Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(34)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/extensions/permissions_updater.cc

Issue 2499493004: Communicate ExtensionSettings policy to renderers (Closed)
Patch Set: -Forgot to update copyright date Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/extensions/permissions_updater.h ('k') | chrome/test/BUILD.gn » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/extensions/permissions_updater.cc
diff --git a/chrome/browser/extensions/permissions_updater.cc b/chrome/browser/extensions/permissions_updater.cc
index 26730a999aaa4510a01500c6c3bab92db4b18f12..45adbf7c21c29ebcc12e4d2830014b759fd1049b 100644
--- a/chrome/browser/extensions/permissions_updater.cc
+++ b/chrome/browser/extensions/permissions_updater.cc
@@ -136,6 +136,42 @@ void PermissionsUpdater::RemovePermissions(const Extension* extension,
NotifyPermissionsUpdated(REMOVED, extension, to_remove);
}
+void PermissionsUpdater::SetPolicyHostRestrictions(
+ const Extension* extension,
+ const URLPatternSet& runtime_blocked_hosts,
+ const URLPatternSet& runtime_allowed_hosts) {
+ // Keep track of runtime blocked and hosts for this extension in the browser
+ // process. We'll pull from here to populate when a new renderer is created.
+ extension->permissions_data()->SetPolicyHostRestrictions(
+ runtime_blocked_hosts, runtime_allowed_hosts);
+
+ // Send notification to the currently running renderers of the runtime block
+ // hosts settings.
+ const PermissionSet perms;
+ NotifyPermissionsUpdated(POLICY, extension, perms);
+}
+
+void PermissionsUpdater::SetUsesDefaultHostRestrictions(
+ const Extension* extension) {
+ extension->permissions_data()->SetUsesDefaultHostRestrictions();
+ const PermissionSet perms;
+ NotifyPermissionsUpdated(POLICY, extension, perms);
+}
+
+void PermissionsUpdater::SetDefaultPolicyHostRestrictions(
+ const URLPatternSet& default_runtime_blocked_hosts,
+ const URLPatternSet& default_runtime_allowed_hosts) {
+ // Keep track of runtime blocked and hosts for extensions without an
+ // individual policy. We'll pull from here when a new renderer is created.
+ PermissionsData::SetDefaultPolicyHostRestrictions(
+ default_runtime_blocked_hosts, default_runtime_allowed_hosts);
+
+ // Send notification to the currently running renderers of the runtime block
+ // hosts settings.
+ NotifyDefaultPolicyHostRestrictionsUpdated(default_runtime_blocked_hosts,
+ default_runtime_allowed_hosts);
+}
+
void PermissionsUpdater::RemovePermissionsUnsafe(
const Extension* extension,
const PermissionSet& to_remove) {
@@ -244,28 +280,31 @@ void PermissionsUpdater::NotifyPermissionsUpdated(
const Extension* extension,
const PermissionSet& changed) {
DCHECK((init_flag_ & INIT_FLAG_TRANSIENT) == 0);
- if (changed.IsEmpty())
- return;
UpdatedExtensionPermissionsInfo::Reason reason;
events::HistogramValue histogram_value;
const char* event_name = NULL;
+ Profile* profile = Profile::FromBrowserContext(browser_context_);
+
+ if (changed.IsEmpty() && event_type != POLICY)
Devlin 2017/04/04 16:29:11 https://codereview.chromium.org/2499493004/diff/18
nrpeter 2017/04/05 23:13:26 Thanks for the reminder. I've moved it back to the
+ return;
if (event_type == REMOVED) {
reason = UpdatedExtensionPermissionsInfo::REMOVED;
histogram_value = events::PERMISSIONS_ON_REMOVED;
event_name = permissions::OnRemoved::kEventName;
- } else {
- CHECK_EQ(ADDED, event_type);
+ } else if (event_type == ADDED) {
reason = UpdatedExtensionPermissionsInfo::ADDED;
histogram_value = events::PERMISSIONS_ON_ADDED;
event_name = permissions::OnAdded::kEventName;
+ } else {
+ CHECK_EQ(POLICY, event_type);
+ reason = UpdatedExtensionPermissionsInfo::POLICY;
}
// Notify other APIs or interested parties.
- UpdatedExtensionPermissionsInfo info = UpdatedExtensionPermissionsInfo(
- extension, changed, reason);
- Profile* profile = Profile::FromBrowserContext(browser_context_);
+ UpdatedExtensionPermissionsInfo info =
+ UpdatedExtensionPermissionsInfo(extension, changed, reason);
content::NotificationService::current()->Notify(
extensions::NOTIFICATION_EXTENSION_PERMISSIONS_UPDATED,
content::Source<Profile>(profile),
@@ -277,6 +316,14 @@ void PermissionsUpdater::NotifyPermissionsUpdated(
extension->permissions_data()->active_permissions());
params.withheld_permissions = ExtensionMsg_PermissionSetStruct(
extension->permissions_data()->withheld_permissions());
+ params.uses_default_policy_host_restrictions =
+ extension->permissions_data()->UsesDefaultPolicyHostRestrictions();
+ if (!params.uses_default_policy_host_restrictions) {
+ params.policy_blocked_hosts =
+ extension->permissions_data()->policy_blocked_hosts();
+ params.policy_allowed_hosts =
+ extension->permissions_data()->policy_allowed_hosts();
+ }
// Send the new permissions to the renderers.
for (RenderProcessHost::iterator i(RenderProcessHost::AllHostsIterator());
@@ -289,7 +336,33 @@ void PermissionsUpdater::NotifyPermissionsUpdated(
}
// Trigger the onAdded and onRemoved events in the extension.
- DispatchEvent(extension->id(), histogram_value, event_name, changed);
+ if (event_name)
+ DispatchEvent(extension->id(), histogram_value, event_name, changed);
+}
+
+// Notify the renderers that extension policy (policy_blocked_hosts) is updated
+// and provide new set of hosts.
+void PermissionsUpdater::NotifyDefaultPolicyHostRestrictionsUpdated(
+ const URLPatternSet& default_runtime_blocked_hosts,
+ const URLPatternSet& default_runtime_allowed_hosts) {
+ DCHECK((init_flag_ & INIT_FLAG_TRANSIENT) == 0);
+
+ Profile* profile = Profile::FromBrowserContext(browser_context_);
+
+ ExtensionMsg_UpdateDefaultPolicyHostRestrictions_Params params;
+ params.default_policy_blocked_hosts = default_runtime_blocked_hosts;
+ params.default_policy_allowed_hosts = default_runtime_allowed_hosts;
+
+ // Send the new policy to the renderers.
+ for (RenderProcessHost::iterator host_iterator(
+ RenderProcessHost::AllHostsIterator());
+ !host_iterator.IsAtEnd(); host_iterator.Advance()) {
+ RenderProcessHost* host = host_iterator.GetCurrentValue();
+ if (profile->IsSameProfile(
+ Profile::FromBrowserContext(host->GetBrowserContext()))) {
+ host->Send(new ExtensionMsg_UpdateDefaultPolicyHostRestrictions(params));
+ }
+ }
}
} // namespace extensions
« no previous file with comments | « chrome/browser/extensions/permissions_updater.h ('k') | chrome/test/BUILD.gn » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698