chrome/browser/extensions/extension_management_internal.h - Issue 595363002: Add policy controlled permission block list for extensions

Unified Diff: chrome/browser/extensions/extension_management_internal.h

Issue 595363002: Add policy controlled permission block list for extensions (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@ext-fix

Patch Set: add extension api test Created 6 years, 2 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

Download patch

« chrome/browser/extensions/extension_management.h ('K') | « chrome/browser/extensions/extension_management_constants.cc ('k') | chrome/browser/extensions/extension_management_internal.cc » ('j') | chrome/browser/extensions/extension_management_internal.cc » ('J')
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: chrome/browser/extensions/extension_management_internal.h

diff --git a/chrome/browser/extensions/extension_management_internal.h b/chrome/browser/extensions/extension_management_internal.h

index d01bb339c9547c6b236612518172220044ee970a..72604731e82c7740a239abb3abedb821334c84e6 100644

--- a/chrome/browser/extensions/extension_management_internal.h

+++ b/chrome/browser/extensions/extension_management_internal.h

@@ -10,6 +10,7 @@

#include "base/macros.h"

#include "chrome/browser/extensions/extension_management.h"

#include "extensions/common/manifest.h"

+#include "extensions/common/permissions/api_permission_set.h"

namespace base {

class DictionaryValue;

@@ -42,6 +43,8 @@ struct IndividualSettings {

// management preference and |scope| represents the applicable range of the

// settings, a single extension, a group of extensions or default settings.

// Note that in case of parsing errors, |this| will NOT be left untouched.

+ // This method is required to be called in order of ParsingScope, i.e. first

+ // SCOPE_DEFAULT, then SCOPE_INDIVIDUAL.

bool Parse(const base::DictionaryValue* dict, ParsingScope scope);

// Extension installation mode. Setting this to INSTALLATION_FORCED or

@@ -55,6 +58,18 @@ struct IndividualSettings {

ExtensionManagement::InstallationMode installation_mode;

std::string update_url;

+ // Permissions settings for extensions. These settings won't give granted

Finnur 2014/10/30 14:16:59 nit: s/give granted/grant/ ?

binjin 2014/10/30 16:41:11 Done.

+ // permissions to extensions automatically. Instead, these settings will

+ // provide a list of blocked permissions for each extension. That is, if

+ // an extension requires a permission which is on the blocklist for it,

Finnur 2014/10/30 14:16:59 s/is on the blocklist for it/has been blacklisted/

binjin 2014/10/30 16:41:11 Done.

+ // this extension will not be allowed to be loaded. And if it contains a

Finnur 2014/10/30 14:16:59 s/be loaded/load/

binjin 2014/10/30 16:41:11 Done.

+ // blocked permission as optional requirement, it will be allowed to

+ // be loaded (of course, with permission granted from other part of

Finnur 2014/10/30 14:16:59 s/be loaded/load/ "with permission granted from o

binjin 2014/10/30 16:41:11 Done. I mean "granted by user if necessary", updat

+ // extension system), but conflicting permissions will not be usable.

Finnur 2014/10/30 14:16:59 nit: s/not be usable/be dropped/ ?

binjin 2014/10/30 16:41:11 Done.

+ // These settings will merge from the default settings, and unspecified

+ // settings will take value from default settings.

+ APIPermissionSet blocked_permissions;

private:

DISALLOW_ASSIGN(IndividualSettings);

};