Index: chrome/browser/policy/browser_policy_connector.cc |
diff --git a/chrome/browser/policy/browser_policy_connector.cc b/chrome/browser/policy/browser_policy_connector.cc |
index cd42d59c95037950dc57e6ead5f83754a49b022b..a2d311256f9fbf8a65077850d7c34f4a49f6a847 100644 |
--- a/chrome/browser/policy/browser_policy_connector.cc |
+++ b/chrome/browser/policy/browser_policy_connector.cc |
@@ -6,14 +6,22 @@ |
#include "base/command_line.h" |
#include "base/path_service.h" |
-#include "chrome/browser/browser_process.h" |
+#include "chrome/browser/net/gaia/token_service.h" |
+#include "chrome/browser/policy/cloud_policy_provider.h" |
+#include "chrome/browser/policy/cloud_policy_provider_impl.h" |
#include "chrome/browser/policy/cloud_policy_subsystem.h" |
#include "chrome/browser/policy/configuration_policy_pref_store.h" |
#include "chrome/browser/policy/configuration_policy_provider.h" |
+#include "chrome/browser/policy/dummy_cloud_policy_provider.h" |
#include "chrome/browser/policy/dummy_configuration_policy_provider.h" |
+#include "chrome/browser/policy/user_policy_cache.h" |
+#include "chrome/browser/policy/user_policy_identity_strategy.h" |
#include "chrome/common/chrome_paths.h" |
#include "chrome/common/chrome_switches.h" |
+#include "chrome/common/net/gaia/gaia_constants.h" |
#include "chrome/common/pref_names.h" |
+#include "content/common/notification_details.h" |
+#include "content/common/notification_source.h" |
#if defined(OS_WIN) |
#include "chrome/browser/policy/configuration_policy_provider_win.h" |
@@ -27,13 +35,20 @@ |
#include "chrome/browser/chromeos/cros/cros_library.h" |
#include "chrome/browser/policy/device_policy_cache.h" |
#include "chrome/browser/policy/device_policy_identity_strategy.h" |
-#include "chrome/browser/policy/enterprise_install_attributes.h" |
+#include "content/common/notification_service.h" |
#endif |
namespace policy { |
namespace { |
+// Subdirectory in the user's profile for storing user policies. |
+const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management"); |
+// File in the above directory for stroing user policy dmtokens. |
+const FilePath::CharType kTokenCacheFile[] = FILE_PATH_LITERAL("Token"); |
+// File in the above directory for storing user policy data. |
+const FilePath::CharType kPolicyCacheFile[] = FILE_PATH_LITERAL("Policy"); |
+ |
// The following constants define delays applied before the initial policy fetch |
// on startup. (So that displaying Chrome's GUI does not get delayed.) |
// Delay in milliseconds from startup. |
@@ -52,8 +67,10 @@ BrowserPolicyConnector* BrowserPolicyConnector::CreateForTests() { |
policy_list = ConfigurationPolicyPrefStore:: |
GetChromePolicyDefinitionList(); |
return new BrowserPolicyConnector( |
- new DummyConfigurationPolicyProvider(policy_list), |
- new DummyConfigurationPolicyProvider(policy_list)); |
+ new policy::DummyConfigurationPolicyProvider(policy_list), |
+ new policy::DummyConfigurationPolicyProvider(policy_list), |
+ new policy::DummyCloudPolicyProvider(policy_list), |
+ new policy::DummyCloudPolicyProvider(policy_list)); |
} |
BrowserPolicyConnector::BrowserPolicyConnector() |
@@ -61,39 +78,43 @@ BrowserPolicyConnector::BrowserPolicyConnector() |
managed_platform_provider_.reset(CreateManagedPlatformProvider()); |
recommended_platform_provider_.reset(CreateRecommendedPlatformProvider()); |
-#if defined(OS_CHROMEOS) |
- CommandLine* command_line = CommandLine::ForCurrentProcess(); |
- if (command_line->HasSwitch(switches::kEnableDevicePolicy)) { |
- identity_strategy_.reset(new DevicePolicyIdentityStrategy()); |
- install_attributes_.reset(new EnterpriseInstallAttributes( |
- chromeos::CrosLibrary::Get()->GetCryptohomeLibrary())); |
- cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
- identity_strategy_.get(), |
- new DevicePolicyCache(identity_strategy_.get(), |
- install_attributes_.get()))); |
+ managed_cloud_provider_.reset(new CloudPolicyProviderImpl( |
+ ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
+ CloudPolicyCacheBase::POLICY_LEVEL_MANDATORY)); |
+ recommended_cloud_provider_.reset(new CloudPolicyProviderImpl( |
+ ConfigurationPolicyPrefStore::GetChromePolicyDefinitionList(), |
+ CloudPolicyCacheBase::POLICY_LEVEL_RECOMMENDED)); |
- // Initialize the subsystem once the message loops are spinning. |
- MessageLoop::current()->PostTask( |
- FROM_HERE, |
- method_factory_.NewRunnableMethod(&BrowserPolicyConnector::Initialize)); |
- } |
+#if defined(OS_CHROMEOS) |
+ InitializeDevicePolicy(); |
#endif |
} |
BrowserPolicyConnector::BrowserPolicyConnector( |
ConfigurationPolicyProvider* managed_platform_provider, |
- ConfigurationPolicyProvider* recommended_platform_provider) |
+ ConfigurationPolicyProvider* recommended_platform_provider, |
+ CloudPolicyProvider* managed_cloud_provider, |
+ CloudPolicyProvider* recommended_cloud_provider) |
: managed_platform_provider_(managed_platform_provider), |
recommended_platform_provider_(recommended_platform_provider), |
+ managed_cloud_provider_(managed_cloud_provider), |
+ recommended_cloud_provider_(recommended_cloud_provider), |
ALLOW_THIS_IN_INITIALIZER_LIST(method_factory_(this)) {} |
BrowserPolicyConnector::~BrowserPolicyConnector() { |
- if (cloud_policy_subsystem_.get()) |
- cloud_policy_subsystem_->Shutdown(); |
- cloud_policy_subsystem_.reset(); |
+ // Shutdown device cloud policy. |
#if defined(OS_CHROMEOS) |
- identity_strategy_.reset(); |
+ if (device_cloud_policy_subsystem_.get()) |
+ device_cloud_policy_subsystem_->Shutdown(); |
+ device_cloud_policy_subsystem_.reset(); |
+ device_identity_strategy_.reset(); |
#endif |
+ |
+ // Shutdown user cloud policy. |
+ if (user_cloud_policy_subsystem_.get()) |
+ user_cloud_policy_subsystem_->Shutdown(); |
+ user_cloud_policy_subsystem_.reset(); |
+ user_identity_strategy_.reset(); |
} |
ConfigurationPolicyProvider* |
@@ -103,10 +124,7 @@ ConfigurationPolicyProvider* |
ConfigurationPolicyProvider* |
BrowserPolicyConnector::GetManagedCloudProvider() const { |
- if (cloud_policy_subsystem_.get()) |
- return cloud_policy_subsystem_->GetManagedPolicyProvider(); |
- |
- return NULL; |
+ return managed_cloud_provider_.get(); |
} |
ConfigurationPolicyProvider* |
@@ -116,10 +134,7 @@ ConfigurationPolicyProvider* |
ConfigurationPolicyProvider* |
BrowserPolicyConnector::GetRecommendedCloudProvider() const { |
- if (cloud_policy_subsystem_.get()) |
- return cloud_policy_subsystem_->GetRecommendedPolicyProvider(); |
- |
- return NULL; |
+ return recommended_cloud_provider_.get(); |
} |
ConfigurationPolicyProvider* |
@@ -162,11 +177,12 @@ ConfigurationPolicyProvider* |
#endif |
} |
-void BrowserPolicyConnector::SetCredentials(const std::string& owner_email, |
- const std::string& gaia_token) { |
+void BrowserPolicyConnector::SetDeviceCredentials( |
+ const std::string& owner_email, |
+ const std::string& gaia_token) { |
#if defined(OS_CHROMEOS) |
- if (identity_strategy_.get()) |
- identity_strategy_->SetAuthCredentials(owner_email, gaia_token); |
+ if (device_identity_strategy_.get()) |
+ device_identity_strategy_->SetAuthCredentials(owner_email, gaia_token); |
#endif |
} |
@@ -197,30 +213,142 @@ std::string BrowserPolicyConnector::GetEnterpriseDomain() { |
return std::string(); |
} |
-void BrowserPolicyConnector::StopAutoRetry() { |
- if (cloud_policy_subsystem_.get()) |
- cloud_policy_subsystem_->StopAutoRetry(); |
+void BrowserPolicyConnector::DeviceStopAutoRetry() { |
+#if defined(OS_CHROMEOS) |
+ if (device_cloud_policy_subsystem_.get()) |
+ device_cloud_policy_subsystem_->StopAutoRetry(); |
+#endif |
} |
-void BrowserPolicyConnector::FetchPolicy() { |
+void BrowserPolicyConnector::FetchDevicePolicy() { |
#if defined(OS_CHROMEOS) |
- if (identity_strategy_.get()) |
- return identity_strategy_->FetchPolicy(); |
+ if (device_identity_strategy_.get()) |
+ return device_identity_strategy_->FetchPolicy(); |
#endif |
} |
-void BrowserPolicyConnector::Initialize() { |
- if (cloud_policy_subsystem_.get()) { |
- cloud_policy_subsystem_->CompleteInitialization( |
- prefs::kDevicePolicyRefreshRate, |
+void BrowserPolicyConnector::InitializeUserPolicy(const std::string& user_name, |
+ const FilePath& policy_dir, |
+ TokenService* token_service) { |
+ DCHECK(token_service); |
+ |
+ // Throw away the old backend. |
+ user_cloud_policy_subsystem_.reset(); |
+ user_identity_strategy_.reset(); |
+ registrar_.RemoveAll(); |
+ |
+ CommandLine* command_line = CommandLine::ForCurrentProcess(); |
+ if (command_line->HasSwitch(switches::kDeviceManagementUrl)) { |
+ token_service_ = token_service; |
+ registrar_.Add(this, |
+ NotificationType::TOKEN_AVAILABLE, |
+ Source<TokenService>(token_service_)); |
+ |
+ FilePath policy_cache_dir = policy_dir.Append(kPolicyDir); |
+ UserPolicyCache* user_policy_cache = |
+ new UserPolicyCache(policy_cache_dir.Append(kPolicyCacheFile)); |
+ |
+ // Prepending user caches meaning they will take precedence of device policy |
+ // caches. |
+ managed_cloud_provider_->PrependCache(user_policy_cache); |
+ recommended_cloud_provider_->PrependCache(user_policy_cache); |
+ user_identity_strategy_.reset( |
+ new UserPolicyIdentityStrategy( |
+ user_name, |
+ policy_cache_dir.Append(kTokenCacheFile))); |
+ user_cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
+ user_identity_strategy_.get(), |
+ user_policy_cache)); |
+ |
+ // Initiate the DM-Token load. |
+ user_identity_strategy_->LoadTokenCache(); |
+ |
+ if (token_service_->HasTokenForService( |
+ GaiaConstants::kDeviceManagementService)) { |
+ user_identity_strategy_->SetAuthToken( |
+ token_service_->GetTokenForService( |
+ GaiaConstants::kDeviceManagementService)); |
+ } |
+ |
+ user_cloud_policy_subsystem_->CompleteInitialization( |
+ prefs::kUserPolicyRefreshRate, |
kServiceInitializationStartupDelay); |
} |
} |
void BrowserPolicyConnector::ScheduleServiceInitialization( |
int64 delay_milliseconds) { |
- if (cloud_policy_subsystem_.get()) |
- cloud_policy_subsystem_->ScheduleServiceInitialization(delay_milliseconds); |
+ if (user_cloud_policy_subsystem_.get()) { |
+ user_cloud_policy_subsystem_-> |
+ ScheduleServiceInitialization(delay_milliseconds); |
+ } |
+#if defined(OS_CHROMEOS) |
+ if (device_cloud_policy_subsystem_.get()) { |
+ device_cloud_policy_subsystem_-> |
+ ScheduleServiceInitialization(delay_milliseconds); |
+ } |
+#endif |
+} |
+ |
+void BrowserPolicyConnector::InitializeDevicePolicy() { |
+#if defined(OS_CHROMEOS) |
+ // Throw away the old backend. |
+ device_cloud_policy_subsystem_.reset(); |
+ device_identity_strategy_.reset(); |
+ |
+ CommandLine* command_line = CommandLine::ForCurrentProcess(); |
+ if (command_line->HasSwitch(switches::kEnableDevicePolicy)) { |
+ device_identity_strategy_.reset(new DevicePolicyIdentityStrategy()); |
+ install_attributes_.reset(new EnterpriseInstallAttributes( |
+ chromeos::CrosLibrary::Get()->GetCryptohomeLibrary())); |
+ DevicePolicyCache* device_policy_cache = |
+ new DevicePolicyCache(device_identity_strategy_.get(), |
+ install_attributes_.get()); |
+ |
+ managed_cloud_provider_->AppendCache(device_policy_cache); |
+ recommended_cloud_provider_->AppendCache(device_policy_cache); |
+ |
+ device_cloud_policy_subsystem_.reset(new CloudPolicySubsystem( |
+ device_identity_strategy_.get(), |
+ device_policy_cache)); |
+ |
+ // Initialize the subsystem once the message loops are spinning. |
+ MessageLoop::current()->PostTask( |
+ FROM_HERE, |
+ method_factory_.NewRunnableMethod( |
+ &BrowserPolicyConnector::InitializeDevicePolicySubsystem)); |
+ } |
+#endif |
+} |
+ |
+void BrowserPolicyConnector::InitializeDevicePolicySubsystem() { |
+#if defined(OS_CHROMEOS) |
+ if (device_cloud_policy_subsystem_.get()) { |
+ device_cloud_policy_subsystem_->CompleteInitialization( |
+ prefs::kDevicePolicyRefreshRate, |
+ kServiceInitializationStartupDelay); |
+ } |
+#endif |
+} |
+ |
+void BrowserPolicyConnector::Observe(NotificationType type, |
+ const NotificationSource& source, |
+ const NotificationDetails& details) { |
+ DCHECK(BrowserThread::CurrentlyOn(BrowserThread::UI)); |
+ if (type == NotificationType::TOKEN_AVAILABLE) { |
+ const TokenService* token_source = |
+ Source<const TokenService>(source).ptr(); |
+ DCHECK_EQ(token_service_, token_source); |
+ const TokenService::TokenAvailableDetails* token_details = |
+ Details<const TokenService::TokenAvailableDetails>(details).ptr(); |
+ if (token_details->service() == GaiaConstants::kDeviceManagementService) { |
+ if (user_identity_strategy_.get()) { |
+ user_identity_strategy_->SetAuthToken(token_details->token()); |
+ } |
+ } |
+ } else { |
+ NOTREACHED(); |
+ } |
} |
} // namespace |