1 // Copyright 2013 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_CHROMEOS_EXTENSIONS_DEVICE_LOCAL_ACCOUNT_MANAGEMENT_POLICY_PROVIDER_H_ 6 #define CHROME_BROWSER_CHROMEOS_EXTENSIONS_DEVICE_LOCAL_ACCOUNT_MANAGEMENT_POLICY_PROVIDER_H_ 7 8 #include <string> 9 10 #include "base/compiler_specific.h" 11 #include "base/macros.h" 12 #include "chrome/browser/chromeos/policy/device_local_account.h" 13 #include "extensions/browser/management_policy.h" 14 15 // TODO(crbug.com/1033508): Refactor this class, because the behavior of 16 // IsWhitelisted, and UserMayLoad are no longer used. 17 18 namespace chromeos { 19 20 // A managed policy for device-local accounts that ensures only extensions whose 21 // type or ID has been whitelisted for use in device-local accounts can be 22 // installed. 23 class DeviceLocalAccountManagementPolicyProvider 24 : public extensions::ManagementPolicy::Provider { 25 public: 26 explicit DeviceLocalAccountManagementPolicyProvider( 27 policy::DeviceLocalAccount::Type account_type); 28 ~DeviceLocalAccountManagementPolicyProvider() override; 29 30 // Used to check whether an extension is explicitly whitelisted. 31 static bool IsWhitelisted(const std::string& extension_id); 32 33 // extensions::ManagementPolicy::Provider: 34 std::string GetDebugPolicyProviderName() const override; 35 bool UserMayLoad(const extensions::Extension* extension, 36 base::string16* error) const override; 37 38 private: 39 const policy::DeviceLocalAccount::Type account_type_; 40 41 DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountManagementPolicyProvider); 42 }; 43 44 } // namespace chromeos 45 46 #endif // CHROME_BROWSER_CHROMEOS_EXTENSIONS_DEVICE_LOCAL_ACCOUNT_MANAGEMENT_POLICY_PROVIDER_H_ 47