| Index: chrome/browser/chromeos/policy/device_local_account_policy_service.h
|
| diff --git a/chrome/browser/chromeos/policy/device_local_account_policy_service.h b/chrome/browser/chromeos/policy/device_local_account_policy_service.h
|
| index cb0f0561a05d6934aeb972793d395a06a1bd1330..049af5663b0004e035599f8e57e3a4f8e5652c54 100644
|
| --- a/chrome/browser/chromeos/policy/device_local_account_policy_service.h
|
| +++ b/chrome/browser/chromeos/policy/device_local_account_policy_service.h
|
| @@ -9,15 +9,17 @@
|
| #include <string>
|
|
|
| #include "base/basictypes.h"
|
| -#include "base/callback_forward.h"
|
| #include "base/compiler_specific.h"
|
| #include "base/memory/scoped_ptr.h"
|
| +#include "base/memory/weak_ptr.h"
|
| #include "base/observer_list.h"
|
| -#include "chrome/browser/chromeos/settings/device_settings_service.h"
|
| #include "chrome/browser/policy/cloud/cloud_policy_core.h"
|
| #include "chrome/browser/policy/cloud/cloud_policy_store.h"
|
| +#include "content/public/browser/notification_observer.h"
|
|
|
| namespace chromeos {
|
| +class CrosSettings;
|
| +class DeviceSettingsService;
|
| class SessionManagerClient;
|
| }
|
|
|
| @@ -32,10 +34,11 @@ class DeviceManagementService;
|
| class DeviceLocalAccountPolicyBroker {
|
| public:
|
| explicit DeviceLocalAccountPolicyBroker(
|
| + const std::string& user_id,
|
| scoped_ptr<DeviceLocalAccountPolicyStore> store);
|
| ~DeviceLocalAccountPolicyBroker();
|
|
|
| - const std::string& account_id() const;
|
| + const std::string& user_id() const { return user_id_; }
|
|
|
| CloudPolicyCore* core() { return &core_; }
|
| const CloudPolicyCore* core() const { return &core_; }
|
| @@ -54,7 +57,7 @@ class DeviceLocalAccountPolicyBroker {
|
| std::string GetDisplayName() const;
|
|
|
| private:
|
| - const std::string account_id_;
|
| + const std::string user_id_;
|
| scoped_ptr<DeviceLocalAccountPolicyStore> store_;
|
| CloudPolicyCore core_;
|
|
|
| @@ -65,17 +68,16 @@ class DeviceLocalAccountPolicyBroker {
|
| // The actual policy blobs are brokered by session_manager (to prevent file
|
| // manipulation), and we're making signature checks on the policy blobs to
|
| // ensure they're issued by the device owner.
|
| -class DeviceLocalAccountPolicyService
|
| - : public chromeos::DeviceSettingsService::Observer,
|
| - public CloudPolicyStore::Observer {
|
| +class DeviceLocalAccountPolicyService : public content::NotificationObserver,
|
| + public CloudPolicyStore::Observer {
|
| public:
|
| // Interface for interested parties to observe policy changes.
|
| class Observer {
|
| public:
|
| virtual ~Observer() {}
|
|
|
| - // Policy for the given account has changed.
|
| - virtual void OnPolicyUpdated(const std::string& account_id) = 0;
|
| + // Policy for the given |user_id| has changed.
|
| + virtual void OnPolicyUpdated(const std::string& user_id) = 0;
|
|
|
| // The list of accounts has been updated.
|
| virtual void OnDeviceLocalAccountsChanged() = 0;
|
| @@ -83,7 +85,8 @@ class DeviceLocalAccountPolicyService
|
|
|
| DeviceLocalAccountPolicyService(
|
| chromeos::SessionManagerClient* session_manager_client,
|
| - chromeos::DeviceSettingsService* device_settings_service);
|
| + chromeos::DeviceSettingsService* device_settings_service,
|
| + chromeos::CrosSettings* cros_settings);
|
| virtual ~DeviceLocalAccountPolicyService();
|
|
|
| // Initializes the cloud policy service connection.
|
| @@ -92,38 +95,54 @@ class DeviceLocalAccountPolicyService
|
| // Prevents further policy fetches from the cloud.
|
| void Disconnect();
|
|
|
| - // Get the policy broker for a given account. Returns NULL if that account is
|
| - // not valid.
|
| - DeviceLocalAccountPolicyBroker* GetBrokerForAccount(
|
| - const std::string& account_id);
|
| + // Get the policy broker for a given |user_id|. Returns NULL if that |user_id|
|
| + // does not belong to an existing device-local account.
|
| + DeviceLocalAccountPolicyBroker* GetBrokerForUser(const std::string& user_id);
|
|
|
| // Indicates whether policy has been successfully fetched for the given
|
| - // account.
|
| - bool IsPolicyAvailableForAccount(const std::string& account_id);
|
| + // |user_id|.
|
| + bool IsPolicyAvailableForUser(const std::string& user_id);
|
|
|
| void AddObserver(Observer* observer);
|
| void RemoveObserver(Observer* observer);
|
|
|
| - // DeviceSettingsService::Observer:
|
| - virtual void OwnershipStatusChanged() OVERRIDE;
|
| - virtual void DeviceSettingsUpdated() OVERRIDE;
|
| + // NotificationObserver:
|
| + virtual void Observe(int type,
|
| + const content::NotificationSource& source,
|
| + const content::NotificationDetails& details) OVERRIDE;
|
|
|
| // CloudPolicyStore::Observer:
|
| virtual void OnStoreLoaded(CloudPolicyStore* store) OVERRIDE;
|
| virtual void OnStoreError(CloudPolicyStore* store) OVERRIDE;
|
|
|
| private:
|
| - typedef std::map<std::string, DeviceLocalAccountPolicyBroker*>
|
| - PolicyBrokerMap;
|
| + struct PolicyBrokerWrapper {
|
| + PolicyBrokerWrapper();
|
| +
|
| + // Return the |broker|, creating it first if necessary.
|
| + DeviceLocalAccountPolicyBroker* GetBroker();
|
| +
|
| + // Fire up the cloud connection for fetching policy for the account from the
|
| + // cloud if this is an enterprise-managed device.
|
| + void ConnectIfPossible();
|
| +
|
| + // Destroy the cloud connection.
|
| + void Disconnect();
|
| +
|
| + // Delete the broker.
|
| + void DeleteBroker();
|
| +
|
| + std::string user_id;
|
| + std::string account_id;
|
| + DeviceLocalAccountPolicyService* parent;
|
| + DeviceLocalAccountPolicyBroker* broker;
|
| + };
|
| +
|
| + typedef std::map<std::string, PolicyBrokerWrapper> PolicyBrokerMap;
|
|
|
| // Re-queries the list of defined device-local accounts from device settings
|
| // and updates |policy_brokers_| to match that list.
|
| - void UpdateAccountList(
|
| - const enterprise_management::ChromeDeviceSettingsProto& device_settings);
|
| -
|
| - // Creates a broker for the given account ID.
|
| - scoped_ptr<DeviceLocalAccountPolicyBroker> CreateBroker(
|
| - const std::string& account_id);
|
| + void UpdateAccountList();
|
|
|
| // Deletes brokers in |map| and clears it.
|
| void DeleteBrokers(PolicyBrokerMap* map);
|
| @@ -131,22 +150,21 @@ class DeviceLocalAccountPolicyService
|
| // Find the broker for a given |store|. Returns NULL if |store| is unknown.
|
| DeviceLocalAccountPolicyBroker* GetBrokerForStore(CloudPolicyStore* store);
|
|
|
| - // Creates and initializes a cloud policy client for |account_id|. Returns
|
| - // NULL if the device doesn't have credentials in device settings (i.e. is not
|
| - // enterprise-enrolled).
|
| - scoped_ptr<CloudPolicyClient> CreateClientForAccount(
|
| - const std::string& account_id);
|
| -
|
| chromeos::SessionManagerClient* session_manager_client_;
|
| chromeos::DeviceSettingsService* device_settings_service_;
|
| + chromeos::CrosSettings* cros_settings_;
|
|
|
| DeviceManagementService* device_management_service_;
|
|
|
| - // The device-local account policy brokers, keyed by account ID.
|
| + // The device-local account policy brokers, keyed by user ID.
|
| PolicyBrokerMap policy_brokers_;
|
|
|
| ObserverList<Observer, true> observers_;
|
|
|
| + // Weak pointer factory for cros_settings_->PrepareTrustedValues() callbacks.
|
| + base::WeakPtrFactory<DeviceLocalAccountPolicyService>
|
| + cros_settings_callback_factory_;
|
| +
|
| DISALLOW_COPY_AND_ASSIGN(DeviceLocalAccountPolicyService);
|
| };
|
|
|
|
|
Chromium Code Reviews
Issue 14927015:
Translate device-local account IDs to user IDs (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src