Index: chrome/browser/policy/device_management_policy_provider.cc |
=================================================================== |
--- chrome/browser/policy/device_management_policy_provider.cc (revision 67530) |
+++ chrome/browser/policy/device_management_policy_provider.cc (working copy) |
@@ -21,20 +21,13 @@ |
namespace policy { |
-namespace em = enterprise_management; |
- |
const int64 kPolicyRefreshRateInMilliseconds = 3 * 60 * 60 * 1000; // 3 hours |
const int64 kPolicyRefreshMaxEarlierInMilliseconds = 20 * 60 * 1000; // 20 mins |
// These are the base values for delays before retrying after an error. They |
// will be doubled each time they are used. |
const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds |
const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000; |
-// For unmanaged devices, check once per day whether they're still unmanaged. |
-const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000; |
-const char* kDeviceTokenFilename = "Token"; |
-const char* kPolicyFilename = "Policy"; |
- |
// Ensures that the portion of the policy provider implementation that requires |
// the IOThread is deferred until the IOThread is fully initialized. The policy |
// provider posts this task on the UI thread during its constructor, thereby |
@@ -79,35 +72,19 @@ |
const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list, |
DeviceManagementBackend* backend, |
Profile* profile) |
- : ConfigurationPolicyProvider(policy_list) { |
- Initialize(backend, |
- profile, |
- kPolicyRefreshRateInMilliseconds, |
- kPolicyRefreshMaxEarlierInMilliseconds, |
- kPolicyRefreshErrorDelayInMilliseconds, |
- kDeviceTokenRefreshErrorDelayInMilliseconds, |
- kPolicyRefreshUnmanagedDeviceInMilliseconds); |
+ : ConfigurationPolicyProvider(policy_list), |
+ backend_(backend), |
+ profile_(profile), |
+ storage_dir_(GetOrCreateDeviceManagementDir(profile_->GetPath())), |
+ policy_request_pending_(false), |
+ refresh_task_pending_(false), |
+ policy_refresh_rate_ms_(kPolicyRefreshRateInMilliseconds), |
+ policy_refresh_max_earlier_ms_(kPolicyRefreshMaxEarlierInMilliseconds), |
+ policy_refresh_error_delay_ms_(kPolicyRefreshErrorDelayInMilliseconds), |
+ token_fetch_error_delay_ms_(kDeviceTokenRefreshErrorDelayInMilliseconds) { |
+ Initialize(); |
} |
-DeviceManagementPolicyProvider::DeviceManagementPolicyProvider( |
- const PolicyDefinitionList* policy_list, |
- DeviceManagementBackend* backend, |
- Profile* profile, |
- int64 policy_refresh_rate_ms, |
- int64 policy_refresh_max_earlier_ms, |
- int64 policy_refresh_error_delay_ms, |
- int64 token_fetch_error_delay_ms, |
- int64 unmanaged_device_refresh_rate_ms) |
- : ConfigurationPolicyProvider(policy_list) { |
- Initialize(backend, |
- profile, |
- policy_refresh_rate_ms, |
- policy_refresh_max_earlier_ms, |
- policy_refresh_error_delay_ms, |
- token_fetch_error_delay_ms, |
- unmanaged_device_refresh_rate_ms); |
-} |
- |
DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() {} |
bool DeviceManagementPolicyProvider::Provide( |
@@ -125,9 +102,6 @@ |
// Reset the error delay since policy fetching succeeded this time. |
policy_refresh_error_delay_ms_ = kPolicyRefreshErrorDelayInMilliseconds; |
ScheduleRefreshTask(GetRefreshTaskDelay()); |
- // Update this provider's internal waiting state, but don't notify anyone |
- // else yet (that's done by the PrefValueStore that receives the policy). |
- waiting_for_initial_policies_ = false; |
} |
void DeviceManagementPolicyProvider::OnError( |
@@ -149,13 +123,11 @@ |
policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_; |
} |
} |
- StopWaitingForInitialPolicies(); |
} |
void DeviceManagementPolicyProvider::OnTokenSuccess() { |
if (policy_request_pending_) |
return; |
- cache_->SetDeviceUnmanaged(false); |
SendPolicyRequest(); |
} |
@@ -165,14 +137,10 @@ |
token_fetch_error_delay_ms_ *= 2; |
if (token_fetch_error_delay_ms_ > policy_refresh_rate_ms_) |
token_fetch_error_delay_ms_ = policy_refresh_rate_ms_; |
- StopWaitingForInitialPolicies(); |
} |
void DeviceManagementPolicyProvider::OnNotManaged() { |
VLOG(1) << "This device is not managed."; |
- cache_->SetDeviceUnmanaged(true); |
- ScheduleRefreshTask(unmanaged_device_refresh_rate_ms_); |
- StopWaitingForInitialPolicies(); |
} |
void DeviceManagementPolicyProvider::Shutdown() { |
@@ -181,57 +149,16 @@ |
token_fetcher_->Shutdown(); |
} |
-void DeviceManagementPolicyProvider::Initialize( |
- DeviceManagementBackend* backend, |
- Profile* profile, |
- int64 policy_refresh_rate_ms, |
- int64 policy_refresh_max_earlier_ms, |
- int64 policy_refresh_error_delay_ms, |
- int64 token_fetch_error_delay_ms, |
- int64 unmanaged_device_refresh_rate_ms) { |
- backend_.reset(backend); |
- profile_ = profile; |
- storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath()); |
- policy_request_pending_ = false; |
- refresh_task_pending_ = false; |
- waiting_for_initial_policies_ = true; |
- policy_refresh_rate_ms_ = policy_refresh_rate_ms; |
- policy_refresh_max_earlier_ms_ = policy_refresh_max_earlier_ms; |
- policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms; |
- token_fetch_error_delay_ms_ = token_fetch_error_delay_ms; |
- unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms; |
- |
+void DeviceManagementPolicyProvider::Initialize() { |
const FilePath policy_path = storage_dir_.Append( |
FILE_PATH_LITERAL("Policy")); |
cache_.reset(new DeviceManagementPolicyCache(policy_path)); |
cache_->LoadPolicyFromFile(); |
- if (cache_->is_device_unmanaged()) { |
- // This is a non-first login on an unmanaged device. |
- waiting_for_initial_policies_ = false; |
- // Defer token_fetcher_ initialization until this device should ask for |
- // a device token again. |
- base::Time unmanaged_timestamp = cache_->last_policy_refresh_time(); |
- int64 delay = unmanaged_device_refresh_rate_ms_ - |
- (base::Time::NowFromSystemTime().ToInternalValue() - |
- unmanaged_timestamp.ToInternalValue()); |
- if (delay < 0) |
- delay = 0; |
- BrowserThread::PostDelayedTask( |
- BrowserThread::UI, FROM_HERE, |
- new InitializeAfterIOThreadExistsTask(AsWeakPtr()), |
- delay); |
- } else { |
- if (file_util::PathExists( |
- storage_dir_.Append(FILE_PATH_LITERAL(kDeviceTokenFilename)))) { |
- // This is a non-first login on a managed device. |
- waiting_for_initial_policies_ = false; |
- } |
- // Defer initialization that requires the IOThread until after the IOThread |
- // has been initialized. |
- BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, |
- new InitializeAfterIOThreadExistsTask(AsWeakPtr())); |
- } |
+ // Defer initialization that requires the IOThread until after the IOThread |
+ // has been initialized. |
+ BrowserThread::PostTask(BrowserThread::UI, FROM_HERE, |
+ new InitializeAfterIOThreadExistsTask(AsWeakPtr())); |
} |
void DeviceManagementPolicyProvider::InitializeAfterIOThreadExists() { |
@@ -247,19 +174,18 @@ |
} |
void DeviceManagementPolicyProvider::SendPolicyRequest() { |
- if (policy_request_pending_) |
- return; |
- |
- policy_request_pending_ = true; |
- em::DevicePolicyRequest policy_request; |
- policy_request.set_policy_scope(kChromePolicyScope); |
- em::DevicePolicySettingRequest* setting = |
- policy_request.add_setting_request(); |
- setting->set_key(kChromeDevicePolicySettingKey); |
- setting->set_watermark(""); |
- backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(), |
- token_fetcher_->GetDeviceID(), |
- policy_request, this); |
+ if (!policy_request_pending_) { |
+ policy_request_pending_ = true; |
+ em::DevicePolicyRequest policy_request; |
+ policy_request.set_policy_scope(kChromePolicyScope); |
+ em::DevicePolicySettingRequest* setting = |
+ policy_request.add_setting_request(); |
+ setting->set_key(kChromeDevicePolicySettingKey); |
+ setting->set_watermark(""); |
+ backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(), |
+ token_fetcher_->GetDeviceID(), |
+ policy_request, this); |
+ } |
} |
void DeviceManagementPolicyProvider::RefreshTaskExecute() { |
@@ -309,20 +235,6 @@ |
token_fetcher_ = token_fetcher; |
} |
-void DeviceManagementPolicyProvider::StopWaitingForInitialPolicies() { |
- waiting_for_initial_policies_ = false; |
- // Send a CLOUD_POLICY_UPDATE notification to unblock ChromeOS logins that |
- // are waiting for an initial policy fetch to complete. |
- NotifyCloudPolicyUpdate(); |
-} |
- |
-void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() const { |
- NotificationService::current()->Notify( |
- NotificationType::CLOUD_POLICY_UPDATE, |
- Source<DeviceManagementPolicyProvider>(this), |
- NotificationService::NoDetails()); |
-} |
- |
// static |
std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() { |
return CommandLine::ForCurrentProcess()->GetSwitchValueASCII( |