Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(76)

Issues Search
    My Issues | Starred     Open | Closed | All

Side by Side Diff: chrome/browser/policy/device_management_policy_provider.cc

Issue 6310012: Allow policy refresh rate to be configured through policy. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Fix unit test. Created 9 years, 11 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
« no previous file with comments | « chrome/browser/policy/device_management_policy_provider.h ('k') | chrome/browser/policy/device_management_policy_provider_unittest.cc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/policy/device_management_policy_provider.h" 5 #include "chrome/browser/policy/device_management_policy_provider.h"
6 6
7 #include "base/command_line.h" 7 #include "base/command_line.h"
8 #include "base/file_util.h" 8 #include "base/file_util.h"
9 #include "base/path_service.h" 9 #include "base/path_service.h"
10 #include "base/rand_util.h" 10 #include "base/rand_util.h"
11 #include "base/task.h" 11 #include "base/task.h"
12 #include "chrome/browser/browser_thread.h" 12 #include "chrome/browser/browser_thread.h"
13 #include "chrome/browser/policy/device_management_backend.h" 13 #include "chrome/browser/policy/device_management_backend.h"
14 #include "chrome/browser/policy/device_management_policy_cache.h" 14 #include "chrome/browser/policy/device_management_policy_cache.h"
15 #include "chrome/browser/policy/profile_policy_context.h"
15 #include "chrome/browser/policy/proto/device_management_constants.h" 16 #include "chrome/browser/policy/proto/device_management_constants.h"
16 #include "chrome/browser/profiles/profile.h" 17 #include "chrome/browser/profiles/profile.h"
17 #include "chrome/common/chrome_paths.h" 18 #include "chrome/common/chrome_paths.h"
18 #include "chrome/common/chrome_switches.h" 19 #include "chrome/common/chrome_switches.h"
19 #include "chrome/common/notification_service.h" 20 #include "chrome/common/notification_service.h"
20 #include "chrome/common/notification_type.h" 21 #include "chrome/common/notification_type.h"
21 22
22 namespace policy { 23 namespace policy {
23 24
24 namespace em = enterprise_management; 25 namespace em = enterprise_management;
25 26
26 const int64 kPolicyRefreshRateInMilliseconds = 3 * 60 * 60 * 1000; // 3 hours 27 // The maximum ratio in percent of the policy refresh rate we use for adjusting
27 const int64 kPolicyRefreshMaxEarlierInMilliseconds = 20 * 60 * 1000; // 20 mins 28 // the policy refresh time instant. The rationale is to avoid load spikes if
29 // from many devices that were set up in sync for some reason.
30 const int kPolicyRefreshDeviationFactorPercent = 10;
31 // Maximum deviation we are willing to accept.
32 const int64 kPolicyRefreshDeviationMaxInMilliseconds = 30 * 60 * 1000;
33
28 // These are the base values for delays before retrying after an error. They 34 // These are the base values for delays before retrying after an error. They
29 // will be doubled each time they are used. 35 // will be doubled each time they are used.
30 const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds 36 const int64 kPolicyRefreshErrorDelayInMilliseconds = 3 * 1000; // 3 seconds
31 const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000; 37 const int64 kDeviceTokenRefreshErrorDelayInMilliseconds = 3 * 1000;
32 // For unmanaged devices, check once per day whether they're still unmanaged. 38 // For unmanaged devices, check once per day whether they're still unmanaged.
33 const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000; 39 const int64 kPolicyRefreshUnmanagedDeviceInMilliseconds = 24 * 60 * 60 * 1000;
34 40
35 const FilePath::StringType kDeviceTokenFilename = FILE_PATH_LITERAL("Token"); 41 const FilePath::StringType kDeviceTokenFilename = FILE_PATH_LITERAL("Token");
36 const FilePath::StringType kPolicyFilename = FILE_PATH_LITERAL("Policy"); 42 const FilePath::StringType kPolicyFilename = FILE_PATH_LITERAL("Policy");
37 43
38 // Ensures that the portion of the policy provider implementation that requires 44 // Calls back into the provider to refresh policy.
39 // the IOThread is deferred until the IOThread is fully initialized. The policy 45 class DeviceManagementPolicyProvider::RefreshTask : public CancelableTask {
40 // provider posts this task on the UI thread during its constructor, thereby
41 // guaranteeing that the code won't get executed until after the UI and IO
42 // threads are fully constructed.
43 class DeviceManagementPolicyProvider::InitializeAfterIOThreadExistsTask
44 : public Task {
45 public: 46 public:
46 explicit InitializeAfterIOThreadExistsTask( 47 explicit RefreshTask(DeviceManagementPolicyProvider* provider)
47 base::WeakPtr<DeviceManagementPolicyProvider> provider)
48 : provider_(provider) {
49 }
50
51 // Task implementation:
52 virtual void Run() {
53 DeviceManagementPolicyProvider* provider = provider_.get();
54 if (provider)
55 provider->InitializeAfterIOThreadExists();
56 }
57
58 private:
59 base::WeakPtr<DeviceManagementPolicyProvider> provider_;
60 };
61
62 class DeviceManagementPolicyProvider::RefreshTask : public Task {
63 public:
64 explicit RefreshTask(base::WeakPtr<DeviceManagementPolicyProvider> provider)
65 : provider_(provider) {} 48 : provider_(provider) {}
66 49
67 // Task implementation: 50 // Task implementation:
68 virtual void Run() { 51 virtual void Run() {
69 DeviceManagementPolicyProvider* provider = provider_.get(); 52 if (provider_)
70 if (provider) 53 provider_->RefreshTaskExecute();
71 provider->RefreshTaskExecute(); 54 }
55
56 // CancelableTask implementation:
57 virtual void Cancel() {
58 provider_ = NULL;
72 } 59 }
73 60
74 private: 61 private:
75 base::WeakPtr<DeviceManagementPolicyProvider> provider_; 62 DeviceManagementPolicyProvider* provider_;
76 }; 63 };
77 64
78 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider( 65 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(
79 const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list, 66 const ConfigurationPolicyProvider::PolicyDefinitionList* policy_list,
80 DeviceManagementBackend* backend, 67 DeviceManagementBackend* backend,
81 Profile* profile) 68 Profile* profile)
82 : ConfigurationPolicyProvider(policy_list) { 69 : ConfigurationPolicyProvider(policy_list) {
83 Initialize(backend, 70 Initialize(backend,
84 profile, 71 profile,
85 kPolicyRefreshRateInMilliseconds, 72 ProfilePolicyContext::kDefaultPolicyRefreshRateInMilliseconds,
86 kPolicyRefreshMaxEarlierInMilliseconds, 73 kPolicyRefreshDeviationFactorPercent,
74 kPolicyRefreshDeviationMaxInMilliseconds,
87 kPolicyRefreshErrorDelayInMilliseconds, 75 kPolicyRefreshErrorDelayInMilliseconds,
88 kDeviceTokenRefreshErrorDelayInMilliseconds, 76 kDeviceTokenRefreshErrorDelayInMilliseconds,
89 kPolicyRefreshUnmanagedDeviceInMilliseconds); 77 kPolicyRefreshUnmanagedDeviceInMilliseconds);
90 } 78 }
91 79
92 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(
93 const PolicyDefinitionList* policy_list,
94 DeviceManagementBackend* backend,
95 Profile* profile,
96 int64 policy_refresh_rate_ms,
97 int64 policy_refresh_max_earlier_ms,
98 int64 policy_refresh_error_delay_ms,
99 int64 token_fetch_error_delay_ms,
100 int64 unmanaged_device_refresh_rate_ms)
101 : ConfigurationPolicyProvider(policy_list) {
102 Initialize(backend,
103 profile,
104 policy_refresh_rate_ms,
105 policy_refresh_max_earlier_ms,
106 policy_refresh_error_delay_ms,
107 token_fetch_error_delay_ms,
108 unmanaged_device_refresh_rate_ms);
109 }
110
111 DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() { 80 DeviceManagementPolicyProvider::~DeviceManagementPolicyProvider() {
112 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer, 81 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
113 observer_list_, 82 observer_list_,
114 OnProviderGoingAway()); 83 OnProviderGoingAway());
84 CancelRefreshTask();
115 } 85 }
116 86
117 bool DeviceManagementPolicyProvider::Provide( 87 bool DeviceManagementPolicyProvider::Provide(
118 ConfigurationPolicyStoreInterface* policy_store) { 88 ConfigurationPolicyStoreInterface* policy_store) {
119 scoped_ptr<DictionaryValue> policies(cache_->GetPolicy()); 89 scoped_ptr<DictionaryValue> policies(cache_->GetPolicy());
120 DecodePolicyValueTree(policies.get(), policy_store); 90 DecodePolicyValueTree(policies.get(), policy_store);
121 return true; 91 return true;
122 } 92 }
123 93
124 bool DeviceManagementPolicyProvider::IsInitializationComplete() const { 94 bool DeviceManagementPolicyProvider::IsInitializationComplete() const {
125 return !waiting_for_initial_policies_; 95 return !cache_->last_policy_refresh_time().is_null();
126 } 96 }
127 97
128 void DeviceManagementPolicyProvider::HandlePolicyResponse( 98 void DeviceManagementPolicyProvider::HandlePolicyResponse(
129 const em::DevicePolicyResponse& response) { 99 const em::DevicePolicyResponse& response) {
130 if (cache_->SetPolicy(response)) 100 DCHECK(TokenAvailable());
101 if (cache_->SetPolicy(response)) {
102 initial_fetch_done_ = true;
131 NotifyCloudPolicyUpdate(); 103 NotifyCloudPolicyUpdate();
132 policy_request_pending_ = false; 104 }
133 // Reset the error delay since policy fetching succeeded this time. 105 SetState(STATE_POLICY_VALID);
134 policy_refresh_error_delay_ms_ = kPolicyRefreshErrorDelayInMilliseconds;
135 ScheduleRefreshTask(GetRefreshTaskDelay());
136 // Update this provider's internal waiting state, but don't notify anyone
137 // else yet (that's done by the PrefValueStore that receives the policy).
138 waiting_for_initial_policies_ = false;
139 } 106 }
140 107
141 void DeviceManagementPolicyProvider::OnError( 108 void DeviceManagementPolicyProvider::OnError(
142 DeviceManagementBackend::ErrorCode code) { 109 DeviceManagementBackend::ErrorCode code) {
143 policy_request_pending_ = false; 110 DCHECK(TokenAvailable());
144 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound || 111 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound ||
145 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) { 112 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) {
146 LOG(WARNING) << "The device token was either invalid or unknown to the " 113 LOG(WARNING) << "The device token was either invalid or unknown to the "
147 << "device manager, re-registering device."; 114 << "device manager, re-registering device.";
148 token_fetcher_->Restart(); 115 SetState(STATE_TOKEN_RESET);
149 } else if (code == 116 } else if (code ==
150 DeviceManagementBackend::kErrorServiceManagementNotSupported) { 117 DeviceManagementBackend::kErrorServiceManagementNotSupported) {
151 VLOG(1) << "The device is no longer managed, resetting device token."; 118 VLOG(1) << "The device is no longer managed, resetting device token.";
152 token_fetcher_->Restart(); 119 SetState(STATE_TOKEN_RESET);
153 } else { 120 } else {
154 LOG(WARNING) << "Could not provide policy from the device manager (error = " 121 LOG(WARNING) << "Could not provide policy from the device manager (error = "
155 << code << "), will retry in " 122 << code << "), will retry in "
156 << (policy_refresh_error_delay_ms_/1000) << " seconds."; 123 << (effective_policy_refresh_error_delay_ms_ / 1000)
157 ScheduleRefreshTask(policy_refresh_error_delay_ms_); 124 << " seconds.";
158 policy_refresh_error_delay_ms_ *= 2; 125 SetState(STATE_POLICY_ERROR);
159 if (policy_refresh_rate_ms_ &&
160 policy_refresh_rate_ms_ < policy_refresh_error_delay_ms_) {
161 policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_;
162 }
163 } 126 }
164 StopWaitingForInitialPolicies();
165 } 127 }
166 128
167 void DeviceManagementPolicyProvider::OnTokenSuccess() { 129 void DeviceManagementPolicyProvider::OnTokenSuccess() {
168 if (policy_request_pending_) 130 DCHECK(!TokenAvailable());
169 return; 131 SetState(STATE_TOKEN_VALID);
170 cache_->SetDeviceUnmanaged(false);
171 SendPolicyRequest();
172 } 132 }
173 133
174 void DeviceManagementPolicyProvider::OnTokenError() { 134 void DeviceManagementPolicyProvider::OnTokenError() {
135 DCHECK(!TokenAvailable());
175 LOG(WARNING) << "Could not retrieve device token."; 136 LOG(WARNING) << "Could not retrieve device token.";
176 ScheduleRefreshTask(token_fetch_error_delay_ms_); 137 SetState(STATE_TOKEN_ERROR);
177 token_fetch_error_delay_ms_ *= 2;
178 if (token_fetch_error_delay_ms_ > policy_refresh_rate_ms_)
179 token_fetch_error_delay_ms_ = policy_refresh_rate_ms_;
180 StopWaitingForInitialPolicies();
181 } 138 }
182 139
183 void DeviceManagementPolicyProvider::OnNotManaged() { 140 void DeviceManagementPolicyProvider::OnNotManaged() {
141 DCHECK(!TokenAvailable());
184 VLOG(1) << "This device is not managed."; 142 VLOG(1) << "This device is not managed.";
185 cache_->SetDeviceUnmanaged(true); 143 cache_->SetDeviceUnmanaged();
186 ScheduleRefreshTask(unmanaged_device_refresh_rate_ms_); 144 SetState(STATE_UNMANAGED);
187 StopWaitingForInitialPolicies(); 145 }
146
147 void DeviceManagementPolicyProvider::SetRefreshRate(
148 int64 refresh_rate_milliseconds) {
149 policy_refresh_rate_ms_ = refresh_rate_milliseconds;
150
151 // Reschedule the refresh task if necessary.
152 if (state_ == STATE_POLICY_VALID)
153 SetState(STATE_POLICY_VALID);
154 }
155
156 DeviceManagementPolicyProvider::DeviceManagementPolicyProvider(
157 const PolicyDefinitionList* policy_list,
158 DeviceManagementBackend* backend,
159 Profile* profile,
160 int64 policy_refresh_rate_ms,
161 int policy_refresh_deviation_factor_percent,
162 int64 policy_refresh_deviation_max_ms,
163 int64 policy_refresh_error_delay_ms,
164 int64 token_fetch_error_delay_ms,
165 int64 unmanaged_device_refresh_rate_ms)
166 : ConfigurationPolicyProvider(policy_list) {
167 Initialize(backend,
168 profile,
169 policy_refresh_rate_ms,
170 policy_refresh_deviation_factor_percent,
171 policy_refresh_deviation_max_ms,
172 policy_refresh_error_delay_ms,
173 token_fetch_error_delay_ms,
174 unmanaged_device_refresh_rate_ms);
175 }
176
177 void DeviceManagementPolicyProvider::Initialize(
178 DeviceManagementBackend* backend,
179 Profile* profile,
180 int64 policy_refresh_rate_ms,
181 int policy_refresh_deviation_factor_percent,
182 int64 policy_refresh_deviation_max_ms,
183 int64 policy_refresh_error_delay_ms,
184 int64 token_fetch_error_delay_ms,
185 int64 unmanaged_device_refresh_rate_ms) {
186 DCHECK(profile);
187 backend_.reset(backend);
188 profile_ = profile;
189 storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath());
190 state_ = STATE_INITIALIZING;
191 initial_fetch_done_ = false;
192 refresh_task_ = NULL;
193 policy_refresh_rate_ms_ = policy_refresh_rate_ms;
194 policy_refresh_deviation_factor_percent_ =
195 policy_refresh_deviation_factor_percent;
196 policy_refresh_deviation_max_ms_ = policy_refresh_deviation_max_ms;
197 policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;
198 effective_policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;
199 token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;
200 effective_token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;
201 unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms;
202
203 const FilePath policy_path = storage_dir_.Append(kPolicyFilename);
204 cache_.reset(new DeviceManagementPolicyCache(policy_path));
205 cache_->LoadPolicyFromFile();
206
207 SetDeviceTokenFetcher(new DeviceTokenFetcher(backend_.get(), profile,
208 GetTokenPath()));
209
210 if (cache_->is_device_unmanaged()) {
211 // This is a non-first login on an unmanaged device.
212 SetState(STATE_UNMANAGED);
213 } else {
214 SetState(STATE_INITIALIZING);
215 }
188 } 216 }
189 217
190 void DeviceManagementPolicyProvider::AddObserver( 218 void DeviceManagementPolicyProvider::AddObserver(
191 ConfigurationPolicyProvider::Observer* observer) { 219 ConfigurationPolicyProvider::Observer* observer) {
192 observer_list_.AddObserver(observer); 220 observer_list_.AddObserver(observer);
193 } 221 }
194 222
195 void DeviceManagementPolicyProvider::RemoveObserver( 223 void DeviceManagementPolicyProvider::RemoveObserver(
196 ConfigurationPolicyProvider::Observer* observer) { 224 ConfigurationPolicyProvider::Observer* observer) {
197 observer_list_.RemoveObserver(observer); 225 observer_list_.RemoveObserver(observer);
198 } 226 }
199 227
200 void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() {
201 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
202 observer_list_,
203 OnUpdatePolicy());
204 }
205
206 void DeviceManagementPolicyProvider::Initialize(
207 DeviceManagementBackend* backend,
208 Profile* profile,
209 int64 policy_refresh_rate_ms,
210 int64 policy_refresh_max_earlier_ms,
211 int64 policy_refresh_error_delay_ms,
212 int64 token_fetch_error_delay_ms,
213 int64 unmanaged_device_refresh_rate_ms) {
214 backend_.reset(backend);
215 profile_ = profile;
216 storage_dir_ = GetOrCreateDeviceManagementDir(profile_->GetPath());
217 policy_request_pending_ = false;
218 refresh_task_pending_ = false;
219 waiting_for_initial_policies_ = true;
220 policy_refresh_rate_ms_ = policy_refresh_rate_ms;
221 policy_refresh_max_earlier_ms_ = policy_refresh_max_earlier_ms;
222 policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms;
223 token_fetch_error_delay_ms_ = token_fetch_error_delay_ms;
224 unmanaged_device_refresh_rate_ms_ = unmanaged_device_refresh_rate_ms;
225
226 const FilePath policy_path = storage_dir_.Append(kPolicyFilename);
227 cache_.reset(new DeviceManagementPolicyCache(policy_path));
228 cache_->LoadPolicyFromFile();
229
230 if (cache_->is_device_unmanaged()) {
231 // This is a non-first login on an unmanaged device.
232 waiting_for_initial_policies_ = false;
233 // Defer token_fetcher_ initialization until this device should ask for
234 // a device token again.
235 base::Time unmanaged_timestamp = cache_->last_policy_refresh_time();
236 int64 delay = unmanaged_device_refresh_rate_ms_ -
237 (base::Time::NowFromSystemTime().ToInternalValue() -
238 unmanaged_timestamp.ToInternalValue());
239 if (delay < 0)
240 delay = 0;
241 BrowserThread::PostDelayedTask(
242 BrowserThread::UI, FROM_HERE,
243 new InitializeAfterIOThreadExistsTask(AsWeakPtr()),
244 delay);
245 } else {
246 if (file_util::PathExists(
247 storage_dir_.Append(kDeviceTokenFilename))) {
248 // This is a non-first login on a managed device.
249 waiting_for_initial_policies_ = false;
250 }
251 // Defer initialization that requires the IOThread until after the IOThread
252 // has been initialized.
253 BrowserThread::PostTask(BrowserThread::UI, FROM_HERE,
254 new InitializeAfterIOThreadExistsTask(AsWeakPtr()));
255 }
256 }
257
258 void DeviceManagementPolicyProvider::InitializeAfterIOThreadExists() {
259 if (profile_) {
260 if (!token_fetcher_) {
261 token_fetcher_ = new DeviceTokenFetcher(
262 backend_.get(), profile_, GetTokenPath());
263 }
264 registrar_.Init(token_fetcher_);
265 registrar_.AddObserver(this);
266 token_fetcher_->StartFetching();
267 }
268 }
269
270 void DeviceManagementPolicyProvider::SendPolicyRequest() { 228 void DeviceManagementPolicyProvider::SendPolicyRequest() {
271 if (policy_request_pending_)
272 return;
273
274 policy_request_pending_ = true;
275 em::DevicePolicyRequest policy_request; 229 em::DevicePolicyRequest policy_request;
276 policy_request.set_policy_scope(kChromePolicyScope); 230 policy_request.set_policy_scope(kChromePolicyScope);
277 em::DevicePolicySettingRequest* setting = 231 em::DevicePolicySettingRequest* setting =
278 policy_request.add_setting_request(); 232 policy_request.add_setting_request();
279 setting->set_key(kChromeDevicePolicySettingKey); 233 setting->set_key(kChromeDevicePolicySettingKey);
280 setting->set_watermark(""); 234 setting->set_watermark("");
281 backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(), 235 backend_->ProcessPolicyRequest(token_fetcher_->GetDeviceToken(),
282 token_fetcher_->GetDeviceID(), 236 token_fetcher_->GetDeviceID(),
283 policy_request, this); 237 policy_request, this);
284 } 238 }
285 239
286 void DeviceManagementPolicyProvider::RefreshTaskExecute() { 240 void DeviceManagementPolicyProvider::RefreshTaskExecute() {
287 DCHECK(refresh_task_pending_); 241 DCHECK(refresh_task_);
288 refresh_task_pending_ = false; 242 refresh_task_ = NULL;
289 // If there is no valid device token, the token_fetcher_ apparently failed, 243
290 // so it must be restarted. 244 switch (state_) {
291 if (!token_fetcher_->IsTokenValid()) { 245 case STATE_INITIALIZING:
292 if (token_fetcher_->IsTokenPending()) { 246 token_fetcher_->StartFetching();
293 NOTREACHED();
294 return; 247 return;
295 } 248 case STATE_TOKEN_VALID:
296 token_fetcher_->Restart(); 249 case STATE_POLICY_VALID:
297 return; 250 case STATE_POLICY_ERROR:
251 SendPolicyRequest();
252 return;
253 case STATE_UNMANAGED:
254 case STATE_TOKEN_ERROR:
255 case STATE_TOKEN_RESET:
256 token_fetcher_->Restart();
257 return;
298 } 258 }
299 // If there is a device token, just refresh policies. 259
300 SendPolicyRequest(); 260 NOTREACHED() << "Unhandled state";
301 } 261 }
302 262
303 void DeviceManagementPolicyProvider::ScheduleRefreshTask( 263 void DeviceManagementPolicyProvider::CancelRefreshTask() {
304 int64 delay_in_milliseconds) { 264 if (refresh_task_) {
305 // This check is simply a safeguard, the situation currently cannot happen. 265 refresh_task_->Cancel();
306 if (refresh_task_pending_) { 266 refresh_task_ = NULL;
307 NOTREACHED();
308 return;
309 } 267 }
310 refresh_task_pending_ = true;
311 BrowserThread::PostDelayedTask(BrowserThread::UI, FROM_HERE,
312 new RefreshTask(AsWeakPtr()),
313 delay_in_milliseconds);
314 } 268 }
315 269
316 int64 DeviceManagementPolicyProvider::GetRefreshTaskDelay() { 270 void DeviceManagementPolicyProvider::NotifyCloudPolicyUpdate() {
317 int64 delay = policy_refresh_rate_ms_; 271 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
318 if (policy_refresh_max_earlier_ms_) 272 observer_list_,
319 delay -= base::RandGenerator(policy_refresh_max_earlier_ms_); 273 OnUpdatePolicy());
320 return delay;
321 } 274 }
322 275
323 FilePath DeviceManagementPolicyProvider::GetTokenPath() { 276 FilePath DeviceManagementPolicyProvider::GetTokenPath() {
324 return storage_dir_.Append(kDeviceTokenFilename); 277 return storage_dir_.Append(kDeviceTokenFilename);
325 } 278 }
326 279
327 void DeviceManagementPolicyProvider::SetDeviceTokenFetcher( 280 void DeviceManagementPolicyProvider::SetDeviceTokenFetcher(
328 DeviceTokenFetcher* token_fetcher) { 281 DeviceTokenFetcher* token_fetcher) {
329 DCHECK(!token_fetcher_); 282 registrar_.Init(token_fetcher);
283 registrar_.AddObserver(this);
330 token_fetcher_ = token_fetcher; 284 token_fetcher_ = token_fetcher;
331 } 285 }
332 286
333 void DeviceManagementPolicyProvider::StopWaitingForInitialPolicies() { 287 void DeviceManagementPolicyProvider::SetState(
334 waiting_for_initial_policies_ = false; 288 DeviceManagementPolicyProvider::ProviderState new_state) {
335 // Notify observers that initial policy fetch is complete. 289 state_ = new_state;
336 NotifyCloudPolicyUpdate(); 290
291 // If this state transition completes the initial policy fetch, let the
292 // observers now.
293 if (!initial_fetch_done_ &&
294 new_state != STATE_INITIALIZING &&
295 new_state != STATE_TOKEN_VALID) {
296 initial_fetch_done_ = true;
297 NotifyCloudPolicyUpdate();
298 }
299
300 base::Time now(base::Time::NowFromSystemTime());
301 base::Time refresh_at;
302 base::Time last_refresh(cache_->last_policy_refresh_time());
303 if (last_refresh.is_null())
304 last_refresh = now;
305
306 // Determine when to take the next step.
307 switch (state_) {
308 case STATE_INITIALIZING:
309 refresh_at = now;
310 break;
311 case STATE_TOKEN_VALID:
312 effective_token_fetch_error_delay_ms_ = token_fetch_error_delay_ms_;
313 refresh_at = now;
314 break;
315 case STATE_TOKEN_RESET:
316 refresh_at = now;
317 break;
318 case STATE_UNMANAGED:
319 refresh_at = last_refresh +
320 base::TimeDelta::FromMilliseconds(unmanaged_device_refresh_rate_ms_);
321 break;
322 case STATE_POLICY_VALID:
323 effective_policy_refresh_error_delay_ms_ = policy_refresh_error_delay_ms_;
324 refresh_at =
325 last_refresh + base::TimeDelta::FromMilliseconds(GetRefreshDelay());
326 break;
327 case STATE_TOKEN_ERROR:
328 refresh_at = now + base::TimeDelta::FromMilliseconds(
329 effective_token_fetch_error_delay_ms_);
330 effective_token_fetch_error_delay_ms_ *= 2;
331 if (effective_token_fetch_error_delay_ms_ > policy_refresh_rate_ms_)
332 effective_token_fetch_error_delay_ms_ = policy_refresh_rate_ms_;
333 break;
334 case STATE_POLICY_ERROR:
335 refresh_at = now + base::TimeDelta::FromMilliseconds(
336 effective_policy_refresh_error_delay_ms_);
337 effective_policy_refresh_error_delay_ms_ *= 2;
338 if (effective_policy_refresh_error_delay_ms_ > policy_refresh_rate_ms_)
339 effective_policy_refresh_error_delay_ms_ = policy_refresh_rate_ms_;
340 break;
341 }
342
343 // Update the refresh task.
344 CancelRefreshTask();
345 if (!refresh_at.is_null()) {
346 refresh_task_ = new RefreshTask(this);
347 int64 delay = std::max<int64>((refresh_at - now).InMilliseconds(), 0);
348 BrowserThread::PostDelayedTask(BrowserThread::UI, FROM_HERE, refresh_task_,
349 delay);
350 }
351 }
352
353 int64 DeviceManagementPolicyProvider::GetRefreshDelay() {
354 int64 deviation = (policy_refresh_deviation_factor_percent_ *
355 policy_refresh_rate_ms_) / 100;
356 deviation = std::min(deviation, policy_refresh_deviation_max_ms_);
357 return policy_refresh_rate_ms_ - base::RandGenerator(deviation + 1);
358 }
359
360 bool DeviceManagementPolicyProvider::TokenAvailable() const {
361 return state_ == STATE_TOKEN_VALID ||
362 state_ == STATE_POLICY_VALID ||
363 state_ == STATE_POLICY_ERROR;
337 } 364 }
338 365
339 // static 366 // static
340 std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() { 367 std::string DeviceManagementPolicyProvider::GetDeviceManagementURL() {
341 return CommandLine::ForCurrentProcess()->GetSwitchValueASCII( 368 return CommandLine::ForCurrentProcess()->GetSwitchValueASCII(
342 switches::kDeviceManagementUrl); 369 switches::kDeviceManagementUrl);
343 } 370 }
344 371
345 // static 372 // static
346 FilePath DeviceManagementPolicyProvider::GetOrCreateDeviceManagementDir( 373 FilePath DeviceManagementPolicyProvider::GetOrCreateDeviceManagementDir(
347 const FilePath& user_data_dir) { 374 const FilePath& user_data_dir) {
348 const FilePath device_management_dir = user_data_dir.Append( 375 const FilePath device_management_dir = user_data_dir.Append(
349 FILE_PATH_LITERAL("Device Management")); 376 FILE_PATH_LITERAL("Device Management"));
350 if (!file_util::DirectoryExists(device_management_dir)) { 377 if (!file_util::DirectoryExists(device_management_dir)) {
351 if (!file_util::CreateDirectory(device_management_dir)) 378 if (!file_util::CreateDirectory(device_management_dir))
352 NOTREACHED(); 379 NOTREACHED();
353 } 380 }
354 return device_management_dir; 381 return device_management_dir;
355 } 382 }
356 383
357 } // namespace policy 384 } // namespace policy
OLDNEW
« no previous file with comments | « chrome/browser/policy/device_management_policy_provider.h ('k') | chrome/browser/policy/device_management_policy_provider_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698