| Index: chrome/browser/chromeos/login/signed_settings.cc
|
| diff --git a/chrome/browser/chromeos/login/signed_settings.cc b/chrome/browser/chromeos/login/signed_settings.cc
|
| index 6fa426cb0bfa1ec0d445fb2fe479ea3f1990737c..31921cf6cf49dc2fbdeeb2b8c2555b190049b005 100644
|
| --- a/chrome/browser/chromeos/login/signed_settings.cc
|
| +++ b/chrome/browser/chromeos/login/signed_settings.cc
|
| @@ -83,83 +83,6 @@ SignedSettings::ReturnCode SignedSettings::MapKeyOpCode(
|
| KEY_UNAVAILABLE : BAD_SIGNATURE);
|
| }
|
|
|
| -// static
|
| -bool SignedSettings::EnumerateWhitelist(std::vector<std::string>* whitelisted) {
|
| - OwnershipService* service = OwnershipService::GetSharedInstance();
|
| - if (!service->has_cached_policy())
|
| - return false;
|
| - em::ChromeDeviceSettingsProto pol;
|
| - pol.ParseFromString(service->cached_policy().policy_value());
|
| - if (!pol.has_user_whitelist())
|
| - return false;
|
| -
|
| - const RepeatedPtrField<std::string>& whitelist =
|
| - pol.user_whitelist().user_whitelist();
|
| - for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin();
|
| - it != whitelist.end();
|
| - ++it) {
|
| - whitelisted->push_back(*it);
|
| - }
|
| - return true;
|
| -}
|
| -
|
| -class CheckWhitelistOp : public SignedSettings {
|
| - public:
|
| - CheckWhitelistOp(const std::string& email,
|
| - SignedSettings::Delegate<bool>* d);
|
| - virtual ~CheckWhitelistOp();
|
| - void Execute();
|
| - void Fail(SignedSettings::ReturnCode code);
|
| - void Succeed(bool value);
|
| - // Implementation of OwnerManager::Delegate
|
| - void OnKeyOpComplete(const OwnerManager::KeyOpCode return_code,
|
| - const std::vector<uint8>& payload);
|
| -
|
| - private:
|
| - bool LookUpInPolicy(const std::string& email);
|
| - // Always call d_->OnSettingOpCompleted() via this call.
|
| - // It guarantees that the callback will not be triggered until _after_
|
| - // Execute() returns, which is implicitly assumed by SignedSettingsHelper
|
| - // in some cases.
|
| - void PerformCallback(SignedSettings::ReturnCode code, bool value);
|
| -
|
| - const std::string email_;
|
| - SignedSettings::Delegate<bool>* d_;
|
| -};
|
| -
|
| -class WhitelistOp : public SignedSettings,
|
| - public SignedSettings::Delegate<bool> {
|
| - public:
|
| - WhitelistOp(const std::string& email,
|
| - bool add_to_whitelist,
|
| - SignedSettings::Delegate<bool>* d);
|
| - virtual ~WhitelistOp();
|
| - void Execute();
|
| - void Fail(SignedSettings::ReturnCode code);
|
| - void Succeed(bool value);
|
| - // Implementation of OwnerManager::Delegate
|
| - void OnKeyOpComplete(const OwnerManager::KeyOpCode return_code,
|
| - const std::vector<uint8>& payload);
|
| - // Implementation of SignedSettings::Delegate
|
| - void OnSettingsOpCompleted(ReturnCode code, bool value);
|
| -
|
| - private:
|
| - void ModifyWhitelist(const std::string& email,
|
| - bool add_to_whitelist,
|
| - em::UserWhitelistProto* whitelist_proto);
|
| - // Always call d_->OnSettingOpCompleted() via this call.
|
| - // It guarantees that the callback will not be triggered until _after_
|
| - // Execute() returns, which is implicitly assumed by SignedSettingsHelper
|
| - // in some cases.
|
| - void PerformCallback(SignedSettings::ReturnCode code, bool value);
|
| -
|
| - const std::string email_;
|
| - const bool add_to_whitelist_;
|
| - SignedSettings::Delegate<bool>* d_;
|
| - em::PolicyFetchResponse to_store_;
|
| - scoped_refptr<SignedSettings> store_op_;
|
| -};
|
| -
|
| class StorePropertyOp : public SignedSettings,
|
| public SignedSettings::Delegate<bool> {
|
| public:
|
| @@ -272,25 +195,6 @@ class RetrievePolicyOp : public SignedSettings {
|
| };
|
|
|
| // static
|
| -SignedSettings* SignedSettings::CreateCheckWhitelistOp(
|
| - const std::string& email,
|
| - SignedSettings::Delegate<bool>* d) {
|
| - DCHECK(d != NULL);
|
| - return new CheckWhitelistOp(Authenticator::Canonicalize(email), d);
|
| -}
|
| -
|
| -// static
|
| -SignedSettings* SignedSettings::CreateWhitelistOp(
|
| - const std::string& email,
|
| - bool add_to_whitelist,
|
| - SignedSettings::Delegate<bool>* d) {
|
| - DCHECK(d != NULL);
|
| - return new WhitelistOp(Authenticator::Canonicalize(email),
|
| - add_to_whitelist,
|
| - d);
|
| -}
|
| -
|
| -// static
|
| SignedSettings* SignedSettings::CreateStorePropertyOp(
|
| const std::string& name,
|
| const base::Value& value,
|
| @@ -323,200 +227,6 @@ SignedSettings* SignedSettings::CreateRetrievePolicyOp(
|
| return new RetrievePolicyOp(d);
|
| }
|
|
|
| -CheckWhitelistOp::CheckWhitelistOp(const std::string& email,
|
| - SignedSettings::Delegate<bool>* d)
|
| - : email_(email),
|
| - d_(d) {
|
| -}
|
| -
|
| -CheckWhitelistOp::~CheckWhitelistOp() {}
|
| -
|
| -void CheckWhitelistOp::Execute() {
|
| - std::vector<uint8> sig;
|
| - std::string email_to_check = email_;
|
| - if (!service_->has_cached_policy()) {
|
| - TryToFetchPolicyAndCallBack();
|
| - return;
|
| - }
|
| - if (LookUpInPolicy(email_to_check)) {
|
| - VLOG(2) << "Whitelist check was successful for " << email_to_check;
|
| - Succeed(true);
|
| - return;
|
| - }
|
| - // If the exact match was not found try to match against a wildcard entry
|
| - // where the domain only matches (e.g. *@example.com). In theory we should
|
| - // always have correctly formated mail address here but a little precaution
|
| - // does no harm.
|
| - if (email_.find('@') != std::string::npos) {
|
| - email_to_check = std::string("*").append(email_.substr(email_.find('@')));
|
| - if (LookUpInPolicy(email_to_check)) {
|
| - VLOG(2) << "Whitelist check was successful for " << email_to_check;
|
| - Succeed(true);
|
| - return;
|
| - }
|
| - }
|
| - Fail(NOT_FOUND);
|
| - return;
|
| -}
|
| -
|
| -void CheckWhitelistOp::Fail(SignedSettings::ReturnCode code) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&CheckWhitelistOp::PerformCallback, this, code, false));
|
| -}
|
| -
|
| -void CheckWhitelistOp::Succeed(bool value) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&CheckWhitelistOp::PerformCallback, this, SUCCESS, value));
|
| -}
|
| -
|
| -void CheckWhitelistOp::OnKeyOpComplete(
|
| - const OwnerManager::KeyOpCode return_code,
|
| - const std::vector<uint8>& payload) {
|
| - NOTREACHED();
|
| - // Ensure we're on the UI thread, due to the need to send DBus traffic.
|
| - if (!BrowserThread::CurrentlyOn(BrowserThread::UI)) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&CheckWhitelistOp::OnKeyOpComplete, this, return_code,
|
| - payload));
|
| - return;
|
| - }
|
| - if (return_code == OwnerManager::SUCCESS) {
|
| - VLOG(2) << "Whitelist check was successful.";
|
| - Succeed(true);
|
| - } else {
|
| - VLOG(2) << "Whitelist check failed.";
|
| - Fail(SignedSettings::MapKeyOpCode(return_code));
|
| - }
|
| -}
|
| -
|
| -bool CheckWhitelistOp::LookUpInPolicy(const std::string& email) {
|
| - em::ChromeDeviceSettingsProto pol;
|
| - pol.ParseFromString(service_->cached_policy().policy_value());
|
| - if (!pol.has_user_whitelist())
|
| - return false;
|
| -
|
| - const RepeatedPtrField<std::string>& whitelist =
|
| - pol.user_whitelist().user_whitelist();
|
| - for (RepeatedPtrField<std::string>::const_iterator it = whitelist.begin();
|
| - it != whitelist.end();
|
| - ++it) {
|
| - if (email == *it)
|
| - return true;
|
| - }
|
| - return false;
|
| -}
|
| -
|
| -void CheckWhitelistOp::PerformCallback(SignedSettings::ReturnCode code,
|
| - bool value) {
|
| - d_->OnSettingsOpCompleted(code, value);
|
| -}
|
| -
|
| -WhitelistOp::WhitelistOp(const std::string& email,
|
| - bool add_to_whitelist,
|
| - SignedSettings::Delegate<bool>* d)
|
| - : email_(email),
|
| - add_to_whitelist_(add_to_whitelist),
|
| - d_(d) {
|
| -}
|
| -
|
| -WhitelistOp::~WhitelistOp() {}
|
| -
|
| -void WhitelistOp::Execute() {
|
| - if (!service_->has_cached_policy()) {
|
| - TryToFetchPolicyAndCallBack();
|
| - return;
|
| - }
|
| - em::PolicyData to_sign;
|
| - to_sign.CheckTypeAndMergeFrom(service_->cached_policy());
|
| - em::ChromeDeviceSettingsProto pol;
|
| - pol.ParseFromString(to_sign.policy_value());
|
| - em::UserWhitelistProto* whitelist_proto = pol.mutable_user_whitelist();
|
| - ModifyWhitelist(email_, add_to_whitelist_, whitelist_proto);
|
| - to_sign.set_policy_value(pol.SerializeAsString());
|
| - to_store_.set_policy_data(to_sign.SerializeAsString());
|
| - service_->StartSigningAttempt(to_store_.policy_data(), this);
|
| -}
|
| -
|
| -void WhitelistOp::Fail(SignedSettings::ReturnCode code) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&WhitelistOp::PerformCallback, this, code, false));
|
| -}
|
| -
|
| -void WhitelistOp::Succeed(bool value) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&WhitelistOp::PerformCallback, this, SUCCESS, value));
|
| -}
|
| -
|
| -void WhitelistOp::OnKeyOpComplete(const OwnerManager::KeyOpCode return_code,
|
| - const std::vector<uint8>& sig) {
|
| - // Ensure we're on the UI thread, due to the need to send DBus traffic.
|
| - if (!BrowserThread::CurrentlyOn(BrowserThread::UI)) {
|
| - BrowserThread::PostTask(
|
| - BrowserThread::UI, FROM_HERE,
|
| - base::Bind(&WhitelistOp::OnKeyOpComplete, this, return_code, sig));
|
| - return;
|
| - }
|
| - VLOG(2) << "WhitelistOp::OnKeyOpComplete return_code = " << return_code;
|
| - // Now, sure we're on the UI thread.
|
| - if (return_code == OwnerManager::SUCCESS) {
|
| - to_store_.set_policy_data_signature(
|
| - std::string(reinterpret_cast<const char*>(&sig[0]), sig.size()));
|
| - store_op_ = CreateStorePolicyOp(&to_store_, this);
|
| - // d_->OnSettingsOpCompleted() will be called by this call.
|
| - store_op_->Execute();
|
| - } else {
|
| - Fail(SignedSettings::MapKeyOpCode(return_code));
|
| - }
|
| -}
|
| -
|
| -void WhitelistOp::OnSettingsOpCompleted(ReturnCode code, bool value) {
|
| - if (value && to_store_.has_policy_data()) {
|
| - em::PolicyData poldata;
|
| - poldata.ParseFromString(to_store_.policy_data());
|
| - service_->set_cached_policy(poldata);
|
| - Succeed(value);
|
| - return;
|
| - }
|
| - Fail(NOT_FOUND);
|
| -}
|
| -
|
| -void WhitelistOp::ModifyWhitelist(const std::string& email,
|
| - bool add_to_whitelist,
|
| - em::UserWhitelistProto* whitelist_proto) {
|
| - int i = 0;
|
| - const RepeatedPtrField<string>& whitelist = whitelist_proto->user_whitelist();
|
| - for (RepeatedPtrField<string>::const_iterator it = whitelist.begin();
|
| - it != whitelist.end();
|
| - ++it, ++i) {
|
| - if (email == *it)
|
| - break;
|
| - }
|
| - // |i| contains the index of |email|, if it is in |whitelist|.
|
| - if (add_to_whitelist) {
|
| - if (i >= whitelist.size()) // |email| was not in |whitelist|, we must add.
|
| - whitelist_proto->add_user_whitelist(email);
|
| - return;
|
| - } else {
|
| - if (i < whitelist.size()) { // |email| was in |whitelist|, we must remove.
|
| - RepeatedPtrField<string>* change_list =
|
| - whitelist_proto->mutable_user_whitelist();
|
| - change_list->SwapElements(i, whitelist.size() - 1); // Move to end.
|
| - change_list->RemoveLast();
|
| - }
|
| - return;
|
| - }
|
| - LOG(WARNING) << "Whitelist modification no-op: " << email;
|
| -}
|
| -
|
| -void WhitelistOp::PerformCallback(SignedSettings::ReturnCode code, bool value) {
|
| - d_->OnSettingsOpCompleted(code, value);
|
| -}
|
| -
|
| StorePropertyOp::StorePropertyOp(const std::string& name,
|
| const base::Value& value,
|
| SignedSettings::Delegate<bool>* d)
|
|
|
Chromium Code Reviews
Issue 8163011:
PART3: Removed whitelist special ops. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src