OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chromeos/network/managed_network_configuration_handler_impl.h" | 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <utility> | 8 #include <utility> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
347 service_path, *shill_dictionary, | 347 service_path, *shill_dictionary, |
348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, | 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, |
349 error_callback); | 349 error_callback); |
350 } | 350 } |
351 | 351 |
352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( | 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( |
353 const std::string& userhash, | 353 const std::string& userhash, |
354 const base::DictionaryValue& properties, | 354 const base::DictionaryValue& properties, |
355 const network_handler::ServiceResultCallback& callback, | 355 const network_handler::ServiceResultCallback& callback, |
356 const network_handler::ErrorCallback& error_callback) const { | 356 const network_handler::ErrorCallback& error_callback) const { |
357 const Policies* policies = GetPoliciesForUser(userhash); | 357 // Validate the ONC dictionary. We are liberal and ignore unknown field |
| 358 // names. User settings are only partial ONC, thus we ignore missing fields. |
| 359 onc::Validator validator(false, // Ignore unknown fields. |
| 360 false, // Ignore invalid recommended field names. |
| 361 false, // Ignore missing fields. |
| 362 false); // This ONC does not come from policy. |
| 363 |
| 364 onc::Validator::Result validation_result; |
| 365 std::unique_ptr<base::DictionaryValue> validated_properties = |
| 366 validator.ValidateAndRepairObject(&onc::kNetworkConfigurationSignature, |
| 367 properties, &validation_result); |
| 368 |
| 369 if (validation_result == onc::Validator::INVALID) { |
| 370 InvokeErrorCallback("", error_callback, kInvalidUserSettings); |
| 371 return; |
| 372 } |
| 373 |
| 374 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) |
| 375 LOG(WARNING) << "Validation of ONC user settings produced warnings."; |
| 376 |
| 377 // Fill in HexSSID field from contents of SSID field if not set already - this |
| 378 // is required to properly match the configuration against existing policies. |
| 379 if (validated_properties) { |
| 380 onc::FillInHexSSIDFieldsInOncObject(onc::kNetworkConfigurationSignature, |
| 381 validated_properties.get()); |
| 382 } |
| 383 |
| 384 // Make sure the network is not configured through a user policy. |
| 385 const Policies* policies = nullptr; |
| 386 if (!userhash.empty()) { |
| 387 policies = GetPoliciesForUser(userhash); |
| 388 if (!policies) { |
| 389 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
| 390 return; |
| 391 } |
| 392 |
| 393 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
| 394 *validated_properties)) { |
| 395 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
| 396 return; |
| 397 } |
| 398 } |
| 399 |
| 400 // Make user the network is not configured through a device policy. |
| 401 policies = GetPoliciesForUser(""); |
358 if (!policies) { | 402 if (!policies) { |
359 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | 403 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
360 return; | 404 return; |
361 } | 405 } |
362 | 406 |
363 if (policy_util::FindMatchingPolicy(policies->per_network_config, | 407 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
364 properties)) { | 408 *validated_properties)) { |
365 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | 409 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
366 return; | 410 return; |
367 } | 411 } |
368 | 412 |
369 const NetworkProfile* profile = | 413 const NetworkProfile* profile = |
370 network_profile_handler_->GetProfileForUserhash(userhash); | 414 network_profile_handler_->GetProfileForUserhash(userhash); |
371 if (!profile) { | 415 if (!profile) { |
372 InvokeErrorCallback("", error_callback, kProfileNotInitialized); | 416 InvokeErrorCallback("", error_callback, kProfileNotInitialized); |
373 return; | 417 return; |
374 } | 418 } |
375 | 419 |
376 // TODO(pneubeck): In case of WiFi, check that no other configuration for the | 420 // TODO(pneubeck): In case of WiFi, check that no other configuration for the |
377 // same {SSID, mode, security} exists. We don't support such multiple | 421 // same {SSID, mode, security} exists. We don't support such multiple |
378 // configurations, yet. | 422 // configurations, yet. |
379 | 423 |
380 // Generate a new GUID for this configuration. Ignore the maybe provided GUID | 424 // Generate a new GUID for this configuration. Ignore the maybe provided GUID |
381 // in |properties| as it is not our own and from an untrusted source. | 425 // in |properties| as it is not our own and from an untrusted source. |
382 std::string guid = base::GenerateGUID(); | 426 std::string guid = base::GenerateGUID(); |
383 std::unique_ptr<base::DictionaryValue> shill_dictionary( | 427 std::unique_ptr<base::DictionaryValue> shill_dictionary( |
384 policy_util::CreateShillConfiguration(*profile, guid, | 428 policy_util::CreateShillConfiguration(*profile, guid, |
385 NULL, // no global policy | 429 NULL, // no global policy |
386 NULL, // no network policy | 430 NULL, // no network policy |
387 &properties)); | 431 validated_properties.get())); |
388 | 432 |
389 network_configuration_handler_->CreateShillConfiguration( | 433 network_configuration_handler_->CreateShillConfiguration( |
390 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, | 434 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, |
391 callback, error_callback); | 435 callback, error_callback); |
392 } | 436 } |
393 | 437 |
394 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( | 438 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( |
395 const std::string& service_path, | 439 const std::string& service_path, |
396 const base::Closure& callback, | 440 const base::Closure& callback, |
397 const network_handler::ErrorCallback& error_callback) const { | 441 const network_handler::ErrorCallback& error_callback) const { |
(...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
852 std::unique_ptr<base::DictionaryValue> network_properties, | 896 std::unique_ptr<base::DictionaryValue> network_properties, |
853 GetDevicePropertiesCallback send_callback, | 897 GetDevicePropertiesCallback send_callback, |
854 const std::string& error_name, | 898 const std::string& error_name, |
855 std::unique_ptr<base::DictionaryValue> error_data) { | 899 std::unique_ptr<base::DictionaryValue> error_data) { |
856 NET_LOG_ERROR("Error getting device properties", service_path); | 900 NET_LOG_ERROR("Error getting device properties", service_path); |
857 send_callback.Run(service_path, std::move(network_properties)); | 901 send_callback.Run(service_path, std::move(network_properties)); |
858 } | 902 } |
859 | 903 |
860 | 904 |
861 } // namespace chromeos | 905 } // namespace chromeos |
OLD | NEW |