chrome/browser/policy/browser_policy_connector.cc - Issue 11415094: Split UserCloudPolicyManager implementation.

Side by Side Diff: chrome/browser/policy/browser_policy_connector.cc

Issue 11415094: Split UserCloudPolicyManager implementation. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebae Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« no previous file with comments | « chrome/browser/policy/browser_policy_connector.h ('k') | chrome/browser/policy/cloud_policy_browsertest.cc » ('j') | chrome/browser/policy/cloud_policy_manager.h » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/policy/browser_policy_connector.h"	5 #include "chrome/browser/policy/browser_policy_connector.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/bind_helpers.h"	8 #include "base/bind_helpers.h"

9 #include "base/command_line.h"	9 #include "base/command_line.h"

10 #include "base/file_path.h"	10 #include "base/file_path.h"

11 #include "base/message_loop.h"	11 #include "base/message_loop.h"

12 #include "base/path_service.h"	12 #include "base/path_service.h"

13 #include "chrome/browser/browser_process.h"	13 #include "chrome/browser/browser_process.h"

14 #include "chrome/browser/policy/async_policy_provider.h"	14 #include "chrome/browser/policy/async_policy_provider.h"

15 #include "chrome/browser/policy/cloud_policy_client.h"	15 #include "chrome/browser/policy/cloud_policy_client.h"

16 #include "chrome/browser/policy/cloud_policy_provider.h"	16 #include "chrome/browser/policy/cloud_policy_provider.h"

17 #include "chrome/browser/policy/cloud_policy_service.h"	17 #include "chrome/browser/policy/cloud_policy_service.h"

18 #include "chrome/browser/policy/cloud_policy_subsystem.h"	18 #include "chrome/browser/policy/cloud_policy_subsystem.h"

19 #include "chrome/browser/policy/configuration_policy_provider.h"	19 #include "chrome/browser/policy/configuration_policy_provider.h"

20 #include "chrome/browser/policy/device_management_service.h"	20 #include "chrome/browser/policy/device_management_service.h"

21 #include "chrome/browser/policy/managed_mode_policy_provider.h"	21 #include "chrome/browser/policy/managed_mode_policy_provider.h"

22 #include "chrome/browser/policy/policy_service_impl.h"	22 #include "chrome/browser/policy/policy_service_impl.h"

23 #include "chrome/browser/policy/policy_statistics_collector.h"	23 #include "chrome/browser/policy/policy_statistics_collector.h"

24 #include "chrome/browser/policy/user_cloud_policy_manager.h"

25 #include "chrome/browser/policy/user_policy_cache.h"	24 #include "chrome/browser/policy/user_policy_cache.h"

26 #include "chrome/browser/policy/user_policy_token_cache.h"	25 #include "chrome/browser/policy/user_policy_token_cache.h"

27 #include "chrome/browser/profiles/profile.h"	26 #include "chrome/browser/profiles/profile.h"

28 #include "chrome/browser/signin/token_service.h"	27 #include "chrome/browser/signin/token_service.h"

29 #include "chrome/common/chrome_notification_types.h"	28 #include "chrome/common/chrome_notification_types.h"

30 #include "chrome/common/chrome_paths.h"	29 #include "chrome/common/chrome_paths.h"

31 #include "chrome/common/chrome_switches.h"	30 #include "chrome/common/chrome_switches.h"

32 #include "chrome/common/pref_names.h"	31 #include "chrome/common/pref_names.h"

33 #include "content/public/browser/notification_details.h"	32 #include "content/public/browser/notification_details.h"

34 #include "content/public/browser/notification_source.h"	33 #include "content/public/browser/notification_source.h"

(...skipping 20 matching lines...) Expand all Loading...
55 #include "chrome/browser/chromeos/settings/device_settings_service.h"	54 #include "chrome/browser/chromeos/settings/device_settings_service.h"

56 #include "chrome/browser/chromeos/system/statistics_provider.h"	55 #include "chrome/browser/chromeos/system/statistics_provider.h"

57 #include "chrome/browser/chromeos/system/timezone_settings.h"	56 #include "chrome/browser/chromeos/system/timezone_settings.h"

58 #include "chrome/browser/policy/app_pack_updater.h"	57 #include "chrome/browser/policy/app_pack_updater.h"

59 #include "chrome/browser/policy/cros_user_policy_cache.h"	58 #include "chrome/browser/policy/cros_user_policy_cache.h"

60 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h"	59 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h"

61 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h"	60 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h"

62 #include "chrome/browser/policy/device_local_account_policy_service.h"	61 #include "chrome/browser/policy/device_local_account_policy_service.h"

63 #include "chrome/browser/policy/device_policy_cache.h"	62 #include "chrome/browser/policy/device_policy_cache.h"

64 #include "chrome/browser/policy/network_configuration_updater.h"	63 #include "chrome/browser/policy/network_configuration_updater.h"

	64 #include "chrome/browser/policy/user_cloud_policy_manager_chromeos.h"

	65 #include "chrome/browser/policy/user_cloud_policy_store_chromeos.h"

65 #include "chromeos/dbus/dbus_thread_manager.h"	66 #include "chromeos/dbus/dbus_thread_manager.h"

	67 #else

	68 #include "chrome/browser/policy/user_cloud_policy_manager.h"

	69 #include "chrome/browser/policy/user_cloud_policy_manager_factory.h"

66 #endif	70 #endif

67	71

68 using content::BrowserThread;	72 using content::BrowserThread;

69	73

70 namespace policy {	74 namespace policy {

71	75

72 namespace {	76 namespace {

73	77

74 // Subdirectory in the user's profile for storing user policies.	78 // Subdirectory in the user's profile for storing user policies.

75 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management");	79 const FilePath::CharType kPolicyDir[] = FILE_PATH_LITERAL("Device Management");

(...skipping 79 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
155 g_testing_provider->Shutdown();	159 g_testing_provider->Shutdown();

156 // Drop g_testing_provider so that tests executed with --single_process can	160 // Drop g_testing_provider so that tests executed with --single_process can

157 // call SetPolicyProviderForTesting() again. It is still owned by the test.	161 // call SetPolicyProviderForTesting() again. It is still owned by the test.

158 g_testing_provider = NULL;	162 g_testing_provider = NULL;

159 if (platform_provider_)	163 if (platform_provider_)

160 platform_provider_->Shutdown();	164 platform_provider_->Shutdown();

161 // The \|cloud_provider_\| must be shut down before destroying the cloud	165 // The \|cloud_provider_\| must be shut down before destroying the cloud

162 // policy subsystems, which own the caches that \|cloud_provider_\| uses.	166 // policy subsystems, which own the caches that \|cloud_provider_\| uses.

163 if (cloud_provider_)	167 if (cloud_provider_)

164 cloud_provider_->Shutdown();	168 cloud_provider_->Shutdown();

165 user_cloud_policy_provider_.Shutdown();

166	169

167 #if defined(OS_CHROMEOS)	170 #if defined(OS_CHROMEOS)

168 // Shutdown device cloud policy.	171 // Shutdown device cloud policy.

169 if (device_cloud_policy_subsystem_)	172 if (device_cloud_policy_subsystem_)

170 device_cloud_policy_subsystem_->Shutdown();	173 device_cloud_policy_subsystem_->Shutdown();

171 // The AppPackUpdater may be observing the \|device_cloud_policy_subsystem_\|.	174 // The AppPackUpdater may be observing the \|device_cloud_policy_subsystem_\|.

172 // Delete it first.	175 // Delete it first.

173 app_pack_updater_.reset();	176 app_pack_updater_.reset();

174 device_cloud_policy_subsystem_.reset();	177 device_cloud_policy_subsystem_.reset();

175 device_data_store_.reset();	178 device_data_store_.reset();

176	179

177 if (device_cloud_policy_manager_)	180 if (device_cloud_policy_manager_)

178 device_cloud_policy_manager_->Shutdown();	181 device_cloud_policy_manager_->Shutdown();

179 if (device_local_account_policy_service_)	182 if (device_local_account_policy_service_)

180 device_local_account_policy_service_->Shutdown();	183 device_local_account_policy_service_->Shutdown();

	184 if (user_cloud_policy_manager_)

	185 user_cloud_policy_manager_->Shutdown();

	186 global_user_cloud_policy_provider_.Shutdown();

181 #endif	187 #endif

182	188

183 // Shutdown user cloud policy.	189 // Shutdown user cloud policy.

184 if (user_cloud_policy_subsystem_)	190 if (user_cloud_policy_subsystem_)

185 user_cloud_policy_subsystem_->Shutdown();	191 user_cloud_policy_subsystem_->Shutdown();

186 user_cloud_policy_subsystem_.reset();	192 user_cloud_policy_subsystem_.reset();

187 user_policy_token_cache_.reset();	193 user_policy_token_cache_.reset();

188 user_data_store_.reset();	194 user_data_store_.reset();

189	195

190 device_management_service_.reset();	196 device_management_service_.reset();

191 }	197 }

192	198

193 scoped_ptr<UserCloudPolicyManager>

194 BrowserPolicyConnector::CreateCloudPolicyManager(

195 Profile* profile,

196 bool force_immediate_policy_load) {

197 scoped_ptr<UserCloudPolicyManager> manager;

198 const CommandLine* command_line = CommandLine::ForCurrentProcess();

199 if (command_line->HasSwitch(switches::kEnableCloudPolicyService)) {

200 UserCloudPolicyManager::PolicyInit policy_init =

201 UserCloudPolicyManager::POLICY_INIT_IN_BACKGROUND;

202 #if defined(OS_CHROMEOS)

203 // TODO(mnissler): Revisit once Chrome OS gains multi-profiles support.

204 // Don't wait for a policy fetch if there's no logged in user.

205 if (chromeos::UserManager::Get()->IsUserLoggedIn()) {

206 std::string email =

207 chromeos::UserManager::Get()->GetLoggedInUser()->email();

208 if (GetUserAffiliation(email) == USER_AFFILIATION_MANAGED)

209 policy_init = UserCloudPolicyManager::POLICY_INIT_REFRESH_FROM_SERVER;

210 }

211 #else

212 // On desktop, there's no way to figure out if a user is logged in yet

213 // because prefs are not yet initialized, and further there's no way to know

214 // if the user is managed. So this code does not request a policy refresh

215 // from the server because that would inhibit startup for non-signed-in

216 // users. This code relies on the fact that a signed-in profile should

217 // already have policy downloaded. If no policy is available

218 // (due to a previous fetch failing), the normal policy refresh mechanism

219 // will cause it to get downloaded eventually.

220 if (force_immediate_policy_load) {

221 // On desktop, profile creation on startup requires that policies get

222 // loaded immediately (the normal asynchronous policy initialization

223 // does not happen because services are initialized before the

224 // MessageLoop runs). So load policy immediately if desired.

225 policy_init = UserCloudPolicyManager::POLICY_INIT_IMMEDIATELY;

226 }

227 #endif

228 manager = UserCloudPolicyManager::Create(profile, policy_init);

229 }

230 return manager.Pass();

231 }

232

233 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService(	199 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService(

234 Profile* profile) {	200 Profile* profile) {

235 DCHECK(profile);	201 DCHECK(profile);

	202 ConfigurationPolicyProvider* user_cloud_policy_provider = NULL;

	203 #if !defined(OS_CHROMEOS)

	204 user_cloud_policy_provider =

	205 UserCloudPolicyManagerFactory::GetForProfile(profile);

	206 #endif

236 return CreatePolicyServiceWithProviders(	207 return CreatePolicyServiceWithProviders(

237 profile->GetUserCloudPolicyManager(),	208 user_cloud_policy_provider,
	Andrew T Wilson (Slow) 2012/11/23 15:04:20 Just out of curiosity, why are we making UCPM PKS- Just out of curiosity, why are we making UCPM PKS-based, but not ManagedModePolicyProvider? Do we think that's the next step? Mattias Nissler (ping if slow) 2012/11/23 17:36:06 That'd indeed be the right thing to do. Then again Show quoted text On 2012/11/23 15:04:20, Andrew T Wilson wrote: > Just out of curiosity, why are we making UCPM PKS-based, but not > ManagedModePolicyProvider? Do we think that's the next step? That'd indeed be the right thing to do. Then again, this is mostly proof-of-concept right now: - I need to run this by Profile people to see whether they're OK - Converting ManagedModePolicyProvider should probably be done in a separate CL - ManagedModePolicyProvider exists on all platforms, so the trigger for my PKS change (#ifdef hell) doesn't apply.
238 profile->GetManagedModePolicyProvider());	209 profile->GetManagedModePolicyProvider());

239 }	210 }

240	211

241 PolicyService* BrowserPolicyConnector::GetPolicyService() {	212 PolicyService* BrowserPolicyConnector::GetPolicyService() {

242 if (!policy_service_) {	213 if (!policy_service_)

243 policy_service_ =	214 policy_service_ = CreatePolicyServiceWithProviders(NULL, NULL);

244 CreatePolicyServiceWithProviders(&user_cloud_policy_provider_, NULL);

245 }

246 return policy_service_.get();	215 return policy_service_.get();

247 }	216 }

248	217

249 void BrowserPolicyConnector::RegisterForDevicePolicy(	218 void BrowserPolicyConnector::RegisterForDevicePolicy(

250 const std::string& owner_email,	219 const std::string& owner_email,

251 const std::string& token,	220 const std::string& token,

252 bool known_machine_id,	221 bool known_machine_id,

253 bool reregister) {	222 bool reregister) {

254 #if defined(OS_CHROMEOS)	223 #if defined(OS_CHROMEOS)

255 if (device_data_store_.get()) {	224 if (device_data_store_.get()) {

(...skipping 90 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
346	315

347 void BrowserPolicyConnector::InitializeUserPolicy(	316 void BrowserPolicyConnector::InitializeUserPolicy(

348 const std::string& user_name,	317 const std::string& user_name,

349 bool wait_for_policy_fetch) {	318 bool wait_for_policy_fetch) {

350 #if defined(OS_CHROMEOS)	319 #if defined(OS_CHROMEOS)

351 // If the user is managed then importing certificates from ONC policy is	320 // If the user is managed then importing certificates from ONC policy is

352 // allowed, otherwise it's not. Update this flag once the user has signed in,	321 // allowed, otherwise it's not. Update this flag once the user has signed in,

353 // and before user policy is loaded.	322 // and before user policy is loaded.

354 GetNetworkConfigurationUpdater()->set_allow_web_trust(	323 GetNetworkConfigurationUpdater()->set_allow_web_trust(

355 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED);	324 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED);

	325

	326 if (user_cloud_policy_manager_.get()) {

	327 global_user_cloud_policy_provider_.SetDelegate(NULL);

	328 user_cloud_policy_manager_->Shutdown();

	329 user_cloud_policy_manager_.reset();

	330 }

356 #endif	331 #endif

357	332

358 // Throw away the old backend.	333 // Throw away the old backend.

359 user_cloud_policy_subsystem_.reset();	334 user_cloud_policy_subsystem_.reset();

360 user_policy_token_cache_.reset();	335 user_policy_token_cache_.reset();

361 user_data_store_.reset();	336 user_data_store_.reset();

362 token_service_ = NULL;	337 token_service_ = NULL;

363 registrar_.RemoveAll();	338 registrar_.RemoveAll();

364	339

365 CommandLine* command_line = CommandLine::ForCurrentProcess();	340 CommandLine* command_line = CommandLine::ForCurrentProcess();

366	341

367 int64 startup_delay =	342 int64 startup_delay =

368 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay;	343 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay;

369	344

370 if (!command_line->HasSwitch(switches::kEnableCloudPolicyService)) {	345 FilePath profile_dir;

371 FilePath profile_dir;	346 PathService::Get(chrome::DIR_USER_DATA, &profile_dir);

372 PathService::Get(chrome::DIR_USER_DATA, &profile_dir);

373 #if defined(OS_CHROMEOS)	347 #if defined(OS_CHROMEOS)

374 profile_dir = profile_dir.Append(	348 profile_dir = profile_dir.Append(

375 command_line->GetSwitchValuePath(switches::kLoginProfile));	349 command_line->GetSwitchValuePath(switches::kLoginProfile));

376 #endif	350 #endif

377 const FilePath policy_dir = profile_dir.Append(kPolicyDir);	351 const FilePath policy_dir = profile_dir.Append(kPolicyDir);

378 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile);	352 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile);

379 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile);	353 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile);

	354

	355 if (command_line->HasSwitch(switches::kEnableCloudPolicyService)) {

	356 #if defined(OS_CHROMEOS)

	357 scoped_ptr<CloudPolicyStore> store(

	358 new UserCloudPolicyStoreChromeOS(

	359 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),

	360 policy_cache_file, token_cache_file));

	361 user_cloud_policy_manager_.reset(

	362 new UserCloudPolicyManagerChromeOS(store.Pass(),

	363 wait_for_policy_fetch));

	364 user_cloud_policy_manager_->Init();

	365 user_cloud_policy_manager_->Initialize(g_browser_process->local_state(),

	366 device_management_service_.get(),

	367 GetUserAffiliation(user_name));

	368 global_user_cloud_policy_provider_.SetDelegate(

	369 user_cloud_policy_manager_.get());

	370 #endif

	371 } else {

380 CloudPolicyCacheBase* user_policy_cache = NULL;	372 CloudPolicyCacheBase* user_policy_cache = NULL;

381	373

382 user_data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies());	374 user_data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies());

383 #if defined(OS_CHROMEOS)	375 #if defined(OS_CHROMEOS)

384 user_policy_cache =	376 user_policy_cache =

385 new CrosUserPolicyCache(	377 new CrosUserPolicyCache(

386 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),	378 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(),

387 user_data_store_.get(),	379 user_data_store_.get(),

388 wait_for_policy_fetch,	380 wait_for_policy_fetch,

389 token_cache_file,	381 token_cache_file,

(...skipping 175 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
565 #endif	557 #endif

566 }	558 }

567	559

568 void BrowserPolicyConnector::CompleteInitialization() {	560 void BrowserPolicyConnector::CompleteInitialization() {

569 if (g_testing_provider)	561 if (g_testing_provider)

570 g_testing_provider->Init();	562 g_testing_provider->Init();

571 if (platform_provider_)	563 if (platform_provider_)

572 platform_provider_->Init();	564 platform_provider_->Init();

573 if (cloud_provider_)	565 if (cloud_provider_)

574 cloud_provider_->Init();	566 cloud_provider_->Init();

575 user_cloud_policy_provider_.Init();

576	567

577 #if defined(OS_CHROMEOS)	568 #if defined(OS_CHROMEOS)

	569 global_user_cloud_policy_provider_.Init();

578	570

579 // Create the AppPackUpdater to start updating the cache. It requires the	571 // Create the AppPackUpdater to start updating the cache. It requires the

580 // system request context, which isn't available in Init(); therefore it is	572 // system request context, which isn't available in Init(); therefore it is

581 // created only once the loops are running.	573 // created only once the loops are running.

582 GetAppPackUpdater();	574 GetAppPackUpdater();

583	575

584 if (device_cloud_policy_subsystem_.get()) {	576 if (device_cloud_policy_subsystem_.get()) {

585 // Read serial number and machine model. This must be done before we call	577 // Read serial number and machine model. This must be done before we call

586 // CompleteInitialization() below such that the serial number is available	578 // CompleteInitialization() below such that the serial number is available

587 // for re-submission in case we're doing serial number recovery.	579 // for re-submission in case we're doing serial number recovery.

(...skipping 71 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
659 if (g_testing_provider)	651 if (g_testing_provider)

660 providers.push_back(g_testing_provider);	652 providers.push_back(g_testing_provider);

661 if (platform_provider_)	653 if (platform_provider_)

662 providers.push_back(platform_provider_.get());	654 providers.push_back(platform_provider_.get());

663 if (cloud_provider_)	655 if (cloud_provider_)

664 providers.push_back(cloud_provider_.get());	656 providers.push_back(cloud_provider_.get());

665	657

666 #if defined(OS_CHROMEOS)	658 #if defined(OS_CHROMEOS)

667 if (device_cloud_policy_manager_.get())	659 if (device_cloud_policy_manager_.get())

668 providers.push_back(device_cloud_policy_manager_.get());	660 providers.push_back(device_cloud_policy_manager_.get());

	661 if (!user_cloud_policy_provider)

	662 user_cloud_policy_provider = &global_user_cloud_policy_provider_;

669 #endif	663 #endif

670	664

671 if (user_cloud_policy_provider)	665 if (user_cloud_policy_provider)

672 providers.push_back(user_cloud_policy_provider);	666 providers.push_back(user_cloud_policy_provider);

673 if (managed_mode_policy_provider)	667 if (managed_mode_policy_provider)

674 providers.push_back(managed_mode_policy_provider);	668 providers.push_back(managed_mode_policy_provider);

675	669

676 return scoped_ptr<PolicyService>(new PolicyServiceImpl(providers));	670 return scoped_ptr<PolicyService>(new PolicyServiceImpl(providers));

677 }	671 }

678	672

(...skipping 16 matching lines...) Expand all Loading...
695 return new AsyncPolicyProvider(loader.Pass());	689 return new AsyncPolicyProvider(loader.Pass());

696 } else {	690 } else {

697 return NULL;	691 return NULL;

698 }	692 }

699 #else	693 #else

700 return NULL;	694 return NULL;

701 #endif	695 #endif

702 }	696 }

703	697

704 } // namespace policy	698 } // namespace policy

OLD	NEW