supervised_user_service.h revision 5f1c94371a64b3196d4be9466099bb892df9b88e
1// Copyright 2014 The Chromium Authors. All rights reserved. 2// Use of this source code is governed by a BSD-style license that can be 3// found in the LICENSE file. 4 5#ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 6#define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 7 8#include <set> 9#include <vector> 10 11#include "base/callback.h" 12#include "base/gtest_prod_util.h" 13#include "base/memory/scoped_ptr.h" 14#include "base/prefs/pref_change_registrar.h" 15#include "base/scoped_observer.h" 16#include "base/strings/string16.h" 17#include "chrome/browser/supervised_user/supervised_user_url_filter.h" 18#include "chrome/browser/supervised_user/supervised_users.h" 19#include "chrome/browser/sync/profile_sync_service_observer.h" 20#include "chrome/browser/ui/browser_list_observer.h" 21#include "components/keyed_service/core/keyed_service.h" 22#include "content/public/browser/web_contents.h" 23 24#if defined(ENABLE_EXTENSIONS) 25#include "extensions/browser/extension_registry_observer.h" 26#include "extensions/browser/management_policy.h" 27#endif 28 29class Browser; 30class GoogleServiceAuthError; 31class PermissionRequestCreator; 32class Profile; 33class SupervisedUserRegistrationUtility; 34class SupervisedUserSettingsService; 35class SupervisedUserSiteList; 36class SupervisedUserURLFilter; 37 38namespace extensions { 39class ExtensionRegistry; 40} 41 42namespace user_prefs { 43class PrefRegistrySyncable; 44} 45 46// This class handles all the information related to a given supervised profile 47// (e.g. the installed content packs, the default URL filtering behavior, or 48// manual whitelist/blacklist overrides). 49class SupervisedUserService : public KeyedService, 50#if defined(ENABLE_EXTENSIONS) 51 public extensions::ManagementPolicy::Provider, 52 public extensions::ExtensionRegistryObserver, 53#endif 54 public ProfileSyncServiceObserver, 55 public chrome::BrowserListObserver { 56 public: 57 typedef std::vector<base::string16> CategoryList; 58 typedef base::Callback<void(content::WebContents*)> NavigationBlockedCallback; 59 typedef base::Callback<void(const GoogleServiceAuthError&)> AuthErrorCallback; 60 61 enum ManualBehavior { 62 MANUAL_NONE = 0, 63 MANUAL_ALLOW, 64 MANUAL_BLOCK 65 }; 66 67 class Delegate { 68 public: 69 virtual ~Delegate() {} 70 // Returns true to indicate that the delegate handled the (de)activation, or 71 // false to indicate that the SupervisedUserService itself should handle it. 72 virtual bool SetActive(bool active) = 0; 73 }; 74 75 virtual ~SupervisedUserService(); 76 77 // ProfileKeyedService override: 78 virtual void Shutdown() OVERRIDE; 79 80 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); 81 82 void SetDelegate(Delegate* delegate); 83 84 // Returns the URL filter for the IO thread, for filtering network requests 85 // (in SupervisedUserResourceThrottle). 86 scoped_refptr<const SupervisedUserURLFilter> GetURLFilterForIOThread(); 87 88 // Returns the URL filter for the UI thread, for filtering navigations and 89 // classifying sites in the history view. 90 SupervisedUserURLFilter* GetURLFilterForUIThread(); 91 92 // Returns the URL's category, obtained from the installed content packs. 93 int GetCategory(const GURL& url); 94 95 // Returns the list of all known human-readable category names, sorted by ID 96 // number. Called in the critical path of drawing the history UI, so needs to 97 // be fast. 98 void GetCategoryNames(CategoryList* list); 99 100 // Whether the user can request access to blocked URLs. 101 bool AccessRequestsEnabled(); 102 103 void OnPermissionRequestIssued(); 104 105 // Adds an access request for the given URL. The requests are stored using 106 // a prefix followed by a URIEncoded version of the URL. Each entry contains 107 // a dictionary which currently has the timestamp of the request in it. 108 void AddAccessRequest(const GURL& url); 109 110 // Returns the email address of the custodian. 111 std::string GetCustodianEmailAddress() const; 112 113 // Returns the name of the custodian, or the email address if the name is 114 // empty. 115 std::string GetCustodianName() const; 116 117 // These methods allow querying and modifying the manual filtering behavior. 118 // The manual behavior is set by the user and overrides all other settings 119 // (whitelists or the default behavior). 120 121 // Returns the manual behavior for the given host. 122 ManualBehavior GetManualBehaviorForHost(const std::string& hostname); 123 124 // Returns the manual behavior for the given URL. 125 ManualBehavior GetManualBehaviorForURL(const GURL& url); 126 127 // Returns all URLS on the given host that have exceptions. 128 void GetManualExceptionsForHost(const std::string& host, 129 std::vector<GURL>* urls); 130 131 // Initializes this object. This method does nothing if the profile is not 132 // supervised. 133 void Init(); 134 135 // Initializes this profile for syncing, using the provided |refresh_token| to 136 // mint access tokens for Sync. 137 void InitSync(const std::string& refresh_token); 138 139 // Convenience method that registers this supervised user using 140 // |registration_utility| and initializes sync with the returned token. 141 // The |callback| will be called when registration is complete, 142 // whether it suceeded or not -- unless registration was cancelled manually, 143 // in which case the callback will be ignored. 144 void RegisterAndInitSync( 145 SupervisedUserRegistrationUtility* registration_utility, 146 Profile* custodian_profile, 147 const std::string& supervised_user_id, 148 const AuthErrorCallback& callback); 149 150 void set_elevated_for_testing(bool skip) { 151 elevated_for_testing_ = skip; 152 } 153 154 void AddNavigationBlockedCallback(const NavigationBlockedCallback& callback); 155 void DidBlockNavigation(content::WebContents* web_contents); 156 157#if defined(ENABLE_EXTENSIONS) 158 // extensions::ManagementPolicy::Provider implementation: 159 virtual std::string GetDebugPolicyProviderName() const OVERRIDE; 160 virtual bool UserMayLoad(const extensions::Extension* extension, 161 base::string16* error) const OVERRIDE; 162 virtual bool UserMayModifySettings(const extensions::Extension* extension, 163 base::string16* error) const OVERRIDE; 164 165 // extensions::ExtensionRegistryObserver implementation. 166 virtual void OnExtensionLoaded( 167 content::BrowserContext* browser_context, 168 const extensions::Extension* extension) OVERRIDE; 169 virtual void OnExtensionUnloaded( 170 content::BrowserContext* browser_context, 171 const extensions::Extension* extension, 172 extensions::UnloadedExtensionInfo::Reason reason) OVERRIDE; 173#endif 174 175 // ProfileSyncServiceObserver implementation: 176 virtual void OnStateChanged() OVERRIDE; 177 178 // chrome::BrowserListObserver implementation: 179 virtual void OnBrowserSetLastActive(Browser* browser) OVERRIDE; 180 181 private: 182 friend class SupervisedUserServiceExtensionTestBase; 183 friend class SupervisedUserServiceFactory; 184 FRIEND_TEST_ALL_PREFIXES(SupervisedUserServiceTest, ClearOmitOnRegistration); 185 186 // A bridge from the UI thread to the SupervisedUserURLFilters, one of which 187 // lives on the IO thread. This class mediates access to them and makes sure 188 // they are kept in sync. 189 class URLFilterContext { 190 public: 191 URLFilterContext(); 192 ~URLFilterContext(); 193 194 SupervisedUserURLFilter* ui_url_filter() const; 195 SupervisedUserURLFilter* io_url_filter() const; 196 197 void SetDefaultFilteringBehavior( 198 SupervisedUserURLFilter::FilteringBehavior behavior); 199 void LoadWhitelists(ScopedVector<SupervisedUserSiteList> site_lists); 200 void SetManualHosts(scoped_ptr<std::map<std::string, bool> > host_map); 201 void SetManualURLs(scoped_ptr<std::map<GURL, bool> > url_map); 202 203 private: 204 // SupervisedUserURLFilter is refcounted because the IO thread filter is 205 // used both by ProfileImplIOData and OffTheRecordProfileIOData (to filter 206 // network requests), so they both keep a reference to it. 207 // Clients should not keep references to the UI thread filter, however 208 // (the filter will live as long as the profile lives, and afterwards it 209 // should not be used anymore either). 210 scoped_refptr<SupervisedUserURLFilter> ui_url_filter_; 211 scoped_refptr<SupervisedUserURLFilter> io_url_filter_; 212 213 DISALLOW_COPY_AND_ASSIGN(URLFilterContext); 214 }; 215 216 // Use |SupervisedUserServiceFactory::GetForProfile(..)| to get 217 // an instance of this service. 218 explicit SupervisedUserService(Profile* profile); 219 220 void SetActive(bool active); 221 222 void OnCustodianProfileDownloaded(const base::string16& full_name); 223 224 void OnSupervisedUserRegistered(const AuthErrorCallback& callback, 225 Profile* custodian_profile, 226 const GoogleServiceAuthError& auth_error, 227 const std::string& token); 228 229 void SetupSync(); 230 void StartSetupSync(); 231 void FinishSetupSyncWhenReady(); 232 void FinishSetupSync(); 233 234 bool ProfileIsSupervised() const; 235 236#if defined(ENABLE_EXTENSIONS) 237 // Internal implementation for ExtensionManagementPolicy::Delegate methods. 238 // If |error| is not NULL, it will be filled with an error message if the 239 // requested extension action (install, modify status, etc.) is not permitted. 240 bool ExtensionManagementPolicyImpl(const extensions::Extension* extension, 241 base::string16* error) const; 242 243 // Returns a list of all installed and enabled site lists in the current 244 // supervised profile. 245 ScopedVector<SupervisedUserSiteList> GetActiveSiteLists(); 246 247 // Extensions helper to SetActive(). 248 void SetExtensionsActive(); 249#endif 250 251 SupervisedUserSettingsService* GetSettingsService(); 252 253 void OnSupervisedUserIdChanged(); 254 255 void OnDefaultFilteringBehaviorChanged(); 256 257 void UpdateSiteLists(); 258 259 // Updates the manual overrides for hosts in the URL filters when the 260 // corresponding preference is changed. 261 void UpdateManualHosts(); 262 263 // Updates the manual overrides for URLs in the URL filters when the 264 // corresponding preference is changed. 265 void UpdateManualURLs(); 266 267 // Returns the human readable name of the supervised user. 268 std::string GetSupervisedUserName() const; 269 270 // Owns us via the KeyedService mechanism. 271 Profile* profile_; 272 273 bool active_; 274 275 Delegate* delegate_; 276 277#if defined(ENABLE_EXTENSIONS) 278 ScopedObserver<extensions::ExtensionRegistry, 279 extensions::ExtensionRegistryObserver> 280 extension_registry_observer_; 281#endif 282 283 PrefChangeRegistrar pref_change_registrar_; 284 285 // True iff we're waiting for the Sync service to be initialized. 286 bool waiting_for_sync_initialization_; 287 bool is_profile_active_; 288 289 std::vector<NavigationBlockedCallback> navigation_blocked_callbacks_; 290 291 // Sets a profile in elevated state for testing if set to true. 292 bool elevated_for_testing_; 293 294 // True only when |Shutdown()| method has been called. 295 bool did_shutdown_; 296 297 URLFilterContext url_filter_context_; 298 299 // Used to create permission requests. 300 scoped_ptr<PermissionRequestCreator> permissions_creator_; 301 302 // True iff we are waiting for a permission request to be issued. 303 bool waiting_for_permissions_; 304 305 base::WeakPtrFactory<SupervisedUserService> weak_ptr_factory_; 306}; 307 308#endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 309