This controls whether logging statements are printed & which policy is set.
   testing_mode_ = base::CommandLine::ForCurrentProcess()->HasSwitch(
       switches::kEnableExtensionActivityLogTesting);
 
   // Check if the watchdog extension is previously installed and active.
   watchdog_apps_active_ =
       profile_->GetPrefs()->GetInteger(prefs::kWatchdogExtensionActive);
 
   observers_ = new base::ObserverListThreadSafe<Observer>;
 
   // Check that the right threads exist for logging to the database.
   // If not, we shouldn't try to do things that require them.
   if (!BrowserThread::IsMessageLoopValid(BrowserThread::DB) ||
       !BrowserThread::IsMessageLoopValid(BrowserThread::FILE) ||
       !BrowserThread::IsMessageLoopValid(BrowserThread::IO)) {
     has_threads_ = false;
   }
 
   db_enabled_ =
       has_threads_ && (base::CommandLine::ForCurrentProcess()->HasSwitch(
                            switches::kEnableExtensionActivityLogging) ||
                        watchdog_apps_active_);
 
   extension_registry_observer_.Add(ExtensionRegistry::Get(profile_));
   ChooseDatabasePolicy();
+
+  CheckActive();
 }
 
 void ActivityLog::SetDatabasePolicy(
     ActivityLogPolicy::PolicyType policy_type) {
   if (database_policy_type_ == policy_type)
     return;
   if (!IsDatabaseEnabled() && !IsWatchdogAppActive())
     return;
 
   // Deleting the old policy takes place asynchronously, on the database
@@ skipping 17 matching lines @@
     default:
       NOTREACHED();
   }
   database_policy_->Init();
   database_policy_type_ = policy_type;
 }
 
 ActivityLog::~ActivityLog() {
   if (database_policy_)
     database_policy_->Close();
+  if (is_active_)
+    g_activity_log_state.Get().RemoveActiveContext(profile_);
 }
 
 // MAINTAIN STATUS. ------------------------------------------------------------
 
 void ActivityLog::ChooseDatabasePolicy() {
   if (!(IsDatabaseEnabled() || IsWatchdogAppActive()))
     return;
   if (testing_mode_)
     SetDatabasePolicy(ActivityLogPolicy::POLICY_FULLSTREAM);
   else
     SetDatabasePolicy(ActivityLogPolicy::POLICY_COUNTS);
 }
 
 bool ActivityLog::IsDatabaseEnabled() {
   // Make sure we are not enabled when there are no threads.
   DCHECK(has_threads_ || !db_enabled_);
   return db_enabled_;
 }
 
 bool ActivityLog::IsWatchdogAppActive() {
   return (watchdog_apps_active_ > 0);
 }
 
 void ActivityLog::SetWatchdogAppActiveForTesting(bool active) {
   watchdog_apps_active_ = active ? 1 : 0;
+  CheckActive();
 }
 
 void ActivityLog::OnExtensionLoaded(content::BrowserContext* browser_context,
                                     const Extension* extension) {
-  if (!ActivityLogAPI::IsExtensionWhitelisted(extension->id())) return;
+  if (!ActivityLogAPI::IsExtensionWhitelisted(extension->id()))
+    return;
   if (has_threads_)
     db_enabled_ = true;
+  g_activity_log_state.Get().AddWhitelistedId(extension->id());
   watchdog_apps_active_++;
   profile_->GetPrefs()->SetInteger(prefs::kWatchdogExtensionActive,
                                    watchdog_apps_active_);
   if (watchdog_apps_active_ == 1)
     ChooseDatabasePolicy();
+
+  if (!is_active_)
+    CheckActive();
 }
 
 void ActivityLog::OnExtensionUnloaded(content::BrowserContext* browser_context,
                                       const Extension* extension,
                                       UnloadedExtensionInfo::Reason reason) {
-  if (!ActivityLogAPI::IsExtensionWhitelisted(extension->id())) return;
+  if (!ActivityLogAPI::IsExtensionWhitelisted(extension->id()))
+    return;
   watchdog_apps_active_--;
   profile_->GetPrefs()->SetInteger(prefs::kWatchdogExtensionActive,
                                    watchdog_apps_active_);
   if (watchdog_apps_active_ == 0 &&
       !base::CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kEnableExtensionActivityLogging)) {
     db_enabled_ = false;
   }
+
+  if (is_active_)
+    CheckActive();
 }
 
 // OnExtensionUnloaded will also be called right before this.
 void ActivityLog::OnExtensionUninstalled(
     content::BrowserContext* browser_context,
     const Extension* extension,
     extensions::UninstallReason reason) {
   if (ActivityLogAPI::IsExtensionWhitelisted(extension->id()) &&
       !base::CommandLine::ForCurrentProcess()->HasSwitch(
           switches::kEnableExtensionActivityLogging) &&
@@ skipping 14 matching lines @@
 
 // static
 void ActivityLog::RegisterProfilePrefs(
     user_prefs::PrefRegistrySyncable* registry) {
   registry->RegisterIntegerPref(prefs::kWatchdogExtensionActive, false);
 }
 
 // LOG ACTIONS. ----------------------------------------------------------------
 
 void ActivityLog::LogAction(scoped_refptr<Action> action) {
-  if (ActivityLogAPI::IsExtensionWhitelisted(action->extension_id()))
-    return;
+  DCHECK(ShouldLog(action->extension_id()));
 
   // Perform some preprocessing of the Action data: convert tab IDs to URLs and
   // mask out incognito URLs if appropriate.
   ExtractUrls(action, profile_);
 
   // Mark DOM XHR requests as such, for easier processing later.
   if (action->action_type() == Action::ACTION_DOM_ACCESS &&
       base::StartsWith(action->api_name(), kDomXhrPrefix,
                        base::CompareCase::SENSITIVE) &&
       action->other()) {
     base::DictionaryValue* other = action->mutable_other();
     int dom_verb = -1;
     if (other->GetInteger(constants::kActionDomVerb, &dom_verb) &&
         dom_verb == DomActionType::METHOD) {
       other->SetInteger(constants::kActionDomVerb, DomActionType::XHR);
     }
   }
 
   if (IsDatabaseEnabled() && database_policy_)
     database_policy_->ProcessAction(action);
   if (IsWatchdogAppActive())
     observers_->Notify(FROM_HERE, &Observer::OnExtensionActivity, action);
   if (testing_mode_)
     VLOG(1) << action->PrintForDebug();
 }
 
+bool ActivityLog::ShouldLog(const std::string& extension_id) const {
+  return is_active_ && !ActivityLogAPI::IsExtensionWhitelisted(extension_id);
+}
+
 void ActivityLog::OnScriptsExecuted(
     const content::WebContents* web_contents,
     const ExecutingScriptsMap& extension_ids,
     const GURL& on_url) {
-  Profile* profile =
-      Profile::FromBrowserContext(web_contents->GetBrowserContext());
-  ExtensionRegistry* registry = ExtensionRegistry::Get(profile);
+  if (!is_active_)
+    return;
+  ExtensionRegistry* registry = ExtensionRegistry::Get(profile_);
   for (ExecutingScriptsMap::const_iterator it = extension_ids.begin();
        it != extension_ids.end(); ++it) {
     const Extension* extension =
         registry->GetExtensionById(it->first, ExtensionRegistry::ENABLED);
     if (!extension || ActivityLogAPI::IsExtensionWhitelisted(extension->id()))
       continue;
 
     // If OnScriptsExecuted is fired because of tabs.executeScript, the list
     // of content scripts will be empty.  We don't want to log it because
     // the call to tabs.executeScript will have already been logged anyway.
     if (!it->second.empty()) {
       scoped_refptr<Action> action;
       action = new Action(extension->id(),
                           base::Time::Now(),
                           Action::ACTION_CONTENT_SCRIPT,
                           "");  // no API call here
       action->set_page_url(on_url);
       action->set_page_title(base::UTF16ToUTF8(web_contents->GetTitle()));
       action->set_page_incognito(
           web_contents->GetBrowserContext()->IsOffTheRecord());
 
       const prerender::PrerenderManager* prerender_manager =
-          prerender::PrerenderManagerFactory::GetForProfile(profile);
+          prerender::PrerenderManagerFactory::GetForProfile(profile_);
       if (prerender_manager &&
           prerender_manager->IsWebContentsPrerendering(web_contents, NULL))
         action->mutable_other()->SetBoolean(constants::kActionPrerender, true);
       for (std::set<std::string>::const_iterator it2 = it->second.begin();
            it2 != it->second.end();
            ++it2) {
         action->mutable_args()->AppendString(*it2);
       }
       LogAction(action);
     }
   }
 }
 
-void ActivityLog::OnApiEventDispatched(
-    const std::string& extension_id,
-    const std::string& event_name,
-    std::unique_ptr<base::ListValue> event_args) {
-  DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  scoped_refptr<Action> action = new Action(extension_id,
-                                            base::Time::Now(),
-                                            Action::ACTION_API_EVENT,
-                                            event_name);
-  action->set_args(std::move(event_args));
-  LogAction(action);
-}
-
-void ActivityLog::OnApiFunctionCalled(const std::string& extension_id,
-                                      const std::string& api_name,
-                                      std::unique_ptr<base::ListValue> args) {
-  DCHECK_CURRENTLY_ON(BrowserThread::UI);
-  scoped_refptr<Action> action = new Action(extension_id,
-                                            base::Time::Now(),
-                                            Action::ACTION_API_CALL,
-                                            api_name);
-  action->set_args(std::move(args));
-  LogAction(action);
-}
-
 // LOOKUP ACTIONS. -------------------------------------------------------------
 
 void ActivityLog::GetFilteredActions(
     const std::string& extension_id,
     const Action::ActionType type,
     const std::string& api_name,
     const std::string& page_url,
     const std::string& arg_url,
     const int daysAgo,
     const base::Callback<
@@ skipping 37 matching lines @@
   urls.push_back(url);
   RemoveURLs(urls);
 }
 
 void ActivityLog::DeleteDatabase() {
   if (!database_policy_)
     return;
   database_policy_->DeleteDatabase();
 }
 
+void ActivityLog::CheckActive() {
+  bool has_db = db_enabled_ && database_policy_;
+  ActivityLogState& state = g_activity_log_state.Get();
+  content::BrowserContext* off_the_record =
+      profile_->HasOffTheRecordProfile() ? profile_->GetOffTheRecordProfile()
+                                         : nullptr;
+  if (has_db || IsWatchdogAppActive()) {
+    if (is_active_)
+      return;  // Already enabled.
+    state.AddActiveContext(profile_);
+    if (off_the_record)
+      state.AddActiveContext(off_the_record);
+    registrar_.Add(this, chrome::NOTIFICATION_PROFILE_CREATED,
+                   content::NotificationService::AllSources());
+    registrar_.Add(this, chrome::NOTIFICATION_PROFILE_DESTROYED,
+                   content::NotificationService::AllSources());
+    is_active_ = true;
+  } else if (is_active_) {
+    state.RemoveActiveContext(profile_);
+    if (off_the_record)
+      state.RemoveActiveContext(off_the_record);
+    registrar_.RemoveAll();
+    is_active_ = false;
+  }
+}
+
+void ActivityLog::Observe(int type,
+                          const content::NotificationSource& source,
+                          const content::NotificationDetails& details) {
+  DCHECK(is_active_);
+  switch (type) {
+    case chrome::NOTIFICATION_PROFILE_CREATED: {
+      Profile* profile = content::Source<Profile>(source).ptr();
+      if (profile_->IsSameProfile(profile))
+        g_activity_log_state.Get().AddActiveContext(profile);
+      break;
+    }
+    case chrome::NOTIFICATION_PROFILE_DESTROYED: {
+      Profile* profile = content::Source<Profile>(source).ptr();
+      if (profile_->IsSameProfile(profile))
+        g_activity_log_state.Get().RemoveActiveContext(profile);
+      break;
+    }
+    default:
+      NOTREACHED();
+  }
+}
+
 template <>
 void BrowserContextKeyedAPIFactory<ActivityLog>::DeclareFactoryDependencies() {
   DependsOn(ExtensionsBrowserClient::Get()->GetExtensionSystemFactory());
   DependsOn(ExtensionRegistryFactory::GetInstance());
 }
 
 }  // namespace extensions