Remoting host policy for mac.

remoting/host/plugin/policy_hack/nat_policy_mac.mm

Index: remoting/host/plugin/policy_hack/nat_policy_mac.mm
diff --git a/remoting/host/plugin/policy_hack/nat_policy_mac.mm b/remoting/host/plugin/policy_hack/nat_policy_mac.mm
index f6514ab20e722a86915358a266b74d2e8889609d..006599164351712a96a65c11e929f22db32c78c5 100644
--- a/remoting/host/plugin/policy_hack/nat_policy_mac.mm
+++ b/remoting/host/plugin/policy_hack/nat_policy_mac.mm
@@ -4,14 +4,23 @@
 
 #include "remoting/host/plugin/policy_hack/nat_policy.h"
 
+#include <CoreFoundation/CoreFoundation.h>
+
 #include "base/compiler_specific.h"
+#include "base/mac/scoped_cftyperef.h"
 #include "base/message_loop_proxy.h"
 #include "base/scoped_ptr.h"
+#include "base/sys_string_conversions.h"
 #include "base/values.h"
 
 namespace remoting {
 namespace policy_hack {
 
+// The MacOS version does not watch files (because there is potentially 9
+// files to watch in three different locations) and because it is accepted
+// practice on the Mac that the user must logout/login for policies to be
+// applied. This will actually pick up policies every
+// |kFallbackReloadDelayMinutes| which is sufficient for right now.
 class NatPolicyMac : public NatPolicy {
  public:
   explicit NatPolicyMac(base::MessageLoopProxy* message_loop_proxy)
@@ -21,15 +30,62 @@ class NatPolicyMac : public NatPolicy {
   virtual ~NatPolicyMac() {
   }
 
+ protected:
   virtual void StartWatchingInternal() OVERRIDE {
-    scoped_ptr<base::DictionaryValue> new_policy(new base::DictionaryValue());
-    UpdateNatPolicy(new_policy.get());
+    Reload();
   }
 
   virtual void StopWatchingInternal() OVERRIDE {
   }
 
   virtual void Reload() OVERRIDE {
+    DCHECK(OnPolicyThread());
+    // Since policy could be set for any of these browsers, assume the most
+    // restrictive. Log if there is policy conflict.
+    struct {
+      Boolean is_valid;
+      Boolean is_allowed;
+      CFStringRef bundle_id;
+    } policies[3] = {
+      { false, true, CFSTR("com.google.Chrome") },
+      { false, true, CFSTR("com.chromium.Chromium") },
+      { false, true, CFSTR("com.google.Chrome.canary") }
+    };
+    base::mac::ScopedCFTypeRef<CFStringRef> policy_key(
+      base::SysUTF8ToCFStringRef(kNatPolicyName));
+    bool is_allowed = true;
+    bool is_valid = false;
+
+    for (size_t i = 0; i < ARRAYSIZE_UNSAFE(policies); ++i) {

[awong, 2011/08/25 21:32:05]

:-/

Would it be worth promoting this struct declaration to a more normal type
(perhaps inside an anonymous namespace) so we could use arraysize()?

+      if (CFPreferencesAppSynchronize(policies[i].bundle_id)) {
+        policies[i].is_allowed = CFPreferencesGetAppBooleanValue(
+            policy_key,
+            policies[i].bundle_id,
+            &policies[i].is_valid);
+        if (policies[i].is_valid) {
+          is_allowed &= policies[i].is_allowed;
+          is_valid |= policies[i].is_valid;
+        }
+      }
+    }
+
+    for (size_t i = 0; i < ARRAYSIZE_UNSAFE(policies); ++i) {
+      if (policies[i].is_valid && policies[i].is_allowed != is_allowed) {
+        LOG(WARNING) << base::SysCFStringRefToUTF8(policies[i].bundle_id)
+                     << " has conflicting policy value -> "
+                     << is_allowed
+                     << " != "
+                     <<  static_cast<bool>(policies[i].is_allowed);

[awong, 2011/08/25 21:32:05]

Should also explicitly list what state we actually went into.

+      }
+    }
+
+    // Only set policy if a valid policy was found.
+    if (is_valid) {
+      base::DictionaryValue policy;
+      policy.SetBoolean(kNatPolicyName, is_allowed);
+      UpdateNatPolicy(&policy);
+    }
+    ScheduleFallbackReloadTask();
   }
 };