| Index: chrome/browser/extensions/permissions_based_management_policy_provider.cc
|
| diff --git a/chrome/browser/extensions/permissions_based_management_policy_provider.cc b/chrome/browser/extensions/permissions_based_management_policy_provider.cc
|
| new file mode 100644
|
| index 0000000000000000000000000000000000000000..4b299455a30f9b7e1ab32f6bc9cf71f2ba0d2380
|
| --- /dev/null
|
| +++ b/chrome/browser/extensions/permissions_based_management_policy_provider.cc
|
| @@ -0,0 +1,61 @@
|
| +// Copyright 2014 The Chromium Authors. All rights reserved.
|
| +// Use of this source code is governed by a BSD-style license that can be
|
| +// found in the LICENSE file.
|
| +
|
| +#include "chrome/browser/extensions/permissions_based_management_policy_provider.h"
|
| +
|
| +#include "base/strings/string16.h"
|
| +#include "base/strings/utf_string_conversions.h"
|
| +#include "chrome/browser/extensions/extension_management.h"
|
| +#include "extensions/common/extension.h"
|
| +#include "extensions/common/manifest_handlers/permissions_parser.h"
|
| +#include "extensions/common/permissions/permission_set.h"
|
| +#include "grit/extensions_strings.h"
|
| +#include "ui/base/l10n/l10n_util.h"
|
| +
|
| +namespace extensions {
|
| +
|
| +PermissionsBasedManagementPolicyProvider::
|
| + PermissionsBasedManagementPolicyProvider(ExtensionManagement* settings)
|
| + : settings_(settings) {
|
| +}
|
| +
|
| +PermissionsBasedManagementPolicyProvider::
|
| + ~PermissionsBasedManagementPolicyProvider() {
|
| +}
|
| +
|
| +std::string
|
| +PermissionsBasedManagementPolicyProvider::GetDebugPolicyProviderName() const {
|
| +#ifdef NDEBUG
|
| + NOTREACHED();
|
| + return std::string();
|
| +#else
|
| + return "Controlled by enterprise policy, restricting extension permissions.";
|
| +#endif
|
| +}
|
| +
|
| +bool PermissionsBasedManagementPolicyProvider::UserMayLoad(
|
| + const Extension* extension,
|
| + base::string16* error) const {
|
| + // Component extensions are always allowed.
|
| + if (Manifest::IsComponentLocation(extension->location()))
|
| + return true;
|
| +
|
| + scoped_refptr<const PermissionSet> required_permissions =
|
| + PermissionsParser::GetRequiredPermissions(extension);
|
| +
|
| + if (!settings_->IsPermissionSetAllowed(extension->id(),
|
| + required_permissions)) {
|
| + if (error) {
|
| + *error =
|
| + l10n_util::GetStringFUTF16(IDS_EXTENSION_CANT_INSTALL_POLICY_BLOCKED,
|
| + base::UTF8ToUTF16(extension->name()),
|
| + base::UTF8ToUTF16(extension->id()));
|
| + }
|
| + return false;
|
| + }
|
| +
|
| + return true;
|
| +}
|
| +
|
| +} // namespace extensions
|
|
|
Chromium Code Reviews
Issue 595363002:
Add policy controlled permission block list for extensions (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ext-fix