1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
11 #include "base/containers/scoped_ptr_hash_map.h"
12 #include "base/macros.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/memory/scoped_vector.h"
16 #include "base/memory/singleton.h"
17 #include "base/observer_list.h"
18 #include "base/prefs/pref_change_registrar.h"
19 #include "base/values.h"
20 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
21 #include "components/keyed_service/core/keyed_service.h"
22 #include "extensions/browser/management_policy.h"
23 #include "extensions/common/extension.h"
24 #include "extensions/common/manifest.h"
31 } // namespace content
33 namespace extensions {
37 struct IndividualSettings;
38 struct GlobalSettings;
40 } // namespace internal
42 class APIPermissionSet;
45 // Tracks the management policies that affect extensions and provides interfaces
46 // for observing and obtaining the global settings for all extensions, as well
47 // as per-extension settings.
48 class ExtensionManagement : public KeyedService {
50 // Observer class for extension management settings changes.
53 virtual ~Observer() {}
55 // Called when the extension management settings change.
56 virtual void OnExtensionManagementSettingsChanged() = 0;
59 // Installation mode for extensions, default is INSTALLATION_ALLOWED.
60 // * INSTALLATION_ALLOWED: Extension can be installed.
61 // * INSTALLATION_BLOCKED: Extension cannot be installed.
62 // * INSTALLATION_FORCED: Extension will be installed automatically
63 // and cannot be disabled.
64 // * INSTALLATION_RECOMMENDED: Extension will be installed automatically but
66 enum InstallationMode {
67 INSTALLATION_ALLOWED = 0,
70 INSTALLATION_RECOMMENDED,
73 explicit ExtensionManagement(PrefService* pref_service);
74 ~ExtensionManagement() override;
76 // KeyedService implementations:
77 void Shutdown() override;
79 void AddObserver(Observer* observer);
80 void RemoveObserver(Observer* observer);
82 // Get the list of ManagementPolicy::Provider controlled by extension
83 // management policy settings.
84 std::vector<ManagementPolicy::Provider*> GetProviders() const;
86 // Checks if extensions are blacklisted by default, by policy. When true,
87 // this means that even extensions without an ID should be blacklisted (e.g.
88 // from the command line, or when loaded as an unpacked extension).
89 bool BlacklistedByDefault() const;
91 // Returns installation mode for an extension.
92 InstallationMode GetInstallationMode(const Extension* extension) const;
94 // Returns the force install list, in format specified by
95 // ExternalPolicyLoader::AddExtension().
96 scoped_ptr<base::DictionaryValue> GetForceInstallList() const;
98 // Like GetForceInstallList(), but returns recommended install list instead.
99 scoped_ptr<base::DictionaryValue> GetRecommendedInstallList() const;
101 // Returns if an extension with id |id| is explicitly allowed by enterprise
103 bool IsInstallationExplicitlyAllowed(const ExtensionId& id) const;
105 // Returns true if an extension download should be allowed to proceed.
106 bool IsOffstoreInstallAllowed(const GURL& url,
107 const GURL& referrer_url) const;
109 // Returns true if an extension with manifest type |manifest_type| is
110 // allowed to be installed.
111 bool IsAllowedManifestType(Manifest::Type manifest_type) const;
113 // Returns the list of blocked API permissions for |extension|.
114 APIPermissionSet GetBlockedAPIPermissions(const Extension* extension) const;
116 // Returns blocked permission set for |extension|.
117 scoped_refptr<const PermissionSet> GetBlockedPermissions(
118 const Extension* extension) const;
120 // Returns true if every permission in |perms| is allowed for |extension|.
121 bool IsPermissionSetAllowed(const Extension* extension,
122 scoped_refptr<const PermissionSet> perms) const;
125 typedef base::ScopedPtrHashMap<ExtensionId, internal::IndividualSettings>
127 typedef base::ScopedPtrHashMap<std::string, internal::IndividualSettings>
128 SettingsUpdateUrlMap;
129 friend class ExtensionManagementServiceTest;
131 // Load all extension management preferences from |pref_service|, and
132 // refresh the settings.
135 // Load preference with name |pref_name| and expected type |expected_type|.
136 // If |force_managed| is true, only loading from the managed preference store
137 // is allowed. Returns NULL if the preference is not present, not allowed to
138 // be loaded from or has the wrong type.
139 const base::Value* LoadPreference(const char* pref_name,
141 base::Value::Type expected_type);
143 void OnExtensionPrefChanged();
144 void NotifyExtensionManagementPrefChanged();
146 // Helper function to access |settings_by_id_| with |id| as key.
147 // Adds a new IndividualSettings entry to |settings_by_id_| if none exists for
149 internal::IndividualSettings* AccessById(const ExtensionId& id);
151 // Similar to AccessById(), but access |settings_by_update_url_| instead.
152 internal::IndividualSettings* AccessByUpdateUrl(
153 const std::string& update_url);
155 // A map containing all IndividualSettings applied to an individual extension
156 // identified by extension ID. The extension ID is used as index key of the
158 SettingsIdMap settings_by_id_;
160 // Similar to |settings_by_id_|, but contains the settings for a group of
161 // extensions with same update URL. The update url itself is used as index
163 SettingsUpdateUrlMap settings_by_update_url_;
165 // The default IndividualSettings.
166 // For extension settings applied to an individual extension (identified by
167 // extension ID) or a group of extension (with specified extension update
168 // URL), all unspecified part will take value from |default_settings_|.
169 // For all other extensions, all settings from |default_settings_| will be
171 scoped_ptr<internal::IndividualSettings> default_settings_;
173 // Extension settings applicable to all extensions.
174 scoped_ptr<internal::GlobalSettings> global_settings_;
176 PrefService* pref_service_;
178 ObserverList<Observer, true> observer_list_;
179 PrefChangeRegistrar pref_change_registrar_;
180 ScopedVector<ManagementPolicy::Provider> providers_;
182 DISALLOW_COPY_AND_ASSIGN(ExtensionManagement);
185 class ExtensionManagementFactory : public BrowserContextKeyedServiceFactory {
187 static ExtensionManagement* GetForBrowserContext(
188 content::BrowserContext* context);
189 static ExtensionManagementFactory* GetInstance();
192 friend struct DefaultSingletonTraits<ExtensionManagementFactory>;
194 ExtensionManagementFactory();
195 ~ExtensionManagementFactory() override;
197 // BrowserContextKeyedServiceExtensionManagementFactory:
198 KeyedService* BuildServiceInstanceFor(
199 content::BrowserContext* context) const override;
200 content::BrowserContext* GetBrowserContextToUse(
201 content::BrowserContext* context) const override;
202 void RegisterProfilePrefs(
203 user_prefs::PrefRegistrySyncable* registry) override;
205 DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory);
208 } // namespace extensions
210 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_