| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/device_policy_cache.h" | 5 #include "chrome/browser/policy/device_policy_cache.h" |
| 6 | 6 |
| 7 #include <limits> | 7 #include <limits> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| 11 #include "base/basictypes.h" | 11 #include "base/basictypes.h" |
| 12 #include "base/bind.h" | 12 #include "base/bind.h" |
| 13 #include "base/callback.h" | 13 #include "base/callback.h" |
| 14 #include "base/compiler_specific.h" | 14 #include "base/compiler_specific.h" |
| 15 #include "base/logging.h" | 15 #include "base/logging.h" |
| 16 #include "base/metrics/histogram.h" | 16 #include "base/metrics/histogram.h" |
| 17 #include "base/values.h" | 17 #include "base/values.h" |
| 18 #include "chrome/browser/chromeos/settings/cros_settings.h" | |
| 19 #include "chrome/browser/chromeos/settings/ownership_service.h" | |
| 20 #include "chrome/browser/chromeos/settings/signed_settings_helper.h" | |
| 21 #include "chrome/browser/policy/app_pack_updater.h" | 18 #include "chrome/browser/policy/app_pack_updater.h" |
| 22 #include "chrome/browser/policy/cloud_policy_data_store.h" | 19 #include "chrome/browser/policy/cloud_policy_data_store.h" |
| 23 #include "chrome/browser/policy/enterprise_install_attributes.h" | 20 #include "chrome/browser/policy/enterprise_install_attributes.h" |
| 24 #include "chrome/browser/policy/enterprise_metrics.h" | 21 #include "chrome/browser/policy/enterprise_metrics.h" |
| 25 #include "chrome/browser/policy/policy_map.h" | 22 #include "chrome/browser/policy/policy_map.h" |
| 26 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" | 23 #include "chrome/browser/policy/proto/chrome_device_policy.pb.h" |
| 27 #include "chrome/browser/policy/proto/device_management_backend.pb.h" | 24 #include "chrome/browser/policy/proto/device_management_backend.pb.h" |
| 28 #include "chrome/browser/policy/proto/device_management_local.pb.h" | 25 #include "chrome/browser/policy/proto/device_management_local.pb.h" |
| 29 #include "chrome/common/net/gaia/gaia_auth_util.h" | 26 #include "chrome/common/net/gaia/gaia_auth_util.h" |
| 30 #include "chromeos/dbus/dbus_thread_manager.h" | 27 #include "chromeos/dbus/dbus_thread_manager.h" |
| 31 #include "chromeos/dbus/update_engine_client.h" | 28 #include "chromeos/dbus/update_engine_client.h" |
| 32 #include "policy/policy_constants.h" | 29 #include "policy/policy_constants.h" |
| 33 #include "third_party/cros_system_api/dbus/service_constants.h" | 30 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 34 | 31 |
| 35 using google::protobuf::RepeatedField; | 32 using google::protobuf::RepeatedField; |
| 36 using google::protobuf::RepeatedPtrField; | 33 using google::protobuf::RepeatedPtrField; |
| 37 | 34 |
| 38 namespace em = enterprise_management; | 35 namespace em = enterprise_management; |
| 39 | 36 |
| 40 namespace { | 37 namespace { |
| 41 | 38 |
| 42 // Stores policy, updates the owner key if required and reports the status | |
| 43 // through a callback. | |
| 44 class StorePolicyOperation : public chromeos::OwnerManager::KeyUpdateDelegate { | |
| 45 public: | |
| 46 typedef base::Callback<void(chromeos::SignedSettings::ReturnCode)> Callback; | |
| 47 | |
| 48 StorePolicyOperation(chromeos::SignedSettingsHelper* signed_settings_helper, | |
| 49 const em::PolicyFetchResponse& policy, | |
| 50 const Callback& callback) | |
| 51 : signed_settings_helper_(signed_settings_helper), | |
| 52 policy_(policy), | |
| 53 callback_(callback), | |
| 54 weak_ptr_factory_(this) { | |
| 55 signed_settings_helper_->StartStorePolicyOp( | |
| 56 policy, | |
| 57 base::Bind(&StorePolicyOperation::OnStorePolicyCompleted, | |
| 58 weak_ptr_factory_.GetWeakPtr())); | |
| 59 } | |
| 60 virtual ~StorePolicyOperation() { | |
| 61 } | |
| 62 | |
| 63 void OnStorePolicyCompleted(chromeos::SignedSettings::ReturnCode code) { | |
| 64 if (code != chromeos::SignedSettings::SUCCESS) { | |
| 65 callback_.Run(code); | |
| 66 delete this; | |
| 67 return; | |
| 68 } | |
| 69 | |
| 70 if (policy_.has_new_public_key()) { | |
| 71 // The session manager has successfully done a key rotation. Replace the | |
| 72 // owner key also in chrome. | |
| 73 const std::string& new_key = policy_.new_public_key(); | |
| 74 const std::vector<uint8> new_key_data(new_key.c_str(), | |
| 75 new_key.c_str() + new_key.size()); | |
| 76 chromeos::OwnershipService::GetSharedInstance()->StartUpdateOwnerKey( | |
| 77 new_key_data, this); | |
| 78 return; | |
| 79 } else { | |
| 80 chromeos::CrosSettings::Get()->ReloadProviders(); | |
| 81 callback_.Run(chromeos::SignedSettings::SUCCESS); | |
| 82 delete this; | |
| 83 return; | |
| 84 } | |
| 85 } | |
| 86 | |
| 87 // OwnerManager::KeyUpdateDelegate implementation: | |
| 88 virtual void OnKeyUpdated() OVERRIDE { | |
| 89 chromeos::CrosSettings::Get()->ReloadProviders(); | |
| 90 callback_.Run(chromeos::SignedSettings::SUCCESS); | |
| 91 delete this; | |
| 92 } | |
| 93 | |
| 94 private: | |
| 95 | |
| 96 chromeos::SignedSettingsHelper* signed_settings_helper_; | |
| 97 em::PolicyFetchResponse policy_; | |
| 98 Callback callback_; | |
| 99 | |
| 100 base::WeakPtrFactory<StorePolicyOperation> weak_ptr_factory_; | |
| 101 | |
| 102 DISALLOW_COPY_AND_ASSIGN(StorePolicyOperation); | |
| 103 }; | |
| 104 | |
| 105 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership | 39 // Decodes a protobuf integer to an IntegerValue. The caller assumes ownership |
| 106 // of the return Value*. Returns NULL in case the input value is out of bounds. | 40 // of the return Value*. Returns NULL in case the input value is out of bounds. |
| 107 Value* DecodeIntegerValue(google::protobuf::int64 value) { | 41 Value* DecodeIntegerValue(google::protobuf::int64 value) { |
| 108 if (value < std::numeric_limits<int>::min() || | 42 if (value < std::numeric_limits<int>::min() || |
| 109 value > std::numeric_limits<int>::max()) { | 43 value > std::numeric_limits<int>::max()) { |
| 110 LOG(WARNING) << "Integer value " << value | 44 LOG(WARNING) << "Integer value " << value |
| 111 << " out of numeric limits, ignoring."; | 45 << " out of numeric limits, ignoring."; |
| 112 return NULL; | 46 return NULL; |
| 113 } | 47 } |
| 114 | 48 |
| (...skipping 17 matching lines...) Expand all Loading... |
| 132 | 66 |
| 133 } // namespace | 67 } // namespace |
| 134 | 68 |
| 135 namespace policy { | 69 namespace policy { |
| 136 | 70 |
| 137 DevicePolicyCache::DevicePolicyCache( | 71 DevicePolicyCache::DevicePolicyCache( |
| 138 CloudPolicyDataStore* data_store, | 72 CloudPolicyDataStore* data_store, |
| 139 EnterpriseInstallAttributes* install_attributes) | 73 EnterpriseInstallAttributes* install_attributes) |
| 140 : data_store_(data_store), | 74 : data_store_(data_store), |
| 141 install_attributes_(install_attributes), | 75 install_attributes_(install_attributes), |
| 142 signed_settings_helper_(chromeos::SignedSettingsHelper::Get()), | 76 device_settings_service_(chromeos::DeviceSettingsService::Get()), |
| 143 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), | 77 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), |
| 144 policy_fetch_pending_(false) { | 78 policy_fetch_pending_(false) { |
| 79 device_settings_service_->AddObserver(this); |
| 145 } | 80 } |
| 146 | 81 |
| 147 DevicePolicyCache::DevicePolicyCache( | 82 DevicePolicyCache::DevicePolicyCache( |
| 148 CloudPolicyDataStore* data_store, | 83 CloudPolicyDataStore* data_store, |
| 149 EnterpriseInstallAttributes* install_attributes, | 84 EnterpriseInstallAttributes* install_attributes, |
| 150 chromeos::SignedSettingsHelper* signed_settings_helper) | 85 chromeos::DeviceSettingsService* device_settings_service) |
| 151 : data_store_(data_store), | 86 : data_store_(data_store), |
| 152 install_attributes_(install_attributes), | 87 install_attributes_(install_attributes), |
| 153 signed_settings_helper_(signed_settings_helper), | 88 device_settings_service_(device_settings_service), |
| 154 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), | 89 ALLOW_THIS_IN_INITIALIZER_LIST(weak_ptr_factory_(this)), |
| 155 policy_fetch_pending_(false) { | 90 policy_fetch_pending_(false) { |
| 91 device_settings_service_->AddObserver(this); |
| 156 } | 92 } |
| 157 | 93 |
| 158 DevicePolicyCache::~DevicePolicyCache() { | 94 DevicePolicyCache::~DevicePolicyCache() { |
| 95 device_settings_service_->RemoveObserver(this); |
| 159 } | 96 } |
| 160 | 97 |
| 161 void DevicePolicyCache::Load() { | 98 void DevicePolicyCache::Load() { |
| 162 signed_settings_helper_->StartRetrievePolicyOp( | 99 DeviceSettingsUpdated(); |
| 163 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, | |
| 164 weak_ptr_factory_.GetWeakPtr())); | |
| 165 } | 100 } |
| 166 | 101 |
| 167 bool DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { | 102 bool DevicePolicyCache::SetPolicy(const em::PolicyFetchResponse& policy) { |
| 168 DCHECK(IsReady()); | 103 DCHECK(IsReady()); |
| 169 | 104 |
| 170 // Make sure we have an enterprise device. | 105 // Make sure we have an enterprise device. |
| 171 std::string registration_domain(install_attributes_->GetDomain()); | 106 std::string registration_domain(install_attributes_->GetDomain()); |
| 172 if (registration_domain.empty()) { | 107 if (registration_domain.empty()) { |
| 173 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; | 108 LOG(WARNING) << "Refusing to accept policy on non-enterprise device."; |
| 174 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, | 109 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, |
| (...skipping 23 matching lines...) Expand all Loading... |
| 198 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchUserMismatch, | 133 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchUserMismatch, |
| 199 kMetricPolicySize); | 134 kMetricPolicySize); |
| 200 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 135 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 201 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 136 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 202 return false; | 137 return false; |
| 203 } | 138 } |
| 204 | 139 |
| 205 set_last_policy_refresh_time(base::Time::NowFromSystemTime()); | 140 set_last_policy_refresh_time(base::Time::NowFromSystemTime()); |
| 206 | 141 |
| 207 // Start a store operation. | 142 // Start a store operation. |
| 208 StorePolicyOperation::Callback callback = | 143 policy_fetch_pending_ = true; |
| 144 device_settings_service_->Store( |
| 145 policy.SerializeAsString(), |
| 209 base::Bind(&DevicePolicyCache::PolicyStoreOpCompleted, | 146 base::Bind(&DevicePolicyCache::PolicyStoreOpCompleted, |
| 210 weak_ptr_factory_.GetWeakPtr()); | 147 weak_ptr_factory_.GetWeakPtr())); |
| 211 new StorePolicyOperation(signed_settings_helper_, policy, callback); | |
| 212 policy_fetch_pending_ = true; | |
| 213 return true; | 148 return true; |
| 214 } | 149 } |
| 215 | 150 |
| 216 void DevicePolicyCache::SetUnmanaged() { | 151 void DevicePolicyCache::SetUnmanaged() { |
| 217 LOG(WARNING) << "Tried to set DevicePolicyCache to 'unmanaged'!"; | 152 LOG(WARNING) << "Tried to set DevicePolicyCache to 'unmanaged'!"; |
| 218 // This is not supported for DevicePolicyCache. | 153 // This is not supported for DevicePolicyCache. |
| 219 } | 154 } |
| 220 | 155 |
| 221 void DevicePolicyCache::SetFetchingDone() { | 156 void DevicePolicyCache::SetFetchingDone() { |
| 222 // Don't send the notification just yet if there is a pending policy | 157 // Don't send the notification just yet if there is a pending policy |
| 223 // store/reload cycle. | 158 // store/reload cycle. |
| 224 if (!policy_fetch_pending_) | 159 if (!policy_fetch_pending_) |
| 225 CloudPolicyCacheBase::SetFetchingDone(); | 160 CloudPolicyCacheBase::SetFetchingDone(); |
| 226 } | 161 } |
| 227 | 162 |
| 228 void DevicePolicyCache::OnRetrievePolicyCompleted( | 163 void DevicePolicyCache::OwnershipStatusChanged() {} |
| 229 chromeos::SignedSettings::ReturnCode code, | 164 |
| 230 const em::PolicyFetchResponse& policy) { | 165 void DevicePolicyCache::DeviceSettingsUpdated() { |
| 231 DCHECK(CalledOnValidThread()); | 166 DCHECK(CalledOnValidThread()); |
| 167 chromeos::DeviceSettingsService::Status status = |
| 168 device_settings_service_->status(); |
| 169 const em::PolicyData* policy_data = device_settings_service_->policy_data(); |
| 170 if (status == chromeos::DeviceSettingsService::STORE_SUCCESS && |
| 171 !policy_data) { |
| 172 // Initial policy load is still pending. |
| 173 return; |
| 174 } |
| 175 |
| 232 if (!IsReady()) { | 176 if (!IsReady()) { |
| 233 std::string device_token; | 177 std::string device_token; |
| 234 InstallInitialPolicy(code, policy, &device_token); | 178 InstallInitialPolicy(status, policy_data, &device_token); |
| 235 SetTokenAndFlagReady(device_token); | 179 SetTokenAndFlagReady(device_token); |
| 236 } else { // In other words, IsReady() == true | 180 } else { // In other words, IsReady() == true |
| 237 if (code != chromeos::SignedSettings::SUCCESS) { | 181 if (status != chromeos::DeviceSettingsService::STORE_SUCCESS || |
| 238 if (code == chromeos::SignedSettings::BAD_SIGNATURE) { | 182 !policy_data) { |
| 183 if (status == chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR) { |
| 239 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, | 184 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, |
| 240 kMetricPolicySize); | 185 kMetricPolicySize); |
| 241 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 186 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 242 CloudPolicySubsystem::SIGNATURE_MISMATCH); | 187 CloudPolicySubsystem::SIGNATURE_MISMATCH); |
| 243 } else { | 188 } else { |
| 244 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, | 189 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, |
| 245 kMetricPolicySize); | 190 kMetricPolicySize); |
| 246 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 191 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 247 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 192 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 248 } | 193 } |
| 249 } else { | 194 } else { |
| 250 bool ok = SetPolicyInternal(policy, NULL, false); | 195 em::PolicyFetchResponse policy_response; |
| 196 CHECK(policy_data->SerializeToString( |
| 197 policy_response.mutable_policy_data())); |
| 198 bool ok = SetPolicyInternal(policy_response, NULL, false); |
| 251 if (ok) { | 199 if (ok) { |
| 252 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOK, | 200 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOK, |
| 253 kMetricPolicySize); | 201 kMetricPolicySize); |
| 254 } | 202 } |
| 255 } | 203 } |
| 256 } | 204 } |
| 257 CheckFetchingDone(); | |
| 258 } | 205 } |
| 259 | 206 |
| 260 bool DevicePolicyCache::DecodePolicyData(const em::PolicyData& policy_data, | 207 bool DevicePolicyCache::DecodePolicyData(const em::PolicyData& policy_data, |
| 261 PolicyMap* policies) { | 208 PolicyMap* policies) { |
| 262 em::ChromeDeviceSettingsProto policy; | 209 em::ChromeDeviceSettingsProto policy; |
| 263 if (!policy.ParseFromString(policy_data.policy_value())) { | 210 if (!policy.ParseFromString(policy_data.policy_value())) { |
| 264 LOG(WARNING) << "Failed to parse ChromeDeviceSettingsProto."; | 211 LOG(WARNING) << "Failed to parse ChromeDeviceSettingsProto."; |
| 265 return false; | 212 return false; |
| 266 } | 213 } |
| 267 DecodeDevicePolicy(policy, policies); | 214 DecodeDevicePolicy(policy, policies); |
| 268 return true; | 215 return true; |
| 269 } | 216 } |
| 270 | 217 |
| 271 void DevicePolicyCache::PolicyStoreOpCompleted( | 218 void DevicePolicyCache::PolicyStoreOpCompleted() { |
| 272 chromeos::SignedSettings::ReturnCode code) { | |
| 273 DCHECK(CalledOnValidThread()); | 219 DCHECK(CalledOnValidThread()); |
| 274 if (code != chromeos::SignedSettings::SUCCESS) { | 220 chromeos::DeviceSettingsService::Status status = |
| 221 device_settings_service_->status(); |
| 222 if (status != chromeos::DeviceSettingsService::STORE_SUCCESS) { |
| 275 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreFailed, | 223 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreFailed, |
| 276 kMetricPolicySize); | 224 kMetricPolicySize); |
| 277 if (code == chromeos::SignedSettings::BAD_SIGNATURE) { | 225 if (status == chromeos::DeviceSettingsService::STORE_VALIDATION_ERROR) { |
| 278 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, | 226 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchBadSignature, |
| 279 kMetricPolicySize); | 227 kMetricPolicySize); |
| 280 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 228 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 281 CloudPolicySubsystem::SIGNATURE_MISMATCH); | 229 CloudPolicySubsystem::SIGNATURE_MISMATCH); |
| 282 } else { | 230 } else { |
| 283 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, | 231 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyFetchOtherFailed, |
| 284 kMetricPolicySize); | 232 kMetricPolicySize); |
| 285 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 233 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 286 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 234 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 287 } | 235 } |
| 288 CheckFetchingDone(); | 236 CheckFetchingDone(); |
| 289 return; | 237 return; |
| 290 } | 238 } |
| 291 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, | 239 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyStoreSucceeded, |
| 292 kMetricPolicySize); | 240 kMetricPolicySize); |
| 293 signed_settings_helper_->StartRetrievePolicyOp( | 241 |
| 294 base::Bind(&DevicePolicyCache::OnRetrievePolicyCompleted, | 242 CheckFetchingDone(); |
| 295 weak_ptr_factory_.GetWeakPtr())); | |
| 296 } | 243 } |
| 297 | 244 |
| 298 void DevicePolicyCache::InstallInitialPolicy( | 245 void DevicePolicyCache::InstallInitialPolicy( |
| 299 chromeos::SignedSettings::ReturnCode code, | 246 chromeos::DeviceSettingsService::Status status, |
| 300 const em::PolicyFetchResponse& policy, | 247 const em::PolicyData* policy_data, |
| 301 std::string* device_token) { | 248 std::string* device_token) { |
| 302 if (code == chromeos::SignedSettings::NOT_FOUND || | 249 if (status == chromeos::DeviceSettingsService::STORE_NO_POLICY || |
| 303 code == chromeos::SignedSettings::KEY_UNAVAILABLE || | 250 status == chromeos::DeviceSettingsService::STORE_KEY_UNAVAILABLE) { |
| 304 !policy.has_policy_data()) { | |
| 305 InformNotifier(CloudPolicySubsystem::UNENROLLED, | 251 InformNotifier(CloudPolicySubsystem::UNENROLLED, |
| 306 CloudPolicySubsystem::NO_DETAILS); | 252 CloudPolicySubsystem::NO_DETAILS); |
| 307 return; | 253 return; |
| 308 } | 254 } |
| 309 em::PolicyData policy_data; | 255 if (!policy_data) { |
| 310 if (!policy_data.ParseFromString(policy.policy_data())) { | |
| 311 LOG(WARNING) << "Failed to parse PolicyData protobuf."; | 256 LOG(WARNING) << "Failed to parse PolicyData protobuf."; |
| 312 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, | 257 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, |
| 313 kMetricPolicySize); | 258 kMetricPolicySize); |
| 314 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 259 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 315 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 260 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 316 return; | 261 return; |
| 317 } | 262 } |
| 318 if (!policy_data.has_request_token() || | 263 if (!policy_data->has_request_token() || |
| 319 policy_data.request_token().empty()) { | 264 policy_data->request_token().empty()) { |
| 320 SetUnmanagedInternal(base::Time::NowFromSystemTime()); | 265 SetUnmanagedInternal(base::Time::NowFromSystemTime()); |
| 321 InformNotifier(CloudPolicySubsystem::UNMANAGED, | 266 InformNotifier(CloudPolicySubsystem::UNMANAGED, |
| 322 CloudPolicySubsystem::NO_DETAILS); | 267 CloudPolicySubsystem::NO_DETAILS); |
| 323 // TODO(jkummerow): Reminder: When we want to feed device-wide settings | 268 // TODO(jkummerow): Reminder: When we want to feed device-wide settings |
| 324 // made by a local owner into this cache, we need to call | 269 // made by a local owner into this cache, we need to call |
| 325 // SetPolicyInternal() here. | 270 // SetPolicyInternal() here. |
| 326 return; | 271 return; |
| 327 } | 272 } |
| 328 if (!policy_data.has_username() || !policy_data.has_device_id()) { | 273 if (!policy_data->has_username() || !policy_data->has_device_id()) { |
| 329 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, | 274 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadFailed, |
| 330 kMetricPolicySize); | 275 kMetricPolicySize); |
| 331 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, | 276 InformNotifier(CloudPolicySubsystem::LOCAL_ERROR, |
| 332 CloudPolicySubsystem::POLICY_LOCAL_ERROR); | 277 CloudPolicySubsystem::POLICY_LOCAL_ERROR); |
| 333 return; | 278 return; |
| 334 } | 279 } |
| 335 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadSucceeded, | 280 UMA_HISTOGRAM_ENUMERATION(kMetricPolicy, kMetricPolicyLoadSucceeded, |
| 336 kMetricPolicySize); | 281 kMetricPolicySize); |
| 337 data_store_->set_user_name(policy_data.username()); | 282 data_store_->set_user_name(policy_data->username()); |
| 338 data_store_->set_device_id(policy_data.device_id()); | 283 data_store_->set_device_id(policy_data->device_id()); |
| 339 *device_token = policy_data.request_token(); | 284 *device_token = policy_data->request_token(); |
| 340 base::Time timestamp; | 285 base::Time timestamp; |
| 341 if (SetPolicyInternal(policy, ×tamp, true)) | 286 em::PolicyFetchResponse policy_response; |
| 287 CHECK(policy_data->SerializeToString(policy_response.mutable_policy_data())); |
| 288 if (SetPolicyInternal(policy_response, ×tamp, true)) |
| 342 set_last_policy_refresh_time(timestamp); | 289 set_last_policy_refresh_time(timestamp); |
| 343 } | 290 } |
| 344 | 291 |
| 345 void DevicePolicyCache::SetTokenAndFlagReady(const std::string& device_token) { | 292 void DevicePolicyCache::SetTokenAndFlagReady(const std::string& device_token) { |
| 346 // Make sure that we only start device policy fetches once device settings are | |
| 347 // available in order to ensure the first device policy fetch uploads the | |
| 348 // configured reporting bits. | |
| 349 if (chromeos::CrosSettingsProvider::TEMPORARILY_UNTRUSTED == | |
| 350 chromeos::CrosSettings::Get()->PrepareTrustedValues( | |
| 351 base::Bind(&DevicePolicyCache::SetTokenAndFlagReady, | |
| 352 weak_ptr_factory_.GetWeakPtr(), | |
| 353 device_token))) { | |
| 354 return; | |
| 355 } | |
| 356 | |
| 357 // We need to call SetDeviceToken unconditionally to indicate the cache has | 293 // We need to call SetDeviceToken unconditionally to indicate the cache has |
| 358 // finished loading. | 294 // finished loading. |
| 359 data_store_->SetDeviceToken(device_token, true); | 295 data_store_->SetDeviceToken(device_token, true); |
| 360 SetReady(); | 296 SetReady(); |
| 361 } | 297 } |
| 362 | 298 |
| 363 void DevicePolicyCache::CheckFetchingDone() { | 299 void DevicePolicyCache::CheckFetchingDone() { |
| 364 if (policy_fetch_pending_) { | 300 if (policy_fetch_pending_) { |
| 365 CloudPolicyCacheBase::SetFetchingDone(); | 301 CloudPolicyCacheBase::SetFetchingDone(); |
| 366 policy_fetch_pending_ = false; | 302 policy_fetch_pending_ = false; |
| (...skipping 361 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 728 policies->Set(key::kSystemTimezone, | 664 policies->Set(key::kSystemTimezone, |
| 729 POLICY_LEVEL_MANDATORY, | 665 POLICY_LEVEL_MANDATORY, |
| 730 POLICY_SCOPE_MACHINE, | 666 POLICY_SCOPE_MACHINE, |
| 731 Value::CreateStringValue( | 667 Value::CreateStringValue( |
| 732 policy.system_timezone().timezone())); | 668 policy.system_timezone().timezone())); |
| 733 } | 669 } |
| 734 } | 670 } |
| 735 } | 671 } |
| 736 | 672 |
| 737 } // namespace policy | 673 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 10832035:
Switch from SignedSettings to DeviceSettingsService. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src