Home | History | Annotate | Download | only in extensions 
      1 // Copyright 2014 The Chromium Authors. All rights reserved.
      2 // Use of this source code is governed by a BSD-style license that can be
      3 // found in the LICENSE file.
      4 
      5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
      6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
      7 
      8 #include <map>
      9 #include <string>
     10 #include <vector>
     11 
     12 #include "base/macros.h"
     13 #include "base/memory/scoped_ptr.h"
     14 #include "base/memory/singleton.h"
     15 #include "base/observer_list.h"
     16 #include "base/prefs/pref_change_registrar.h"
     17 #include "base/values.h"
     18 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
     19 #include "components/keyed_service/core/keyed_service.h"
     20 #include "extensions/browser/management_policy.h"
     21 #include "extensions/common/extension.h"
     22 #include "extensions/common/manifest.h"
     23 #include "extensions/common/url_pattern_set.h"
     24 
     25 class GURL;
     26 class PrefService;
     27 
     28 namespace content {
     29 class BrowserContext;
     30 }  // namespace content
     31 
     32 namespace extensions {
     33 
     34 // Tracks the management policies that affect extensions and provides interfaces
     35 // for observing and obtaining the global settings for all extensions, as well
     36 // as per-extension settings.
     37 class ExtensionManagement : public KeyedService {
     38  public:
     39   // Observer class for extension management settings changes.
     40   class Observer {
     41    public:
     42     virtual ~Observer() {}
     43 
     44     // Will be called when an extension management preference changes.
     45     virtual void OnExtensionManagementSettingsChanged() = 0;
     46   };
     47 
     48   // Installation mode for extensions, default is INSTALLATION_ALLOWED.
     49   // * INSTALLATION_ALLOWED: Extension can be installed.
     50   // * INSTALLATION_BLOCKED: Extension cannot be installed.
     51   // * INSTALLATION_FORCED: Extension will be installed automatically
     52   //                        and cannot be disabled.
     53   // * INSTALLATION_RECOMMENDED: Extension will be installed automatically but
     54   //                             can be disabled.
     55   enum InstallationMode {
     56     INSTALLATION_ALLOWED = 0,
     57     INSTALLATION_BLOCKED,
     58     INSTALLATION_FORCED,
     59     INSTALLATION_RECOMMENDED,
     60   };
     61 
     62   // Class to hold extension management settings for one or a group of
     63   // extensions. Settings can be applied to an individual extension identified
     64   // by an ID, a group of extensions with specific |update_url| or all
     65   // extensions at once.
     66   struct IndividualSettings {
     67     IndividualSettings();
     68     ~IndividualSettings();
     69 
     70     void Reset();
     71 
     72     // Extension installation mode. Setting this to INSTALLATION_FORCED or
     73     // INSTALLATION_RECOMMENDED will enable extension auto-loading (only
     74     // applicable to single extension), and in this case the |update_url| must
     75     // be specified, containing the update URL for this extension.
     76     // Note that |update_url| will be ignored for INSTALLATION_ALLOWED and
     77     // INSTALLATION_BLOCKED installation mode.
     78     // These settings will override the default settings, and unspecified
     79     // settings will take value from default settings.
     80     InstallationMode installation_mode;
     81     std::string update_url;
     82   };
     83 
     84   // Global extension management settings, applicable to all extensions.
     85   struct GlobalSettings {
     86     GlobalSettings();
     87     ~GlobalSettings();
     88 
     89     void Reset();
     90 
     91     // Settings specifying which URLs are allowed to install extensions, will be
     92     // enforced only if |has_restricted_install_sources| is set to true.
     93     URLPatternSet install_sources;
     94     bool has_restricted_install_sources;
     95 
     96     // Settings specifying all allowed app/extension types, will be enforced
     97     // only of |has_restricted_allowed_types| is set to true.
     98     std::vector<Manifest::Type> allowed_types;
     99     bool has_restricted_allowed_types;
    100   };
    101 
    102   typedef std::map<ExtensionId, IndividualSettings> SettingsIdMap;
    103 
    104   explicit ExtensionManagement(PrefService* pref_service);
    105   virtual ~ExtensionManagement();
    106 
    107   void AddObserver(Observer* observer);
    108   void RemoveObserver(Observer* observer);
    109 
    110   // Get the ManagementPolicy::Provider controlled by extension management
    111   // policy settings.
    112   ManagementPolicy::Provider* GetProvider();
    113 
    114   // Checks if extensions are blacklisted by default, by policy. When true,
    115   // this means that even extensions without an ID should be blacklisted (e.g.
    116   // from the command line, or when loaded as an unpacked extension).
    117   bool BlacklistedByDefault();
    118 
    119   // Returns the force install list, in format specified by
    120   // ExternalPolicyLoader::AddExtension().
    121   scoped_ptr<base::DictionaryValue> GetForceInstallList() const;
    122 
    123   // Returns if an extension with id |id| is explicitly allowed by enterprise
    124   // policy or not.
    125   bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const;
    126 
    127   // Returns true if an extension download should be allowed to proceed.
    128   bool IsOffstoreInstallAllowed(const GURL& url, const GURL& referrer_url);
    129 
    130   // Helper function to read |settings_by_id_| with |id| as key. Returns a
    131   // constant reference to default settings if |id| does not exist.
    132   const IndividualSettings& ReadById(const ExtensionId& id) const;
    133 
    134   // Returns a constant reference to |global_settings_|.
    135   const GlobalSettings& ReadGlobalSettings() const;
    136 
    137  private:
    138   // Load all extension management preferences from |pref_service|, and
    139   // refresh the settings.
    140   void Refresh();
    141 
    142   // Load preference with name |pref_name| and expected type |expected_type|.
    143   // If |force_managed| is true, only loading from the managed preference store
    144   // is allowed. Returns NULL if the preference is not present, not allowed to
    145   // be loaded from or has the wrong type.
    146   const base::Value* LoadPreference(const char* pref_name,
    147                                     bool force_managed,
    148                                     base::Value::Type expected_type);
    149 
    150   void OnExtensionPrefChanged();
    151   void NotifyExtensionManagementPrefChanged();
    152 
    153   // Helper function to access |settings_by_id_| with |id| as key.
    154   // Adds a new IndividualSettings entry to |settings_by_id_| if none exists for
    155   // |id| yet.
    156   IndividualSettings* AccessById(const ExtensionId& id);
    157 
    158   // A map containing all IndividualSettings applied to an individual extension
    159   // identified by extension ID. The extension ID is used as index key of the
    160   // map.
    161   // TODO(binjin): Add |settings_by_update_url_|, and implement mechanism for
    162   // it.
    163   SettingsIdMap settings_by_id_;
    164 
    165   // The default IndividualSettings.
    166   // For extension settings applied to an individual extension (identified by
    167   // extension ID) or a group of extension (with specified extension update
    168   // URL), all unspecified part will take value from |default_settings_|.
    169   // For all other extensions, all settings from |default_settings_| will be
    170   // enforced.
    171   IndividualSettings default_settings_;
    172 
    173   // Extension settings applicable to all extensions.
    174   GlobalSettings global_settings_;
    175 
    176   PrefService* pref_service_;
    177 
    178   ObserverList<Observer, true> observer_list_;
    179   PrefChangeRegistrar pref_change_registrar_;
    180   scoped_ptr<ManagementPolicy::Provider> provider_;
    181 
    182   DISALLOW_COPY_AND_ASSIGN(ExtensionManagement);
    183 };
    184 
    185 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory {
    186  public:
    187   static ExtensionManagement* GetForBrowserContext(
    188       content::BrowserContext* context);
    189   static ExtensionManagementFactory* GetInstance();
    190 
    191  private:
    192   friend struct DefaultSingletonTraits<ExtensionManagementFactory>;
    193 
    194   ExtensionManagementFactory();
    195   virtual ~ExtensionManagementFactory();
    196 
    197   // BrowserContextKeyedServiceExtensionManagementFactory:
    198   virtual KeyedService* BuildServiceInstanceFor(
    199       content::BrowserContext* context) const OVERRIDE;
    200   virtual content::BrowserContext* GetBrowserContextToUse(
    201       content::BrowserContext* context) const OVERRIDE;
    202   virtual void RegisterProfilePrefs(
    203       user_prefs::PrefRegistrySyncable* registry) OVERRIDE;
    204 
    205   DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory);
    206 };
    207 
    208 }  // namespace extensions
    209 
    210 #endif  // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
    211