1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ 6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ 7 8 #include <map> 9 #include <string> 10 #include <vector> 11 12 #include "base/macros.h" 13 #include "base/memory/scoped_ptr.h" 14 #include "base/memory/singleton.h" 15 #include "base/observer_list.h" 16 #include "base/prefs/pref_change_registrar.h" 17 #include "base/values.h" 18 #include "components/keyed_service/content/browser_context_keyed_service_factory.h" 19 #include "components/keyed_service/core/keyed_service.h" 20 #include "extensions/browser/management_policy.h" 21 #include "extensions/common/extension.h" 22 #include "extensions/common/manifest.h" 23 #include "extensions/common/url_pattern_set.h" 24 25 class GURL; 26 class PrefService; 27 28 namespace content { 29 class BrowserContext; 30 } // namespace content 31 32 namespace extensions { 33 34 // Tracks the management policies that affect extensions and provides interfaces 35 // for observing and obtaining the global settings for all extensions, as well 36 // as per-extension settings. 37 class ExtensionManagement : public KeyedService { 38 public: 39 // Observer class for extension management settings changes. 40 class Observer { 41 public: ~Observer()42 virtual ~Observer() {} 43 44 // Will be called when an extension management preference changes. 45 virtual void OnExtensionManagementSettingsChanged() = 0; 46 }; 47 48 // Installation mode for extensions, default is INSTALLATION_ALLOWED. 49 // * INSTALLATION_ALLOWED: Extension can be installed. 50 // * INSTALLATION_BLOCKED: Extension cannot be installed. 51 // * INSTALLATION_FORCED: Extension will be installed automatically 52 // and cannot be disabled. 53 // * INSTALLATION_RECOMMENDED: Extension will be installed automatically but 54 // can be disabled. 55 enum InstallationMode { 56 INSTALLATION_ALLOWED = 0, 57 INSTALLATION_BLOCKED, 58 INSTALLATION_FORCED, 59 INSTALLATION_RECOMMENDED, 60 }; 61 62 // Class to hold extension management settings for one or a group of 63 // extensions. Settings can be applied to an individual extension identified 64 // by an ID, a group of extensions with specific |update_url| or all 65 // extensions at once. 66 struct IndividualSettings { 67 IndividualSettings(); 68 ~IndividualSettings(); 69 70 void Reset(); 71 72 // Extension installation mode. Setting this to INSTALLATION_FORCED or 73 // INSTALLATION_RECOMMENDED will enable extension auto-loading (only 74 // applicable to single extension), and in this case the |update_url| must 75 // be specified, containing the update URL for this extension. 76 // Note that |update_url| will be ignored for INSTALLATION_ALLOWED and 77 // INSTALLATION_BLOCKED installation mode. 78 // These settings will override the default settings, and unspecified 79 // settings will take value from default settings. 80 InstallationMode installation_mode; 81 std::string update_url; 82 }; 83 84 // Global extension management settings, applicable to all extensions. 85 struct GlobalSettings { 86 GlobalSettings(); 87 ~GlobalSettings(); 88 89 void Reset(); 90 91 // Settings specifying which URLs are allowed to install extensions, will be 92 // enforced only if |has_restricted_install_sources| is set to true. 93 URLPatternSet install_sources; 94 bool has_restricted_install_sources; 95 96 // Settings specifying all allowed app/extension types, will be enforced 97 // only of |has_restricted_allowed_types| is set to true. 98 std::vector<Manifest::Type> allowed_types; 99 bool has_restricted_allowed_types; 100 }; 101 102 typedef std::map<ExtensionId, IndividualSettings> SettingsIdMap; 103 104 explicit ExtensionManagement(PrefService* pref_service); 105 virtual ~ExtensionManagement(); 106 107 void AddObserver(Observer* observer); 108 void RemoveObserver(Observer* observer); 109 110 // Get the ManagementPolicy::Provider controlled by extension management 111 // policy settings. 112 ManagementPolicy::Provider* GetProvider(); 113 114 // Checks if extensions are blacklisted by default, by policy. When true, 115 // this means that even extensions without an ID should be blacklisted (e.g. 116 // from the command line, or when loaded as an unpacked extension). 117 bool BlacklistedByDefault(); 118 119 // Returns the force install list, in format specified by 120 // ExternalPolicyLoader::AddExtension(). 121 scoped_ptr<base::DictionaryValue> GetForceInstallList() const; 122 123 // Returns if an extension with id |id| is explicitly allowed by enterprise 124 // policy or not. 125 bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const; 126 127 // Returns true if an extension download should be allowed to proceed. 128 bool IsOffstoreInstallAllowed(const GURL& url, const GURL& referrer_url); 129 130 // Helper function to read |settings_by_id_| with |id| as key. Returns a 131 // constant reference to default settings if |id| does not exist. 132 const IndividualSettings& ReadById(const ExtensionId& id) const; 133 134 // Returns a constant reference to |global_settings_|. 135 const GlobalSettings& ReadGlobalSettings() const; 136 137 private: 138 // Load all extension management preferences from |pref_service|, and 139 // refresh the settings. 140 void Refresh(); 141 142 // Load preference with name |pref_name| and expected type |expected_type|. 143 // If |force_managed| is true, only loading from the managed preference store 144 // is allowed. Returns NULL if the preference is not present, not allowed to 145 // be loaded from or has the wrong type. 146 const base::Value* LoadPreference(const char* pref_name, 147 bool force_managed, 148 base::Value::Type expected_type); 149 150 void OnExtensionPrefChanged(); 151 void NotifyExtensionManagementPrefChanged(); 152 153 // Helper function to access |settings_by_id_| with |id| as key. 154 // Adds a new IndividualSettings entry to |settings_by_id_| if none exists for 155 // |id| yet. 156 IndividualSettings* AccessById(const ExtensionId& id); 157 158 // A map containing all IndividualSettings applied to an individual extension 159 // identified by extension ID. The extension ID is used as index key of the 160 // map. 161 // TODO(binjin): Add |settings_by_update_url_|, and implement mechanism for 162 // it. 163 SettingsIdMap settings_by_id_; 164 165 // The default IndividualSettings. 166 // For extension settings applied to an individual extension (identified by 167 // extension ID) or a group of extension (with specified extension update 168 // URL), all unspecified part will take value from |default_settings_|. 169 // For all other extensions, all settings from |default_settings_| will be 170 // enforced. 171 IndividualSettings default_settings_; 172 173 // Extension settings applicable to all extensions. 174 GlobalSettings global_settings_; 175 176 PrefService* pref_service_; 177 178 ObserverList<Observer, true> observer_list_; 179 PrefChangeRegistrar pref_change_registrar_; 180 scoped_ptr<ManagementPolicy::Provider> provider_; 181 182 DISALLOW_COPY_AND_ASSIGN(ExtensionManagement); 183 }; 184 185 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory { 186 public: 187 static ExtensionManagement* GetForBrowserContext( 188 content::BrowserContext* context); 189 static ExtensionManagementFactory* GetInstance(); 190 191 private: 192 friend struct DefaultSingletonTraits<ExtensionManagementFactory>; 193 194 ExtensionManagementFactory(); 195 virtual ~ExtensionManagementFactory(); 196 197 // BrowserContextKeyedServiceExtensionManagementFactory: 198 virtual KeyedService* BuildServiceInstanceFor( 199 content::BrowserContext* context) const OVERRIDE; 200 virtual content::BrowserContext* GetBrowserContextToUse( 201 content::BrowserContext* context) const OVERRIDE; 202 virtual void RegisterProfilePrefs( 203 user_prefs::PrefRegistrySyncable* registry) OVERRIDE; 204 205 DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory); 206 }; 207 208 } // namespace extensions 209 210 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_ 211