Chromium Code Reviews| OLD | NEW |
|---|---|
| (Empty) | |
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | |
| 2 // Use of this source code is governed by a BSD-style license that can be | |
| 3 // found in the LICENSE file. | |
| 4 | |
| 5 #include "chrome/browser/policy/cloud_policy_client.h" | |
| 6 | |
| 7 #include "base/bind.h" | |
| 8 #include "base/logging.h" | |
| 9 #include "chrome/browser/policy/device_management_service.h" | |
| 10 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | |
| 11 #include "chrome/common/guid.h" | |
| 12 | |
| 13 namespace em = enterprise_management; | |
| 14 | |
| 15 namespace policy { | |
| 16 | |
| 17 CloudPolicyClient::PublicKeyVersion::PublicKeyVersion() | |
| 18 : valid_(false), | |
| 19 version_(-1) {} | |
| 20 | |
| 21 CloudPolicyClient::PublicKeyVersion::PublicKeyVersion(int version) | |
| 22 : valid_(true), | |
| 23 version_(version) {} | |
| 24 | |
| 25 CloudPolicyClient::PublicKeyVersion::PublicKeyVersion( | |
| 26 const PublicKeyVersion& other) | |
| 27 : valid_(other.valid_), | |
| 28 version_(other.version_) {} | |
| 29 | |
| 30 const CloudPolicyClient::PublicKeyVersion& | |
| 31 CloudPolicyClient::PublicKeyVersion::operator=( | |
| 32 const PublicKeyVersion& other) { | |
| 33 valid_ = other.valid_; | |
| 34 version_ = other.version_; | |
| 35 return *this; | |
| 36 } | |
| 37 | |
| 38 CloudPolicyClient::Observer::~Observer() {} | |
| 39 | |
| 40 CloudPolicyClient::StatusProvider::~StatusProvider() {} | |
| 41 | |
| 42 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id, | |
| 43 const std::string& machine_model, | |
| 44 UserAffiliation user_affiliation, | |
| 45 PolicyScope scope, | |
| 46 StatusProvider* status_provider, | |
| 47 DeviceManagementService* service) | |
| 48 : machine_id_(machine_id), | |
| 49 machine_model_(machine_model), | |
| 50 user_affiliation_(user_affiliation), | |
| 51 scope_(scope), | |
| 52 submit_machine_id_(false), | |
| 53 service_(service), | |
| 54 request_job_(NULL), | |
|
Joao da Silva
2012/05/22 20:59:30
Nit: I wouldn't explicitly initialize a NULL scope
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
Done.
| |
| 55 status_provider_(status_provider), | |
| 56 status_(DM_STATUS_SUCCESS) {} | |
| 57 | |
| 58 CloudPolicyClient::~CloudPolicyClient() {} | |
| 59 | |
| 60 void CloudPolicyClient::SetupRegistration(const std::string& dm_token, | |
| 61 const std::string& client_id) { | |
| 62 DCHECK(!dm_token.empty()); | |
| 63 DCHECK(!client_id.empty()); | |
| 64 | |
|
Joao da Silva
2012/05/22 20:59:30
DCHECK(!is_registered()) ?
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
Done.
Joao da Silva
2012/05/24 15:00:47
I meant that as an additional DCHECK, not in place
Mattias Nissler (ping if slow)
2012/05/24 18:01:00
Ah true, and we want to avoid the arguments to be
| |
| 65 dm_token_ = dm_token; | |
| 66 client_id_ = client_id; | |
| 67 request_job_.reset(); | |
| 68 policy_.reset(); | |
| 69 | |
| 70 NotifyRegistrationStateChanged(); | |
| 71 } | |
| 72 | |
| 73 void CloudPolicyClient::Register(const std::string& auth_token) { | |
| 74 DCHECK(!is_registered()); | |
| 75 client_id_ = guid::GenerateGUID(); | |
|
Joao da Silva
2012/05/22 20:59:30
This is the same that the current code is doing, b
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
There's a good reason to re-generate the ID: priva
Joao da Silva
2012/05/24 15:00:47
Ah true. Thanks for the clarification.
| |
| 76 | |
| 77 request_job_.reset( | |
| 78 service_->CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION)); | |
| 79 request_job_->SetOAuthToken(auth_token); | |
| 80 request_job_->SetClientID(client_id_); | |
| 81 | |
| 82 em::DeviceRegisterRequest* request = | |
| 83 request_job_->GetRequest()->mutable_register_request(); | |
| 84 SetRegistrationType(request); | |
| 85 if (!machine_id_.empty()) | |
| 86 request->set_machine_id(machine_id_); | |
| 87 if (!machine_model_.empty()) | |
| 88 request->set_machine_model(machine_model_); | |
| 89 | |
| 90 request_job_->Start(base::Bind(&CloudPolicyClient::OnRegisterCompleted, | |
| 91 base::Unretained(this))); | |
| 92 } | |
| 93 | |
| 94 void CloudPolicyClient::FetchPolicy() { | |
| 95 CHECK(!dm_token_.empty()); | |
|
Joao da Silva
2012/05/22 20:59:30
Rename to CHECK(is_registered()) ?
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
Done.
| |
| 96 | |
| 97 request_job_.reset( | |
| 98 service_->CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH)); | |
| 99 request_job_->SetDMToken(dm_token_); | |
| 100 request_job_->SetClientID(client_id_); | |
| 101 request_job_->SetUserAffiliation(user_affiliation_); | |
| 102 | |
| 103 em::DeviceManagementRequest* request = request_job_->GetRequest(); | |
| 104 | |
| 105 // Build policy fetch request. | |
| 106 em::PolicyFetchRequest* policy_request = | |
| 107 request->mutable_policy_request()->add_request(); | |
| 108 policy_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA); | |
| 109 SetPolicyType(policy_request); | |
| 110 if (!last_policy_timestamp_.is_null()) { | |
| 111 base::TimeDelta timestamp(last_policy_timestamp_ - base::Time::UnixEpoch()); | |
| 112 policy_request->set_timestamp(timestamp.InMilliseconds()); | |
| 113 } | |
| 114 if (submit_machine_id_ && !machine_id_.empty()) | |
| 115 policy_request->set_machine_id(machine_id_); | |
| 116 if (public_key_version_.valid()) | |
| 117 policy_request->set_public_key_version(public_key_version_.version()); | |
| 118 | |
| 119 // Add status data. | |
| 120 if (status_provider_) { | |
| 121 if (!status_provider_->GetDeviceStatus( | |
| 122 request->mutable_device_status_report_request())) { | |
| 123 request->clear_device_status_report_request(); | |
| 124 } | |
| 125 if (!status_provider_->GetSessionStatus( | |
| 126 request->mutable_session_status_report_request())) { | |
| 127 request->clear_session_status_report_request(); | |
| 128 } | |
| 129 } | |
| 130 | |
| 131 // Fire the job. | |
| 132 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted, | |
| 133 base::Unretained(this))); | |
| 134 } | |
| 135 | |
| 136 void CloudPolicyClient::Unregister() { | |
| 137 request_job_.reset( | |
| 138 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION)); | |
| 139 request_job_->SetDMToken(dm_token_); | |
| 140 request_job_->SetClientID(client_id_); | |
| 141 request_job_->GetRequest()->mutable_unregister_request(); | |
| 142 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted, | |
| 143 base::Unretained(this))); | |
| 144 } | |
| 145 | |
| 146 void CloudPolicyClient::AddObserver(Observer* observer) { | |
| 147 observers_.AddObserver(observer); | |
| 148 } | |
| 149 | |
| 150 void CloudPolicyClient::RemoveObserver(Observer* observer) { | |
| 151 observers_.RemoveObserver(observer); | |
| 152 } | |
| 153 | |
| 154 void CloudPolicyClient::SetRegistrationType( | |
| 155 em::DeviceRegisterRequest* request) const { | |
| 156 switch (scope_) { | |
| 157 case POLICY_SCOPE_USER: | |
| 158 request->set_type(em::DeviceRegisterRequest::USER); | |
| 159 return; | |
| 160 case POLICY_SCOPE_MACHINE: | |
| 161 request->set_type(em::DeviceRegisterRequest::DEVICE); | |
| 162 return; | |
| 163 } | |
| 164 NOTREACHED() << "Invalid policy scope " << scope_; | |
| 165 } | |
| 166 | |
| 167 void CloudPolicyClient::SetPolicyType(em::PolicyFetchRequest* request) const { | |
| 168 switch (scope_) { | |
| 169 case POLICY_SCOPE_USER: | |
| 170 request->set_policy_type(dm_protocol::kChromeUserPolicyType); | |
| 171 return; | |
| 172 case POLICY_SCOPE_MACHINE: | |
| 173 request->set_policy_type(dm_protocol::kChromeDevicePolicyType); | |
| 174 return; | |
| 175 } | |
| 176 NOTREACHED() << "Invalid policy scope " << scope_; | |
| 177 } | |
| 178 | |
| 179 void CloudPolicyClient::OnRegisterCompleted( | |
| 180 DeviceManagementStatus status, | |
| 181 const em::DeviceManagementResponse& response) { | |
| 182 if (status == DM_STATUS_SUCCESS && | |
| 183 (!response.has_register_response() || | |
| 184 !response.register_response().has_device_management_token())) { | |
| 185 LOG(WARNING) << "Empty registration response."; | |
| 186 status = DM_STATUS_RESPONSE_DECODING_ERROR; | |
| 187 } | |
| 188 | |
| 189 status_ = status; | |
| 190 if (status == DM_STATUS_SUCCESS) { | |
| 191 dm_token_ = response.register_response().device_management_token(); | |
| 192 NotifyRegistrationStateChanged(); | |
| 193 } else { | |
| 194 NotifyClientError(); | |
| 195 } | |
| 196 } | |
| 197 | |
| 198 void CloudPolicyClient::OnPolicyFetchCompleted( | |
| 199 DeviceManagementStatus status, | |
| 200 const em::DeviceManagementResponse& response) { | |
| 201 if (status == DM_STATUS_SUCCESS) { | |
| 202 if (!response.has_policy_response() || | |
| 203 response.policy_response().response_size() == 0) { | |
| 204 LOG(WARNING) << "Empty policy response."; | |
| 205 status = DM_STATUS_RESPONSE_DECODING_ERROR; | |
| 206 } else if (response.policy_response().response_size() > 1) { | |
| 207 LOG(WARNING) << "More than one response entries, ignoring all but first."; | |
| 208 } | |
| 209 } | |
| 210 | |
| 211 status_ = status; | |
| 212 if (status == DM_STATUS_SUCCESS) { | |
| 213 policy_.reset(new enterprise_management::PolicyFetchResponse( | |
| 214 response.policy_response().response(0))); | |
|
Joao da Silva
2012/05/22 20:59:30
I'd like to avoid the copy if possible, and I thin
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
That would require to pass |response| non-const. I
| |
| 215 if (status_provider_) | |
| 216 status_provider_->OnSubmittedSuccessfully(); | |
|
Joao da Silva
2012/05/22 20:59:30
Will this be the right thing to do if FetchPolicy
Mattias Nissler (ping if slow)
2012/05/24 10:12:01
The idea is that the status provider should only f
| |
| 217 NotifyPolicyFetched(); | |
| 218 } else { | |
| 219 NotifyClientError(); | |
| 220 } | |
| 221 } | |
| 222 | |
| 223 void CloudPolicyClient::OnUnregisterCompleted( | |
| 224 DeviceManagementStatus status, | |
| 225 const em::DeviceManagementResponse& response) { | |
| 226 if (status == DM_STATUS_SUCCESS && !response.has_unregister_response()) { | |
| 227 // Assume unregistration has succeeded either way. | |
| 228 LOG(WARNING) << "Empty unregistration response."; | |
| 229 } | |
| 230 | |
| 231 status_ = status; | |
| 232 if (status == DM_STATUS_SUCCESS) { | |
| 233 dm_token_.clear(); | |
| 234 NotifyRegistrationStateChanged(); | |
| 235 } else { | |
| 236 NotifyClientError(); | |
| 237 } | |
| 238 } | |
| 239 | |
| 240 void CloudPolicyClient::NotifyPolicyFetched() { | |
| 241 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this)); | |
| 242 } | |
| 243 | |
| 244 void CloudPolicyClient::NotifyRegistrationStateChanged() { | |
| 245 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this)); | |
| 246 } | |
| 247 | |
| 248 void CloudPolicyClient::NotifyClientError() { | |
| 249 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this)); | |
| 250 } | |
| 251 | |
| 252 } // namespace policy | |
| OLD | NEW |