| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ | 5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ |
| 6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ | 6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ |
| 7 | 7 |
| 8 #include "base/containers/scoped_ptr_hash_map.h" | 8 #include "base/containers/scoped_ptr_hash_map.h" |
| 9 #include "base/macros.h" | 9 #include "base/macros.h" |
| 10 #include "base/memory/ref_counted.h" |
| 10 #include "base/memory/scoped_ptr.h" | 11 #include "base/memory/scoped_ptr.h" |
| 12 #include "base/memory/scoped_vector.h" |
| 11 #include "base/memory/singleton.h" | 13 #include "base/memory/singleton.h" |
| 12 #include "base/observer_list.h" | 14 #include "base/observer_list.h" |
| 13 #include "base/prefs/pref_change_registrar.h" | 15 #include "base/prefs/pref_change_registrar.h" |
| 14 #include "base/values.h" | 16 #include "base/values.h" |
| 15 #include "components/keyed_service/content/browser_context_keyed_service_factory
.h" | 17 #include "components/keyed_service/content/browser_context_keyed_service_factory
.h" |
| 16 #include "components/keyed_service/core/keyed_service.h" | 18 #include "components/keyed_service/core/keyed_service.h" |
| 17 #include "extensions/browser/management_policy.h" | 19 #include "extensions/browser/management_policy.h" |
| 18 #include "extensions/common/extension.h" | 20 #include "extensions/common/extension.h" |
| 19 #include "extensions/common/manifest.h" | 21 #include "extensions/common/manifest.h" |
| 20 | 22 |
| 21 class GURL; | 23 class GURL; |
| 22 class PrefService; | 24 class PrefService; |
| 23 | 25 |
| 24 namespace content { | 26 namespace content { |
| 25 class BrowserContext; | 27 class BrowserContext; |
| 26 } // namespace content | 28 } // namespace content |
| 27 | 29 |
| 28 namespace extensions { | 30 namespace extensions { |
| 29 | 31 |
| 30 namespace internal { | 32 namespace internal { |
| 31 | 33 |
| 32 struct IndividualSettings; | 34 struct IndividualSettings; |
| 33 struct GlobalSettings; | 35 struct GlobalSettings; |
| 34 | 36 |
| 35 } // namespace internal | 37 } // namespace internal |
| 36 | 38 |
| 39 class APIPermissionSet; |
| 40 class PermissionSet; |
| 41 |
| 37 // Tracks the management policies that affect extensions and provides interfaces | 42 // Tracks the management policies that affect extensions and provides interfaces |
| 38 // for observing and obtaining the global settings for all extensions, as well | 43 // for observing and obtaining the global settings for all extensions, as well |
| 39 // as per-extension settings. | 44 // as per-extension settings. |
| 40 class ExtensionManagement : public KeyedService { | 45 class ExtensionManagement : public KeyedService { |
| 41 public: | 46 public: |
| 42 // Observer class for extension management settings changes. | 47 // Observer class for extension management settings changes. |
| 43 class Observer { | 48 class Observer { |
| 44 public: | 49 public: |
| 45 virtual ~Observer() {} | 50 virtual ~Observer() {} |
| 46 | 51 |
| (...skipping 14 matching lines...) Expand all Loading... |
| 61 INSTALLATION_FORCED, | 66 INSTALLATION_FORCED, |
| 62 INSTALLATION_RECOMMENDED, | 67 INSTALLATION_RECOMMENDED, |
| 63 }; | 68 }; |
| 64 | 69 |
| 65 explicit ExtensionManagement(PrefService* pref_service); | 70 explicit ExtensionManagement(PrefService* pref_service); |
| 66 virtual ~ExtensionManagement(); | 71 virtual ~ExtensionManagement(); |
| 67 | 72 |
| 68 void AddObserver(Observer* observer); | 73 void AddObserver(Observer* observer); |
| 69 void RemoveObserver(Observer* observer); | 74 void RemoveObserver(Observer* observer); |
| 70 | 75 |
| 71 // Get the ManagementPolicy::Provider controlled by extension management | 76 // Get the list of ManagementPolicy::Provider controlled by extension |
| 72 // policy settings. | 77 // management policy settings. |
| 73 ManagementPolicy::Provider* GetProvider() const; | 78 std::vector<ManagementPolicy::Provider*> GetProviders() const; |
| 74 | 79 |
| 75 // Checks if extensions are blacklisted by default, by policy. When true, | 80 // Checks if extensions are blacklisted by default, by policy. When true, |
| 76 // this means that even extensions without an ID should be blacklisted (e.g. | 81 // this means that even extensions without an ID should be blacklisted (e.g. |
| 77 // from the command line, or when loaded as an unpacked extension). | 82 // from the command line, or when loaded as an unpacked extension). |
| 78 bool BlacklistedByDefault() const; | 83 bool BlacklistedByDefault() const; |
| 79 | 84 |
| 80 // Returns installation mode for an extension. | 85 // Returns installation mode for an extension. |
| 81 InstallationMode GetInstallationMode(const ExtensionId& id) const; | 86 InstallationMode GetInstallationMode(const ExtensionId& id) const; |
| 82 | 87 |
| 83 // Returns the force install list, in format specified by | 88 // Returns the force install list, in format specified by |
| 84 // ExternalPolicyLoader::AddExtension(). | 89 // ExternalPolicyLoader::AddExtension(). |
| 85 scoped_ptr<base::DictionaryValue> GetForceInstallList() const; | 90 scoped_ptr<base::DictionaryValue> GetForceInstallList() const; |
| 86 | 91 |
| 87 // Like GetForceInstallList(), but returns recommended install list instead. | 92 // Like GetForceInstallList(), but returns recommended install list instead. |
| 88 scoped_ptr<base::DictionaryValue> GetRecommendedInstallList() const; | 93 scoped_ptr<base::DictionaryValue> GetRecommendedInstallList() const; |
| 89 | 94 |
| 90 // Returns if an extension with id |id| is explicitly allowed by enterprise | 95 // Returns if an extension with id |id| is explicitly allowed by enterprise |
| 91 // policy or not. | 96 // policy or not. |
| 92 bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const; | 97 bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const; |
| 93 | 98 |
| 94 // Returns true if an extension download should be allowed to proceed. | 99 // Returns true if an extension download should be allowed to proceed. |
| 95 bool IsOffstoreInstallAllowed(const GURL& url, | 100 bool IsOffstoreInstallAllowed(const GURL& url, |
| 96 const GURL& referrer_url) const; | 101 const GURL& referrer_url) const; |
| 97 | 102 |
| 98 // Returns true if an extension with manifest type |manifest_type| is | 103 // Returns true if an extension with manifest type |manifest_type| is |
| 99 // allowed to be installed. | 104 // allowed to be installed. |
| 100 bool IsAllowedManifestType(Manifest::Type manifest_type) const; | 105 bool IsAllowedManifestType(Manifest::Type manifest_type) const; |
| 101 | 106 |
| 107 // Returns the list of blocked API permissions for the extension |id|. |
| 108 const APIPermissionSet& GetBlockedAPIPermissions(const ExtensionId& id) const; |
| 109 |
| 110 // Returns blocked permission set for extension |id|. |
| 111 scoped_refptr<const PermissionSet> GetBlockedPermissions( |
| 112 const ExtensionId& id) const; |
| 113 |
| 114 // Returns true if every permission in |perms| is allowed for extension |id|. |
| 115 bool IsPermissionSetAllowed(const ExtensionId& id, |
| 116 scoped_refptr<const PermissionSet> perms) const; |
| 117 |
| 102 private: | 118 private: |
| 103 typedef base::ScopedPtrHashMap<ExtensionId, internal::IndividualSettings> | 119 typedef base::ScopedPtrHashMap<ExtensionId, internal::IndividualSettings> |
| 104 SettingsIdMap; | 120 SettingsIdMap; |
| 105 friend class ExtensionManagementServiceTest; | 121 friend class ExtensionManagementServiceTest; |
| 106 | 122 |
| 107 // Load all extension management preferences from |pref_service|, and | 123 // Load all extension management preferences from |pref_service|, and |
| 108 // refresh the settings. | 124 // refresh the settings. |
| 109 void Refresh(); | 125 void Refresh(); |
| 110 | 126 |
| 111 // Load preference with name |pref_name| and expected type |expected_type|. | 127 // Load preference with name |pref_name| and expected type |expected_type|. |
| (...skipping 34 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 146 // enforced. | 162 // enforced. |
| 147 scoped_ptr<internal::IndividualSettings> default_settings_; | 163 scoped_ptr<internal::IndividualSettings> default_settings_; |
| 148 | 164 |
| 149 // Extension settings applicable to all extensions. | 165 // Extension settings applicable to all extensions. |
| 150 scoped_ptr<internal::GlobalSettings> global_settings_; | 166 scoped_ptr<internal::GlobalSettings> global_settings_; |
| 151 | 167 |
| 152 PrefService* pref_service_; | 168 PrefService* pref_service_; |
| 153 | 169 |
| 154 ObserverList<Observer, true> observer_list_; | 170 ObserverList<Observer, true> observer_list_; |
| 155 PrefChangeRegistrar pref_change_registrar_; | 171 PrefChangeRegistrar pref_change_registrar_; |
| 156 scoped_ptr<ManagementPolicy::Provider> provider_; | 172 ScopedVector<ManagementPolicy::Provider> providers_; |
| 157 | 173 |
| 158 DISALLOW_COPY_AND_ASSIGN(ExtensionManagement); | 174 DISALLOW_COPY_AND_ASSIGN(ExtensionManagement); |
| 159 }; | 175 }; |
| 160 | 176 |
| 161 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory { | 177 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory { |
| 162 public: | 178 public: |
| 163 static ExtensionManagement* GetForBrowserContext( | 179 static ExtensionManagement* GetForBrowserContext( |
| 164 content::BrowserContext* context); | 180 content::BrowserContext* context); |
| 165 static ExtensionManagementFactory* GetInstance(); | 181 static ExtensionManagementFactory* GetInstance(); |
| 166 | 182 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 177 content::BrowserContext* context) const override; | 193 content::BrowserContext* context) const override; |
| 178 virtual void RegisterProfilePrefs( | 194 virtual void RegisterProfilePrefs( |
| 179 user_prefs::PrefRegistrySyncable* registry) override; | 195 user_prefs::PrefRegistrySyncable* registry) override; |
| 180 | 196 |
| 181 DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory); | 197 DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory); |
| 182 }; | 198 }; |
| 183 | 199 |
| 184 } // namespace extensions | 200 } // namespace extensions |
| 185 | 201 |
| 186 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ | 202 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 595363002:
Add policy controlled permission block list for extensions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ext-fix