1 // Copyright 2014 The Chromium Authors. All rights reserved. 2 // Use of this source code is governed by a BSD-style license that can be 3 // found in the LICENSE file. 4 5 #ifndef CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 6 #define CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 7 8 #include <stddef.h> 9 10 #include <memory> 11 #include <set> 12 #include <string> 13 #include <vector> 14 15 #include "base/callback.h" 16 #include "base/gtest_prod_util.h" 17 #include "base/macros.h" 18 #include "base/observer_list.h" 19 #include "base/scoped_observer.h" 20 #include "base/strings/string16.h" 21 #include "build/build_config.h" 22 #include "chrome/browser/net/file_downloader.h" 23 #include "chrome/browser/supervised_user/supervised_user_denylist.h" 24 #include "chrome/browser/supervised_user/supervised_user_url_filter.h" 25 #include "chrome/browser/supervised_user/supervised_users.h" 26 #include "components/keyed_service/core/keyed_service.h" 27 #include "components/prefs/pref_change_registrar.h" 28 #include "components/sync/driver/sync_type_preference_provider.h" 29 #include "extensions/buildflags/buildflags.h" 30 31 #if BUILDFLAG(ENABLE_EXTENSIONS) 32 #include "base/strings/string16.h" 33 #include "chrome/browser/ui/supervised_user/parent_permission_dialog.h" 34 #include "extensions/browser/extension_registry.h" 35 #include "extensions/browser/extension_registry_observer.h" 36 #include "extensions/browser/management_policy.h" 37 #endif 38 39 #if !defined(OS_ANDROID) 40 #include "chrome/browser/ui/browser_list_observer.h" 41 #endif // !defined(OS_ANDROID) 42 43 class PermissionRequestCreator; 44 class PrefService; 45 class Profile; 46 class SupervisedUserServiceObserver; 47 class SupervisedUserSettingsService; 48 class SupervisedUserSiteList; 49 class SupervisedUserURLFilter; 50 class SupervisedUserAllowlistService; 51 52 namespace base { 53 class FilePath; 54 class Version; 55 } 56 57 #if BUILDFLAG(ENABLE_EXTENSIONS) 58 namespace extensions { 59 class Extension; 60 } 61 #endif 62 63 namespace user_prefs { 64 class PrefRegistrySyncable; 65 } 66 67 #if !defined(OS_ANDROID) 68 class Browser; 69 #endif // !defined(OS_ANDROID) 70 71 // This class handles all the information related to a given supervised profile 72 // (e.g. the installed content packs, the default URL filtering behavior, or 73 // manual allowlist/denylist overrides). 74 class SupervisedUserService : public KeyedService, 75 #if BUILDFLAG(ENABLE_EXTENSIONS) 76 public extensions::ExtensionRegistryObserver, 77 public extensions::ManagementPolicy::Provider, 78 #endif 79 public syncer::SyncTypePreferenceProvider, 80 #if !defined(OS_ANDROID) 81 public BrowserListObserver, 82 #endif 83 public SupervisedUserURLFilter::Observer { 84 public: 85 using SuccessCallback = base::OnceCallback<void(bool)>; 86 87 class Delegate { 88 public: ~Delegate()89 virtual ~Delegate() {} 90 // Returns true to indicate that the delegate handled the (de)activation, or 91 // false to indicate that the SupervisedUserService itself should handle it. 92 virtual bool SetActive(bool active) = 0; 93 }; 94 95 #if BUILDFLAG(ENABLE_EXTENSIONS) 96 // These enum values represent operations to manage the 97 // kSupervisedUserApprovedExtensions user pref, which stores parent approved 98 // extension ids. 99 enum class ApprovedExtensionChange { 100 // Adds a new approved extension to the pref. 101 kAdd, 102 // Removes extension approval. 103 kRemove 104 }; 105 #endif // BUILDFLAG(ENABLE_EXTENSIONS) 106 107 ~SupervisedUserService() override; 108 109 static void RegisterProfilePrefs(user_prefs::PrefRegistrySyncable* registry); 110 111 // Initializes this object. 112 void Init(); 113 114 void SetDelegate(Delegate* delegate); 115 116 // Returns the URL filter for filtering navigations and classifying sites in 117 // the history view. Both this method and the returned filter may only be used 118 // on the UI thread. 119 SupervisedUserURLFilter* GetURLFilter(); 120 121 // Returns the allowlist service. 122 SupervisedUserAllowlistService* GetAllowlistService(); 123 allowlists()124 const std::vector<scoped_refptr<SupervisedUserSiteList>>& allowlists() const { 125 return allowlists_; 126 } 127 128 // Whether the user can request to get access to blocked URLs or to new 129 // extensions. 130 bool AccessRequestsEnabled(); 131 132 // Adds an access request for the given URL. 133 void AddURLAccessRequest(const GURL& url, SuccessCallback callback); 134 135 // Get the string used to identify an extension install or update request. 136 // Public for testing. 137 static std::string GetExtensionRequestId(const std::string& extension_id, 138 const base::Version& version); 139 140 // Returns the email address of the custodian. 141 std::string GetCustodianEmailAddress() const; 142 143 // Returns the obfuscated GAIA id of the custodian. 144 std::string GetCustodianObfuscatedGaiaId() const; 145 146 // Returns the name of the custodian, or the email address if the name is 147 // empty. 148 std::string GetCustodianName() const; 149 150 // Returns the email address of the second custodian, or the empty string 151 // if there is no second custodian. 152 std::string GetSecondCustodianEmailAddress() const; 153 154 // Returns the obfuscated GAIA id of the second custodian or the empty 155 // string if there is no second custodian. 156 std::string GetSecondCustodianObfuscatedGaiaId() const; 157 158 // Returns the name of the second custodian, or the email address if the name 159 // is empty, or the empty string if there is no second custodian. 160 std::string GetSecondCustodianName() const; 161 162 // Returns a message saying that extensions can only be modified by the 163 // custodian. 164 base::string16 GetExtensionsLockedMessage() const; 165 166 bool IsSupervisedUserIframeFilterEnabled() const; 167 168 static std::string GetEduCoexistenceLoginUrl(); 169 170 // Returns true if the user is a type of Family Link Child account, 171 // but will not return true for a Legacy Supervised user (or non child users). 172 bool IsChild() const; 173 174 bool IsSupervisedUserExtensionInstallEnabled() const; 175 176 // Returns true if there is a custodian for the child. A child can have 177 // up to 2 custodians, and this returns true if they have at least 1. 178 bool HasACustodian() const; 179 180 void AddObserver(SupervisedUserServiceObserver* observer); 181 void RemoveObserver(SupervisedUserServiceObserver* observer); 182 183 void AddPermissionRequestCreator( 184 std::unique_ptr<PermissionRequestCreator> creator); 185 186 // ProfileKeyedService override: 187 void Shutdown() override; 188 189 // SyncTypePreferenceProvider implementation: 190 bool IsEncryptEverythingAllowed() const override; 191 192 #if !defined(OS_ANDROID) 193 // BrowserListObserver implementation: 194 void OnBrowserSetLastActive(Browser* browser) override; 195 #endif // !defined(OS_ANDROID) 196 197 // SupervisedUserURLFilter::Observer implementation: 198 void OnSiteListUpdated() override; 199 200 #if !defined(OS_ANDROID) signout_required_after_supervision_enabled()201 bool signout_required_after_supervision_enabled() { 202 return signout_required_after_supervision_enabled_; 203 } set_signout_required_after_supervision_enabled()204 void set_signout_required_after_supervision_enabled() { 205 signout_required_after_supervision_enabled_ = true; 206 } 207 #endif // !defined(OS_ANDROID) 208 209 void SetPrimaryPermissionCreatorForTest( 210 std::unique_ptr<PermissionRequestCreator> permission_creator); 211 212 #if BUILDFLAG(ENABLE_EXTENSIONS) 213 // Updates the set of approved extensions to add approval for |extension|. 214 void AddExtensionApproval(const extensions::Extension& extension); 215 216 // Updates the set of approved extensions to remove approval for |extension|. 217 void RemoveExtensionApproval(const extensions::Extension& extension); 218 219 // Wraps UpdateApprovedExtension() for testing. Use this to simulate adding or 220 // removing custodian approval for an extension via sync. 221 void UpdateApprovedExtensionForTesting(const std::string& extension_id, 222 ApprovedExtensionChange type); 223 224 bool GetSupervisedUserExtensionsMayRequestPermissionsPref() const; 225 226 void SetSupervisedUserExtensionsMayRequestPermissionsPrefForTesting( 227 bool enabled); 228 229 bool CanInstallExtensions() const; 230 231 bool IsExtensionAllowed(const extensions::Extension& extension) const; 232 233 void RecordExtensionEnablementUmaMetrics(bool enabled) const; 234 #endif // BUILDFLAG(ENABLE_EXTENSIONS) 235 236 private: 237 friend class SupervisedUserServiceExtensionTestBase; 238 friend class SupervisedUserServiceFactory; 239 FRIEND_TEST_ALL_PREFIXES( 240 SupervisedUserServiceExtensionTest, 241 ExtensionManagementPolicyProviderWithoutSUInitiatedInstalls); 242 FRIEND_TEST_ALL_PREFIXES( 243 SupervisedUserServiceExtensionTest, 244 ExtensionManagementPolicyProviderWithSUInitiatedInstalls); 245 246 using CreatePermissionRequestCallback = 247 base::RepeatingCallback<void(PermissionRequestCreator*, SuccessCallback)>; 248 249 // Use |SupervisedUserServiceFactory::GetForProfile(..)| to get 250 // an instance of this service. 251 explicit SupervisedUserService(Profile* profile); 252 253 void SetActive(bool active); 254 255 void OnCustodianInfoChanged(); 256 257 #if BUILDFLAG(ENABLE_EXTENSIONS) 258 // extensions::ManagementPolicy::Provider implementation: 259 std::string GetDebugPolicyProviderName() const override; 260 bool UserMayLoad(const extensions::Extension* extension, 261 base::string16* error) const override; 262 bool MustRemainDisabled(const extensions::Extension* extension, 263 extensions::disable_reason::DisableReason* reason, 264 base::string16* error) const override; 265 266 // extensions::ExtensionRegistryObserver overrides: 267 void OnExtensionInstalled(content::BrowserContext* browser_context, 268 const extensions::Extension* extension, 269 bool is_update) override; 270 271 void OnExtensionUninstalled(content::BrowserContext* browser_context, 272 const extensions::Extension* extension, 273 extensions::UninstallReason reason) override; 274 275 // An extension can be in one of the following states: 276 // 277 // BLOCKED: if kSupervisedUserExtensionsMayRequestPermissions is false and the 278 // child user is attempting to install a new extension or an existing 279 // extension is asking for additional permissions. 280 // ALLOWED: Components, Themes, Default extensions ..etc 281 // are generally allowed. Extensions that have been approved by the 282 // custodian are also allowed. 283 // REQUIRE_APPROVAL: if it is installed by the child user and 284 // hasn't been approved by the custodian yet. 285 enum class ExtensionState { BLOCKED, ALLOWED, REQUIRE_APPROVAL }; 286 287 // Returns the state of an extension whether being BLOCKED, ALLOWED or 288 // REQUIRE_APPROVAL from the Supervised User service's point of view. 289 ExtensionState GetExtensionState( 290 const extensions::Extension& extension) const; 291 292 // Returns whether we should block an extension based on the state of the 293 // "Permissions for sites, apps and extensions" toggle. 294 bool ShouldBlockExtension(const std::string& extension_id) const; 295 296 // Enables/Disables extensions upon change in approvals. This function is 297 // idempotent. 298 void ChangeExtensionStateIfNecessary(const std::string& extension_id); 299 300 // Updates the synced set of approved extension ids. 301 // Use AddExtensionApproval() or RemoveExtensionApproval() for public access. 302 // If |type| is kAdd, then add approval. 303 // If |type| is kRemove, then remove approval. 304 // Triggers a call to RefreshApprovedExtensionsFromPrefs() via a listener. 305 // TODO(crbug/1072857): We don't need the extension version information. It's 306 // only included for backwards compatibility with previous versions of Chrome. 307 // Remove the version information once a sufficient number of users have 308 // migrated away from M83. 309 void UpdateApprovedExtension(const std::string& extension_id, 310 const std::string& version, 311 ApprovedExtensionChange type); 312 313 // Updates the set of approved extensions when the corresponding preference is 314 // changed. 315 void RefreshApprovedExtensionsFromPrefs(); 316 317 // Extensions helper to SetActive(). 318 void SetExtensionsActive(); 319 #endif // BUILDFLAG(ENABLE_EXTENSIONS) 320 321 // Returns the SupervisedUserSettingsService associated with |profile_|. 322 SupervisedUserSettingsService* GetSettingsService(); 323 324 // Returns the PrefService associated with |profile_|. 325 PrefService* GetPrefService(); 326 327 size_t FindEnabledPermissionRequestCreator(size_t start); 328 void AddPermissionRequestInternal( 329 const CreatePermissionRequestCallback& create_request, 330 SuccessCallback callback, 331 size_t index); 332 void OnPermissionRequestIssued( 333 const CreatePermissionRequestCallback& create_request, 334 SuccessCallback callback, 335 size_t index, 336 bool success); 337 338 void OnSupervisedUserIdChanged(); 339 340 void OnDefaultFilteringBehaviorChanged(); 341 342 void OnSafeSitesSettingChanged(); 343 344 void UpdateAsyncUrlChecker(); 345 346 void OnSiteListsChanged( 347 const std::vector<scoped_refptr<SupervisedUserSiteList>>& site_lists); 348 349 // Asynchronously loads a denylist from a binary file at |path| and applies 350 // it to the URL filters. If no file exists at |path| yet, downloads a file 351 // from |url| and stores it at |path| first. 352 void LoadDenylist(const base::FilePath& path, const GURL& url); 353 354 void OnDenylistFileChecked(const base::FilePath& path, 355 const GURL& url, 356 bool file_exists); 357 358 // Asynchronously loads a denylist from a binary file at |path| and applies 359 // it to the URL filters. 360 void LoadDenylistFromFile(const base::FilePath& path); 361 362 void OnDenylistDownloadDone(const base::FilePath& path, 363 FileDownloader::Result result); 364 365 void OnDenylistLoaded(); 366 367 void UpdateDenylist(); 368 369 // Updates the manual overrides for hosts in the URL filters when the 370 // corresponding preference is changed. 371 void UpdateManualHosts(); 372 373 // Updates the manual overrides for URLs in the URL filters when the 374 // corresponding preference is changed. 375 void UpdateManualURLs(); 376 377 // Owns us via the KeyedService mechanism. 378 Profile* profile_; 379 380 bool active_; 381 382 Delegate* delegate_; 383 384 PrefChangeRegistrar pref_change_registrar_; 385 386 bool is_profile_active_; 387 388 // True only when |Init()| method has been called. 389 bool did_init_; 390 391 // True only when |Shutdown()| method has been called. 392 bool did_shutdown_; 393 394 SupervisedUserURLFilter url_filter_; 395 396 // Store a set of extension ids approved by the custodian. 397 // It is only relevant for SU-initiated installs. 398 std::set<std::string> approved_extensions_set_; 399 400 enum class DenylistLoadState { 401 NOT_LOADED, 402 LOAD_STARTED, 403 LOADED 404 } denylist_state_; 405 406 SupervisedUserDenylist denylist_; 407 std::unique_ptr<FileDownloader> denylist_downloader_; 408 409 std::unique_ptr<SupervisedUserAllowlistService> allowlist_service_; 410 411 std::vector<scoped_refptr<SupervisedUserSiteList>> allowlists_; 412 413 // Used to create permission requests. 414 std::vector<std::unique_ptr<PermissionRequestCreator>> permissions_creators_; 415 416 #if BUILDFLAG(ENABLE_EXTENSIONS) 417 ScopedObserver<extensions::ExtensionRegistry, 418 extensions::ExtensionRegistryObserver> 419 registry_observer_{this}; 420 #endif 421 422 base::ObserverList<SupervisedUserServiceObserver>::Unchecked observer_list_; 423 424 #if !defined(OS_ANDROID) 425 bool signout_required_after_supervision_enabled_ = false; 426 #endif 427 428 base::WeakPtrFactory<SupervisedUserService> weak_ptr_factory_{this}; 429 430 DISALLOW_COPY_AND_ASSIGN(SupervisedUserService); 431 }; 432 433 #endif // CHROME_BROWSER_SUPERVISED_USER_SUPERVISED_USER_SERVICE_H_ 434