Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(44)

Side by Side Diff: chrome/browser/extensions/management_policy.h

Issue 10382149: Refactor the various ways to control what users can do to extensions. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Created 8 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
Property Changes:
Added: svn:eol-style
+ LF
OLDNEW
(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #ifndef CHROME_BROWSER_EXTENSIONS_MANAGEMENT_POLICY_H_
6 #define CHROME_BROWSER_EXTENSIONS_MANAGEMENT_POLICY_H_
7 #pragma once
8
9 #include <set>
10 #include <string>
11
12 #include "base/basictypes.h"
13 #include "chrome/common/extensions/extension.h"
14
15 namespace extensions {
16
17 // This class registers providers that want to prohibit certain actions from
18 // being applied to extensions. It must be called, via the ExtensionService,
19 // before allowing a user or a user-level mechanism to perform the respective
20 // action. (That is, installing or otherwise modifying an extension in order
21 // to conform to enterprise administrator policy must be exempted from these
22 // checks.)
23 //
24 // This "policy" and its providers should not be confused with administrator
25 // policy, although admin policy is one of the sources ("Providers") of
26 // restrictions registered with and exposed by the ManagementPolicy.
27 class ManagementPolicy {
28 public:
29 // Each mechanism that wishes to limit users' ability to control extensions,
30 // whether one individual extension or the whole system, should implement
31 // the methods of this Provider interface that it needs. In each case, if the
32 // provider does not need to control a certain action, that method does not
33 // need to be implemented.
34 //
35 // It is not guaranteed that a particular Provider's methods will be called
36 // each time a user tries to perform one of the controlled actions (the list
37 // of providers is short-circuited as soon as a decision is possible), so
38 // implementations of these methods must have no side effects.
39 //
40 // For all of the Provider methods below, if |error| is not NULL and the
41 // method imposes a restriction on the desired action, |error| may be set
42 // to an applicable error message, but this is not required.
43 class Provider {
44 public:
45 Provider() {}
46 virtual ~Provider() {}
47
48 // A human-readable name for this provider, for use in debug messages.
49 virtual std::string GetPolicyProviderName() const = 0;
50
51 // Providers should return false if a user may not install the |extension|,
52 // or load or run it if it has already been installed.
53 virtual bool UserMayLoad(const Extension* extension,
54 string16* error) const;
55
56 // Providers should return false if a user may not enable, disable, or
57 // uninstall the |extension|, or change its usage options (incognito
58 // permission, file access, etc.).
59 virtual bool UserMayModifySettings(const Extension* extension,
60 string16* error) const;
61
62 // Providers should return true if the |extension| must always remain
63 // enabled. This is distinct from UserMayModifySettings() in that the latter
64 // also prohibits enabling the extension if it is currently disabled.
65 // Providers implementing this method should also implement the others
66 // above, if they wish to completely lock in an extension.
67 virtual bool MustRemainEnabled(const Extension* extension,
68 string16* error) const;
69
70 private:
71 DISALLOW_COPY_AND_ASSIGN(Provider);
72 };
73
74 ManagementPolicy();
75 ~ManagementPolicy();
76
77 // Registers or unregisters a provider, causing it to be added to or removed
78 // from the list of providers queried. Ownership of the provider remains with
79 // the caller. Providers do not need to be unregistered on shutdown.
80 void RegisterProvider(Provider* provider);
81 void UnregisterProvider(Provider* provider);
82
83 // Returns true if the user is permitted to install, load, and run the given
84 // extension. If not, |error| may be set to an appropriate message.
85 bool UserMayLoad(const Extension* extension, string16* error) const;
86
87 // Returns true if the user is permitted to enable, disable, or uninstall the
88 // given extension, or change the extension's usage options (incognito mode,
89 // file access, etc.). If not, |error| may be set to an appropriate message.
90 bool UserMayModifySettings(const Extension* extension,
91 string16* error) const;
92
93 // Returns true if the extension must remain enabled at all times (e.g. a
94 // compoment extension). In that case, |error| may be set to an appropriate
95 // message.
96 bool MustRemainEnabled(const Extension* extension,
97 string16* error) const;
98
99 // For use in testing.
100 void UnregisterAllProviders();
101 int GetNumProviders() const;
102
103 private:
104 typedef std::set<Provider*> ProviderList;
105 ProviderList providers_;
106
107 DISALLOW_COPY_AND_ASSIGN(ManagementPolicy);
108 };
109
110 } // namespace
111
112 #endif // CHROME_BROWSER_EXTENSIONS_MANAGEMENT_POLICY_H_
OLDNEW
« no previous file with comments | « chrome/browser/extensions/installed_loader.cc ('k') | chrome/browser/extensions/management_policy.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698