1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #include "chrome/browser/extensions/external_provider_impl.h" 6 7 #include <set> 8 #include <vector> 9 10 #include "base/command_line.h" 11 #include "base/files/file_path.h" 12 #include "base/logging.h" 13 #include "base/memory/linked_ptr.h" 14 #include "base/metrics/field_trial.h" 15 #include "base/path_service.h" 16 #include "base/strings/string_util.h" 17 #include "base/values.h" 18 #include "base/version.h" 19 #include "chrome/browser/app_mode/app_mode_utils.h" 20 #include "chrome/browser/browser_process.h" 21 #include "chrome/browser/extensions/extension_service.h" 22 #include "chrome/browser/extensions/external_component_loader.h" 23 #include "chrome/browser/extensions/external_policy_loader.h" 24 #include "chrome/browser/extensions/external_pref_loader.h" 25 #include "chrome/browser/profiles/profile.h" 26 #include "chrome/common/chrome_paths.h" 27 #include "chrome/common/chrome_switches.h" 28 #include "chrome/common/pref_names.h" 29 #include "content/public/browser/browser_thread.h" 30 #include "extensions/browser/extension_system.h" 31 #include "extensions/browser/external_provider_interface.h" 32 #include "extensions/common/extension.h" 33 #include "extensions/common/manifest.h" 34 #include "ui/base/l10n/l10n_util.h" 35 36 #if defined(OS_CHROMEOS) 37 #include "chrome/browser/chromeos/customization_document.h" 38 #include "chrome/browser/chromeos/extensions/device_local_account_external_policy_loader.h" 39 #include "chrome/browser/chromeos/login/users/user.h" 40 #include "chrome/browser/chromeos/login/users/user_manager.h" 41 #include "chrome/browser/chromeos/policy/app_pack_updater.h" 42 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" 43 #include "chrome/browser/chromeos/policy/device_local_account.h" 44 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" 45 #else 46 #include "chrome/browser/extensions/default_apps.h" 47 #endif 48 49 #if defined(OS_WIN) 50 #include "chrome/browser/extensions/external_registry_loader_win.h" 51 #endif 52 53 using content::BrowserThread; 54 55 namespace extensions { 56 57 // Constants for keeping track of extension preferences in a dictionary. 58 const char ExternalProviderImpl::kInstallParam[] = "install_parameter"; 59 const char ExternalProviderImpl::kExternalCrx[] = "external_crx"; 60 const char ExternalProviderImpl::kExternalVersion[] = "external_version"; 61 const char ExternalProviderImpl::kExternalUpdateUrl[] = "external_update_url"; 62 const char ExternalProviderImpl::kIsBookmarkApp[] = "is_bookmark_app"; 63 const char ExternalProviderImpl::kIsFromWebstore[] = "is_from_webstore"; 64 const char ExternalProviderImpl::kKeepIfPresent[] = "keep_if_present"; 65 const char ExternalProviderImpl::kWasInstalledByOem[] = "was_installed_by_oem"; 66 const char ExternalProviderImpl::kSupportedLocales[] = "supported_locales"; 67 68 ExternalProviderImpl::ExternalProviderImpl( 69 VisitorInterface* service, 70 const scoped_refptr<ExternalLoader>& loader, 71 Profile* profile, 72 Manifest::Location crx_location, 73 Manifest::Location download_location, 74 int creation_flags) 75 : crx_location_(crx_location), 76 download_location_(download_location), 77 service_(service), 78 ready_(false), 79 loader_(loader), 80 profile_(profile), 81 creation_flags_(creation_flags), 82 auto_acknowledge_(false) { 83 loader_->Init(this); 84 } 85 86 ExternalProviderImpl::~ExternalProviderImpl() { 87 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 88 loader_->OwnerShutdown(); 89 } 90 91 void ExternalProviderImpl::VisitRegisteredExtension() { 92 // The loader will call back to SetPrefs. 93 loader_->StartLoading(); 94 } 95 96 void ExternalProviderImpl::SetPrefs(base::DictionaryValue* prefs) { 97 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 98 99 // Check if the service is still alive. It is possible that it went 100 // away while |loader_| was working on the FILE thread. 101 if (!service_) return; 102 103 prefs_.reset(prefs); 104 ready_ = true; // Queries for extensions are allowed from this point. 105 106 // Set of unsupported extensions that need to be deleted from prefs_. 107 std::set<std::string> unsupported_extensions; 108 109 // Notify ExtensionService about all the extensions this provider has. 110 for (base::DictionaryValue::Iterator i(*prefs_); !i.IsAtEnd(); i.Advance()) { 111 const std::string& extension_id = i.key(); 112 const base::DictionaryValue* extension = NULL; 113 114 if (!Extension::IdIsValid(extension_id)) { 115 LOG(WARNING) << "Malformed extension dictionary: key " 116 << extension_id.c_str() << " is not a valid id."; 117 continue; 118 } 119 120 if (!i.value().GetAsDictionary(&extension)) { 121 LOG(WARNING) << "Malformed extension dictionary: key " 122 << extension_id.c_str() 123 << " has a value that is not a dictionary."; 124 continue; 125 } 126 127 base::FilePath::StringType external_crx; 128 const base::Value* external_version_value = NULL; 129 std::string external_version; 130 std::string external_update_url; 131 132 bool has_external_crx = extension->GetString(kExternalCrx, &external_crx); 133 134 bool has_external_version = false; 135 if (extension->Get(kExternalVersion, &external_version_value)) { 136 if (external_version_value->IsType(base::Value::TYPE_STRING)) { 137 external_version_value->GetAsString(&external_version); 138 has_external_version = true; 139 } else { 140 LOG(WARNING) << "Malformed extension dictionary for extension: " 141 << extension_id.c_str() << ". " << kExternalVersion 142 << " value must be a string."; 143 continue; 144 } 145 } 146 147 bool has_external_update_url = extension->GetString(kExternalUpdateUrl, 148 &external_update_url); 149 if (has_external_crx != has_external_version) { 150 LOG(WARNING) << "Malformed extension dictionary for extension: " 151 << extension_id.c_str() << ". " << kExternalCrx 152 << " and " << kExternalVersion << " must be used together."; 153 continue; 154 } 155 156 if (has_external_crx == has_external_update_url) { 157 LOG(WARNING) << "Malformed extension dictionary for extension: " 158 << extension_id.c_str() << ". Exactly one of the " 159 << "followng keys should be used: " << kExternalCrx 160 << ", " << kExternalUpdateUrl << "."; 161 continue; 162 } 163 164 // Check that extension supports current browser locale. 165 const base::ListValue* supported_locales = NULL; 166 if (extension->GetList(kSupportedLocales, &supported_locales)) { 167 std::vector<std::string> browser_locales; 168 l10n_util::GetParentLocales(g_browser_process->GetApplicationLocale(), 169 &browser_locales); 170 171 size_t num_locales = supported_locales->GetSize(); 172 bool locale_supported = false; 173 for (size_t j = 0; j < num_locales; j++) { 174 std::string current_locale; 175 if (supported_locales->GetString(j, ¤t_locale) && 176 l10n_util::IsValidLocaleSyntax(current_locale)) { 177 current_locale = l10n_util::NormalizeLocale(current_locale); 178 if (std::find(browser_locales.begin(), browser_locales.end(), 179 current_locale) != browser_locales.end()) { 180 locale_supported = true; 181 break; 182 } 183 } else { 184 LOG(WARNING) << "Unrecognized locale '" << current_locale 185 << "' found as supported locale for extension: " 186 << extension_id; 187 } 188 } 189 190 if (!locale_supported) { 191 unsupported_extensions.insert(extension_id); 192 VLOG(1) << "Skip installing (or uninstall) external extension: " 193 << extension_id << " because the extension doesn't support " 194 << "the browser locale."; 195 continue; 196 } 197 } 198 199 int creation_flags = creation_flags_; 200 bool is_bookmark_app; 201 if (extension->GetBoolean(kIsBookmarkApp, &is_bookmark_app) && 202 is_bookmark_app) { 203 creation_flags |= Extension::FROM_BOOKMARK; 204 } 205 bool is_from_webstore; 206 if (extension->GetBoolean(kIsFromWebstore, &is_from_webstore) && 207 is_from_webstore) { 208 creation_flags |= Extension::FROM_WEBSTORE; 209 } 210 bool keep_if_present; 211 if (extension->GetBoolean(kKeepIfPresent, &keep_if_present) && 212 keep_if_present && profile_) { 213 ExtensionServiceInterface* extension_service = 214 ExtensionSystem::Get(profile_)->extension_service(); 215 const Extension* extension = extension_service ? 216 extension_service->GetExtensionById(extension_id, true) : NULL; 217 if (!extension) { 218 VLOG(1) << "Skip installing (or uninstall) external extension: " 219 << extension_id << " because the extension should be kept " 220 << "only if it is already installed."; 221 continue; 222 } 223 } 224 bool was_installed_by_oem; 225 if (extension->GetBoolean(kWasInstalledByOem, &was_installed_by_oem) && 226 was_installed_by_oem) { 227 creation_flags |= Extension::WAS_INSTALLED_BY_OEM; 228 } 229 230 std::string install_parameter; 231 extension->GetString(kInstallParam, &install_parameter); 232 233 if (has_external_crx) { 234 if (crx_location_ == Manifest::INVALID_LOCATION) { 235 LOG(WARNING) << "This provider does not support installing external " 236 << "extensions from crx files."; 237 continue; 238 } 239 if (external_crx.find(base::FilePath::kParentDirectory) != 240 base::StringPiece::npos) { 241 LOG(WARNING) << "Path traversal not allowed in path: " 242 << external_crx.c_str(); 243 continue; 244 } 245 246 // If the path is relative, and the provider has a base path, 247 // build the absolute path to the crx file. 248 base::FilePath path(external_crx); 249 if (!path.IsAbsolute()) { 250 base::FilePath base_path = loader_->GetBaseCrxFilePath(); 251 if (base_path.empty()) { 252 LOG(WARNING) << "File path " << external_crx.c_str() 253 << " is relative. An absolute path is required."; 254 continue; 255 } 256 path = base_path.Append(external_crx); 257 } 258 259 Version version(external_version); 260 if (!version.IsValid()) { 261 LOG(WARNING) << "Malformed extension dictionary for extension: " 262 << extension_id.c_str() << ". Invalid version string \"" 263 << external_version << "\"."; 264 continue; 265 } 266 service_->OnExternalExtensionFileFound(extension_id, &version, path, 267 crx_location_, creation_flags, 268 auto_acknowledge_); 269 } else { // if (has_external_update_url) 270 CHECK(has_external_update_url); // Checking of keys above ensures this. 271 if (download_location_ == Manifest::INVALID_LOCATION) { 272 LOG(WARNING) << "This provider does not support installing external " 273 << "extensions from update URLs."; 274 continue; 275 } 276 GURL update_url(external_update_url); 277 if (!update_url.is_valid()) { 278 LOG(WARNING) << "Malformed extension dictionary for extension: " 279 << extension_id.c_str() << ". Key " << kExternalUpdateUrl 280 << " has value \"" << external_update_url 281 << "\", which is not a valid URL."; 282 continue; 283 } 284 service_->OnExternalExtensionUpdateUrlFound(extension_id, 285 install_parameter, 286 update_url, 287 download_location_, 288 creation_flags, 289 auto_acknowledge_); 290 } 291 } 292 293 for (std::set<std::string>::iterator it = unsupported_extensions.begin(); 294 it != unsupported_extensions.end(); ++it) { 295 // Remove extension for the list of know external extensions. The extension 296 // will be uninstalled later because provider doesn't provide it anymore. 297 prefs_->Remove(*it, NULL); 298 } 299 300 service_->OnExternalProviderReady(this); 301 } 302 303 void ExternalProviderImpl::ServiceShutdown() { 304 service_ = NULL; 305 } 306 307 bool ExternalProviderImpl::IsReady() const { 308 return ready_; 309 } 310 311 bool ExternalProviderImpl::HasExtension( 312 const std::string& id) const { 313 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 314 CHECK(prefs_.get()); 315 CHECK(ready_); 316 return prefs_->HasKey(id); 317 } 318 319 bool ExternalProviderImpl::GetExtensionDetails( 320 const std::string& id, Manifest::Location* location, 321 scoped_ptr<Version>* version) const { 322 CHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); 323 CHECK(prefs_.get()); 324 CHECK(ready_); 325 base::DictionaryValue* extension = NULL; 326 if (!prefs_->GetDictionary(id, &extension)) 327 return false; 328 329 Manifest::Location loc = Manifest::INVALID_LOCATION; 330 if (extension->HasKey(kExternalUpdateUrl)) { 331 loc = download_location_; 332 333 } else if (extension->HasKey(kExternalCrx)) { 334 loc = crx_location_; 335 336 std::string external_version; 337 if (!extension->GetString(kExternalVersion, &external_version)) 338 return false; 339 340 if (version) 341 version->reset(new Version(external_version)); 342 343 } else { 344 NOTREACHED(); // Chrome should not allow prefs to get into this state. 345 return false; 346 } 347 348 if (location) 349 *location = loc; 350 351 return true; 352 } 353 354 // static 355 void ExternalProviderImpl::CreateExternalProviders( 356 VisitorInterface* service, 357 Profile* profile, 358 ProviderCollection* provider_list) { 359 scoped_refptr<ExternalLoader> external_loader; 360 extensions::Manifest::Location crx_location = Manifest::INVALID_LOCATION; 361 #if defined(OS_CHROMEOS) 362 policy::BrowserPolicyConnectorChromeOS* connector = 363 g_browser_process->platform_part()->browser_policy_connector_chromeos(); 364 bool is_chrome_os_public_session = false; 365 const chromeos::User* user = 366 chromeos::UserManager::Get()->GetUserByProfile(profile); 367 policy::DeviceLocalAccount::Type account_type; 368 if (user && policy::IsDeviceLocalAccountUser(user->email(), &account_type)) { 369 if (account_type == policy::DeviceLocalAccount::TYPE_PUBLIC_SESSION) 370 is_chrome_os_public_session = true; 371 policy::DeviceLocalAccountPolicyBroker* broker = 372 connector->GetDeviceLocalAccountPolicyService()->GetBrokerForUser( 373 user->email()); 374 if (broker) { 375 external_loader = broker->extension_loader(); 376 crx_location = Manifest::EXTERNAL_POLICY; 377 } else { 378 NOTREACHED(); 379 } 380 } else { 381 external_loader = new ExternalPolicyLoader(profile); 382 } 383 #else 384 external_loader = new ExternalPolicyLoader(profile); 385 #endif 386 387 // Policies are mandatory so they can't be skipped with command line flag. 388 if (external_loader) { 389 provider_list->push_back( 390 linked_ptr<ExternalProviderInterface>( 391 new ExternalProviderImpl( 392 service, 393 external_loader, 394 profile, 395 crx_location, 396 Manifest::EXTERNAL_POLICY_DOWNLOAD, 397 Extension::NO_FLAGS))); 398 } 399 400 // In tests don't install extensions from default external sources. 401 // It would only slowdown tests and make them flaky. 402 if (CommandLine::ForCurrentProcess()->HasSwitch( 403 switches::kDisableDefaultApps)) 404 return; 405 406 // No external app install in app mode. 407 if (chrome::IsRunningInForcedAppMode()) 408 return; 409 410 // On Mac OS, items in /Library/... should be written by the superuser. 411 // Check that all components of the path are writable by root only. 412 ExternalPrefLoader::Options check_admin_permissions_on_mac; 413 #if defined(OS_MACOSX) 414 check_admin_permissions_on_mac = 415 ExternalPrefLoader::ENSURE_PATH_CONTROLLED_BY_ADMIN; 416 #else 417 check_admin_permissions_on_mac = ExternalPrefLoader::NONE; 418 #endif 419 420 bool is_chromeos_demo_session = false; 421 int bundled_extension_creation_flags = Extension::NO_FLAGS; 422 #if defined(OS_CHROMEOS) 423 chromeos::UserManager* user_manager = chromeos::UserManager::Get(); 424 is_chromeos_demo_session = 425 user_manager && user_manager->IsLoggedInAsDemoUser() && 426 connector->GetDeviceMode() == policy::DEVICE_MODE_RETAIL_KIOSK; 427 bundled_extension_creation_flags = Extension::FROM_WEBSTORE | 428 Extension::WAS_INSTALLED_BY_DEFAULT; 429 #endif 430 431 #if defined(OS_LINUX) && !defined(OS_CHROMEOS) 432 if (!profile->IsSupervised()) { 433 provider_list->push_back( 434 linked_ptr<ExternalProviderInterface>( 435 new ExternalProviderImpl( 436 service, 437 new ExternalPrefLoader( 438 chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS, 439 ExternalPrefLoader::NONE), 440 profile, 441 Manifest::EXTERNAL_PREF, 442 Manifest::EXTERNAL_PREF_DOWNLOAD, 443 bundled_extension_creation_flags))); 444 } 445 #endif 446 447 #if defined(OS_CHROMEOS) 448 if (!is_chromeos_demo_session && !is_chrome_os_public_session) { 449 int external_apps_path_id = profile->IsSupervised() ? 450 chrome::DIR_SUPERVISED_USERS_DEFAULT_APPS : 451 chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS; 452 provider_list->push_back( 453 linked_ptr<ExternalProviderInterface>(new ExternalProviderImpl( 454 service, 455 new ExternalPrefLoader(external_apps_path_id, 456 ExternalPrefLoader::NONE), 457 profile, 458 Manifest::EXTERNAL_PREF, 459 Manifest::EXTERNAL_PREF_DOWNLOAD, 460 bundled_extension_creation_flags))); 461 462 // OEM default apps. 463 int oem_extension_creation_flags = 464 bundled_extension_creation_flags | Extension::WAS_INSTALLED_BY_OEM; 465 chromeos::ServicesCustomizationDocument* customization = 466 chromeos::ServicesCustomizationDocument::GetInstance(); 467 provider_list->push_back(linked_ptr<ExternalProviderInterface>( 468 new ExternalProviderImpl(service, 469 customization->CreateExternalLoader(profile), 470 profile, 471 Manifest::EXTERNAL_PREF, 472 Manifest::EXTERNAL_PREF_DOWNLOAD, 473 oem_extension_creation_flags))); 474 } 475 476 policy::AppPackUpdater* app_pack_updater = connector->GetAppPackUpdater(); 477 if (is_chromeos_demo_session && app_pack_updater && 478 !app_pack_updater->created_external_loader()) { 479 provider_list->push_back( 480 linked_ptr<ExternalProviderInterface>( 481 new ExternalProviderImpl( 482 service, 483 app_pack_updater->CreateExternalLoader(), 484 profile, 485 Manifest::EXTERNAL_PREF, 486 Manifest::INVALID_LOCATION, 487 Extension::NO_FLAGS))); 488 } 489 #endif 490 491 if (!profile->IsSupervised() && !is_chromeos_demo_session) { 492 #if !defined(OS_WIN) 493 provider_list->push_back( 494 linked_ptr<ExternalProviderInterface>( 495 new ExternalProviderImpl( 496 service, 497 new ExternalPrefLoader(chrome::DIR_EXTERNAL_EXTENSIONS, 498 check_admin_permissions_on_mac), 499 profile, 500 Manifest::EXTERNAL_PREF, 501 Manifest::EXTERNAL_PREF_DOWNLOAD, 502 bundled_extension_creation_flags))); 503 #endif 504 505 // Define a per-user source of external extensions. 506 #if defined(OS_MACOSX) 507 provider_list->push_back( 508 linked_ptr<ExternalProviderInterface>( 509 new ExternalProviderImpl( 510 service, 511 new ExternalPrefLoader(chrome::DIR_USER_EXTERNAL_EXTENSIONS, 512 ExternalPrefLoader::NONE), 513 profile, 514 Manifest::EXTERNAL_PREF, 515 Manifest::EXTERNAL_PREF_DOWNLOAD, 516 Extension::NO_FLAGS))); 517 #endif 518 519 #if defined(OS_WIN) 520 provider_list->push_back( 521 linked_ptr<ExternalProviderInterface>( 522 new ExternalProviderImpl( 523 service, 524 new ExternalRegistryLoader, 525 profile, 526 Manifest::EXTERNAL_REGISTRY, 527 Manifest::EXTERNAL_PREF_DOWNLOAD, 528 Extension::NO_FLAGS))); 529 #endif 530 531 #if !defined(OS_CHROMEOS) 532 // The default apps are installed as INTERNAL but use the external 533 // extension installer codeflow. 534 provider_list->push_back( 535 linked_ptr<ExternalProviderInterface>( 536 new default_apps::Provider( 537 profile, 538 service, 539 new ExternalPrefLoader(chrome::DIR_DEFAULT_APPS, 540 ExternalPrefLoader::NONE), 541 Manifest::INTERNAL, 542 Manifest::INTERNAL, 543 Extension::FROM_WEBSTORE | 544 Extension::WAS_INSTALLED_BY_DEFAULT))); 545 #endif 546 547 provider_list->push_back( 548 linked_ptr<ExternalProviderInterface>( 549 new ExternalProviderImpl( 550 service, 551 new ExternalComponentLoader(profile), 552 profile, 553 Manifest::INVALID_LOCATION, 554 Manifest::EXTERNAL_COMPONENT, 555 Extension::FROM_WEBSTORE | Extension::WAS_INSTALLED_BY_DEFAULT))); 556 } 557 } 558 559 } // namespace extensions 560
