Chromium Code Reviews Chromium Code Reviews
Issue 6979011:
Move user cloud policy to BrowserProcess. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/policy/browser_policy_connector.cc |
| diff --git a/chrome/browser/policy/browser_policy_connector.cc b/chrome/browser/policy/browser_policy_connector.cc |
| index 6dd42f1cc5932f64d26c4d33a1a1b4f423dab1ec..61967844f91907a8e311fa73d00da9edb480d707 100644 |
| --- a/chrome/browser/policy/browser_policy_connector.cc |
| +++ b/chrome/browser/policy/browser_policy_connector.cc |
| @@ -7,13 +7,20 @@ |
| #include "base/command_line.h" |
| #include "base/path_service.h" |
| #include "chrome/browser/browser_process.h" |
| +#include "chrome/browser/net/gaia/token_service.h" |
| +#include "chrome/browser/policy/cloud_policy_provider.h" |
| #include "chrome/browser/policy/cloud_policy_subsystem.h" |
| #include "chrome/browser/policy/configuration_policy_pref_store.h" |
| #include "chrome/browser/policy/configuration_policy_provider.h" |
| #include "chrome/browser/policy/dummy_configuration_policy_provider.h" |
| +#include "chrome/browser/policy/user_policy_cache.h" |
| +#include "chrome/browser/policy/user_policy_identity_strategy.h" |
| #include "chrome/common/chrome_paths.h" |
| #include "chrome/common/chrome_switches.h" |
| +#include "chrome/common/net/gaia/gaia_constants.h" |
| #include "chrome/common/pref_names.h" |
| +#include "content/common/notification_details.h" |
| +#include "content/common/notification_source.h" |
| #if defined(OS_WIN) |
| #include "chrome/browser/policy/configuration_policy_provider_win.h" |
| @@ -28,12 +35,18 @@ |
| #include "chrome/browser/policy/device_policy_cache.h" |
| #include "chrome/browser/policy/device_policy_identity_strategy.h" |
| #include "chrome/browser/policy/enterprise_install_attributes.h" |
| +#include "content/common/notification_service.h" |
| #endif |
| namespace policy { |
| namespace { |
| +// The directory suffixes for user cloud policy. |
| +const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management"); |
| +const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token"); |
| +const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy"); |
| + |
| // The following constants define delays applied before the initial policy fetch |
| // on startup. (So that displaying Chrome's GUI does not get delayed.) |
| // Delay in milliseconds from startup. |
| @@ -52,8 +65,14 @@ BrowserPolicyConnector* BrowserPolicyConnector::CreateForTests() { |
| policy_list = ConfigurationPolicyPrefStore:: |
| GetChromePolicyDefinitionList(); |
| return new BrowserPolicyConnector( |
| - new DummyConfigurationPolicyProvider(policy_list), |
| - new DummyConfigurationPolicyProvider(policy_list)); |
| + new policy::DummyConfigurationPolicyProvider(policy_list), |
| + new policy::DummyConfigurationPolicyProvider(policy_list), |
| + new CloudPolicyProvider( |
| + policy_list, |
| + CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY), |
| + new CloudPolicyProvider( |
| + policy_list, |
| + CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED)); |
| } |
| BrowserPolicyConnector::BrowserPolicyConnector() |
| @@ -61,39 +80,43 @@ BrowserPolicyConnector::BrowserPolicyConnector() |
| managed_platform_provider_.reset(CreateManagedPlatformProvider()); |
| recommended_platform_provider_.reset(CreateRecommendedPlatformProvider()); |
| -#if defined(OS_CHROMEOS) |
| - CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| - if (command_line->HasSwitch(switches::kEnableDevicePolicy)) { |
| - identity_strategy_.reset(new DevicePolicyIdentityStrategy()); |
| - install_attributes_.reset(new EnterpriseInstallAttributes( |
| - chromeos::CrosLibrary::Get()->GetCryptohomeLibrary())); |
| - cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
| - identity_strategy_.get(), |
| - new DevicePolicyCache(identity_strategy_.get(), |
| - install_attributes_.get()))); |
| + managed_cloud_provider_.reset(new CloudPolicyProvider( |
| + ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
| + CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY)); |
| + recommended_cloud_provider_.reset(new CloudPolicyProvider( |
| + ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
| + CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED)); |
| - // Initialize the subsystem once the message loops are spinning. |
| - MessageLoop::current()->PostTask( |
| - FROM_HERE, |
| - method_factory_.NewRunnableMethod(&BrowserPolicyConnector::Initialize)); |
| - } |
| +#if defined(OS_CHROMEOS) |
| + InitializeDevicePolicy(); |
| #endif |
| } |
| BrowserPolicyConnector::BrowserPolicyConnector( |
| ConfigurationPolicyProvider* managed_platform_provider, |
| - ConfigurationPolicyProvider* recommended_platform_provider) |
| + ConfigurationPolicyProvider* recommended_platform_provider, |
| + CloudPolicyProvider* managed_cloud_provider, |
| + CloudPolicyProvider* recommended_cloud_provider) |
| : managed_platform_provider_(managed_platform_provider), |
| recommended_platform_provider_(recommended_platform_provider), |
| + managed_cloud_provider_(managed_cloud_provider), |
| + recommended_cloud_provider_(recommended_cloud_provider), |
| ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {} |
| BrowserPolicyConnector::~BrowserPolicyConnector() { |
| - if (cloud_policy_subsystem_.get()) |
| - cloud_policy_subsystem_->Shutdown(); |
| - cloud_policy_subsystem_.reset(); |
| + // Shutdown device cloud policy. |
| #if defined(OS_CHROMEOS) |
| - identity_strategy_.reset(); |
| + if (device_cloud_policy_subsystem_.get()) |
| + device_cloud_policy_subsystem_->Shutdown(); |
| + device_cloud_policy_subsystem_.reset(); |
| + device_identity_strategy_.reset(); |
| #endif |
| + |
| + // Shutdown user cloud policy. |
| + if (user_cloud_policy_subsystem_.get()) |
| + user_cloud_policy_subsystem_->Shutdown(); |
| + user_cloud_policy_subsystem_.reset(); |
| + user_identity_strategy_.reset(); |
| } |
| ConfigurationPolicyProvider* |
| @@ -103,10 +126,7 @@ ConfigurationPolicyProvider* |
| ConfigurationPolicyProvider* |
| BrowserPolicyConnector::GetManagedCloudProvider() const { |
| - if (cloud_policy_subsystem_.get()) |
| - return cloud_policy_subsystem_->GetManagedPolicyProvider(); |
| - |
| - return NULL; |
| + return managed_cloud_provider_.get(); |
| } |
| ConfigurationPolicyProvider* |
| @@ -116,10 +136,7 @@ ConfigurationPolicyProvider* |
| ConfigurationPolicyProvider* |
| BrowserPolicyConnector::GetRecommendedCloudProvider() const { |
| - if (cloud_policy_subsystem_.get()) |
| - return cloud_policy_subsystem_->GetRecommendedPolicyProvider(); |
| - |
| - return NULL; |
| + return recommended_cloud_provider_.get(); |
| } |
| ConfigurationPolicyProvider* |
| @@ -162,11 +179,12 @@ ConfigurationPolicyProvider* |
| #endif |
| } |
| -void BrowserPolicyConnector::SetCredentials(const std::string& owner_email, |
| - const std::string& gaia_token) { |
| +void BrowserPolicyConnector::SetDeviceCredentials( |
| + const std::string& owner_email, |
| + const std::string& gaia_token) { |
| #if defined(OS_CHROMEOS) |
| - if (identity_strategy_.get()) |
| - identity_strategy_->SetAuthCredentials(owner_email, gaia_token); |
| + if (device_identity_strategy_.get()) |
| + device_identity_strategy_->SetAuthCredentials(owner_email, gaia_token); |
| #endif |
| } |
| @@ -197,30 +215,152 @@ std::string BrowserPolicyConnector::GetEnterpriseDomain() { |
| return std::string(); |
| } |
| -void BrowserPolicyConnector::StopAutoRetry() { |
| - if (cloud_policy_subsystem_.get()) |
| - cloud_policy_subsystem_->StopAutoRetry(); |
| +void BrowserPolicyConnector::DeviceStopAutoRetry() { |
| +#if defined(OS_CHROMEOS) |
| + if (device_cloud_policy_subsystem_.get()) |
| + device_cloud_policy_subsystem_->StopAutoRetry(); |
| +#endif |
| } |
| -void BrowserPolicyConnector::FetchPolicy() { |
| +void BrowserPolicyConnector::FetchDevicePolicy() { |
| #if defined(OS_CHROMEOS) |
| - if (identity_strategy_.get()) |
| - return identity_strategy_->FetchPolicy(); |
| + if (device_identity_strategy_.get()) |
| + return device_identity_strategy_->FetchPolicy(); |
| #endif |
| } |
| -void BrowserPolicyConnector::Initialize() { |
| - if (cloud_policy_subsystem_.get()) { |
| - cloud_policy_subsystem_->Initialize( |
| +void BrowserPolicyConnector::InitializeUserPolicy(std::string& user_name, |
| + const FilePath& policy_dir, |
| + TokenService* token_service) { |
| + // Throw away the old backend. |
| + user_cloud_policy_subsystem_.reset(); |
| + user_identity_strategy_.reset(); |
| + registrar_.RemoveAll(); |
| + |
| + CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| + if (command_line->HasSwitch(switches::kDeviceManagementUrl)) { |
| + token_service_ = token_service; |
| + if (token_service_) { |
| + registrar_.Add(this, |
| + NotificationType::TOKEN_AVAILABLE, |
| + Source<TokenService>(token_service_)); |
| + } |
| + |
| + FilePath policy_cache_dir = policy_dir.Append(kPolicyDir); |
| + UserPolicyCache* user_policy_cache = |
| + new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile)); |
| + |
| + // Prepending user caches meaning they will take precedence of device policy |
| + // caches. |
| + managed_cloud_provider_->PrependCache(user_policy_cache); |
| + recommended_cloud_provider_->PrependCache(user_policy_cache); |
| + user_identity_strategy_.reset( |
| + new UserPolicyIdentityStrategy( |
| + user_name, |
| + policy_cache_dir.Append(kTokenCacheFile))); |
| + user_cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
| + user_identity_strategy_.get(), |
| + user_policy_cache)); |
| + |
| + // Initiate the DM-Token load. |
| + user_identity_strategy_->LoadTokenCache(); |
| + |
| + // In case the token of |token_service_| is already available we set it |
| + // directly, since there will be no notification for it. |
| + if (token_service_) { |
| + if (token_service_->HasTokenForService( |
| + GaiaConstants::kDeviceManagementService)) { |
| + user_identity_strategy_->SetAuthToken( |
| + token_service_->GetTokenForService( |
| + GaiaConstants::kDeviceManagementService)); |
| + } |
| + } |
| + |
| + // TODO(sfeuz): This already assumes that user policy refresh rate |
| + // preference lives in local_state. |
| + user_cloud_policy_subsystem_->Initialize( |
| + prefs::kUserPolicyRefreshRate, |
| + kServiceInitializationStartupDelay); |
| + } |
| +} |
| + |
| +void BrowserPolicyConnector::ScheduleUserServiceInitialization( |
| + int64 delay_milliseconds) { |
| + if (user_cloud_policy_subsystem_.get()) |
| + user_cloud_policy_subsystem_-> |
| + ScheduleServiceInitialization(delay_milliseconds); |
| +} |
| + |
| +void BrowserPolicyConnector::InitializeDevicePolicy() { |
| +#if defined(OS_CHROMEOS) |
| + // Throw away the old backend. |
| + device_cloud_policy_subsystem_.reset(); |
| + device_identity_strategy_.reset(); |
| + |
| + CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| + if (command_line->HasSwitch(switches::kEnableDevicePolicy)) { |
| + device_cloud_policy_subsystem_.reset(); |
| + device_identity_strategy_.reset(); |
| + |
| + device_identity_strategy_.reset(new DevicePolicyIdentityStrategy()); |
| + install_attributes_.reset(new EnterpriseInstallAttributes( |
| + chromeos::CrosLibrary::Get()->GetCryptohomeLibrary())); |
| + DevicePolicyCache* device_policy_cache = |
| + new DevicePolicyCache(device_identity_strategy_.get(), |
| + install_attributes_.get()); |
| + |
| + managed_cloud_provider_->AppendCache(device_policy_cache); |
| + recommended_cloud_provider_->AppendCache(device_policy_cache); |
| + |
| + device_cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
| + device_identity_strategy_.get(), |
| + device_policy_cache)); |
| + |
| + // Initialize the subsystem once the message loops are spinning. |
| + MessageLoop::current()->PostTask( |
| + FROM_HERE, |
| + method_factory_.NewRunnableMethod( |
| + &BrowserPolicyConnector::InitializeDevicePolicySubsystem)); |
| + } |
| +#endif |
| +} |
| + |
| +void BrowserPolicyConnector::InitializeDevicePolicySubsystem() { |
| +#if defined(OS_CHROMEOS) |
| + if (device_cloud_policy_subsystem_.get()) { |
| + device_cloud_policy_subsystem_->Initialize( |
| prefs::kDevicePolicyRefreshRate, |
| kServiceInitializationStartupDelay); |
| } |
| +#endif |
| } |
| -void BrowserPolicyConnector::ScheduleServiceInitialization( |
| +void BrowserPolicyConnector::ScheduleDeviceServiceInitialization( |
| int64 delay_milliseconds) { |
| - if (cloud_policy_subsystem_.get()) |
| - cloud_policy_subsystem_->ScheduleServiceInitialization(delay_milliseconds); |
| +#if defined(OS_CHROMEOS) |
| + if (device_cloud_policy_subsystem_.get()) { |
| + device_cloud_policy_subsystem_-> |
| + ScheduleServiceInitialization(delay_milliseconds); |
| + } |
| +#endif |
| +} |
| + |
| +void BrowserPolicyConnector::Observe(NotificationType type, |
| + const NotificationSource& source, |
| + const NotificationDetails& details) { |
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
| + if (type == NotificationType::TOKEN_AVAILABLE) { |
| + const TokenService* token_source = |
| + Source<const TokenService>(source).ptr(); |
| + DCHECK_EQ(token_service_, token_source); |
| + const TokenService::TokenAvailableDetails* token_details = |
| + Details<const TokenService::TokenAvailableDetails>(details).ptr(); |
| + if (token_details->service() == GaiaConstants::kDeviceManagementService) |
|
Mattias Nissler (ping if slow)
2011/06/09 14:36:26
need parens for multi-line conditionals
sfeuz
2011/06/13 06:53:53
Done.
|
| + if (user_identity_strategy_.get()) |
| + user_identity_strategy_->SetAuthToken(token_details->token()); |
| + } else { |
| + NOTREACHED(); |
| + } |
| } |
| } // namespace |
