1fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com// Copyright 2014 The Chromium Authors. All rights reserved. 2fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com// Use of this source code is governed by a BSD-style license that can be 3fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com// found in the LICENSE file. 4fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 5fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 6fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 7b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com 8fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#include <map> 9fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#include <set> 10fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#include <string> 11fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#include <vector> 1215fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com 1315fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "base/callback.h" 1415fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "base/gtest_prod_util.h" 15b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com#include "base/memory/scoped_ptr.h" 16b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com#include "base/observer_list.h" 1715fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "base/prefs/pref_change_registrar.h" 1815fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "base/scoped_observer.h" 1915fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "base/strings/string16.h" 2047580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "chrome/browser/supervised_user/experimental/supervised_user_blacklist.h" 2115fa138f2276a77679530fb608463ff5b4133f7bcaryclark@google.com#include "chrome/browser/supervised_user/supervised_user_url_filter.h" 22fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#include "chrome/browser/supervised_user/supervised_users.h" 2347580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "chrome/browser/sync/profile_sync_service_observer.h" 2447580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "chrome/browser/sync/sync_type_preference_provider.h" 2547580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "chrome/browser/ui/browser_list_observer.h" 2647580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "components/keyed_service/core/keyed_service.h" 2747580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#include "content/public/browser/web_contents.h" 28a461ff0866526bc51dbd4c4f9f066a727ec21510caryclark@google.com 29fb51afb03e76c5701fffaa847584a8b7b2c18a7ecaryclark@google.com#if defined(ENABLE_EXTENSIONS) 30f839c0359c308fd06895d9f73fc12c4f3869e399caryclark@google.com#include "extensions/browser/extension_registry_observer.h" 310b7da433fe0eaa2833d1b2900715b013b36d93dacaryclark@google.com#include "extensions/browser/management_policy.h" 32a461ff0866526bc51dbd4c4f9f066a727ec21510caryclark@google.com#endif 3347580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com 34f839c0359c308fd06895d9f73fc12c4f3869e399caryclark@google.comclass Browser; 3547580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass GoogleServiceAuthError; 36fb51afb03e76c5701fffaa847584a8b7b2c18a7ecaryclark@google.comclass PermissionRequestCreator; 37fa0588ff672564af1c235a63589573829035a60bcaryclark@google.comclass Profile; 3847580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass SupervisedUserBlacklistDownloader; 39fa0588ff672564af1c235a63589573829035a60bcaryclark@google.comclass SupervisedUserRegistrationUtility; 4047580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass SupervisedUserServiceObserver; 41fa0588ff672564af1c235a63589573829035a60bcaryclark@google.comclass SupervisedUserSettingsService; 4247580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass SupervisedUserSiteList; 43c899ad9c7fa28234d99479ab09afb6866bbd8dc3caryclark@google.comclass SupervisedUserURLFilter; 4447580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com 458dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.comnamespace base { 4647580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass FilePath; 47f839c0359c308fd06895d9f73fc12c4f3869e399caryclark@google.com} 4847580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com 49afe56de6361a81eef537ddd8f6d5626c8546d4c7caryclark@google.comnamespace extensions { 508dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.comclass ExtensionRegistry; 51fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com} 52fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 53fa0588ff672564af1c235a63589573829035a60bcaryclark@google.comnamespace user_prefs { 5447580694fbe974a065caf7c39c3d2075708c2018caryclark@google.comclass PrefRegistrySyncable; 55fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com} 56c91dfe417a51f73c28ecf2708df1e0bee942c6eacaryclark@google.com 576aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com// This class handles all the information related to a given supervised profile 586aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com// (e.g. the installed content packs, the default URL filtering behavior, or 593350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com// manual whitelist/blacklist overrides). 603350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.comclass SupervisedUserService : public KeyedService, 61534aa5b9460639a09b9dc30d29e77782e44b8fffcaryclark@google.com#if defined(ENABLE_EXTENSIONS) 623350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com public extensions::ManagementPolicy::Provider, 6365f9f0a1664a9cb38157ccfbcc3e0e936af0a58ecaryclark@google.com public extensions::ExtensionRegistryObserver, 6447580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com#endif 65afe56de6361a81eef537ddd8f6d5626c8546d4c7caryclark@google.com public SyncTypePreferenceProvider, 6647580694fbe974a065caf7c39c3d2075708c2018caryclark@google.com public ProfileSyncServiceObserver, 67fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com public chrome::BrowserListObserver { 68fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com public: 69fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com typedef std::vector<base::string16> CategoryList; 706aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com typedef base::Callback<void(content::WebContents*)> NavigationBlockedCallback; 71027de226c144d9e6b7a76acb2e904952b5620a5ecaryclark@google.com typedef base::Callback<void(const GoogleServiceAuthError&)> AuthErrorCallback; 72fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 73fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com enum ManualBehavior { 7465f9f0a1664a9cb38157ccfbcc3e0e936af0a58ecaryclark@google.com MANUAL_NONE = 0, 75fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com MANUAL_ALLOW, 76fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com MANUAL_BLOCK 77fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com }; 78fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 798dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com class Delegate { 808dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com public: 818dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com virtual ~Delegate() {} 828dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Returns true to indicate that the delegate handled the (de)activation, or 8332546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // false to indicate that the SupervisedUserService itself should handle it. 8432546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com virtual bool SetActive(bool active) = 0; 8532546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the path to a blacklist file to load, or an empty path to 8632546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // indicate "none". 8732546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com virtual base::FilePath GetBlacklistPath() const = 0; 8832546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the URL from which to download a blacklist if no local one exists 8932546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // yet. The blacklist file will be stored at |GetBlacklistPath()|. 9032546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com virtual GURL GetBlacklistURL() const = 0; 9132546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com }; 92fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 93fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual ~SupervisedUserService(); 9432546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 9532546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // ProfileKeyedService override: 96fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual void Shutdown() OVERRIDE; 97fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 98fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); 99fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 100fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetDelegate(Delegate* delegate); 10132546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 10232546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the URL filter for the IO thread, for filtering network requests 1033350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com // (in SupervisedUserResourceThrottle). 104fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com scoped_refptr<const SupervisedUserURLFilter> GetURLFilterForIOThread(); 105fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 10632546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the URL filter for the UI thread, for filtering navigations and 107fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // classifying sites in the history view. 10832546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com SupervisedUserURLFilter* GetURLFilterForUIThread(); 10932546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 110fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns the URL's category, obtained from the installed content packs. 111fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com int GetCategory(const GURL& url); 112fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 113fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns the list of all known human-readable category names, sorted by ID 114fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // number. Called in the critical path of drawing the history UI, so needs to 11532546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // be fast. 11632546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com void GetCategoryNames(CategoryList* list); 117235f56a92f6eb6accbb243e11b3c45e3798f38f2caryclark@google.com 118235f56a92f6eb6accbb243e11b3c45e3798f38f2caryclark@google.com // Whether the user can request access to blocked URLs. 119235f56a92f6eb6accbb243e11b3c45e3798f38f2caryclark@google.com bool AccessRequestsEnabled(); 120235f56a92f6eb6accbb243e11b3c45e3798f38f2caryclark@google.com 121fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void OnPermissionRequestIssued(); 122235f56a92f6eb6accbb243e11b3c45e3798f38f2caryclark@google.com 12332546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Adds an access request for the given URL. The requests are stored using 124fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // a prefix followed by a URIEncoded version of the URL. Each entry contains 125fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // a dictionary which currently has the timestamp of the request in it. 126fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void AddAccessRequest(const GURL& url); 127fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 12832546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the email address of the custodian. 12932546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com std::string GetCustodianEmailAddress() const; 130fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 131fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns the name of the custodian, or the email address if the name is 132fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // empty. 133fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com std::string GetCustodianName() const; 134fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 135fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // These methods allow querying and modifying the manual filtering behavior. 13632546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // The manual behavior is set by the user and overrides all other settings 137fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // (whitelists or the default behavior). 138fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 139fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns the manual behavior for the given host. 140fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com ManualBehavior GetManualBehaviorForHost(const std::string& hostname); 141fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 14232546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // Returns the manual behavior for the given URL. 143fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com ManualBehavior GetManualBehaviorForURL(const GURL& url); 144fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 145fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns all URLS on the given host that have exceptions. 146fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void GetManualExceptionsForHost(const std::string& host, 147fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com std::vector<GURL>* urls); 14832546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 149fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Initializes this object. This method does nothing if the profile is not 150fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // supervised. 151fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void Init(); 1528dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 1538dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Initializes this profile for syncing, using the provided |refresh_token| to 15432546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // mint access tokens for Sync. 1558dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void InitSync(const std::string& refresh_token); 1568dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 1578dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Convenience method that registers this supervised user using 1588dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // |registration_utility| and initializes sync with the returned token. 1598dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // The |callback| will be called when registration is complete, 16032546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // whether it succeeded or not -- unless registration was cancelled manually, 1618dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // in which case the callback will be ignored. 1628dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void RegisterAndInitSync( 1638dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com SupervisedUserRegistrationUtility* registration_utility, 1648dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com Profile* custodian_profile, 1658dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com const std::string& supervised_user_id, 16632546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com const AuthErrorCallback& callback); 1678dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 168fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void set_elevated_for_testing(bool skip) { 169fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com elevated_for_testing_ = skip; 1708dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com } 1718dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 1728dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void AddNavigationBlockedCallback(const NavigationBlockedCallback& callback); 1738dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void DidBlockNavigation(content::WebContents* web_contents); 1748dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 1758dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void AddObserver(SupervisedUserServiceObserver* observer); 1768dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void RemoveObserver(SupervisedUserServiceObserver* observer); 1778dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 178fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#if defined(ENABLE_EXTENSIONS) 17932546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // extensions::ManagementPolicy::Provider implementation: 180fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual std::string GetDebugPolicyProviderName() const OVERRIDE; 181fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual bool UserMayLoad(const extensions::Extension* extension, 182fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com base::string16* error) const OVERRIDE; 183fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual bool UserMayModifySettings(const extensions::Extension* extension, 184fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com base::string16* error) const OVERRIDE; 185fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 186fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // extensions::ExtensionRegistryObserver implementation. 18732546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com virtual void OnExtensionLoaded( 188fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com content::BrowserContext* browser_context, 189fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com const extensions::Extension* extension) OVERRIDE; 190fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual void OnExtensionUnloaded( 191fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com content::BrowserContext* browser_context, 192fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com const extensions::Extension* extension, 193fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com extensions::UnloadedExtensionInfo::Reason reason) OVERRIDE; 1946aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com#endif 1956aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com 1966aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com // SyncTypePreferenceProvider implementation: 1976aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com virtual syncer::ModelTypeSet GetPreferredDataTypes() const OVERRIDE; 1986aea33f92c611d6fdc88bc2352c5c966168af83bcaryclark@google.com 199fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // ProfileSyncServiceObserver implementation: 20032546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com virtual void OnStateChanged() OVERRIDE; 201fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 202fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // chrome::BrowserListObserver implementation: 203fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com virtual void OnBrowserSetLastActive(Browser* browser) OVERRIDE; 204fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 205fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com private: 206fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com friend class SupervisedUserServiceExtensionTestBase; 207fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com friend class SupervisedUserServiceFactory; 208fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest, ClearOmitOnRegistration); 209fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 210fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // A bridge from the UI thread to the SupervisedUserURLFilters, one of which 211fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // lives on the IO thread. This class mediates access to them and makes sure 212fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // they are kept in sync. 213fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com class URLFilterContext { 214fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com public: 21532546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com URLFilterContext(); 216fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com ~URLFilterContext(); 217fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 218fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com SupervisedUserURLFilter* ui_url_filter() const; 219fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com SupervisedUserURLFilter* io_url_filter() const; 220fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 221fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetDefaultFilteringBehavior( 22232546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com SupervisedUserURLFilter::FilteringBehavior behavior); 223fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void LoadWhitelists(ScopedVector<SupervisedUserSiteList> site_lists); 224fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void LoadBlacklist(const base::FilePath& path); 225fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetManualHosts(scoped_ptr<std::map<std::string, bool> > host_map); 226fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetManualURLs(scoped_ptr<std::map<GURL, bool> > url_map); 227fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 228fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com private: 22932546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com void OnBlacklistLoaded(); 230fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 231fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // SupervisedUserURLFilter is refcounted because the IO thread filter is 232fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // used both by ProfileImplIOData and OffTheRecordProfileIOData (to filter 233fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // network requests), so they both keep a reference to it. 234fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Clients should not keep references to the UI thread filter, however 235fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // (the filter will live as long as the profile lives, and afterwards it 236fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // should not be used anymore either). 237fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com scoped_refptr<SupervisedUserURLFilter> ui_url_filter_; 238fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com scoped_refptr<SupervisedUserURLFilter> io_url_filter_; 239fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 240fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com SupervisedUserBlacklist blacklist_; 241fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 242fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com DISALLOW_COPY_AND_ASSIGN(URLFilterContext); 24332546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com }; 244fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 245fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Use |SupervisedUserServiceFactory::GetForProfile(..)| to get 246fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // an instance of this service. 247fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com explicit SupervisedUserService(Profile* profile); 248fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 249fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetActive(bool active); 25032546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 251fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void OnCustodianProfileDownloaded(const base::string16& full_name); 252fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 253fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void OnSupervisedUserRegistered(const AuthErrorCallback& callback, 254fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com Profile* custodian_profile, 255fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com const GoogleServiceAuthError& auth_error, 256fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com const std::string& token); 25732546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 258fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void SetupSync(); 259fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void StartSetupSync(); 260fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void FinishSetupSyncWhenReady(); 261fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void FinishSetupSync(); 262fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 263fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com bool ProfileIsSupervised() const; 264fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 265fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void OnCustodianInfoChanged(); 266fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 267fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#if defined(ENABLE_EXTENSIONS) 268fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Internal implementation for ExtensionManagementPolicy::Delegate methods. 269fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // If |error| is not NULL, it will be filled with an error message if the 2708dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // requested extension action (install, modify status, etc.) is not permitted. 2718dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com bool ExtensionManagementPolicyImpl(const extensions::Extension* extension, 2728dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com base::string16* error) const; 2738dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2748dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Returns a list of all installed and enabled site lists in the current 27532546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com // supervised profile. 2768dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com ScopedVector<SupervisedUserSiteList> GetActiveSiteLists(); 2778dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2788dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Extensions helper to SetActive(). 2798dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void SetExtensionsActive(); 2808dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com#endif 2818dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 28232546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com SupervisedUserSettingsService* GetSettingsService(); 2838dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2848dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void OnSupervisedUserIdChanged(); 2858dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2868dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void OnDefaultFilteringBehaviorChanged(); 2878dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2888dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void UpdateSiteLists(); 2898dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 2908dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // Asynchronously downloads a static blacklist file from |url|, stores it at 2918dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // |path|, loads it, and applies it to the URL filters. If |url| is not valid 2928dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com // (e.g. empty), directly tries to load from |path|. 2938dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com void LoadBlacklist(const base::FilePath& path, const GURL& url); 2948dcf114db9762c02d217beba6e29dffa4e92d298caryclark@google.com 295fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Asynchronously loads a static blacklist from a binary file at |path| and 296fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // applies it to the URL filters. 29732546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com void LoadBlacklistFromFile(const base::FilePath& path); 298fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 299fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void OnBlacklistDownloadDone(const base::FilePath& path, bool success); 300fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 301fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Updates the manual overrides for hosts in the URL filters when the 302fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // corresponding preference is changed. 303fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void UpdateManualHosts(); 304fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 305fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Updates the manual overrides for URLs in the URL filters when the 306fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // corresponding preference is changed. 307fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com void UpdateManualURLs(); 30832546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 309fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Returns the human readable name of the supervised user. 310fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com std::string GetSupervisedUserName() const; 311fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 312fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Owns us via the KeyedService mechanism. 313fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com Profile* profile_; 314fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 315fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com bool active_; 316fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 317fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com Delegate* delegate_; 318fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 319fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#if defined(ENABLE_EXTENSIONS) 320fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com ScopedObserver<extensions::ExtensionRegistry, 32132546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com extensions::ExtensionRegistryObserver> 322fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com extension_registry_observer_; 323fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com#endif 324fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 325fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com PrefChangeRegistrar pref_change_registrar_; 326fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 327fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // True iff we're waiting for the Sync service to be initialized. 328fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com bool waiting_for_sync_initialization_; 329fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com bool is_profile_active_; 330fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 331fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com std::vector<NavigationBlockedCallback> navigation_blocked_callbacks_; 332fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com 333fa0588ff672564af1c235a63589573829035a60bcaryclark@google.com // Sets a profile in elevated state for testing if set to true. 334b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com bool elevated_for_testing_; 335b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com 336b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com // True only when |Init()| method has been called. 337b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com bool did_init_; 338b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com 339b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com // True only when |Shutdown()| method has been called. 340b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com bool did_shutdown_; 341b45a1b46ee25e9b19800b028bb1ca925212ac7b4caryclark@google.com 3423350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com URLFilterContext url_filter_context_; 34332546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com scoped_ptr<SupervisedUserBlacklistDownloader> blacklist_downloader_; 34432546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 3453350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com // Used to create permission requests. 3463350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com scoped_ptr<PermissionRequestCreator> permissions_creator_; 3473350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com 3483350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com ObserverList<SupervisedUserServiceObserver> observer_list_; 3493350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com 3503350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com base::WeakPtrFactory<SupervisedUserService> weak_ptr_factory_; 3513350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com}; 35232546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com 35332546db1494a6c6433a7919844133a6ff5b5c7b2caryclark@google.com#endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 3543350c3c68ab75cd08721da3a938b8d2b10096d70caryclark@google.com