| OLD | NEW |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/config_dir_policy_provider.h" | 5 #include "chrome/browser/policy/config_dir_policy_loader.h" |
| 6 | 6 |
| 7 #include <algorithm> | 7 #include <algorithm> |
| 8 #include <set> | 8 #include <set> |
| 9 #include <string> | 9 #include <string> |
| 10 | 10 |
| 11 #include "base/file_path.h" | 11 #include "base/bind.h" |
| 12 #include "base/bind_helpers.h" |
| 12 #include "base/file_util.h" | 13 #include "base/file_util.h" |
| 13 #include "base/json/json_file_value_serializer.h" | 14 #include "base/json/json_file_value_serializer.h" |
| 14 #include "base/logging.h" | 15 #include "base/logging.h" |
| 15 #include "base/platform_file.h" | 16 #include "base/platform_file.h" |
| 16 #include "base/stl_util.h" | 17 #include "base/stl_util.h" |
| 17 #include "chrome/browser/policy/policy_bundle.h" | 18 #include "chrome/browser/policy/policy_bundle.h" |
| 18 | 19 |
| 19 namespace policy { | 20 namespace policy { |
| 20 | 21 |
| 21 ConfigDirPolicyProviderDelegate::ConfigDirPolicyProviderDelegate( | 22 namespace { |
| 22 const FilePath& config_dir, | 23 |
| 23 PolicyLevel level, | 24 // Subdirectories that contain the mandatory and recommended policies. |
| 24 PolicyScope scope) | 25 const FilePath::CharType kMandatoryConfigDir[] = FILE_PATH_LITERAL("managed"); |
| 25 : FileBasedPolicyProvider::ProviderDelegate(config_dir), | 26 const FilePath::CharType kRecommendedConfigDir[] = |
| 26 level_(level), | 27 FILE_PATH_LITERAL("recommended"); |
| 28 |
| 29 } // namespace |
| 30 |
| 31 ConfigDirPolicyLoader::ConfigDirPolicyLoader(const FilePath& config_dir, |
| 32 PolicyScope scope) |
| 33 : config_dir_(config_dir), |
| 27 scope_(scope) {} | 34 scope_(scope) {} |
| 28 | 35 |
| 29 scoped_ptr<PolicyBundle> ConfigDirPolicyProviderDelegate::Load() { | 36 ConfigDirPolicyLoader::~ConfigDirPolicyLoader() {} |
| 37 |
| 38 void ConfigDirPolicyLoader::InitOnFile() { |
| 39 base::files::FilePathWatcher::Callback callback = |
| 40 base::Bind(&ConfigDirPolicyLoader::OnFileUpdated, base::Unretained(this)); |
| 41 mandatory_watcher_.Watch(config_dir_.Append(kMandatoryConfigDir), callback); |
| 42 recommended_watcher_.Watch(config_dir_.Append(kRecommendedConfigDir), |
| 43 callback); |
| 44 } |
| 45 |
| 46 scoped_ptr<PolicyBundle> ConfigDirPolicyLoader::Load() { |
| 47 scoped_ptr<PolicyBundle> bundle(new PolicyBundle()); |
| 48 LoadFromPath(config_dir_.Append(kMandatoryConfigDir), |
| 49 POLICY_LEVEL_MANDATORY, |
| 50 bundle.get()); |
| 51 LoadFromPath(config_dir_.Append(kRecommendedConfigDir), |
| 52 POLICY_LEVEL_RECOMMENDED, |
| 53 bundle.get()); |
| 54 return bundle.Pass(); |
| 55 } |
| 56 |
| 57 base::Time ConfigDirPolicyLoader::LastModificationTime() { |
| 58 static const FilePath::CharType* kConfigDirSuffixes[] = { |
| 59 kMandatoryConfigDir, |
| 60 kRecommendedConfigDir, |
| 61 }; |
| 62 |
| 63 base::Time last_modification = base::Time(); |
| 64 base::PlatformFileInfo info; |
| 65 |
| 66 for (size_t i = 0; i < arraysize(kConfigDirSuffixes); ++i) { |
| 67 FilePath path(config_dir_.Append(kConfigDirSuffixes[i])); |
| 68 |
| 69 // Skip if the file doesn't exist, or it isn't a directory. |
| 70 if (!file_util::GetFileInfo(path, &info) || !info.is_directory) |
| 71 continue; |
| 72 |
| 73 // Enumerate the files and find the most recent modification timestamp. |
| 74 file_util::FileEnumerator file_enumerator(path, false, |
| 75 file_util::FileEnumerator::FILES); |
| 76 for (FilePath config_file = file_enumerator.Next(); |
| 77 !config_file.empty(); |
| 78 config_file = file_enumerator.Next()) { |
| 79 if (file_util::GetFileInfo(config_file, &info) && !info.is_directory) |
| 80 last_modification = std::max(last_modification, info.last_modified); |
| 81 } |
| 82 } |
| 83 |
| 84 return last_modification; |
| 85 } |
| 86 |
| 87 void ConfigDirPolicyLoader::LoadFromPath(const FilePath& path, |
| 88 PolicyLevel level, |
| 89 PolicyBundle* bundle) { |
| 30 // Enumerate the files and sort them lexicographically. | 90 // Enumerate the files and sort them lexicographically. |
| 31 std::set<FilePath> files; | 91 std::set<FilePath> files; |
| 32 file_util::FileEnumerator file_enumerator(config_file_path(), false, | 92 file_util::FileEnumerator file_enumerator(path, false, |
| 33 file_util::FileEnumerator::FILES); | 93 file_util::FileEnumerator::FILES); |
| 34 for (FilePath config_file_path = file_enumerator.Next(); | 94 for (FilePath config_file_path = file_enumerator.Next(); |
| 35 !config_file_path.empty(); config_file_path = file_enumerator.Next()) | 95 !config_file_path.empty(); config_file_path = file_enumerator.Next()) |
| 36 files.insert(config_file_path); | 96 files.insert(config_file_path); |
| 37 | 97 |
| 38 // Start with an empty dictionary and merge the files' contents. | 98 // Start with an empty dictionary and merge the files' contents. |
| 39 // The files are processed in reverse order because |MergeFrom| gives priority | 99 // The files are processed in reverse order because |MergeFrom| gives priority |
| 40 // to existing keys, but the ConfigDirPolicyProvider gives priority to the | 100 // to existing keys, but the ConfigDirPolicyProvider gives priority to the |
| 41 // last file in lexicographic order. | 101 // last file in lexicographic order. |
| 42 scoped_ptr<PolicyBundle> bundle(new PolicyBundle()); | |
| 43 for (std::set<FilePath>::reverse_iterator config_file_iter = files.rbegin(); | 102 for (std::set<FilePath>::reverse_iterator config_file_iter = files.rbegin(); |
| 44 config_file_iter != files.rend(); ++config_file_iter) { | 103 config_file_iter != files.rend(); ++config_file_iter) { |
| 45 JSONFileValueSerializer deserializer(*config_file_iter); | 104 JSONFileValueSerializer deserializer(*config_file_iter); |
| 46 deserializer.set_allow_trailing_comma(true); | 105 deserializer.set_allow_trailing_comma(true); |
| 47 int error_code = 0; | 106 int error_code = 0; |
| 48 std::string error_msg; | 107 std::string error_msg; |
| 49 scoped_ptr<base::Value> value( | 108 scoped_ptr<base::Value> value( |
| 50 deserializer.Deserialize(&error_code, &error_msg)); | 109 deserializer.Deserialize(&error_code, &error_msg)); |
| 51 if (!value.get()) { | 110 if (!value.get()) { |
| 52 LOG(WARNING) << "Failed to read configuration file " | 111 LOG(WARNING) << "Failed to read configuration file " |
| 53 << config_file_iter->value() << ": " << error_msg; | 112 << config_file_iter->value() << ": " << error_msg; |
| 54 continue; | 113 continue; |
| 55 } | 114 } |
| 56 base::DictionaryValue* dictionary_value = NULL; | 115 base::DictionaryValue* dictionary_value = NULL; |
| 57 if (!value->GetAsDictionary(&dictionary_value)) { | 116 if (!value->GetAsDictionary(&dictionary_value)) { |
| 58 LOG(WARNING) << "Expected JSON dictionary in configuration file " | 117 LOG(WARNING) << "Expected JSON dictionary in configuration file " |
| 59 << config_file_iter->value(); | 118 << config_file_iter->value(); |
| 60 continue; | 119 continue; |
| 61 } | 120 } |
| 62 | 121 |
| 63 // Detach the "3rdparty" node. | 122 // Detach the "3rdparty" node. |
| 64 base::Value* third_party = NULL; | 123 base::Value* third_party = NULL; |
| 65 if (dictionary_value->Remove("3rdparty", &third_party)) { | 124 if (dictionary_value->Remove("3rdparty", &third_party)) { |
| 66 Merge3rdPartyPolicy(bundle.get(), third_party); | 125 Merge3rdPartyPolicy(third_party, level, bundle); |
| 67 delete third_party; | 126 delete third_party; |
| 68 } | 127 } |
| 69 | 128 |
| 70 // Add chrome policy. | 129 // Add chrome policy. |
| 71 PolicyMap policy_map; | 130 PolicyMap policy_map; |
| 72 policy_map.LoadFrom(dictionary_value, level_, scope_); | 131 policy_map.LoadFrom(dictionary_value, level, scope_); |
| 73 bundle->Get(POLICY_DOMAIN_CHROME, "").MergeFrom(policy_map); | 132 bundle->Get(POLICY_DOMAIN_CHROME, "").MergeFrom(policy_map); |
| 74 } | 133 } |
| 75 | |
| 76 return bundle.Pass(); | |
| 77 } | 134 } |
| 78 | 135 |
| 79 base::Time ConfigDirPolicyProviderDelegate::GetLastModification() { | 136 void ConfigDirPolicyLoader::Merge3rdPartyPolicy( |
| 80 base::Time last_modification = base::Time(); | 137 const base::Value* policies, |
| 81 base::PlatformFileInfo file_info; | 138 PolicyLevel level, |
| 82 | 139 PolicyBundle* bundle) { |
| 83 // If the path does not exist or points to a directory, it's safe to load. | 140 // The first-level entries in |policies| are PolicyDomains. The second-level |
| 84 if (!file_util::GetFileInfo(config_file_path(), &file_info) || | |
| 85 !file_info.is_directory) { | |
| 86 return last_modification; | |
| 87 } | |
| 88 | |
| 89 // Enumerate the files and find the most recent modification timestamp. | |
| 90 file_util::FileEnumerator file_enumerator(config_file_path(), | |
| 91 false, | |
| 92 file_util::FileEnumerator::FILES); | |
| 93 for (FilePath config_file = file_enumerator.Next(); | |
| 94 !config_file.empty(); | |
| 95 config_file = file_enumerator.Next()) { | |
| 96 if (file_util::GetFileInfo(config_file, &file_info) && | |
| 97 !file_info.is_directory) { | |
| 98 last_modification = std::max(last_modification, file_info.last_modified); | |
| 99 } | |
| 100 } | |
| 101 | |
| 102 return last_modification; | |
| 103 } | |
| 104 | |
| 105 void ConfigDirPolicyProviderDelegate::Merge3rdPartyPolicy( | |
| 106 PolicyBundle* bundle, | |
| 107 const base::Value* value) { | |
| 108 // The first-level entries in |value| are PolicyDomains. The second-level | |
| 109 // entries are component IDs, and the third-level entries are the policies | 141 // entries are component IDs, and the third-level entries are the policies |
| 110 // for that domain/component namespace. | 142 // for that domain/component namespace. |
| 111 | 143 |
| 112 const base::DictionaryValue* domains_dictionary; | 144 const base::DictionaryValue* domains_dictionary; |
| 113 if (!value->GetAsDictionary(&domains_dictionary)) { | 145 if (!policies->GetAsDictionary(&domains_dictionary)) { |
| 114 LOG(WARNING) << "3rdparty value is not a dictionary!"; | 146 LOG(WARNING) << "3rdparty value is not a dictionary!"; |
| 115 return; | 147 return; |
| 116 } | 148 } |
| 117 | 149 |
| 118 // Helper to lookup a domain given its string name. | 150 // Helper to lookup a domain given its string name. |
| 119 std::map<std::string, PolicyDomain> supported_domains; | 151 std::map<std::string, PolicyDomain> supported_domains; |
| 120 supported_domains["extensions"] = POLICY_DOMAIN_EXTENSIONS; | 152 supported_domains["extensions"] = POLICY_DOMAIN_EXTENSIONS; |
| 121 | 153 |
| 122 for (base::DictionaryValue::Iterator domains_it(*domains_dictionary); | 154 for (base::DictionaryValue::Iterator domains_it(*domains_dictionary); |
| 123 domains_it.HasNext(); domains_it.Advance()) { | 155 domains_it.HasNext(); domains_it.Advance()) { |
| (...skipping 14 matching lines...) Expand all Loading... |
| 138 for (base::DictionaryValue::Iterator components_it(*components_dictionary); | 170 for (base::DictionaryValue::Iterator components_it(*components_dictionary); |
| 139 components_it.HasNext(); components_it.Advance()) { | 171 components_it.HasNext(); components_it.Advance()) { |
| 140 const base::DictionaryValue* policy_dictionary; | 172 const base::DictionaryValue* policy_dictionary; |
| 141 if (!components_it.value().GetAsDictionary(&policy_dictionary)) { | 173 if (!components_it.value().GetAsDictionary(&policy_dictionary)) { |
| 142 LOG(WARNING) << "3rdparty/" << domains_it.key() << "/" | 174 LOG(WARNING) << "3rdparty/" << domains_it.key() << "/" |
| 143 << components_it.key() << " value is not a dictionary!"; | 175 << components_it.key() << " value is not a dictionary!"; |
| 144 continue; | 176 continue; |
| 145 } | 177 } |
| 146 | 178 |
| 147 PolicyMap policy; | 179 PolicyMap policy; |
| 148 policy.LoadFrom(policy_dictionary, level_, scope_); | 180 policy.LoadFrom(policy_dictionary, level, scope_); |
| 149 bundle->Get(domain, components_it.key()).MergeFrom(policy); | 181 bundle->Get(domain, components_it.key()).MergeFrom(policy); |
| 150 } | 182 } |
| 151 } | 183 } |
| 152 } | 184 } |
| 153 | 185 |
| 154 ConfigDirPolicyProvider::ConfigDirPolicyProvider( | 186 void ConfigDirPolicyLoader::OnFileUpdated(const FilePath& path, bool error) { |
| 155 const PolicyDefinitionList* policy_list, | 187 if (!error) |
| 156 PolicyLevel level, | 188 Reload(false); |
| 157 PolicyScope scope, | 189 } |
| 158 const FilePath& config_dir) | |
| 159 : FileBasedPolicyProvider( | |
| 160 policy_list, | |
| 161 new ConfigDirPolicyProviderDelegate(config_dir, level, scope)) {} | |
| 162 | 190 |
| 163 } // namespace policy | 191 } // namespace policy |
| OLD | NEW |