1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
|
// Copyright 2014 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
#define CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
#include <memory>
#include <string>
#include <vector>
#include "base/containers/flat_map.h"
#include "base/containers/flat_set.h"
#include "base/memory/raw_ptr.h"
#include "base/memory/singleton.h"
#include "base/observer_list.h"
#include "base/values.h"
#include "chrome/browser/extensions/forced_extensions/install_stage_tracker.h"
#include "chrome/browser/extensions/managed_installation_mode.h"
#include "chrome/browser/profiles/profile_keyed_service_factory.h"
#include "components/keyed_service/core/keyed_service.h"
#include "components/prefs/pref_change_registrar.h"
#include "extensions/browser/management_policy.h"
#include "extensions/buildflags/buildflags.h"
#include "extensions/common/extension_id.h"
#include "extensions/common/manifest.h"
static_assert(BUILDFLAG(ENABLE_EXTENSIONS_CORE));
class GURL;
class PrefService;
class Profile;
namespace content {
class BrowserContext;
} // namespace content
namespace extensions {
namespace internal {
struct IndividualSettings;
struct GlobalSettings;
} // namespace internal
class APIPermissionSet;
class CWSInfoServiceInterface;
class Extension;
class PermissionSet;
// Tracks the management policies that affect extensions and provides interfaces
// for observing and obtaining the global settings for all extensions, as well
// as per-extension settings.
class ExtensionManagement : public KeyedService {
public:
// Observer class for extension management settings changes.
class Observer {
public:
virtual ~Observer() = default;
// Called when the extension management settings change.
virtual void OnExtensionManagementSettingsChanged() = 0;
};
explicit ExtensionManagement(Profile* profile);
ExtensionManagement(const ExtensionManagement&) = delete;
ExtensionManagement& operator=(const ExtensionManagement&) = delete;
~ExtensionManagement() override;
// KeyedService implementations:
void Shutdown() override;
void AddObserver(Observer* observer);
void RemoveObserver(Observer* observer);
// Get the list of ManagementPolicy::Provider controlled by extension
// management policy settings.
const std::vector<std::unique_ptr<ManagementPolicy::Provider>>& GetProviders()
const;
// Checks if extensions are blocklisted by default, by policy. When true,
// this means that even extensions without an ID should be blocklisted (e.g.
// from the command line, or when loaded as an unpacked extension).
bool BlocklistedByDefault() const;
#if BUILDFLAG(ENABLE_DESKTOP_ANDROID_EXTENSIONS)
// Checks if extensions are enabled for Desktop Android for the current
// profile. This is temporary for until extensions are ready for dogfooding.
// TODO(crbug.com/422307625): Remove this check once extensions are ready for
// dogfooding.
bool ExtensionsEnabledForDesktopAndroid() const;
#endif // BUILDFLAG(ENABLE_DESKTOP_ANDROID_EXTENSIONS)
// Returns installation mode for an extension.
ManagedInstallationMode GetInstallationMode(const Extension* extension);
// Returns installation mode for an extension with id `extension_id` and
// updated with `update_url`.
ManagedInstallationMode GetInstallationMode(const ExtensionId& extension_id,
const std::string& update_url);
// Returns the force install list, in format specified by
// ExternalPolicyLoader::AddExtension().
base::Value::Dict GetForceInstallList() const;
// Like GetForceInstallList(), but returns recommended install list instead.
base::Value::Dict GetRecommendedInstallList() const;
// Returns `true` if there is at least one extension with
// `INSTALLATION_ALLOWED` as installation mode. This excludes force installed
// extensions.
bool HasAllowlistedExtension();
// Returns if an extension with `id` is force installed and the update URL is
// overridden by policy.
bool IsUpdateUrlOverridden(const ExtensionId& id);
// Get the effective update URL for the extension. Normally this URL comes
// from the extension manifest, but may be overridden by policies.
GURL GetEffectiveUpdateURL(const Extension& extension);
// Returns true if this extension's update URL is from webstore.
bool UpdatesFromWebstore(const Extension& extension);
// Returns if an extension with id `id` is explicitly allowed by enterprise
// policy or not.
bool IsInstallationExplicitlyAllowed(const ExtensionId& id);
// Returns if an extension with id `id` is explicitly blocked by enterprise
// policy or not.
bool IsInstallationExplicitlyBlocked(const ExtensionId& id);
// Returns true if an extension download should be allowed to proceed.
bool IsOffstoreInstallAllowed(const GURL& url,
const GURL& referrer_url) const;
// Returns true if an extension with manifest type `manifest_type` and
// id `extension_id` is allowed to be installed.
bool IsAllowedManifestType(Manifest::Type manifest_type,
const std::string& extension_id) const;
bool IsAllowedManifestVersion(int manifest_version,
const std::string& extension_id,
Manifest::Type manifest_type);
bool IsAllowedManifestVersion(const Extension* extension);
// Returns true if the extension associated with the given `extension_id` is
// exempt from the MV2 deprecation because of an active admin policy.
bool IsExemptFromMV2DeprecationByPolicy(int manifest_version,
const std::string& extension_id,
Manifest::Type manifest_type);
bool IsAllowedByUnpublishedAvailabilityPolicy(const Extension* extension);
// Returns false if the extension is loaded as unpacked and the developer mode
// is OFF.
bool IsAllowedByUnpackedDeveloperModePolicy(const Extension& extension);
// Returns true if a force-installed extension is in a low-trust environment.
bool IsForceInstalledInLowTrustEnvironment(const Extension& extension);
// Returns true if an off-store extension is force-installed in low trust
// environments. Only trusted environments like domain-joined devices or
// cloud-managed user profiles are allowed to force-install off-store
// extensions. All other devices and users may still install policy extensions
// but they must be hosted within the web store. See https://b/283274398.
bool ShouldBlockForceInstalledOffstoreExtension(const Extension& extension);
// Returns the list of blocked API permissions for `extension`.
APIPermissionSet GetBlockedAPIPermissions(const Extension* extension);
// Returns the list of blocked API permissions for an extension with id
// `extension_id` and updated with `update_url`.
APIPermissionSet GetBlockedAPIPermissions(const ExtensionId& extension_id,
const std::string& update_url);
// Returns the list of hosts blocked by policy for `extension`.
const URLPatternSet& GetPolicyBlockedHosts(const Extension* extension);
// Returns the hosts exempted by policy from the PolicyBlockedHosts for
// `extension`.
const URLPatternSet& GetPolicyAllowedHosts(const Extension* extension);
// Returns the list of hosts blocked by policy for Default scope. This can be
// overridden by an individual scope which is queried via
// GetPolicyBlockedHosts.
const URLPatternSet& GetDefaultPolicyBlockedHosts() const;
// Returns the hosts exempted by policy from PolicyBlockedHosts for
// the default scope. This can be overridden by an individual scope which is
// queries via GetPolicyAllowedHosts. This should only be used to
// initialize a new renderer.
const URLPatternSet& GetDefaultPolicyAllowedHosts() const;
// Checks if an `extension` has its own runtime_blocked_hosts or
// runtime_allowed_hosts defined in the individual scope of the
// ExtensionSettings policy.
// Returns false if an individual scoped setting isn't defined.
bool UsesDefaultPolicyHostRestrictions(const Extension* extension);
// Returns blocked permission set for `extension`.
std::unique_ptr<const PermissionSet> GetBlockedPermissions(
const Extension* extension);
// If the extension is blocked from install and a custom error message
// was defined returns it. Otherwise returns an empty string. The maximum
// string length is 1000 characters.
const std::string BlockedInstallMessage(const ExtensionId& id);
// Returns true if every permission in `perms` is allowed for `extension`.
bool IsPermissionSetAllowed(const Extension* extension,
const PermissionSet& perms);
// Returns true if every permission in `perms` is allowed for an extension
// with id `extension_id` and updated with `update_url`.
bool IsPermissionSetAllowed(const ExtensionId& extension_id,
const std::string& update_url,
const PermissionSet& perms);
// Returns true if `extension` meets the minimum required version set for it.
// If there is no such requirement set for it, returns true as well.
// If false is returned and `required_version` is not null, the minimum
// required version is returned.
bool CheckMinimumVersion(const Extension* extension,
std::string* required_version);
// Returns the list of extensions with "force_pinned" mode for the
// "toolbar_pin" setting. This only considers policies that are loaded (e.g.
// aren't deferred).
ExtensionIdSet GetForcePinnedList() const;
// Returns if an extension with `id` can navigate to file URLs.
bool IsFileUrlNavigationAllowed(const ExtensionId& id);
private:
using SettingsIdMap =
base::flat_map<ExtensionId,
std::unique_ptr<internal::IndividualSettings>>;
using SettingsUpdateUrlMap =
base::flat_map<std::string,
std::unique_ptr<internal::IndividualSettings>>;
friend class ExtensionManagementServiceTest;
// Load all extension management preferences from `pref_service`, and
// refresh the settings.
void Refresh();
// Tries to parse the individual setting in `settings_by_id_` for
// `extension_id`. Returns true if it succeeds, otherwise returns false and
// removes the entry from `settings_by_id_`.
bool ParseById(const std::string& extension_id,
const base::Value::Dict& subdict);
// Returns the individual settings for `extension_id` if it exists, otherwise
// returns nullptr. This method will also lazy load the settings if they're
// not loaded yet.
internal::IndividualSettings* GetSettingsForId(
const std::string& extension_id);
// Loads the deferred settings information for `extension_id`.
void LoadDeferredExtensionSetting(const std::string& extension_id);
// Loads preference with name `pref_name` and expected type `expected_type`.
// If `force_managed` is true, only loading from the managed preference store
// is allowed. Returns NULL if the preference is not present, not allowed to
// be loaded from or has the wrong type.
const base::Value* LoadPreference(const char* pref_name,
bool force_managed,
base::Value::Type expected_type) const;
// Loads the dictionary preference with name `pref_name` - see
// `LoadPreference` for more details.
const base::Value::Dict* LoadDictPreference(const char* pref_name,
bool force_managed) const;
// Loads the list preference with name `pref_name` - see `LoadPreference` for
// more details.
const base::Value::List* LoadListPreference(const char* pref_name,
bool force_managed) const;
void OnExtensionPrefChanged();
void NotifyExtensionManagementPrefChanged();
// Reports install creation stage to InstallStageTracker for the extensions.
// `forced_stage` is reported for the extensions which have installation mode
// as INSTALLATION_FORCED, and `other_stage` is reported for all other
// installation modes.
void ReportExtensionManagementInstallCreationStage(
InstallStageTracker::InstallCreationStage forced_stage,
InstallStageTracker::InstallCreationStage other_stage);
// Helper to return an extension install list, in format specified by
// ExternalPolicyLoader::AddExtension().
base::Value::Dict GetInstallListByMode(
ManagedInstallationMode installation_mode) const;
// Helper to update `extension_dict` for forced installs.
void UpdateForcedExtensions(const base::Value::Dict* extension_dict);
// Helper function to access `settings_by_id_` with `id` as key.
// Adds a new IndividualSettings entry to `settings_by_id_` if none exists for
// `id` yet.
internal::IndividualSettings* AccessById(const ExtensionId& id);
// Similar to AccessById(), but access `settings_by_update_url_` instead.
internal::IndividualSettings* AccessByUpdateUrl(
const std::string& update_url);
// A map containing all IndividualSettings applied to an individual extension
// identified by extension ID. The extension ID is used as index key of the
// map.
SettingsIdMap settings_by_id_;
// A set of extension IDs whose parsing of settings and insertion into
// `settings_by_id_` has been deferred until needed. We keep track of this to
// avoid scanning the prefs repeatedly for entries that don't have a setting.
base::flat_set<std::string> deferred_ids_;
// Similar to `settings_by_id_`, but contains the settings for a group of
// extensions with same update URL. The update url itself is used as index
// key for the map.
SettingsUpdateUrlMap settings_by_update_url_;
// The default IndividualSettings.
// For extension settings applied to an individual extension (identified by
// extension ID) or a group of extension (with specified extension update
// URL), all unspecified part will take value from `default_settings_`.
// For all other extensions, all settings from `default_settings_` will be
// enforced.
std::unique_ptr<internal::IndividualSettings> default_settings_;
// Extension settings applicable to all extensions.
std::unique_ptr<internal::GlobalSettings> global_settings_;
const raw_ptr<Profile> profile_ = nullptr;
raw_ptr<PrefService> pref_service_ = nullptr;
bool is_signin_profile_ = false;
base::ObserverList<Observer, true>::Unchecked observer_list_;
PrefChangeRegistrar pref_change_registrar_;
std::vector<std::unique_ptr<ManagementPolicy::Provider>> providers_;
// Unowned pointer to the CWSInfoService keyed-service instance for this
// profile. The service provides information about CWS publish status for
// extensions.
raw_ptr<CWSInfoServiceInterface> cws_info_service_ = nullptr;
};
class ExtensionManagementFactory : public ProfileKeyedServiceFactory {
public:
ExtensionManagementFactory(const ExtensionManagementFactory&) = delete;
ExtensionManagementFactory& operator=(const ExtensionManagementFactory&) =
delete;
static ExtensionManagement* GetForBrowserContext(
content::BrowserContext* context);
static ExtensionManagementFactory* GetInstance();
private:
friend struct base::DefaultSingletonTraits<ExtensionManagementFactory>;
ExtensionManagementFactory();
~ExtensionManagementFactory() override;
// BrowserContextKeyedServiceExtensionManagementFactory:
std::unique_ptr<KeyedService> BuildServiceInstanceForBrowserContext(
content::BrowserContext* context) const override;
};
} // namespace extensions
#endif // CHROME_BROWSER_EXTENSIONS_EXTENSION_MANAGEMENT_H_
|
