| OLD | NEW |
|---|
| 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2011 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_policy_cache.h" | 5 #include "chrome/browser/policy/device_policy_cache.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/callback.h" | 13 #include "base/callback.h" |
| 14 #include "base/compiler_specific.h" | 14 #include "base/compiler_specific.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/metrics/histogram.h" | 16 #include "base/metrics/histogram.h" |
| 17 #include "base/values.h" | 17 #include "base/values.h" |
| 18 #include "chrome/browser/chromeos/cros_settings.h" |
| 18 #include "chrome/browser/chromeos/dbus/dbus_thread_manager.h" | 19 #include "chrome/browser/chromeos/dbus/dbus_thread_manager.h" |
| 19 #include "chrome/browser/chromeos/dbus/update_engine_client.h" | 20 #include "chrome/browser/chromeos/dbus/update_engine_client.h" |
| 20 #include "chrome/browser/chromeos/login/ownership_service.h" | 21 #include "chrome/browser/chromeos/login/ownership_service.h" |
| 21 #include "chrome/browser/chromeos/user_cros_settings_provider.h" | 22 #include "chrome/browser/chromeos/login/signed_settings_helper.h" |
| 22 #include "chrome/browser/policy/cloud_policy_data_store.h" | 23 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 23 #include "chrome/browser/policy/enterprise_install_attributes.h" | 24 #include "chrome/browser/policy/enterprise_install_attributes.h" |
| 24 #include "chrome/browser/policy/enterprise_metrics.h" | 25 #include "chrome/browser/policy/enterprise_metrics.h" |
| 25 #include "chrome/browser/policy/policy_map.h" | 26 #include "chrome/browser/policy/policy_map.h" |
| 26 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 27 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| 27 #include "chrome/browser/policy/proto/device_management_constants.h" | 28 #include "chrome/browser/policy/proto/device_management_constants.h" |
| 28 #include "chrome/browser/policy/proto/device_management_local.pb.h" | 29 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 29 #include "policy/configuration_policy_type.h" | 30 #include "policy/configuration_policy_type.h" |
| 30 | 31 |
| 31 namespace { | 32 namespace { |
| 32 | 33 |
| 33 // Stores policy, updates the owner key if required and reports the status | 34 // Stores policy, updates the owner key if required and reports the status |
| 34 // through a callback. | 35 // through a callback. |
| 35 class StorePolicyOperation : public chromeos::SignedSettingsHelper::Callback, | 36 class StorePolicyOperation : public chromeos::OwnerManager::KeyUpdateDelegate { |
| 36 public chromeos::OwnerManager::KeyUpdateDelegate { | |
| 37 public: | 37 public: |
| 38 typedef base::Callback<void(chromeos::SignedSettings::ReturnCode)> Callback; | 38 typedef base::Callback<void(chromeos::SignedSettings::ReturnCode)> Callback; |
| 39 | 39 |
| 40 StorePolicyOperation(chromeos::SignedSettingsHelper* signed_settings_helper, | 40 StorePolicyOperation(chromeos::SignedSettingsHelper* signed_settings_helper, |
| 41 const em::PolicyFetchResponse& policy, | 41 const em::PolicyFetchResponse& policy, |
| 42 const Callback& callback) | 42 const Callback& callback) |
| 43 : signed_settings_helper_(signed_settings_helper), | 43 : signed_settings_helper_(signed_settings_helper), |
| 44 policy_(policy), | 44 policy_(policy), |
| 45 callback_(callback) { | 45 callback_(callback), |
| 46 signed_settings_helper_->StartStorePolicyOp(policy, this); | 46 weak_ptr_factory_(this) { |
| 47 signed_settings_helper_->StartStorePolicyOp( |
| 48 policy, |
| 49 base::Bind(&StorePolicyOperation::OnStorePolicyCompleted, |
| 50 weak_ptr_factory_.GetWeakPtr())); |
| 47 } | 51 } |
| 48 virtual ~StorePolicyOperation() { | 52 virtual ~StorePolicyOperation() { |
| 49 signed_settings_helper_->CancelCallback(this); | |
| 50 } | 53 } |
| 51 | 54 |
| 52 // SignedSettingsHelper implementation: | 55 void OnStorePolicyCompleted(chromeos::SignedSettings::ReturnCode code) { |
| 53 virtual void OnStorePolicyCompleted( | |
| 54 chromeos::SignedSettings::ReturnCode code) OVERRIDE { | |
| 55 if (code != chromeos::SignedSettings::SUCCESS) { | 56 if (code != chromeos::SignedSettings::SUCCESS) { |
| 56 callback_.Run(code); | 57 callback_.Run(code); |
| 57 delete this; | 58 delete this; |
| 58 return; | 59 return; |
| 59 } | 60 } |
| 60 | 61 |
| 61 if (policy_.has_new_public_key()) { | 62 if (policy_.has_new_public_key()) { |
| 62 // The session manager has successfully done a key rotation. Replace the | 63 // The session manager has successfully done a key rotation. Replace the |
| 63 // owner key also in chrome. | 64 // owner key also in chrome. |
| 64 const std::string& new_key = policy_.new_public_key(); | 65 const std::string& new_key = policy_.new_public_key(); |
| 65 const std::vector<uint8> new_key_data(new_key.c_str(), | 66 const std::vector<uint8> new_key_data(new_key.c_str(), |
| 66 new_key.c_str() + new_key.size()); | 67 new_key.c_str() + new_key.size()); |
| 67 chromeos::OwnershipService::GetSharedInstance()->StartUpdateOwnerKey( | 68 chromeos::OwnershipService::GetSharedInstance()->StartUpdateOwnerKey( |
| 68 new_key_data, this); | 69 new_key_data, this); |
| 69 return; | 70 return; |
| 70 } else { | 71 } else { |
| 71 UpdateUserCrosSettings(); | 72 chromeos::CrosSettings::Get()->ReloadProviders(); |
| 72 callback_.Run(chromeos::SignedSettings::SUCCESS); | 73 callback_.Run(chromeos::SignedSettings::SUCCESS); |
| 73 delete this; | 74 delete this; |
| 74 return; | 75 return; |
| 75 } | 76 } |
| 76 } | 77 } |
| 77 | 78 |
| 78 // OwnerManager::KeyUpdateDelegate implementation: | 79 // OwnerManager::KeyUpdateDelegate implementation: |
| 79 virtual void OnKeyUpdated() OVERRIDE { | 80 virtual void OnKeyUpdated() OVERRIDE { |
| 80 UpdateUserCrosSettings(); | 81 chromeos::CrosSettings::Get()->ReloadProviders(); |
| 81 callback_.Run(chromeos::SignedSettings::SUCCESS); | 82 callback_.Run(chromeos::SignedSettings::SUCCESS); |
| 82 delete this; | 83 delete this; |
| 83 } | 84 } |
| 84 | 85 |
| 85 private: | 86 private: |
| 86 void UpdateUserCrosSettings() { | |
| 87 // TODO(mnissler): Find a better way. This is a hack that updates the | |
| 88 // UserCrosSettingsProvider's cache, since it is unable to notice we've | |
| 89 // updated policy information. | |
| 90 chromeos::UserCrosSettingsProvider().Reload(); | |
| 91 } | |
| 92 | 87 |
| 93 chromeos::SignedSettingsHelper* signed_settings_helper_; | 88 chromeos::SignedSettingsHelper* signed_settings_helper_; |
| 94 em::PolicyFetchResponse policy_; | 89 em::PolicyFetchResponse policy_; |
| 95 Callback callback_; | 90 Callback callback_; |
| 96 | 91 |
| 92 base::WeakPtrFactory<StorePolicyOperation> weak_ptr_factory_; |
| 93 |
| 97 DISALLOW_COPY_AND_ASSIGN(StorePolicyOperation); | 94 DISALLOW_COPY_AND_ASSIGN(StorePolicyOperation); |
| 98 }; | 95 }; |
| 99 | 96 |
| 100 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership | 97 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership |
| 101 // of the return Value*. Returns NULL in case the input value is out of bounds. | 98 // of the return Value*. Returns NULL in case the input value is out of bounds. |
| 102 Value* DecodeIntegerValue(google::protobuf::int64 value) { | 99 Value* DecodeIntegerValue(google::protobuf::int64 value) { |
| 103 if (value < std::numeric_limits<int>::min() || | 100 if (value < std::numeric_limits<int>::min() || |
| 104 value > std::numeric_limits<int>::max()) { | 101 value > std::numeric_limits<int>::max()) { |
| 105 LOG(WARNING) << "Integer value " << value | 102 LOG(WARNING) << "Integer value " << value |
| 106 << " out of numeric limits, ignoring."; | 103 << " out of numeric limits, ignoring."; |
| (...skipping 20 matching lines...) Expand all Loading... |
| 127 CloudPolicyDataStore* data_store, | 124 CloudPolicyDataStore* data_store, |
| 128 EnterpriseInstallAttributes* install_attributes, | 125 EnterpriseInstallAttributes* install_attributes, |
| 129 chromeos::SignedSettingsHelper* signed_settings_helper) | 126 chromeos::SignedSettingsHelper* signed_settings_helper) |
| 130 : data_store_(data_store), | 127 : data_store_(data_store), |
| 131 install_attributes_(install_attributes), | 128 install_attributes_(install_attributes), |
| 132 signed_settings_helper_(signed_settings_helper), | 129 signed_settings_helper_(signed_settings_helper), |
| 133 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { | 130 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)) { |
| 134 } | 131 } |
| 135 | 132 |
| 136 DevicePolicyCache::~DevicePolicyCache() { | 133 DevicePolicyCache::~DevicePolicyCache() { |
| 137 signed_settings_helper_->CancelCallback(this); | |
| 138 } | 134 } |
| 139 | 135 |
| 140 void DevicePolicyCache::Load() { | 136 void DevicePolicyCache::Load() { |
| 141 signed_settings_helper_->StartRetrievePolicyOp(this); | 137 signed_settings_helper_->StartRetrievePolicyOp( |
| 138 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, |
| 139 weak_ptr_factory_.GetWeakPtr())); |
| 142 } | 140 } |
| 143 | 141 |
| 144 void DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { | 142 void DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { |
| 145 DCHECK(IsReady()); | 143 DCHECK(IsReady()); |
| 146 | 144 |
| 147 // Make sure we have an enterprise device. | 145 // Make sure we have an enterprise device. |
| 148 std::string registration_user(install_attributes_->GetRegistrationUser()); | 146 std::string registration_user(install_attributes_->GetRegistrationUser()); |
| 149 if (registration_user.empty()) { | 147 if (registration_user.empty()) { |
| 150 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; | 148 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; |
| 151 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, | 149 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, |
| (...skipping 99 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 251 } else { | 249 } else { |
| 252 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, | 250 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, |
| 253 kMetricPolicySize); | 251 kMetricPolicySize); |
| 254 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 252 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 255 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 253 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 256 } | 254 } |
| 257 return; | 255 return; |
| 258 } | 256 } |
| 259 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, | 257 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, |
| 260 kMetricPolicySize); | 258 kMetricPolicySize); |
| 261 signed_settings_helper_->StartRetrievePolicyOp(this); | 259 signed_settings_helper_->StartRetrievePolicyOp( |
| 260 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, |
| 261 weak_ptr_factory_.GetWeakPtr())); |
| 262 } | 262 } |
| 263 | 263 |
| 264 void DevicePolicyCache::InstallInitialPolicy( | 264 void DevicePolicyCache::InstallInitialPolicy( |
| 265 chromeos::SignedSettings::ReturnCode code, | 265 chromeos::SignedSettings::ReturnCode code, |
| 266 const em::PolicyFetchResponse& policy, | 266 const em::PolicyFetchResponse& policy, |
| 267 std::string* device_token) { | 267 std::string* device_token) { |
| 268 if (code == chromeos::SignedSettings::NOT_FOUND || | 268 if (code == chromeos::SignedSettings::NOT_FOUND || |
| 269 code == chromeos::SignedSettings::KEY_UNAVAILABLE || | 269 code == chromeos::SignedSettings::KEY_UNAVAILABLE || |
| 270 !policy.has_policy_data()) { | 270 !policy.has_policy_data()) { |
| 271 InformNotifier(CloudPolicySubsystem::UNENROLLED, | 271 InformNotifier(CloudPolicySubsystem::UNENROLLED, |
| (...skipping 87 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 359 if (policy.has_open_network_configuration() && | 359 if (policy.has_open_network_configuration() && |
| 360 policy.open_network_configuration().has_open_network_configuration()) { | 360 policy.open_network_configuration().has_open_network_configuration()) { |
| 361 std::string config( | 361 std::string config( |
| 362 policy.open_network_configuration().open_network_configuration()); | 362 policy.open_network_configuration().open_network_configuration()); |
| 363 mandatory->Set(kPolicyDeviceOpenNetworkConfiguration, | 363 mandatory->Set(kPolicyDeviceOpenNetworkConfiguration, |
| 364 Value::CreateStringValue(config)); | 364 Value::CreateStringValue(config)); |
| 365 } | 365 } |
| 366 } | 366 } |
| 367 | 367 |
| 368 } // namespace policy | 368 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 8727037:
Signed settings refactoring: Proper caching and more tests. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src