Only grant permissions to new extensions from sync if they have the expected version
[chromium-blink-merge.git] / chrome / browser / extensions / extension_management_internal.h
blob36eb6ccde75f2339ef3afacef800fa7a463cd6c0
1 // Copyright 2014 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4 #ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_INTERNAL_H_
5 #define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_INTERNAL_H_
7 #include <string>
8 #include <vector>
10 #include "base/macros.h"
11 #include "chrome/browser/extensions/extension_management.h"
12 #include "extensions/common/manifest.h"
13 #include "extensions/common/permissions/api_permission_set.h"
15 namespace base {
16 class DictionaryValue;
17 class Version;
18 } // namespace base
20 namespace extensions {
22 class URLPatternSet;
24 namespace internal {
26 // Class to hold extension management settings for one or a group of
27 // extensions. Settings can be applied to an individual extension identified
28 // by an ID, a group of extensions with specific |update_url| or all
29 // extensions at once.
30 // The settings applied to all extensions are the default settings and can be
31 // overridden by per-extension or per-update-url settings.
32 // There are multiple fields in this class. Unspecified fields in per-extension
33 // and per-update-url settings will take value from default settings (or merge
34 // from that, see per-field comments below for details). Unspecified fields in
35 // default extensions will take the default fall back value instead.
36 // Since update URL is not directly associated to extension ID, per-extension
37 // and per-update-url settings might be enforced at the same time, see per-field
38 // comments below for details.
39 struct IndividualSettings {
40 enum ParsingScope {
41 // Parses the default settings.
42 SCOPE_DEFAULT = 0,
43 // Parses the settings for extensions with specified update URL in its
44 // manifest.
45 SCOPE_UPDATE_URL,
46 // Parses the settings for an extension with specified extension ID.
47 SCOPE_INDIVIDUAL,
50 IndividualSettings();
51 explicit IndividualSettings(const IndividualSettings* default_settings);
52 ~IndividualSettings();
54 void Reset();
56 // Parses the individual settings. |dict| is a sub-dictionary in extension
57 // management preference and |scope| represents the applicable range of the
58 // settings, a single extension, a group of extensions or default settings.
59 // Note that in case of parsing errors, |this| will NOT be left untouched.
60 // This method is required to be called for SCOPE_DEFAULT first, then
61 // for SCOPE_INDIVIDUAL and SCOPE_UPDATE_URL.
62 bool Parse(const base::DictionaryValue* dict, ParsingScope scope);
64 // Extension installation mode. Setting this to INSTALLATION_FORCED or
65 // INSTALLATION_RECOMMENDED will enable extension auto-loading (only
66 // applicable to single extension), and in this case the |update_url| must
67 // be specified, containing the update URL for this extension.
68 // Note that |update_url| will be ignored for INSTALLATION_ALLOWED and
69 // INSTALLATION_BLOCKED installation mode.
70 // This setting will override the default settings, and unspecified
71 // setting will take value from default settings.
72 // In case this setting is specified in both per-extensions and
73 // per-update-url settings, per-extension settings will override
74 // per-update-url settings.
75 ExtensionManagement::InstallationMode installation_mode;
76 std::string update_url;
78 // Permissions block list for extensions. This setting won't grant permissions
79 // to extensions automatically. Instead, this setting will provide a list of
80 // blocked permissions for each extension. That is, if an extension requires a
81 // permission which has been blacklisted, this extension will not be allowed
82 // to load. And if it contains a blocked permission as optional requirement,
83 // it will be allowed to load (of course, with permission granted from user if
84 // necessary), but conflicting permissions will be dropped. This setting will
85 // merge from the default settings, and unspecified settings will take value
86 // from default settings.
87 // In case this setting is specified in both per-extensions and per-update-url
88 // settings, both settings will be enforced.
89 APIPermissionSet blocked_permissions;
91 // Minimum version required for an extensions, applies to per-extension
92 // settings only. Extension (with specified extension ID) with version older
93 // than the specified minimum version will be disabled.
94 scoped_ptr<base::Version> minimum_version_required;
96 private:
97 DISALLOW_COPY_AND_ASSIGN(IndividualSettings);
100 // Global extension management settings, applicable to all extensions.
101 struct GlobalSettings {
102 GlobalSettings();
103 ~GlobalSettings();
105 void Reset();
107 // Settings specifying which URLs are allowed to install extensions, will be
108 // enforced only if |has_restricted_install_sources| is set to true.
109 URLPatternSet install_sources;
110 bool has_restricted_install_sources;
112 // Settings specifying all allowed app/extension types, will be enforced
113 // only of |has_restricted_allowed_types| is set to true.
114 std::vector<Manifest::Type> allowed_types;
115 bool has_restricted_allowed_types;
117 private:
118 DISALLOW_COPY_AND_ASSIGN(GlobalSettings);
121 } // namespace internal
123 } // namespace extensions
125 #endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_INTERNAL_H_