Add more management policy checking after extension installed

chrome/browser/extensions/extension_service.cc

Index: chrome/browser/extensions/extension_service.cc
diff --git a/chrome/browser/extensions/extension_service.cc b/chrome/browser/extensions/extension_service.cc
index d8e601beb50ac115f6528daf73bf231b02b4ae96..13ee90f7e46b60681e6cb75c9053d98556057ea3 100644
--- a/chrome/browser/extensions/extension_service.cc
+++ b/chrome/browser/extensions/extension_service.cc
@@ -1434,6 +1434,7 @@ void ExtensionService::AddComponentExtension(const Extension* extension) {
 
     AddNewOrUpdatedExtension(extension,
                              Extension::ENABLED,
+                             Extension::DISABLE_NONE,
                              extensions::kInstallFlagNone,
                              syncer::StringOrdinal(),
                              std::string());
@@ -1571,7 +1572,9 @@ void ExtensionService::OnExtensionInstalled(
   CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
 
   const std::string& id = extension->id();
-  bool initial_enable = ShouldEnableOnInstall(extension);
+  Extension::DisableReason initial_disable_reason = Extension::DISABLE_NONE;
+  bool initial_enable =
+      ShouldEnableOnInstall(extension, &initial_disable_reason);
   std::string install_parameter;
   const extensions::PendingExtensionInfo* pending_extension_info =
       pending_extension_manager()->GetById(id);
@@ -1605,20 +1608,21 @@ void ExtensionService::OnExtensionInstalled(
     // installing the extension.
     if (extension_prefs_->IsExternalExtensionUninstalled(id)) {
       initial_enable = true;
+      initial_disable_reason = Extension::DISABLE_NONE;
     }
   }
 
   // Unsupported requirements overrides the management policy.
   if (install_flags & extensions::kInstallFlagHasRequirementErrors) {
     initial_enable = false;
-    extension_prefs_->AddDisableReason(
-        id, Extension::DISABLE_UNSUPPORTED_REQUIREMENT);
+    initial_disable_reason = Extension::DISABLE_UNSUPPORTED_REQUIREMENT;
   // If the extension was disabled because of unsupported requirements but
   // now supports all requirements after an update and there are not other
   // disable reasons, enable it.
   } else if (extension_prefs_->GetDisableReasons(id) ==
       Extension::DISABLE_UNSUPPORTED_REQUIREMENT) {
     initial_enable = true;
+    initial_disable_reason = Extension::DISABLE_NONE;
     extension_prefs_->ClearDisableReasons(id);
   }
 
@@ -1662,6 +1666,7 @@ void ExtensionService::OnExtensionInstalled(
     extension_prefs_->SetDelayedInstallInfo(
         extension,
         initial_state,
+        initial_disable_reason,
         install_flags,
         extensions::ExtensionPrefs::DELAY_REASON_WAIT_FOR_IDLE,
         page_ordinal,
@@ -1682,6 +1687,7 @@ void ExtensionService::OnExtensionInstalled(
     extension_prefs_->SetDelayedInstallInfo(
         extension,
         initial_state,
+        initial_disable_reason,
         install_flags,
         extensions::ExtensionPrefs::DELAY_REASON_GC,
         page_ordinal,
@@ -1692,6 +1698,7 @@ void ExtensionService::OnExtensionInstalled(
       extension_prefs_->SetDelayedInstallInfo(
           extension,
           initial_state,
+          initial_disable_reason,
           install_flags,
           extensions::ExtensionPrefs::DELAY_REASON_WAIT_FOR_IMPORTS,
           page_ordinal,
@@ -1701,6 +1708,7 @@ void ExtensionService::OnExtensionInstalled(
   } else {
     AddNewOrUpdatedExtension(extension,
                              initial_state,
+                             initial_disable_reason,
                              install_flags,
                              page_ordinal,
                              install_parameter);
@@ -1732,13 +1740,15 @@ void ExtensionService::OnExtensionManagementSettingsChanged() {
 void ExtensionService::AddNewOrUpdatedExtension(
     const Extension* extension,
     Extension::State initial_state,
+    Extension::DisableReason initial_disable_reason,
     int install_flags,
     const syncer::StringOrdinal& page_ordinal,
     const std::string& install_parameter) {
   CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
   bool was_ephemeral = extension_prefs_->IsEphemeralApp(extension->id());
-  extension_prefs_->OnExtensionInstalled(
-      extension, initial_state, page_ordinal, install_flags, install_parameter);
+  extension_prefs_->OnExtensionInstalled(extension, initial_state,
+                                         initial_disable_reason, page_ordinal,
+                                         install_flags, install_parameter);
   delayed_installs_.Remove(extension->id());
   if (InstallVerifier::NeedsVerification(*extension))
     system_->install_verifier()->VerifyExtension(extension->id());
@@ -2152,14 +2162,25 @@ void ExtensionService::Observe(int type,
   }
 }
 
-bool ExtensionService::ShouldEnableOnInstall(const Extension* extension) {
+bool ExtensionService::ShouldEnableOnInstall(
+    const Extension* extension,
+    Extension::DisableReason* disable_reason) {
+  // Extensions disabled by managemeny policy should always be disabled, even
+  // if it's force-installed.
+  if (system_->management_policy()->MustRemainDisabled(
+          extension, disable_reason, nullptr)) {
+    return false;
+  }
+
   // Extensions installed by policy can't be disabled. So even if a previous
   // installation disabled the extension, make sure it is now enabled.
-  if (system_->management_policy()->MustRemainEnabled(extension, NULL))
+  if (system_->management_policy()->MustRemainEnabled(extension, nullptr))
     return true;
 
-  if (extension_prefs_->IsExtensionDisabled(extension->id()))
+  if (extension_prefs_->IsExtensionDisabled(extension->id())) {
+    *disable_reason = Extension::DISABLE_NONE;

[Finnur, 2014/11/11 22:58:03]

It is a bit weird to set this only when this function returns false. Is that on
purpose?

[binjin, 2014/11/12 16:33:18]

Yes, the |disable_reason| will be ignored if true is returned.

     return false;
+  }
 
   if (FeatureSwitch::prompt_for_external_extensions()->IsEnabled()) {
     // External extensions are initially disabled. We prompt the user before
@@ -2168,6 +2189,7 @@ bool ExtensionService::ShouldEnableOnInstall(const Extension* extension) {
     if (extension->GetType() != Manifest::TYPE_HOSTED_APP &&
         Manifest::IsExternalLocation(extension->location()) &&
         !extension_prefs_->IsExternalExtensionAcknowledged(extension->id())) {
+      *disable_reason = Extension::DISABLE_NONE;
       return false;
     }
   }