Add pref for external extensions blocking

Bug: 944625
Change-Id: Ifa032c85938406b87d24edf4c06ec738905a7978
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/1783400
Commit-Queue: Dominique Fauteux-Chapleau <domfc@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#706441}

chrome/browser/extensions/external_provider_impl.cc

@@ -44,6 +44,7 @@
 #include "extensions/browser/extension_registry.h"
 #include "extensions/browser/external_install_info.h"
 #include "extensions/browser/external_provider_interface.h"
+#include "extensions/browser/pref_names.h"
 #include "extensions/common/extension.h"
 #include "extensions/common/manifest.h"
 #include "ui/base/l10n/l10n_util.h"
@@ -711,7 +712,6 @@ void ExternalProviderImpl::CreateExternalProviders(
 #else
   check_admin_permissions_on_mac = ExternalPrefLoader::NONE;
 #endif
-
 #if !defined(OS_WIN)
   int bundled_extension_creation_flags = Extension::NO_FLAGS;
 #endif
@@ -760,45 +760,49 @@ void ExternalProviderImpl::CreateExternalProviders(
     chromeos::DemoSession::Get()->SetExtensionsExternalLoader(loader);
     provider_list->push_back(std::move(demo_apps_provider));
   }
-#elif defined(OS_LINUX)
-  provider_list->push_back(std::make_unique<ExternalProviderImpl>(
-      service,
-      base::MakeRefCounted<ExternalPrefLoader>(
-          chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS,
-          ExternalPrefLoader::USE_USER_TYPE_PROFILE_FILTER, profile),
-      profile, Manifest::EXTERNAL_PREF, Manifest::EXTERNAL_PREF_DOWNLOAD,
-      bundled_extension_creation_flags));
 #endif
-
-  if (!profile->IsLegacySupervised()) {
-#if defined(OS_WIN)
-    auto registry_provider = std::make_unique<ExternalProviderImpl>(
-        service, new ExternalRegistryLoader, profile,
-        Manifest::EXTERNAL_REGISTRY, Manifest::EXTERNAL_PREF_DOWNLOAD,
-        Extension::NO_FLAGS);
-    registry_provider->set_allow_updates(true);
-    provider_list->push_back(std::move(registry_provider));
-#else
+  if (!profile->GetPrefs()->GetBoolean(pref_names::kBlockExternalExtensions)) {
+#if defined(OS_LINUX) && !defined(OS_CHROMEOS)
     provider_list->push_back(std::make_unique<ExternalProviderImpl>(
         service,
         base::MakeRefCounted<ExternalPrefLoader>(
-            chrome::DIR_EXTERNAL_EXTENSIONS, check_admin_permissions_on_mac,
-            nullptr),
+            chrome::DIR_STANDALONE_EXTERNAL_EXTENSIONS,
+            ExternalPrefLoader::USE_USER_TYPE_PROFILE_FILTER, profile),
         profile, Manifest::EXTERNAL_PREF, Manifest::EXTERNAL_PREF_DOWNLOAD,
         bundled_extension_creation_flags));
-
-    // Define a per-user source of external extensions.
+#endif
+    if (!profile->IsLegacySupervised()) {
+#if defined(OS_WIN)
+      auto registry_provider = std::make_unique<ExternalProviderImpl>(
+          service, new ExternalRegistryLoader, profile,
+          Manifest::EXTERNAL_REGISTRY, Manifest::EXTERNAL_PREF_DOWNLOAD,
+          Extension::NO_FLAGS);
+      registry_provider->set_allow_updates(true);
+      provider_list->push_back(std::move(registry_provider));
+#else
+      provider_list->push_back(std::make_unique<ExternalProviderImpl>(
+          service,
+          base::MakeRefCounted<ExternalPrefLoader>(
+              chrome::DIR_EXTERNAL_EXTENSIONS, check_admin_permissions_on_mac,
+              nullptr),
+          profile, Manifest::EXTERNAL_PREF, Manifest::EXTERNAL_PREF_DOWNLOAD,
+          bundled_extension_creation_flags));
+
+      // Define a per-user source of external extensions.
 #if defined(OS_MACOSX) || (defined(OS_LINUX) && BUILDFLAG(CHROMIUM_BRANDING))
-    provider_list->push_back(std::make_unique<ExternalProviderImpl>(
-        service,
-        base::MakeRefCounted<ExternalPrefLoader>(
-            chrome::DIR_USER_EXTERNAL_EXTENSIONS, ExternalPrefLoader::NONE,
-            nullptr),
-        profile, Manifest::EXTERNAL_PREF, Manifest::EXTERNAL_PREF_DOWNLOAD,
-        Extension::NO_FLAGS));
+      provider_list->push_back(std::make_unique<ExternalProviderImpl>(
+          service,
+          base::MakeRefCounted<ExternalPrefLoader>(
+              chrome::DIR_USER_EXTERNAL_EXTENSIONS, ExternalPrefLoader::NONE,
+              nullptr),
+          profile, Manifest::EXTERNAL_PREF, Manifest::EXTERNAL_PREF_DOWNLOAD,
+          Extension::NO_FLAGS));
 #endif
 #endif
+    }
+  }
 
+  if (!profile->IsLegacySupervised()) {
 #if !defined(OS_CHROMEOS)
     // The default apps are installed as INTERNAL but use the external
     // extension installer codeflow.

chrome/browser/extensions/external_provider_impl_unittest.cc

@@ -12,7 +12,10 @@
 #include "base/files/file_path.h"
 #include "base/files/file_util.h"
 #include "base/macros.h"
+#include "base/optional.h"
 #include "base/path_service.h"
+#include "base/run_loop.h"
+#include "base/strings/string16.h"
 #include "base/strings/stringprintf.h"
 #include "base/test/scoped_path_override.h"
 #include "build/branding_buildflags.h"
@@ -31,6 +34,7 @@
 #include "chrome/test/base/testing_profile.h"
 #include "content/public/browser/notification_service.h"
 #include "content/public/test/test_utils.h"
+#include "extensions/browser/pref_names.h"
 #include "net/test/embedded_test_server/embedded_test_server.h"
 #include "net/test/embedded_test_server/http_request.h"
 #include "net/test/embedded_test_server/http_response.h"
@@ -51,12 +55,17 @@ namespace {
 const char kManifestPath[] = "/update_manifest";
 const char kAppPath[] = "/app.crx";
 
+#if BUILDFLAG(GOOGLE_CHROME_BRANDING)
+const char kExternalAppId[] = "kekdneafjmhmndejhmbcadfiiofngffo";
+#endif
+
 class ExternalProviderImplTest : public ExtensionServiceTestBase {
  public:
   ExternalProviderImplTest() {}
   ~ExternalProviderImplTest() override {}
 
-  void InitServiceWithExternalProviders() {
+  void InitServiceWithExternalProviders(
+      const base::Optional<bool> block_external = base::nullopt) {
 #if defined(OS_CHROMEOS)
     user_manager::ScopedUserManager scoped_user_manager(
         std::make_unique<chromeos::FakeChromeUserManager>());
@@ -71,6 +80,9 @@ class ExternalProviderImplTest : public ExtensionServiceTestBase {
     // would cause the external updates to never finish install.
     profile_->GetPrefs()->SetString(prefs::kDefaultApps, "");
 
+    if (block_external.has_value())
+      SetExternalExtensionsBlockedByPolicy(block_external.value());
+
     ProviderCollection providers;
     extensions::ExternalProviderImpl::CreateExternalProviders(
         service_, profile_.get(), &providers);
@@ -79,6 +91,16 @@ class ExternalProviderImplTest : public ExtensionServiceTestBase {
       service_->AddProviderForTesting(std::move(provider));
   }
 
+  void OverrideExternalExtensionsPath() {
+    external_externsions_overrides_.reset(new base::ScopedPathOverride(
+        chrome::DIR_EXTERNAL_EXTENSIONS, data_dir().AppendASCII("external")));
+  }
+
+  void SetExternalExtensionsBlockedByPolicy(const bool block_external) {
+    profile_->GetPrefs()->SetBoolean(pref_names::kBlockExternalExtensions,
+                                     block_external);
+  }
+
   void InitializeExtensionServiceWithUpdaterAndPrefs() {
     ExtensionServiceInitParams params = CreateDefaultInitParams();
     params.autoupdate_enabled = true;
@@ -142,6 +164,7 @@ class ExternalProviderImplTest : public ExtensionServiceTestBase {
     return nullptr;
   }
 
+  std::unique_ptr<base::ScopedPathOverride> external_externsions_overrides_;
   std::unique_ptr<net::test_server::EmbeddedTestServer> test_server_;
   std::unique_ptr<ExtensionCacheFake> test_extension_cache_;
 
@@ -160,19 +183,43 @@ class ExternalProviderImplTest : public ExtensionServiceTestBase {
 TEST_F(ExternalProviderImplTest, InAppPayments) {
   InitServiceWithExternalProviders();
 
-  scoped_refptr<content::MessageLoopRunner> runner =
-      new content::MessageLoopRunner;
+  base::RunLoop run_loop;
   service_->set_external_updates_finished_callback_for_test(
-      runner->QuitClosure());
-
+      run_loop.QuitClosure());
   service_->CheckForExternalUpdates();
-  runner->Run();
+  run_loop.Run();
 
   EXPECT_TRUE(registry()->GetInstalledExtension(
       extension_misc::kInAppPaymentsSupportAppId));
   EXPECT_TRUE(service_->IsExtensionEnabled(
       extension_misc::kInAppPaymentsSupportAppId));
 }
+
+TEST_F(ExternalProviderImplTest, BlockedExternalUserProviders) {
+  OverrideExternalExtensionsPath();
+  InitServiceWithExternalProviders(true);
+
+  base::RunLoop run_loop;
+  service_->set_external_updates_finished_callback_for_test(
+      run_loop.QuitClosure());
+  service_->CheckForExternalUpdates();
+  run_loop.Run();
+
+  EXPECT_FALSE(registry()->GetInstalledExtension(kExternalAppId));
+}
+
+TEST_F(ExternalProviderImplTest, NotBlockedExternalUserProviders) {
+  OverrideExternalExtensionsPath();
+  InitServiceWithExternalProviders(false);
+
+  base::RunLoop run_loop;
+  service_->set_external_updates_finished_callback_for_test(
+      run_loop.QuitClosure());
+  service_->CheckForExternalUpdates();
+  run_loop.Run();
+
+  EXPECT_TRUE(registry()->GetInstalledExtension(kExternalAppId));
+}
 #endif  // BUILDFLAG(GOOGLE_CHROME_BRANDING)
 
 }  // namespace extensions

extensions/browser/extension_prefs.cc

@@ -1935,6 +1935,8 @@ void ExtensionPrefs::RegisterProfilePrefs(
 #if !defined(OS_MACOSX)
   registry->RegisterBooleanPref(pref_names::kAppFullscreenAllowed, true);
 #endif
+
+  registry->RegisterBooleanPref(pref_names::kBlockExternalExtensions, false);
 }
 
 template <class ExtensionIdContainer>

extensions/browser/pref_names.cc

@@ -31,6 +31,7 @@ const char kAlertsInitialized[] = "extensions.alerts.initialized";
 const char kAllowedInstallSites[] = "extensions.allowed_install_sites";
 const char kAllowedTypes[] = "extensions.allowed_types";
 const char kAppFullscreenAllowed[] = "apps.fullscreen.allowed";
+const char kBlockExternalExtensions[] = "extensions.block_external_extensions";
 const char kExtensions[] = "extensions.settings";
 const char kExtensionManagement[] = "extensions.management";
 const char kInstallAllowList[] = "extensions.install.allowlist";

extensions/browser/pref_names.h

@@ -39,6 +39,9 @@ extern const char kAllowedTypes[];
 // A boolean that tracks whether apps are allowed to enter fullscreen mode.
 extern const char kAppFullscreenAllowed[];
 
+// A boolean indicating if external extensions are blocked from installing.
+extern const char kBlockExternalExtensions[];
+
 // Dictionary pref that keeps track of per-extension settings. The keys are
 // extension ids.
 extern const char kExtensions[];