| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_policy_cache.h" | 5 #include "chrome/browser/policy/device_policy_cache.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/callback.h" | 13 #include "base/callback.h" |
| 14 #include "base/compiler_specific.h" | 14 #include "base/compiler_specific.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/metrics/histogram.h" | 16 #include "base/metrics/histogram.h" |
| 17 #include "base/values.h" | 17 #include "base/values.h" |
| 18 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 19 #include "chrome/browser/chromeos/settings/ownership_service.h" |
| 20 #include "chrome/browser/chromeos/settings/signed_settings_helper.h" |
| 18 #include "chrome/browser/policy/app_pack_updater.h" | 21 #include "chrome/browser/policy/app_pack_updater.h" |
| 19 #include "chrome/browser/policy/cloud_policy_data_store.h" | 22 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 20 #include "chrome/browser/policy/enterprise_install_attributes.h" | 23 #include "chrome/browser/policy/enterprise_install_attributes.h" |
| 21 #include "chrome/browser/policy/enterprise_metrics.h" | 24 #include "chrome/browser/policy/enterprise_metrics.h" |
| 22 #include "chrome/browser/policy/policy_map.h" | 25 #include "chrome/browser/policy/policy_map.h" |
| 23 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | 26 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" |
| 24 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 27 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| 25 #include "chrome/browser/policy/proto/device_management_local.pb.h" | 28 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 26 #include "chrome/common/net/gaia/gaia_auth_util.h" | 29 #include "chrome/common/net/gaia/gaia_auth_util.h" |
| 27 #include "chromeos/dbus/dbus_thread_manager.h" | 30 #include "chromeos/dbus/dbus_thread_manager.h" |
| 28 #include "chromeos/dbus/update_engine_client.h" | 31 #include "chromeos/dbus/update_engine_client.h" |
| 29 #include "policy/policy_constants.h" | 32 #include "policy/policy_constants.h" |
| 30 #include "third_party/cros_system_api/dbus/service_constants.h" | 33 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 31 | 34 |
| 32 using google::protobuf::RepeatedField; | 35 using google::protobuf::RepeatedField; |
| 33 using google::protobuf::RepeatedPtrField; | 36 using google::protobuf::RepeatedPtrField; |
| 34 | 37 |
| 35 namespace em = enterprise_management; | 38 namespace em = enterprise_management; |
| 36 | 39 |
| 37 namespace { | 40 namespace { |
| 38 | 41 |
| 42 // Stores policy, updates the owner key if required and reports the status |
| 43 // through a callback. |
| 44 class StorePolicyOperation : public chromeos::OwnerManager::KeyUpdateDelegate { |
| 45 public: |
| 46 typedef base::Callback<void(chromeos::SignedSettings::ReturnCode)> Callback; |
| 47 |
| 48 StorePolicyOperation(chromeos::SignedSettingsHelper* signed_settings_helper, |
| 49 const em::PolicyFetchResponse& policy, |
| 50 const Callback& callback) |
| 51 : signed_settings_helper_(signed_settings_helper), |
| 52 policy_(policy), |
| 53 callback_(callback), |
| 54 weak_ptr_factory_(this) { |
| 55 signed_settings_helper_->StartStorePolicyOp( |
| 56 policy, |
| 57 base::Bind(&StorePolicyOperation::OnStorePolicyCompleted, |
| 58 weak_ptr_factory_.GetWeakPtr())); |
| 59 } |
| 60 virtual ~StorePolicyOperation() { |
| 61 } |
| 62 |
| 63 void OnStorePolicyCompleted(chromeos::SignedSettings::ReturnCode code) { |
| 64 if (code != chromeos::SignedSettings::SUCCESS) { |
| 65 callback_.Run(code); |
| 66 delete this; |
| 67 return; |
| 68 } |
| 69 |
| 70 if (policy_.has_new_public_key()) { |
| 71 // The session manager has successfully done a key rotation. Replace the |
| 72 // owner key also in chrome. |
| 73 const std::string& new_key = policy_.new_public_key(); |
| 74 const std::vector<uint8> new_key_data(new_key.c_str(), |
| 75 new_key.c_str() + new_key.size()); |
| 76 chromeos::OwnershipService::GetSharedInstance()->StartUpdateOwnerKey( |
| 77 new_key_data, this); |
| 78 return; |
| 79 } else { |
| 80 chromeos::CrosSettings::Get()->ReloadProviders(); |
| 81 callback_.Run(chromeos::SignedSettings::SUCCESS); |
| 82 delete this; |
| 83 return; |
| 84 } |
| 85 } |
| 86 |
| 87 // OwnerManager::KeyUpdateDelegate implementation: |
| 88 virtual void OnKeyUpdated() OVERRIDE { |
| 89 chromeos::CrosSettings::Get()->ReloadProviders(); |
| 90 callback_.Run(chromeos::SignedSettings::SUCCESS); |
| 91 delete this; |
| 92 } |
| 93 |
| 94 private: |
| 95 |
| 96 chromeos::SignedSettingsHelper* signed_settings_helper_; |
| 97 em::PolicyFetchResponse policy_; |
| 98 Callback callback_; |
| 99 |
| 100 base::WeakPtrFactory<StorePolicyOperation> weak_ptr_factory_; |
| 101 |
| 102 DISALLOW_COPY_AND_ASSIGN(StorePolicyOperation); |
| 103 }; |
| 104 |
| 39 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership | 105 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership |
| 40 // of the return Value*. Returns NULL in case the input value is out of bounds. | 106 // of the return Value*. Returns NULL in case the input value is out of bounds. |
| 41 Value* DecodeIntegerValue(google::protobuf::int64 value) { | 107 Value* DecodeIntegerValue(google::protobuf::int64 value) { |
| 42 if (value < std::numeric_limits<int>::min() || | 108 if (value < std::numeric_limits<int>::min() || |
| 43 value > std::numeric_limits<int>::max()) { | 109 value > std::numeric_limits<int>::max()) { |
| 44 LOG(WARNING) << "Integer value " << value | 110 LOG(WARNING) << "Integer value " << value |
| 45 << " out of numeric limits, ignoring."; | 111 << " out of numeric limits, ignoring."; |
| 46 return NULL; | 112 return NULL; |
| 47 } | 113 } |
| 48 | 114 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 66 | 132 |
| 67 } // namespace | 133 } // namespace |
| 68 | 134 |
| 69 namespace policy { | 135 namespace policy { |
| 70 | 136 |
| 71 DevicePolicyCache::DevicePolicyCache( | 137 DevicePolicyCache::DevicePolicyCache( |
| 72 CloudPolicyDataStore* data_store, | 138 CloudPolicyDataStore* data_store, |
| 73 EnterpriseInstallAttributes* install_attributes) | 139 EnterpriseInstallAttributes* install_attributes) |
| 74 : data_store_(data_store), | 140 : data_store_(data_store), |
| 75 install_attributes_(install_attributes), | 141 install_attributes_(install_attributes), |
| 76 device_settings_service_(chromeos::DeviceSettingsService::Get()), | 142 signed_settings_helper_(chromeos::SignedSettingsHelper::Get()), |
| 77 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), | 143 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), |
| 78 policy_fetch_pending_(false) { | 144 policy_fetch_pending_(false) { |
| 79 device_settings_service_->AddObserver(this); | |
| 80 } | 145 } |
| 81 | 146 |
| 82 DevicePolicyCache::DevicePolicyCache( | 147 DevicePolicyCache::DevicePolicyCache( |
| 83 CloudPolicyDataStore* data_store, | 148 CloudPolicyDataStore* data_store, |
| 84 EnterpriseInstallAttributes* install_attributes, | 149 EnterpriseInstallAttributes* install_attributes, |
| 85 chromeos::DeviceSettingsService* device_settings_service) | 150 chromeos::SignedSettingsHelper* signed_settings_helper) |
| 86 : data_store_(data_store), | 151 : data_store_(data_store), |
| 87 install_attributes_(install_attributes), | 152 install_attributes_(install_attributes), |
| 88 device_settings_service_(device_settings_service), | 153 signed_settings_helper_(signed_settings_helper), |
| 89 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), | 154 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), |
| 90 policy_fetch_pending_(false) { | 155 policy_fetch_pending_(false) { |
| 91 device_settings_service_->AddObserver(this); | |
| 92 } | 156 } |
| 93 | 157 |
| 94 DevicePolicyCache::~DevicePolicyCache() { | 158 DevicePolicyCache::~DevicePolicyCache() { |
| 95 device_settings_service_->RemoveObserver(this); | |
| 96 } | 159 } |
| 97 | 160 |
| 98 void DevicePolicyCache::Load() { | 161 void DevicePolicyCache::Load() { |
| 99 DeviceSettingsUpdated(); | 162 signed_settings_helper_->StartRetrievePolicyOp( |
| 163 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, |
| 164 weak_ptr_factory_.GetWeakPtr())); |
| 100 } | 165 } |
| 101 | 166 |
| 102 bool DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { | 167 bool DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { |
| 103 DCHECK(IsReady()); | 168 DCHECK(IsReady()); |
| 104 | 169 |
| 105 // Make sure we have an enterprise device. | 170 // Make sure we have an enterprise device. |
| 106 std::string registration_domain(install_attributes_->GetDomain()); | 171 std::string registration_domain(install_attributes_->GetDomain()); |
| 107 if (registration_domain.empty()) { | 172 if (registration_domain.empty()) { |
| 108 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; | 173 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; |
| 109 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, | 174 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, |
| (...skipping 23 matching lines...) Expand all Loading... |
| 133 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchUserMismatch, | 198 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchUserMismatch, |
| 134 kMetricPolicySize); | 199 kMetricPolicySize); |
| 135 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 200 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 136 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 201 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 137 return false; | 202 return false; |
| 138 } | 203 } |
| 139 | 204 |
| 140 set_last_policy_refresh_time(base::Time::NowFromSystemTime()); | 205 set_last_policy_refresh_time(base::Time::NowFromSystemTime()); |
| 141 | 206 |
| 142 // Start a store operation. | 207 // Start a store operation. |
| 208 StorePolicyOperation::Callback callback = |
| 209 base::Bind(&DevicePolicyCache::PolicyStoreOpCompleted, |
| 210 weak_ptr_factory_.GetWeakPtr()); |
| 211 new StorePolicyOperation(signed_settings_helper_, policy, callback); |
| 143 policy_fetch_pending_ = true; | 212 policy_fetch_pending_ = true; |
| 144 device_settings_service_->Store( | |
| 145 policy.SerializeAsString(), | |
| 146 base::Bind(&DevicePolicyCache::PolicyStoreOpCompleted, | |
| 147 weak_ptr_factory_.GetWeakPtr())); | |
| 148 return true; | 213 return true; |
| 149 } | 214 } |
| 150 | 215 |
| 151 void DevicePolicyCache::SetUnmanaged() { | 216 void DevicePolicyCache::SetUnmanaged() { |
| 152 LOG(WARNING) << "Tried to set DevicePolicyCache to 'unmanaged'!"; | 217 LOG(WARNING) << "Tried to set DevicePolicyCache to 'unmanaged'!"; |
| 153 // This is not supported for DevicePolicyCache. | 218 // This is not supported for DevicePolicyCache. |
| 154 } | 219 } |
| 155 | 220 |
| 156 void DevicePolicyCache::SetFetchingDone() { | 221 void DevicePolicyCache::SetFetchingDone() { |
| 157 // Don't send the notification just yet if there is a pending policy | 222 // Don't send the notification just yet if there is a pending policy |
| 158 // store/reload cycle. | 223 // store/reload cycle. |
| 159 if (!policy_fetch_pending_) | 224 if (!policy_fetch_pending_) |
| 160 CloudPolicyCacheBase::SetFetchingDone(); | 225 CloudPolicyCacheBase::SetFetchingDone(); |
| 161 } | 226 } |
| 162 | 227 |
| 163 void DevicePolicyCache::OwnershipStatusChanged() {} | 228 void DevicePolicyCache::OnRetrievePolicyCompleted( |
| 164 | 229 chromeos::SignedSettings::ReturnCode code, |
| 165 void DevicePolicyCache::DeviceSettingsUpdated() { | 230 const em::PolicyFetchResponse& policy) { |
| 166 DCHECK(CalledOnValidThread()); | 231 DCHECK(CalledOnValidThread()); |
| 167 chromeos::DeviceSettingsService::Status status = | |
| 168 device_settings_service_->status(); | |
| 169 const em::PolicyData* policy_data = device_settings_service_->policy_data(); | |
| 170 if (status == chromeos::DeviceSettingsService::STORE_SUCCESS && | |
| 171 !policy_data) { | |
| 172 // Initial policy load is still pending. | |
| 173 return; | |
| 174 } | |
| 175 | |
| 176 if (!IsReady()) { | 232 if (!IsReady()) { |
| 177 std::string device_token; | 233 std::string device_token; |
| 178 InstallInitialPolicy(status, policy_data, &device_token); | 234 InstallInitialPolicy(code, policy, &device_token); |
| 179 SetTokenAndFlagReady(device_token); | 235 SetTokenAndFlagReady(device_token); |
| 180 } else { // In other words, IsReady() == true | 236 } else { // In other words, IsReady() == true |
| 181 if (status != chromeos::DeviceSettingsService::STORE_SUCCESS || | 237 if (code != chromeos::SignedSettings::SUCCESS) { |
| 182 !policy_data) { | 238 if (code == chromeos::SignedSettings::BAD_SIGNATURE) { |
| 183 if (status == chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR) { | |
| 184 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, | 239 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, |
| 185 kMetricPolicySize); | 240 kMetricPolicySize); |
| 186 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 241 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 187 CloudPolicySubsystem::SIGNATURE_MISMATCH); | 242 CloudPolicySubsystem::SIGNATURE_MISMATCH); |
| 188 } else { | 243 } else { |
| 189 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, | 244 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, |
| 190 kMetricPolicySize); | 245 kMetricPolicySize); |
| 191 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 246 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 192 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 247 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 193 } | 248 } |
| 194 } else { | 249 } else { |
| 195 em::PolicyFetchResponse policy_response; | 250 bool ok = SetPolicyInternal(policy, NULL, false); |
| 196 CHECK(policy_data->SerializeToString( | |
| 197 policy_response.mutable_policy_data())); | |
| 198 bool ok = SetPolicyInternal(policy_response, NULL, false); | |
| 199 if (ok) { | 251 if (ok) { |
| 200 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOK, | 252 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOK, |
| 201 kMetricPolicySize); | 253 kMetricPolicySize); |
| 202 } | 254 } |
| 203 } | 255 } |
| 204 } | 256 } |
| 257 CheckFetchingDone(); |
| 205 } | 258 } |
| 206 | 259 |
| 207 bool DevicePolicyCache::DecodePolicyData(const em::PolicyData& policy_data, | 260 bool DevicePolicyCache::DecodePolicyData(const em::PolicyData& policy_data, |
| 208 PolicyMap* policies) { | 261 PolicyMap* policies) { |
| 209 em::ChromeDeviceSettingsProto policy; | 262 em::ChromeDeviceSettingsProto policy; |
| 210 if (!policy.ParseFromString(policy_data.policy_value())) { | 263 if (!policy.ParseFromString(policy_data.policy_value())) { |
| 211 LOG(WARNING) << "Failed to parse ChromeDeviceSettingsProto."; | 264 LOG(WARNING) << "Failed to parse ChromeDeviceSettingsProto."; |
| 212 return false; | 265 return false; |
| 213 } | 266 } |
| 214 DecodeDevicePolicy(policy, policies); | 267 DecodeDevicePolicy(policy, policies); |
| 215 return true; | 268 return true; |
| 216 } | 269 } |
| 217 | 270 |
| 218 void DevicePolicyCache::PolicyStoreOpCompleted() { | 271 void DevicePolicyCache::PolicyStoreOpCompleted( |
| 272 chromeos::SignedSettings::ReturnCode code) { |
| 219 DCHECK(CalledOnValidThread()); | 273 DCHECK(CalledOnValidThread()); |
| 220 chromeos::DeviceSettingsService::Status status = | 274 if (code != chromeos::SignedSettings::SUCCESS) { |
| 221 device_settings_service_->status(); | |
| 222 if (status != chromeos::DeviceSettingsService::STORE_SUCCESS) { | |
| 223 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreFailed, | 275 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreFailed, |
| 224 kMetricPolicySize); | 276 kMetricPolicySize); |
| 225 if (status == chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR) { | 277 if (code == chromeos::SignedSettings::BAD_SIGNATURE) { |
| 226 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, | 278 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, |
| 227 kMetricPolicySize); | 279 kMetricPolicySize); |
| 228 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 280 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 229 CloudPolicySubsystem::SIGNATURE_MISMATCH); | 281 CloudPolicySubsystem::SIGNATURE_MISMATCH); |
| 230 } else { | 282 } else { |
| 231 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, | 283 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, |
| 232 kMetricPolicySize); | 284 kMetricPolicySize); |
| 233 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 285 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 234 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 286 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 235 } | 287 } |
| 236 CheckFetchingDone(); | 288 CheckFetchingDone(); |
| 237 return; | 289 return; |
| 238 } | 290 } |
| 239 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, | 291 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, |
| 240 kMetricPolicySize); | 292 kMetricPolicySize); |
| 241 | 293 signed_settings_helper_->StartRetrievePolicyOp( |
| 242 CheckFetchingDone(); | 294 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, |
| 295 weak_ptr_factory_.GetWeakPtr())); |
| 243 } | 296 } |
| 244 | 297 |
| 245 void DevicePolicyCache::InstallInitialPolicy( | 298 void DevicePolicyCache::InstallInitialPolicy( |
| 246 chromeos::DeviceSettingsService::Status status, | 299 chromeos::SignedSettings::ReturnCode code, |
| 247 const em::PolicyData* policy_data, | 300 const em::PolicyFetchResponse& policy, |
| 248 std::string* device_token) { | 301 std::string* device_token) { |
| 249 if (status == chromeos::DeviceSettingsService::STORE_NO_POLICY || | 302 if (code == chromeos::SignedSettings::NOT_FOUND || |
| 250 status == chromeos::DeviceSettingsService::STORE_KEY_UNAVAILABLE) { | 303 code == chromeos::SignedSettings::KEY_UNAVAILABLE || |
| 304 !policy.has_policy_data()) { |
| 251 InformNotifier(CloudPolicySubsystem::UNENROLLED, | 305 InformNotifier(CloudPolicySubsystem::UNENROLLED, |
| 252 CloudPolicySubsystem::NO_DETAILS); | 306 CloudPolicySubsystem::NO_DETAILS); |
| 253 return; | 307 return; |
| 254 } | 308 } |
| 255 if (!policy_data) { | 309 em::PolicyData policy_data; |
| 310 if (!policy_data.ParseFromString(policy.policy_data())) { |
| 256 LOG(WARNING) << "Failed to parse PolicyData protobuf."; | 311 LOG(WARNING) << "Failed to parse PolicyData protobuf."; |
| 257 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, | 312 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, |
| 258 kMetricPolicySize); | 313 kMetricPolicySize); |
| 259 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 314 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 260 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 315 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 261 return; | 316 return; |
| 262 } | 317 } |
| 263 if (!policy_data->has_request_token() || | 318 if (!policy_data.has_request_token() || |
| 264 policy_data->request_token().empty()) { | 319 policy_data.request_token().empty()) { |
| 265 SetUnmanagedInternal(base::Time::NowFromSystemTime()); | 320 SetUnmanagedInternal(base::Time::NowFromSystemTime()); |
| 266 InformNotifier(CloudPolicySubsystem::UNMANAGED, | 321 InformNotifier(CloudPolicySubsystem::UNMANAGED, |
| 267 CloudPolicySubsystem::NO_DETAILS); | 322 CloudPolicySubsystem::NO_DETAILS); |
| 268 // TODO(jkummerow): Reminder: When we want to feed device-wide settings | 323 // TODO(jkummerow): Reminder: When we want to feed device-wide settings |
| 269 // made by a local owner into this cache, we need to call | 324 // made by a local owner into this cache, we need to call |
| 270 // SetPolicyInternal() here. | 325 // SetPolicyInternal() here. |
| 271 return; | 326 return; |
| 272 } | 327 } |
| 273 if (!policy_data->has_username() || !policy_data->has_device_id()) { | 328 if (!policy_data.has_username() || !policy_data.has_device_id()) { |
| 274 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, | 329 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, |
| 275 kMetricPolicySize); | 330 kMetricPolicySize); |
| 276 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 331 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 277 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 332 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 278 return; | 333 return; |
| 279 } | 334 } |
| 280 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadSucceeded, | 335 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadSucceeded, |
| 281 kMetricPolicySize); | 336 kMetricPolicySize); |
| 282 data_store_->set_user_name(policy_data->username()); | 337 data_store_->set_user_name(policy_data.username()); |
| 283 data_store_->set_device_id(policy_data->device_id()); | 338 data_store_->set_device_id(policy_data.device_id()); |
| 284 *device_token = policy_data->request_token(); | 339 *device_token = policy_data.request_token(); |
| 285 base::Time timestamp; | 340 base::Time timestamp; |
| 286 em::PolicyFetchResponse policy_response; | 341 if (SetPolicyInternal(policy, ×tamp, true)) |
| 287 CHECK(policy_data->SerializeToString(policy_response.mutable_policy_data())); | |
| 288 if (SetPolicyInternal(policy_response, ×tamp, true)) | |
| 289 set_last_policy_refresh_time(timestamp); | 342 set_last_policy_refresh_time(timestamp); |
| 290 } | 343 } |
| 291 | 344 |
| 292 void DevicePolicyCache::SetTokenAndFlagReady(const std::string& device_token) { | 345 void DevicePolicyCache::SetTokenAndFlagReady(const std::string& device_token) { |
| 346 // Make sure that we only start device policy fetches once device settings are |
| 347 // available in order to ensure the first device policy fetch uploads the |
| 348 // configured reporting bits. |
| 349 if (chromeos::CrosSettingsProvider::TEMPORARILY_UNTRUSTED == |
| 350 chromeos::CrosSettings::Get()->PrepareTrustedValues( |
| 351 base::Bind(&DevicePolicyCache::SetTokenAndFlagReady, |
| 352 weak_ptr_factory_.GetWeakPtr(), |
| 353 device_token))) { |
| 354 return; |
| 355 } |
| 356 |
| 293 // We need to call SetDeviceToken unconditionally to indicate the cache has | 357 // We need to call SetDeviceToken unconditionally to indicate the cache has |
| 294 // finished loading. | 358 // finished loading. |
| 295 data_store_->SetDeviceToken(device_token, true); | 359 data_store_->SetDeviceToken(device_token, true); |
| 296 SetReady(); | 360 SetReady(); |
| 297 } | 361 } |
| 298 | 362 |
| 299 void DevicePolicyCache::CheckFetchingDone() { | 363 void DevicePolicyCache::CheckFetchingDone() { |
| 300 if (policy_fetch_pending_) { | 364 if (policy_fetch_pending_) { |
| 301 CloudPolicyCacheBase::SetFetchingDone(); | 365 CloudPolicyCacheBase::SetFetchingDone(); |
| 302 policy_fetch_pending_ = false; | 366 policy_fetch_pending_ = false; |
| (...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 664 policies->Set(key::kSystemTimezone, | 728 policies->Set(key::kSystemTimezone, |
| 665 POLICY_LEVEL_MANDATORY, | 729 POLICY_LEVEL_MANDATORY, |
| 666 POLICY_SCOPE_MACHINE, | 730 POLICY_SCOPE_MACHINE, |
| 667 Value::CreateStringValue( | 731 Value::CreateStringValue( |
| 668 policy.system_timezone().timezone())); | 732 policy.system_timezone().timezone())); |
| 669 } | 733 } |
| 670 } | 734 } |
| 671 } | 735 } |
| 672 | 736 |
| 673 } // namespace policy | 737 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10918027:
Revert 154457 - Switch from SignedSettings to DeviceSettingsService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/