Communicate ExtensionSettings policy to renderers

chrome/browser/extensions/extension_service.cc

 // Copyright (c) 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/extensions/extension_service.h"
 
 #include <stddef.h>
 
 #include <algorithm>
 #include <iterator>
@@ skipping 848 matching lines @@
 
 void ExtensionService::EnableExtension(const std::string& extension_id) {
   CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
 
   if (IsExtensionEnabled(extension_id) ||
       extension_prefs_->IsExtensionBlacklisted(extension_id))
     return;
   const Extension* extension =
       registry_->disabled_extensions().GetByID(extension_id);
 
+  extensions::ExtensionManagement* management =
+      extensions::ExtensionManagementFactory::GetForBrowserContext(profile());
+
   ManagementPolicy* policy = system_->management_policy();
   if (extension && policy->MustRemainDisabled(extension, nullptr, nullptr)) {
     UMA_HISTOGRAM_COUNTS_100("Extensions.EnableDeniedByPolicy", 1);
     return;
   }
+  extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions(

[Devlin, 2017/01/26 22:47:39]

We seem to be calling this an awful lot.  We should instead be able to hook into
one or two places.

Basically, I'd expect that we can merge SetPolicyHostRestrictions with
PermissionsUpdater::InitializePermissions(), which is already called when the
extension is added.  We will have to update if we find a new policy, but
otherwise that should cover all our bases, right?

[nrpeter, 2017/02/03 19:32:24]

The call under CheckManagementPolicy handles the situation where the policy
changes and the renderers need the new policy so I think it makes sense to leave
it.

The calls under OnLoadedInstalledExtensions, AddExtension, EnableExtension were
unnecessary and I removed them.

The AddExtension call is covered by RendererStartupHelper::InitializeProcess. 

The EnableExtension and OnLoadedInstalledExtensions is covered by
RendererStartupHelper::OnExtensionLoaded which already communicates the
permissions to all existing renderers.

+      extension, management->GetRuntimeBlockedHosts(extension),
+      management->GetRuntimeAllowedHosts(extension),
+      management->UsesDefaultRuntimeHostRestrictions(extension));
 
   extension_prefs_->SetExtensionEnabled(extension_id);
 
   // This can happen if sync enables an extension that is not installed yet.
   if (!extension)
     return;
 
   // Move it over to the enabled list.
   registry_->AddEnabled(make_scoped_refptr(extension));
   registry_->RemoveDisabled(extension->id());
@@ skipping 321 matching lines @@
     if (!system_->management_policy()->UserMayLoad(extension.get(), nullptr))
       to_unload.push_back(extension->id());
     Extension::DisableReason disable_reason = Extension::DISABLE_NONE;
     if (system_->management_policy()->MustRemainDisabled(
             extension.get(), &disable_reason, nullptr))
       to_disable[extension->id()] = disable_reason;
   }
 
   extensions::ExtensionManagement* management =
       extensions::ExtensionManagementFactory::GetForBrowserContext(profile());
+  for (const auto& extension : registry_->enabled_extensions()) {
+    extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions(
+        extension.get(), management->GetRuntimeBlockedHosts(extension.get()),
+        management->GetRuntimeAllowedHosts(extension.get()),
+        management->UsesDefaultRuntimeHostRestrictions(extension.get()));
+  }
+  extensions::PermissionsUpdater(profile())
+      .SetDefaultPolicyHostRestrictions(
+          management->GetDefaultRuntimeBlockedHosts(),
+          management->GetDefaultRuntimeAllowedHosts());
 
   // Loop through the disabled extension list, find extensions to re-enable
   // automatically. These extensions are exclusive from the |to_disable| and
   // |to_unload| lists constructed above, since disabled_extensions() and
   // enabled_extensions() are supposed to be mutually exclusive.
   for (const auto& extension : registry_->disabled_extensions()) {
     // Find all disabled extensions disabled due to minimum version requirement,
     // but now satisfying it.
     if (management->CheckMinimumVersion(extension.get(), nullptr) &&
         extension_prefs_->HasDisableReason(
@@ skipping 211 matching lines @@
     updater_->Start();
 
   // Enable any Shared Modules that incorrectly got disabled previously.
   // This is temporary code to fix incorrect behavior from previous versions of
   // Chrome and can be removed after several releases (perhaps M60).
   extensions::ExtensionList to_enable;
   for (const auto& extension : registry_->disabled_extensions()) {
     if (SharedModuleInfo::IsSharedModule(extension.get()))
       to_enable.push_back(extension);
   }
+  extensions::ExtensionManagement* management =
+      extensions::ExtensionManagementFactory::GetForBrowserContext(profile());
+  extensions::PermissionsUpdater(profile())
+      .SetDefaultPolicyHostRestrictions(
+          management->GetDefaultRuntimeBlockedHosts(),
+          management->GetDefaultRuntimeAllowedHosts());
+
   for (const auto& extension : to_enable) {
     EnableExtension(extension->id());
   }
 
   OnBlacklistUpdated();
 }
 
 void ExtensionService::AddExtension(const Extension* extension) {
   // TODO(jstritar): We may be able to get rid of this branch by overriding the
   // default extension state to DISABLED when the --disable-extensions flag
   // is set (http://crbug.com/29067).
   if (!extensions_enabled() && !extension->is_theme() &&
       extension->location() != Manifest::COMPONENT &&
       !Manifest::IsExternalLocation(extension->location()) &&
       disable_flag_exempted_extensions_.count(extension->id()) == 0) {
     return;
   }
 
+  extensions::ExtensionManagement* settings =
+      extensions::ExtensionManagementFactory::GetForBrowserContext(profile());
+  DCHECK(settings);
+  extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions(
+      extension, settings->GetRuntimeBlockedHosts(extension),
+      settings->GetRuntimeAllowedHosts(extension),
+      settings->UsesDefaultRuntimeHostRestrictions(extension));
+
   bool is_extension_upgrade = false;
   bool is_extension_loaded = false;
   const Extension* old = GetInstalledExtension(extension->id());
   if (old) {
     is_extension_loaded = true;
     int version_compare_result =
         extension->version()->CompareTo(*(old->version()));
     is_extension_upgrade = version_compare_result > 0;
     // Other than for unpacked extensions, CrxInstaller should have guaranteed
     // that we aren't downgrading.
@@ skipping 1003 matching lines @@
 }
 
 void ExtensionService::OnProfileDestructionStarted() {
   ExtensionIdSet ids_to_unload = registry_->enabled_extensions().GetIDs();
   for (ExtensionIdSet::iterator it = ids_to_unload.begin();
        it != ids_to_unload.end();
        ++it) {
     UnloadExtension(*it, UnloadedExtensionInfo::REASON_PROFILE_SHUTDOWN);
   }
 }