Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(177)

Side by Side Diff: chrome/browser/policy/cloud_policy_controller.cc

Issue 6705031: Send policy blobs to session_manager (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/policy/cloud_policy_controller.h" 5 #include "chrome/browser/policy/cloud_policy_controller.h"
6 6
7 #include <algorithm> 7 #include <algorithm>
8 8
9 #include "base/logging.h"
9 #include "base/message_loop.h" 10 #include "base/message_loop.h"
10 #include "base/rand_util.h" 11 #include "base/rand_util.h"
11 #include "base/string_util.h" 12 #include "base/string_util.h"
12 #include "chrome/browser/policy/cloud_policy_cache.h" 13 #include "chrome/browser/policy/cloud_policy_cache_base.h"
13 #include "chrome/browser/policy/cloud_policy_subsystem.h" 14 #include "chrome/browser/policy/cloud_policy_subsystem.h"
14 #include "chrome/browser/policy/device_management_backend.h" 15 #include "chrome/browser/policy/device_management_backend.h"
15 #include "chrome/browser/policy/proto/device_management_constants.h" 16 #include "chrome/browser/policy/proto/device_management_constants.h"
16 17
17 // Domain names that are known not to be managed. 18 // Domain names that are known not to be managed.
18 // We don't register the device when such a user logs in. 19 // We don't register the device when such a user logs in.
19 static const char* kNonManagedDomains[] = { 20 static const char* kNonManagedDomains[] = {
20 "@googlemail.com", 21 "@googlemail.com",
21 "@gmail.com" 22 "@gmail.com"
22 }; 23 };
(...skipping 29 matching lines...) Expand all
52 // These are the base values for delays before retrying after an error. They 53 // These are the base values for delays before retrying after an error. They
53 // will be doubled each time they are used. 54 // will be doubled each time they are used.
54 static const int64 kPolicyRefreshErrorDelayInMilliseconds = 55 static const int64 kPolicyRefreshErrorDelayInMilliseconds =
55 3 * 1000; // 3 seconds 56 3 * 1000; // 3 seconds
56 57
57 // Default value for the policy refresh rate. 58 // Default value for the policy refresh rate.
58 static const int kPolicyRefreshRateInMilliseconds = 59 static const int kPolicyRefreshRateInMilliseconds =
59 3 * 60 * 60 * 1000; // 3 hours. 60 3 * 60 * 60 * 1000; // 3 hours.
60 61
61 CloudPolicyController::CloudPolicyController( 62 CloudPolicyController::CloudPolicyController(
62 CloudPolicyCache* cache, 63 CloudPolicyCacheBase* cache,
63 DeviceManagementBackend* backend, 64 DeviceManagementBackend* backend,
64 DeviceTokenFetcher* token_fetcher, 65 DeviceTokenFetcher* token_fetcher,
65 CloudPolicyIdentityStrategy* identity_strategy) 66 CloudPolicyIdentityStrategy* identity_strategy)
66 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { 67 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {
67 Initialize(cache, 68 Initialize(cache,
68 backend, 69 backend,
69 token_fetcher, 70 token_fetcher,
70 identity_strategy, 71 identity_strategy,
71 kPolicyRefreshRateInMilliseconds, 72 kPolicyRefreshRateInMilliseconds,
72 kPolicyRefreshDeviationFactorPercent, 73 kPolicyRefreshDeviationFactorPercent,
(...skipping 21 matching lines...) Expand all
94 return; 95 return;
95 96
96 if (response.response_size() > 0) { 97 if (response.response_size() > 0) {
97 if (response.response_size() > 1) { 98 if (response.response_size() > 1) {
98 LOG(WARNING) << "More than one policy in the response of the device " 99 LOG(WARNING) << "More than one policy in the response of the device "
99 << "management server, discarding."; 100 << "management server, discarding.";
100 } 101 }
101 // Use the new version of the protocol 102 // Use the new version of the protocol
102 cache_->SetPolicy(response.response(0)); 103 cache_->SetPolicy(response.response(0));
103 SetState(STATE_POLICY_VALID); 104 SetState(STATE_POLICY_VALID);
104 } else {
105 cache_->SetDevicePolicy(response);
106 SetState(STATE_POLICY_VALID);
107 } 105 }
108 } 106 }
109 107
110 void CloudPolicyController::OnError(DeviceManagementBackend::ErrorCode code) { 108 void CloudPolicyController::OnError(DeviceManagementBackend::ErrorCode code) {
111 if (state_ == STATE_TOKEN_UNAVAILABLE) 109 if (state_ == STATE_TOKEN_UNAVAILABLE)
112 return; 110 return;
113 111
114 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound || 112 if (code == DeviceManagementBackend::kErrorServiceDeviceNotFound ||
115 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) { 113 code == DeviceManagementBackend::kErrorServiceManagementTokenInvalid) {
116 LOG(WARNING) << "The device token was either invalid or unknown to the " 114 LOG(WARNING) << "The device token was either invalid or unknown to the "
(...skipping 17 matching lines...) Expand all
134 SetState(STATE_TOKEN_UNAVAILABLE); 132 SetState(STATE_TOKEN_UNAVAILABLE);
135 else 133 else
136 SetState(STATE_TOKEN_VALID); 134 SetState(STATE_TOKEN_VALID);
137 } 135 }
138 136
139 void CloudPolicyController::OnCredentialsChanged() { 137 void CloudPolicyController::OnCredentialsChanged() {
140 SetState(STATE_TOKEN_UNAVAILABLE); 138 SetState(STATE_TOKEN_UNAVAILABLE);
141 } 139 }
142 140
143 CloudPolicyController::CloudPolicyController( 141 CloudPolicyController::CloudPolicyController(
144 CloudPolicyCache* cache, 142 CloudPolicyCacheBase* cache,
145 DeviceManagementBackend* backend, 143 DeviceManagementBackend* backend,
146 DeviceTokenFetcher* token_fetcher, 144 DeviceTokenFetcher* token_fetcher,
147 CloudPolicyIdentityStrategy* identity_strategy, 145 CloudPolicyIdentityStrategy* identity_strategy,
148 int64 policy_refresh_rate_ms, 146 int64 policy_refresh_rate_ms,
149 int policy_refresh_deviation_factor_percent, 147 int policy_refresh_deviation_factor_percent,
150 int64 policy_refresh_deviation_max_ms, 148 int64 policy_refresh_deviation_max_ms,
151 int64 policy_refresh_error_delay_ms) 149 int64 policy_refresh_error_delay_ms)
152 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) { 150 : ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {
153 Initialize(cache, 151 Initialize(cache,
154 backend, 152 backend,
155 token_fetcher, 153 token_fetcher,
156 identity_strategy, 154 identity_strategy,
157 policy_refresh_rate_ms, 155 policy_refresh_rate_ms,
158 policy_refresh_deviation_factor_percent, 156 policy_refresh_deviation_factor_percent,
159 policy_refresh_deviation_max_ms, 157 policy_refresh_deviation_max_ms,
160 policy_refresh_error_delay_ms); 158 policy_refresh_error_delay_ms);
161 } 159 }
162 160
163 void CloudPolicyController::Initialize( 161 void CloudPolicyController::Initialize(
164 CloudPolicyCache* cache, 162 CloudPolicyCacheBase* cache,
165 DeviceManagementBackend* backend, 163 DeviceManagementBackend* backend,
166 DeviceTokenFetcher* token_fetcher, 164 DeviceTokenFetcher* token_fetcher,
167 CloudPolicyIdentityStrategy* identity_strategy, 165 CloudPolicyIdentityStrategy* identity_strategy,
168 int64 policy_refresh_rate_ms, 166 int64 policy_refresh_rate_ms,
169 int policy_refresh_deviation_factor_percent, 167 int policy_refresh_deviation_factor_percent,
170 int64 policy_refresh_deviation_max_ms, 168 int64 policy_refresh_deviation_max_ms,
171 int64 policy_refresh_error_delay_ms) { 169 int64 policy_refresh_error_delay_ms) {
172 DCHECK(cache); 170 DCHECK(cache);
173 171
174 cache_ = cache; 172 cache_ = cache;
(...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after
211 em::PolicyFetchRequest* fetch_request = policy_request.add_request(); 209 em::PolicyFetchRequest* fetch_request = policy_request.add_request();
212 fetch_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA); 210 fetch_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA);
213 fetch_request->set_policy_type(identity_strategy_->GetPolicyType()); 211 fetch_request->set_policy_type(identity_strategy_->GetPolicyType());
214 if (!cache_->is_unmanaged() && 212 if (!cache_->is_unmanaged() &&
215 !cache_->last_policy_refresh_time().is_null()) { 213 !cache_->last_policy_refresh_time().is_null()) {
216 base::TimeDelta timestamp = 214 base::TimeDelta timestamp =
217 cache_->last_policy_refresh_time() - base::Time::UnixEpoch(); 215 cache_->last_policy_refresh_time() - base::Time::UnixEpoch();
218 fetch_request->set_timestamp(timestamp.InMilliseconds()); 216 fetch_request->set_timestamp(timestamp.InMilliseconds());
219 } 217 }
220 218
221 // TODO(gfeher): Remove the following block when the server is migrated.
222 // Set fields for the old protocol.
223 policy_request.set_policy_scope(kChromePolicyScope);
224 em::DevicePolicySettingRequest* setting =
225 policy_request.add_setting_request();
226 setting->set_key(kChromeDevicePolicySettingKey);
227 setting->set_watermark("");
228
229 backend_->ProcessPolicyRequest(identity_strategy_->GetDeviceToken(), 219 backend_->ProcessPolicyRequest(identity_strategy_->GetDeviceToken(),
230 identity_strategy_->GetDeviceID(), 220 identity_strategy_->GetDeviceID(),
231 policy_request, this); 221 policy_request, this);
232 } 222 }
233 223
234 void CloudPolicyController::DoDelayedWork() { 224 void CloudPolicyController::DoDelayedWork() {
235 DCHECK(delayed_work_task_); 225 DCHECK(delayed_work_task_);
236 delayed_work_task_ = NULL; 226 delayed_work_task_ = NULL;
237 227
238 switch (state_) { 228 switch (state_) {
(...skipping 59 matching lines...) Expand 10 before | Expand all | Expand 10 after
298 } 288 }
299 289
300 int64 CloudPolicyController::GetRefreshDelay() { 290 int64 CloudPolicyController::GetRefreshDelay() {
301 int64 deviation = (policy_refresh_deviation_factor_percent_ * 291 int64 deviation = (policy_refresh_deviation_factor_percent_ *
302 policy_refresh_rate_ms_) / 100; 292 policy_refresh_rate_ms_) / 100;
303 deviation = std::min(deviation, policy_refresh_deviation_max_ms_); 293 deviation = std::min(deviation, policy_refresh_deviation_max_ms_);
304 return policy_refresh_rate_ms_ - base::RandGenerator(deviation + 1); 294 return policy_refresh_rate_ms_ - base::RandGenerator(deviation + 1);
305 } 295 }
306 296
307 } // namespace policy 297 } // namespace policy
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698