1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
|
// Copyright 2020 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_EXTENSIONS_DELEGATE_IMPL_H_
#define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_EXTENSIONS_DELEGATE_IMPL_H_
#include <memory>
#include <optional>
#include "base/memory/raw_ptr.h"
#include "base/memory/weak_ptr.h"
#include "chrome/browser/supervised_user/supervised_user_extensions_manager.h"
#include "extensions/browser/supervised_user_extensions_delegate.h"
#if BUILDFLAG(IS_CHROMEOS)
#include "chrome/browser/supervised_user/chromeos/parent_access_extension_approvals_manager.h"
#endif
namespace content {
class BrowserContext;
class WebContents;
} // namespace content
namespace gfx {
class ImageSkia;
} // namespace gfx
class ParentPermissionDialog;
namespace extensions {
class ExtensionIconLoader;
enum class ExtensionInstalledBlockedByParentDialogAction;
// Handles extensions approvals for supervised users.
// Decides which version of the flow should be used and dispatches the calls
// accordingly. Currently we support two flow versions.
// - A browser dialog, which is shown for non-ChromeOS desktop platforms.
// - A system component dialog implemented for ChromeOS.
class SupervisedUserExtensionsDelegateImpl
: public SupervisedUserExtensionsDelegate {
public:
explicit SupervisedUserExtensionsDelegateImpl(
content::BrowserContext* context);
~SupervisedUserExtensionsDelegateImpl() override;
// SupervisedUserExtensionsDelegate overrides
bool IsChild() const override;
bool IsExtensionAllowedByParent(const Extension& extension) const override;
void RequestToAddExtensionOrShowError(
const Extension& extension,
content::WebContents* web_contents,
const gfx::ImageSkia& icon,
SupervisedUserExtensionParentApprovalEntryPoint
extension_approval_entry_point,
ExtensionApprovalDoneCallback extension_approval_callback) override;
void RequestToEnableExtensionOrShowError(
const Extension& extension,
content::WebContents* web_contents,
SupervisedUserExtensionParentApprovalEntryPoint
extension_approval_entry_point,
ExtensionApprovalDoneCallback extension_approval_callback) override;
void UpdateManagementPolicyRegistration() override;
bool CanInstallExtensions() const override;
void AddExtensionApproval(const extensions::Extension& extension) override;
void MaybeRecordPermissionsIncreaseMetrics(
const extensions::Extension& extension) override;
void RemoveExtensionApproval(const extensions::Extension& extension) override;
void RecordExtensionEnablementUmaMetrics(bool enabled) const override;
private:
// Shows a ParentPermissionDialog for |extension| and calls
// |done_callback| when it completes. Called for non-ChromeOS desktop
// platforms.
void ShowParentPermissionDialogForExtension(
const Extension& extension,
content::WebContents* contents,
const gfx::ImageSkia& icon,
SupervisedUserExtensionParentApprovalEntryPoint
extension_approval_entry_point);
// Shows ParentPermissionDialog indicating that |extension| has been blocked
// and call |done_callback| when it completes. Depending on the blocked_action
// type, the UI of the dialog may differ. Called for desktop non-ChromeOS
// platforms.
void ShowInstallBlockedByParentDialogForExtension(
const Extension& extension,
content::WebContents* contents,
ExtensionInstalledBlockedByParentDialogAction blocked_action);
// This method is called after all async data are fetched.
// Since `WebContents` that initiated the request could be destroyed during
// the async fetch the method cancels the request if `contents` was specified,
// but is not valid anymore. `contents` is an optional argument because the
// request can be made from an entry point not associate with `WebContents`.
// This method decides which version of the flow to start.
// On non-ChromeOS desktop platforms, a browser permission dialog or
// browser blocked dialog is shown. On ChromeOS, ParentAccessDialog is
// shown. The widget handles blocked state internally.
void RequestExtensionApproval(
const Extension& extension,
std::optional<base::WeakPtr<content::WebContents>> contents,
SupervisedUserExtensionParentApprovalEntryPoint
extension_approval_entry_point,
const gfx::ImageSkia& icon);
// The ParentPermissionDialog pointer is only destroyed when a new dialog is
// created or the SupervisedUserExtensionsDelegate is destroyed. Therefore
// there can only be one dialog opened at a time and the last dialog object
// can have a pretty long lifetime.
// TODO(b/278874130): Move non ChromeOS platform-specific code to its own
// class for clearer distinction.
std::unique_ptr<ParentPermissionDialog> parent_permission_dialog_;
SupervisedUserExtensionsDelegate::ExtensionApprovalDoneCallback
done_callback_;
std::unique_ptr<ExtensionIconLoader> icon_loader_;
const raw_ptr<content::BrowserContext> context_;
#if BUILDFLAG(IS_CHROMEOS)
// Manages the ChromeOS-specific approval flow.
// The extension approvals manager is destroyed when a new ParentAccessDialog
// is created or this delegate is destroyed.
std::unique_ptr<ParentAccessExtensionApprovalsManager>
extension_approvals_manager_;
#endif
SupervisedUserExtensionsManager extensions_manager_;
};
} // namespace extensions
#endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_EXTENSIONS_DELEGATE_IMPL_H_
|
