OLD | NEW |
(Empty) | |
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. |
| 4 |
| 5 #include "chrome/browser/policy/user_policy_cache.h" |
| 6 |
| 7 #include <string> |
| 8 |
| 9 #include "base/file_util.h" |
| 10 #include "base/logging.h" |
| 11 #include "base/task.h" |
| 12 #include "chrome/browser/policy/policy_map.h" |
| 13 #include "chrome/browser/policy/proto/cloud_policy.pb.h" |
| 14 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 15 #include "content/browser/browser_thread.h" |
| 16 #include "policy/configuration_policy_type.h" |
| 17 |
| 18 namespace policy { |
| 19 |
| 20 // Decodes a CloudPolicySettings object into two maps with mandatory and |
| 21 // recommended settings, respectively. The implementation is generated code |
| 22 // in policy/cloud_policy_generated.cc. |
| 23 void DecodePolicy(const em::CloudPolicySettings& policy, |
| 24 PolicyMap* mandatory, PolicyMap* recommended); |
| 25 |
| 26 // Saves policy information to a file. |
| 27 class PersistPolicyTask : public Task { |
| 28 public: |
| 29 PersistPolicyTask(const FilePath& path, |
| 30 const em::PolicyFetchResponse* cloud_policy_response, |
| 31 const bool is_unmanaged) |
| 32 : path_(path), |
| 33 cloud_policy_response_(cloud_policy_response), |
| 34 is_unmanaged_(is_unmanaged) {} |
| 35 |
| 36 private: |
| 37 // Task override. |
| 38 virtual void Run(); |
| 39 |
| 40 const FilePath path_; |
| 41 scoped_ptr<const em::PolicyFetchResponse> cloud_policy_response_; |
| 42 const bool is_unmanaged_; |
| 43 }; |
| 44 |
| 45 void PersistPolicyTask::Run() { |
| 46 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::FILE)); |
| 47 std::string data; |
| 48 em::CachedCloudPolicyResponse cached_policy; |
| 49 if (cloud_policy_response_.get()) { |
| 50 cached_policy.mutable_cloud_policy()->CopyFrom(*cloud_policy_response_); |
| 51 } |
| 52 if (is_unmanaged_) { |
| 53 cached_policy.set_unmanaged(true); |
| 54 cached_policy.set_timestamp(base::Time::NowFromSystemTime().ToTimeT()); |
| 55 } |
| 56 if (!cached_policy.SerializeToString(&data)) { |
| 57 LOG(WARNING) << "Failed to serialize policy data"; |
| 58 return; |
| 59 } |
| 60 |
| 61 int size = data.size(); |
| 62 if (file_util::WriteFile(path_, data.c_str(), size) != size) { |
| 63 LOG(WARNING) << "Failed to write " << path_.value(); |
| 64 return; |
| 65 } |
| 66 } |
| 67 |
| 68 UserPolicyCache::UserPolicyCache(const FilePath& backing_file_path) |
| 69 : backing_file_path_(backing_file_path) { |
| 70 } |
| 71 |
| 72 UserPolicyCache::~UserPolicyCache() { |
| 73 } |
| 74 |
| 75 void UserPolicyCache::Load() { |
| 76 // TODO(jkummerow): This method is doing file IO during browser startup. In |
| 77 // the long run it would be better to delay this until the FILE thread exists. |
| 78 if (!file_util::PathExists(backing_file_path_) || initialization_complete()) { |
| 79 return; |
| 80 } |
| 81 |
| 82 // Read the protobuf from the file. |
| 83 std::string data; |
| 84 if (!file_util::ReadFileToString(backing_file_path_, &data)) { |
| 85 LOG(WARNING) << "Failed to read policy data from " |
| 86 << backing_file_path_.value(); |
| 87 return; |
| 88 } |
| 89 |
| 90 em::CachedCloudPolicyResponse cached_response; |
| 91 if (!cached_response.ParseFromArray(data.c_str(), data.size())) { |
| 92 LOG(WARNING) << "Failed to parse policy data read from " |
| 93 << backing_file_path_.value(); |
| 94 return; |
| 95 } |
| 96 |
| 97 if (cached_response.unmanaged()) { |
| 98 SetUnmanagedInternal(base::Time::FromTimeT(cached_response.timestamp())); |
| 99 } else if (cached_response.has_cloud_policy()) { |
| 100 base::Time timestamp; |
| 101 if (SetPolicyInternal(cached_response.cloud_policy(), ×tamp, true)) |
| 102 set_last_policy_refresh_time(timestamp); |
| 103 } |
| 104 } |
| 105 |
| 106 void UserPolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { |
| 107 base::Time now = base::Time::NowFromSystemTime(); |
| 108 set_last_policy_refresh_time(now); |
| 109 bool ok = SetPolicyInternal(policy, NULL, false); |
| 110 if (ok) |
| 111 PersistPolicy(policy, now); |
| 112 } |
| 113 |
| 114 void UserPolicyCache::SetUnmanaged() { |
| 115 DCHECK(CalledOnValidThread()); |
| 116 SetUnmanagedInternal(base::Time::NowFromSystemTime()); |
| 117 BrowserThread::PostTask( |
| 118 BrowserThread::FILE, |
| 119 FROM_HERE, |
| 120 new PersistPolicyTask(backing_file_path_, NULL, true)); |
| 121 } |
| 122 |
| 123 void UserPolicyCache::PersistPolicy(const em::PolicyFetchResponse& policy, |
| 124 const base::Time& timestamp) { |
| 125 if (timestamp > base::Time::NowFromSystemTime() + |
| 126 base::TimeDelta::FromMinutes(1)) { |
| 127 LOG(WARNING) << "Server returned policy with timestamp from the future, " |
| 128 "not persisting to disk."; |
| 129 } else { |
| 130 em::PolicyFetchResponse* policy_copy = new em::PolicyFetchResponse; |
| 131 policy_copy->CopyFrom(policy); |
| 132 BrowserThread::PostTask( |
| 133 BrowserThread::FILE, |
| 134 FROM_HERE, |
| 135 new PersistPolicyTask(backing_file_path_, policy_copy, false)); |
| 136 } |
| 137 } |
| 138 |
| 139 bool UserPolicyCache::DecodePolicyData(const em::PolicyData& policy_data, |
| 140 PolicyMap* mandatory, |
| 141 PolicyMap* recommended) { |
| 142 // TODO(jkummerow): Verify policy_data.device_token(). Needs final |
| 143 // specification which token we're actually sending / expecting to get back. |
| 144 em::CloudPolicySettings policy; |
| 145 if (!policy.ParseFromString(policy_data.policy_value())) { |
| 146 LOG(WARNING) << "Failed to parse CloudPolicySettings protobuf."; |
| 147 return false; |
| 148 } |
| 149 DecodePolicy(policy, mandatory, recommended); |
| 150 return true; |
| 151 } |
| 152 |
| 153 } // namespace policy |
OLD | NEW |