Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(3139)

Unified Diff: chrome/browser/extensions/extension_management_internal.h

Issue 595363002: Add policy controlled permission block list for extensions (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ext-fix
Patch Set: more minor format fix Created 6 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
Index: chrome/browser/extensions/extension_management_internal.h
diff --git a/chrome/browser/extensions/extension_management_internal.h b/chrome/browser/extensions/extension_management_internal.h
index d01bb339c9547c6b236612518172220044ee970a..bfdb32cfc5a732e9bc27709047c775307f6e2bdb 100644
--- a/chrome/browser/extensions/extension_management_internal.h
+++ b/chrome/browser/extensions/extension_management_internal.h
@@ -10,6 +10,7 @@
#include "base/macros.h"
#include "chrome/browser/extensions/extension_management.h"
#include "extensions/common/manifest.h"
+#include "extensions/common/permissions/api_permission_set.h"
namespace base {
class DictionaryValue;
@@ -55,6 +56,18 @@ struct IndividualSettings {
ExtensionManagement::InstallationMode installation_mode;
std::string update_url;
+ // Permissions settings for extensions. These settings won't give granted
+ // permissions to extensions automatically. Instead, these settings will
+ // provide a list of blocked permissions for each extension. That is, if
+ // an extension requires a permission which is on the blocklist for it,
+ // this extension will not be allowed to be loaded. And if it contains a
+ // blocked permission as optional requirement, it will be allowed to
+ // be loaded (of course, with permission granted from other part of
+ // extension system), but conflicting permissions will not be usable.
+ // These settings will merge from the default settings, and unspecified
+ // settings will take value from default settings.
+ APIPermissionSet blocked_permissions;
+
private:
DISALLOW_ASSIGN(IndividualSettings);
};

Powered by Google App Engine
This is Rietveld 408576698