search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Pin Chrome's shortcut to the Win10 Start menu on install and OS upgrade.
[chromium-blink-merge.git] / chrome / browser / supervised_user / supervised_user_service.h
blob27bc3a3bd4263a1a7cbc873b55f0e2d165531edc
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_
6 #define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_
7
8 #include <map>
9 #include <string>
10 #include <vector>
11
12 #include "base/callback.h"
13 #include "base/gtest_prod_util.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/observer_list.h"
16 #include "base/prefs/pref_change_registrar.h"
17 #include "base/scoped_observer.h"
18 #include "base/strings/string16.h"
19 #include "chrome/browser/supervised_user/experimental/supervised_user_blacklist.h"
20 #include "chrome/browser/supervised_user/supervised_user_url_filter.h"
21 #include "chrome/browser/supervised_user/supervised_users.h"
22 #include "chrome/browser/sync/sync_type_preference_provider.h"
23 #include "chrome/browser/ui/browser_list_observer.h"
24 #include "components/keyed_service/core/keyed_service.h"
25 #include "components/sync_driver/sync_service_observer.h"
26 #include "net/url_request/url_request_context_getter.h"
27
28 #if defined(ENABLE_EXTENSIONS)
29 #include "extensions/browser/management_policy.h"
30 #endif
31
32 class Browser;
33 class GoogleServiceAuthError;
34 class PermissionRequestCreator;
35 class Profile;
36 class SupervisedUserBlacklistDownloader;
37 class SupervisedUserRegistrationUtility;
38 class SupervisedUserServiceObserver;
39 class SupervisedUserSettingsService;
40 class SupervisedUserSiteList;
41 class SupervisedUserURLFilter;
42 class SupervisedUserWhitelistService;
43
44 namespace base {
45 class FilePath;
46 class Version;
47 }
48
49 namespace content {
50 class WebContents;
51 }
52
53 namespace extensions {
54 class ExtensionRegistry;
55 }
56
57 namespace user_prefs {
58 class PrefRegistrySyncable;
59 }
60
61 // This class handles all the information related to a given supervised profile
62 // (e.g. the installed content packs, the default URL filtering behavior, or
63 // manual whitelist/blacklist overrides).
64 class SupervisedUserService : public KeyedService,
65 #if defined(ENABLE_EXTENSIONS)
66 public extensions::ManagementPolicy::Provider,
67 #endif
68 public SyncTypePreferenceProvider,
69 public sync_driver::SyncServiceObserver,
70 public chrome::BrowserListObserver,
71 public SupervisedUserURLFilter::Observer {
72 public:
73 using NavigationBlockedCallback = base::Callback<void(content::WebContents*)>;
74 using AuthErrorCallback = base::Callback<void(const GoogleServiceAuthError&)>;
75 using SuccessCallback = base::Callback<void(bool)>;
76
77 class Delegate {
78 public:
79 virtual ~Delegate() {}
80 // Returns true to indicate that the delegate handled the (de)activation, or
81 // false to indicate that the SupervisedUserService itself should handle it.
82 virtual bool SetActive(bool active) = 0;
83 };
84
85 ~SupervisedUserService() override;
86
87 // ProfileKeyedService override:
88 void Shutdown() override;
89
90 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry);
91
92 void SetDelegate(Delegate* delegate);
93
94 // Returns the URL filter for the IO thread, for filtering network requests
95 // (in SupervisedUserResourceThrottle).
96 scoped_refptr<const SupervisedUserURLFilter> GetURLFilterForIOThread();
97
98 // Returns the URL filter for the UI thread, for filtering navigations and
99 // classifying sites in the history view.
100 SupervisedUserURLFilter* GetURLFilterForUIThread();
101
102 // Returns the whitelist service.
103 SupervisedUserWhitelistService* GetWhitelistService();
104
105 // Whether the user can request to get access to blocked URLs or to new
106 // extensions.
107 bool AccessRequestsEnabled();
108
109 // Adds an access request for the given URL.
110 void AddURLAccessRequest(const GURL& url, const SuccessCallback& callback);
111
112 // Adds an update request for the given WebStore item (App/Extension).
113 void AddExtensionUpdateRequest(const std::string& extension_id,
114 const base::Version& version,
115 const SuccessCallback& callback);
116
117 // Returns the email address of the custodian.
118 std::string GetCustodianEmailAddress() const;
119
120 // Returns the name of the custodian, or the email address if the name is
121 // empty.
122 std::string GetCustodianName() const;
123
124 // Returns the email address of the second custodian, or the empty string
125 // if there is no second custodian.
126 std::string GetSecondCustodianEmailAddress() const;
127
128 // Returns the name of the second custodian, or the email address if the name
129 // is empty, or the empty string is there is no second custodian.
130 std::string GetSecondCustodianName() const;
131
132 // Initializes this object.
133 void Init();
134
135 // Initializes this profile for syncing, using the provided |refresh_token| to
136 // mint access tokens for Sync.
137 void InitSync(const std::string& refresh_token);
138
139 // Convenience method that registers this supervised user using
140 // |registration_utility| and initializes sync with the returned token.
141 // The |callback| will be called when registration is complete,
142 // whether it succeeded or not -- unless registration was cancelled manually,
143 // in which case the callback will be ignored.
144 void RegisterAndInitSync(
145 SupervisedUserRegistrationUtility* registration_utility,
146 Profile* custodian_profile,
147 const std::string& supervised_user_id,
148 const AuthErrorCallback& callback);
149
150 void AddNavigationBlockedCallback(const NavigationBlockedCallback& callback);
151 void DidBlockNavigation(content::WebContents* web_contents);
152
153 void AddObserver(SupervisedUserServiceObserver* observer);
154 void RemoveObserver(SupervisedUserServiceObserver* observer);
155
156 void AddPermissionRequestCreator(
157 scoped_ptr<PermissionRequestCreator> creator);
158
159 // SyncTypePreferenceProvider implementation:
160 syncer::ModelTypeSet GetPreferredDataTypes() const override;
161
162 // sync_driver::SyncServiceObserver implementation:
163 void OnStateChanged() override;
164
165 // chrome::BrowserListObserver implementation:
166 void OnBrowserSetLastActive(Browser* browser) override;
167
168 // SupervisedUserURLFilter::Observer implementation:
169 void OnSiteListUpdated() override;
170
171 private:
172 friend class SupervisedUserServiceExtensionTestBase;
173 friend class SupervisedUserServiceFactory;
174 FRIEND_TEST_ALL_PREFIXES(SingleClientSupervisedUserSettingsSyncTest, Sanity);
175 FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest, ClearOmitOnRegistration);
176 FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest,
177 ChangesIncludedSessionOnChangedSettings);
178 FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest,
179 ChangesSyncSessionStateOnChangedSettings);
180 FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceExtensionTest,
181 ExtensionManagementPolicyProvider);
182
183 using CreatePermissionRequestCallback =
184 base::Callback<void(PermissionRequestCreator*, const SuccessCallback&)>;
185
186 // A bridge from the UI thread to the SupervisedUserURLFilters, one of which
187 // lives on the IO thread. This class mediates access to them and makes sure
188 // they are kept in sync.
189 class URLFilterContext {
190 public:
191 URLFilterContext();
192 ~URLFilterContext();
193
194 SupervisedUserURLFilter* ui_url_filter() const;
195 SupervisedUserURLFilter* io_url_filter() const;
196
197 void SetDefaultFilteringBehavior(
198 SupervisedUserURLFilter::FilteringBehavior behavior);
199 void LoadWhitelists(
200 const std::vector<scoped_refptr<SupervisedUserSiteList>>& site_lists);
201 void LoadBlacklist(const base::FilePath& path,
202 const base::Closure& callback);
203 void SetManualHosts(scoped_ptr<std::map<std::string, bool>> host_map);
204 void SetManualURLs(scoped_ptr<std::map<GURL, bool>> url_map);
205
206 void InitAsyncURLChecker(
207 const scoped_refptr<net::URLRequestContextGetter>& context);
208
209 void Clear();
210
211 private:
212 void OnBlacklistLoaded(const base::Closure& callback);
213
214 // SupervisedUserURLFilter is refcounted because the IO thread filter is
215 // used both by ProfileImplIOData and OffTheRecordProfileIOData (to filter
216 // network requests), so they both keep a reference to it.
217 // Clients should not keep references to the UI thread filter, however
218 // (the filter will live as long as the profile lives, and afterwards it
219 // should not be used anymore either).
220 scoped_refptr<SupervisedUserURLFilter> ui_url_filter_;
221 scoped_refptr<SupervisedUserURLFilter> io_url_filter_;
222
223 SupervisedUserBlacklist blacklist_;
224
225 DISALLOW_COPY_AND_ASSIGN(URLFilterContext);
226 };
227
228 // Use |SupervisedUserServiceFactory::GetForProfile(..)| to get
229 // an instance of this service.
230 explicit SupervisedUserService(Profile* profile);
231
232 void SetActive(bool active);
233
234 void OnCustodianProfileDownloaded(const base::string16& full_name);
235
236 void OnSupervisedUserRegistered(const AuthErrorCallback& callback,
237 Profile* custodian_profile,
238 const GoogleServiceAuthError& auth_error,
239 const std::string& token);
240
241 void SetupSync();
242 void StartSetupSync();
243 void FinishSetupSyncWhenReady();
244 void FinishSetupSync();
245
246 bool ProfileIsSupervised() const;
247
248 void OnCustodianInfoChanged();
249
250 #if defined(ENABLE_EXTENSIONS)
251 // extensions::ManagementPolicy::Provider implementation:
252 std::string GetDebugPolicyProviderName() const override;
253 bool UserMayLoad(const extensions::Extension* extension,
254 base::string16* error) const override;
255 bool UserMayModifySettings(const extensions::Extension* extension,
256 base::string16* error) const override;
257 bool MustRemainInstalled(const extensions::Extension* extension,
258 base::string16* error) const override;
259
260 // Extensions helper to SetActive().
261 void SetExtensionsActive();
262 #endif
263
264 SupervisedUserSettingsService* GetSettingsService();
265
266 size_t FindEnabledPermissionRequestCreator(size_t start);
267 void AddPermissionRequestInternal(
268 const CreatePermissionRequestCallback& create_request,
269 const SuccessCallback& callback,
270 size_t index);
271 void OnPermissionRequestIssued(
272 const CreatePermissionRequestCallback& create_request,
273 const SuccessCallback& callback,
274 size_t index,
275 bool success);
276
277 void OnSupervisedUserIdChanged();
278
279 void OnDefaultFilteringBehaviorChanged();
280
281 void OnSiteListsChanged(
282 const std::vector<scoped_refptr<SupervisedUserSiteList>>& site_lists);
283
284 // Asynchronously loads a blacklist from a binary file at |path| and applies
285 // it to the URL filters. If no file exists at |path| yet, downloads a file
286 // from |url| and stores it at |path| first.
287 void LoadBlacklist(const base::FilePath& path, const GURL& url);
288
289 void OnBlacklistFileChecked(const base::FilePath& path,
290 const GURL& url,
291 bool file_exists);
292
293 // Asynchronously loads a blacklist from a binary file at |path| and applies
294 // it to the URL filters.
295 void LoadBlacklistFromFile(const base::FilePath& path);
296
297 void OnBlacklistDownloadDone(const base::FilePath& path, bool success);
298
299 void OnBlacklistLoaded();
300
301 // Updates the manual overrides for hosts in the URL filters when the
302 // corresponding preference is changed.
303 void UpdateManualHosts();
304
305 // Updates the manual overrides for URLs in the URL filters when the
306 // corresponding preference is changed.
307 void UpdateManualURLs();
308
309 // Returns the human readable name of the supervised user.
310 std::string GetSupervisedUserName() const;
311
312 // Subscribes to the SupervisedUserPrefStore, refreshes
313 // |includes_sync_sessions_type_| and triggers reconfiguring the
314 // ProfileSyncService.
315 void OnHistoryRecordingStateChanged();
316
317 // Returns true if the syncer::SESSIONS type should be included in Sync.
318 bool IncludesSyncSessionsType() const;
319
320 // The option a custodian sets to either record or prevent recording the
321 // supervised user's history. Set by |FetchNewSessionSyncState()| and
322 // defaults to true.
323 bool includes_sync_sessions_type_;
324
325 // Owns us via the KeyedService mechanism.
326 Profile* profile_;
327
328 bool active_;
329
330 Delegate* delegate_;
331
332 PrefChangeRegistrar pref_change_registrar_;
333
334 // True iff we're waiting for the Sync service to be initialized.
335 bool waiting_for_sync_initialization_;
336 bool is_profile_active_;
337
338 std::vector<NavigationBlockedCallback> navigation_blocked_callbacks_;
339
340 // True only when |Init()| method has been called.
341 bool did_init_;
342
343 // True only when |Shutdown()| method has been called.
344 bool did_shutdown_;
345
346 URLFilterContext url_filter_context_;
347 scoped_ptr<SupervisedUserBlacklistDownloader> blacklist_downloader_;
348
349 scoped_ptr<SupervisedUserWhitelistService> whitelist_service_;
350
351 // Used to create permission requests.
352 ScopedVector<PermissionRequestCreator> permissions_creators_;
353
354 base::ObserverList<SupervisedUserServiceObserver> observer_list_;
355
356 base::WeakPtrFactory<SupervisedUserService> weak_ptr_factory_;
357 };
358
359 #endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_