OLD | NEW |
---|---|
1 // Copyright 2015 The Chromium Authors. All rights reserved. | 1 // Copyright 2015 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/extensions/api/settings_private/prefs_util.h" | 5 #include "chrome/browser/extensions/api/settings_private/prefs_util.h" |
6 | 6 |
7 #include "build/build_config.h" | 7 #include "build/build_config.h" |
8 #include "chrome/browser/browser_process.h" | 8 #include "chrome/browser/browser_process.h" |
9 #include "chrome/browser/extensions/chrome_extension_function.h" | 9 #include "chrome/browser/extensions/chrome_extension_function.h" |
10 #include "chrome/browser/extensions/settings_api_helpers.h" | 10 #include "chrome/browser/extensions/settings_api_helpers.h" |
(...skipping 21 matching lines...) Expand all Loading... | |
32 #include "extensions/browser/management_policy.h" | 32 #include "extensions/browser/management_policy.h" |
33 #include "extensions/common/extension.h" | 33 #include "extensions/common/extension.h" |
34 | 34 |
35 #if defined(OS_CHROMEOS) | 35 #if defined(OS_CHROMEOS) |
36 #include "ash/public/cpp/ash_pref_names.h" // nogncheck | 36 #include "ash/public/cpp/ash_pref_names.h" // nogncheck |
37 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h" | 37 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h" |
38 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_fact ory.h" | 38 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos_fact ory.h" |
39 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 39 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
40 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 40 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
41 #include "chrome/browser/chromeos/settings/cros_settings.h" | 41 #include "chrome/browser/chromeos/settings/cros_settings.h" |
42 #include "chrome/browser/chromeos/system/timezone_util.h" | |
42 #include "chromeos/settings/cros_settings_names.h" | 43 #include "chromeos/settings/cros_settings_names.h" |
43 #include "ui/chromeos/events/pref_names.h" | 44 #include "ui/chromeos/events/pref_names.h" |
44 #endif | 45 #endif |
45 | 46 |
46 namespace { | 47 namespace { |
47 | 48 |
48 #if defined(OS_CHROMEOS) | 49 #if defined(OS_CHROMEOS) |
49 bool IsPrivilegedCrosSetting(const std::string& pref_name) { | 50 bool IsPrivilegedCrosSetting(const std::string& pref_name) { |
50 if (!chromeos::CrosSettings::IsCrosSettings(pref_name)) | 51 if (!chromeos::CrosSettings::IsCrosSettings(pref_name)) |
51 return false; | 52 return false; |
52 // kSystemTimezone should be changeable by all users. | 53 if (!chromeos::system::PerUserTimezoneEnabled()) { |
53 if (pref_name == chromeos::kSystemTimezone) | 54 // kSystemTimezone should be changeable by all users. |
54 return false; | 55 if (pref_name == chromeos::kSystemTimezone) |
55 // All other Cros settings are considered privileged and are either policy | 56 return false; |
57 // All other Cros settings are considered privileged and are either policy | |
58 // controlled or owner controlled. | |
stevenjb
2017/05/30 16:47:18
This comment is duplicated below, remove it here.
Alexander Alekseev
2017/07/06 06:30:29
This comment is correct only if per-user time zone
| |
59 } | |
60 // All Cros settings are considered privileged and are either policy | |
56 // controlled or owner controlled. | 61 // controlled or owner controlled. |
57 return true; | 62 return true; |
58 } | 63 } |
64 | |
65 bool IsCrosSettingReadOnly(const std::string& pref_name) { | |
66 if (chromeos::system::PerUserTimezoneEnabled()) { | |
67 // System timezone is never directly changable by user. | |
68 return pref_name == chromeos::kSystemTimezone; | |
69 } | |
70 return false; | |
71 } | |
59 #endif | 72 #endif |
60 | 73 |
61 } // namespace | 74 } // namespace |
62 | 75 |
63 namespace extensions { | 76 namespace extensions { |
64 | 77 |
65 namespace settings_private = api::settings_private; | 78 namespace settings_private = api::settings_private; |
66 | 79 |
67 PrefsUtil::PrefsUtil(Profile* profile) : profile_(profile) {} | 80 PrefsUtil::PrefsUtil(Profile* profile) : profile_(profile) {} |
68 | 81 |
(...skipping 213 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
282 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 295 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
283 (*s_whitelist)[proxy_config::prefs::kUseSharedProxies] = | 296 (*s_whitelist)[proxy_config::prefs::kUseSharedProxies] = |
284 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 297 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
285 (*s_whitelist)[::prefs::kWakeOnWifiDarkConnect] = | 298 (*s_whitelist)[::prefs::kWakeOnWifiDarkConnect] = |
286 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 299 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
287 (*s_whitelist)[::chromeos::kSignedDataRoamingEnabled] = | 300 (*s_whitelist)[::chromeos::kSignedDataRoamingEnabled] = |
288 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 301 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
289 | 302 |
290 // Timezone settings. | 303 // Timezone settings. |
291 (*s_whitelist)[chromeos::kSystemTimezone] = | 304 (*s_whitelist)[chromeos::kSystemTimezone] = |
292 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 305 settings_private::PrefType::PREF_TYPE_STRING; |
306 (*s_whitelist)[prefs::kUserTimezone] = | |
307 settings_private::PrefType::PREF_TYPE_STRING; | |
293 (*s_whitelist)[::prefs::kResolveTimezoneByGeolocation] = | 308 (*s_whitelist)[::prefs::kResolveTimezoneByGeolocation] = |
294 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 309 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
295 | 310 |
296 // Ash settings. | 311 // Ash settings. |
297 (*s_whitelist)[::prefs::kEnableStylusTools] = | 312 (*s_whitelist)[::prefs::kEnableStylusTools] = |
298 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 313 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
299 (*s_whitelist)[::prefs::kLaunchPaletteOnEjectEvent] = | 314 (*s_whitelist)[::prefs::kLaunchPaletteOnEjectEvent] = |
300 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 315 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
301 (*s_whitelist)[::prefs::kNoteTakingAppEnabledOnLockScreen] = | 316 (*s_whitelist)[::prefs::kNoteTakingAppEnabledOnLockScreen] = |
302 settings_private::PrefType::PREF_TYPE_BOOLEAN; | 317 settings_private::PrefType::PREF_TYPE_BOOLEAN; |
(...skipping 147 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
450 pref = pref_service->FindPreference(name); | 465 pref = pref_service->FindPreference(name); |
451 if (!pref) | 466 if (!pref) |
452 return nullptr; | 467 return nullptr; |
453 pref_object.reset(new settings_private::PrefObject()); | 468 pref_object.reset(new settings_private::PrefObject()); |
454 pref_object->key = pref->name(); | 469 pref_object->key = pref->name(); |
455 pref_object->type = GetType(name, pref->GetType()); | 470 pref_object->type = GetType(name, pref->GetType()); |
456 pref_object->value.reset(pref->GetValue()->DeepCopy()); | 471 pref_object->value.reset(pref->GetValue()->DeepCopy()); |
457 } | 472 } |
458 | 473 |
459 #if defined(OS_CHROMEOS) | 474 #if defined(OS_CHROMEOS) |
475 // We first check for enterprise-managed, then for primary-user managed. | |
476 // Otherwise in multiprofile mode enterprise preference for the secondary | |
477 // user will appear primary-user-controlled, which looks strange, because | |
478 // primary user preference will be disabled with "enterprise controlled" | |
479 // status. | |
michaelpg
2017/05/30 22:21:23
This makes sense, but can you run it by Tom? Is th
Alexander Alekseev
2017/07/06 06:30:28
This is a good point, but if current user doesn't
| |
480 if (IsPrefEnterpriseManaged(name)) { | |
481 // Enterprise managed prefs are treated the same as device policy restricted | |
482 // prefs in the UI. | |
483 pref_object->controlled_by = | |
484 settings_private::ControlledBy::CONTROLLED_BY_DEVICE_POLICY; | |
485 pref_object->enforcement = | |
486 settings_private::Enforcement::ENFORCEMENT_ENFORCED; | |
487 return pref_object; | |
488 } | |
489 | |
460 if (IsPrefPrimaryUserControlled(name)) { | 490 if (IsPrefPrimaryUserControlled(name)) { |
461 pref_object->controlled_by = | 491 pref_object->controlled_by = |
462 settings_private::ControlledBy::CONTROLLED_BY_PRIMARY_USER; | 492 settings_private::ControlledBy::CONTROLLED_BY_PRIMARY_USER; |
463 pref_object->enforcement = | 493 pref_object->enforcement = |
464 settings_private::Enforcement::ENFORCEMENT_ENFORCED; | 494 settings_private::Enforcement::ENFORCEMENT_ENFORCED; |
465 pref_object->controlled_by_name.reset( | 495 pref_object->controlled_by_name.reset( |
466 new std::string(user_manager::UserManager::Get() | 496 new std::string(user_manager::UserManager::Get() |
467 ->GetPrimaryUser() | 497 ->GetPrimaryUser() |
468 ->GetAccountId() | 498 ->GetAccountId() |
469 .GetUserEmail())); | 499 .GetUserEmail())); |
470 return pref_object; | 500 return pref_object; |
471 } | 501 } |
472 | |
473 if (IsPrefEnterpriseManaged(name)) { | |
474 // Enterprise managed prefs are treated the same as device policy restricted | |
475 // prefs in the UI. | |
476 pref_object->controlled_by = | |
477 settings_private::ControlledBy::CONTROLLED_BY_DEVICE_POLICY; | |
478 pref_object->enforcement = | |
479 settings_private::Enforcement::ENFORCEMENT_ENFORCED; | |
480 return pref_object; | |
481 } | |
482 #endif | 502 #endif |
483 | 503 |
484 if (pref && pref->IsManaged()) { | 504 if (pref && pref->IsManaged()) { |
485 pref_object->controlled_by = | 505 pref_object->controlled_by = |
486 settings_private::ControlledBy::CONTROLLED_BY_USER_POLICY; | 506 settings_private::ControlledBy::CONTROLLED_BY_USER_POLICY; |
487 pref_object->enforcement = | 507 pref_object->enforcement = |
488 settings_private::Enforcement::ENFORCEMENT_ENFORCED; | 508 settings_private::Enforcement::ENFORCEMENT_ENFORCED; |
489 return pref_object; | 509 return pref_object; |
490 } | 510 } |
491 | 511 |
(...skipping 168 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
660 bool PrefsUtil::IsPrefTypeURL(const std::string& pref_name) { | 680 bool PrefsUtil::IsPrefTypeURL(const std::string& pref_name) { |
661 return GetWhitelistedPrefType(pref_name) == | 681 return GetWhitelistedPrefType(pref_name) == |
662 settings_private::PrefType::PREF_TYPE_URL; | 682 settings_private::PrefType::PREF_TYPE_URL; |
663 } | 683 } |
664 | 684 |
665 #if defined(OS_CHROMEOS) | 685 #if defined(OS_CHROMEOS) |
666 bool PrefsUtil::IsPrefEnterpriseManaged(const std::string& pref_name) { | 686 bool PrefsUtil::IsPrefEnterpriseManaged(const std::string& pref_name) { |
667 if (IsPrivilegedCrosSetting(pref_name)) { | 687 if (IsPrivilegedCrosSetting(pref_name)) { |
668 policy::BrowserPolicyConnectorChromeOS* connector = | 688 policy::BrowserPolicyConnectorChromeOS* connector = |
669 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | 689 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
670 if (connector->IsEnterpriseManaged()) | 690 return connector->IsEnterpriseManaged(); |
671 return true; | 691 } else { |
stevenjb
2017/05/30 16:47:18
No else after return
Alexander Alekseev
2017/07/06 06:30:28
Done.
| |
692 if (!chromeos::system::PerUserTimezoneEnabled()) | |
693 return false; | |
694 | |
695 policy::BrowserPolicyConnectorChromeOS* connector = | |
696 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | |
697 if (!connector->IsEnterpriseManaged()) | |
698 return false; | |
699 | |
700 if (pref_name == prefs::kUserTimezone || | |
701 pref_name == prefs::kResolveTimezoneByGeolocation) { | |
702 return chromeos::system::IsTimezonePrefManaged(pref_name); | |
703 } | |
672 } | 704 } |
673 return false; | 705 return false; |
674 } | 706 } |
675 | 707 |
676 bool PrefsUtil::IsPrefOwnerControlled(const std::string& pref_name) { | 708 bool PrefsUtil::IsPrefOwnerControlled(const std::string& pref_name) { |
709 // chromeos::kSystemTimezone is global display-only preference and | |
710 // it should appear as disabled, but not owned. | |
michaelpg
2017/05/30 22:21:23
Isn't this idea (and code) already built into IsPr
Alexander Alekseev
2017/07/06 06:30:28
IsPrivilegedCrosSetting() depends on whether per-u
| |
711 if (pref_name == chromeos::kSystemTimezone) | |
712 return false; | |
713 | |
677 if (IsPrivilegedCrosSetting(pref_name)) { | 714 if (IsPrivilegedCrosSetting(pref_name)) { |
678 if (!chromeos::ProfileHelper::IsOwnerProfile(profile_)) | 715 if (!chromeos::ProfileHelper::IsOwnerProfile(profile_)) |
679 return true; | 716 return true; |
680 } | 717 } |
681 return false; | 718 return false; |
682 } | 719 } |
683 | 720 |
684 bool PrefsUtil::IsPrefPrimaryUserControlled(const std::string& pref_name) { | 721 bool PrefsUtil::IsPrefPrimaryUserControlled(const std::string& pref_name) { |
685 if (pref_name == prefs::kWakeOnWifiDarkConnect) { | 722 // chromeos::kSystemTimezone is read-only, but for the non-primary users |
723 // it should have "primary user controlled" attribute. | |
724 if (pref_name == prefs::kWakeOnWifiDarkConnect || | |
725 pref_name == prefs::kResolveTimezoneByGeolocation || | |
726 pref_name == prefs::kUserTimezone || | |
727 pref_name == chromeos::kSystemTimezone) { | |
686 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); | 728 user_manager::UserManager* user_manager = user_manager::UserManager::Get(); |
687 const user_manager::User* user = | 729 const user_manager::User* user = |
688 chromeos::ProfileHelper::Get()->GetUserByProfile(profile_); | 730 chromeos::ProfileHelper::Get()->GetUserByProfile(profile_); |
689 if (user && | 731 if (user && user->GetAccountId() != |
690 user->GetAccountId() != user_manager->GetPrimaryUser()->GetAccountId()) | 732 user_manager->GetPrimaryUser()->GetAccountId()) { |
691 return true; | 733 return true; |
734 } | |
692 } | 735 } |
693 return false; | 736 return false; |
694 } | 737 } |
695 #endif | 738 #endif |
696 | 739 |
697 bool PrefsUtil::IsPrefSupervisorControlled(const std::string& pref_name) { | 740 bool PrefsUtil::IsPrefSupervisorControlled(const std::string& pref_name) { |
698 if (pref_name != prefs::kBrowserGuestModeEnabled && | 741 if (pref_name != prefs::kBrowserGuestModeEnabled && |
699 pref_name != prefs::kBrowserAddPersonEnabled) { | 742 pref_name != prefs::kBrowserAddPersonEnabled) { |
700 return false; | 743 return false; |
701 } | 744 } |
702 return profile_->IsSupervised(); | 745 return profile_->IsSupervised(); |
703 } | 746 } |
704 | 747 |
705 bool PrefsUtil::IsPrefUserModifiable(const std::string& pref_name) { | 748 bool PrefsUtil::IsPrefUserModifiable(const std::string& pref_name) { |
749 #if defined(OS_CHROMEOS) | |
750 if (IsCrosSettingReadOnly(pref_name)) | |
751 return false; | |
752 #endif | |
753 | |
706 const PrefService::Preference* profile_pref = | 754 const PrefService::Preference* profile_pref = |
707 profile_->GetPrefs()->FindPreference(pref_name); | 755 profile_->GetPrefs()->FindPreference(pref_name); |
708 if (profile_pref) | 756 if (profile_pref) |
709 return profile_pref->IsUserModifiable(); | 757 return profile_pref->IsUserModifiable(); |
710 | 758 |
711 const PrefService::Preference* local_state_pref = | 759 const PrefService::Preference* local_state_pref = |
712 g_browser_process->local_state()->FindPreference(pref_name); | 760 g_browser_process->local_state()->FindPreference(pref_name); |
713 if (local_state_pref) | 761 if (local_state_pref) |
714 return local_state_pref->IsUserModifiable(); | 762 return local_state_pref->IsUserModifiable(); |
715 | 763 |
(...skipping 67 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
783 ExtensionPrefValueMapFactory::GetForBrowserContext(profile_) | 831 ExtensionPrefValueMapFactory::GetForBrowserContext(profile_) |
784 ->GetExtensionControllingPref(pref_object.key); | 832 ->GetExtensionControllingPref(pref_object.key); |
785 if (extension_id.empty()) | 833 if (extension_id.empty()) |
786 return nullptr; | 834 return nullptr; |
787 | 835 |
788 return ExtensionRegistry::Get(profile_)->GetExtensionById( | 836 return ExtensionRegistry::Get(profile_)->GetExtensionById( |
789 extension_id, ExtensionRegistry::ENABLED); | 837 extension_id, ExtensionRegistry::ENABLED); |
790 } | 838 } |
791 | 839 |
792 } // namespace extensions | 840 } // namespace extensions |
OLD | NEW |