Home | History | Annotate | Download | only in browser
      1 // Copyright 2013 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef EXTENSIONS_BROWSER_MANAGEMENT_POLICY_H_
      6 #define EXTENSIONS_BROWSER_MANAGEMENT_POLICY_H_
      7 
      8 #include <set>
      9 #include <string>
     10 
     11 #include "base/basictypes.h"
     12 #include "extensions/common/extension.h"
     13 
     14 namespace extensions {
     15 
     16 // This class registers providers that want to prohibit certain actions from
     17 // being applied to extensions. It must be called, via the ExtensionService,
     18 // before allowing a user or a user-level mechanism to perform the respective
     19 // action. (That is, installing or otherwise modifying an extension in order
     20 // to conform to enterprise administrator policy must be exempted from these
     21 // checks.)
     22 //
     23 // This "policy" and its providers should not be confused with administrator
     24 // policy, although admin policy is one of the sources ("Providers") of
     25 // restrictions registered with and exposed by the ManagementPolicy.
     26 class ManagementPolicy {
     27  public:
     28   // Each mechanism that wishes to limit users' ability to control extensions,
     29   // whether one individual extension or the whole system, should implement
     30   // the methods of this Provider interface that it needs. In each case, if the
     31   // provider does not need to control a certain action, that method does not
     32   // need to be implemented.
     33   //
     34   // It is not guaranteed that a particular Provider's methods will be called
     35   // each time a user tries to perform one of the controlled actions (the list
     36   // of providers is short-circuited as soon as a decision is possible), so
     37   // implementations of these methods must have no side effects.
     38   //
     39   // For all of the Provider methods below, if |error| is not NULL and the
     40   // method imposes a restriction on the desired action, |error| may be set
     41   // to an applicable error message, but this is not required.
     42   class Provider {
     43    public:
     44     Provider() {}
     45     virtual ~Provider() {}
     46 
     47     // A human-readable name for this provider, for use in debug messages.
     48     // Implementers should return an empty string in non-debug builds, to save
     49     // executable size.
     50     virtual std::string GetDebugPolicyProviderName() const = 0;
     51 
     52     // Providers should return false if a user may not install the |extension|,
     53     // or load or run it if it has already been installed.
     54     virtual bool UserMayLoad(const Extension* extension,
     55                              string16* error) const;
     56 
     57     // Providers should return false if a user may not enable, disable, or
     58     // uninstall the |extension|, or change its usage options (incognito
     59     // permission, file access, etc.).
     60     virtual bool UserMayModifySettings(const Extension* extension,
     61                                        string16* error) const;
     62 
     63     // Providers should return true if the |extension| must always remain
     64     // enabled. This is distinct from UserMayModifySettings() in that the latter
     65     // also prohibits enabling the extension if it is currently disabled.
     66     // Providers implementing this method should also implement the others
     67     // above, if they wish to completely lock in an extension.
     68     virtual bool MustRemainEnabled(const Extension* extension,
     69                                    string16* error) const;
     70 
     71     // Similar to MustRemainEnabled, but for whether an extension must remain
     72     // disabled, and returns an error and/or reason if the caller needs it.
     73     virtual bool MustRemainDisabled(const Extension* extension,
     74                                     Extension::DisableReason* reason,
     75                                     string16* error) const;
     76 
     77    private:
     78     DISALLOW_COPY_AND_ASSIGN(Provider);
     79   };
     80 
     81   ManagementPolicy();
     82   ~ManagementPolicy();
     83 
     84   // Registers or unregisters a provider, causing it to be added to or removed
     85   // from the list of providers queried. Ownership of the provider remains with
     86   // the caller. Providers do not need to be unregistered on shutdown.
     87   void RegisterProvider(Provider* provider);
     88   void UnregisterProvider(Provider* provider);
     89 
     90   // Returns true if the user is permitted to install, load, and run the given
     91   // extension. If not, |error| may be set to an appropriate message.
     92   bool UserMayLoad(const Extension* extension, string16* error) const;
     93 
     94   // Returns true if the user is permitted to enable, disable, or uninstall the
     95   // given extension, or change the extension's usage options (incognito mode,
     96   // file access, etc.). If not, |error| may be set to an appropriate message.
     97   bool UserMayModifySettings(const Extension* extension,
     98                              string16* error) const;
     99 
    100   // Returns true if the extension must remain enabled at all times (e.g. a
    101   // compoment extension). In that case, |error| may be set to an appropriate
    102   // message.
    103   bool MustRemainEnabled(const Extension* extension,
    104                          string16* error) const;
    105 
    106   // Returns true immediately if any registered provider's MustRemainDisabled
    107   // function returns true.
    108   bool MustRemainDisabled(const Extension* extension,
    109                           Extension::DisableReason* reason,
    110                           string16* error) const;
    111 
    112   // For use in testing.
    113   void UnregisterAllProviders();
    114   int GetNumProviders() const;
    115 
    116  private:
    117   // This is a pointer to a function in the Provider interface, used in
    118   // ApplyToProviderList.
    119   typedef bool (Provider::*ProviderFunction)(const Extension*, string16*) const;
    120 
    121   typedef std::set<Provider*> ProviderList;
    122 
    123   // This is a helper to apply a method in the Provider interface to each of
    124   // the Provider objects in |providers_|. The return value of this function
    125   // will be |normal_result|, unless any of the Provider calls to |function|
    126   // return !normal_result, in which case this function will then early-return
    127   // !normal_result.
    128   bool ApplyToProviderList(ProviderFunction function,
    129                            const char* debug_operation_name,
    130                            bool normal_result,
    131                            const Extension* extension,
    132                            string16* error) const;
    133 
    134   ProviderList providers_;
    135 
    136   DISALLOW_COPY_AND_ASSIGN(ManagementPolicy);
    137 };
    138 
    139 }  // namespace extensions
    140 
    141 #endif  // EXTENSIONS_BROWSER_MANAGEMENT_POLICY_H_
    142