Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(448)

Side by Side Diff: chrome/browser/policy/user_policy_cache.cc

Issue 6705031: Send policy blobs to session_manager (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: Created 9 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
(Empty)
1 // Copyright (c) 2011 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file.
4
5 #include "chrome/browser/policy/user_policy_cache.h"
6
7 #include <string>
8
9 #include "base/file_util.h"
10 #include "base/logging.h"
11 #include "base/task.h"
12 #include "chrome/browser/policy/policy_map.h"
13 #include "chrome/browser/policy/proto/cloud_policy.pb.h"
14 #include "chrome/browser/policy/proto/device_management_local.pb.h"
15 #include "content/browser/browser_thread.h"
16 #include "policy/configuration_policy_type.h"
17
18 namespace policy {
19
20 // Decodes a CloudPolicySettings object into two maps with mandatory and
21 // recommended settings, respectively. The implementation is generated code
22 // in policy/cloud_policy_generated.cc.
23 void DecodePolicy(const em::CloudPolicySettings& policy,
24 PolicyMap* mandatory, PolicyMap* recommended);
25
26 // Saves policy information to a file.
27 class PersistPolicyTask : public Task {
28 public:
29 PersistPolicyTask(const FilePath& path,
30 const em::PolicyFetchResponse* cloud_policy_response,
31 const bool is_unmanaged)
32 : path_(path),
33 cloud_policy_response_(cloud_policy_response),
34 is_unmanaged_(is_unmanaged) {}
35
36 private:
37 // Task override.
38 virtual void Run();
39
40 const FilePath path_;
41 scoped_ptr<const em::PolicyFetchResponse> cloud_policy_response_;
42 const bool is_unmanaged_;
43 };
44
45 void PersistPolicyTask::Run() {
46 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE));
47 std::string data;
48 em::CachedCloudPolicyResponse cached_policy;
49 if (cloud_policy_response_.get()) {
50 cached_policy.mutable_cloud_policy()->CopyFrom(*cloud_policy_response_);
51 }
52 if (is_unmanaged_) {
53 cached_policy.set_unmanaged(true);
54 cached_policy.set_timestamp(base::Time::NowFromSystemTime().ToTimeT());
55 }
56 if (!cached_policy.SerializeToString(&data)) {
57 LOG(WARNING) << "Failed to serialize policy data";
58 return;
59 }
60
61 int size = data.size();
62 if (file_util::WriteFile(path_, data.c_str(), size) != size) {
63 LOG(WARNING) << "Failed to write " << path_.value();
64 return;
65 }
66 }
67
68 UserPolicyCache::UserPolicyCache(const FilePath& backing_file_path)
69 : backing_file_path_(backing_file_path) {
70 }
71
72 UserPolicyCache::~UserPolicyCache() {
73 }
74
75 void UserPolicyCache::Load() {
76 // TODO(jkummerow): This method is doing file IO during browser startup. In
77 // the long run it would be better to delay this until the FILE thread exists.
78 if (!file_util::PathExists(backing_file_path_) || initialization_complete_) {
79 return;
80 }
81
82 // Read the protobuf from the file.
83 std::string data;
84 if (!file_util::ReadFileToString(backing_file_path_, &data)) {
85 LOG(WARNING) << "Failed to read policy data from "
86 << backing_file_path_.value();
87 return;
88 }
89
90 em::CachedCloudPolicyResponse cached_response;
91 if (!cached_response.ParseFromArray(data.c_str(), data.size())) {
92 LOG(WARNING) << "Failed to parse policy data read from "
93 << backing_file_path_.value();
94 return;
95 }
96 base::Time timestamp;
97 PolicyMap mandatory_policy;
Mattias Nissler (ping if slow) 2011/03/24 18:55:57 As discussed, we probably want to call SetPolicyIn
Jakob Kummerow 2011/03/28 13:53:53 Done.
98 PolicyMap recommended_policy;
99 is_unmanaged_ = cached_response.unmanaged();
100 if (is_unmanaged_)
101 timestamp = base::Time::FromTimeT(cached_response.timestamp());
102 if (cached_response.has_cloud_policy()) {
103 DCHECK(!is_unmanaged_);
104 bool ok = DecodePolicyResponse(cached_response.cloud_policy(),
105 &mandatory_policy,
106 &recommended_policy,
107 &timestamp);
108 if (!ok) {
109 LOG(WARNING) << "Decoding policy data failed.";
110 return;
111 }
112 }
113 if (timestamp > base::Time::NowFromSystemTime()) {
114 LOG(WARNING) << "Rejected policy data from " << backing_file_path_.value()
115 << ", file is from the future.";
116 return;
117 }
118 // Swap in the new policy information.
119 if (cached_response.has_cloud_policy()) {
120 mandatory_policy_.Swap(&mandatory_policy);
121 recommended_policy_.Swap(&recommended_policy);
122 }
123 last_policy_refresh_time_ = timestamp;
124 initialization_complete_ = true;
125
126 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
127 observer_list_, OnUpdatePolicy());
128 }
129
130 void UserPolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) {
131 bool ok = SetPolicyInternal(policy);
132 if (ok)
133 PersistPolicy(policy, last_policy_refresh_time_);
134 }
135
136 void UserPolicyCache::SetUnmanaged() {
137 DCHECK(CalledOnValidThread());
138 is_unmanaged_ = true;
Mattias Nissler (ping if slow) 2011/03/24 18:55:57 This could probably also be moved to the base clas
Jakob Kummerow 2011/03/28 13:53:53 Done. Sort of. I've extracted most of the method b
139 mandatory_policy_.Clear();
140 recommended_policy_.Clear();
141 last_policy_refresh_time_ = base::Time::NowFromSystemTime();
142
143 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer,
144 observer_list_, OnUpdatePolicy());
145
146 BrowserThread::PostTask(
147 BrowserThread::FILE,
148 FROM_HERE,
149 new PersistPolicyTask(backing_file_path_, NULL, true));
150 }
151
152 void UserPolicyCache::PersistPolicy(const em::PolicyFetchResponse& policy,
153 const base::Time& timestamp) {
154 if (timestamp > base::Time::NowFromSystemTime() +
155 base::TimeDelta::FromMinutes(1)) {
156 LOG(WARNING) << "Server returned policy with timestamp from the future, "
157 "not persisting to disk.";
158 } else {
159 em::PolicyFetchResponse* policy_copy = new em::PolicyFetchResponse;
160 policy_copy->CopyFrom(policy);
161 BrowserThread::PostTask(
162 BrowserThread::FILE,
163 FROM_HERE,
164 new PersistPolicyTask(backing_file_path_, policy_copy, false));
165 }
166 }
167
168 bool UserPolicyCache::DecodePolicyData(const em::PolicyData& policy_data,
169 PolicyMap* mandatory,
170 PolicyMap* recommended) {
171 // TODO(jkummerow): Verify policy_data.device_token(). Needs final
172 // specification which token we're actually sending / expecting to get back.
173 em::CloudPolicySettings policy;
174 if (!policy.ParseFromString(policy_data.policy_value())) {
175 LOG(WARNING) << "Failed to parse CloudPolicySettings protobuf.";
176 return false;
177 }
178 DecodePolicy(policy, mandatory, recommended);
179 return true;
180 }
181
182 } // namespace policy
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698