1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
5 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
6 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
11 #include "base/containers/scoped_ptr_hash_map.h"
12 #include "base/macros.h"
13 #include "base/memory/ref_counted.h"
14 #include "base/memory/scoped_ptr.h"
15 #include "base/memory/scoped_vector.h"
16 #include "base/memory/singleton.h"
17 #include "base/observer_list.h"
18 #include "base/prefs/pref_change_registrar.h"
19 #include "base/values.h"
20 #include "components/keyed_service/content/browser_context_keyed_service_factory.h"
21 #include "components/keyed_service/core/keyed_service.h"
22 #include "extensions/browser/management_policy.h"
23 #include "extensions/common/extension.h"
24 #include "extensions/common/manifest.h"
31 } // namespace content
33 namespace extensions
{
37 struct IndividualSettings
;
38 struct GlobalSettings
;
40 } // namespace internal
42 class APIPermissionSet
;
45 // Tracks the management policies that affect extensions and provides interfaces
46 // for observing and obtaining the global settings for all extensions, as well
47 // as per-extension settings.
48 class ExtensionManagement
: public KeyedService
{
50 // Observer class for extension management settings changes.
53 virtual ~Observer() {}
55 // Called when the extension management settings change.
56 virtual void OnExtensionManagementSettingsChanged() = 0;
59 // Installation mode for extensions, default is INSTALLATION_ALLOWED.
60 // * INSTALLATION_ALLOWED: Extension can be installed.
61 // * INSTALLATION_BLOCKED: Extension cannot be installed.
62 // * INSTALLATION_FORCED: Extension will be installed automatically
63 // and cannot be disabled.
64 // * INSTALLATION_RECOMMENDED: Extension will be installed automatically but
66 enum InstallationMode
{
67 INSTALLATION_ALLOWED
= 0,
70 INSTALLATION_RECOMMENDED
,
73 explicit ExtensionManagement(PrefService
* pref_service
);
74 ~ExtensionManagement() override
;
76 // KeyedService implementations:
77 void Shutdown() override
;
79 void AddObserver(Observer
* observer
);
80 void RemoveObserver(Observer
* observer
);
82 // Get the list of ManagementPolicy::Provider controlled by extension
83 // management policy settings.
84 std::vector
<ManagementPolicy::Provider
*> GetProviders() const;
86 // Checks if extensions are blacklisted by default, by policy. When true,
87 // this means that even extensions without an ID should be blacklisted (e.g.
88 // from the command line, or when loaded as an unpacked extension).
89 bool BlacklistedByDefault() const;
91 // Returns installation mode for an extension.
92 InstallationMode
GetInstallationMode(const Extension
* extension
) const;
94 // Returns the force install list, in format specified by
95 // ExternalPolicyLoader::AddExtension().
96 scoped_ptr
<base::DictionaryValue
> GetForceInstallList() const;
98 // Like GetForceInstallList(), but returns recommended install list instead.
99 scoped_ptr
<base::DictionaryValue
> GetRecommendedInstallList() const;
101 // Returns if an extension with id |id| is explicitly allowed by enterprise
103 bool IsInstallationExplicitlyAllowed(const ExtensionId
& id
) const;
105 // Returns true if an extension download should be allowed to proceed.
106 bool IsOffstoreInstallAllowed(const GURL
& url
,
107 const GURL
& referrer_url
) const;
109 // Returns true if an extension with manifest type |manifest_type| is
110 // allowed to be installed.
111 bool IsAllowedManifestType(Manifest::Type manifest_type
) const;
113 // Returns the list of blocked API permissions for |extension|.
114 APIPermissionSet
GetBlockedAPIPermissions(const Extension
* extension
) const;
116 // Returns blocked permission set for |extension|.
117 scoped_refptr
<const PermissionSet
> GetBlockedPermissions(
118 const Extension
* extension
) const;
120 // Returns true if every permission in |perms| is allowed for |extension|.
121 bool IsPermissionSetAllowed(const Extension
* extension
,
122 scoped_refptr
<const PermissionSet
> perms
) const;
124 // Returns true if |extension| meets the minimum required version set for it.
125 // If there is no such requirement set for it, returns true as well.
126 // If false is returned and |required_version| is not null, the minimum
127 // required version is returned.
128 bool CheckMinimumVersion(const Extension
* extension
,
129 std::string
* required_version
) const;
132 typedef base::ScopedPtrHashMap
<ExtensionId
,
133 scoped_ptr
<internal::IndividualSettings
>>
135 typedef base::ScopedPtrHashMap
<std::string
,
136 scoped_ptr
<internal::IndividualSettings
>>
137 SettingsUpdateUrlMap
;
138 friend class ExtensionManagementServiceTest
;
140 // Load all extension management preferences from |pref_service|, and
141 // refresh the settings.
144 // Load preference with name |pref_name| and expected type |expected_type|.
145 // If |force_managed| is true, only loading from the managed preference store
146 // is allowed. Returns NULL if the preference is not present, not allowed to
147 // be loaded from or has the wrong type.
148 const base::Value
* LoadPreference(const char* pref_name
,
150 base::Value::Type expected_type
);
152 void OnExtensionPrefChanged();
153 void NotifyExtensionManagementPrefChanged();
155 // Helper function to access |settings_by_id_| with |id| as key.
156 // Adds a new IndividualSettings entry to |settings_by_id_| if none exists for
158 internal::IndividualSettings
* AccessById(const ExtensionId
& id
);
160 // Similar to AccessById(), but access |settings_by_update_url_| instead.
161 internal::IndividualSettings
* AccessByUpdateUrl(
162 const std::string
& update_url
);
164 // A map containing all IndividualSettings applied to an individual extension
165 // identified by extension ID. The extension ID is used as index key of the
167 SettingsIdMap settings_by_id_
;
169 // Similar to |settings_by_id_|, but contains the settings for a group of
170 // extensions with same update URL. The update url itself is used as index
172 SettingsUpdateUrlMap settings_by_update_url_
;
174 // The default IndividualSettings.
175 // For extension settings applied to an individual extension (identified by
176 // extension ID) or a group of extension (with specified extension update
177 // URL), all unspecified part will take value from |default_settings_|.
178 // For all other extensions, all settings from |default_settings_| will be
180 scoped_ptr
<internal::IndividualSettings
> default_settings_
;
182 // Extension settings applicable to all extensions.
183 scoped_ptr
<internal::GlobalSettings
> global_settings_
;
185 PrefService
* pref_service_
;
187 base::ObserverList
<Observer
, true> observer_list_
;
188 PrefChangeRegistrar pref_change_registrar_
;
189 ScopedVector
<ManagementPolicy::Provider
> providers_
;
191 DISALLOW_COPY_AND_ASSIGN(ExtensionManagement
);
194 class ExtensionManagementFactory
: public BrowserContextKeyedServiceFactory
{
196 static ExtensionManagement
* GetForBrowserContext(
197 content::BrowserContext
* context
);
198 static ExtensionManagementFactory
* GetInstance();
201 friend struct base::DefaultSingletonTraits
<ExtensionManagementFactory
>;
203 ExtensionManagementFactory();
204 ~ExtensionManagementFactory() override
;
206 // BrowserContextKeyedServiceExtensionManagementFactory:
207 KeyedService
* BuildServiceInstanceFor(
208 content::BrowserContext
* context
) const override
;
209 content::BrowserContext
* GetBrowserContextToUse(
210 content::BrowserContext
* context
) const override
;
211 void RegisterProfilePrefs(
212 user_prefs::PrefRegistrySyncable
* registry
) override
;
214 DISALLOW_COPY_AND_ASSIGN(ExtensionManagementFactory
);
217 } // namespace extensions
219 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_