Update policy backend and testserver for the newest policy protocol

chrome/browser/policy/cloud_policy_cache.cc

Index: chrome/browser/policy/cloud_policy_cache.cc
diff --git a/chrome/browser/policy/cloud_policy_cache.cc b/chrome/browser/policy/cloud_policy_cache.cc
index d13ea2ba13d37aaffd94140390428baa5c7df02d..3418ad6be90f0afc48d237d8511b3839ca5e6d27 100644
--- a/chrome/browser/policy/cloud_policy_cache.cc
+++ b/chrome/browser/policy/cloud_policy_cache.cc
@@ -81,21 +81,22 @@ class CloudPolicyCache::CloudPolicyProvider
 // Saves policy information to a file.
 class PersistPolicyTask : public Task {
  public:
-  PersistPolicyTask(const FilePath& path,
-                    const em::CloudPolicyResponse* cloud_policy_response,
-                    const em::DevicePolicyResponse* device_policy_response,
-                    const bool is_unmanaged)
-      : path_(path),
-        cloud_policy_response_(cloud_policy_response),
-        device_policy_response_(device_policy_response),
-        is_unmanaged_(is_unmanaged) {}
+  PersistPolicyTask(

[Mattias Nissler (ping if slow), 2011/02/21 14:55:27]

Any reason for the changed indentation?

[gfeher, 2011/02/22 15:57:29]

There must have been, but now I am not seeing it.

+      const FilePath& path,
+      const em::PolicyFetchResponse* cloud_policy_response,
+      const em::DevicePolicyResponse* device_policy_response,
+      const bool is_unmanaged)
+          : path_(path),

[Mattias Nissler (ping if slow), 2011/02/21 14:55:27]

AFAIK, you don't need to increase indentation here.

[Jakob Kummerow, 2011/02/21 16:15:00]

nit: indentation (":" should be 4 spaces deeper than "PersistPolicyTask(")

[gfeher, 2011/02/22 15:57:29]

Done.

+            cloud_policy_response_(cloud_policy_response),
+            device_policy_response_(device_policy_response),
+            is_unmanaged_(is_unmanaged) {}
 
  private:
   // Task override.
   virtual void Run();
 
   const FilePath path_;
-  scoped_ptr<const em::CloudPolicyResponse> cloud_policy_response_;
+  scoped_ptr<const em::PolicyFetchResponse> cloud_policy_response_;
   scoped_ptr<const em::DevicePolicyResponse> device_policy_response_;
   const bool is_unmanaged_;
 };
@@ -211,7 +212,7 @@ void CloudPolicyCache::LoadFromFile() {
                     observer_list_, OnUpdatePolicy());
 }
 
-bool CloudPolicyCache::SetPolicy(const em::CloudPolicyResponse& policy) {
+bool CloudPolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) {
   DCHECK(CalledOnValidThread());
   is_unmanaged_ = false;
   base::Time timestamp;
@@ -240,7 +241,7 @@ bool CloudPolicyCache::SetPolicy(const em::CloudPolicyResponse& policy) {
     LOG(WARNING) << "Server returned policy with timestamp from the future, "
                     "not persisting to disk.";
   } else {
-    em::CloudPolicyResponse* policy_copy = new em::CloudPolicyResponse;
+    em::PolicyFetchResponse* policy_copy = new em::PolicyFetchResponse;
     policy_copy->CopyFrom(policy);
     BrowserThread::PostTask(
         BrowserThread::FILE,
@@ -302,33 +303,39 @@ void CloudPolicyCache::SetUnmanaged() {
 
 // static
 bool CloudPolicyCache::DecodePolicyResponse(
-    const em::CloudPolicyResponse& policy_response,
+    const em::PolicyFetchResponse& policy_response,
     PolicyMap* mandatory,
     PolicyMap* recommended,
     base::Time* timestamp) {
-  std::string data = policy_response.signed_response();
+  std::string data = policy_response.policy_data();
 
-  if (!VerifySignature(policy_response.signature(), data,
+  if (!VerifySignature(policy_response.policy_data_signature(), data,
                        policy_response.certificate_chain())) {
     LOG(WARNING) << "Failed to verify signature.";
     return false;
   }
 
-  em::SignedCloudPolicyResponse response;
-  if (!response.ParseFromArray(data.c_str(), data.size())) {
-    LOG(WARNING) << "Failed to parse SignedCloudPolicyResponse protobuf.";
+  em::PolicyData policy_data;
+  if (!policy_data.ParseFromString(data)) {
+    LOG(WARNING) << "Failed to parse PolicyData protobuf.";
     return false;
   }
 
-  // TODO(jkummerow): Verify response.device_token(). Needs final specification
-  // which token we're actually sending / expecting to get back.
+  // TODO(jkummerow): Verify policy_data.device_token(). Needs final
+  // specification which token we're actually sending / expecting to get back.
 
-  // TODO(jkummerow): Store response.device_name(), if we decide to transfer
+  // TODO(jkummerow): Store policy_data.device_name(), if we decide to transfer
   // it from the server to the client.
 
   DCHECK(timestamp);
-  *timestamp = base::Time::FromTimeT(response.timestamp());
-  DecodePolicy(response.settings(), mandatory, recommended);
+  *timestamp = base::Time::FromTimeT(
+      policy_data.timestamp() / kPolicyResponseTimestampResolution);

[Mattias Nissler (ping if slow), 2011/02/21 14:55:27]

I'd recommend base::Time::UnixEpoch() + base::TimeDelta::FromXXX()

[Jakob Kummerow, 2011/02/21 16:15:00]

What? We're not doing any additions here. But we need to convert "milliseconds
since 1970" to "seconds since 1970".

[gfeher, 2011/02/22 15:57:29]

Yep. This is converting seconds to milliseconds.

My note in my first message was about this issue: if it's okay to do so and send
back always milliseconds divisible by 1000 to dmserver or not. I should probably
ask them.

[Mattias Nissler (ping if slow), 2011/02/22 16:20:50]

What I proposed is just a way of converting from your milliseconds value to a
base::Time value that doesn't require magic constants and knowledge about the
exact definition of time_t. What it does is getting the epoch value (which is 1
Jan 1970 by definition) and adding a TimeDelta, which we initialize using
FromMilliseconds. I find that pretty intuitive.

+  em::CloudPolicySettings policy;
+  if (!policy.ParseFromString(policy_data.policy_value())) {
+    LOG(WARNING) << "Failed to parse CloudPolicySettingsj protobuf.";
+    return false;
+  }
+  DecodePolicy(policy, mandatory, recommended);
   return true;
 }