| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" | 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" |
| 6 | 6 |
| 7 #include <memory> | 7 #include <memory> |
| 8 #include <utility> | 8 #include <utility> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 347 service_path, *shill_dictionary, | 347 service_path, *shill_dictionary, |
| 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, | 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, |
| 349 error_callback); | 349 error_callback); |
| 350 } | 350 } |
| 351 | 351 |
| 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( | 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( |
| 353 const std::string& userhash, | 353 const std::string& userhash, |
| 354 const base::DictionaryValue& properties, | 354 const base::DictionaryValue& properties, |
| 355 const network_handler::ServiceResultCallback& callback, | 355 const network_handler::ServiceResultCallback& callback, |
| 356 const network_handler::ErrorCallback& error_callback) const { | 356 const network_handler::ErrorCallback& error_callback) const { |
| 357 const Policies* policies = GetPoliciesForUser(userhash); | 357 // Validate the ONC dictionary. We are liberal and ignore unknown field |
| 358 // names. User settings are only partial ONC, thus we ignore missing fields. |
| 359 onc::Validator validator(false, // Ignore unknown fields. |
| 360 false, // Ignore invalid recommended field names. |
| 361 false, // Ignore missing fields. |
| 362 false); // This ONC does not come from policy. |
| 363 |
| 364 onc::Validator::Result validation_result; |
| 365 std::unique_ptr<base::DictionaryValue> validated_properties = |
| 366 validator.ValidateAndRepairObject(&onc::kNetworkConfigurationSignature, |
| 367 properties, &validation_result); |
| 368 |
| 369 if (validation_result == onc::Validator::INVALID) { |
| 370 InvokeErrorCallback("", error_callback, kInvalidUserSettings); |
| 371 return; |
| 372 } |
| 373 |
| 374 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) |
| 375 LOG(WARNING) << "Validation of ONC user settings produced warnings."; |
| 376 |
| 377 // Fill in HexSSID field from contents of SSID field if not set already - this |
| 378 // is required to properly match the configuration against existing policies. |
| 379 if (validated_properties) { |
| 380 onc::FillInHexSSIDFieldsInOncObject(onc::kNetworkConfigurationSignature, |
| 381 validated_properties.get()); |
| 382 } |
| 383 |
| 384 // Make sure the network is not configured through a user policy. |
| 385 const Policies* policies = nullptr; |
| 386 if (!userhash.empty()) { |
| 387 policies = GetPoliciesForUser(userhash); |
| 388 if (!policies) { |
| 389 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
| 390 return; |
| 391 } |
| 392 |
| 393 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
| 394 *validated_properties)) { |
| 395 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
| 396 return; |
| 397 } |
| 398 } |
| 399 |
| 400 // Make user the network is not configured through a device policy. |
| 401 policies = GetPoliciesForUser(""); |
| 358 if (!policies) { | 402 if (!policies) { |
| 359 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | 403 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
| 360 return; | 404 return; |
| 361 } | 405 } |
| 362 | 406 |
| 363 if (policy_util::FindMatchingPolicy(policies->per_network_config, | 407 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
| 364 properties)) { | 408 *validated_properties)) { |
| 365 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | 409 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
| 366 return; | 410 return; |
| 367 } | 411 } |
| 368 | 412 |
| 369 const NetworkProfile* profile = | 413 const NetworkProfile* profile = |
| 370 network_profile_handler_->GetProfileForUserhash(userhash); | 414 network_profile_handler_->GetProfileForUserhash(userhash); |
| 371 if (!profile) { | 415 if (!profile) { |
| 372 InvokeErrorCallback("", error_callback, kProfileNotInitialized); | 416 InvokeErrorCallback("", error_callback, kProfileNotInitialized); |
| 373 return; | 417 return; |
| 374 } | 418 } |
| 375 | 419 |
| 376 // TODO(pneubeck): In case of WiFi, check that no other configuration for the | 420 // TODO(pneubeck): In case of WiFi, check that no other configuration for the |
| 377 // same {SSID, mode, security} exists. We don't support such multiple | 421 // same {SSID, mode, security} exists. We don't support such multiple |
| 378 // configurations, yet. | 422 // configurations, yet. |
| 379 | 423 |
| 380 // Generate a new GUID for this configuration. Ignore the maybe provided GUID | 424 // Generate a new GUID for this configuration. Ignore the maybe provided GUID |
| 381 // in |properties| as it is not our own and from an untrusted source. | 425 // in |properties| as it is not our own and from an untrusted source. |
| 382 std::string guid = base::GenerateGUID(); | 426 std::string guid = base::GenerateGUID(); |
| 383 std::unique_ptr<base::DictionaryValue> shill_dictionary( | 427 std::unique_ptr<base::DictionaryValue> shill_dictionary( |
| 384 policy_util::CreateShillConfiguration(*profile, guid, | 428 policy_util::CreateShillConfiguration(*profile, guid, |
| 385 NULL, // no global policy | 429 NULL, // no global policy |
| 386 NULL, // no network policy | 430 NULL, // no network policy |
| 387 &properties)); | 431 validated_properties.get())); |
| 388 | 432 |
| 389 network_configuration_handler_->CreateShillConfiguration( | 433 network_configuration_handler_->CreateShillConfiguration( |
| 390 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, | 434 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, |
| 391 callback, error_callback); | 435 callback, error_callback); |
| 392 } | 436 } |
| 393 | 437 |
| 394 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( | 438 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( |
| 395 const std::string& service_path, | 439 const std::string& service_path, |
| 396 const base::Closure& callback, | 440 const base::Closure& callback, |
| 397 const network_handler::ErrorCallback& error_callback) const { | 441 const network_handler::ErrorCallback& error_callback) const { |
| (...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 852 std::unique_ptr<base::DictionaryValue> network_properties, | 896 std::unique_ptr<base::DictionaryValue> network_properties, |
| 853 GetDevicePropertiesCallback send_callback, | 897 GetDevicePropertiesCallback send_callback, |
| 854 const std::string& error_name, | 898 const std::string& error_name, |
| 855 std::unique_ptr<base::DictionaryValue> error_data) { | 899 std::unique_ptr<base::DictionaryValue> error_data) { |
| 856 NET_LOG_ERROR("Error getting device properties", service_path); | 900 NET_LOG_ERROR("Error getting device properties", service_path); |
| 857 send_callback.Run(service_path, std::move(network_properties)); | 901 send_callback.Run(service_path, std::move(network_properties)); |
| 858 } | 902 } |
| 859 | 903 |
| 860 | 904 |
| 861 } // namespace chromeos | 905 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 2767253006:
Set HexSSID in network config before matching it against policies (Closed)
