OLD | NEW |
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/policy/cloud_policy_controller.h" | 5 #include "chrome/browser/policy/cloud_policy_controller.h" |
6 | 6 |
7 #include <algorithm> | 7 #include <algorithm> |
8 | 8 |
| 9 #include "base/logging.h" |
9 #include "base/message_loop.h" | 10 #include "base/message_loop.h" |
10 #include "base/rand_util.h" | 11 #include "base/rand_util.h" |
11 #include "base/string_util.h" | 12 #include "base/string_util.h" |
12 #include "chrome/browser/policy/cloud_policy_cache.h" | 13 #include "chrome/browser/policy/cloud_policy_cache_base.h" |
13 #include "chrome/browser/policy/cloud_policy_subsystem.h" | 14 #include "chrome/browser/policy/cloud_policy_subsystem.h" |
14 #include "chrome/browser/policy/device_management_backend.h" | 15 #include "chrome/browser/policy/device_management_backend.h" |
15 #include "chrome/browser/policy/proto/device_management_constants.h" | 16 #include "chrome/browser/policy/proto/device_management_constants.h" |
16 | 17 |
17 // Domain names that are known not to be managed. | 18 // Domain names that are known not to be managed. |
18 // We don't register the device when such a user logs in. | 19 // We don't register the device when such a user logs in. |
19 static const char* kNonManagedDomains[] = { | 20 static const char* kNonManagedDomains[] = { |
20 "@googlemail.com", | 21 "@googlemail.com", |
21 "@gmail.com" | 22 "@gmail.com" |
22 }; | 23 }; |
(...skipping 29 matching lines...) Expand all Loading... |
52 // These are the base values for delays before retrying after an error. They | 53 // These are the base values for delays before retrying after an error. They |
53 // will be doubled each time they are used. | 54 // will be doubled each time they are used. |
54 static const int64 kPolicyRefreshErrorDelayInMilliseconds = | 55 static const int64 kPolicyRefreshErrorDelayInMilliseconds = |
55 3 * 1000; // 3 seconds | 56 3 * 1000; // 3 seconds |
56 | 57 |
57 // Default value for the policy refresh rate. | 58 // Default value for the policy refresh rate. |
58 static const int kPolicyRefreshRateInMilliseconds = | 59 static const int kPolicyRefreshRateInMilliseconds = |
59 3 * 60 * 60 * 1000; // 3 hours. | 60 3 * 60 * 60 * 1000; // 3 hours. |
60 | 61 |
61 CloudPolicyController::CloudPolicyController( | 62 CloudPolicyController::CloudPolicyController( |
62 CloudPolicyCache* cache, | 63 CloudPolicyCacheBase* cache, |
63 DeviceManagementBackend* backend, | 64 DeviceManagementBackend* backend, |
64 DeviceTokenFetcher* token_fetcher, | 65 DeviceTokenFetcher* token_fetcher, |
65 CloudPolicyIdentityStrategy* identity_strategy) | 66 CloudPolicyIdentityStrategy* identity_strategy) |
66 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { | 67 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { |
67 Initialize(cache, | 68 Initialize(cache, |
68 backend, | 69 backend, |
69 token_fetcher, | 70 token_fetcher, |
70 identity_strategy, | 71 identity_strategy, |
71 kPolicyRefreshRateInMilliseconds, | 72 kPolicyRefreshRateInMilliseconds, |
72 kPolicyRefreshDeviationFactorPercent, | 73 kPolicyRefreshDeviationFactorPercent, |
(...skipping 21 matching lines...) Expand all Loading... |
94 return; | 95 return; |
95 | 96 |
96 if (response.response_size() > 0) { | 97 if (response.response_size() > 0) { |
97 if (response.response_size() > 1) { | 98 if (response.response_size() > 1) { |
98 LOG(WARNING) << "More than one policy in the response of the device " | 99 LOG(WARNING) << "More than one policy in the response of the device " |
99 << "management server, discarding."; | 100 << "management server, discarding."; |
100 } | 101 } |
101 // Use the new version of the protocol | 102 // Use the new version of the protocol |
102 cache_->SetPolicy(response.response(0)); | 103 cache_->SetPolicy(response.response(0)); |
103 SetState(STATE_POLICY_VALID); | 104 SetState(STATE_POLICY_VALID); |
104 } else { | |
105 cache_->SetDevicePolicy(response); | |
106 SetState(STATE_POLICY_VALID); | |
107 } | 105 } |
108 } | 106 } |
109 | 107 |
110 void CloudPolicyController::OnError(DeviceManagementBackend::ErrorCode code) { | 108 void CloudPolicyController::OnError(DeviceManagementBackend::ErrorCode code) { |
111 if (state_ == STATE_TOKEN_UNAVAILABLE) | 109 if (state_ == STATE_TOKEN_UNAVAILABLE) |
112 return; | 110 return; |
113 | 111 |
114 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound || | 112 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound || |
115 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) { | 113 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) { |
116 LOG(WARNING) << "The device token was either invalid or unknown to the " | 114 LOG(WARNING) << "The device token was either invalid or unknown to the " |
(...skipping 17 matching lines...) Expand all Loading... |
134 SetState(STATE_TOKEN_UNAVAILABLE); | 132 SetState(STATE_TOKEN_UNAVAILABLE); |
135 else | 133 else |
136 SetState(STATE_TOKEN_VALID); | 134 SetState(STATE_TOKEN_VALID); |
137 } | 135 } |
138 | 136 |
139 void CloudPolicyController::OnCredentialsChanged() { | 137 void CloudPolicyController::OnCredentialsChanged() { |
140 SetState(STATE_TOKEN_UNAVAILABLE); | 138 SetState(STATE_TOKEN_UNAVAILABLE); |
141 } | 139 } |
142 | 140 |
143 CloudPolicyController::CloudPolicyController( | 141 CloudPolicyController::CloudPolicyController( |
144 CloudPolicyCache* cache, | 142 CloudPolicyCacheBase* cache, |
145 DeviceManagementBackend* backend, | 143 DeviceManagementBackend* backend, |
146 DeviceTokenFetcher* token_fetcher, | 144 DeviceTokenFetcher* token_fetcher, |
147 CloudPolicyIdentityStrategy* identity_strategy, | 145 CloudPolicyIdentityStrategy* identity_strategy, |
148 int64 policy_refresh_rate_ms, | 146 int64 policy_refresh_rate_ms, |
149 int policy_refresh_deviation_factor_percent, | 147 int policy_refresh_deviation_factor_percent, |
150 int64 policy_refresh_deviation_max_ms, | 148 int64 policy_refresh_deviation_max_ms, |
151 int64 policy_refresh_error_delay_ms) | 149 int64 policy_refresh_error_delay_ms) |
152 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { | 150 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { |
153 Initialize(cache, | 151 Initialize(cache, |
154 backend, | 152 backend, |
155 token_fetcher, | 153 token_fetcher, |
156 identity_strategy, | 154 identity_strategy, |
157 policy_refresh_rate_ms, | 155 policy_refresh_rate_ms, |
158 policy_refresh_deviation_factor_percent, | 156 policy_refresh_deviation_factor_percent, |
159 policy_refresh_deviation_max_ms, | 157 policy_refresh_deviation_max_ms, |
160 policy_refresh_error_delay_ms); | 158 policy_refresh_error_delay_ms); |
161 } | 159 } |
162 | 160 |
163 void CloudPolicyController::Initialize( | 161 void CloudPolicyController::Initialize( |
164 CloudPolicyCache* cache, | 162 CloudPolicyCacheBase* cache, |
165 DeviceManagementBackend* backend, | 163 DeviceManagementBackend* backend, |
166 DeviceTokenFetcher* token_fetcher, | 164 DeviceTokenFetcher* token_fetcher, |
167 CloudPolicyIdentityStrategy* identity_strategy, | 165 CloudPolicyIdentityStrategy* identity_strategy, |
168 int64 policy_refresh_rate_ms, | 166 int64 policy_refresh_rate_ms, |
169 int policy_refresh_deviation_factor_percent, | 167 int policy_refresh_deviation_factor_percent, |
170 int64 policy_refresh_deviation_max_ms, | 168 int64 policy_refresh_deviation_max_ms, |
171 int64 policy_refresh_error_delay_ms) { | 169 int64 policy_refresh_error_delay_ms) { |
172 DCHECK(cache); | 170 DCHECK(cache); |
173 | 171 |
174 cache_ = cache; | 172 cache_ = cache; |
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
211 em::PolicyFetchRequest* fetch_request = policy_request.add_request(); | 209 em::PolicyFetchRequest* fetch_request = policy_request.add_request(); |
212 fetch_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA); | 210 fetch_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA); |
213 fetch_request->set_policy_type(identity_strategy_->GetPolicyType()); | 211 fetch_request->set_policy_type(identity_strategy_->GetPolicyType()); |
214 if (!cache_->is_unmanaged() && | 212 if (!cache_->is_unmanaged() && |
215 !cache_->last_policy_refresh_time().is_null()) { | 213 !cache_->last_policy_refresh_time().is_null()) { |
216 base::TimeDelta timestamp = | 214 base::TimeDelta timestamp = |
217 cache_->last_policy_refresh_time() - base::Time::UnixEpoch(); | 215 cache_->last_policy_refresh_time() - base::Time::UnixEpoch(); |
218 fetch_request->set_timestamp(timestamp.InMilliseconds()); | 216 fetch_request->set_timestamp(timestamp.InMilliseconds()); |
219 } | 217 } |
220 | 218 |
221 // TODO(gfeher): Remove the following block when the server is migrated. | |
222 // Set fields for the old protocol. | |
223 policy_request.set_policy_scope(kChromePolicyScope); | |
224 em::DevicePolicySettingRequest* setting = | |
225 policy_request.add_setting_request(); | |
226 setting->set_key(kChromeDevicePolicySettingKey); | |
227 setting->set_watermark(""); | |
228 | |
229 backend_->ProcessPolicyRequest(identity_strategy_->GetDeviceToken(), | 219 backend_->ProcessPolicyRequest(identity_strategy_->GetDeviceToken(), |
230 identity_strategy_->GetDeviceID(), | 220 identity_strategy_->GetDeviceID(), |
231 policy_request, this); | 221 policy_request, this); |
232 } | 222 } |
233 | 223 |
234 void CloudPolicyController::DoDelayedWork() { | 224 void CloudPolicyController::DoDelayedWork() { |
235 DCHECK(delayed_work_task_); | 225 DCHECK(delayed_work_task_); |
236 delayed_work_task_ = NULL; | 226 delayed_work_task_ = NULL; |
237 | 227 |
238 switch (state_) { | 228 switch (state_) { |
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
298 } | 288 } |
299 | 289 |
300 int64 CloudPolicyController::GetRefreshDelay() { | 290 int64 CloudPolicyController::GetRefreshDelay() { |
301 int64 deviation = (policy_refresh_deviation_factor_percent_ * | 291 int64 deviation = (policy_refresh_deviation_factor_percent_ * |
302 policy_refresh_rate_ms_) / 100; | 292 policy_refresh_rate_ms_) / 100; |
303 deviation = std::min(deviation, policy_refresh_deviation_max_ms_); | 293 deviation = std::min(deviation, policy_refresh_deviation_max_ms_); |
304 return policy_refresh_rate_ms_ - base::RandGenerator(deviation + 1); | 294 return policy_refresh_rate_ms_ - base::RandGenerator(deviation + 1); |
305 } | 295 } |
306 | 296 |
307 } // namespace policy | 297 } // namespace policy |
OLD | NEW |