• Home
  • Line#
  • Scopes#
  • Navigate#
  • Raw
  • Download
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 
5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
7 
8 #include <map>
9 #include <string>
10 #include <vector>
11 
12 #include "base/macros.h"
13 #include "base/memory/scoped_ptr.h"
14 #include "base/memory/singleton.h"
15 #include "base/observer_list.h"
16 #include "base/prefs/pref_change_registrar.h"
17 #include "base/values.h"
18 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
19 #include "components/keyed_service/core/keyed_service.h"
20 #include "extensions/browser/management_policy.h"
21 #include "extensions/common/extension.h"
22 #include "extensions/common/manifest.h"
23 #include "extensions/common/url_pattern_set.h"
24 
25 class GURL;
26 class PrefService;
27 
28 namespace content {
29 class BrowserContext;
30 }  // namespace content
31 
32 namespace extensions {
33 
34 // Tracks the management policies that affect extensions and provides interfaces
35 // for observing and obtaining the global settings for all extensions, as well
36 // as per-extension settings.
37 class ExtensionManagement : public KeyedService {
38  public:
39   // Observer class for extension management settings changes.
40   class Observer {
41    public:
~Observer()42     virtual ~Observer() {}
43 
44     // Will be called when an extension management preference changes.
45     virtual void OnExtensionManagementSettingsChanged() = 0;
46   };
47 
48   // Installation mode for extensions, default is INSTALLATION_ALLOWED.
49   // * INSTALLATION_ALLOWED: Extension can be installed.
50   // * INSTALLATION_BLOCKED: Extension cannot be installed.
51   // * INSTALLATION_FORCED: Extension will be installed automatically
52   //                        and cannot be disabled.
53   // * INSTALLATION_RECOMMENDED: Extension will be installed automatically but
54   //                             can be disabled.
55   enum InstallationMode {
56     INSTALLATION_ALLOWED = 0,
57     INSTALLATION_BLOCKED,
58     INSTALLATION_FORCED,
59     INSTALLATION_RECOMMENDED,
60   };
61 
62   // Class to hold extension management settings for one or a group of
63   // extensions. Settings can be applied to an individual extension identified
64   // by an ID, a group of extensions with specific |update_url| or all
65   // extensions at once.
66   struct IndividualSettings {
67     IndividualSettings();
68     ~IndividualSettings();
69 
70     void Reset();
71 
72     // Extension installation mode. Setting this to INSTALLATION_FORCED or
73     // INSTALLATION_RECOMMENDED will enable extension auto-loading (only
74     // applicable to single extension), and in this case the |update_url| must
75     // be specified, containing the update URL for this extension.
76     // Note that |update_url| will be ignored for INSTALLATION_ALLOWED and
77     // INSTALLATION_BLOCKED installation mode.
78     // These settings will override the default settings, and unspecified
79     // settings will take value from default settings.
80     InstallationMode installation_mode;
81     std::string update_url;
82   };
83 
84   // Global extension management settings, applicable to all extensions.
85   struct GlobalSettings {
86     GlobalSettings();
87     ~GlobalSettings();
88 
89     void Reset();
90 
91     // Settings specifying which URLs are allowed to install extensions, will be
92     // enforced only if |has_restricted_install_sources| is set to true.
93     URLPatternSet install_sources;
94     bool has_restricted_install_sources;
95 
96     // Settings specifying all allowed app/extension types, will be enforced
97     // only of |has_restricted_allowed_types| is set to true.
98     std::vector<Manifest::Type> allowed_types;
99     bool has_restricted_allowed_types;
100   };
101 
102   typedef std::map<ExtensionId, IndividualSettings> SettingsIdMap;
103 
104   explicit ExtensionManagement(PrefService* pref_service);
105   virtual ~ExtensionManagement();
106 
107   void AddObserver(Observer* observer);
108   void RemoveObserver(Observer* observer);
109 
110   // Get the ManagementPolicy::Provider controlled by extension management
111   // policy settings.
112   ManagementPolicy::Provider* GetProvider();
113 
114   // Checks if extensions are blacklisted by default, by policy. When true,
115   // this means that even extensions without an ID should be blacklisted (e.g.
116   // from the command line, or when loaded as an unpacked extension).
117   bool BlacklistedByDefault();
118 
119   // Returns the force install list, in format specified by
120   // ExternalPolicyLoader::AddExtension().
121   scoped_ptr<base::DictionaryValue> GetForceInstallList() const;
122 
123   // Returns if an extension with id |id| is explicitly allowed by enterprise
124   // policy or not.
125   bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const;
126 
127   // Returns true if an extension download should be allowed to proceed.
128   bool IsOffstoreInstallAllowed(const GURL& url, const GURL& referrer_url);
129 
130   // Helper function to read |settings_by_id_| with |id| as key. Returns a
131   // constant reference to default settings if |id| does not exist.
132   const IndividualSettings& ReadById(const ExtensionId& id) const;
133 
134   // Returns a constant reference to |global_settings_|.
135   const GlobalSettings& ReadGlobalSettings() const;
136 
137  private:
138   // Load all extension management preferences from |pref_service|, and
139   // refresh the settings.
140   void Refresh();
141 
142   // Load preference with name |pref_name| and expected type |expected_type|.
143   // If |force_managed| is true, only loading from the managed preference store
144   // is allowed. Returns NULL if the preference is not present, not allowed to
145   // be loaded from or has the wrong type.
146   const base::Value* LoadPreference(const char* pref_name,
147                                     bool force_managed,
148                                     base::Value::Type expected_type);
149 
150   void OnExtensionPrefChanged();
151   void NotifyExtensionManagementPrefChanged();
152 
153   // Helper function to access |settings_by_id_| with |id| as key.
154   // Adds a new IndividualSettings entry to |settings_by_id_| if none exists for
155   // |id| yet.
156   IndividualSettings* AccessById(const ExtensionId& id);
157 
158   // A map containing all IndividualSettings applied to an individual extension
159   // identified by extension ID. The extension ID is used as index key of the
160   // map.
161   // TODO(binjin): Add |settings_by_update_url_|, and implement mechanism for
162   // it.
163   SettingsIdMap settings_by_id_;
164 
165   // The default IndividualSettings.
166   // For extension settings applied to an individual extension (identified by
167   // extension ID) or a group of extension (with specified extension update
168   // URL), all unspecified part will take value from |default_settings_|.
169   // For all other extensions, all settings from |default_settings_| will be
170   // enforced.
171   IndividualSettings default_settings_;
172 
173   // Extension settings applicable to all extensions.
174   GlobalSettings global_settings_;
175 
176   PrefService* pref_service_;
177 
178   ObserverList<Observer, true> observer_list_;
179   PrefChangeRegistrar pref_change_registrar_;
180   scoped_ptr<ManagementPolicy::Provider> provider_;
181 
182   DISALLOW_COPY_AND_ASSIGN(ExtensionManagement);
183 };
184 
185 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory {
186  public:
187   static ExtensionManagement* GetForBrowserContext(
188       content::BrowserContext* context);
189   static ExtensionManagementFactory* GetInstance();
190 
191  private:
192   friend struct DefaultSingletonTraits<ExtensionManagementFactory>;
193 
194   ExtensionManagementFactory();
195   virtual ~ExtensionManagementFactory();
196 
197   // BrowserContextKeyedServiceExtensionManagementFactory:
198   virtual KeyedService* BuildServiceInstanceFor(
199       content::BrowserContext* context) const OVERRIDE;
200   virtual content::BrowserContext* GetBrowserContextToUse(
201       content::BrowserContext* context) const OVERRIDE;
202   virtual void RegisterProfilePrefs(
203       user_prefs::PrefRegistrySyncable* registry) OVERRIDE;
204 
205   DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory);
206 };
207 
208 }  // namespace extensions
209 
210 #endif  // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
211