Chromium Code Reviews Chromium Code Reviews
Issue 2144313002:
Plumbing for login apps device policy to extensions. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_management.h" | 5 #include "chrome/browser/extensions/extension_management.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 32 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 43 "ExtensionManagement::ExtensionManagement::ctor"); | 43 "ExtensionManagement::ExtensionManagement::ctor"); |
| 44 pref_change_registrar_.Init(pref_service_); | 44 pref_change_registrar_.Init(pref_service_); |
| 45 base::Closure pref_change_callback = base::Bind( | 45 base::Closure pref_change_callback = base::Bind( |
| 46 &ExtensionManagement::OnExtensionPrefChanged, base::Unretained(this)); | 46 &ExtensionManagement::OnExtensionPrefChanged, base::Unretained(this)); |
| 47 pref_change_registrar_.Add(pref_names::kInstallAllowList, | 47 pref_change_registrar_.Add(pref_names::kInstallAllowList, |
| 48 pref_change_callback); | 48 pref_change_callback); |
| 49 pref_change_registrar_.Add(pref_names::kInstallDenyList, | 49 pref_change_registrar_.Add(pref_names::kInstallDenyList, |
| 50 pref_change_callback); | 50 pref_change_callback); |
| 51 pref_change_registrar_.Add(pref_names::kInstallForceList, | 51 pref_change_registrar_.Add(pref_names::kInstallForceList, |
| 52 pref_change_callback); | 52 pref_change_callback); |
| 53 pref_change_registrar_.Add(pref_names::kInstallLoginList, | |
| 54 pref_change_callback); | |
| 53 pref_change_registrar_.Add(pref_names::kAllowedInstallSites, | 55 pref_change_registrar_.Add(pref_names::kAllowedInstallSites, |
| 54 pref_change_callback); | 56 pref_change_callback); |
| 55 pref_change_registrar_.Add(pref_names::kAllowedTypes, pref_change_callback); | 57 pref_change_registrar_.Add(pref_names::kAllowedTypes, pref_change_callback); |
| 56 pref_change_registrar_.Add(pref_names::kExtensionManagement, | 58 pref_change_registrar_.Add(pref_names::kExtensionManagement, |
| 57 pref_change_callback); | 59 pref_change_callback); |
| 58 // Note that both |global_settings_| and |default_settings_| will be null | 60 // Note that both |global_settings_| and |default_settings_| will be null |
| 59 // before first call to Refresh(), so in order to resolve this, Refresh() must | 61 // before first call to Refresh(), so in order to resolve this, Refresh() must |
| 60 // be called in the initialization of ExtensionManagement. | 62 // be called in the initialization of ExtensionManagement. |
| 61 Refresh(); | 63 Refresh(); |
| 62 providers_.push_back(new StandardManagementPolicyProvider(this)); | 64 providers_.push_back(new StandardManagementPolicyProvider(this)); |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 100 &update_url)) { | 102 &update_url)) { |
| 101 auto iter_update_url = settings_by_update_url_.find(update_url); | 103 auto iter_update_url = settings_by_update_url_.find(update_url); |
| 102 if (iter_update_url != settings_by_update_url_.end()) | 104 if (iter_update_url != settings_by_update_url_.end()) |
| 103 return iter_update_url->second->installation_mode; | 105 return iter_update_url->second->installation_mode; |
| 104 } | 106 } |
| 105 // Fall back to default installation mode setting. | 107 // Fall back to default installation mode setting. |
| 106 return default_settings_->installation_mode; | 108 return default_settings_->installation_mode; |
| 107 } | 109 } |
| 108 | 110 |
| 109 std::unique_ptr<base::DictionaryValue> | 111 std::unique_ptr<base::DictionaryValue> |
| 112 ExtensionManagement::GetInstallListByMode( | |
| 113 InstallationMode installation_mode) const { | |
| 114 std::unique_ptr<base::DictionaryValue> extension_dict( | |
| 115 new base::DictionaryValue); | |
| 116 for (const SettingsIdMap::value_type& it : settings_by_id_) { | |
| 117 if (it.second->installation_mode == installation_mode) { | |
| 118 ExternalPolicyLoader::AddExtension(extension_dict.get(), it.first, | |
| 119 it.second->update_url); | |
| 120 } | |
| 121 } | |
| 122 return extension_dict; | |
| 123 } | |
| 124 | |
| 125 std::unique_ptr<base::DictionaryValue> | |
| 110 ExtensionManagement::GetForceInstallList() const { | 126 ExtensionManagement::GetForceInstallList() const { |
| 111 std::unique_ptr<base::DictionaryValue> install_list( | 127 return GetInstallListByMode(INSTALLATION_FORCED); |
| 112 new base::DictionaryValue()); | |
| 113 for (SettingsIdMap::const_iterator it = settings_by_id_.begin(); | |
| 114 it != settings_by_id_.end(); | |
| 115 ++it) { | |
| 116 if (it->second->installation_mode == INSTALLATION_FORCED) { | |
| 117 ExternalPolicyLoader::AddExtension( | |
| 118 install_list.get(), it->first, it->second->update_url); | |
| 119 } | |
| 120 } | |
| 121 return install_list; | |
| 122 } | 128 } |
| 123 | 129 |
| 124 std::unique_ptr<base::DictionaryValue> | 130 std::unique_ptr<base::DictionaryValue> |
| 125 ExtensionManagement::GetRecommendedInstallList() const { | 131 ExtensionManagement::GetRecommendedInstallList() const { |
| 126 std::unique_ptr<base::DictionaryValue> install_list( | 132 return GetInstallListByMode(INSTALLATION_RECOMMENDED); |
| 127 new base::DictionaryValue()); | |
| 128 for (SettingsIdMap::const_iterator it = settings_by_id_.begin(); | |
| 129 it != settings_by_id_.end(); | |
| 130 ++it) { | |
| 131 if (it->second->installation_mode == INSTALLATION_RECOMMENDED) { | |
| 132 ExternalPolicyLoader::AddExtension( | |
| 133 install_list.get(), it->first, it->second->update_url); | |
| 134 } | |
| 135 } | |
| 136 return install_list; | |
| 137 } | 133 } |
| 138 | 134 |
| 139 bool ExtensionManagement::IsInstallationExplicitlyAllowed( | 135 bool ExtensionManagement::IsInstallationExplicitlyAllowed( |
| 140 const ExtensionId& id) const { | 136 const ExtensionId& id) const { |
| 141 SettingsIdMap::const_iterator it = settings_by_id_.find(id); | 137 SettingsIdMap::const_iterator it = settings_by_id_.find(id); |
| 142 // No settings explicitly specified for |id|. | 138 // No settings explicitly specified for |id|. |
| 143 if (it == settings_by_id_.end()) | 139 if (it == settings_by_id_.end()) |
| 144 return false; | 140 return false; |
| 145 // Checks if the extension is on the automatically installed list or | 141 // Checks if the extension is on the automatically installed list or |
| 146 // install white-list. | 142 // install white-list. |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 249 static_cast<const base::ListValue*>(LoadPreference( | 245 static_cast<const base::ListValue*>(LoadPreference( |
| 250 pref_names::kInstallAllowList, true, base::Value::TYPE_LIST)); | 246 pref_names::kInstallAllowList, true, base::Value::TYPE_LIST)); |
| 251 // Allow user to use preference to block certain extensions. Note that policy | 247 // Allow user to use preference to block certain extensions. Note that policy |
| 252 // managed forcelist or whitelist will always override this. | 248 // managed forcelist or whitelist will always override this. |
| 253 const base::ListValue* denied_list_pref = | 249 const base::ListValue* denied_list_pref = |
| 254 static_cast<const base::ListValue*>(LoadPreference( | 250 static_cast<const base::ListValue*>(LoadPreference( |
| 255 pref_names::kInstallDenyList, false, base::Value::TYPE_LIST)); | 251 pref_names::kInstallDenyList, false, base::Value::TYPE_LIST)); |
| 256 const base::DictionaryValue* forced_list_pref = | 252 const base::DictionaryValue* forced_list_pref = |
| 257 static_cast<const base::DictionaryValue*>(LoadPreference( | 253 static_cast<const base::DictionaryValue*>(LoadPreference( |
| 258 pref_names::kInstallForceList, true, base::Value::TYPE_DICTIONARY)); | 254 pref_names::kInstallForceList, true, base::Value::TYPE_DICTIONARY)); |
| 255 const base::DictionaryValue* login_list_pref = | |
| 256 static_cast<const base::DictionaryValue*>(LoadPreference( | |
| 257 pref_names::kInstallLoginList, true, base::Value::TYPE_DICTIONARY)); | |
| 259 const base::ListValue* install_sources_pref = | 258 const base::ListValue* install_sources_pref = |
| 260 static_cast<const base::ListValue*>(LoadPreference( | 259 static_cast<const base::ListValue*>(LoadPreference( |
| 261 pref_names::kAllowedInstallSites, true, base::Value::TYPE_LIST)); | 260 pref_names::kAllowedInstallSites, true, base::Value::TYPE_LIST)); |
| 262 const base::ListValue* allowed_types_pref = | 261 const base::ListValue* allowed_types_pref = |
| 263 static_cast<const base::ListValue*>(LoadPreference( | 262 static_cast<const base::ListValue*>(LoadPreference( |
| 264 pref_names::kAllowedTypes, true, base::Value::TYPE_LIST)); | 263 pref_names::kAllowedTypes, true, base::Value::TYPE_LIST)); |
| 265 const base::DictionaryValue* dict_pref = | 264 const base::DictionaryValue* dict_pref = |
| 266 static_cast<const base::DictionaryValue*>( | 265 static_cast<const base::DictionaryValue*>( |
| 267 LoadPreference(pref_names::kExtensionManagement, | 266 LoadPreference(pref_names::kExtensionManagement, |
| 268 true, | 267 true, |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 309 } | 308 } |
| 310 | 309 |
| 311 if (denied_list_pref) { | 310 if (denied_list_pref) { |
| 312 for (base::ListValue::const_iterator it = denied_list_pref->begin(); | 311 for (base::ListValue::const_iterator it = denied_list_pref->begin(); |
| 313 it != denied_list_pref->end(); ++it) { | 312 it != denied_list_pref->end(); ++it) { |
| 314 if ((*it)->GetAsString(&id) && crx_file::id_util::IdIsValid(id)) | 313 if ((*it)->GetAsString(&id) && crx_file::id_util::IdIsValid(id)) |
| 315 AccessById(id)->installation_mode = INSTALLATION_BLOCKED; | 314 AccessById(id)->installation_mode = INSTALLATION_BLOCKED; |
| 316 } | 315 } |
| 317 } | 316 } |
| 318 | 317 |
| 319 if (forced_list_pref) { | 318 UpdateForcedExtensions(forced_list_pref); |
| 320 std::string update_url; | 319 UpdateForcedExtensions(login_list_pref); |
|
emaxx
2016/07/15 13:22:31
I think this line should be performed only if the
achuithb
2016/07/21 00:16:05
Done.
| |
| 321 for (base::DictionaryValue::Iterator it(*forced_list_pref); !it.IsAtEnd(); | |
| 322 it.Advance()) { | |
| 323 if (!crx_file::id_util::IdIsValid(it.key())) | |
| 324 continue; | |
| 325 const base::DictionaryValue* dict_value = NULL; | |
| 326 if (it.value().GetAsDictionary(&dict_value) && | |
| 327 dict_value->GetStringWithoutPathExpansion( | |
| 328 ExternalProviderImpl::kExternalUpdateUrl, &update_url)) { | |
| 329 internal::IndividualSettings* by_id = AccessById(it.key()); | |
| 330 by_id->installation_mode = INSTALLATION_FORCED; | |
| 331 by_id->update_url = update_url; | |
| 332 } | |
| 333 } | |
| 334 } | |
| 335 | 320 |
| 336 if (install_sources_pref) { | 321 if (install_sources_pref) { |
| 337 global_settings_->has_restricted_install_sources = true; | 322 global_settings_->has_restricted_install_sources = true; |
| 338 for (base::ListValue::const_iterator it = install_sources_pref->begin(); | 323 for (base::ListValue::const_iterator it = install_sources_pref->begin(); |
| 339 it != install_sources_pref->end(); ++it) { | 324 it != install_sources_pref->end(); ++it) { |
| 340 std::string url_pattern; | 325 std::string url_pattern; |
| 341 if ((*it)->GetAsString(&url_pattern)) { | 326 if ((*it)->GetAsString(&url_pattern)) { |
| 342 URLPattern entry(URLPattern::SCHEME_ALL); | 327 URLPattern entry(URLPattern::SCHEME_ALL); |
| 343 if (entry.Parse(url_pattern) == URLPattern::PARSE_SUCCESS) { | 328 if (entry.Parse(url_pattern) == URLPattern::PARSE_SUCCESS) { |
| 344 global_settings_->install_sources.AddPattern(entry); | 329 global_settings_->install_sources.AddPattern(entry); |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 432 void ExtensionManagement::OnExtensionPrefChanged() { | 417 void ExtensionManagement::OnExtensionPrefChanged() { |
| 433 Refresh(); | 418 Refresh(); |
| 434 NotifyExtensionManagementPrefChanged(); | 419 NotifyExtensionManagementPrefChanged(); |
| 435 } | 420 } |
| 436 | 421 |
| 437 void ExtensionManagement::NotifyExtensionManagementPrefChanged() { | 422 void ExtensionManagement::NotifyExtensionManagementPrefChanged() { |
| 438 FOR_EACH_OBSERVER( | 423 FOR_EACH_OBSERVER( |
| 439 Observer, observer_list_, OnExtensionManagementSettingsChanged()); | 424 Observer, observer_list_, OnExtensionManagementSettingsChanged()); |
| 440 } | 425 } |
| 441 | 426 |
| 427 void ExtensionManagement::UpdateForcedExtensions( | |
| 428 const base::DictionaryValue* extension_dict) { | |
| 429 if (!extension_dict) | |
| 430 return; | |
| 431 | |
| 432 std::string update_url; | |
| 433 for (base::DictionaryValue::Iterator it(*extension_dict); !it.IsAtEnd(); | |
| 434 it.Advance()) { | |
| 435 if (!crx_file::id_util::IdIsValid(it.key())) | |
| 436 continue; | |
| 437 const base::DictionaryValue* dict_value = nullptr; | |
| 438 if (it.value().GetAsDictionary(&dict_value) && | |
| 439 dict_value->GetStringWithoutPathExpansion( | |
| 440 ExternalProviderImpl::kExternalUpdateUrl, &update_url)) { | |
| 441 internal::IndividualSettings* by_id = AccessById(it.key()); | |
| 442 by_id->installation_mode = INSTALLATION_FORCED; | |
| 443 by_id->update_url = update_url; | |
| 444 } | |
| 445 } | |
| 446 } | |
| 447 | |
| 442 internal::IndividualSettings* ExtensionManagement::AccessById( | 448 internal::IndividualSettings* ExtensionManagement::AccessById( |
| 443 const ExtensionId& id) { | 449 const ExtensionId& id) { |
| 444 DCHECK(crx_file::id_util::IdIsValid(id)) << "Invalid ID: " << id; | 450 DCHECK(crx_file::id_util::IdIsValid(id)) << "Invalid ID: " << id; |
| 445 SettingsIdMap::iterator it = settings_by_id_.find(id); | 451 SettingsIdMap::iterator it = settings_by_id_.find(id); |
| 446 if (it == settings_by_id_.end()) { | 452 if (it == settings_by_id_.end()) { |
| 447 std::unique_ptr<internal::IndividualSettings> settings( | 453 std::unique_ptr<internal::IndividualSettings> settings( |
| 448 new internal::IndividualSettings(default_settings_.get())); | 454 new internal::IndividualSettings(default_settings_.get())); |
| 449 it = settings_by_id_.add(id, std::move(settings)).first; | 455 it = settings_by_id_.add(id, std::move(settings)).first; |
| 450 } | 456 } |
| 451 return it->second; | 457 return it->second; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 494 content::BrowserContext* context) const { | 500 content::BrowserContext* context) const { |
| 495 return chrome::GetBrowserContextRedirectedInIncognito(context); | 501 return chrome::GetBrowserContextRedirectedInIncognito(context); |
| 496 } | 502 } |
| 497 | 503 |
| 498 void ExtensionManagementFactory::RegisterProfilePrefs( | 504 void ExtensionManagementFactory::RegisterProfilePrefs( |
| 499 user_prefs::PrefRegistrySyncable* user_prefs) { | 505 user_prefs::PrefRegistrySyncable* user_prefs) { |
| 500 user_prefs->RegisterDictionaryPref(pref_names::kExtensionManagement); | 506 user_prefs->RegisterDictionaryPref(pref_names::kExtensionManagement); |
| 501 } | 507 } |
| 502 | 508 |
| 503 } // namespace extensions | 509 } // namespace extensions |
| OLD | NEW |
