Move user cloud policy to BrowserProcess.

chrome/browser/policy/user_policy_connector.cc

Index: chrome/browser/policy/user_policy_connector.cc
diff --git a/chrome/browser/policy/user_policy_connector.cc b/chrome/browser/policy/user_policy_connector.cc
new file mode 100644
index 0000000000000000000000000000000000000000..7772f68069a8ac6bb5c4e6b14bc7142c63c0486c
--- /dev/null
+++ b/chrome/browser/policy/user_policy_connector.cc
@@ -0,0 +1,145 @@
+// Copyright (c) 2011 The Chromium Authors. All rights reserved.
+// Use of this source code is governed by a BSD-style license that can be
+// found in the LICENSE file.
+
+#include <algorithm>
+#include <string>
+
+#include "base/command_line.h"
+#include "chrome/browser/browser_process.h"
+#include "chrome/browser/net/gaia/token_service.h"
+#include "chrome/browser/policy/browser_policy_connector.h"
+#include "chrome/browser/policy/cloud_policy_provider.h"
+#include "chrome/browser/policy/cloud_policy_subsystem.h"
+#include "chrome/browser/policy/configuration_policy_pref_store.h"
+#include "chrome/browser/policy/user_policy_connector.h"
+#include "chrome/browser/policy/user_policy_cache.h"
+#include "chrome/browser/policy/user_policy_identity_strategy.h"
+#include "chrome/browser/prefs/pref_service.h"
+#include "chrome/common/net/gaia/gaia_constants.h"
+#include "chrome/common/chrome_switches.h"
+#include "content/common/notification_details.h"
+#include "content/common/notification_service.h"
+#include "content/common/notification_source.h"
+
+#if defined(OS_CHROMEOS)
+#include "chrome/browser/chromeos/login/user_manager.h"
+#endif
+
+namespace {
+
+const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management");
+const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token");
+const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy");
+
+}  // namespace
+
+namespace policy {
+
+// static
+UserPolicyConnector* UserPolicyConnector::Create() {
+  return new UserPolicyConnector();
+}

[Joao da Silva, 2011/05/31 14:50:23]

Why a static Create() instead of making the ctor public?

[sfeuz, 2011/06/03 08:30:35]

Obsolete.

+
+UserPolicyConnector::UserPolicyConnector() {
+    managed_cloud_provider_.reset(new CloudPolicyProvider(
+        ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
+        CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY));
+    recommended_cloud_provider_.reset(new CloudPolicyProvider(
+        ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(),
+        CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED));
+}
+
+UserPolicyConnector::~UserPolicyConnector() {
+  managed_cloud_provider_.reset();
+  recommended_cloud_provider_.reset();
+  cloud_policy_subsystem_.reset();
+  identity_strategy_.reset();
+}
+
+void UserPolicyConnector::Initialize(std::string& user_name,
+                                        const FilePath& policy_dir,

[Mattias Nissler (ping if slow), 2011/05/31 14:14:19]

indentation

[sfeuz, 2011/06/03 08:30:35]

Done.

+                                        TokenService* token_service) {
+  // Throw away the old backend.
+  cloud_policy_subsystem_.reset();
+  identity_strategy_.reset();
+  registrar_.RemoveAll();
+
+  CommandLine* command_line = CommandLine::ForCurrentProcess();
+  if (command_line->HasSwitch(switches::kDeviceManagementUrl)) {
+    token_service_ = token_service;
+    registrar_.Add(this,
+                   NotificationType::TOKEN_AVAILABLE,
+                   Source<TokenService>(token_service_));
+
+    // Register for the event of user login on CrOS to make sure that the user
+    // is not changing while the UserPolicyConnector is active.
+#if defined(OS_CHROMEOS)
+    registrar_.Add(this,
+                   NotificationType::LOGIN_USER_CHANGED,
+                   NotificationService::AllSources());
+#endif
+    FilePath policy_cache_dir = policy_dir.Append(kPolicyDir);
+    UserPolicyCache* user_policy_cache =
+      new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile));

[Mattias Nissler (ping if slow), 2011/05/31 14:14:19]

indentation

[sfeuz, 2011/06/03 08:30:35]

Done.

+    managed_cloud_provider_->set_cache(user_policy_cache);
+    recommended_cloud_provider_->set_cache(user_policy_cache);
+    identity_strategy_.reset(new UserPolicyIdentityStrategy(user_name,
+                             policy_cache_dir.Append(kTokenCacheFile)));
+    cloud_policy_subsystem_.reset(new CloudPolicySubsystem(
+        identity_strategy_.get(),
+        user_policy_cache));
+
+    // Initiate the DM-Token load.
+    identity_strategy_->LoadTokenCache();
+
+    // In case the token of |token_service_| is already available we set it
+    // directly, since there will be no notification for it.
+    if (token_service_->HasTokenForService(
+            GaiaConstants::kDeviceManagementService)) {
+      identity_strategy_->SetAuthToken(
+          token_service_->GetTokenForService(
+              GaiaConstants::kDeviceManagementService));
+    }
+
+    // TODO(sfeuz): This already assumes that user policy refresh rate
+    // preference lives in local_state. Adapted once the PolicyRefreshRate CL is
+    // landed.
+    cloud_policy_subsystem_->Initialize(g_browser_process->local_state());
+  }
+}
+
+CloudPolicyProvider*
+    UserPolicyConnector::GetManagedCloudProvider() const {
+  return managed_cloud_provider_.get();
+}
+
+CloudPolicyProvider*
+    UserPolicyConnector::GetRecommendedCloudProvider() const {
+  return recommended_cloud_provider_.get();
+}
+
+void UserPolicyConnector::Observe(NotificationType type,
+                                     const NotificationSource& source,

[Joao da Silva, 2011/05/31 14:50:23]

Nit: indentation.

[sfeuz, 2011/06/03 08:30:35]

Done.

+                                     const NotificationDetails& details) {
+  DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI));
+  if (type == NotificationType::TOKEN_AVAILABLE) {
+    const TokenService::TokenAvailableDetails* token_details =
+        Details<const TokenService::TokenAvailableDetails>(details).ptr();
+    if (token_details->service() == GaiaConstants::kDeviceManagementService)

[Mattias Nissler (ping if slow), 2011/05/31 14:14:19]

You should also make sure that |source| corresponds to |token_service_|

[sfeuz, 2011/06/03 08:30:35]

Done.

+      if (identity_strategy_.get())
+        identity_strategy_->SetAuthToken(token_details->token());
+#if defined(OS_CHROMEOS)
+  } else if (type == NotificationType::LOGIN_USER_CHANGED) {

[Mattias Nissler (ping if slow), 2011/05/31 14:14:19]

I don't understand why we require handling this notification at all. Just for
making the DCHECK?

[sfeuz, 2011/06/03 08:30:35]

Basically yes.
Also still debugging what happens if Chrome instance is killed and then
relaunched with the user directly logged in...

+    const chromeos::UserManager::User* user_details =
+      Details<const chromeos::UserManager::User>(details).ptr();
+    std::string current_username, current_auth_token;
+    identity_strategy_->GetCredentials(&current_username, &current_auth_token);
+    DCHECK_EQ(current_username, user_details->email());
+#endif
+  } else {
+    NOTREACHED();
+  }
+}
+
+}  // namespace policy