| Index: chrome/browser/policy/device_management_policy_provider.cc
|
| ===================================================================
|
| --- chrome/browser/policy/device_management_policy_provider.cc (revision 67530)
|
| +++ chrome/browser/policy/device_management_policy_provider.cc (working copy)
|
| @@ -21,20 +21,13 @@
|
|
|
| namespace policy {
|
|
|
| -namespace em = enterprise_management;
|
| -
|
| const int64 kPolicyRefreshRateInMilliseconds = 3 * 60 * 60 * 1000; // 3 hours
|
| const int64 kPolicyRefreshMaxEarlierInMilliseconds = 20 * 60 * 1000; // 20 mins
|
| // These are the base values for delays before retrying after an error. They
|
| // will be doubled each time they are used.
|
| const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds
|
| const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000;
|
| -// For unmanaged devices, check once per day whether they're still unmanaged.
|
| -const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000;
|
|
|
| -const char* kDeviceTokenFilename = "Token";
|
| -const char* kPolicyFilename = "Policy";
|
| -
|
| // Ensures that the portion of the policy provider implementation that requires
|
| // the IOThread is deferred until the IOThread is fully initialized. The policy
|
| // provider posts this task on the UI thread during its constructor, thereby
|
| @@ -79,35 +72,19 @@
|
| const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list,
|
| DeviceManagementBackend* backend,
|
| Profile* profile)
|
| - : ConfigurationPolicyProvider(policy_list) {
|
| - Initialize(backend,
|
| - profile,
|
| - kPolicyRefreshRateInMilliseconds,
|
| - kPolicyRefreshMaxEarlierInMilliseconds,
|
| - kPolicyRefreshErrorDelayInMilliseconds,
|
| - kDeviceTokenRefreshErrorDelayInMilliseconds,
|
| - kPolicyRefreshUnmanagedDeviceInMilliseconds);
|
| + : ConfigurationPolicyProvider(policy_list),
|
| + backend_(backend),
|
| + profile_(profile),
|
| + storage_dir_(GetOrCreateDeviceManagementDir(profile_->GetPath())),
|
| + policy_request_pending_(false),
|
| + refresh_task_pending_(false),
|
| + policy_refresh_rate_ms_(kPolicyRefreshRateInMilliseconds),
|
| + policy_refresh_max_earlier_ms_(kPolicyRefreshMaxEarlierInMilliseconds),
|
| + policy_refresh_error_delay_ms_(kPolicyRefreshErrorDelayInMilliseconds),
|
| + token_fetch_error_delay_ms_(kDeviceTokenRefreshErrorDelayInMilliseconds) {
|
| + Initialize();
|
| }
|
|
|
| -DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(
|
| - const PolicyDefinitionList* policy_list,
|
| - DeviceManagementBackend* backend,
|
| - Profile* profile,
|
| - int64 policy_refresh_rate_ms,
|
| - int64 policy_refresh_max_earlier_ms,
|
| - int64 policy_refresh_error_delay_ms,
|
| - int64 token_fetch_error_delay_ms,
|
| - int64 unmanaged_device_refresh_rate_ms)
|
| - : ConfigurationPolicyProvider(policy_list) {
|
| - Initialize(backend,
|
| - profile,
|
| - policy_refresh_rate_ms,
|
| - policy_refresh_max_earlier_ms,
|
| - policy_refresh_error_delay_ms,
|
| - token_fetch_error_delay_ms,
|
| - unmanaged_device_refresh_rate_ms);
|
| -}
|
| -
|
| DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() {}
|
|
|
| bool DeviceManagementPolicyProvider::Provide(
|
| @@ -125,9 +102,6 @@
|
| // Reset the error delay since policy fetching succeeded this time.
|
| policy_refresh_error_delay_ms_ = kPolicyRefreshErrorDelayInMilliseconds;
|
| ScheduleRefreshTask(GetRefreshTaskDelay());
|
| - // Update this provider's internal waiting state, but don't notify anyone
|
| - // else yet (that's done by the PrefValueStore that receives the policy).
|
| - waiting_for_initial_policies_ = false;
|
| }
|
|
|
| void DeviceManagementPolicyProvider::OnError(
|
| @@ -149,13 +123,11 @@
|
| policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_;
|
| }
|
| }
|
| - StopWaitingForInitialPolicies();
|
| }
|
|
|
| void DeviceManagementPolicyProvider::OnTokenSuccess() {
|
| if (policy_request_pending_)
|
| return;
|
| - cache_->SetDeviceUnmanaged(false);
|
| SendPolicyRequest();
|
| }
|
|
|
| @@ -165,14 +137,10 @@
|
| token_fetch_error_delay_ms_ *= 2;
|
| if (token_fetch_error_delay_ms_ > policy_refresh_rate_ms_)
|
| token_fetch_error_delay_ms_ = policy_refresh_rate_ms_;
|
| - StopWaitingForInitialPolicies();
|
| }
|
|
|
| void DeviceManagementPolicyProvider::OnNotManaged() {
|
| VLOG(1) << "This device is not managed.";
|
| - cache_->SetDeviceUnmanaged(true);
|
| - ScheduleRefreshTask(unmanaged_device_refresh_rate_ms_);
|
| - StopWaitingForInitialPolicies();
|
| }
|
|
|
| void DeviceManagementPolicyProvider::Shutdown() {
|
| @@ -181,57 +149,16 @@
|
| token_fetcher_->Shutdown();
|
| }
|
|
|
| -void DeviceManagementPolicyProvider::Initialize(
|
| - DeviceManagementBackend* backend,
|
| - Profile* profile,
|
| - int64 policy_refresh_rate_ms,
|
| - int64 policy_refresh_max_earlier_ms,
|
| - int64 policy_refresh_error_delay_ms,
|
| - int64 token_fetch_error_delay_ms,
|
| - int64 unmanaged_device_refresh_rate_ms) {
|
| - backend_.reset(backend);
|
| - profile_ = profile;
|
| - storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath());
|
| - policy_request_pending_ = false;
|
| - refresh_task_pending_ = false;
|
| - waiting_for_initial_policies_ = true;
|
| - policy_refresh_rate_ms_ = policy_refresh_rate_ms;
|
| - policy_refresh_max_earlier_ms_ = policy_refresh_max_earlier_ms;
|
| - policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;
|
| - token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;
|
| - unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms;
|
| -
|
| +void DeviceManagementPolicyProvider::Initialize() {
|
| const FilePath policy_path = storage_dir_.Append(
|
| FILE_PATH_LITERAL("Policy"));
|
| cache_.reset(new DeviceManagementPolicyCache(policy_path));
|
| cache_->LoadPolicyFromFile();
|
|
|
| - if (cache_->is_device_unmanaged()) {
|
| - // This is a non-first login on an unmanaged device.
|
| - waiting_for_initial_policies_ = false;
|
| - // Defer token_fetcher_ initialization until this device should ask for
|
| - // a device token again.
|
| - base::Time unmanaged_timestamp = cache_->last_policy_refresh_time();
|
| - int64 delay = unmanaged_device_refresh_rate_ms_ -
|
| - (base::Time::NowFromSystemTime().ToInternalValue() -
|
| - unmanaged_timestamp.ToInternalValue());
|
| - if (delay < 0)
|
| - delay = 0;
|
| - BrowserThread::PostDelayedTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - new InitializeAfterIOThreadExistsTask(AsWeakPtr()),
|
| - delay);
|
| - } else {
|
| - if (file_util::PathExists(
|
| - storage_dir_.Append(FILE_PATH_LITERAL(kDeviceTokenFilename)))) {
|
| - // This is a non-first login on a managed device.
|
| - waiting_for_initial_policies_ = false;
|
| - }
|
| - // Defer initialization that requires the IOThread until after the IOThread
|
| - // has been initialized.
|
| - BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
|
| - new InitializeAfterIOThreadExistsTask(AsWeakPtr()));
|
| - }
|
| + // Defer initialization that requires the IOThread until after the IOThread
|
| + // has been initialized.
|
| + BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
|
| + new InitializeAfterIOThreadExistsTask(AsWeakPtr()));
|
| }
|
|
|
| void DeviceManagementPolicyProvider::InitializeAfterIOThreadExists() {
|
| @@ -247,19 +174,18 @@
|
| }
|
|
|
| void DeviceManagementPolicyProvider::SendPolicyRequest() {
|
| - if (policy_request_pending_)
|
| - return;
|
| -
|
| - policy_request_pending_ = true;
|
| - em::DevicePolicyRequest policy_request;
|
| - policy_request.set_policy_scope(kChromePolicyScope);
|
| - em::DevicePolicySettingRequest* setting =
|
| - policy_request.add_setting_request();
|
| - setting->set_key(kChromeDevicePolicySettingKey);
|
| - setting->set_watermark("");
|
| - backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(),
|
| - token_fetcher_->GetDeviceID(),
|
| - policy_request, this);
|
| + if (!policy_request_pending_) {
|
| + policy_request_pending_ = true;
|
| + em::DevicePolicyRequest policy_request;
|
| + policy_request.set_policy_scope(kChromePolicyScope);
|
| + em::DevicePolicySettingRequest* setting =
|
| + policy_request.add_setting_request();
|
| + setting->set_key(kChromeDevicePolicySettingKey);
|
| + setting->set_watermark("");
|
| + backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(),
|
| + token_fetcher_->GetDeviceID(),
|
| + policy_request, this);
|
| + }
|
| }
|
|
|
| void DeviceManagementPolicyProvider::RefreshTaskExecute() {
|
| @@ -309,20 +235,6 @@
|
| token_fetcher_ = token_fetcher;
|
| }
|
|
|
| -void DeviceManagementPolicyProvider::StopWaitingForInitialPolicies() {
|
| - waiting_for_initial_policies_ = false;
|
| - // Send a CLOUD_POLICY_UPDATE notification to unblock ChromeOS logins that
|
| - // are waiting for an initial policy fetch to complete.
|
| - NotifyCloudPolicyUpdate();
|
| -}
|
| -
|
| -void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() const {
|
| - NotificationService::current()->Notify(
|
| - NotificationType::CLOUD_POLICY_UPDATE,
|
| - Source<DeviceManagementPolicyProvider>(this),
|
| - NotificationService::NoDetails());
|
| -}
|
| -
|
| // static
|
| std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() {
|
| return CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
|
|
|
Chromium Code Reviews
Issue 5321011:
Revert 67530 - Persist 'this device is not managed' information... (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src/