1116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// Copyright 2014 The Chromium Authors. All rights reserved. 2116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// Use of this source code is governed by a BSD-style license that can be 3116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch// found in the LICENSE file. 4116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 5116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_local_account_extension_tracker.h" 6116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 7116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/logging.h" 8116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/prefs/pref_value_map.h" 9116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "base/values.h" 10116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/chromeos/policy/device_local_account.h" 11116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "chrome/browser/extensions/policy_handlers.h" 12116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/policy/core/common/policy_map.h" 13116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/policy/core/common/policy_namespace.h" 14116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/policy/core/common/schema.h" 15116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "components/policy/core/common/schema_registry.h" 16116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch#include "extensions/browser/pref_names.h" 17116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 18116680a4aac90f2aa7413d9095a592090648e557Ben Murdochnamespace policy { 19116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 20116680a4aac90f2aa7413d9095a592090648e557Ben MurdochDeviceLocalAccountExtensionTracker::DeviceLocalAccountExtensionTracker( 21116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const DeviceLocalAccount& account, 22116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch CloudPolicyStore* store, 23116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch SchemaRegistry* schema_registry) 24116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch : store_(store), 25116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch schema_registry_(schema_registry) { 26116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (account.type == DeviceLocalAccount::TYPE_KIOSK_APP) { 27116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // This is easy: Just add a component for the app id. 28116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, account.kiosk_app_id); 29116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch schema_registry_->RegisterComponent(ns, Schema()); 30116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } else if (account.type == DeviceLocalAccount::TYPE_PUBLIC_SESSION) { 31116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // For public sessions, track the value of the ExtensionInstallForcelist 32116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // policy. 33116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch store_->AddObserver(this); 34116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch UpdateFromStore(); 35116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } else { 36116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch NOTREACHED(); 37116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 38116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 39116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch schema_registry_->SetReady(POLICY_DOMAIN_EXTENSIONS); 40116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 41116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 42116680a4aac90f2aa7413d9095a592090648e557Ben MurdochDeviceLocalAccountExtensionTracker::~DeviceLocalAccountExtensionTracker() { 43116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch store_->RemoveObserver(this); 44116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 45116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 46116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid DeviceLocalAccountExtensionTracker::OnStoreLoaded( 47116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch CloudPolicyStore* store) { 48116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch UpdateFromStore(); 49116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 50116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 51116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid DeviceLocalAccountExtensionTracker::OnStoreError(CloudPolicyStore* store) { 52116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch UpdateFromStore(); 53116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 54116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 55116680a4aac90f2aa7413d9095a592090648e557Ben Murdochvoid DeviceLocalAccountExtensionTracker::UpdateFromStore() { 56116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const policy::PolicyMap& policy_map = store_->policy_map(); 57116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 581320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci // TODO(binjin): Use two policy handlers here after 591320f92c476a1ad9d19dba2a48c72b75566198e9Primiano Tucci // ExtensionManagementPolicyHandler is introduced. 60116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch extensions::ExtensionInstallForcelistPolicyHandler policy_handler; 61116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (!policy_handler.CheckPolicySettings(policy_map, NULL)) 62116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch return; 63116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 64116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch PrefValueMap pref_value_map; 65116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch policy_handler.ApplyPolicySettings(policy_map, &pref_value_map); 66116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 67116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const base::Value* value = NULL; 68116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch const base::DictionaryValue* dict = NULL; 69116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch if (!pref_value_map.GetValue(extensions::pref_names::kInstallForceList, 70116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch &value) || 71116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch !value->GetAsDictionary(&dict)) { 72116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch return; 73116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 74116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 75116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch for (base::DictionaryValue::Iterator it(*dict); !it.IsAtEnd(); it.Advance()) { 76116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch PolicyNamespace ns(POLICY_DOMAIN_EXTENSIONS, it.key()); 77116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch schema_registry_->RegisterComponent(ns, Schema()); 78116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch } 79116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 80116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // Removing an extension from a public session at runtime can happen but is 81116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // a rare event. In that case we leave the extension ID in the SchemaRegistry, 82116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch // and it will be purged on the next restart. 83116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} 84116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch 85116680a4aac90f2aa7413d9095a592090648e557Ben Murdoch} // namespace policy 86