chrome/browser/policy/device_management_policy_provider.cc - Issue 6079012: Allow policy refresh rate to be configured through policy.

Side by Side Diff: chrome/browser/policy/device_management_policy_provider.cc

Issue 6079012: Allow policy refresh rate to be configured through policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Fix windows build. Created 9 years, 11 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/browser/policy/device_management_policy_provider.h ('K') | « chrome/browser/policy/device_management_policy_provider.h ('k') | chrome/browser/policy/device_management_policy_provider_unittest.cc » ('j') | chrome/browser/policy/device_token_fetcher.cc » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/policy/device_management_policy_provider.h"	5 #include "chrome/browser/policy/device_management_policy_provider.h"

6	6

7 #include "base/command_line.h"	7 #include "base/command_line.h"

8 #include "base/file_util.h"	8 #include "base/file_util.h"

9 #include "base/path_service.h"	9 #include "base/path_service.h"

10 #include "base/rand_util.h"	10 #include "base/rand_util.h"

11 #include "base/task.h"	11 #include "base/task.h"

12 #include "chrome/browser/browser_thread.h"	12 #include "chrome/browser/browser_thread.h"

13 #include "chrome/browser/policy/device_management_backend.h"	13 #include "chrome/browser/policy/device_management_backend.h"

14 #include "chrome/browser/policy/device_management_policy_cache.h"	14 #include "chrome/browser/policy/device_management_policy_cache.h"

	15 #include "chrome/browser/policy/profile_policy_context.h"

15 #include "chrome/browser/policy/proto/device_management_constants.h"	16 #include "chrome/browser/policy/proto/device_management_constants.h"

16 #include "chrome/browser/profiles/profile.h"	17 #include "chrome/browser/profiles/profile.h"

17 #include "chrome/common/chrome_paths.h"	18 #include "chrome/common/chrome_paths.h"

18 #include "chrome/common/chrome_switches.h"	19 #include "chrome/common/chrome_switches.h"

19 #include "chrome/common/notification_service.h"	20 #include "chrome/common/notification_service.h"

20 #include "chrome/common/notification_type.h"	21 #include "chrome/common/notification_type.h"

21	22

22 namespace policy {	23 namespace policy {

23	24

24 namespace em = enterprise_management;	25 namespace em = enterprise_management;

25	26

26 const int64 kPolicyRefreshRateInMilliseconds = 3 * 60 * 60 * 1000; // 3 hours	27 // The maximum ratio in percent of the policy refresh rate we use for fuzzing
	danno 2011/01/06 19:16:26 I like random deviation here, too. I like random deviation here, too. Mattias Nissler (ping if slow) 2011/01/07 11:15:33 Done. Show quoted text On 2011/01/06 19:16:26, danno wrote: > I like random deviation here, too. Done.
27 const int64 kPolicyRefreshMaxEarlierInMilliseconds = 20 * 60 * 1000; // 20 mins	28 // the policy refresh time instant.

	29 const int kPolicyRefreshFuzzFactorPercent = 10;

	30 // Maximum preemption resulting from fuzzing we are willing to accept.

	31 const int64 kPolicyRefreshFuzzMaxInMilliseconds = 30 * 60 * 1000;

	32

28 // These are the base values for delays before retrying after an error. They	33 // These are the base values for delays before retrying after an error. They

29 // will be doubled each time they are used.	34 // will be doubled each time they are used.

30 const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds	35 const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds

31 const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000;	36 const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000;

32 // For unmanaged devices, check once per day whether they're still unmanaged.	37 // For unmanaged devices, check once per day whether they're still unmanaged.

33 const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000;	38 const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000;

34	39

35 const FilePath::StringType kDeviceTokenFilename = FILE_PATH_LITERAL("Token");	40 const FilePath::StringType kDeviceTokenFilename = FILE_PATH_LITERAL("Token");

36 const FilePath::StringType kPolicyFilename = FILE_PATH_LITERAL("Policy");	41 const FilePath::StringType kPolicyFilename = FILE_PATH_LITERAL("Policy");

37	42

38 // Ensures that the portion of the policy provider implementation that requires	43 // Calls back into the provider to refresh policy.

39 // the IOThread is deferred until the IOThread is fully initialized. The policy	44 class DeviceManagementPolicyProvider::RefreshTask : public CancelableTask {

40 // provider posts this task on the UI thread during its constructor, thereby

41 // guaranteeing that the code won't get executed until after the UI and IO

42 // threads are fully constructed.

43 class DeviceManagementPolicyProvider::InitializeAfterIOThreadExistsTask

44 : public Task {

45 public:	45 public:

46 explicit InitializeAfterIOThreadExistsTask(	46 explicit RefreshTask(DeviceManagementPolicyProvider* provider)

47 base::WeakPtr<DeviceManagementPolicyProvider> provider)

48 : provider_(provider) {

49 }

50

51 // Task implementation:

52 virtual void Run() {

53 DeviceManagementPolicyProvider* provider = provider_.get();

54 if (provider)

55 provider->InitializeAfterIOThreadExists();

56 }

57

58 private:

59 base::WeakPtr<DeviceManagementPolicyProvider> provider_;

60 };

61

62 class DeviceManagementPolicyProvider::RefreshTask : public Task {

63 public:

64 explicit RefreshTask(base::WeakPtr<DeviceManagementPolicyProvider> provider)

65 : provider_(provider) {}	47 : provider_(provider) {}

66	48

67 // Task implementation:	49 // Task implementation:

68 virtual void Run() {	50 virtual void Run() {

69 DeviceManagementPolicyProvider* provider = provider_.get();	51 if (provider_)

70 if (provider)	52 provider_->RefreshTaskExecute();

71 provider->RefreshTaskExecute();	53 }

	54

	55 // CancelableTask implementation:

	56 virtual void Cancel() {

	57 provider_ = NULL;

72 }	58 }

73	59

74 private:	60 private:

75 base::WeakPtr<DeviceManagementPolicyProvider> provider_;	61 DeviceManagementPolicyProvider* provider_;

76 };	62 };

77	63

78 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(	64 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(

79 const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list,	65 const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list,

80 DeviceManagementBackend* backend,	66 DeviceManagementBackend* backend,

81 Profile* profile)	67 Profile* profile)

82 : ConfigurationPolicyProvider(policy_list) {	68 : ConfigurationPolicyProvider(policy_list) {

83 Initialize(backend,	69 Initialize(backend,

84 profile,	70 profile,

85 kPolicyRefreshRateInMilliseconds,	71 ProfilePolicyContext::kDefaultPolicyRefreshRateInMilliseconds,

86 kPolicyRefreshMaxEarlierInMilliseconds,	72 kPolicyRefreshFuzzFactorPercent,

	73 kPolicyRefreshFuzzMaxInMilliseconds,

87 kPolicyRefreshErrorDelayInMilliseconds,	74 kPolicyRefreshErrorDelayInMilliseconds,

88 kDeviceTokenRefreshErrorDelayInMilliseconds,	75 kDeviceTokenRefreshErrorDelayInMilliseconds,

89 kPolicyRefreshUnmanagedDeviceInMilliseconds);	76 kPolicyRefreshUnmanagedDeviceInMilliseconds);

90 }	77 }

91	78

92 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(

93 const PolicyDefinitionList* policy_list,

94 DeviceManagementBackend* backend,

95 Profile* profile,

96 int64 policy_refresh_rate_ms,

97 int64 policy_refresh_max_earlier_ms,

98 int64 policy_refresh_error_delay_ms,

99 int64 token_fetch_error_delay_ms,

100 int64 unmanaged_device_refresh_rate_ms)

101 : ConfigurationPolicyProvider(policy_list) {

102 Initialize(backend,

103 profile,

104 policy_refresh_rate_ms,

105 policy_refresh_max_earlier_ms,

106 policy_refresh_error_delay_ms,

107 token_fetch_error_delay_ms,

108 unmanaged_device_refresh_rate_ms);

109 }

110

111 DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() {	79 DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() {

112 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,	80 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,

113 observer_list_,	81 observer_list_,

114 OnProviderGoingAway());	82 OnProviderGoingAway());

	83 CancelRefreshTask();

115 }	84 }

116	85

117 bool DeviceManagementPolicyProvider::Provide(	86 bool DeviceManagementPolicyProvider::Provide(

118 ConfigurationPolicyStoreInterface* policy_store) {	87 ConfigurationPolicyStoreInterface* policy_store) {

119 scoped_ptr<DictionaryValue> policies(cache_->GetPolicy());	88 scoped_ptr<DictionaryValue> policies(cache_->GetPolicy());

120 DecodePolicyValueTree(policies.get(), policy_store);	89 DecodePolicyValueTree(policies.get(), policy_store);

121 return true;	90 return true;

122 }	91 }

123	92

124 bool DeviceManagementPolicyProvider::IsInitializationComplete() const {	93 bool DeviceManagementPolicyProvider::IsInitializationComplete() const {

125 return !waiting_for_initial_policies_;	94 return !cache_->last_policy_refresh_time().is_null();

126 }	95 }

127	96

128 void DeviceManagementPolicyProvider::HandlePolicyResponse(	97 void DeviceManagementPolicyProvider::HandlePolicyResponse(

129 const em::DevicePolicyResponse& response) {	98 const em::DevicePolicyResponse& response) {

	99 DCHECK(TokenAvailable());

130 if (cache_->SetPolicy(response))	100 if (cache_->SetPolicy(response))

131 NotifyCloudPolicyUpdate();	101 NotifyCloudPolicyUpdate();

132 policy_request_pending_ = false;	102 SetState(STATE_POLICY_VALID);

133 // Reset the error delay since policy fetching succeeded this time.

134 policy_refresh_error_delay_ms_ = kPolicyRefreshErrorDelayInMilliseconds;

135 ScheduleRefreshTask(GetRefreshTaskDelay());

136 // Update this provider's internal waiting state, but don't notify anyone

137 // else yet (that's done by the PrefValueStore that receives the policy).

138 waiting_for_initial_policies_ = false;

139 }	103 }

140	104

141 void DeviceManagementPolicyProvider::OnError(	105 void DeviceManagementPolicyProvider::OnError(

142 DeviceManagementBackend::ErrorCode code) {	106 DeviceManagementBackend::ErrorCode code) {

143 policy_request_pending_ = false;	107 DCHECK(TokenAvailable());

144 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound \|\|	108 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound \|\|

145 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) {	109 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) {

146 LOG(WARNING) << "The device token was either invalid or unknown to the "	110 LOG(WARNING) << "The device token was either invalid or unknown to the "

147 << "device manager, re-registering device.";	111 << "device manager, re-registering device.";

148 token_fetcher_->Restart();	112 SetState(STATE_TOKEN_RESET);

149 } else if (code ==	113 } else if (code ==

150 DeviceManagementBackend::kErrorServiceManagementNotSupported) {	114 DeviceManagementBackend::kErrorServiceManagementNotSupported) {

151 VLOG(1) << "The device is no longer managed, resetting device token.";	115 VLOG(1) << "The device is no longer managed, resetting device token.";

152 token_fetcher_->Restart();	116 SetState(STATE_TOKEN_RESET);

153 } else {	117 } else {

154 LOG(WARNING) << "Could not provide policy from the device manager (error = "	118 LOG(WARNING) << "Could not provide policy from the device manager (error = "

155 << code << "), will retry in "	119 << code << "), will retry in "

156 << (policy_refresh_error_delay_ms_/1000) << " seconds.";	120 << (effective_policy_refresh_error_delay_ms_ / 1000)

157 ScheduleRefreshTask(policy_refresh_error_delay_ms_);	121 << " seconds.";

158 policy_refresh_error_delay_ms_ *= 2;	122 SetState(STATE_POLICY_ERROR);

159 if (policy_refresh_rate_ms_ &&

160 policy_refresh_rate_ms_ < policy_refresh_error_delay_ms_) {

161 policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_;

162 }

163 }	123 }

164 StopWaitingForInitialPolicies();

165 }	124 }

166	125

167 void DeviceManagementPolicyProvider::OnTokenSuccess() {	126 void DeviceManagementPolicyProvider::OnTokenSuccess() {

168 if (policy_request_pending_)	127 DCHECK(!TokenAvailable());

169 return;

170 cache_->SetDeviceUnmanaged(false);	128 cache_->SetDeviceUnmanaged(false);

171 SendPolicyRequest();	129 SetState(STATE_TOKEN_VALID);

172 }	130 }

173	131

174 void DeviceManagementPolicyProvider::OnTokenError() {	132 void DeviceManagementPolicyProvider::OnTokenError() {

	133 DCHECK(!TokenAvailable());

175 LOG(WARNING) << "Could not retrieve device token.";	134 LOG(WARNING) << "Could not retrieve device token.";

176 ScheduleRefreshTask(token_fetch_error_delay_ms_);	135 SetState(STATE_TOKEN_ERROR);

177 token_fetch_error_delay_ms_ *= 2;

178 if (token_fetch_error_delay_ms_ > policy_refresh_rate_ms_)

179 token_fetch_error_delay_ms_ = policy_refresh_rate_ms_;

180 StopWaitingForInitialPolicies();

181 }	136 }

182	137

183 void DeviceManagementPolicyProvider::OnNotManaged() {	138 void DeviceManagementPolicyProvider::OnNotManaged() {

	139 DCHECK(!TokenAvailable());

184 VLOG(1) << "This device is not managed.";	140 VLOG(1) << "This device is not managed.";

185 cache_->SetDeviceUnmanaged(true);	141 cache_->SetDeviceUnmanaged(true);

186 ScheduleRefreshTask(unmanaged_device_refresh_rate_ms_);	142 SetState(STATE_UNMANAGED);

187 StopWaitingForInitialPolicies();	143 }

	144

	145 void DeviceManagementPolicyProvider::SetRefreshRate(

	146 int64 refresh_rate_milliseconds) {
	Jakob Kummerow 2011/01/07 09:48:51 missing line: policy_refresh_rate_ms_ = refresh_ra missing line: policy_refresh_rate_ms_ = refresh_rate_milliseconds;
	147 // Reschedule the refresh task if necessary.

	148 if (state_ == STATE_POLICY_VALID)

	149 SetState(STATE_POLICY_VALID);

	150 }

	151

	152 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(

	153 const PolicyDefinitionList* policy_list,

	154 DeviceManagementBackend* backend,

	155 Profile* profile,

	156 int64 policy_refresh_rate_ms,

	157 int policy_refresh_fuzz_factor_percent,

	158 int64 policy_refresh_fuzz_max_ms,

	159 int64 policy_refresh_error_delay_ms,

	160 int64 token_fetch_error_delay_ms,

	161 int64 unmanaged_device_refresh_rate_ms)

	162 : ConfigurationPolicyProvider(policy_list) {

	163 Initialize(backend,

	164 profile,

	165 policy_refresh_rate_ms,

	166 policy_refresh_fuzz_factor_percent,

	167 policy_refresh_fuzz_max_ms,

	168 policy_refresh_error_delay_ms,

	169 token_fetch_error_delay_ms,

	170 unmanaged_device_refresh_rate_ms);

	171 }

	172

	173 void DeviceManagementPolicyProvider::Initialize(

	174 DeviceManagementBackend* backend,

	175 Profile* profile,

	176 int64 policy_refresh_rate_ms,

	177 int policy_refresh_fuzz_factor_percent,

	178 int64 policy_refresh_fuzz_max_ms,

	179 int64 policy_refresh_error_delay_ms,

	180 int64 token_fetch_error_delay_ms,

	181 int64 unmanaged_device_refresh_rate_ms) {

	182 DCHECK(profile);

	183 backend_.reset(backend);

	184 profile_ = profile;

	185 storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath());

	186 state_ = STATE_INITIALIZING;

	187 refresh_task_ = NULL;

	188 policy_refresh_rate_ms_ = policy_refresh_rate_ms;

	189 policy_refresh_fuzz_factor_percent_ = policy_refresh_fuzz_factor_percent;

	190 policy_refresh_fuzz_max_ms_ = policy_refresh_fuzz_max_ms;

	191 policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;

	192 effective_policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;

	193 token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;

	194 effective_token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;

	195 unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms;

	196

	197 const FilePath policy_path = storage_dir_.Append(kPolicyFilename);

	198 cache_.reset(new DeviceManagementPolicyCache(policy_path));

	199 cache_->LoadPolicyFromFile();

	200

	201 SetDeviceTokenFetcher(new DeviceTokenFetcher(backend_.get(), profile,

	202 GetTokenPath()));

	203

	204 if (cache_->is_device_unmanaged()) {

	205 // This is a non-first login on an unmanaged device.

	206 SetState(STATE_UNMANAGED);

	207 } else {

	208 SetState(STATE_INITIALIZING);

	209 }

188 }	210 }

189	211

190 void DeviceManagementPolicyProvider::AddObserver(	212 void DeviceManagementPolicyProvider::AddObserver(

191 ConfigurationPolicyProvider::Observer* observer) {	213 ConfigurationPolicyProvider::Observer* observer) {

192 observer_list_.AddObserver(observer);	214 observer_list_.AddObserver(observer);

193 }	215 }

194	216

195 void DeviceManagementPolicyProvider::RemoveObserver(	217 void DeviceManagementPolicyProvider::RemoveObserver(

196 ConfigurationPolicyProvider::Observer* observer) {	218 ConfigurationPolicyProvider::Observer* observer) {

197 observer_list_.RemoveObserver(observer);	219 observer_list_.RemoveObserver(observer);

198 }	220 }

199	221

200 void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() {

201 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,

202 observer_list_,

203 OnUpdatePolicy());

204 }

205

206 void DeviceManagementPolicyProvider::Initialize(

207 DeviceManagementBackend* backend,

208 Profile* profile,

209 int64 policy_refresh_rate_ms,

210 int64 policy_refresh_max_earlier_ms,

211 int64 policy_refresh_error_delay_ms,

212 int64 token_fetch_error_delay_ms,

213 int64 unmanaged_device_refresh_rate_ms) {

214 backend_.reset(backend);

215 profile_ = profile;

216 storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath());

217 policy_request_pending_ = false;

218 refresh_task_pending_ = false;

219 waiting_for_initial_policies_ = true;

220 policy_refresh_rate_ms_ = policy_refresh_rate_ms;

221 policy_refresh_max_earlier_ms_ = policy_refresh_max_earlier_ms;

222 policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;

223 token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;

224 unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms;

225

226 const FilePath policy_path = storage_dir_.Append(kPolicyFilename);

227 cache_.reset(new DeviceManagementPolicyCache(policy_path));

228 cache_->LoadPolicyFromFile();

229

230 if (cache_->is_device_unmanaged()) {

231 // This is a non-first login on an unmanaged device.

232 waiting_for_initial_policies_ = false;

233 // Defer token_fetcher_ initialization until this device should ask for

234 // a device token again.

235 base::Time unmanaged_timestamp = cache_->last_policy_refresh_time();

236 int64 delay = unmanaged_device_refresh_rate_ms_ -

237 (base::Time::NowFromSystemTime().ToInternalValue() -

238 unmanaged_timestamp.ToInternalValue());

239 if (delay < 0)

240 delay = 0;

241 BrowserThread::PostDelayedTask(

242 BrowserThread::UI, FROM_HERE,

243 new InitializeAfterIOThreadExistsTask(AsWeakPtr()),

244 delay);

245 } else {

246 if (file_util::PathExists(

247 storage_dir_.Append(kDeviceTokenFilename))) {

248 // This is a non-first login on a managed device.

249 waiting_for_initial_policies_ = false;

250 }

251 // Defer initialization that requires the IOThread until after the IOThread

252 // has been initialized.

253 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,

254 new InitializeAfterIOThreadExistsTask(AsWeakPtr()));

255 }

256 }

257

258 void DeviceManagementPolicyProvider::InitializeAfterIOThreadExists() {

259 if (profile_) {

260 if (!token_fetcher_) {

261 token_fetcher_ = new DeviceTokenFetcher(

262 backend_.get(), profile_, GetTokenPath());

263 }

264 registrar_.Init(token_fetcher_);

265 registrar_.AddObserver(this);

266 token_fetcher_->StartFetching();

267 }

268 }

269

270 void DeviceManagementPolicyProvider::SendPolicyRequest() {	222 void DeviceManagementPolicyProvider::SendPolicyRequest() {

271 if (policy_request_pending_)

272 return;

273

274 policy_request_pending_ = true;

275 em::DevicePolicyRequest policy_request;	223 em::DevicePolicyRequest policy_request;

276 policy_request.set_policy_scope(kChromePolicyScope);	224 policy_request.set_policy_scope(kChromePolicyScope);

277 em::DevicePolicySettingRequest* setting =	225 em::DevicePolicySettingRequest* setting =

278 policy_request.add_setting_request();	226 policy_request.add_setting_request();

279 setting->set_key(kChromeDevicePolicySettingKey);	227 setting->set_key(kChromeDevicePolicySettingKey);

280 setting->set_watermark("");	228 setting->set_watermark("");

281 backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(),	229 backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(),

282 token_fetcher_->GetDeviceID(),	230 token_fetcher_->GetDeviceID(),

283 policy_request, this);	231 policy_request, this);

284 }	232 }

285	233

286 void DeviceManagementPolicyProvider::RefreshTaskExecute() {	234 void DeviceManagementPolicyProvider::RefreshTaskExecute() {

287 DCHECK(refresh_task_pending_);	235 DCHECK(refresh_task_);

288 refresh_task_pending_ = false;	236 refresh_task_ = NULL;

289 // If there is no valid device token, the token_fetcher_ apparently failed,	237

290 // so it must be restarted.	238 switch (state_) {

291 if (!token_fetcher_->IsTokenValid()) {	239 case STATE_INITIALIZING:

292 if (token_fetcher_->IsTokenPending()) {	240 token_fetcher_->StartFetching();

293 NOTREACHED();

294 return;	241 return;

295 }	242 case STATE_TOKEN_VALID:

296 token_fetcher_->Restart();	243 case STATE_POLICY_VALID:

297 return;	244 case STATE_POLICY_ERROR:

	245 SendPolicyRequest();

	246 return;

	247 case STATE_UNMANAGED:

	248 case STATE_TOKEN_ERROR:

	249 case STATE_TOKEN_RESET:

	250 token_fetcher_->Restart();

	251 return;

298 }	252 }

299 // If there is a device token, just refresh policies.	253

300 SendPolicyRequest();	254 NOTREACHED() << "Unhandled state";

301 }	255 }

302	256

303 void DeviceManagementPolicyProvider::ScheduleRefreshTask(	257 void DeviceManagementPolicyProvider::CancelRefreshTask() {

304 int64 delay_in_milliseconds) {	258 if (refresh_task_) {

305 // This check is simply a safeguard, the situation currently cannot happen.	259 refresh_task_->Cancel();

306 if (refresh_task_pending_) {	260 refresh_task_ = NULL;

307 NOTREACHED();

308 return;

309 }	261 }

310 refresh_task_pending_ = true;

311 BrowserThread::PostDelayedTask(BrowserThread::UI, FROM_HERE,

312 new RefreshTask(AsWeakPtr()),

313 delay_in_milliseconds);

314 }	262 }

315	263

316 int64 DeviceManagementPolicyProvider::GetRefreshTaskDelay() {	264 void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() {

317 int64 delay = policy_refresh_rate_ms_;	265 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,

318 if (policy_refresh_max_earlier_ms_)	266 observer_list_,

319 delay -= base::RandGenerator(policy_refresh_max_earlier_ms_);	267 OnUpdatePolicy());

320 return delay;

321 }	268 }

322	269

323 FilePath DeviceManagementPolicyProvider::GetTokenPath() {	270 FilePath DeviceManagementPolicyProvider::GetTokenPath() {

324 return storage_dir_.Append(kDeviceTokenFilename);	271 return storage_dir_.Append(kDeviceTokenFilename);

325 }	272 }

326	273

327 void DeviceManagementPolicyProvider::SetDeviceTokenFetcher(	274 void DeviceManagementPolicyProvider::SetDeviceTokenFetcher(

328 DeviceTokenFetcher* token_fetcher) {	275 DeviceTokenFetcher* token_fetcher) {

329 DCHECK(!token_fetcher_);	276 registrar_.Init(token_fetcher);

	277 registrar_.AddObserver(this);

330 token_fetcher_ = token_fetcher;	278 token_fetcher_ = token_fetcher;

331 }	279 }

332	280

333 void DeviceManagementPolicyProvider::StopWaitingForInitialPolicies() {	281 void DeviceManagementPolicyProvider::SetState(

334 waiting_for_initial_policies_ = false;	282 DeviceManagementPolicyProvider::ProviderState new_state) {

335 // Notify observers that initial policy fetch is complete.	283 if (!IsInitializationComplete() &&
	danno 2011/01/06 19:16:26 I am confused here. If !IsInitializationComplete y I am confused here. If !IsInitializationComplete you notify the observers that the initial policy fetch is complete? Perhaps an explanatory comment. Mattias Nissler (ping if slow) 2011/01/07 11:15:33 The idea is to notify observers once we switch to Show quoted text On 2011/01/06 19:16:26, danno wrote: > I am confused here. If !IsInitializationComplete you notify the observers that > the initial policy fetch is complete? Perhaps an explanatory comment. The idea is to notify observers once we switch to a state where policy is available. The code here was indeed wrong. I changed the tests to validate that this notification actually gets sent.
336 NotifyCloudPolicyUpdate();	284 state_ != STATE_INITIALIZING &&

	285 state_ != STATE_TOKEN_VALID) {

	286 // Notify observers that initial policy fetch is complete.

	287 NotifyCloudPolicyUpdate();
	danno 2011/01/06 19:16:26 I found the old code much more readable, it was cl I found the old code much more readable, it was clear that the notification happened when there was an error, when the device isn't managed, etc. Perhaps it would be clearer if this call was included in the individual state transitions. Mattias Nissler (ping if slow) 2011/01/07 11:15:33 I disagree. We now have a central point that detec Show quoted text On 2011/01/06 19:16:26, danno wrote: > I found the old code much more readable, it was clear that the notification > happened when there was an error, when the device isn't managed, etc. Perhaps it > would be clearer if this call was included in the individual state transitions. I disagree. We now have a central point that detects whether we switch from an initializing state to a steady state. That gives much more confidence that we didn't miss some code path.
	288 }

	289 state_ = new_state;

	290

	291 base::Time now(base::Time::NowFromSystemTime());

	292 base::Time refresh_at;

	293 base::Time last_refresh(cache_->last_policy_refresh_time());

	294 if (last_refresh.is_null())

	295 last_refresh = now;

	296

	297 // Determine when to take the next step.

	298 switch (state_) {

	299 case STATE_INITIALIZING:

	300 refresh_at = now;

	301 break;

	302 case STATE_TOKEN_VALID:

	303 cache_->SetDeviceUnmanaged(false);

	304 effective_token_fetch_error_delay_ms_ = token_fetch_error_delay_ms_;

	305 refresh_at = now;

	306 break;

	307 case STATE_TOKEN_RESET:

	308 refresh_at = now;

	309 break;

	310 case STATE_UNMANAGED:

	311 refresh_at = last_refresh +

	312 base::TimeDelta::FromMilliseconds(unmanaged_device_refresh_rate_ms_);

	313 break;

	314 case STATE_POLICY_VALID:

	315 effective_policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms_;

	316 refresh_at =

	317 last_refresh + base::TimeDelta::FromMilliseconds(GetRefreshDelay());

	318 break;

	319 case STATE_TOKEN_ERROR:

	320 refresh_at = now + base::TimeDelta::FromMilliseconds(

	321 effective_token_fetch_error_delay_ms_);

	322 effective_token_fetch_error_delay_ms_ *= 2;

	323 if (effective_token_fetch_error_delay_ms_ > policy_refresh_rate_ms_)

	324 effective_token_fetch_error_delay_ms_ = policy_refresh_rate_ms_;

	325 break;

	326 case STATE_POLICY_ERROR:

	327 refresh_at = now + base::TimeDelta::FromMilliseconds(

	328 effective_policy_refresh_error_delay_ms_);

	329 effective_policy_refresh_error_delay_ms_ *= 2;

	330 if (effective_policy_refresh_error_delay_ms_ > policy_refresh_rate_ms_)

	331 effective_policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_;

	332 break;

	333 }

	334

	335 // Update the refresh task.

	336 CancelRefreshTask();

	337 if (!refresh_at.is_null()) {

	338 refresh_task_ = new RefreshTask(this);

	339 int64 delay = std::max<int64>((refresh_at - now).InMilliseconds(), 0);

	340 BrowserThread::PostDelayedTask(BrowserThread::UI, FROM_HERE, refresh_task_,

	341 delay);

	342 }

	343 }

	344

	345 int64 DeviceManagementPolicyProvider::GetRefreshDelay() {

	346 int64 fuzz = policy_refresh_fuzz_factor_percent_ * policy_refresh_rate_ms_;

	347 fuzz = std::min(fuzz, policy_refresh_fuzz_max_ms_);

	348 return policy_refresh_rate_ms_ - base::RandGenerator(fuzz + 1);

	349 }

	350

	351 bool DeviceManagementPolicyProvider::TokenAvailable() const {

	352 return state_ == STATE_TOKEN_VALID \|\|

	353 state_ == STATE_POLICY_VALID \|\|

	354 state_ == STATE_POLICY_ERROR;

337 }	355 }

338	356

339 // static	357 // static

340 std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() {	358 std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() {

341 return CommandLine::ForCurrentProcess()->GetSwitchValueASCII(	359 return CommandLine::ForCurrentProcess()->GetSwitchValueASCII(

342 switches::kDeviceManagementUrl);	360 switches::kDeviceManagementUrl);

343 }	361 }

344	362

345 // static	363 // static

346 FilePath DeviceManagementPolicyProvider::GetOrCreateDeviceManagementDir(	364 FilePath DeviceManagementPolicyProvider::GetOrCreateDeviceManagementDir(

347 const FilePath& user_data_dir) {	365 const FilePath& user_data_dir) {

348 const FilePath device_management_dir = user_data_dir.Append(	366 const FilePath device_management_dir = user_data_dir.Append(

349 FILE_PATH_LITERAL("Device Management"));	367 FILE_PATH_LITERAL("Device Management"));

350 if (!file_util::DirectoryExists(device_management_dir)) {	368 if (!file_util::DirectoryExists(device_management_dir)) {

351 if (!file_util::CreateDirectory(device_management_dir))	369 if (!file_util::CreateDirectory(device_management_dir))

352 NOTREACHED();	370 NOTREACHED();

353 }	371 }

354 return device_management_dir;	372 return device_management_dir;

355 }	373 }

356	374

357 } // namespace policy	375 } // namespace policy

OLD	NEW