1// Copyright 2013 The Chromium Authors. All rights reserved.
2// Use of this source code is governed by a BSD-style license that can be
3// found in the LICENSE file.
4
5#include "chrome/browser/extensions/browser_permissions_policy_delegate.h"
6
7#include "chrome/browser/browser_process.h"
8#include "chrome/browser/profiles/profile.h"
9#include "chrome/browser/profiles/profile_manager.h"
10#include "content/public/browser/browser_thread.h"
11#include "extensions/common/manifest_constants.h"
12
13#if !defined(OS_CHROMEOS)
14#include "chrome/browser/signin/chrome_signin_client.h"
15#include "chrome/browser/signin/chrome_signin_client_factory.h"
16#endif
17
18namespace extensions {
19
20namespace errors = manifest_errors;
21
22BrowserPermissionsPolicyDelegate::BrowserPermissionsPolicyDelegate() {
23  PermissionsData::SetPolicyDelegate(this);
24}
25BrowserPermissionsPolicyDelegate::~BrowserPermissionsPolicyDelegate() {
26  PermissionsData::SetPolicyDelegate(NULL);
27}
28
29bool BrowserPermissionsPolicyDelegate::CanExecuteScriptOnPage(
30    const Extension* extension,
31    const GURL& document_url,
32    const GURL& top_document_url,
33    int tab_id,
34    int process_id,
35    std::string* error) {
36  DCHECK_CURRENTLY_ON(content::BrowserThread::UI);
37
38#if !defined(OS_CHROMEOS)
39  // NULL in unit tests.
40  if (!g_browser_process->profile_manager())
41    return true;
42
43  // We don't have a Profile in this context. That's OK - for our purposes,
44  // we can just check every Profile for its signin process. If any of them
45  // match, block script access.
46  std::vector<Profile*> profiles =
47      g_browser_process->profile_manager()->GetLoadedProfiles();
48  for (std::vector<Profile*>::iterator profile = profiles.begin();
49       profile != profiles.end(); ++profile) {
50    SigninClient* signin_client =
51        ChromeSigninClientFactory::GetForProfile(*profile);
52    if (signin_client && signin_client->IsSigninProcess(process_id)) {
53      if (error)
54        *error = errors::kCannotScriptSigninPage;
55      return false;
56    }
57  }
58#endif
59
60  return true;
61}
62
63}  // namespace extensions
64