Chromium Code Reviews Chromium Code Reviews
Issue 2306143002:
Plumbing for login apps device policy to extensions. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/extensions/extension_management.h" | 5 #include "chrome/browser/extensions/extension_management.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 44 "ExtensionManagement::ExtensionManagement::ctor"); | 44 "ExtensionManagement::ExtensionManagement::ctor"); |
| 45 pref_change_registrar_.Init(pref_service_); | 45 pref_change_registrar_.Init(pref_service_); |
| 46 base::Closure pref_change_callback = base::Bind( | 46 base::Closure pref_change_callback = base::Bind( |
| 47 &ExtensionManagement::OnExtensionPrefChanged, base::Unretained(this)); | 47 &ExtensionManagement::OnExtensionPrefChanged, base::Unretained(this)); |
| 48 pref_change_registrar_.Add(pref_names::kInstallAllowList, | 48 pref_change_registrar_.Add(pref_names::kInstallAllowList, |
| 49 pref_change_callback); | 49 pref_change_callback); |
| 50 pref_change_registrar_.Add(pref_names::kInstallDenyList, | 50 pref_change_registrar_.Add(pref_names::kInstallDenyList, |
| 51 pref_change_callback); | 51 pref_change_callback); |
| 52 pref_change_registrar_.Add(pref_names::kInstallForceList, | 52 pref_change_registrar_.Add(pref_names::kInstallForceList, |
| 53 pref_change_callback); | 53 pref_change_callback); |
| 54 pref_change_registrar_.Add(pref_names::kInstallSigninList, | |
| 55 pref_change_callback); | |
| 54 pref_change_registrar_.Add(pref_names::kAllowedInstallSites, | 56 pref_change_registrar_.Add(pref_names::kAllowedInstallSites, |
| 55 pref_change_callback); | 57 pref_change_callback); |
| 56 pref_change_registrar_.Add(pref_names::kAllowedTypes, pref_change_callback); | 58 pref_change_registrar_.Add(pref_names::kAllowedTypes, pref_change_callback); |
| 57 pref_change_registrar_.Add(pref_names::kExtensionManagement, | 59 pref_change_registrar_.Add(pref_names::kExtensionManagement, |
| 58 pref_change_callback); | 60 pref_change_callback); |
| 59 // Note that both |global_settings_| and |default_settings_| will be null | 61 // Note that both |global_settings_| and |default_settings_| will be null |
| 60 // before first call to Refresh(), so in order to resolve this, Refresh() must | 62 // before first call to Refresh(), so in order to resolve this, Refresh() must |
| 61 // be called in the initialization of ExtensionManagement. | 63 // be called in the initialization of ExtensionManagement. |
| 62 Refresh(); | 64 Refresh(); |
| 63 providers_.push_back( | 65 providers_.push_back( |
| (...skipping 39 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 103 &update_url)) { | 105 &update_url)) { |
| 104 auto iter_update_url = settings_by_update_url_.find(update_url); | 106 auto iter_update_url = settings_by_update_url_.find(update_url); |
| 105 if (iter_update_url != settings_by_update_url_.end()) | 107 if (iter_update_url != settings_by_update_url_.end()) |
| 106 return iter_update_url->second->installation_mode; | 108 return iter_update_url->second->installation_mode; |
| 107 } | 109 } |
| 108 // Fall back to default installation mode setting. | 110 // Fall back to default installation mode setting. |
| 109 return default_settings_->installation_mode; | 111 return default_settings_->installation_mode; |
| 110 } | 112 } |
| 111 | 113 |
| 112 std::unique_ptr<base::DictionaryValue> | 114 std::unique_ptr<base::DictionaryValue> |
| 115 ExtensionManagement::GetInstallListByMode( | |
| 116 InstallationMode installation_mode) const { | |
| 117 std::unique_ptr<base::DictionaryValue> extension_dict( | |
| 118 new base::DictionaryValue); | |
|
Devlin
2017/03/01 16:15:00
prefer base::MakeUnique
| |
| 119 for (const SettingsIdMap::value_type& it : settings_by_id_) { | |
|
Devlin
2017/03/01 16:15:00
nit: I'd say using const auto& here is just as rea
| |
| 120 if (it.second->installation_mode == installation_mode) { | |
| 121 ExternalPolicyLoader::AddExtension(extension_dict.get(), it.first, | |
| 122 it.second->update_url); | |
| 123 } | |
| 124 } | |
| 125 return extension_dict; | |
| 126 } | |
| 127 | |
| 128 std::unique_ptr<base::DictionaryValue> | |
| 113 ExtensionManagement::GetForceInstallList() const { | 129 ExtensionManagement::GetForceInstallList() const { |
| 114 std::unique_ptr<base::DictionaryValue> install_list( | 130 return GetInstallListByMode(INSTALLATION_FORCED); |
| 115 new base::DictionaryValue()); | |
| 116 for (SettingsIdMap::const_iterator it = settings_by_id_.begin(); | |
| 117 it != settings_by_id_.end(); | |
| 118 ++it) { | |
| 119 if (it->second->installation_mode == INSTALLATION_FORCED) { | |
| 120 ExternalPolicyLoader::AddExtension( | |
| 121 install_list.get(), it->first, it->second->update_url); | |
| 122 } | |
| 123 } | |
| 124 return install_list; | |
| 125 } | 131 } |
| 126 | 132 |
| 127 std::unique_ptr<base::DictionaryValue> | 133 std::unique_ptr<base::DictionaryValue> |
| 128 ExtensionManagement::GetRecommendedInstallList() const { | 134 ExtensionManagement::GetRecommendedInstallList() const { |
| 129 std::unique_ptr<base::DictionaryValue> install_list( | 135 return GetInstallListByMode(INSTALLATION_RECOMMENDED); |
| 130 new base::DictionaryValue()); | |
| 131 for (SettingsIdMap::const_iterator it = settings_by_id_.begin(); | |
| 132 it != settings_by_id_.end(); | |
| 133 ++it) { | |
| 134 if (it->second->installation_mode == INSTALLATION_RECOMMENDED) { | |
| 135 ExternalPolicyLoader::AddExtension( | |
| 136 install_list.get(), it->first, it->second->update_url); | |
| 137 } | |
| 138 } | |
| 139 return install_list; | |
| 140 } | 136 } |
| 141 | 137 |
| 142 bool ExtensionManagement::IsInstallationExplicitlyAllowed( | 138 bool ExtensionManagement::IsInstallationExplicitlyAllowed( |
| 143 const ExtensionId& id) const { | 139 const ExtensionId& id) const { |
| 144 SettingsIdMap::const_iterator it = settings_by_id_.find(id); | 140 SettingsIdMap::const_iterator it = settings_by_id_.find(id); |
| 145 // No settings explicitly specified for |id|. | 141 // No settings explicitly specified for |id|. |
| 146 if (it == settings_by_id_.end()) | 142 if (it == settings_by_id_.end()) |
| 147 return false; | 143 return false; |
| 148 // Checks if the extension is on the automatically installed list or | 144 // Checks if the extension is on the automatically installed list or |
| 149 // install white-list. | 145 // install white-list. |
| (...skipping 102 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 252 static_cast<const base::ListValue*>(LoadPreference( | 248 static_cast<const base::ListValue*>(LoadPreference( |
| 253 pref_names::kInstallAllowList, true, base::Value::TYPE_LIST)); | 249 pref_names::kInstallAllowList, true, base::Value::TYPE_LIST)); |
| 254 // Allow user to use preference to block certain extensions. Note that policy | 250 // Allow user to use preference to block certain extensions. Note that policy |
| 255 // managed forcelist or whitelist will always override this. | 251 // managed forcelist or whitelist will always override this. |
| 256 const base::ListValue* denied_list_pref = | 252 const base::ListValue* denied_list_pref = |
| 257 static_cast<const base::ListValue*>(LoadPreference( | 253 static_cast<const base::ListValue*>(LoadPreference( |
| 258 pref_names::kInstallDenyList, false, base::Value::TYPE_LIST)); | 254 pref_names::kInstallDenyList, false, base::Value::TYPE_LIST)); |
| 259 const base::DictionaryValue* forced_list_pref = | 255 const base::DictionaryValue* forced_list_pref = |
| 260 static_cast<const base::DictionaryValue*>(LoadPreference( | 256 static_cast<const base::DictionaryValue*>(LoadPreference( |
| 261 pref_names::kInstallForceList, true, base::Value::TYPE_DICTIONARY)); | 257 pref_names::kInstallForceList, true, base::Value::TYPE_DICTIONARY)); |
| 258 const base::DictionaryValue* signin_list_pref = | |
| 259 static_cast<const base::DictionaryValue*>(LoadPreference( | |
| 260 pref_names::kInstallSigninList, true, base::Value::TYPE_DICTIONARY)); | |
| 262 const base::ListValue* install_sources_pref = | 261 const base::ListValue* install_sources_pref = |
| 263 static_cast<const base::ListValue*>(LoadPreference( | 262 static_cast<const base::ListValue*>(LoadPreference( |
| 264 pref_names::kAllowedInstallSites, true, base::Value::TYPE_LIST)); | 263 pref_names::kAllowedInstallSites, true, base::Value::TYPE_LIST)); |
| 265 const base::ListValue* allowed_types_pref = | 264 const base::ListValue* allowed_types_pref = |
| 266 static_cast<const base::ListValue*>(LoadPreference( | 265 static_cast<const base::ListValue*>(LoadPreference( |
| 267 pref_names::kAllowedTypes, true, base::Value::TYPE_LIST)); | 266 pref_names::kAllowedTypes, true, base::Value::TYPE_LIST)); |
| 268 const base::DictionaryValue* dict_pref = | 267 const base::DictionaryValue* dict_pref = |
| 269 static_cast<const base::DictionaryValue*>( | 268 static_cast<const base::DictionaryValue*>( |
| 270 LoadPreference(pref_names::kExtensionManagement, | 269 LoadPreference(pref_names::kExtensionManagement, |
| 271 true, | 270 true, |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 312 } | 311 } |
| 313 | 312 |
| 314 if (denied_list_pref) { | 313 if (denied_list_pref) { |
| 315 for (base::ListValue::const_iterator it = denied_list_pref->begin(); | 314 for (base::ListValue::const_iterator it = denied_list_pref->begin(); |
| 316 it != denied_list_pref->end(); ++it) { | 315 it != denied_list_pref->end(); ++it) { |
| 317 if ((*it)->GetAsString(&id) && crx_file::id_util::IdIsValid(id)) | 316 if ((*it)->GetAsString(&id) && crx_file::id_util::IdIsValid(id)) |
| 318 AccessById(id)->installation_mode = INSTALLATION_BLOCKED; | 317 AccessById(id)->installation_mode = INSTALLATION_BLOCKED; |
| 319 } | 318 } |
| 320 } | 319 } |
| 321 | 320 |
| 322 if (forced_list_pref) { | 321 UpdateForcedExtensions(forced_list_pref); |
| 323 std::string update_url; | 322 UpdateForcedExtensions(signin_list_pref); |
| 324 for (base::DictionaryValue::Iterator it(*forced_list_pref); !it.IsAtEnd(); | |
| 325 it.Advance()) { | |
| 326 if (!crx_file::id_util::IdIsValid(it.key())) | |
| 327 continue; | |
| 328 const base::DictionaryValue* dict_value = NULL; | |
| 329 if (it.value().GetAsDictionary(&dict_value) && | |
| 330 dict_value->GetStringWithoutPathExpansion( | |
| 331 ExternalProviderImpl::kExternalUpdateUrl, &update_url)) { | |
| 332 internal::IndividualSettings* by_id = AccessById(it.key()); | |
| 333 by_id->installation_mode = INSTALLATION_FORCED; | |
| 334 by_id->update_url = update_url; | |
| 335 } | |
| 336 } | |
| 337 } | |
| 338 | 323 |
| 339 if (install_sources_pref) { | 324 if (install_sources_pref) { |
| 340 global_settings_->has_restricted_install_sources = true; | 325 global_settings_->has_restricted_install_sources = true; |
| 341 for (base::ListValue::const_iterator it = install_sources_pref->begin(); | 326 for (base::ListValue::const_iterator it = install_sources_pref->begin(); |
| 342 it != install_sources_pref->end(); ++it) { | 327 it != install_sources_pref->end(); ++it) { |
| 343 std::string url_pattern; | 328 std::string url_pattern; |
| 344 if ((*it)->GetAsString(&url_pattern)) { | 329 if ((*it)->GetAsString(&url_pattern)) { |
| 345 URLPattern entry(URLPattern::SCHEME_ALL); | 330 URLPattern entry(URLPattern::SCHEME_ALL); |
| 346 if (entry.Parse(url_pattern) == URLPattern::PARSE_SUCCESS) { | 331 if (entry.Parse(url_pattern) == URLPattern::PARSE_SUCCESS) { |
| 347 global_settings_->install_sources.AddPattern(entry); | 332 global_settings_->install_sources.AddPattern(entry); |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 435 void ExtensionManagement::OnExtensionPrefChanged() { | 420 void ExtensionManagement::OnExtensionPrefChanged() { |
| 436 Refresh(); | 421 Refresh(); |
| 437 NotifyExtensionManagementPrefChanged(); | 422 NotifyExtensionManagementPrefChanged(); |
| 438 } | 423 } |
| 439 | 424 |
| 440 void ExtensionManagement::NotifyExtensionManagementPrefChanged() { | 425 void ExtensionManagement::NotifyExtensionManagementPrefChanged() { |
| 441 for (auto& observer : observer_list_) | 426 for (auto& observer : observer_list_) |
| 442 observer.OnExtensionManagementSettingsChanged(); | 427 observer.OnExtensionManagementSettingsChanged(); |
| 443 } | 428 } |
| 444 | 429 |
| 430 void ExtensionManagement::UpdateForcedExtensions( | |
| 431 const base::DictionaryValue* extension_dict) { | |
| 432 if (!extension_dict) | |
| 433 return; | |
| 434 | |
| 435 std::string update_url; | |
| 436 for (base::DictionaryValue::Iterator it(*extension_dict); !it.IsAtEnd(); | |
| 437 it.Advance()) { | |
| 438 if (!crx_file::id_util::IdIsValid(it.key())) | |
| 439 continue; | |
| 440 const base::DictionaryValue* dict_value = nullptr; | |
| 441 if (it.value().GetAsDictionary(&dict_value) && | |
| 442 dict_value->GetStringWithoutPathExpansion( | |
| 443 ExternalProviderImpl::kExternalUpdateUrl, &update_url)) { | |
| 444 internal::IndividualSettings* by_id = AccessById(it.key()); | |
| 445 by_id->installation_mode = INSTALLATION_FORCED; | |
| 446 by_id->update_url = update_url; | |
| 447 } | |
| 448 } | |
| 449 } | |
| 450 | |
| 445 internal::IndividualSettings* ExtensionManagement::AccessById( | 451 internal::IndividualSettings* ExtensionManagement::AccessById( |
| 446 const ExtensionId& id) { | 452 const ExtensionId& id) { |
| 447 DCHECK(crx_file::id_util::IdIsValid(id)) << "Invalid ID: " << id; | 453 DCHECK(crx_file::id_util::IdIsValid(id)) << "Invalid ID: " << id; |
| 448 SettingsIdMap::iterator it = settings_by_id_.find(id); | 454 SettingsIdMap::iterator it = settings_by_id_.find(id); |
| 449 if (it == settings_by_id_.end()) { | 455 if (it == settings_by_id_.end()) { |
| 450 std::unique_ptr<internal::IndividualSettings> settings( | 456 std::unique_ptr<internal::IndividualSettings> settings( |
| 451 new internal::IndividualSettings(default_settings_.get())); | 457 new internal::IndividualSettings(default_settings_.get())); |
| 452 it = settings_by_id_.add(id, std::move(settings)).first; | 458 it = settings_by_id_.add(id, std::move(settings)).first; |
| 453 } | 459 } |
| 454 return it->second; | 460 return it->second; |
| (...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 497 content::BrowserContext* context) const { | 503 content::BrowserContext* context) const { |
| 498 return chrome::GetBrowserContextRedirectedInIncognito(context); | 504 return chrome::GetBrowserContextRedirectedInIncognito(context); |
| 499 } | 505 } |
| 500 | 506 |
| 501 void ExtensionManagementFactory::RegisterProfilePrefs( | 507 void ExtensionManagementFactory::RegisterProfilePrefs( |
| 502 user_prefs::PrefRegistrySyncable* user_prefs) { | 508 user_prefs::PrefRegistrySyncable* user_prefs) { |
| 503 user_prefs->RegisterDictionaryPref(pref_names::kExtensionManagement); | 509 user_prefs->RegisterDictionaryPref(pref_names::kExtensionManagement); |
| 504 } | 510 } |
| 505 | 511 |
| 506 } // namespace extensions | 512 } // namespace extensions |
| OLD | NEW |
