| Index: extensions/common/permissions/permissions_data.h
|
| diff --git a/extensions/common/permissions/permissions_data.h b/extensions/common/permissions/permissions_data.h
|
| index 3b87e79bc393161819710e7d8cca9703cc0857e2..a1390e9d81fa17804655fa94fcb482b0af6e464c 100644
|
| --- a/extensions/common/permissions/permissions_data.h
|
| +++ b/extensions/common/permissions/permissions_data.h
|
| @@ -82,6 +82,13 @@ class PermissionsData {
|
| const Extension* extension,
|
| std::string* error);
|
|
|
| + // Check if a specific URL is blocked by policy from extension use at runtime.
|
| + bool IsRuntimeBlockedHost(const GURL& url) const;
|
| +
|
| + // Is this extension using the default scope for runtime_blocked_hosts and
|
| + // runtime_allowed_hosts of the ExtensionSettings policy.
|
| + bool IsRuntimeBlockedAllowedHostsDefault() const;
|
| +
|
| // Locks the permissions data to the current thread. We don't do this on
|
| // construction, since extensions are initialized across multiple threads.
|
| void BindToCurrentThread() const;
|
| @@ -91,6 +98,17 @@ class PermissionsData {
|
| void SetPermissions(std::unique_ptr<const PermissionSet> active,
|
| std::unique_ptr<const PermissionSet> withheld) const;
|
|
|
| + // Sets the runtime policy of the given |extension|.
|
| + void SetRuntimeBlockedAllowedHosts(
|
| + const URLPatternSet runtime_blocked_hosts,
|
| + const URLPatternSet runtime_allowed_hosts,
|
| + const bool is_default_runtime_blocked_allowed_hosts) const;
|
| +
|
| + // Sets the default runtime policy.
|
| + static void SetDefaultRuntimeBlockedAllowedHosts(
|
| + const URLPatternSet default_runtime_blocked_hosts,
|
| + const URLPatternSet default_runtime_allowed_hosts);
|
| +
|
| // Sets the active permissions, leaving withheld the same.
|
| void SetActivePermissions(std::unique_ptr<const PermissionSet> active) const;
|
|
|
| @@ -201,6 +219,20 @@ class PermissionsData {
|
| return *withheld_permissions_unsafe_;
|
| }
|
|
|
| + // Returns list of hosts this extension may not interact with by policy.
|
| + static const URLPatternSet& default_runtime_blocked_hosts();
|
| +
|
| + // Returns list of hosts this extension may interact with regardless of
|
| + // what is defined by runtime_blocked_hosts().
|
| + static const URLPatternSet& default_runtime_allowed_hosts();
|
| +
|
| + // Returns list of hosts this extension may not interact with by policy.
|
| + const URLPatternSet& runtime_blocked_hosts() const;
|
| +
|
| + // Returns list of hosts this extension may interact with regardless of
|
| + // what is defined by runtime_blocked_hosts().
|
| + const URLPatternSet& runtime_allowed_hosts() const;
|
| +
|
| #if defined(UNIT_TEST)
|
| const PermissionSet* GetTabSpecificPermissionsForTesting(int tab_id) const {
|
| base::AutoLock auto_lock(runtime_lock_);
|
| @@ -255,6 +287,21 @@ class PermissionsData {
|
| // withheld_permissions() accessor.
|
| mutable std::unique_ptr<const PermissionSet> withheld_permissions_unsafe_;
|
|
|
| + // The list of hosts an extension may not interact with by policy.
|
| + // Unless you need to change |runtime_blocked_hosts_unsafe_|, use the (safe)
|
| + // runtime_blocked_hosts() accessor.
|
| + mutable URLPatternSet runtime_blocked_hosts_unsafe_;
|
| +
|
| + // The exclusive list of hosts an extension may interact with by policy.
|
| + // Unless you need to change |runtime_allowed_hosts_unsafe_|, use the (safe)
|
| + // runtime_allowed_hosts() accessor.
|
| + mutable URLPatternSet runtime_allowed_hosts_unsafe_;
|
| +
|
| + // If this extension is using the DefaultRuntimeBlockedAllowedHosts shared by
|
| + // every extension in the renderer or an extension specific setting held in
|
| + // RuntimeBlockedAllowedHosts
|
| + mutable bool is_default_runtime_blocked_allowed_hosts_ = true;
|
| +
|
| mutable TabPermissionsMap tab_specific_permissions_;
|
|
|
| mutable std::unique_ptr<base::ThreadChecker> thread_checker_;
|
|
|
Chromium Code Reviews
Issue 2499493004:
Communicate ExtensionSettings policy to renderers (Closed)
