Chromium Code Reviews Chromium Code Reviews
Issue 695133005:
Temporarily disable extensions and sync while a profile is locked - Profiles Approach (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/extensions/extension_service.cc |
| diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc |
| index d8e601beb50ac115f6528daf73bf231b02b4ae96..084b713a86c001c89f413aa7c7d3a7e66b67d8de 100644 |
| --- a/chrome/browser/extensions/extension_service.cc |
| +++ b/chrome/browser/extensions/extension_service.cc |
| @@ -167,10 +167,10 @@ void ExtensionService::AddProviderForTesting( |
| void ExtensionService::BlacklistExtensionForTest( |
| const std::string& extension_id) { |
| - ExtensionIdSet blocked; |
| + ExtensionIdSet blacklisted; |
| ExtensionIdSet unchanged; |
| - blocked.insert(extension_id); |
| - UpdateBlockedExtensions(blocked, unchanged); |
| + blacklisted.insert(extension_id); |
| + UpdateBlacklistedExtensions(blacklisted, unchanged); |
| } |
| bool ExtensionService::OnExternalExtensionUpdateUrlFound( |
| @@ -270,6 +270,7 @@ ExtensionService::ExtensionService(Profile* profile, |
| browser_terminating_(false), |
| installs_delayed_for_gc_(false), |
| is_first_run_(false), |
| + block_extensions_(false), |
| shared_module_service_(new extensions::SharedModuleService(profile_)) { |
| CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| @@ -374,11 +375,11 @@ const Extension* ExtensionService::GetExtensionById( |
| const std::string& id, bool include_disabled) const { |
| int include_mask = ExtensionRegistry::ENABLED; |
| if (include_disabled) { |
| - // Include blacklisted extensions here because there are hundreds of |
| - // callers of this function, and many might assume that this includes those |
| - // that have been disabled due to blacklisting. |
| + // Include blacklisted and blocked extensions here because there are |
| + // hundreds of callers of this function, and many might assume that this |
| + // includes those that have been disabled due to blacklisting or blocking. |
| include_mask |= ExtensionRegistry::DISABLED | |
| - ExtensionRegistry::BLACKLISTED; |
| + ExtensionRegistry::BLACKLISTED | ExtensionRegistry::BLOCKED; |
| } |
| return registry_->GetExtensionById(id, include_mask); |
| } |
| @@ -579,12 +580,14 @@ void ExtensionService::ReloadExtensionImpl( |
| return; |
| } |
| - // Ignore attempts to reload a blacklisted extension. Sometimes this can |
| - // happen in a convoluted reload sequence triggered by the termination of a |
| - // blacklisted extension and a naive attempt to reload it. For an example see |
| - // http://crbug.com/373842. |
| - if (registry_->blacklisted_extensions().Contains(transient_extension_id)) |
| + // Ignore attempts to reload a blacklisted or blocked extension. Sometimes |
| + // this can happen in a convoluted reload sequence triggered by the |
| + // termination of a blacklisted or blocked extension and a naive attempt to |
| + // reload it. For an example see http://crbug.com/373842. |
| + if (registry_->blacklisted_extensions().Contains(transient_extension_id) || |
| + registry_->blocked_extensions().Contains(transient_extension_id)) { |
| return; |
| + } |
| base::FilePath path; |
| @@ -789,7 +792,8 @@ bool ExtensionService::IsExtensionEnabled( |
| } |
| if (registry_->disabled_extensions().Contains(extension_id) || |
| - registry_->blacklisted_extensions().Contains(extension_id)) { |
| + registry_->blacklisted_extensions().Contains(extension_id) || |
| + registry_->blocked_extensions().Contains(extension_id)) { |
| return false; |
| } |
| @@ -797,6 +801,7 @@ bool ExtensionService::IsExtensionEnabled( |
| // enabled unless otherwise noted. |
| return !extension_prefs_->IsExtensionDisabled(extension_id) && |
| !extension_prefs_->IsExtensionBlacklisted(extension_id) && |
| + !extension_prefs_->IsExtensionBlocked(extension_id) && |
| !extension_prefs_->IsExternalExtensionUninstalled(extension_id); |
| } |
| @@ -920,6 +925,45 @@ void ExtensionService::DisableUserExtensions( |
| } |
| } |
| +// Extensions that are not locked, components or forced by policy should be |
|
Andrew T Wilson (Slow)
2014/11/17 16:09:25
So, if I have a force-installed extension that is
not at google - send to devlin
2014/11/17 17:04:20
Yeah, good point. You could argue it either way, b
|
| +// locked. Extensions are no longer considered enabled or disabled. Blacklisted |
| +// extensions are now considered both blacklisted and locked. |
| +void ExtensionService::BlockAllExtensions() { |
| + block_extensions_ = true; |
|
not at google - send to devlin
2014/11/17 17:04:20
Can you early-return from this function if it's al
Mike Lerman
2014/11/19 14:54:34
Done.
|
| + // Blacklisted extensions are already unloaded, need not be blocked. |
| + scoped_ptr<ExtensionSet> extensions = |
| + registry_->GenerateInstalledExtensionsSet(ExtensionRegistry::ENABLED | |
| + ExtensionRegistry::DISABLED | |
| + ExtensionRegistry::TERMINATED); |
| + |
| + for (const scoped_refptr<const Extension> extension : *extensions.get()) { |
|
not at google - send to devlin
2014/11/17 17:04:20
1. Make it a const scoped_refptr<const Extension>&
Mike Lerman
2014/11/19 14:54:34
Done.
|
| + const std::string& id = extension->id(); |
| + |
| + if (!CanBlockExtension(extension.get())) |
| + continue; |
| + |
| + registry_->RemoveEnabled(id); |
| + registry_->RemoveDisabled(id); |
| + registry_->RemoveTerminated(id); |
| + |
| + registry_->AddBlocked(extension.get()); |
| + UnloadExtension(id, extensions::UnloadedExtensionInfo::REASON_LOCK_ALL); |
| + } |
| +} |
| + |
| +// All locked extensions should revert to being either enabled or disabled |
| +// as appropriate. |
| +void ExtensionService::UnblockAllExtensions() { |
| + block_extensions_ = false; |
| + scoped_ptr<ExtensionSet> to_unblock = |
| + registry_->GenerateInstalledExtensionsSet(ExtensionRegistry::BLOCKED); |
| + |
| + for (const scoped_refptr<const Extension> extension : *to_unblock.get()) { |
|
not at google - send to devlin
2014/11/17 17:04:20
Also use a reference, no .get().
Mike Lerman
2014/11/19 14:54:34
Done.
|
| + registry_->RemoveBlocked(extension->id()); |
| + AddExtension(extension.get()); |
| + } |
| +} |
| + |
| void ExtensionService::GrantPermissionsAndEnableExtension( |
| const Extension* extension) { |
| GrantPermissions(extension); |
| @@ -1373,6 +1417,9 @@ void ExtensionService::AddExtension(const Extension* extension) { |
| // installation then threads through the install and pending install flow |
| // of this class, and we check when loading installed extensions. |
| registry_->AddBlacklisted(extension); |
| + } else if (extension_prefs_->IsExtensionBlocked(extension->id()) || |
| + (block_extensions_ && CanBlockExtension(extension))) { |
| + registry_->AddBlocked(extension); |
| } else if (!reloading && |
| extension_prefs_->IsExtensionDisabled(extension->id())) { |
| registry_->AddDisabled(extension); |
| @@ -2175,6 +2222,13 @@ bool ExtensionService::ShouldEnableOnInstall(const Extension* extension) { |
| return true; |
| } |
| +// Helper method to determine if an extension can be blocked. |
| +bool ExtensionService::CanBlockExtension(const Extension* extension) { |
| + return extension->location() != Manifest::COMPONENT && |
| + extension->location() != Manifest::EXTERNAL_COMPONENT && |
| + !system_->management_policy()->MustRemainEnabled(extension, NULL); |
| +} |
| + |
| bool ExtensionService::ShouldDelayExtensionUpdate( |
| const std::string& extension_id, |
| bool install_immediately) const { |
| @@ -2236,7 +2290,7 @@ void ExtensionService::ManageBlacklist( |
| const extensions::Blacklist::BlacklistStateMap& state_map) { |
| DCHECK_CURRENTLY_ON(BrowserThread::UI); |
| - std::set<std::string> blocked; |
| + std::set<std::string> blacklisted; |
| ExtensionIdSet greylist; |
| ExtensionIdSet unchanged; |
| for (extensions::Blacklist::BlacklistStateMap::const_iterator it = |
| @@ -2248,7 +2302,7 @@ void ExtensionService::ManageBlacklist( |
| break; |
| case extensions::BLACKLISTED_MALWARE: |
| - blocked.insert(it->first); |
| + blacklisted.insert(it->first); |
| break; |
| case extensions::BLACKLISTED_SECURITY_VULNERABILITY: |
| @@ -2263,7 +2317,7 @@ void ExtensionService::ManageBlacklist( |
| } |
| } |
| - UpdateBlockedExtensions(blocked, unchanged); |
| + UpdateBlacklistedExtensions(blacklisted, unchanged); |
| UpdateGreylistedExtensions(greylist, unchanged, state_map); |
| error_controller_->ShowErrorIfNeeded(); |
| @@ -2281,21 +2335,20 @@ void Partition(const ExtensionIdSet& before, |
| } |
| } // namespace |
| -void ExtensionService::UpdateBlockedExtensions( |
| - const ExtensionIdSet& blocked, |
| +void ExtensionService::UpdateBlacklistedExtensions( |
| + const ExtensionIdSet& blacklisted, |
| const ExtensionIdSet& unchanged) { |
| ExtensionIdSet not_yet_blocked, no_longer_blocked; |
| - Partition(registry_->blacklisted_extensions().GetIDs(), |
| - blocked, unchanged, |
| - &no_longer_blocked, ¬_yet_blocked); |
| + Partition(registry_->blacklisted_extensions().GetIDs(), blacklisted, |
| + unchanged, &no_longer_blocked, ¬_yet_blocked); |
| for (ExtensionIdSet::iterator it = no_longer_blocked.begin(); |
| it != no_longer_blocked.end(); ++it) { |
| scoped_refptr<const Extension> extension = |
| registry_->blacklisted_extensions().GetByID(*it); |
| if (!extension.get()) { |
| - NOTREACHED() << "Extension " << *it << " no longer blocked, " |
| - << "but it was never blocked."; |
| + NOTREACHED() << "Extension " << *it << " no longer blacklisted, " |
| + << "but it was never blacklisted."; |
| continue; |
| } |
| registry_->RemoveBlacklisted(*it); |
