| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include <algorithm> | 5 #include <algorithm> |
| 6 #include <string> | 6 #include <string> |
| 7 | 7 |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/file_util.h" | |
| 10 #include "chrome/browser/browser_process.h" | 9 #include "chrome/browser/browser_process.h" |
| 10 #include "chrome/browser/net/gaia/token_service.h" |
| 11 #include "chrome/browser/policy/browser_policy_connector.h" | 11 #include "chrome/browser/policy/browser_policy_connector.h" |
| 12 #include "chrome/browser/policy/cloud_policy_subsystem.h" | 12 #include "chrome/browser/policy/cloud_policy_subsystem.h" |
| 13 #include "chrome/browser/policy/configuration_policy_pref_store.h" | 13 #include "chrome/browser/policy/configuration_policy_pref_store.h" |
| 14 #include "chrome/browser/policy/profile_policy_connector.h" | 14 #include "chrome/browser/policy/profile_policy_connector.h" |
| 15 #include "chrome/browser/policy/user_policy_cache.h" | 15 #include "chrome/browser/policy/user_policy_cache.h" |
| 16 #include "chrome/browser/policy/cloud_policy_cache_base.h" |
| 16 #include "chrome/browser/policy/user_policy_identity_strategy.h" | 17 #include "chrome/browser/policy/user_policy_identity_strategy.h" |
| 17 #include "chrome/browser/prefs/pref_service.h" | 18 #include "chrome/browser/prefs/pref_service.h" |
| 18 #include "chrome/browser/profiles/profile.h" | 19 #include "chrome/common/net/gaia/gaia_constants.h" |
| 19 #include "chrome/common/chrome_switches.h" | 20 #include "chrome/common/chrome_switches.h" |
| 21 #include "content/common/notification_details.h" |
| 22 #include "content/common/notification_service.h" |
| 23 #include "content/common/notification_source.h" |
| 24 |
| 25 #if defined(OS_CHROMEOS) |
| 26 #include "chrome/browser/chromeos/login/user_manager.h" |
| 27 #endif |
| 20 | 28 |
| 21 namespace { | 29 namespace { |
| 22 | 30 |
| 23 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management"); | 31 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management"); |
| 24 const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token"); | 32 const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token"); |
| 25 const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy"); | 33 const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy"); |
| 26 | 34 |
| 27 } // namespace | 35 } // namespace |
| 28 | 36 |
| 29 namespace policy { | 37 namespace policy { |
| 30 | 38 |
| 31 ProfilePolicyConnector::ProfilePolicyConnector(Profile* profile) | 39 // static |
| 32 : profile_(profile) { | 40 ProfilePolicyConnector* ProfilePolicyConnector::Create() { |
| 33 CommandLine* command_line = CommandLine::ForCurrentProcess(); | 41 return new ProfilePolicyConnector(); |
| 34 if (command_line->HasSwitch(switches::kDeviceManagementUrl)) { | 42 } |
| 35 FilePath policy_cache_dir(profile_->GetPath()); | |
| 36 policy_cache_dir = policy_cache_dir.Append(kPolicyDir); | |
| 37 | 43 |
| 38 identity_strategy_.reset(new UserPolicyIdentityStrategy( | 44 ProfilePolicyConnector::ProfilePolicyConnector() { |
| 39 profile_, | 45 managed_cloud_provider_.reset(new CloudPolicyProvider( |
| 40 policy_cache_dir.Append(kTokenCacheFile))); | 46 ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
| 41 cloud_policy_subsystem_.reset(new CloudPolicySubsystem( | 47 CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY)); |
| 42 identity_strategy_.get(), | 48 recommended_cloud_provider_.reset(new CloudPolicyProvider( |
| 43 new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile)))); | 49 ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
| 44 | 50 CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED)); |
| 45 BrowserPolicyConnector* browser_connector = | |
| 46 g_browser_process->browser_policy_connector(); | |
| 47 | |
| 48 managed_cloud_provider_.reset(new MergingPolicyProvider( | |
| 49 browser_connector->GetManagedCloudProvider(), | |
| 50 cloud_policy_subsystem_->GetManagedPolicyProvider())); | |
| 51 recommended_cloud_provider_.reset(new MergingPolicyProvider( | |
| 52 browser_connector->GetRecommendedCloudProvider(), | |
| 53 cloud_policy_subsystem_->GetRecommendedPolicyProvider())); | |
| 54 } | |
| 55 } | 51 } |
| 56 | 52 |
| 57 ProfilePolicyConnector::~ProfilePolicyConnector() { | 53 ProfilePolicyConnector::~ProfilePolicyConnector() { |
| 58 managed_cloud_provider_.reset(); | 54 managed_cloud_provider_.reset(); |
| 59 recommended_cloud_provider_.reset(); | 55 recommended_cloud_provider_.reset(); |
| 60 cloud_policy_subsystem_.reset(); | 56 cloud_policy_subsystem_.reset(); |
| 61 identity_strategy_.reset(); | 57 identity_strategy_.reset(); |
| 62 } | 58 } |
| 63 | 59 |
| 64 void ProfilePolicyConnector::Initialize() { | 60 void ProfilePolicyConnector::Initialize(std::string& user_name, |
| 65 // TODO(jkummerow, mnissler): Move this out of the browser startup path. | 61 const FilePath& policy_dir, |
| 66 if (identity_strategy_.get()) | 62 TokenService* token_service) { |
| 63 // Throw away the old backend. |
| 64 cloud_policy_subsystem_.reset(); |
| 65 identity_strategy_.reset(); |
| 66 registrar_.RemoveAll(); |
| 67 |
| 68 CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| 69 if (command_line->HasSwitch(switches::kDeviceManagementUrl)) { |
| 70 token_service_ = token_service; |
| 71 registrar_.Add(this, |
| 72 NotificationType::TOKEN_AVAILABLE, |
| 73 Source<TokenService>(token_service_)); |
| 74 |
| 75 // Register for the event of user login on CrOS to make sure that the user |
| 76 // is not changing while the ProfilePolicyConnector is active. |
| 77 #if defined(OS_CHROMEOS) |
| 78 registrar_.Add(this, |
| 79 NotificationType::LOGIN_USER_CHANGED, |
| 80 NotificationService::AllSources()); |
| 81 #endif |
| 82 FilePath policy_cache_dir = policy_dir.Append(kPolicyDir); |
| 83 UserPolicyCache* user_policy_cache = |
| 84 new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile)); |
| 85 managed_cloud_provider_->set_cache(user_policy_cache); |
| 86 recommended_cloud_provider_->set_cache(user_policy_cache); |
| 87 identity_strategy_.reset(new UserPolicyIdentityStrategy(user_name, |
| 88 policy_cache_dir.Append(kTokenCacheFile))); |
| 89 cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
| 90 identity_strategy_.get(), |
| 91 user_policy_cache)); |
| 92 |
| 93 // Initiate the DM-Token load. |
| 67 identity_strategy_->LoadTokenCache(); | 94 identity_strategy_->LoadTokenCache(); |
| 68 if (cloud_policy_subsystem_.get()) | 95 |
| 69 cloud_policy_subsystem_->Initialize(profile_->GetPrefs()); | 96 // In case the token of |token_service_| is already available we set it |
| 97 // directly, since there will be no notification for it. |
| 98 if (token_service_->HasTokenForService( |
| 99 GaiaConstants::kDeviceManagementService)) { |
| 100 identity_strategy_->SetAuthToken( |
| 101 token_service_->GetTokenForService( |
| 102 GaiaConstants::kDeviceManagementService)); |
| 103 } |
| 104 |
| 105 // TODO(sfeuz): This already assumes that user policy refresh rate |
| 106 // preference lives in local_state. Adapted once the PolicyRefreshRate CL is |
| 107 // landed. |
| 108 cloud_policy_subsystem_->Initialize(g_browser_process->local_state()); |
| 109 } |
| 70 } | 110 } |
| 71 | 111 |
| 72 void ProfilePolicyConnector::Shutdown() { | 112 CloudPolicyProvider* |
| 73 if (cloud_policy_subsystem_.get()) | 113 ProfilePolicyConnector::GetManagedCloudProvider() const { |
| 74 cloud_policy_subsystem_->Shutdown(); | |
| 75 } | |
| 76 | |
| 77 ConfigurationPolicyProvider* | |
| 78 ProfilePolicyConnector::GetManagedCloudProvider() { | |
| 79 return managed_cloud_provider_.get(); | 114 return managed_cloud_provider_.get(); |
| 80 } | 115 } |
| 81 | 116 |
| 82 ConfigurationPolicyProvider* | 117 CloudPolicyProvider* |
| 83 ProfilePolicyConnector::GetRecommendedCloudProvider() { | 118 ProfilePolicyConnector::GetRecommendedCloudProvider() const { |
| 84 return recommended_cloud_provider_.get(); | 119 return recommended_cloud_provider_.get(); |
| 85 } | 120 } |
| 86 | 121 |
| 87 MergingPolicyProvider::MergingPolicyProvider( | 122 void ProfilePolicyConnector::Observe(NotificationType type, |
| 88 ConfigurationPolicyProvider* browser_policy_provider, | 123 const NotificationSource& source, |
| 89 ConfigurationPolicyProvider* profile_policy_provider) | 124 const NotificationDetails& details) { |
| 90 : ConfigurationPolicyProvider( | 125 DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| 91 ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList()), | 126 if (type == NotificationType::TOKEN_AVAILABLE) { |
| 92 browser_policy_provider_(browser_policy_provider), | 127 const TokenService::TokenAvailableDetails* token_details = |
| 93 profile_policy_provider_(profile_policy_provider), | 128 Details<const TokenService::TokenAvailableDetails>(details).ptr(); |
| 94 browser_registrar_(new ConfigurationPolicyObserverRegistrar()), | 129 if (token_details->service() == GaiaConstants::kDeviceManagementService) |
| 95 profile_registrar_(new ConfigurationPolicyObserverRegistrar()) { | 130 if (identity_strategy_.get()) |
| 96 if (browser_policy_provider_) | 131 identity_strategy_->SetAuthToken(token_details->token()); |
| 97 browser_registrar_->Init(browser_policy_provider_, this); | 132 #if defined(OS_CHROMEOS) |
| 98 if (profile_policy_provider_) | 133 } else if (type == NotificationType::LOGIN_USER_CHANGED) { |
| 99 profile_registrar_->Init(profile_policy_provider_, this); | 134 const chromeos::UserManager::User* user_details = |
| 100 } | 135 Details<const chromeos::UserManager::User>(details).ptr(); |
| 101 | 136 std::string current_username, current_auth_token; |
| 102 MergingPolicyProvider::~MergingPolicyProvider() { | 137 identity_strategy_->GetCredentials(¤t_username, ¤t_auth_token); |
| 103 if (browser_policy_provider_ || profile_policy_provider_) { | 138 DCHECK_EQ(current_username, user_details->email()); |
| 104 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer, | 139 #endif |
| 105 observer_list_, OnProviderGoingAway()); | 140 } else { |
| 141 NOTREACHED(); |
| 106 } | 142 } |
| 107 } | 143 } |
| 108 | 144 |
| 109 bool MergingPolicyProvider::Provide(ConfigurationPolicyStoreInterface* store) { | |
| 110 // First, apply the profile policies and observe if interesting policies | |
| 111 // have been applied. | |
| 112 ObservingPolicyStoreInterface observe(store); | |
| 113 bool rv = true; | |
| 114 if (profile_policy_provider_) | |
| 115 rv = profile_policy_provider_->Provide(&observe); | |
| 116 | |
| 117 // Now apply policies from the browser provider, if they were not applied | |
| 118 // by the profile provider. | |
| 119 // Currently, these include only the proxy settings. | |
| 120 if (browser_policy_provider_) { | |
| 121 FilteringPolicyStoreInterface filter(store, | |
| 122 !observe.IsProxyPolicyApplied()); | |
| 123 rv = rv && browser_policy_provider_->Provide(&filter); | |
| 124 } | |
| 125 | |
| 126 return rv; | |
| 127 } | |
| 128 | |
| 129 void MergingPolicyProvider::AddObserver( | |
| 130 ConfigurationPolicyProvider::Observer* observer) { | |
| 131 observer_list_.AddObserver(observer); | |
| 132 } | |
| 133 | |
| 134 void MergingPolicyProvider::RemoveObserver( | |
| 135 ConfigurationPolicyProvider::Observer* observer) { | |
| 136 observer_list_.RemoveObserver(observer); | |
| 137 } | |
| 138 | |
| 139 void MergingPolicyProvider::OnUpdatePolicy() { | |
| 140 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer, | |
| 141 observer_list_, OnUpdatePolicy()); | |
| 142 } | |
| 143 | |
| 144 void MergingPolicyProvider::OnProviderGoingAway() { | |
| 145 if (browser_policy_provider_ || profile_policy_provider_) { | |
| 146 FOR_EACH_OBSERVER(ConfigurationPolicyProvider::Observer, | |
| 147 observer_list_, OnProviderGoingAway()); | |
| 148 browser_registrar_.reset(); | |
| 149 profile_registrar_.reset(); | |
| 150 browser_policy_provider_ = NULL; | |
| 151 profile_policy_provider_ = NULL; | |
| 152 } | |
| 153 } | |
| 154 | |
| 155 } // namespace policy | 145 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 6979011:
Move user cloud policy to BrowserProcess. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src