Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(46)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/policy/browser_policy_connector.cc

Issue 11946017: Remove old cloud policy code. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Address nits. Created 7 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/policy/browser_policy_connector.h ('k') | chrome/browser/policy/cloud_policy_browsertest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/policy/browser_policy_connector.h" 5 #include "chrome/browser/policy/browser_policy_connector.h"
6 6
7 #include "base/bind.h" 7 #include "base/bind.h"
8 #include "base/bind_helpers.h" 8 #include "base/bind_helpers.h"
9 #include "base/command_line.h" 9 #include "base/command_line.h"
10 #include "base/file_path.h" 10 #include "base/file_path.h"
11 #include "base/message_loop.h" 11 #include "base/message_loop.h"
12 #include "base/path_service.h" 12 #include "base/path_service.h"
13 #include "base/string_util.h" 13 #include "base/string_util.h"
14 #include "base/utf_string_conversions.h" 14 #include "base/utf_string_conversions.h"
15 #include "chrome/browser/browser_process.h" 15 #include "chrome/browser/browser_process.h"
16 #include "chrome/browser/policy/async_policy_provider.h" 16 #include "chrome/browser/policy/async_policy_provider.h"
17 #include "chrome/browser/policy/cloud_policy_client.h" 17 #include "chrome/browser/policy/cloud_policy_client.h"
18 #include "chrome/browser/policy/cloud_policy_provider.h"
19 #include "chrome/browser/policy/cloud_policy_service.h" 18 #include "chrome/browser/policy/cloud_policy_service.h"
20 #include "chrome/browser/policy/cloud_policy_subsystem.h"
21 #include "chrome/browser/policy/configuration_policy_provider.h" 19 #include "chrome/browser/policy/configuration_policy_provider.h"
22 #include "chrome/browser/policy/device_management_service.h" 20 #include "chrome/browser/policy/device_management_service.h"
23 #include "chrome/browser/policy/managed_mode_policy_provider.h" 21 #include "chrome/browser/policy/managed_mode_policy_provider.h"
24 #include "chrome/browser/policy/policy_service_impl.h" 22 #include "chrome/browser/policy/policy_service_impl.h"
25 #include "chrome/browser/policy/policy_statistics_collector.h" 23 #include "chrome/browser/policy/policy_statistics_collector.h"
26 #include "chrome/browser/policy/user_policy_cache.h"
27 #include "chrome/browser/policy/user_policy_token_cache.h"
28 #include "chrome/browser/prefs/pref_service.h" 24 #include "chrome/browser/prefs/pref_service.h"
25 #include "chrome/browser/prefs/pref_service_simple.h"
29 #include "chrome/browser/profiles/profile.h" 26 #include "chrome/browser/profiles/profile.h"
30 #include "chrome/browser/signin/token_service.h"
31 #include "chrome/common/chrome_notification_types.h"
32 #include "chrome/common/chrome_paths.h" 27 #include "chrome/common/chrome_paths.h"
33 #include "chrome/common/chrome_switches.h" 28 #include "chrome/common/chrome_switches.h"
34 #include "chrome/common/pref_names.h" 29 #include "chrome/common/pref_names.h"
35 #include "content/public/browser/notification_details.h"
36 #include "content/public/browser/notification_source.h"
37 #include "google_apis/gaia/gaia_auth_util.h" 30 #include "google_apis/gaia/gaia_auth_util.h"
38 #include "google_apis/gaia/gaia_constants.h" 31 #include "google_apis/gaia/gaia_constants.h"
39 #include "grit/generated_resources.h" 32 #include "grit/generated_resources.h"
40 #include "policy/policy_constants.h" 33 #include "policy/policy_constants.h"
41 #include "third_party/icu/public/i18n/unicode/regex.h" 34 #include "third_party/icu/public/i18n/unicode/regex.h"
42 35
43 #if defined(OS_WIN) 36 #if defined(OS_WIN)
44 #include "chrome/browser/policy/policy_loader_win.h" 37 #include "chrome/browser/policy/policy_loader_win.h"
45 #elif defined(OS_MACOSX) 38 #elif defined(OS_MACOSX)
46 #include "chrome/browser/policy/policy_loader_mac.h" 39 #include "chrome/browser/policy/policy_loader_mac.h"
47 #include "chrome/browser/policy/preferences_mac.h" 40 #include "chrome/browser/policy/preferences_mac.h"
48 #elif defined(OS_POSIX) 41 #elif defined(OS_POSIX)
49 #include "chrome/browser/policy/config_dir_policy_loader.h" 42 #include "chrome/browser/policy/config_dir_policy_loader.h"
50 #endif 43 #endif
51 44
52 #if defined(OS_CHROMEOS) 45 #if defined(OS_CHROMEOS)
53 #include "base/utf_string_conversions.h" 46 #include "base/utf_string_conversions.h"
54 #include "chrome/browser/chromeos/cros/cros_library.h" 47 #include "chrome/browser/chromeos/cros/cros_library.h"
55 #include "chrome/browser/chromeos/login/user_manager.h" 48 #include "chrome/browser/chromeos/login/user_manager.h"
56 #include "chrome/browser/chromeos/settings/cros_settings.h" 49 #include "chrome/browser/chromeos/settings/cros_settings.h"
57 #include "chrome/browser/chromeos/settings/cros_settings_provider.h" 50 #include "chrome/browser/chromeos/settings/cros_settings_provider.h"
58 #include "chrome/browser/chromeos/settings/device_settings_service.h" 51 #include "chrome/browser/chromeos/settings/device_settings_service.h"
59 #include "chrome/browser/chromeos/system/statistics_provider.h" 52 #include "chrome/browser/chromeos/system/statistics_provider.h"
60 #include "chrome/browser/chromeos/system/timezone_settings.h" 53 #include "chrome/browser/chromeos/system/timezone_settings.h"
61 #include "chrome/browser/policy/app_pack_updater.h" 54 #include "chrome/browser/policy/app_pack_updater.h"
62 #include "chrome/browser/policy/cros_user_policy_cache.h"
63 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" 55 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h"
64 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" 56 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h"
65 #include "chrome/browser/policy/device_local_account_policy_provider.h" 57 #include "chrome/browser/policy/device_local_account_policy_provider.h"
66 #include "chrome/browser/policy/device_local_account_policy_service.h" 58 #include "chrome/browser/policy/device_local_account_policy_service.h"
67 #include "chrome/browser/policy/device_policy_cache.h" 59 #include "chrome/browser/policy/device_status_collector.h"
60 #include "chrome/browser/policy/enterprise_install_attributes.h"
68 #include "chrome/browser/policy/network_configuration_updater.h" 61 #include "chrome/browser/policy/network_configuration_updater.h"
69 #include "chrome/browser/policy/user_cloud_policy_manager_chromeos.h" 62 #include "chrome/browser/policy/user_cloud_policy_manager_chromeos.h"
70 #include "chrome/browser/policy/user_cloud_policy_store_chromeos.h" 63 #include "chrome/browser/policy/user_cloud_policy_store_chromeos.h"
71 #include "chromeos/dbus/dbus_thread_manager.h" 64 #include "chromeos/dbus/dbus_thread_manager.h"
72 #else 65 #else
73 #include "chrome/browser/policy/user_cloud_policy_manager.h" 66 #include "chrome/browser/policy/user_cloud_policy_manager.h"
74 #include "chrome/browser/policy/user_cloud_policy_manager_factory.h" 67 #include "chrome/browser/policy/user_cloud_policy_manager_factory.h"
75 #endif 68 #endif
76 69
77 using content::BrowserThread;
78
79 namespace policy { 70 namespace policy {
80 71
81 namespace { 72 namespace {
82 73
83 // Subdirectory in the user's profile for storing user policies. 74 // Subdirectory in the user's profile for storing user policies.
84 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management"); 75 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management");
85 // File in the above directory for stroing user policy dmtokens. 76 // File in the above directory for stroing user policy dmtokens.
86 const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token"); 77 const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token");
87 // File in the above directory for storing user policy data. 78 // File in the above directory for storing user policy data.
88 const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy"); 79 const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy");
89 80
90 // The following constants define delays applied before the initial policy fetch 81 // The following constants define delays applied before the initial policy fetch
91 // on startup. (So that displaying Chrome's GUI does not get delayed.) 82 // on startup. (So that displaying Chrome's GUI does not get delayed.)
92 // Delay in milliseconds from startup. 83 // Delay in milliseconds from startup.
93 const int64 kServiceInitializationStartupDelay = 5000; 84 const int64 kServiceInitializationStartupDelay = 5000;
94 85
86 // Default policy refresh rate.
87 const int64 kDefaultPolicyRefreshRateMs = 3 * 60 * 60 * 1000; // 3 hours.
88
95 // The URL for the device management server. 89 // The URL for the device management server.
96 const char kDefaultDeviceManagementServerUrl[] = 90 const char kDefaultDeviceManagementServerUrl[] =
97 "https://m.google.com/devicemanagement/data/api"; 91 "https://m.google.com/devicemanagement/data/api";
98 92
99 // Used in BrowserPolicyConnector::SetPolicyProviderForTesting. 93 // Used in BrowserPolicyConnector::SetPolicyProviderForTesting.
100 ConfigurationPolicyProvider* g_testing_provider = NULL; 94 ConfigurationPolicyProvider* g_testing_provider = NULL;
101 95
102 } // namespace 96 } // namespace
103 97
104 BrowserPolicyConnector::BrowserPolicyConnector() 98 BrowserPolicyConnector::BrowserPolicyConnector()
(...skipping 19 matching lines...) Expand all
124 new DeviceManagementService(GetDeviceManagementUrl())); 118 new DeviceManagementService(GetDeviceManagementUrl()));
125 } 119 }
126 120
127 #if defined(OS_CHROMEOS) 121 #if defined(OS_CHROMEOS)
128 chromeos::CryptohomeLibrary* cryptohome = 122 chromeos::CryptohomeLibrary* cryptohome =
129 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary(); 123 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary();
130 install_attributes_.reset(new EnterpriseInstallAttributes(cryptohome)); 124 install_attributes_.reset(new EnterpriseInstallAttributes(cryptohome));
131 install_attributes_->ReadCacheFile( 125 install_attributes_->ReadCacheFile(
132 FilePath(policy::EnterpriseInstallAttributes::kCacheFilePath)); 126 FilePath(policy::EnterpriseInstallAttributes::kCacheFilePath));
133 127
128 scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store(
129 new DeviceCloudPolicyStoreChromeOS(
130 chromeos::DeviceSettingsService::Get(),
131 install_attributes_.get()));
132 device_cloud_policy_manager_.reset(
133 new DeviceCloudPolicyManagerChromeOS(
134 device_cloud_policy_store.Pass(),
135 install_attributes_.get()));
136
134 CommandLine* command_line = CommandLine::ForCurrentProcess(); 137 CommandLine* command_line = CommandLine::ForCurrentProcess();
135 if (!command_line->HasSwitch(switches::kDisableCloudPolicyService)) { 138 if (!command_line->HasSwitch(switches::kDisableLocalAccounts)) {
136 scoped_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store( 139 device_local_account_policy_service_.reset(
137 new DeviceCloudPolicyStoreChromeOS( 140 new DeviceLocalAccountPolicyService(
138 chromeos::DeviceSettingsService::Get(), 141 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),
139 install_attributes_.get())); 142 chromeos::DeviceSettingsService::Get()));
140 device_cloud_policy_manager_.reset(
141 new DeviceCloudPolicyManagerChromeOS(
142 device_cloud_policy_store.Pass(),
143 install_attributes_.get()));
144 if (!command_line->HasSwitch(switches::kDisableLocalAccounts)) {
145 device_local_account_policy_service_.reset(
146 new DeviceLocalAccountPolicyService(
147 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),
148 chromeos::DeviceSettingsService::Get()));
149 }
150 } else {
151 cloud_provider_.reset(new CloudPolicyProvider(this));
152 } 143 }
153
154 InitializeDevicePolicy();
155 #endif 144 #endif
156 145
157 // Complete the initialization once the message loops are spinning. 146 // Complete the initialization once the message loops are spinning.
158 MessageLoop::current()->PostTask( 147 MessageLoop::current()->PostTask(
159 FROM_HERE, 148 FROM_HERE,
160 base::Bind(&BrowserPolicyConnector::CompleteInitialization, 149 base::Bind(&BrowserPolicyConnector::CompleteInitialization,
161 weak_ptr_factory_.GetWeakPtr())); 150 weak_ptr_factory_.GetWeakPtr()));
162 151
163 is_initialized_ = true; 152 is_initialized_ = true;
164 } 153 }
165 154
166 void BrowserPolicyConnector::Shutdown() { 155 void BrowserPolicyConnector::Shutdown() {
167 is_initialized_ = false; 156 is_initialized_ = false;
168 157
169 if (g_testing_provider) 158 if (g_testing_provider)
170 g_testing_provider->Shutdown(); 159 g_testing_provider->Shutdown();
171 // Drop g_testing_provider so that tests executed with --single_process can 160 // Drop g_testing_provider so that tests executed with --single_process can
172 // call SetPolicyProviderForTesting() again. It is still owned by the test. 161 // call SetPolicyProviderForTesting() again. It is still owned by the test.
173 g_testing_provider = NULL; 162 g_testing_provider = NULL;
174 if (platform_provider_) 163 if (platform_provider_)
175 platform_provider_->Shutdown(); 164 platform_provider_->Shutdown();
176 // The |cloud_provider_| must be shut down before destroying the cloud
177 // policy subsystems, which own the caches that |cloud_provider_| uses.
178 if (cloud_provider_)
179 cloud_provider_->Shutdown();
180 165
181 #if defined(OS_CHROMEOS) 166 #if defined(OS_CHROMEOS)
182 // Shutdown device cloud policy.
183 if (device_cloud_policy_subsystem_)
184 device_cloud_policy_subsystem_->Shutdown();
185 // The AppPackUpdater may be observing the |device_cloud_policy_subsystem_|. 167 // The AppPackUpdater may be observing the |device_cloud_policy_subsystem_|.
186 // Delete it first. 168 // Delete it first.
187 app_pack_updater_.reset(); 169 app_pack_updater_.reset();
188 device_cloud_policy_subsystem_.reset();
189 device_data_store_.reset();
190 170
191 if (device_cloud_policy_manager_) 171 if (device_cloud_policy_manager_)
192 device_cloud_policy_manager_->Shutdown(); 172 device_cloud_policy_manager_->Shutdown();
193 if (device_local_account_policy_provider_) 173 if (device_local_account_policy_provider_)
194 device_local_account_policy_provider_->Shutdown(); 174 device_local_account_policy_provider_->Shutdown();
195 if (device_local_account_policy_service_) 175 if (device_local_account_policy_service_)
196 device_local_account_policy_service_->Disconnect(); 176 device_local_account_policy_service_->Disconnect();
197 if (user_cloud_policy_manager_) 177 if (user_cloud_policy_manager_)
198 user_cloud_policy_manager_->Shutdown(); 178 user_cloud_policy_manager_->Shutdown();
199 global_user_cloud_policy_provider_.Shutdown(); 179 global_user_cloud_policy_provider_.Shutdown();
200 #endif 180 #endif
201 181
202 // Shutdown user cloud policy.
203 if (user_cloud_policy_subsystem_)
204 user_cloud_policy_subsystem_->Shutdown();
205 user_cloud_policy_subsystem_.reset();
206 user_policy_token_cache_.reset();
207 user_data_store_.reset();
208
209 device_management_service_.reset(); 182 device_management_service_.reset();
210 } 183 }
211 184
212 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService( 185 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService(
213 Profile* profile) { 186 Profile* profile) {
214 DCHECK(profile); 187 DCHECK(profile);
215 ConfigurationPolicyProvider* user_cloud_policy_provider = NULL; 188 ConfigurationPolicyProvider* user_cloud_policy_provider = NULL;
216 #if defined(OS_CHROMEOS) 189 #if defined(OS_CHROMEOS)
217 user_cloud_policy_provider = user_cloud_policy_manager_.get(); 190 user_cloud_policy_provider = user_cloud_policy_manager_.get();
218 #else 191 #else
219 user_cloud_policy_provider = 192 user_cloud_policy_provider =
220 UserCloudPolicyManagerFactory::GetForProfile(profile); 193 UserCloudPolicyManagerFactory::GetForProfile(profile);
221 #endif 194 #endif
222 return CreatePolicyServiceWithProviders( 195 return CreatePolicyServiceWithProviders(
223 user_cloud_policy_provider, 196 user_cloud_policy_provider,
224 profile->GetManagedModePolicyProvider()); 197 profile->GetManagedModePolicyProvider());
225 } 198 }
226 199
227 PolicyService* BrowserPolicyConnector::GetPolicyService() { 200 PolicyService* BrowserPolicyConnector::GetPolicyService() {
228 if (!policy_service_) 201 if (!policy_service_)
229 policy_service_ = CreatePolicyServiceWithProviders(NULL, NULL); 202 policy_service_ = CreatePolicyServiceWithProviders(NULL, NULL);
230 return policy_service_.get(); 203 return policy_service_.get();
231 } 204 }
232 205
233 void BrowserPolicyConnector::RegisterForDevicePolicy(
234 const std::string& owner_email,
235 const std::string& token,
236 bool known_machine_id,
237 bool reregister) {
238 #if defined(OS_CHROMEOS) 206 #if defined(OS_CHROMEOS)
239 if (device_data_store_.get()) {
240 if (!device_data_store_->device_token().empty()) {
241 LOG(ERROR) << "Device policy data store already has a DMToken; "
242 << "RegisterForDevicePolicy won't trigger a new registration.";
243 }
244
245 device_data_store_->set_user_name(owner_email);
246 device_data_store_->set_known_machine_id(known_machine_id);
247 if (reregister) {
248 device_data_store_->set_device_id(install_attributes_->GetDeviceId());
249 device_data_store_->set_reregister(true);
250 }
251 device_data_store_->set_policy_fetching_enabled(false);
252 device_data_store_->SetOAuthToken(token);
253 }
254 #endif
255 }
256
257 bool BrowserPolicyConnector::IsEnterpriseManaged() { 207 bool BrowserPolicyConnector::IsEnterpriseManaged() {
258 #if defined(OS_CHROMEOS)
259 return install_attributes_.get() && install_attributes_->IsEnterpriseDevice(); 208 return install_attributes_.get() && install_attributes_->IsEnterpriseDevice();
260 #else
261 return false;
262 #endif
263 }
264
265 EnterpriseInstallAttributes::LockResult
266 BrowserPolicyConnector::LockDevice(const std::string& user) {
267 #if defined(OS_CHROMEOS)
268 if (install_attributes_.get()) {
269 return install_attributes_->LockDevice(user,
270 device_data_store_->device_mode(),
271 device_data_store_->device_id());
272 }
273 #endif
274
275 return EnterpriseInstallAttributes::LOCK_BACKEND_ERROR;
276 } 209 }
277 210
278 std::string BrowserPolicyConnector::GetEnterpriseDomain() { 211 std::string BrowserPolicyConnector::GetEnterpriseDomain() {
279 #if defined(OS_CHROMEOS) 212 return install_attributes_.get() ? install_attributes_->GetDomain()
280 if (install_attributes_.get()) 213 : std::string();
281 return install_attributes_->GetDomain();
282 #endif
283
284 return std::string();
285 } 214 }
286 215
287 DeviceMode BrowserPolicyConnector::GetDeviceMode() { 216 DeviceMode BrowserPolicyConnector::GetDeviceMode() {
288 #if defined(OS_CHROMEOS) 217 return install_attributes_.get() ? install_attributes_->GetMode()
289 if (install_attributes_.get()) 218 : DEVICE_MODE_NOT_SET;
290 return install_attributes_->GetMode(); 219 }
291 else
292 return DEVICE_MODE_NOT_SET;
293 #endif 220 #endif
294 221
295 // We only have the notion of "enterprise" device on ChromeOS for now.
296 return DEVICE_MODE_CONSUMER;
297 }
298
299 void BrowserPolicyConnector::ResetDevicePolicy() {
300 #if defined(OS_CHROMEOS)
301 if (device_cloud_policy_subsystem_.get())
302 device_cloud_policy_subsystem_->Reset();
303 #endif
304 }
305
306 void BrowserPolicyConnector::FetchCloudPolicy() {
307 #if defined(OS_CHROMEOS)
308 if (device_cloud_policy_subsystem_.get())
309 device_cloud_policy_subsystem_->RefreshPolicies(false);
310 if (user_cloud_policy_subsystem_.get())
311 user_cloud_policy_subsystem_->RefreshPolicies(true); // wait_for_auth_token
312 #endif
313 }
314
315 void BrowserPolicyConnector::ScheduleServiceInitialization( 222 void BrowserPolicyConnector::ScheduleServiceInitialization(
316 int64 delay_milliseconds) { 223 int64 delay_milliseconds) {
317 if (device_management_service_.get()) 224 device_management_service_->ScheduleInitialization(delay_milliseconds);
318 device_management_service_->ScheduleInitialization(delay_milliseconds);
319 if (user_cloud_policy_subsystem_.get()) {
320 user_cloud_policy_subsystem_->
321 ScheduleServiceInitialization(delay_milliseconds);
322 }
323 #if defined(OS_CHROMEOS)
324 if (device_cloud_policy_subsystem_.get()) {
325 device_cloud_policy_subsystem_->
326 ScheduleServiceInitialization(delay_milliseconds);
327 }
328 #endif
329 } 225 }
330 226
227 #if defined(OS_CHROMEOS)
331 void BrowserPolicyConnector::InitializeUserPolicy( 228 void BrowserPolicyConnector::InitializeUserPolicy(
332 const std::string& user_name, 229 const std::string& user_name,
333 bool is_public_account, 230 bool is_public_account,
334 bool wait_for_policy_fetch) { 231 bool wait_for_policy_fetch) {
335 #if defined(OS_CHROMEOS)
336 // If the user is managed then importing certificates from ONC policy is 232 // If the user is managed then importing certificates from ONC policy is
337 // allowed, otherwise it's not. Update this flag once the user has signed in, 233 // allowed, otherwise it's not. Update this flag once the user has signed in,
338 // and before user policy is loaded. 234 // and before user policy is loaded.
339 GetNetworkConfigurationUpdater()->set_allow_web_trust( 235 GetNetworkConfigurationUpdater()->set_allow_web_trust(
340 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED); 236 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED);
341 237
342 // Re-initializing user policy is disallowed for two reasons: 238 // Re-initializing user policy is disallowed for two reasons:
343 // (a) Existing profiles may hold pointers to |user_cloud_policy_manager_|. 239 // (a) Existing profiles may hold pointers to |user_cloud_policy_manager_|.
344 // (b) Implementing UserCloudPolicyManager::IsInitializationComplete() 240 // (b) Implementing UserCloudPolicyManager::IsInitializationComplete()
345 // correctly is impossible for re-initialization. 241 // correctly is impossible for re-initialization.
346 CHECK(!user_cloud_policy_manager_.get()); 242 CHECK(!user_cloud_policy_manager_.get());
347 #endif
348
349 // Throw away the old backend.
350 user_cloud_policy_subsystem_.reset();
351 user_policy_token_cache_.reset();
352 user_data_store_.reset();
353 token_service_ = NULL;
354 registrar_.RemoveAll();
355 243
356 CommandLine* command_line = CommandLine::ForCurrentProcess(); 244 CommandLine* command_line = CommandLine::ForCurrentProcess();
357 245
358 int64 startup_delay = 246 int64 startup_delay =
359 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay; 247 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay;
360 248
361 FilePath profile_dir; 249 FilePath profile_dir;
362 PathService::Get(chrome::DIR_USER_DATA, &profile_dir); 250 PathService::Get(chrome::DIR_USER_DATA, &profile_dir);
363 #if defined(OS_CHROMEOS)
364 profile_dir = profile_dir.Append( 251 profile_dir = profile_dir.Append(
365 command_line->GetSwitchValuePath(switches::kLoginProfile)); 252 command_line->GetSwitchValuePath(switches::kLoginProfile));
366 #endif
367 const FilePath policy_dir = profile_dir.Append(kPolicyDir); 253 const FilePath policy_dir = profile_dir.Append(kPolicyDir);
368 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile); 254 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile);
369 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile); 255 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile);
370 256
371 if (!command_line->HasSwitch(switches::kDisableCloudPolicyService)) { 257 device_management_service_->ScheduleInitialization(startup_delay);
372 #if defined(OS_CHROMEOS) 258 if (is_public_account && device_local_account_policy_service_.get()) {
373 device_management_service_->ScheduleInitialization(startup_delay); 259 device_local_account_policy_provider_.reset(
374 if (is_public_account && device_local_account_policy_service_.get()) { 260 new DeviceLocalAccountPolicyProvider(
375 device_local_account_policy_provider_.reset( 261 user_name, device_local_account_policy_service_.get()));
376 new DeviceLocalAccountPolicyProvider(
377 user_name, device_local_account_policy_service_.get()));
378 262
379 device_local_account_policy_provider_->Init(); 263 device_local_account_policy_provider_->Init();
380 global_user_cloud_policy_provider_.SetDelegate( 264 global_user_cloud_policy_provider_.SetDelegate(
381 device_local_account_policy_provider_.get()); 265 device_local_account_policy_provider_.get());
382 } else if (!IsNonEnterpriseUser(user_name)) { 266 } else if (!IsNonEnterpriseUser(user_name)) {
383 scoped_ptr<CloudPolicyStore> store( 267 scoped_ptr<CloudPolicyStore> store(
384 new UserCloudPolicyStoreChromeOS( 268 new UserCloudPolicyStoreChromeOS(
385 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), 269 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),
386 user_name, policy_cache_file, token_cache_file)); 270 user_name, policy_cache_file, token_cache_file));
387 user_cloud_policy_manager_.reset( 271 user_cloud_policy_manager_.reset(
388 new UserCloudPolicyManagerChromeOS(store.Pass(), 272 new UserCloudPolicyManagerChromeOS(store.Pass(),
389 wait_for_policy_fetch)); 273 wait_for_policy_fetch));
390 274
391 user_cloud_policy_manager_->Init(); 275 user_cloud_policy_manager_->Init();
392 user_cloud_policy_manager_->Connect(g_browser_process->local_state(), 276 user_cloud_policy_manager_->Connect(g_browser_process->local_state(),
393 device_management_service_.get(), 277 device_management_service_.get(),
394 GetUserAffiliation(user_name)); 278 GetUserAffiliation(user_name));
395 global_user_cloud_policy_provider_.SetDelegate( 279 global_user_cloud_policy_provider_.SetDelegate(
396 user_cloud_policy_manager_.get()); 280 user_cloud_policy_manager_.get());
397 }
398 #endif
399 } else {
400 CloudPolicyCacheBase* user_policy_cache = NULL;
401
402 user_data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies());
403 #if defined(OS_CHROMEOS)
404 user_policy_cache =
405 new CrosUserPolicyCache(
406 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),
407 user_data_store_.get(),
408 wait_for_policy_fetch,
409 token_cache_file,
410 policy_cache_file);
411 #else
412 user_policy_cache = new UserPolicyCache(policy_cache_file,
413 wait_for_policy_fetch);
414 user_policy_token_cache_.reset(
415 new UserPolicyTokenCache(user_data_store_.get(), token_cache_file));
416
417 // Initiate the DM-Token load.
418 user_policy_token_cache_->Load();
419 #endif
420
421 user_cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
422 user_data_store_.get(),
423 user_policy_cache,
424 GetDeviceManagementUrl()));
425
426 user_data_store_->set_user_name(user_name);
427 user_data_store_->set_user_affiliation(GetUserAffiliation(user_name));
428
429 user_cloud_policy_subsystem_->CompleteInitialization(
430 prefs::kUserPolicyRefreshRate,
431 startup_delay);
432
433 cloud_provider_->SetUserPolicyCache(user_policy_cache);
434 } 281 }
435 } 282 }
436
437 void BrowserPolicyConnector::SetUserPolicyTokenService(
438 TokenService* token_service) {
439 token_service_ = token_service;
440 registrar_.Add(this,
441 chrome::NOTIFICATION_TOKEN_AVAILABLE,
442 content::Source<TokenService>(token_service_));
443
444 if (token_service_->HasTokenForService(
445 GaiaConstants::kDeviceManagementService)) {
446 user_data_store_->SetGaiaToken(token_service_->GetTokenForService(
447 GaiaConstants::kDeviceManagementService));
448 }
449 }
450
451 void BrowserPolicyConnector::RegisterForUserPolicy(
452 const std::string& oauth_token) {
453 if (oauth_token.empty()) {
454 // An attempt to fetch the dm service oauth token has failed. Notify
455 // the user policy cache of this, so that a potential blocked login
456 // proceeds without waiting for user policy.
457 if (user_cloud_policy_subsystem_.get()) {
458 user_cloud_policy_subsystem_->GetCloudPolicyCacheBase()->
459 SetFetchingDone();
460 }
461 } else {
462 if (user_data_store_.get())
463 user_data_store_->SetOAuthToken(oauth_token);
464 }
465 }
466
467 CloudPolicyDataStore* BrowserPolicyConnector::GetDeviceCloudPolicyDataStore() {
468 #if defined(OS_CHROMEOS)
469 return device_data_store_.get();
470 #else
471 return NULL;
472 #endif 283 #endif
473 }
474
475 CloudPolicyDataStore* BrowserPolicyConnector::GetUserCloudPolicyDataStore() {
476 return user_data_store_.get();
477 }
478 284
479 const ConfigurationPolicyHandlerList* 285 const ConfigurationPolicyHandlerList*
480 BrowserPolicyConnector::GetHandlerList() const { 286 BrowserPolicyConnector::GetHandlerList() const {
481 return &handler_list_; 287 return &handler_list_;
482 } 288 }
483 289
484 UserAffiliation BrowserPolicyConnector::GetUserAffiliation( 290 UserAffiliation BrowserPolicyConnector::GetUserAffiliation(
485 const std::string& user_name) { 291 const std::string& user_name) {
486 #if defined(OS_CHROMEOS) 292 #if defined(OS_CHROMEOS)
487 if (install_attributes_.get() && 293 if (install_attributes_.get() &&
488 gaia::ExtractDomainName(gaia::CanonicalizeEmail(user_name)) == 294 gaia::ExtractDomainName(gaia::CanonicalizeEmail(user_name)) ==
489 install_attributes_->GetDomain()) { 295 install_attributes_->GetDomain()) {
490 return USER_AFFILIATION_MANAGED; 296 return USER_AFFILIATION_MANAGED;
491 } 297 }
492 #endif 298 #endif
493 299
494 return USER_AFFILIATION_NONE; 300 return USER_AFFILIATION_NONE;
495 } 301 }
496 302
303 #if defined(OS_CHROMEOS)
497 AppPackUpdater* BrowserPolicyConnector::GetAppPackUpdater() { 304 AppPackUpdater* BrowserPolicyConnector::GetAppPackUpdater() {
498 #if defined(OS_CHROMEOS)
499 if (!app_pack_updater_.get()) { 305 if (!app_pack_updater_.get()) {
500 // system_request_context() is NULL in unit tests. 306 // system_request_context() is NULL in unit tests.
501 net::URLRequestContextGetter* request_context = 307 net::URLRequestContextGetter* request_context =
502 g_browser_process->system_request_context(); 308 g_browser_process->system_request_context();
503 if (request_context) { 309 if (request_context) {
504 app_pack_updater_.reset( 310 app_pack_updater_.reset(
505 new AppPackUpdater(request_context, install_attributes_.get())); 311 new AppPackUpdater(request_context, install_attributes_.get()));
506 } 312 }
507 } 313 }
508 return app_pack_updater_.get(); 314 return app_pack_updater_.get();
509 #else 315 }
510 return NULL;
511 #endif 316 #endif
512 }
513 317
318 #if defined(OS_CHROMEOS)
514 NetworkConfigurationUpdater* 319 NetworkConfigurationUpdater*
515 BrowserPolicyConnector::GetNetworkConfigurationUpdater() { 320 BrowserPolicyConnector::GetNetworkConfigurationUpdater() {
516 #if defined(OS_CHROMEOS)
517 if (!network_configuration_updater_.get()) { 321 if (!network_configuration_updater_.get()) {
518 network_configuration_updater_.reset(new NetworkConfigurationUpdater( 322 network_configuration_updater_.reset(new NetworkConfigurationUpdater(
519 g_browser_process->policy_service(), 323 g_browser_process->policy_service(),
520 chromeos::CrosLibrary::Get()->GetNetworkLibrary())); 324 chromeos::CrosLibrary::Get()->GetNetworkLibrary()));
521 } 325 }
522 return network_configuration_updater_.get(); 326 return network_configuration_updater_.get();
523 #else 327 }
524 return NULL;
525 #endif 328 #endif
526 }
527 329
528 void BrowserPolicyConnector::SetDeviceManagementServiceForTesting( 330 void BrowserPolicyConnector::SetDeviceManagementServiceForTesting(
529 scoped_ptr<DeviceManagementService> service) { 331 scoped_ptr<DeviceManagementService> service) {
530 device_management_service_ = service.Pass(); 332 device_management_service_ = service.Pass();
531 } 333 }
532 334
533 // static 335 // static
534 void BrowserPolicyConnector::SetPolicyProviderForTesting( 336 void BrowserPolicyConnector::SetPolicyProviderForTesting(
535 ConfigurationPolicyProvider* provider) { 337 ConfigurationPolicyProvider* provider) {
536 CHECK(!g_browser_process) << "Must be invoked before the browser is created"; 338 CHECK(!g_browser_process) << "Must be invoked before the browser is created";
(...skipping 53 matching lines...) Expand 10 before | Expand all | Expand 10 after
590 const string16 domain = 392 const string16 domain =
591 UTF8ToUTF16(gaia::ExtractDomainName(gaia::CanonicalizeEmail(username))); 393 UTF8ToUTF16(gaia::ExtractDomainName(gaia::CanonicalizeEmail(username)));
592 for (size_t i = 0; i < arraysize(kNonManagedDomainPatterns); i++) { 394 for (size_t i = 0; i < arraysize(kNonManagedDomainPatterns); i++) {
593 string16 pattern = WideToUTF16(kNonManagedDomainPatterns[i]); 395 string16 pattern = WideToUTF16(kNonManagedDomainPatterns[i]);
594 if (MatchDomain(domain, pattern)) 396 if (MatchDomain(domain, pattern))
595 return true; 397 return true;
596 } 398 }
597 return false; 399 return false;
598 } 400 }
599 401
600 void BrowserPolicyConnector::Observe( 402 // static
601 int type, 403 void BrowserPolicyConnector::RegisterPrefs(PrefServiceSimple* local_state) {
602 const content::NotificationSource& source, 404 local_state->RegisterIntegerPref(prefs::kUserPolicyRefreshRate,
603 const content::NotificationDetails& details) { 405 kDefaultPolicyRefreshRateMs);
604 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
605 if (type == chrome::NOTIFICATION_TOKEN_AVAILABLE) {
606 const TokenService* token_source =
607 content::Source<const TokenService>(source).ptr();
608 DCHECK_EQ(token_service_, token_source);
609 const TokenService::TokenAvailableDetails* token_details =
610 content::Details<const TokenService::TokenAvailableDetails>(details).
611 ptr();
612 if (token_details->service() == GaiaConstants::kDeviceManagementService) {
613 if (user_data_store_.get()) {
614 user_data_store_->SetGaiaToken(token_details->token());
615 }
616 }
617 } else {
618 NOTREACHED();
619 }
620 }
621
622 void BrowserPolicyConnector::InitializeDevicePolicy() {
623 #if defined(OS_CHROMEOS) 406 #if defined(OS_CHROMEOS)
624 // Throw away the old backend. 407 local_state->RegisterIntegerPref(prefs::kDevicePolicyRefreshRate,
625 device_cloud_policy_subsystem_.reset(); 408 kDefaultPolicyRefreshRateMs);
626 device_data_store_.reset();
627
628 CommandLine* command_line = CommandLine::ForCurrentProcess();
629 if (command_line->HasSwitch(switches::kDisableCloudPolicyService)) {
630 device_data_store_.reset(CloudPolicyDataStore::CreateForDevicePolicies());
631 DevicePolicyCache* device_policy_cache =
632 new DevicePolicyCache(device_data_store_.get(),
633 install_attributes_.get());
634
635 cloud_provider_->SetDevicePolicyCache(device_policy_cache);
636
637 device_cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
638 device_data_store_.get(),
639 device_policy_cache,
640 GetDeviceManagementUrl()));
641 }
642 #endif 409 #endif
643 } 410 }
644 411
645 void BrowserPolicyConnector::CompleteInitialization() { 412 void BrowserPolicyConnector::CompleteInitialization() {
646 if (g_testing_provider) 413 if (g_testing_provider)
647 g_testing_provider->Init(); 414 g_testing_provider->Init();
648 if (platform_provider_) 415 if (platform_provider_)
649 platform_provider_->Init(); 416 platform_provider_->Init();
650 if (cloud_provider_)
651 cloud_provider_->Init();
652 417
653 #if defined(OS_CHROMEOS) 418 #if defined(OS_CHROMEOS)
654 global_user_cloud_policy_provider_.Init(); 419 global_user_cloud_policy_provider_.Init();
655 420
656 // Create the AppPackUpdater to start updating the cache. It requires the 421 // Create the AppPackUpdater to start updating the cache. It requires the
657 // system request context, which isn't available in Init(); therefore it is 422 // system request context, which isn't available in Init(); therefore it is
658 // created only once the loops are running. 423 // created only once the loops are running.
659 GetAppPackUpdater(); 424 GetAppPackUpdater();
660 425
661 if (device_cloud_policy_subsystem_.get()) {
662 // Read serial number and machine model. This must be done before we call
663 // CompleteInitialization() below such that the serial number is available
664 // for re-submission in case we're doing serial number recovery.
665 if (device_data_store_->machine_id().empty() ||
666 device_data_store_->machine_model().empty()) {
667 device_data_store_->set_machine_id(
668 DeviceCloudPolicyManagerChromeOS::GetMachineID());
669 device_data_store_->set_machine_model(
670 DeviceCloudPolicyManagerChromeOS::GetMachineModel());
671 }
672
673 device_cloud_policy_subsystem_->CompleteInitialization(
674 prefs::kDevicePolicyRefreshRate,
675 kServiceInitializationStartupDelay);
676 }
677
678 if (device_data_store_.get()) {
679 device_data_store_->set_device_status_collector(
680 new DeviceStatusCollector(
681 g_browser_process->local_state(),
682 chromeos::system::StatisticsProvider::GetInstance(),
683 NULL));
684 }
685
686 if (device_cloud_policy_manager_.get()) { 426 if (device_cloud_policy_manager_.get()) {
687 device_cloud_policy_manager_->Init(); 427 device_cloud_policy_manager_->Init();
688 scoped_ptr<CloudPolicyClient::StatusProvider> status_provider( 428 scoped_ptr<CloudPolicyClient::StatusProvider> status_provider(
689 new DeviceStatusCollector(g_browser_process->local_state(), 429 new DeviceStatusCollector(g_browser_process->local_state(),
690 chromeos::system::StatisticsProvider::GetInstance(), 430 chromeos::system::StatisticsProvider::GetInstance(),
691 NULL)); 431 NULL));
692 device_cloud_policy_manager_->Connect( 432 device_cloud_policy_manager_->Connect(
693 g_browser_process->local_state(), 433 g_browser_process->local_state(),
694 device_management_service_.get(), 434 device_management_service_.get(),
695 status_provider.Pass()); 435 status_provider.Pass());
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
737 BrowserPolicyConnector::CreatePolicyServiceWithProviders( 477 BrowserPolicyConnector::CreatePolicyServiceWithProviders(
738 ConfigurationPolicyProvider* user_cloud_policy_provider, 478 ConfigurationPolicyProvider* user_cloud_policy_provider,
739 ConfigurationPolicyProvider* managed_mode_policy_provider) { 479 ConfigurationPolicyProvider* managed_mode_policy_provider) {
740 PolicyServiceImpl::Providers providers; 480 PolicyServiceImpl::Providers providers;
741 if (g_testing_provider) { 481 if (g_testing_provider) {
742 providers.push_back(g_testing_provider); 482 providers.push_back(g_testing_provider);
743 } else { 483 } else {
744 // |providers| in decreasing order of priority. 484 // |providers| in decreasing order of priority.
745 if (platform_provider_) 485 if (platform_provider_)
746 providers.push_back(platform_provider_.get()); 486 providers.push_back(platform_provider_.get());
747 if (cloud_provider_)
748 providers.push_back(cloud_provider_.get());
749 487
750 #if defined(OS_CHROMEOS) 488 #if defined(OS_CHROMEOS)
751 if (device_cloud_policy_manager_.get()) 489 if (device_cloud_policy_manager_.get())
752 providers.push_back(device_cloud_policy_manager_.get()); 490 providers.push_back(device_cloud_policy_manager_.get());
753 if (!user_cloud_policy_provider) 491 if (!user_cloud_policy_provider)
754 user_cloud_policy_provider = &global_user_cloud_policy_provider_; 492 user_cloud_policy_provider = &global_user_cloud_policy_provider_;
755 #endif 493 #endif
756 494
757 if (user_cloud_policy_provider) 495 if (user_cloud_policy_provider)
758 providers.push_back(user_cloud_policy_provider); 496 providers.push_back(user_cloud_policy_provider);
(...skipping 23 matching lines...) Expand all
782 return new AsyncPolicyProvider(loader.Pass()); 520 return new AsyncPolicyProvider(loader.Pass());
783 } else { 521 } else {
784 return NULL; 522 return NULL;
785 } 523 }
786 #else 524 #else
787 return NULL; 525 return NULL;
788 #endif 526 #endif
789 } 527 }
790 528
791 } // namespace policy 529 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/policy/browser_policy_connector.h ('k') | chrome/browser/policy/cloud_policy_browsertest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698