Chromium Code Reviews Chromium Code Reviews
Issue 2499493004:
Communicate ExtensionSettings policy to renderers (Closed)
| Index: chrome/browser/extensions/extension_service.cc |
| diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc |
| index 4cecaddab3e02cc9e9697c9d3f7a01d4ab746468..194199637d74cb22228397f81232bab69e0cde55 100644 |
| --- a/chrome/browser/extensions/extension_service.cc |
| +++ b/chrome/browser/extensions/extension_service.cc |
| @@ -866,11 +866,18 @@ void ExtensionService::EnableExtension(const std::string& extension_id) { |
| const Extension* extension = |
| registry_->disabled_extensions().GetByID(extension_id); |
| + extensions::ExtensionManagement* management = |
| + extensions::ExtensionManagementFactory::GetForBrowserContext(profile()); |
| + |
| ManagementPolicy* policy = system_->management_policy(); |
| if (extension && policy->MustRemainDisabled(extension, nullptr, nullptr)) { |
| UMA_HISTOGRAM_COUNTS_100("Extensions.EnableDeniedByPolicy", 1); |
| return; |
| } |
| + extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions( |
|
Devlin
2017/01/26 22:47:39
We seem to be calling this an awful lot. We shoul
nrpeter
2017/02/03 19:32:24
The call under CheckManagementPolicy handles the s
|
| + extension, management->GetRuntimeBlockedHosts(extension), |
| + management->GetRuntimeAllowedHosts(extension), |
| + management->UsesDefaultRuntimeHostRestrictions(extension)); |
| extension_prefs_->SetExtensionEnabled(extension_id); |
| @@ -1212,6 +1219,16 @@ void ExtensionService::CheckManagementPolicy() { |
| extensions::ExtensionManagement* management = |
| extensions::ExtensionManagementFactory::GetForBrowserContext(profile()); |
| + for (const auto& extension : registry_->enabled_extensions()) { |
| + extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions( |
| + extension.get(), management->GetRuntimeBlockedHosts(extension.get()), |
| + management->GetRuntimeAllowedHosts(extension.get()), |
| + management->UsesDefaultRuntimeHostRestrictions(extension.get())); |
| + } |
| + extensions::PermissionsUpdater(profile()) |
| + .SetDefaultPolicyHostRestrictions( |
| + management->GetDefaultRuntimeBlockedHosts(), |
| + management->GetDefaultRuntimeAllowedHosts()); |
| // Loop through the disabled extension list, find extensions to re-enable |
| // automatically. These extensions are exclusive from the |to_disable| and |
| @@ -1443,6 +1460,13 @@ void ExtensionService::OnLoadedInstalledExtensions() { |
| if (SharedModuleInfo::IsSharedModule(extension.get())) |
| to_enable.push_back(extension); |
| } |
| + extensions::ExtensionManagement* management = |
| + extensions::ExtensionManagementFactory::GetForBrowserContext(profile()); |
| + extensions::PermissionsUpdater(profile()) |
| + .SetDefaultPolicyHostRestrictions( |
| + management->GetDefaultRuntimeBlockedHosts(), |
| + management->GetDefaultRuntimeAllowedHosts()); |
| + |
| for (const auto& extension : to_enable) { |
| EnableExtension(extension->id()); |
| } |
| @@ -1461,6 +1485,14 @@ void ExtensionService::AddExtension(const Extension* extension) { |
| return; |
| } |
| + extensions::ExtensionManagement* settings = |
| + extensions::ExtensionManagementFactory::GetForBrowserContext(profile()); |
| + DCHECK(settings); |
| + extensions::PermissionsUpdater(profile()).SetPolicyHostRestrictions( |
| + extension, settings->GetRuntimeBlockedHosts(extension), |
| + settings->GetRuntimeAllowedHosts(extension), |
| + settings->UsesDefaultRuntimeHostRestrictions(extension)); |
| + |
| bool is_extension_upgrade = false; |
| bool is_extension_loaded = false; |
| const Extension* old = GetInstalledExtension(extension->id()); |
