Google Git
Sign in
chromium / chromium / src / 05284a0a517bb00c3ba47a514c81622e9f4a07b6 / . / chrome / browser / ui / webui / management / management_ui_handler.cc
blob: e4e33daba822f88111980f6b5d77438b79676d3e [file] [log] [blame]
// Copyright 2018 The Chromium Authors
// Use of this source code is governed by a BSD-style license that can be
// found in the LICENSE file.
#include "chrome/browser/ui/webui/management/management_ui_handler.h"
#include <algorithm>
#include <memory>
#include <set>
#include <string>
#include <unordered_set>
#include <utility>
#include <vector>
#include "base/feature_list.h"
#include "base/functional/bind.h"
#include "base/functional/callback.h"
#include "base/functional/callback_helpers.h"
#include "base/metrics/histogram_functions.h"
#include "base/metrics/user_metrics.h"
#include "base/strings/escape.h"
#include "base/strings/string_util.h"
#include "base/strings/utf_string_conversions.h"
#include "base/values.h"
#include "chrome/browser/browser_features.h"
#include "chrome/browser/browser_process.h"
#include "chrome/browser/browser_process_platform_part.h"
#include "chrome/browser/device_api/managed_configuration_api.h"
#include "chrome/browser/device_api/managed_configuration_api_factory.h"
#include "chrome/browser/enterprise/connectors/common.h"
#include "chrome/browser/enterprise/connectors/connectors_service.h"
#include "chrome/browser/media/webrtc/capture_policy_utils.h"
#include "chrome/browser/policy/chrome_browser_policy_connector.h"
#include "chrome/browser/policy/management_utils.h"
#include "chrome/browser/policy/profile_policy_connector.h"
#include "chrome/browser/profiles/profile.h"
#include "chrome/browser/ui/managed_ui.h"
#include "chrome/common/pref_names.h"
#include "components/safe_browsing/core/common/safe_browsing_prefs.h"
#include "components/strings/grit/components_strings.h"
#include "content/public/browser/storage_partition.h"
#include "content/public/browser/web_contents.h"
#include "extensions/buildflags/buildflags.h"
#include "net/base/load_flags.h"
#include "net/traffic_annotation/network_traffic_annotation.h"
#include "net/url_request/referrer_policy.h"
#include "ui/base/l10n/l10n_util.h"
#include "ui/base/webui/web_ui_util.h"
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
#include "chrome/browser/policy/networking/policy_cert_service.h"
#include "chrome/browser/policy/networking/policy_cert_service_factory.h"
#include "chrome/browser/ui/webui/webui_util.h"
#endif
#if BUILDFLAG(IS_CHROMEOS_ASH)
#include "chrome/browser/ash/crostini/crostini_features.h"
#include "chrome/browser/ash/crostini/crostini_pref_names.h"
#include "chrome/browser/ash/plugin_vm/plugin_vm_pref_names.h"
#include "chrome/browser/ash/policy/core/browser_policy_connector_ash.h"
#include "chrome/browser/ash/policy/core/device_cloud_policy_manager_ash.h"
#include "chrome/browser/ash/policy/handlers/minimum_version_policy_handler.h"
#include "chrome/browser/ash/policy/status_collector/device_status_collector.h"
#include "chrome/browser/ash/policy/status_collector/status_collector.h"
#include "chrome/browser/ash/policy/uploading/status_uploader.h"
#include "chrome/browser/ash/policy/uploading/system_log_uploader.h"
#include "chrome/browser/ash/profiles/profile_helper.h"
#include "chrome/browser/ash/settings/cros_settings.h"
#include "chrome/browser/chromeos/policy/dlp/dlp_rules_manager.h"
#include "chrome/browser/chromeos/policy/dlp/dlp_rules_manager_factory.h"
#include "chrome/browser/net/stub_resolver_config_reader.h"
#include "chrome/browser/net/system_network_context_manager.h"
#include "chrome/browser/ui/webui/management/management_ui_handler_chromeos.h"
#include "chrome/grit/chromium_strings.h"
#include "chromeos/ash/components/network/network_state_handler.h"
#include "chromeos/ash/components/network/proxy/proxy_config_handler.h"
#include "chromeos/ash/components/network/proxy/ui_proxy_config_service.h"
#include "chromeos/ash/components/settings/cros_settings_names.h"
#include "components/enterprise/browser/reporting/common_pref_names.h"
#include "components/prefs/pref_service.h"
#include "components/user_manager/user_manager.h"
#include "ui/chromeos/devicetype_utils.h"
#else
#include "components/policy/core/common/cloud/user_cloud_policy_manager.h"
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
#include "build/chromeos_buildflags.h"
#include "chrome/browser/extensions/extension_util.h"
#include "chrome/common/extensions/permissions/chrome_permission_message_provider.h"
#include "components/policy/core/common/policy_map.h"
#include "components/policy/core/common/policy_namespace.h"
#include "components/policy/core/common/policy_service.h"
#include "components/policy/policy_constants.h"
#include "components/policy/proto/device_management_backend.pb.h"
#include "extensions/browser/extension_registry.h"
#include "extensions/common/extension.h"
#include "extensions/common/extension_set.h"
#include "extensions/common/manifest.h"
#include "extensions/common/permissions/permission_message_provider.h"
#include "extensions/common/permissions/permissions_data.h"
const char kOnPremReportingExtensionStableId[] =
"emahakmocgideepebncgnmlmliepgpgb";
const char kOnPremReportingExtensionBetaId[] =
"kigjhoekjcpdfjpimbdjegmgecmlicaf";
const char kPolicyKeyReportMachineIdData[] = "report_machine_id_data";
const char kPolicyKeyReportUserIdData[] = "report_user_id_data";
const char kPolicyKeyReportVersionData[] = "report_version_data";
const char kPolicyKeyReportPolicyData[] = "report_policy_data";
const char kPolicyKeyReportExtensionsData[] = "report_extensions_data";
const char kPolicyKeyReportSystemTelemetryData[] =
"report_system_telemetry_data";
const char kPolicyKeyReportUserBrowsingData[] = "report_user_browsing_data";
const char kManagementExtensionReportMachineName[] =
"managementExtensionReportMachineName";
const char kManagementExtensionReportMachineNameAddress[] =
"managementExtensionReportMachineNameAddress";
const char kManagementExtensionReportUsername[] =
"managementExtensionReportUsername";
const char kManagementExtensionReportVersion[] =
"managementExtensionReportVersion";
const char kManagementExtensionReportExtensionsPlugin[] =
"managementExtensionReportExtensionsPlugin";
const char kManagementExtensionReportPerfCrash[] =
"managementExtensionReportPerfCrash";
const char kManagementExtensionReportUserBrowsingData[] =
"managementExtensionReportUserBrowsingData";
const char kThreatProtectionTitle[] = "threatProtectionTitle";
const char kManagementDataLossPreventionName[] =
"managementDataLossPreventionName";
const char kManagementDataLossPreventionPermissions[] =
"managementDataLossPreventionPermissions";
const char kManagementMalwareScanningName[] = "managementMalwareScanningName";
const char kManagementMalwareScanningPermissions[] =
"managementMalwareScanningPermissions";
const char kManagementEnterpriseReportingEvent[] =
"managementEnterpriseReportingEvent";
const char kManagementEnterpriseReportingVisibleData[] =
"managementEnterpriseReportingVisibleData";
const char kManagementOnFileAttachedEvent[] = "managementOnFileAttachedEvent";
const char kManagementOnFileAttachedVisibleData[] =
"managementOnFileAttachedVisibleData";
const char kManagementOnFileDownloadedEvent[] =
"managementOnFileDownloadedEvent";
const char kManagementOnFileDownloadedVisibleData[] =
"managementOnFileDownloadedVisibleData";
const char kManagementOnBulkDataEntryEvent[] = "managementOnBulkDataEntryEvent";
const char kManagementOnBulkDataEntryVisibleData[] =
"managementOnBulkDataEntryVisibleData";
const char kManagementOnPrintEvent[] = "managementOnPrintEvent";
const char kManagementOnPrintVisibleData[] = "managementOnPrintVisibleData";
const char kManagementOnPageVisitedEvent[] = "managementOnPageVisitedEvent";
const char kManagementOnPageVisitedVisibleData[] =
"managementOnPageVisitedVisibleData";
const char kReportingTypeDevice[] = "device";
const char kReportingTypeExtensions[] = "extensions";
const char kReportingTypeSecurity[] = "security";
const char kReportingTypeUser[] = "user";
const char kReportingTypeUserActivity[] = "user-activity";
enum class ReportingType {
kDevice,
kExtensions,
kSecurity,
kUser,
kUserActivity
};
#if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
const char kManagementScreenCaptureEvent[] = "managementScreenCaptureEvent";
const char kManagementScreenCaptureData[] = "managementScreenCaptureData";
#endif // BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
#if BUILDFLAG(IS_CHROMEOS)
const char kManagementLogUploadEnabled[] = "managementLogUploadEnabled";
const char kManagementReportActivityTimes[] = "managementReportActivityTimes";
const char kManagementReportDeviceAudioStatus[] =
"managementReportDeviceAudioStatus";
const char kManagementReportDeviceGraphicsStatus[] =
"managementReportDeviceGraphicsStatus";
const char kManagementReportDevicePeripherals[] =
"managementReportDevicePeripherals";
const char kManagementReportNetworkData[] = "managementReportNetworkData";
const char kManagementReportHardwareData[] = "managementReportHardwareData";
const char kManagementReportUsers[] = "managementReportUsers";
const char kManagementReportCrashReports[] = "managementReportCrashReports";
const char kManagementReportAppInfoAndActivity[] =
"managementReportAppInfoAndActivity";
const char kManagementReportExtensions[] = "managementReportExtensions";
const char kManagementReportAndroidApplications[] =
"managementReportAndroidApplications";
const char kManagementReportPrintJobs[] = "managementReportPrintJobs";
const char kManagementReportLoginLogout[] = "managementReportLoginLogout";
const char kManagementReportCRDSessions[] = "managementReportCRDSessions";
const char kManagementReportDlpEvents[] = "managementReportDlpEvents";
const char kManagementOnFileTransferEvent[] = "managementOnFileTransferEvent";
const char kManagementOnFileTransferVisibleData[] =
"managementOnFileTransferVisibleData";
const char kManagementPrinting[] = "managementPrinting";
const char kManagementCrostini[] = "managementCrostini";
const char kManagementCrostiniContainerConfiguration[] =
"managementCrostiniContainerConfiguration";
const char kAccountManagedInfo[] = "accountManagedInfo";
const char kDeviceManagedInfo[] = "deviceManagedInfo";
const char kOverview[] = "overview";
#endif // BUILDFLAG(IS_CHROMEOS)
const char kCustomerLogo[] = "customerLogo";
const char kPowerfulExtensionsCountHistogram[] = "Extensions.PowerfulCount";
namespace {
bool IsProfileManaged(Profile* profile) {
return profile->GetProfilePolicyConnector()->IsManaged();
}
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
bool IsDeviceManaged() {
return policy::IsDeviceEnterpriseManaged();
}
enum class DeviceReportingType {
kSupervisedUser,
kDeviceActivity,
kDeviceStatistics,
kDevice,
kCrashReport,
kAppInfoAndActivity,
kLogs,
kPrint,
kPrintJobs,
kCrostini,
kUsername,
kExtensions,
kAndroidApplication,
kDlpEvents,
kLoginLogout,
kCRDSessions,
kPeripherals,
};
#else
bool IsBrowserManaged() {
return g_browser_process->browser_policy_connector()
->HasMachineLevelPolicies();
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
#if BUILDFLAG(IS_CHROMEOS_ASH)
// Corresponds to DeviceReportingType in management_browser_proxy.js
std::string ToJSDeviceReportingType(const DeviceReportingType& type) {
switch (type) {
case DeviceReportingType::kSupervisedUser:
return "supervised user";
case DeviceReportingType::kDeviceActivity:
return "device activity";
case DeviceReportingType::kDeviceStatistics:
return "device statistics";
case DeviceReportingType::kDevice:
return "device";
case DeviceReportingType::kCrashReport:
return "crash report";
case DeviceReportingType::kAppInfoAndActivity:
return "app info and activity";
case DeviceReportingType::kLogs:
return "logs";
case DeviceReportingType::kPrint:
return "print";
case DeviceReportingType::kPrintJobs:
return "print jobs";
case DeviceReportingType::kCrostini:
return "crostini";
case DeviceReportingType::kUsername:
return "username";
case DeviceReportingType::kExtensions:
return "extension";
case DeviceReportingType::kAndroidApplication:
return "android application";
case DeviceReportingType::kDlpEvents:
return "dlp events";
case DeviceReportingType::kLoginLogout:
return "login-logout";
case DeviceReportingType::kCRDSessions:
return "crd sessions";
case DeviceReportingType::kPeripherals:
return "peripherals";
default:
NOTREACHED() << "Unknown device reporting type";
return "device";
}
}
void AddDeviceReportingElement(base::Value::List* report_sources,
const std::string& message_id,
const DeviceReportingType& type) {
base::Value::Dict data;
data.Set("messageId", message_id);
data.Set("reportingType", ToJSDeviceReportingType(type));
report_sources->Append(std::move(data));
}
const policy::DlpRulesManager* GetDlpRulesManager() {
return policy::DlpRulesManagerFactory::GetForPrimaryProfile();
}
// If you are adding a privacy note, please also add it to
// go/chrome-policy-privacy-note-mappings.
void AddDeviceReportingInfo(base::Value::List* report_sources,
const policy::StatusCollector* collector,
const policy::SystemLogUploader* uploader,
Profile* profile) {
if (!collector || !profile || !uploader) {
return;
}
// Elements appear on the page in the order they are added.
bool report_device_peripherals = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportDevicePeripherals,
&report_device_peripherals);
bool report_audio_status = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportDeviceAudioStatus,
&report_audio_status);
// TODO(b/262295601): Add/refine management strings corresponding to XDR
// reporting policy.
bool device_report_xdr_events = false;
ash::CrosSettings::Get()->GetBoolean(ash::kDeviceReportXDREvents,
&device_report_xdr_events);
if (collector->IsReportingActivityTimes() || report_device_peripherals ||
report_audio_status || device_report_xdr_events ||
profile->GetPrefs()->GetBoolean(::prefs::kInsightsExtensionEnabled)) {
AddDeviceReportingElement(report_sources, kManagementReportActivityTimes,
DeviceReportingType::kDeviceActivity);
} else {
if (collector->IsReportingUsers()) {
AddDeviceReportingElement(report_sources, kManagementReportUsers,
DeviceReportingType::kSupervisedUser);
}
}
if (collector->IsReportingNetworkData() ||
profile->GetPrefs()->GetBoolean(::prefs::kInsightsExtensionEnabled)) {
AddDeviceReportingElement(report_sources, kManagementReportNetworkData,
DeviceReportingType::kDevice);
}
if (collector->IsReportingHardwareData()) {
AddDeviceReportingElement(report_sources, kManagementReportHardwareData,
DeviceReportingType::kDeviceStatistics);
}
if (collector->IsReportingCrashReportInfo()) {
AddDeviceReportingElement(report_sources, kManagementReportCrashReports,
DeviceReportingType::kCrashReport);
}
if (collector->IsReportingAppInfoAndActivity() || device_report_xdr_events) {
AddDeviceReportingElement(report_sources,
kManagementReportAppInfoAndActivity,
DeviceReportingType::kAppInfoAndActivity);
}
if (uploader->upload_enabled()) {
AddDeviceReportingElement(report_sources, kManagementLogUploadEnabled,
DeviceReportingType::kLogs);
}
if (report_audio_status) {
AddDeviceReportingElement(report_sources,
kManagementReportDeviceAudioStatus,
DeviceReportingType::kDevice);
}
bool report_graphics_status = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportDeviceGraphicsStatus,
&report_graphics_status);
if (report_graphics_status) {
AddDeviceReportingElement(report_sources,
kManagementReportDeviceGraphicsStatus,
DeviceReportingType::kDevice);
}
if (report_device_peripherals) {
AddDeviceReportingElement(report_sources,
kManagementReportDevicePeripherals,
DeviceReportingType::kPeripherals);
}
bool report_print_jobs = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportDevicePrintJobs,
&report_print_jobs);
if (report_print_jobs) {
AddDeviceReportingElement(report_sources, kManagementReportPrintJobs,
DeviceReportingType::kPrintJobs);
}
bool report_print_username = profile->GetPrefs()->GetBoolean(
prefs::kPrintingSendUsernameAndFilenameEnabled);
if (report_print_username && !report_print_jobs) {
AddDeviceReportingElement(report_sources, kManagementPrinting,
DeviceReportingType::kPrint);
}
if (GetDlpRulesManager() && GetDlpRulesManager()->IsReportingEnabled()) {
AddDeviceReportingElement(report_sources, kManagementReportDlpEvents,
DeviceReportingType::kDlpEvents);
}
if (crostini::CrostiniFeatures::Get()->IsAllowedNow(profile)) {
if (!profile->GetPrefs()
->GetFilePath(crostini::prefs::kCrostiniAnsiblePlaybookFilePath)
.empty()) {
AddDeviceReportingElement(report_sources,
kManagementCrostiniContainerConfiguration,
DeviceReportingType::kCrostini);
} else if (profile->GetPrefs()->GetBoolean(
crostini::prefs::kReportCrostiniUsageEnabled)) {
AddDeviceReportingElement(report_sources, kManagementCrostini,
DeviceReportingType::kCrostini);
}
}
if (g_browser_process->local_state()->GetBoolean(
enterprise_reporting::kCloudReportingEnabled)) {
AddDeviceReportingElement(report_sources,
kManagementExtensionReportUsername,
DeviceReportingType::kUsername);
AddDeviceReportingElement(report_sources, kManagementReportExtensions,
DeviceReportingType::kExtensions);
AddDeviceReportingElement(report_sources,
kManagementReportAndroidApplications,
DeviceReportingType::kAndroidApplication);
}
bool report_login_logout = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportDeviceLoginLogout,
&report_login_logout);
if (report_login_logout) {
AddDeviceReportingElement(report_sources, kManagementReportLoginLogout,
DeviceReportingType::kLoginLogout);
}
bool report_crd_sessions = false;
ash::CrosSettings::Get()->GetBoolean(ash::kReportCRDSessions,
&report_crd_sessions);
if (report_crd_sessions) {
AddDeviceReportingElement(report_sources, kManagementReportCRDSessions,
DeviceReportingType::kCRDSessions);
}
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
base::Value::List GetPermissionsForExtension(
scoped_refptr<const extensions::Extension> extension) {
base::Value::List permission_messages;
// Only consider force installed extensions
if (!extensions::Manifest::IsPolicyLocation(extension->location())) {
return permission_messages;
}
extensions::PermissionIDSet permissions =
extensions::PermissionMessageProvider::Get()
->GetManagementUIPermissionIDs(
extension->permissions_data()->active_permissions(),
extension->GetType());
const extensions::PermissionMessages messages =
extensions::PermissionMessageProvider::Get()->GetPermissionMessages(
permissions);
for (const auto& message : messages) {
permission_messages.Append(message.message());
}
return permission_messages;
}
base::Value::List GetPowerfulExtensions(
const extensions::ExtensionSet& extensions) {
base::Value::List powerful_extensions;
for (const auto& extension : extensions) {
base::Value::List permission_messages =
GetPermissionsForExtension(extension);
// Only show extension on page if there is at least one permission
// message to show.
if (!permission_messages.empty()) {
base::Value::Dict extension_to_add =
extensions::util::GetExtensionInfo(extension.get());
extension_to_add.Set("permissions", std::move(permission_messages));
powerful_extensions.Append(std::move(extension_to_add));
}
}
return powerful_extensions;
}
const char* GetReportingTypeValue(ReportingType reportingType) {
switch (reportingType) {
case ReportingType::kDevice:
return kReportingTypeDevice;
case ReportingType::kExtensions:
return kReportingTypeExtensions;
case ReportingType::kSecurity:
return kReportingTypeSecurity;
case ReportingType::kUser:
return kReportingTypeUser;
case ReportingType::kUserActivity:
return kReportingTypeUserActivity;
default:
return kReportingTypeSecurity;
}
}
void AddThreatProtectionPermission(const char* title,
const char* permission,
base::Value::List* info) {
base::Value::Dict value;
value.Set("title", title);
value.Set("permission", permission);
info->Append(std::move(value));
}
std::string GetAccountManager(Profile* profile) {
absl::optional<std::string> manager =
chrome::GetAccountManagerIdentity(profile);
if (!manager &&
base::FeatureList::IsEnabled(features::kFlexOrgManagementDisclosure)) {
manager = chrome::GetDeviceManagerIdentity();
}
return manager.value_or(std::string());
}
} // namespace
ManagementUIHandler::ManagementUIHandler() {
reporting_extension_ids_ = {kOnPremReportingExtensionStableId,
kOnPremReportingExtensionBetaId};
#if BUILDFLAG(IS_CHROMEOS_LACROS)
chromeos::LacrosService* service = chromeos::LacrosService::Get();
// Get device report sources.
if (service->IsAvailable<crosapi::mojom::DeviceSettingsService>() &&
service->GetInterfaceVersion(
crosapi::mojom::DeviceSettingsService::Uuid_) >=
static_cast<int>(crosapi::mojom::DeviceSettingsService::
kGetDeviceReportSourcesMinVersion)) {
service->GetRemote<crosapi::mojom::DeviceSettingsService>()
->GetDeviceReportSources(
base::BindOnce(&ManagementUIHandler::OnGotDeviceReportSources,
weak_factory_.GetWeakPtr()));
}
#endif
}
ManagementUIHandler::~ManagementUIHandler() {
DisallowJavascript();
}
void ManagementUIHandler::Initialize(content::WebUI* web_ui,
content::WebUIDataSource* source) {
InitializeInternal(web_ui, source, Profile::FromWebUI(web_ui));
}
// static
void ManagementUIHandler::InitializeInternal(content::WebUI* web_ui,
content::WebUIDataSource* source,
Profile* profile) {
auto handler = std::make_unique<ManagementUIHandler>();
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
handler->account_managed_ = IsProfileManaged(profile);
handler->device_managed_ = IsDeviceManaged();
#else
handler->account_managed_ = IsProfileManaged(profile) || IsBrowserManaged();
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
web_ui->AddMessageHandler(std::move(handler));
}
void ManagementUIHandler::RegisterMessages() {
web_ui()->RegisterMessageCallback(
"getContextualManagedData",
base::BindRepeating(&ManagementUIHandler::HandleGetContextualManagedData,
base::Unretained(this)));
web_ui()->RegisterMessageCallback(
"getExtensions",
base::BindRepeating(&ManagementUIHandler::HandleGetExtensions,
base::Unretained(this)));
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
web_ui()->RegisterMessageCallback(
"getLocalTrustRootsInfo",
base::BindRepeating(&ManagementUIHandler::HandleGetLocalTrustRootsInfo,
base::Unretained(this)));
web_ui()->RegisterMessageCallback(
"getDeviceReportingInfo",
base::BindRepeating(&ManagementUIHandler::HandleGetDeviceReportingInfo,
base::Unretained(this)));
web_ui()->RegisterMessageCallback(
"getPluginVmDataCollectionStatus",
base::BindRepeating(
&ManagementUIHandler::HandleGetPluginVmDataCollectionStatus,
base::Unretained(this)));
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
web_ui()->RegisterMessageCallback(
"getThreatProtectionInfo",
base::BindRepeating(&ManagementUIHandler::HandleGetThreatProtectionInfo,
base::Unretained(this)));
web_ui()->RegisterMessageCallback(
"getManagedWebsites",
base::BindRepeating(&ManagementUIHandler::HandleGetManagedWebsites,
base::Unretained(this)));
web_ui()->RegisterMessageCallback(
"initBrowserReportingInfo",
base::BindRepeating(&ManagementUIHandler::HandleInitBrowserReportingInfo,
base::Unretained(this)));
}
void ManagementUIHandler::OnJavascriptAllowed() {
AddObservers();
}
void ManagementUIHandler::OnJavascriptDisallowed() {
RemoveObservers();
}
void ManagementUIHandler::AddReportingInfo(base::Value::List* report_sources) {
const policy::PolicyService* policy_service = GetPolicyService();
const policy::PolicyNamespace
on_prem_reporting_extension_stable_policy_namespace =
policy::PolicyNamespace(policy::POLICY_DOMAIN_EXTENSIONS,
kOnPremReportingExtensionStableId);
const policy::PolicyNamespace
on_prem_reporting_extension_beta_policy_namespace =
policy::PolicyNamespace(policy::POLICY_DOMAIN_EXTENSIONS,
kOnPremReportingExtensionBetaId);
const policy::PolicyMap& on_prem_reporting_extension_stable_policy_map =
policy_service->GetPolicies(
on_prem_reporting_extension_stable_policy_namespace);
const policy::PolicyMap& on_prem_reporting_extension_beta_policy_map =
policy_service->GetPolicies(
on_prem_reporting_extension_beta_policy_namespace);
const policy::PolicyMap* policy_maps[] = {
&on_prem_reporting_extension_stable_policy_map,
&on_prem_reporting_extension_beta_policy_map};
const auto* cloud_reporting_policy_value =
GetPolicyService()
->GetPolicies(policy::PolicyNamespace(policy::POLICY_DOMAIN_CHROME,
std::string()))
.GetValue(policy::key::kCloudReportingEnabled,
base::Value::Type::BOOLEAN);
const bool cloud_reporting_policy_enabled =
cloud_reporting_policy_value && cloud_reporting_policy_value->GetBool();
const struct {
const char* policy_key;
const char* message;
const ReportingType reporting_type;
const bool enabled_by_default;
} report_definitions[] = {
{kPolicyKeyReportMachineIdData, kManagementExtensionReportMachineName,
ReportingType::kDevice, cloud_reporting_policy_enabled},
{kPolicyKeyReportMachineIdData,
kManagementExtensionReportMachineNameAddress, ReportingType::kDevice,
false},
{kPolicyKeyReportVersionData, kManagementExtensionReportVersion,
ReportingType::kDevice, cloud_reporting_policy_enabled},
{kPolicyKeyReportSystemTelemetryData, kManagementExtensionReportPerfCrash,
ReportingType::kDevice, false},
{kPolicyKeyReportUserIdData, kManagementExtensionReportUsername,
ReportingType::kUser, cloud_reporting_policy_enabled},
{kPolicyKeyReportExtensionsData,
kManagementExtensionReportExtensionsPlugin, ReportingType::kExtensions,
cloud_reporting_policy_enabled},
{kPolicyKeyReportUserBrowsingData,
kManagementExtensionReportUserBrowsingData, ReportingType::kUserActivity,
false},
};
std::unordered_set<const char*> enabled_messages;
for (auto& report_definition : report_definitions) {
if (report_definition.enabled_by_default) {
enabled_messages.insert(report_definition.message);
} else if (report_definition.policy_key) {
for (const policy::PolicyMap* policy_map : policy_maps) {
const base::Value* policy_value = policy_map->GetValue(
report_definition.policy_key, base::Value::Type::BOOLEAN);
if (policy_value && policy_value->GetBool()) {
enabled_messages.insert(report_definition.message);
break;
}
}
}
}
// The message with more data collected for kPolicyKeyReportMachineIdData
// trumps the one with less data.
if (enabled_messages.find(kManagementExtensionReportMachineNameAddress) !=
enabled_messages.end()) {
enabled_messages.erase(kManagementExtensionReportMachineName);
}
for (auto& report_definition : report_definitions) {
if (enabled_messages.find(report_definition.message) ==
enabled_messages.end()) {
continue;
}
base::Value::Dict data;
data.Set("messageId", report_definition.message);
data.Set("reportingType",
GetReportingTypeValue(report_definition.reporting_type));
report_sources->Append(std::move(data));
}
}
#if BUILDFLAG(IS_CHROMEOS_ASH)
const policy::DeviceCloudPolicyManagerAsh*
ManagementUIHandler::GetDeviceCloudPolicyManager() const {
// Only check for report status in managed environment.
if (!device_managed_) {
return nullptr;
}
const policy::BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
return connector->GetDeviceCloudPolicyManager();
}
bool ManagementUIHandler::IsUpdateRequiredEol() const {
const policy::BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
policy::MinimumVersionPolicyHandler* handler =
connector->GetMinimumVersionPolicyHandler();
return handler && handler->ShouldShowUpdateRequiredEolBanner();
}
void ManagementUIHandler::AddUpdateRequiredEolInfo(
base::Value::Dict* response) const {
if (!device_managed_ || !IsUpdateRequiredEol()) {
response->Set("eolMessage", std::string());
return;
}
response->Set("eolMessage", l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_UPDATE_REQUIRED_EOL_MESSAGE,
base::UTF8ToUTF16(GetDeviceManager()),
ui::GetChromeOSDeviceName()));
std::string eol_admin_message;
ash::CrosSettings::Get()->GetString(ash::kDeviceMinimumVersionAueMessage,
&eol_admin_message);
response->Set("eolAdminMessage", eol_admin_message);
}
void ManagementUIHandler::AddMonitoredNetworkPrivacyDisclosure(
base::Value::Dict* response) const {
bool showMonitoredNetworkDisclosure = false;
// Check for secure DNS templates with identifiers.
showMonitoredNetworkDisclosure =
SystemNetworkContextManager::GetStubResolverConfigReader()
->GetDohWithIdentifiersDisplayServers()
.has_value();
if (showMonitoredNetworkDisclosure) {
response->Set("showMonitoredNetworkPrivacyDisclosure",
showMonitoredNetworkDisclosure);
return;
}
// Check for proxy config.
ash::NetworkHandler* network_handler = ash::NetworkHandler::Get();
base::Value::Dict proxy_settings;
// |ui_proxy_config_service| may be missing in tests. If the device is offline
// (no network connected) the |DefaultNetwork| is null.
if (ash::NetworkHandler::HasUiProxyConfigService() &&
network_handler->network_state_handler()->DefaultNetwork()) {
// Check if proxy is enforced by user policy, a forced install extension or
// ONC policies. This will only read managed settings.
ash::NetworkHandler::GetUiProxyConfigService()->MergeEnforcedProxyConfig(
network_handler->network_state_handler()->DefaultNetwork()->guid(),
&proxy_settings);
}
if (!proxy_settings.empty()) {
// Proxies can be specified by web server url, via a PAC script or via the
// web proxy auto-discovery protocol. Chrome also supports the "direct"
// mode, in which no proxy is used.
std::string* proxy_specification_mode =
proxy_settings.FindStringByDottedPath(base::JoinString(
{::onc::network_config::kType, ::onc::kAugmentationActiveSetting},
"."));
showMonitoredNetworkDisclosure =
proxy_specification_mode &&
*proxy_specification_mode != ::onc::proxy::kDirect;
}
response->Set("showMonitoredNetworkPrivacyDisclosure",
showMonitoredNetworkDisclosure);
}
// static
base::Value::List ManagementUIHandler::GetDeviceReportingInfo(
const policy::DeviceCloudPolicyManagerAsh* manager,
Profile* profile) {
base::Value::List report_sources;
policy::StatusUploader* uploader = nullptr;
policy::SystemLogUploader* syslog_uploader = nullptr;
policy::StatusCollector* collector = nullptr;
if (manager) {
uploader = manager->GetStatusUploader();
syslog_uploader = manager->GetSystemLogUploader();
if (uploader) {
collector = uploader->status_collector();
}
}
AddDeviceReportingInfo(&report_sources, collector, syslog_uploader, profile);
return report_sources;
}
// static
void ManagementUIHandler::AddDlpDeviceReportingElementForTesting(
base::Value::List* report_sources,
const std::string& message_id) {
AddDeviceReportingElement(report_sources, message_id,
DeviceReportingType::kDlpEvents);
}
// static
void ManagementUIHandler::AddDeviceReportingInfoForTesting(
base::Value::List* report_sources,
const policy::StatusCollector* collector,
const policy::SystemLogUploader* uploader,
Profile* profile) {
AddDeviceReportingInfo(report_sources, collector, uploader, profile);
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
base::Value::Dict ManagementUIHandler::GetContextualManagedData(
Profile* profile) {
base::Value::Dict response;
#if BUILDFLAG(IS_CHROMEOS_ASH)
std::string enterprise_manager = GetDeviceManager();
if (enterprise_manager.empty()) {
enterprise_manager = GetAccountManager(profile);
}
AddUpdateRequiredEolInfo(&response);
AddMonitoredNetworkPrivacyDisclosure(&response);
#else
std::string enterprise_manager = GetAccountManager(profile);
response.Set("browserManagementNotice",
l10n_util::GetStringFUTF16(
managed_() ? IDS_MANAGEMENT_BROWSER_NOTICE
: IDS_MANAGEMENT_NOT_MANAGED_NOTICE,
base::UTF8ToUTF16(chrome::kManagedUiLearnMoreUrl),
base::EscapeForHTML(l10n_util::GetStringUTF16(
IDS_MANAGEMENT_LEARN_MORE_ACCCESSIBILITY_TEXT))));
#endif
if (enterprise_manager.empty()) {
response.Set(
"extensionReportingTitle",
l10n_util::GetStringUTF16(IDS_MANAGEMENT_EXTENSIONS_INSTALLED));
response.Set(
"managedWebsitesSubtitle",
l10n_util::GetStringUTF16(IDS_MANAGEMENT_MANAGED_WEBSITES_EXPLANATION));
#if !BUILDFLAG(IS_CHROMEOS_ASH)
response.Set("pageSubtitle",
l10n_util::GetStringUTF16(
managed_() ? IDS_MANAGEMENT_SUBTITLE
: IDS_MANAGEMENT_NOT_MANAGED_SUBTITLE));
#else
const auto device_type = ui::GetChromeOSDeviceTypeResourceId();
response.Set("pageSubtitle",
managed_() ? l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_SUBTITLE_MANAGED,
l10n_util::GetStringUTF16(device_type))
: l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_NOT_MANAGED_SUBTITLE,
l10n_util::GetStringUTF16(device_type)));
#endif // !BUILDFLAG(IS_CHROMEOS_ASH)
} else {
response.Set(
"extensionReportingTitle",
l10n_util::GetStringFUTF16(IDS_MANAGEMENT_EXTENSIONS_INSTALLED_BY,
base::UTF8ToUTF16(enterprise_manager)));
response.Set("managedWebsitesSubtitle",
l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_MANAGED_WEBSITES_BY_EXPLANATION,
base::UTF8ToUTF16(enterprise_manager)));
#if !BUILDFLAG(IS_CHROMEOS_ASH)
response.Set(
"pageSubtitle",
managed_()
? l10n_util::GetStringFUTF16(IDS_MANAGEMENT_SUBTITLE_MANAGED_BY,
base::UTF8ToUTF16(enterprise_manager))
: l10n_util::GetStringUTF16(IDS_MANAGEMENT_NOT_MANAGED_SUBTITLE));
#else
const auto device_type = ui::GetChromeOSDeviceTypeResourceId();
response.Set("pageSubtitle",
managed_() ? l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_SUBTITLE_MANAGED_BY,
l10n_util::GetStringUTF16(device_type),
base::UTF8ToUTF16(enterprise_manager))
: l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_NOT_MANAGED_SUBTITLE,
l10n_util::GetStringUTF16(device_type)));
#endif // !BUILDFLAG(IS_CHROMEOS_ASH)
}
response.Set("managed", managed_());
GetManagementStatus(profile, &response);
AsyncUpdateLogo();
if (!fetched_image_.empty()) {
response.Set(kCustomerLogo, base::Value(fetched_image_));
}
return response;
}
base::Value::Dict ManagementUIHandler::GetThreatProtectionInfo(
Profile* profile) {
base::Value::List info;
constexpr struct {
enterprise_connectors::AnalysisConnector connector;
const char* title;
const char* permission;
} analysis_connector_permissions[] = {
{enterprise_connectors::FILE_ATTACHED, kManagementOnFileAttachedEvent,
kManagementOnFileAttachedVisibleData},
{enterprise_connectors::FILE_DOWNLOADED, kManagementOnFileDownloadedEvent,
kManagementOnFileDownloadedVisibleData},
{enterprise_connectors::BULK_DATA_ENTRY, kManagementOnBulkDataEntryEvent,
kManagementOnBulkDataEntryVisibleData},
{enterprise_connectors::PRINT, kManagementOnPrintEvent,
kManagementOnPrintVisibleData},
#if BUILDFLAG(IS_CHROMEOS_ASH)
{enterprise_connectors::FILE_TRANSFER, kManagementOnFileTransferEvent,
kManagementOnFileTransferVisibleData},
#endif
};
auto* connectors_service =
enterprise_connectors::ConnectorsServiceFactory::GetForBrowserContext(
profile);
for (auto& entry : analysis_connector_permissions) {
if (!connectors_service->GetAnalysisServiceProviderNames(entry.connector)
.empty()) {
AddThreatProtectionPermission(entry.title, entry.permission, &info);
}
}
if (!connectors_service
->GetReportingServiceProviderNames(
enterprise_connectors::ReportingConnector::SECURITY_EVENT)
.empty()) {
AddThreatProtectionPermission(kManagementEnterpriseReportingEvent,
kManagementEnterpriseReportingVisibleData,
&info);
}
if (connectors_service->GetAppliedRealTimeUrlCheck() !=
safe_browsing::REAL_TIME_CHECK_DISABLED) {
AddThreatProtectionPermission(kManagementOnPageVisitedEvent,
kManagementOnPageVisitedVisibleData, &info);
}
#if BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
if (capture_policy::IsGetDisplayMediaSetSelectAllScreensAllowedForAnySite(
profile)) {
AddThreatProtectionPermission(kManagementScreenCaptureEvent,
kManagementScreenCaptureData, &info);
}
#endif // BUILDFLAG(IS_CHROMEOS) || BUILDFLAG(IS_LINUX)
const std::string enterprise_manager =
connectors_service->GetManagementDomain();
base::Value::Dict result;
result.Set("description",
enterprise_manager.empty()
? l10n_util::GetStringUTF16(
IDS_MANAGEMENT_THREAT_PROTECTION_DESCRIPTION)
: l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_THREAT_PROTECTION_DESCRIPTION_BY,
base::UTF8ToUTF16(enterprise_manager)));
result.Set("info", std::move(info));
return result;
}
base::Value::List ManagementUIHandler::GetManagedWebsitesInfo(
Profile* profile) const {
base::Value::List managed_websites;
auto* managed_configuration =
ManagedConfigurationAPIFactory::GetForProfile(profile);
if (!managed_configuration) {
return managed_websites;
}
for (const auto& entry : managed_configuration->GetManagedOrigins()) {
managed_websites.Append(entry.Serialize());
}
return managed_websites;
}
policy::PolicyService* ManagementUIHandler::GetPolicyService() {
return Profile::FromWebUI(web_ui())
->GetProfilePolicyConnector()
->policy_service();
}
void ManagementUIHandler::AsyncUpdateLogo() {
#if BUILDFLAG(IS_CHROMEOS_ASH)
policy::BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
const auto url = connector->GetCustomerLogoURL();
if (!url.empty() && GURL(url) != logo_url_) {
icon_fetcher_ = std::make_unique<BitmapFetcher>(
GURL(url), this, GetManagementUICustomerLogoAnnotation());
icon_fetcher_->Init(net::ReferrerPolicy::NEVER_CLEAR,
network::mojom::CredentialsMode::kOmit);
auto* profile = Profile::FromWebUI(web_ui());
icon_fetcher_->Start(profile->GetDefaultStoragePartition()
->GetURLLoaderFactoryForBrowserProcess()
.get());
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
}
void ManagementUIHandler::OnFetchComplete(const GURL& url,
const SkBitmap* bitmap) {
if (!bitmap) {
return;
}
fetched_image_ = webui::GetBitmapDataUrl(*bitmap);
logo_url_ = url;
// Fire listener to reload managed data.
FireWebUIListener("managed_data_changed");
}
#if BUILDFLAG(IS_CHROMEOS_ASH)
void AddStatusOverviewManagedDeviceAndAccount(
base::Value::Dict* status,
bool device_managed,
bool account_managed,
const std::string& device_manager,
const std::string& account_manager) {
if (device_managed && account_managed &&
(account_manager.empty() || account_manager == device_manager)) {
status->Set(kOverview, base::Value(l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_DEVICE_AND_ACCOUNT_MANAGED_BY,
base::UTF8ToUTF16(device_manager))));
return;
}
if (account_managed && !account_manager.empty()) {
status->Set(kOverview, base::Value(l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_ACCOUNT_MANAGED_BY,
base::UTF8ToUTF16(account_manager))));
}
if (account_managed && device_managed && !account_manager.empty() &&
account_manager != device_manager) {
status->Set(kOverview,
base::Value(l10n_util::GetStringFUTF16(
IDS_MANAGEMENT_DEVICE_MANAGED_BY_ACCOUNT_MANAGED_BY,
base::UTF8ToUTF16(device_manager),
base::UTF8ToUTF16(account_manager))));
}
}
const std::string ManagementUIHandler::GetDeviceManager() const {
std::string device_domain;
policy::BrowserPolicyConnectorAsh* connector =
g_browser_process->platform_part()->browser_policy_connector_ash();
if (device_managed_) {
device_domain = connector->GetEnterpriseDomainManager();
}
if (device_domain.empty() && connector->IsActiveDirectoryManaged()) {
device_domain = connector->GetRealm();
}
return device_domain;
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
void ManagementUIHandler::GetManagementStatus(Profile* profile,
base::Value::Dict* status) const {
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
status->Set(kDeviceManagedInfo, base::Value());
status->Set(kAccountManagedInfo, base::Value());
status->Set(kOverview, base::Value());
if (!managed_()) {
status->Set(kOverview, base::Value(l10n_util::GetStringUTF16(
IDS_MANAGEMENT_DEVICE_NOT_MANAGED)));
return;
}
#if BUILDFLAG(IS_CHROMEOS_ASH)
std::string account_manager = GetAccountManager(profile);
auto* primary_user = user_manager::UserManager::Get()->GetPrimaryUser();
auto* primary_profile =
primary_user ? ash::ProfileHelper::Get()->GetProfileByUser(primary_user)
: nullptr;
const bool primary_user_managed =
primary_profile ? IsProfileManaged(primary_profile) : false;
if (primary_user_managed) {
account_manager = GetAccountManager(primary_profile);
}
std::string device_manager = GetDeviceManager();
AddStatusOverviewManagedDeviceAndAccount(
status, device_managed_, account_managed_ || primary_user_managed,
device_manager, account_manager);
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
}
void ManagementUIHandler::HandleGetExtensions(const base::Value::List& args) {
AllowJavascript();
// List of all enabled extensions
const extensions::ExtensionSet& extensions =
extensions::ExtensionRegistry::Get(Profile::FromWebUI(web_ui()))
->enabled_extensions();
base::Value::List powerful_extensions = GetPowerfulExtensions(extensions);
// The number of extensions to be reported in chrome://management with
// powerful permissions.
base::UmaHistogramCounts1000(kPowerfulExtensionsCountHistogram,
powerful_extensions.size());
ResolveJavascriptCallback(args[0] /* callback_id */, powerful_extensions);
}
#if BUILDFLAG(IS_CHROMEOS_LACROS)
void ManagementUIHandler::OnGotDeviceReportSources(
base::Value::List report_sources,
bool plugin_vm_data_collection_enabled) {
report_sources_ = std::move(report_sources);
plugin_vm_data_collection_enabled_ = plugin_vm_data_collection_enabled;
}
#endif
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
void ManagementUIHandler::HandleGetLocalTrustRootsInfo(
const base::Value::List& args) {
CHECK_EQ(1U, args.size());
base::Value trust_roots_configured(false);
AllowJavascript();
policy::PolicyCertService* policy_service =
policy::PolicyCertServiceFactory::GetForProfile(
Profile::FromWebUI(web_ui()));
if (policy_service && policy_service->has_policy_certificates()) {
trust_roots_configured = base::Value(true);
}
ResolveJavascriptCallback(args[0] /* callback_id */, trust_roots_configured);
}
void ManagementUIHandler::HandleGetDeviceReportingInfo(
const base::Value::List& args) {
AllowJavascript();
#if BUILDFLAG(IS_CHROMEOS_ASH)
base::Value::List report_sources = GetDeviceReportingInfo(
GetDeviceCloudPolicyManager(), Profile::FromWebUI(web_ui()));
ResolveJavascriptCallback(args[0] /* callback_id */, report_sources);
#else
ResolveJavascriptCallback(args[0] /* callback_id */, report_sources_);
#endif
}
void ManagementUIHandler::HandleGetPluginVmDataCollectionStatus(
const base::Value::List& args) {
CHECK_EQ(1U, args.size());
#if BUILDFLAG(IS_CHROMEOS_ASH)
base::Value plugin_vm_data_collection_enabled(
Profile::FromWebUI(web_ui())->GetPrefs()->GetBoolean(
plugin_vm::prefs::kPluginVmDataCollectionAllowed));
#else
base::Value plugin_vm_data_collection_enabled(
plugin_vm_data_collection_enabled_);
#endif
AllowJavascript();
ResolveJavascriptCallback(args[0] /* callback_id */,
plugin_vm_data_collection_enabled);
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
void ManagementUIHandler::HandleGetContextualManagedData(
const base::Value::List& args) {
AllowJavascript();
auto result = GetContextualManagedData(Profile::FromWebUI(web_ui()));
ResolveJavascriptCallback(args[0] /* callback_id */, result);
}
void ManagementUIHandler::HandleGetThreatProtectionInfo(
const base::Value::List& args) {
AllowJavascript();
ResolveJavascriptCallback(
args[0] /* callback_id */,
GetThreatProtectionInfo(Profile::FromWebUI(web_ui())));
}
void ManagementUIHandler::HandleGetManagedWebsites(
const base::Value::List& args) {
AllowJavascript();
ResolveJavascriptCallback(
args[0] /* callback_id */,
GetManagedWebsitesInfo(Profile::FromWebUI(web_ui())));
}
void ManagementUIHandler::HandleInitBrowserReportingInfo(
const base::Value::List& args) {
base::Value::List report_sources;
AllowJavascript();
AddReportingInfo(&report_sources);
ResolveJavascriptCallback(args[0] /* callback_id */, report_sources);
}
void ManagementUIHandler::NotifyBrowserReportingInfoUpdated() {
base::Value::List report_sources;
AddReportingInfo(&report_sources);
FireWebUIListener("browser-reporting-info-updated", report_sources);
}
#if BUILDFLAG(IS_CHROMEOS_ASH)
void ManagementUIHandler::NotifyPluginVmDataCollectionUpdated() {
FireWebUIListener(
"plugin-vm-data-collection-updated",
base::Value(Profile::FromWebUI(web_ui())->GetPrefs()->GetBoolean(
plugin_vm::prefs::kPluginVmDataCollectionAllowed)));
}
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
void ManagementUIHandler::NotifyThreatProtectionInfoUpdated() {
FireWebUIListener("threat-protection-info-updated",
GetThreatProtectionInfo(Profile::FromWebUI(web_ui())));
}
void ManagementUIHandler::OnExtensionLoaded(
content::BrowserContext* /*browser_context*/,
const extensions::Extension* extension) {
if (reporting_extension_ids_.find(extension->id()) !=
reporting_extension_ids_.end()) {
NotifyBrowserReportingInfoUpdated();
}
}
void ManagementUIHandler::OnExtensionUnloaded(
content::BrowserContext* /*browser_context*/,
const extensions::Extension* extension,
extensions::UnloadedExtensionReason /*reason*/) {
if (reporting_extension_ids_.find(extension->id()) !=
reporting_extension_ids_.end()) {
NotifyBrowserReportingInfoUpdated();
}
}
void ManagementUIHandler::UpdateManagedState() {
auto* profile = Profile::FromWebUI(web_ui());
bool managed_state_changed = false;
#if BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
managed_state_changed |= account_managed_ != IsProfileManaged(profile);
managed_state_changed |= device_managed_ != IsDeviceManaged();
account_managed_ = IsProfileManaged(profile);
device_managed_ = IsDeviceManaged();
#else
managed_state_changed |=
account_managed_ != (IsProfileManaged(profile) || IsBrowserManaged());
account_managed_ = IsProfileManaged(profile) || IsBrowserManaged();
#endif // BUILDFLAG(IS_CHROMEOS_ASH) || BUILDFLAG(IS_CHROMEOS_LACROS)
if (managed_state_changed) {
FireWebUIListener("managed_data_changed");
}
}
void ManagementUIHandler::OnPolicyUpdated(
const policy::PolicyNamespace& /*ns*/,
const policy::PolicyMap& /*previous*/,
const policy::PolicyMap& /*current*/) {
UpdateManagedState();
NotifyBrowserReportingInfoUpdated();
NotifyThreatProtectionInfoUpdated();
}
void ManagementUIHandler::AddObservers() {
if (has_observers_) {
return;
}
has_observers_ = true;
auto* profile = Profile::FromWebUI(web_ui());
extensions::ExtensionRegistry::Get(profile)->AddObserver(this);
auto* policy_service = GetPolicyService();
policy_service->AddObserver(policy::POLICY_DOMAIN_EXTENSIONS, this);
pref_registrar_.Init(profile->GetPrefs());
pref_registrar_.Add(
prefs::kSupervisedUserId,
base::BindRepeating(&ManagementUIHandler::UpdateManagedState,
base::Unretained(this)));
#if BUILDFLAG(IS_CHROMEOS_ASH)
pref_registrar_.Add(
plugin_vm::prefs::kPluginVmDataCollectionAllowed,
base::BindRepeating(
&ManagementUIHandler::NotifyPluginVmDataCollectionUpdated,
base::Unretained(this)));
#endif // BUILDFLAG(IS_CHROMEOS_ASH)
}
void ManagementUIHandler::RemoveObservers() {
if (!has_observers_) {
return;
}
has_observers_ = false;
extensions::ExtensionRegistry::Get(Profile::FromWebUI(web_ui()))
->RemoveObserver(this);
policy::PolicyService* policy_service = Profile::FromWebUI(web_ui())
->GetProfilePolicyConnector()
->policy_service();
policy_service->RemoveObserver(policy::POLICY_DOMAIN_EXTENSIONS, this);
pref_registrar_.RemoveAll();
}