| Index: chrome/browser/policy/browser_policy_connector.cc
|
| diff --git a/chrome/browser/policy/browser_policy_connector.cc b/chrome/browser/policy/browser_policy_connector.cc
|
| index 6dd42f1cc5932f64d26c4d33a1a1b4f423dab1ec..5741154817f2bafe65664c2a64b2a6ea46854d63 100644
|
| --- a/chrome/browser/policy/browser_policy_connector.cc
|
| +++ b/chrome/browser/policy/browser_policy_connector.cc
|
| @@ -7,13 +7,20 @@
|
| #include "base/command_line.h"
|
| #include "base/path_service.h"
|
| #include "chrome/browser/browser_process.h"
|
| +#include "chrome/browser/net/gaia/token_service.h"
|
| +#include "chrome/browser/policy/cloud_policy_provider.h"
|
| #include "chrome/browser/policy/cloud_policy_subsystem.h"
|
| #include "chrome/browser/policy/configuration_policy_pref_store.h"
|
| #include "chrome/browser/policy/configuration_policy_provider.h"
|
| #include "chrome/browser/policy/dummy_configuration_policy_provider.h"
|
| +#include "chrome/browser/policy/user_policy_cache.h"
|
| +#include "chrome/browser/policy/user_policy_identity_strategy.h"
|
| #include "chrome/common/chrome_paths.h"
|
| #include "chrome/common/chrome_switches.h"
|
| +#include "chrome/common/net/gaia/gaia_constants.h"
|
| #include "chrome/common/pref_names.h"
|
| +#include "content/common/notification_details.h"
|
| +#include "content/common/notification_source.h"
|
|
|
| #if defined(OS_WIN)
|
| #include "chrome/browser/policy/configuration_policy_provider_win.h"
|
| @@ -28,12 +35,18 @@
|
| #include "chrome/browser/policy/device_policy_cache.h"
|
| #include "chrome/browser/policy/device_policy_identity_strategy.h"
|
| #include "chrome/browser/policy/enterprise_install_attributes.h"
|
| +#include "content/common/notification_service.h"
|
| #endif
|
|
|
| namespace policy {
|
|
|
| namespace {
|
|
|
| +// The directory suffixes for user cloud policy.
|
| +const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management");
|
| +const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token");
|
| +const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy");
|
| +
|
| // The following constants define delays applied before the initial policy fetch
|
| // on startup. (So that displaying Chrome's GUI does not get delayed.)
|
| // Delay in milliseconds from startup.
|
| @@ -52,8 +65,14 @@ BrowserPolicyConnector* BrowserPolicyConnector::CreateForTests() {
|
| policy_list = ConfigurationPolicyPrefStore::
|
| GetChromePolicyDefinitionList();
|
| return new BrowserPolicyConnector(
|
| - new DummyConfigurationPolicyProvider(policy_list),
|
| - new DummyConfigurationPolicyProvider(policy_list));
|
| + new policy::DummyConfigurationPolicyProvider(policy_list),
|
| + new policy::DummyConfigurationPolicyProvider(policy_list),
|
| + new CloudPolicyProvider(
|
| + policy_list,
|
| + CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY),
|
| + new CloudPolicyProvider(
|
| + policy_list,
|
| + CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED));
|
| }
|
|
|
| BrowserPolicyConnector::BrowserPolicyConnector()
|
| @@ -61,39 +80,43 @@ BrowserPolicyConnector::BrowserPolicyConnector()
|
| managed_platform_provider_.reset(CreateManagedPlatformProvider());
|
| recommended_platform_provider_.reset(CreateRecommendedPlatformProvider());
|
|
|
| -#if defined(OS_CHROMEOS)
|
| - CommandLine* command_line = CommandLine::ForCurrentProcess();
|
| - if (command_line->HasSwitch(switches::kEnableDevicePolicy)) {
|
| - identity_strategy_.reset(new DevicePolicyIdentityStrategy());
|
| - install_attributes_.reset(new EnterpriseInstallAttributes(
|
| - chromeos::CrosLibrary::Get()->GetCryptohomeLibrary()));
|
| - cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
|
| - identity_strategy_.get(),
|
| - new DevicePolicyCache(identity_strategy_.get(),
|
| - install_attributes_.get())));
|
| + managed_cloud_provider_.reset(new CloudPolicyProvider(
|
| + ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
|
| + CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY));
|
| + recommended_cloud_provider_.reset(new CloudPolicyProvider(
|
| + ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
|
| + CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED));
|
|
|
| - // Initialize the subsystem once the message loops are spinning.
|
| - MessageLoop::current()->PostTask(
|
| - FROM_HERE,
|
| - method_factory_.NewRunnableMethod(&BrowserPolicyConnector::Initialize));
|
| - }
|
| +#if defined(OS_CHROMEOS)
|
| + InitializeDevicePolicy();
|
| #endif
|
| }
|
|
|
| BrowserPolicyConnector::BrowserPolicyConnector(
|
| ConfigurationPolicyProvider* managed_platform_provider,
|
| - ConfigurationPolicyProvider* recommended_platform_provider)
|
| + ConfigurationPolicyProvider* recommended_platform_provider,
|
| + CloudPolicyProvider* managed_cloud_provider,
|
| + CloudPolicyProvider* recommended_cloud_provider)
|
| : managed_platform_provider_(managed_platform_provider),
|
| recommended_platform_provider_(recommended_platform_provider),
|
| + managed_cloud_provider_(managed_cloud_provider),
|
| + recommended_cloud_provider_(recommended_cloud_provider),
|
| ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {}
|
|
|
| BrowserPolicyConnector::~BrowserPolicyConnector() {
|
| - if (cloud_policy_subsystem_.get())
|
| - cloud_policy_subsystem_->Shutdown();
|
| - cloud_policy_subsystem_.reset();
|
| + // Shutdown device cloud policy.
|
| #if defined(OS_CHROMEOS)
|
| - identity_strategy_.reset();
|
| + if (device_cloud_policy_subsystem_.get())
|
| + device_cloud_policy_subsystem_->Shutdown();
|
| + device_cloud_policy_subsystem_.reset();
|
| + device_identity_strategy_.reset();
|
| #endif
|
| +
|
| + // Shutdown user cloud policy.
|
| + if (user_cloud_policy_subsystem_.get())
|
| + user_cloud_policy_subsystem_->Shutdown();
|
| + user_cloud_policy_subsystem_.reset();
|
| + user_identity_strategy_.reset();
|
| }
|
|
|
| ConfigurationPolicyProvider*
|
| @@ -103,10 +126,7 @@ ConfigurationPolicyProvider*
|
|
|
| ConfigurationPolicyProvider*
|
| BrowserPolicyConnector::GetManagedCloudProvider() const {
|
| - if (cloud_policy_subsystem_.get())
|
| - return cloud_policy_subsystem_->GetManagedPolicyProvider();
|
| -
|
| - return NULL;
|
| + return managed_cloud_provider_.get();
|
| }
|
|
|
| ConfigurationPolicyProvider*
|
| @@ -116,10 +136,7 @@ ConfigurationPolicyProvider*
|
|
|
| ConfigurationPolicyProvider*
|
| BrowserPolicyConnector::GetRecommendedCloudProvider() const {
|
| - if (cloud_policy_subsystem_.get())
|
| - return cloud_policy_subsystem_->GetRecommendedPolicyProvider();
|
| -
|
| - return NULL;
|
| + return recommended_cloud_provider_.get();
|
| }
|
|
|
| ConfigurationPolicyProvider*
|
| @@ -162,11 +179,12 @@ ConfigurationPolicyProvider*
|
| #endif
|
| }
|
|
|
| -void BrowserPolicyConnector::SetCredentials(const std::string& owner_email,
|
| - const std::string& gaia_token) {
|
| +void BrowserPolicyConnector::SetDeviceCredentials(
|
| + const std::string& owner_email,
|
| + const std::string& gaia_token) {
|
| #if defined(OS_CHROMEOS)
|
| - if (identity_strategy_.get())
|
| - identity_strategy_->SetAuthCredentials(owner_email, gaia_token);
|
| + if (device_identity_strategy_.get())
|
| + device_identity_strategy_->SetAuthCredentials(owner_email, gaia_token);
|
| #endif
|
| }
|
|
|
| @@ -197,30 +215,149 @@ std::string BrowserPolicyConnector::GetEnterpriseDomain() {
|
| return std::string();
|
| }
|
|
|
| -void BrowserPolicyConnector::StopAutoRetry() {
|
| - if (cloud_policy_subsystem_.get())
|
| - cloud_policy_subsystem_->StopAutoRetry();
|
| +void BrowserPolicyConnector::DeviceStopAutoRetry() {
|
| +#if defined(OS_CHROMEOS)
|
| + if (device_cloud_policy_subsystem_.get())
|
| + device_cloud_policy_subsystem_->StopAutoRetry();
|
| +#endif
|
| }
|
|
|
| -void BrowserPolicyConnector::FetchPolicy() {
|
| +void BrowserPolicyConnector::FetchDevicePolicy() {
|
| #if defined(OS_CHROMEOS)
|
| - if (identity_strategy_.get())
|
| - return identity_strategy_->FetchPolicy();
|
| + if (device_identity_strategy_.get())
|
| + return device_identity_strategy_->FetchPolicy();
|
| #endif
|
| }
|
|
|
| -void BrowserPolicyConnector::Initialize() {
|
| - if (cloud_policy_subsystem_.get()) {
|
| - cloud_policy_subsystem_->Initialize(
|
| - prefs::kDevicePolicyRefreshRate,
|
| +void BrowserPolicyConnector::InitializeUserPolicy(std::string& user_name,
|
| + const FilePath& policy_dir,
|
| + TokenService* token_service) {
|
| + // Throw away the old backend.
|
| + user_cloud_policy_subsystem_.reset();
|
| + user_identity_strategy_.reset();
|
| + registrar_.RemoveAll();
|
| +
|
| + CommandLine* command_line = CommandLine::ForCurrentProcess();
|
| + if (command_line->HasSwitch(switches::kDeviceManagementUrl)) {
|
| + token_service_ = token_service;
|
| + if (token_service_) {
|
| + registrar_.Add(this,
|
| + NotificationType::TOKEN_AVAILABLE,
|
| + Source<TokenService>(token_service_));
|
| + }
|
| +
|
| + FilePath policy_cache_dir = policy_dir.Append(kPolicyDir);
|
| + UserPolicyCache* user_policy_cache =
|
| + new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile));
|
| +
|
| + // Prepending user caches meaning they will take precedence of device policy
|
| + // caches.
|
| + managed_cloud_provider_->PrependCache(user_policy_cache);
|
| + recommended_cloud_provider_->PrependCache(user_policy_cache);
|
| + user_identity_strategy_.reset(
|
| + new UserPolicyIdentityStrategy(
|
| + user_name,
|
| + policy_cache_dir.Append(kTokenCacheFile)));
|
| + user_cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
|
| + user_identity_strategy_.get(),
|
| + user_policy_cache));
|
| +
|
| + // Initiate the DM-Token load.
|
| + user_identity_strategy_->LoadTokenCache();
|
| +
|
| + // In case the token of |token_service_| is already available we set it
|
| + // directly, since there will be no notification for it.
|
| + if (token_service_) {
|
| + if (token_service_->HasTokenForService(
|
| + GaiaConstants::kDeviceManagementService)) {
|
| + user_identity_strategy_->SetAuthToken(
|
| + token_service_->GetTokenForService(
|
| + GaiaConstants::kDeviceManagementService));
|
| + }
|
| + }
|
| +
|
| + user_cloud_policy_subsystem_->Initialize(
|
| + prefs::kUserPolicyRefreshRate,
|
| kServiceInitializationStartupDelay);
|
| }
|
| }
|
|
|
| void BrowserPolicyConnector::ScheduleServiceInitialization(
|
| int64 delay_milliseconds) {
|
| - if (cloud_policy_subsystem_.get())
|
| - cloud_policy_subsystem_->ScheduleServiceInitialization(delay_milliseconds);
|
| + if (user_cloud_policy_subsystem_.get()) {
|
| + user_cloud_policy_subsystem_->
|
| + ScheduleServiceInitialization(delay_milliseconds);
|
| + }
|
| +#if defined(OS_CHROMEOS)
|
| + if (device_cloud_policy_subsystem_.get()) {
|
| + device_cloud_policy_subsystem_->
|
| + ScheduleServiceInitialization(delay_milliseconds);
|
| + }
|
| +#endif
|
| +}
|
| +
|
| +void BrowserPolicyConnector::InitializeDevicePolicy() {
|
| +#if defined(OS_CHROMEOS)
|
| + // Throw away the old backend.
|
| + device_cloud_policy_subsystem_.reset();
|
| + device_identity_strategy_.reset();
|
| +
|
| + CommandLine* command_line = CommandLine::ForCurrentProcess();
|
| + if (command_line->HasSwitch(switches::kEnableDevicePolicy)) {
|
| + device_cloud_policy_subsystem_.reset();
|
| + device_identity_strategy_.reset();
|
| +
|
| + device_identity_strategy_.reset(new DevicePolicyIdentityStrategy());
|
| + install_attributes_.reset(new EnterpriseInstallAttributes(
|
| + chromeos::CrosLibrary::Get()->GetCryptohomeLibrary()));
|
| + DevicePolicyCache* device_policy_cache =
|
| + new DevicePolicyCache(device_identity_strategy_.get(),
|
| + install_attributes_.get());
|
| +
|
| + managed_cloud_provider_->AppendCache(device_policy_cache);
|
| + recommended_cloud_provider_->AppendCache(device_policy_cache);
|
| +
|
| + device_cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
|
| + device_identity_strategy_.get(),
|
| + device_policy_cache));
|
| +
|
| + // Initialize the subsystem once the message loops are spinning.
|
| + MessageLoop::current()->PostTask(
|
| + FROM_HERE,
|
| + method_factory_.NewRunnableMethod(
|
| + &BrowserPolicyConnector::InitializeDevicePolicySubsystem));
|
| + }
|
| +#endif
|
| +}
|
| +
|
| +void BrowserPolicyConnector::InitializeDevicePolicySubsystem() {
|
| +#if defined(OS_CHROMEOS)
|
| + if (device_cloud_policy_subsystem_.get()) {
|
| + device_cloud_policy_subsystem_->Initialize(
|
| + prefs::kDevicePolicyRefreshRate,
|
| + kServiceInitializationStartupDelay);
|
| + }
|
| +#endif
|
| +}
|
| +
|
| +void BrowserPolicyConnector::Observe(NotificationType type,
|
| + const NotificationSource& source,
|
| + const NotificationDetails& details) {
|
| + DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
|
| + if (type == NotificationType::TOKEN_AVAILABLE) {
|
| + const TokenService* token_source =
|
| + Source<const TokenService>(source).ptr();
|
| + DCHECK_EQ(token_service_, token_source);
|
| + const TokenService::TokenAvailableDetails* token_details =
|
| + Details<const TokenService::TokenAvailableDetails>(details).ptr();
|
| + if (token_details->service() == GaiaConstants::kDeviceManagementService) {
|
| + if (user_identity_strategy_.get()) {
|
| + user_identity_strategy_->SetAuthToken(token_details->token());
|
| + }
|
| + }
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| }
|
|
|
| } // namespace
|
|
|
Chromium Code Reviews
Issue 6979011:
Move user cloud policy to BrowserProcess. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src