Chromium Code Reviews Chromium Code Reviews
Issue 7105018:
UMA metrics for cloud policies. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/login/enterprise_enrollment_screen.h" | 5 #include "chrome/browser/chromeos/login/enterprise_enrollment_screen.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "chrome/browser/browser_process.h" | 8 #include "chrome/browser/browser_process.h" |
| 9 #include "chrome/browser/chromeos/cros/cros_library.h" | 9 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 10 #include "chrome/browser/chromeos/cros/cryptohome_library.h" | 10 #include "chrome/browser/chromeos/cros/cryptohome_library.h" |
| 11 #include "chrome/browser/chromeos/login/screen_observer.h" | 11 #include "chrome/browser/chromeos/login/screen_observer.h" |
| 12 #include "chrome/browser/policy/browser_policy_connector.h" | 12 #include "chrome/browser/policy/browser_policy_connector.h" |
| 13 #include "chrome/browser/policy/enterprise_metrics.h" | |
| 13 #include "chrome/common/net/gaia/gaia_constants.h" | 14 #include "chrome/common/net/gaia/gaia_constants.h" |
| 14 | 15 |
| 15 namespace chromeos { | 16 namespace chromeos { |
| 16 | 17 |
| 18 namespace em = enterprise_management; | |
| 19 | |
| 17 // Retry for InstallAttrs initialization every 500ms. | 20 // Retry for InstallAttrs initialization every 500ms. |
| 18 const int kLockRetryIntervalMs = 500; | 21 const int kLockRetryIntervalMs = 500; |
| 19 | 22 |
| 20 EnterpriseEnrollmentScreen::EnterpriseEnrollmentScreen( | 23 EnterpriseEnrollmentScreen::EnterpriseEnrollmentScreen( |
| 21 ViewScreenDelegate* delegate) | 24 ViewScreenDelegate* delegate) |
| 22 : ViewScreen<EnterpriseEnrollmentView>(delegate), | 25 : ViewScreen<EnterpriseEnrollmentView>(delegate), |
| 23 ALLOW_THIS_IN_INITIALIZER_LIST(runnable_method_factory_(this)) { | 26 ALLOW_THIS_IN_INITIALIZER_LIST(runnable_method_factory_(this)) { |
| 24 // Init the TPM if it has not been done until now (in debug build we might | 27 // Init the TPM if it has not been done until now (in debug build we might |
| 25 // have not done that yet). | 28 // have not done that yet). |
| 26 chromeos::CryptohomeLibrary* cryptohome = | 29 chromeos::CryptohomeLibrary* cryptohome = |
| 27 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary(); | 30 chromeos::CrosLibrary::Get()->GetCryptohomeLibrary(); |
| 28 if (cryptohome) { | 31 if (cryptohome) { |
| 29 if (cryptohome->TpmIsEnabled() && | 32 if (cryptohome->TpmIsEnabled() && |
| 30 !cryptohome->TpmIsBeingOwned() && | 33 !cryptohome->TpmIsBeingOwned() && |
| 31 !cryptohome->TpmIsOwned()) { | 34 !cryptohome->TpmIsOwned()) { |
| 32 cryptohome->TpmCanAttemptOwnership(); | 35 cryptohome->TpmCanAttemptOwnership(); |
| 33 } | 36 } |
| 34 } | 37 } |
| 35 } | 38 } |
| 36 | 39 |
| 37 EnterpriseEnrollmentScreen::~EnterpriseEnrollmentScreen() {} | 40 EnterpriseEnrollmentScreen::~EnterpriseEnrollmentScreen() {} |
| 38 | 41 |
| 39 void EnterpriseEnrollmentScreen::Authenticate(const std::string& user, | 42 void EnterpriseEnrollmentScreen::Authenticate(const std::string& user, |
| 40 const std::string& password, | 43 const std::string& password, |
| 41 const std::string& captcha, | 44 const std::string& captcha, |
| 42 const std::string& access_code) { | 45 const std::string& access_code) { |
| 46 em::LogEnrollmentOperation(em::kEnrollmentStarted); | |
| 43 captcha_token_.clear(); | 47 captcha_token_.clear(); |
| 44 user_ = user; | 48 user_ = user; |
| 45 auth_fetcher_.reset( | 49 auth_fetcher_.reset( |
| 46 new GaiaAuthFetcher(this, GaiaConstants::kChromeSource, | 50 new GaiaAuthFetcher(this, GaiaConstants::kChromeSource, |
| 47 g_browser_process->system_request_context())); | 51 g_browser_process->system_request_context())); |
| 48 | 52 |
| 49 if (access_code.empty()) { | 53 if (access_code.empty()) { |
| 50 auth_fetcher_->StartClientLogin(user, password, | 54 auth_fetcher_->StartClientLogin(user, password, |
| 51 GaiaConstants::kDeviceManagementService, | 55 GaiaConstants::kDeviceManagementService, |
| 52 captcha_token_, captcha, | 56 captcha_token_, captcha, |
| 53 GaiaAuthFetcher::HostedAccountsAllowed); | 57 GaiaAuthFetcher::HostedAccountsAllowed); |
| 54 } else { | 58 } else { |
| 55 auth_fetcher_->StartClientLogin(user, access_code, | 59 auth_fetcher_->StartClientLogin(user, access_code, |
| 56 GaiaConstants::kDeviceManagementService, | 60 GaiaConstants::kDeviceManagementService, |
| 57 std::string(), std::string(), | 61 std::string(), std::string(), |
| 58 GaiaAuthFetcher::HostedAccountsAllowed); | 62 GaiaAuthFetcher::HostedAccountsAllowed); |
| 59 } | 63 } |
| 60 } | 64 } |
| 61 | 65 |
| 62 void EnterpriseEnrollmentScreen::CancelEnrollment() { | 66 void EnterpriseEnrollmentScreen::CancelEnrollment() { |
| 67 em::LogEnrollmentOperation(em::kEnrollmentCancelled); | |
| 63 auth_fetcher_.reset(); | 68 auth_fetcher_.reset(); |
| 64 registrar_.reset(); | 69 registrar_.reset(); |
| 65 g_browser_process->browser_policy_connector()->StopAutoRetry(); | 70 g_browser_process->browser_policy_connector()->StopAutoRetry(); |
| 66 ScreenObserver* observer = delegate()->GetObserver(); | 71 ScreenObserver* observer = delegate()->GetObserver(); |
| 67 observer->OnExit(ScreenObserver::ENTERPRISE_ENROLLMENT_CANCELLED); | 72 observer->OnExit(ScreenObserver::ENTERPRISE_ENROLLMENT_CANCELLED); |
| 68 } | 73 } |
| 69 | 74 |
| 70 void EnterpriseEnrollmentScreen::CloseConfirmation() { | 75 void EnterpriseEnrollmentScreen::CloseConfirmation() { |
| 71 auth_fetcher_.reset(); | 76 auth_fetcher_.reset(); |
| 72 ScreenObserver* observer = delegate()->GetObserver(); | 77 ScreenObserver* observer = delegate()->GetObserver(); |
| (...skipping 33 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 106 | 111 |
| 107 void EnterpriseEnrollmentScreen::OnClientLoginFailure( | 112 void EnterpriseEnrollmentScreen::OnClientLoginFailure( |
| 108 const GoogleServiceAuthError& error) { | 113 const GoogleServiceAuthError& error) { |
| 109 HandleAuthError(error); | 114 HandleAuthError(error); |
| 110 } | 115 } |
| 111 | 116 |
| 112 void EnterpriseEnrollmentScreen::OnIssueAuthTokenSuccess( | 117 void EnterpriseEnrollmentScreen::OnIssueAuthTokenSuccess( |
| 113 const std::string& service, | 118 const std::string& service, |
| 114 const std::string& auth_token) { | 119 const std::string& auth_token) { |
| 115 if (service != GaiaConstants::kDeviceManagementService) { | 120 if (service != GaiaConstants::kDeviceManagementService) { |
| 121 em::LogEnrollmentOperation(em::kEnrollmentOtherFailed); | |
| 116 NOTREACHED() << service; | 122 NOTREACHED() << service; |
| 117 return; | 123 return; |
| 118 } | 124 } |
| 119 | 125 |
| 120 scoped_ptr<GaiaAuthFetcher> auth_fetcher(auth_fetcher_.release()); | 126 scoped_ptr<GaiaAuthFetcher> auth_fetcher(auth_fetcher_.release()); |
| 121 | 127 |
| 122 policy::BrowserPolicyConnector* connector = | 128 policy::BrowserPolicyConnector* connector = |
| 123 g_browser_process->browser_policy_connector(); | 129 g_browser_process->browser_policy_connector(); |
| 124 if (!connector->cloud_policy_subsystem()) { | 130 if (!connector->cloud_policy_subsystem()) { |
| 125 NOTREACHED() << "Cloud policy subsystem not initialized."; | 131 NOTREACHED() << "Cloud policy subsystem not initialized."; |
| 132 em::LogEnrollmentOperation(em::kEnrollmentOtherFailed); | |
| 126 if (view()) | 133 if (view()) |
| 127 view()->ShowFatalEnrollmentError(); | 134 view()->ShowFatalEnrollmentError(); |
| 128 return; | 135 return; |
| 129 } | 136 } |
| 130 | 137 |
| 131 connector->ScheduleServiceInitialization(0); | 138 connector->ScheduleServiceInitialization(0); |
| 132 registrar_.reset(new policy::CloudPolicySubsystem::ObserverRegistrar( | 139 registrar_.reset(new policy::CloudPolicySubsystem::ObserverRegistrar( |
| 133 connector->cloud_policy_subsystem(), this)); | 140 connector->cloud_policy_subsystem(), this)); |
| 134 | 141 |
| 135 // Push the credentials to the policy infrastructure. It'll start enrollment | 142 // Push the credentials to the policy infrastructure. It'll start enrollment |
| 136 // and notify us of progress through CloudPolicySubsystem::Observer. | 143 // and notify us of progress through CloudPolicySubsystem::Observer. |
| 137 connector->SetCredentials(user_, auth_token); | 144 connector->SetCredentials(user_, auth_token); |
| 138 } | 145 } |
| 139 | 146 |
| 140 void EnterpriseEnrollmentScreen::OnIssueAuthTokenFailure( | 147 void EnterpriseEnrollmentScreen::OnIssueAuthTokenFailure( |
| 141 const std::string& service, | 148 const std::string& service, |
| 142 const GoogleServiceAuthError& error) { | 149 const GoogleServiceAuthError& error) { |
| 143 if (service != GaiaConstants::kDeviceManagementService) { | 150 if (service != GaiaConstants::kDeviceManagementService) { |
| 144 NOTREACHED() << service; | 151 NOTREACHED() << service; |
| 152 em::LogEnrollmentOperation(em::kEnrollmentOtherFailed); | |
| 145 return; | 153 return; |
| 146 } | 154 } |
| 147 | 155 |
| 148 HandleAuthError(error); | 156 HandleAuthError(error); |
| 149 } | 157 } |
| 150 | 158 |
| 151 void EnterpriseEnrollmentScreen::OnPolicyStateChanged( | 159 void EnterpriseEnrollmentScreen::OnPolicyStateChanged( |
| 152 policy::CloudPolicySubsystem::PolicySubsystemState state, | 160 policy::CloudPolicySubsystem::PolicySubsystemState state, |
| 153 policy::CloudPolicySubsystem::ErrorDetails error_details) { | 161 policy::CloudPolicySubsystem::ErrorDetails error_details) { |
| 154 | 162 |
| (...skipping 11 matching lines...) Expand all Loading... | |
| 166 break; | 174 break; |
| 167 case policy::CloudPolicySubsystem::NETWORK_ERROR: | 175 case policy::CloudPolicySubsystem::NETWORK_ERROR: |
| 168 view()->ShowNetworkEnrollmentError(); | 176 view()->ShowNetworkEnrollmentError(); |
| 169 break; | 177 break; |
| 170 case policy::CloudPolicySubsystem::TOKEN_FETCHED: | 178 case policy::CloudPolicySubsystem::TOKEN_FETCHED: |
| 171 WriteInstallAttributesData(); | 179 WriteInstallAttributesData(); |
| 172 return; | 180 return; |
| 173 case policy::CloudPolicySubsystem::SUCCESS: | 181 case policy::CloudPolicySubsystem::SUCCESS: |
| 174 // Success! | 182 // Success! |
| 175 registrar_.reset(); | 183 registrar_.reset(); |
| 184 em::LogEnrollmentOperation(em::kEnrollmentOK); | |
| 176 view()->ShowConfirmationScreen(); | 185 view()->ShowConfirmationScreen(); |
| 177 return; | 186 return; |
| 178 } | 187 } |
| 179 | 188 |
| 180 // We have an error. | 189 // We have an error. |
| 190 if (state == policy::CloudPolicySubsystem::UNMANAGED) { | |
| 191 em::LogEnrollmentOperation(em::kEnrollmentNotSupported); | |
| 192 } else { | |
| 193 em::LogEnrollmentOperation(em::kEnrollmentPolicyFailed); | |
| 194 } | |
| 181 LOG(WARNING) << "Policy subsystem error during enrollment: " << state | 195 LOG(WARNING) << "Policy subsystem error during enrollment: " << state |
| 182 << " details: " << error_details; | 196 << " details: " << error_details; |
| 183 } | 197 } |
| 184 | 198 |
| 185 // Stop the policy infrastructure. | 199 // Stop the policy infrastructure. |
| 186 registrar_.reset(); | 200 registrar_.reset(); |
| 187 g_browser_process->browser_policy_connector()->StopAutoRetry(); | 201 g_browser_process->browser_policy_connector()->StopAutoRetry(); |
| 188 } | 202 } |
| 189 | 203 |
| 190 EnterpriseEnrollmentView* EnterpriseEnrollmentScreen::AllocateView() { | 204 EnterpriseEnrollmentView* EnterpriseEnrollmentScreen::AllocateView() { |
| 191 return new EnterpriseEnrollmentView(this); | 205 return new EnterpriseEnrollmentView(this); |
| 192 } | 206 } |
| 193 | 207 |
| 194 void EnterpriseEnrollmentScreen::HandleAuthError( | 208 void EnterpriseEnrollmentScreen::HandleAuthError( |
| 195 const GoogleServiceAuthError& error) { | 209 const GoogleServiceAuthError& error) { |
| 196 scoped_ptr<GaiaAuthFetcher> scoped_killer(auth_fetcher_.release()); | 210 scoped_ptr<GaiaAuthFetcher> scoped_killer(auth_fetcher_.release()); |
| 197 | 211 |
| 198 if (!view()) | 212 if (!view()) |
| 199 return; | 213 return; |
| 200 | 214 |
| 201 switch (error.state()) { | 215 switch (error.state()) { |
| 216 case GoogleServiceAuthError::CONNECTION_FAILED: | |
| 217 em::LogEnrollmentOperation(em::kEnrollmentNetworkFailed); | |
| 218 view()->ShowNetworkEnrollmentError(); | |
| 219 return; | |
| 202 case GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS: | 220 case GoogleServiceAuthError::INVALID_GAIA_CREDENTIALS: |
| 203 case GoogleServiceAuthError::CONNECTION_FAILED: | |
| 204 case GoogleServiceAuthError::CAPTCHA_REQUIRED: | 221 case GoogleServiceAuthError::CAPTCHA_REQUIRED: |
| 205 case GoogleServiceAuthError::TWO_FACTOR: | 222 case GoogleServiceAuthError::TWO_FACTOR: |
| 223 em::LogEnrollmentOperation(em::kEnrollmentLoginFailed); | |
| 206 view()->ShowAuthError(error); | 224 view()->ShowAuthError(error); |
| 207 return; | 225 return; |
| 208 case GoogleServiceAuthError::USER_NOT_SIGNED_UP: | 226 case GoogleServiceAuthError::USER_NOT_SIGNED_UP: |
| 209 case GoogleServiceAuthError::ACCOUNT_DELETED: | 227 case GoogleServiceAuthError::ACCOUNT_DELETED: |
| 210 case GoogleServiceAuthError::ACCOUNT_DISABLED: | 228 case GoogleServiceAuthError::ACCOUNT_DISABLED: |
| 211 case GoogleServiceAuthError::SERVICE_UNAVAILABLE: | 229 case GoogleServiceAuthError::SERVICE_UNAVAILABLE: |
|
kmixter1
2011/06/28 01:06:02
is SERVICE_UNAVAILABLE a network/service transient
Joao da Silva
2011/06/30 12:57:00
It's an error that can be returned from gaia, and
kmixter1
2011/06/30 23:28:59
Agree - from your description it sounds like it is
| |
| 230 em::LogEnrollmentOperation(em::kEnrollmentNotSupported); | |
| 212 view()->ShowAccountError(); | 231 view()->ShowAccountError(); |
| 213 return; | 232 return; |
| 214 case GoogleServiceAuthError::NONE: | 233 case GoogleServiceAuthError::NONE: |
| 215 case GoogleServiceAuthError::HOSTED_NOT_ALLOWED: | 234 case GoogleServiceAuthError::HOSTED_NOT_ALLOWED: |
| 216 NOTREACHED() << error.state(); | 235 NOTREACHED() << error.state(); |
| 217 // fall through. | 236 // fall through. |
| 218 case GoogleServiceAuthError::REQUEST_CANCELED: | 237 case GoogleServiceAuthError::REQUEST_CANCELED: |
| 219 LOG(ERROR) << "Unexpected GAIA auth error: " << error.state(); | 238 LOG(ERROR) << "Unexpected GAIA auth error: " << error.state(); |
| 239 em::LogEnrollmentOperation(em::kEnrollmentNetworkFailed); | |
| 220 view()->ShowFatalAuthError(); | 240 view()->ShowFatalAuthError(); |
| 221 return; | 241 return; |
| 222 } | 242 } |
| 223 | 243 |
| 224 NOTREACHED() << error.state(); | 244 NOTREACHED() << error.state(); |
| 245 em::LogEnrollmentOperation(em::kEnrollmentOtherFailed); | |
| 225 } | 246 } |
| 226 | 247 |
| 227 void EnterpriseEnrollmentScreen::WriteInstallAttributesData() { | 248 void EnterpriseEnrollmentScreen::WriteInstallAttributesData() { |
| 228 // Since this method is also called directly. | 249 // Since this method is also called directly. |
| 229 runnable_method_factory_.RevokeAll(); | 250 runnable_method_factory_.RevokeAll(); |
| 230 | 251 |
| 231 if (!view()) | 252 if (!view()) |
| 232 return; | 253 return; |
| 233 | 254 |
| 234 switch (g_browser_process->browser_policy_connector()->LockDevice(user_)) { | 255 switch (g_browser_process->browser_policy_connector()->LockDevice(user_)) { |
| (...skipping 24 matching lines...) Expand all Loading... | |
| 259 << "has been locked already!"; | 280 << "has been locked already!"; |
| 260 view()->ShowFatalEnrollmentError(); | 281 view()->ShowFatalEnrollmentError(); |
| 261 return; | 282 return; |
| 262 } | 283 } |
| 263 } | 284 } |
| 264 | 285 |
| 265 NOTREACHED(); | 286 NOTREACHED(); |
| 266 } | 287 } |
| 267 | 288 |
| 268 } // namespace chromeos | 289 } // namespace chromeos |
| OLD | NEW |
