Chromium Code Reviews| OLD | NEW |
|---|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/browser_policy_connector.h" | 5 #include "chrome/browser/policy/browser_policy_connector.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/command_line.h" | 9 #include "base/command_line.h" |
| 10 #include "base/file_path.h" | 10 #include "base/file_path.h" |
| (...skipping 31 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 42 #elif defined(OS_MACOSX) | 42 #elif defined(OS_MACOSX) |
| 43 #include "chrome/browser/policy/policy_loader_mac.h" | 43 #include "chrome/browser/policy/policy_loader_mac.h" |
| 44 #include "chrome/browser/preferences_mac.h" | 44 #include "chrome/browser/preferences_mac.h" |
| 45 #elif defined(OS_POSIX) | 45 #elif defined(OS_POSIX) |
| 46 #include "chrome/browser/policy/config_dir_policy_loader.h" | 46 #include "chrome/browser/policy/config_dir_policy_loader.h" |
| 47 #endif | 47 #endif |
| 48 | 48 |
| 49 #if defined(OS_CHROMEOS) | 49 #if defined(OS_CHROMEOS) |
| 50 #include "base/utf_string_conversions.h" | 50 #include "base/utf_string_conversions.h" |
| 51 #include "chrome/browser/chromeos/cros/cros_library.h" | 51 #include "chrome/browser/chromeos/cros/cros_library.h" |
| 52 #include "chrome/browser/chromeos/login/user_manager.h" | 52 #include "chrome/browser/chromeos/login/user_manager.h" |
|
Joao da Silva
2012/11/21 17:06:34
nit: not used
Mattias Nissler (ping if slow)
2012/11/22 20:51:59
Done.
| |
| 53 #include "chrome/browser/chromeos/settings/cros_settings.h" | 53 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 54 #include "chrome/browser/chromeos/settings/cros_settings_provider.h" | 54 #include "chrome/browser/chromeos/settings/cros_settings_provider.h" |
| 55 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 55 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 56 #include "chrome/browser/chromeos/system/statistics_provider.h" | 56 #include "chrome/browser/chromeos/system/statistics_provider.h" |
| 57 #include "chrome/browser/chromeos/system/timezone_settings.h" | 57 #include "chrome/browser/chromeos/system/timezone_settings.h" |
| 58 #include "chrome/browser/policy/app_pack_updater.h" | 58 #include "chrome/browser/policy/app_pack_updater.h" |
| 59 #include "chrome/browser/policy/cros_user_policy_cache.h" | 59 #include "chrome/browser/policy/cros_user_policy_cache.h" |
| 60 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" | 60 #include "chrome/browser/policy/device_cloud_policy_manager_chromeos.h" |
| 61 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" | 61 #include "chrome/browser/policy/device_cloud_policy_store_chromeos.h" |
| 62 #include "chrome/browser/policy/device_policy_cache.h" | 62 #include "chrome/browser/policy/device_policy_cache.h" |
| 63 #include "chrome/browser/policy/network_configuration_updater.h" | 63 #include "chrome/browser/policy/network_configuration_updater.h" |
| 64 #include "chrome/browser/policy/user_cloud_policy_manager_chromeos.h" | |
| 65 #include "chrome/browser/policy/user_cloud_policy_store_chromeos.h" | |
| 64 #include "chromeos/dbus/dbus_thread_manager.h" | 66 #include "chromeos/dbus/dbus_thread_manager.h" |
| 65 #endif | 67 #endif |
| 66 | 68 |
| 67 using content::BrowserThread; | 69 using content::BrowserThread; |
| 68 | 70 |
| 69 namespace policy { | 71 namespace policy { |
| 70 | 72 |
| 71 namespace { | 73 namespace { |
| 72 | 74 |
| 73 // Subdirectory in the user's profile for storing user policies. | 75 // Subdirectory in the user's profile for storing user policies. |
| (...skipping 76 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 150 g_testing_provider->Shutdown(); | 152 g_testing_provider->Shutdown(); |
| 151 // Drop g_testing_provider so that tests executed with --single_process can | 153 // Drop g_testing_provider so that tests executed with --single_process can |
| 152 // call SetPolicyProviderForTesting() again. It is still owned by the test. | 154 // call SetPolicyProviderForTesting() again. It is still owned by the test. |
| 153 g_testing_provider = NULL; | 155 g_testing_provider = NULL; |
| 154 if (platform_provider_) | 156 if (platform_provider_) |
| 155 platform_provider_->Shutdown(); | 157 platform_provider_->Shutdown(); |
| 156 // The |cloud_provider_| must be shut down before destroying the cloud | 158 // The |cloud_provider_| must be shut down before destroying the cloud |
| 157 // policy subsystems, which own the caches that |cloud_provider_| uses. | 159 // policy subsystems, which own the caches that |cloud_provider_| uses. |
| 158 if (cloud_provider_) | 160 if (cloud_provider_) |
| 159 cloud_provider_->Shutdown(); | 161 cloud_provider_->Shutdown(); |
| 160 user_cloud_policy_provider_.Shutdown(); | |
| 161 | 162 |
| 162 #if defined(OS_CHROMEOS) | 163 #if defined(OS_CHROMEOS) |
| 163 // Shutdown device cloud policy. | 164 // Shutdown device cloud policy. |
| 164 if (device_cloud_policy_subsystem_) | 165 if (device_cloud_policy_subsystem_) |
| 165 device_cloud_policy_subsystem_->Shutdown(); | 166 device_cloud_policy_subsystem_->Shutdown(); |
| 166 // The AppPackUpdater may be observing the |device_cloud_policy_subsystem_|. | 167 // The AppPackUpdater may be observing the |device_cloud_policy_subsystem_|. |
| 167 // Delete it first. | 168 // Delete it first. |
| 168 app_pack_updater_.reset(); | 169 app_pack_updater_.reset(); |
| 169 device_cloud_policy_subsystem_.reset(); | 170 device_cloud_policy_subsystem_.reset(); |
| 170 device_data_store_.reset(); | 171 device_data_store_.reset(); |
| 171 | 172 |
| 172 if (device_cloud_policy_manager_) | 173 if (device_cloud_policy_manager_) |
| 173 device_cloud_policy_manager_->Shutdown(); | 174 device_cloud_policy_manager_->Shutdown(); |
| 175 if (user_cloud_policy_manager_) | |
| 176 user_cloud_policy_manager_->Shutdown(); | |
| 177 global_user_cloud_policy_provider_.Shutdown(); | |
| 174 #endif | 178 #endif |
| 175 | 179 |
| 176 // Shutdown user cloud policy. | 180 // Shutdown user cloud policy. |
| 177 if (user_cloud_policy_subsystem_) | 181 if (user_cloud_policy_subsystem_) |
| 178 user_cloud_policy_subsystem_->Shutdown(); | 182 user_cloud_policy_subsystem_->Shutdown(); |
| 179 user_cloud_policy_subsystem_.reset(); | 183 user_cloud_policy_subsystem_.reset(); |
| 180 user_policy_token_cache_.reset(); | 184 user_policy_token_cache_.reset(); |
| 181 user_data_store_.reset(); | 185 user_data_store_.reset(); |
| 182 | 186 |
| 183 device_management_service_.reset(); | 187 device_management_service_.reset(); |
| 184 } | 188 } |
| 185 | 189 |
| 186 scoped_ptr<UserCloudPolicyManager> | |
| 187 BrowserPolicyConnector::CreateCloudPolicyManager( | |
| 188 Profile* profile, | |
| 189 bool force_immediate_policy_load) { | |
| 190 scoped_ptr<UserCloudPolicyManager> manager; | |
| 191 const CommandLine* command_line = CommandLine::ForCurrentProcess(); | |
| 192 if (command_line->HasSwitch(switches::kEnableCloudPolicyService)) { | |
| 193 UserCloudPolicyManager::PolicyInit policy_init = | |
| 194 UserCloudPolicyManager::POLICY_INIT_IN_BACKGROUND; | |
| 195 #if defined(OS_CHROMEOS) | |
| 196 // TODO(mnissler): Revisit once Chrome OS gains multi-profiles support. | |
| 197 // Don't wait for a policy fetch if there's no logged in user. | |
| 198 if (chromeos::UserManager::Get()->IsUserLoggedIn()) { | |
| 199 std::string email = | |
| 200 chromeos::UserManager::Get()->GetLoggedInUser()->email(); | |
| 201 if (GetUserAffiliation(email) == USER_AFFILIATION_MANAGED) | |
| 202 policy_init = UserCloudPolicyManager::POLICY_INIT_REFRESH_FROM_SERVER; | |
| 203 } | |
| 204 #else | |
| 205 // On desktop, there's no way to figure out if a user is logged in yet | |
| 206 // because prefs are not yet initialized, and further there's no way to know | |
| 207 // if the user is managed. So this code does not request a policy refresh | |
| 208 // from the server because that would inhibit startup for non-signed-in | |
| 209 // users. This code relies on the fact that a signed-in profile should | |
| 210 // already have policy downloaded. If no policy is available | |
| 211 // (due to a previous fetch failing), the normal policy refresh mechanism | |
| 212 // will cause it to get downloaded eventually. | |
| 213 if (force_immediate_policy_load) { | |
| 214 // On desktop, profile creation on startup requires that policies get | |
| 215 // loaded immediately (the normal asynchronous policy initialization | |
| 216 // does not happen because services are initialized before the | |
| 217 // MessageLoop runs). So load policy immediately if desired. | |
| 218 policy_init = UserCloudPolicyManager::POLICY_INIT_IMMEDIATELY; | |
| 219 } | |
| 220 #endif | |
| 221 manager = UserCloudPolicyManager::Create(profile, policy_init); | |
| 222 } | |
| 223 return manager.Pass(); | |
| 224 } | |
| 225 | |
| 226 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService( | 190 scoped_ptr<PolicyService> BrowserPolicyConnector::CreatePolicyService( |
| 227 Profile* profile) { | 191 Profile* profile) { |
| 228 DCHECK(profile); | 192 DCHECK(profile); |
| 229 return CreatePolicyServiceWithProviders( | 193 return CreatePolicyServiceWithProviders( |
| 230 profile->GetUserCloudPolicyManager(), | 194 profile->GetUserCloudPolicyManager(), |
| 231 profile->GetManagedModePolicyProvider()); | 195 profile->GetManagedModePolicyProvider()); |
| 232 } | 196 } |
| 233 | 197 |
| 234 PolicyService* BrowserPolicyConnector::GetPolicyService() { | 198 PolicyService* BrowserPolicyConnector::GetPolicyService() { |
| 235 if (!policy_service_) { | 199 if (!policy_service_) |
| 236 policy_service_ = | 200 policy_service_ = CreatePolicyServiceWithProviders(NULL, NULL); |
| 237 CreatePolicyServiceWithProviders(&user_cloud_policy_provider_, NULL); | |
| 238 } | |
| 239 return policy_service_.get(); | 201 return policy_service_.get(); |
| 240 } | 202 } |
| 241 | 203 |
| 242 void BrowserPolicyConnector::RegisterForDevicePolicy( | 204 void BrowserPolicyConnector::RegisterForDevicePolicy( |
| 243 const std::string& owner_email, | 205 const std::string& owner_email, |
| 244 const std::string& token, | 206 const std::string& token, |
| 245 bool known_machine_id, | 207 bool known_machine_id, |
| 246 bool reregister) { | 208 bool reregister) { |
| 247 #if defined(OS_CHROMEOS) | 209 #if defined(OS_CHROMEOS) |
| 248 if (device_data_store_.get()) { | 210 if (device_data_store_.get()) { |
| (...skipping 90 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 339 | 301 |
| 340 void BrowserPolicyConnector::InitializeUserPolicy( | 302 void BrowserPolicyConnector::InitializeUserPolicy( |
| 341 const std::string& user_name, | 303 const std::string& user_name, |
| 342 bool wait_for_policy_fetch) { | 304 bool wait_for_policy_fetch) { |
| 343 #if defined(OS_CHROMEOS) | 305 #if defined(OS_CHROMEOS) |
| 344 // If the user is managed then importing certificates from ONC policy is | 306 // If the user is managed then importing certificates from ONC policy is |
| 345 // allowed, otherwise it's not. Update this flag once the user has signed in, | 307 // allowed, otherwise it's not. Update this flag once the user has signed in, |
| 346 // and before user policy is loaded. | 308 // and before user policy is loaded. |
| 347 GetNetworkConfigurationUpdater()->set_allow_web_trust( | 309 GetNetworkConfigurationUpdater()->set_allow_web_trust( |
| 348 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED); | 310 GetUserAffiliation(user_name) == USER_AFFILIATION_MANAGED); |
| 311 | |
| 312 if (user_cloud_policy_manager_.get()) { | |
| 313 global_user_cloud_policy_provider_.SetDelegate(NULL); | |
| 314 user_cloud_policy_manager_->Shutdown(); | |
| 315 user_cloud_policy_manager_.reset(); | |
| 316 } | |
| 349 #endif | 317 #endif |
| 350 | 318 |
| 351 // Throw away the old backend. | 319 // Throw away the old backend. |
| 352 user_cloud_policy_subsystem_.reset(); | 320 user_cloud_policy_subsystem_.reset(); |
| 353 user_policy_token_cache_.reset(); | 321 user_policy_token_cache_.reset(); |
| 354 user_data_store_.reset(); | 322 user_data_store_.reset(); |
| 355 token_service_ = NULL; | 323 token_service_ = NULL; |
| 356 registrar_.RemoveAll(); | 324 registrar_.RemoveAll(); |
| 357 | 325 |
| 358 CommandLine* command_line = CommandLine::ForCurrentProcess(); | 326 CommandLine* command_line = CommandLine::ForCurrentProcess(); |
| 359 | 327 |
| 360 int64 startup_delay = | 328 int64 startup_delay = |
| 361 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay; | 329 wait_for_policy_fetch ? 0 : kServiceInitializationStartupDelay; |
| 362 | 330 |
| 363 if (!command_line->HasSwitch(switches::kEnableCloudPolicyService)) { | 331 FilePath profile_dir; |
| 364 FilePath profile_dir; | 332 PathService::Get(chrome::DIR_USER_DATA, &profile_dir); |
| 365 PathService::Get(chrome::DIR_USER_DATA, &profile_dir); | |
| 366 #if defined(OS_CHROMEOS) | 333 #if defined(OS_CHROMEOS) |
| 367 profile_dir = profile_dir.Append( | 334 profile_dir = profile_dir.Append( |
| 368 command_line->GetSwitchValuePath(switches::kLoginProfile)); | 335 command_line->GetSwitchValuePath(switches::kLoginProfile)); |
| 369 #endif | 336 #endif |
| 370 const FilePath policy_dir = profile_dir.Append(kPolicyDir); | 337 const FilePath policy_dir = profile_dir.Append(kPolicyDir); |
| 371 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile); | 338 const FilePath policy_cache_file = policy_dir.Append(kPolicyCacheFile); |
| 372 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile); | 339 const FilePath token_cache_file = policy_dir.Append(kTokenCacheFile); |
| 340 | |
| 341 if (command_line->HasSwitch(switches::kEnableCloudPolicyService)) { | |
| 342 #if defined(OS_CHROMEOS) | |
| 343 scoped_ptr<CloudPolicyStore> store( | |
| 344 new UserCloudPolicyStoreChromeOS( | |
| 345 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), | |
| 346 policy_cache_file, token_cache_file)); | |
| 347 user_cloud_policy_manager_.reset( | |
| 348 new UserCloudPolicyManagerChromeOS(store.Pass(), | |
| 349 wait_for_policy_fetch)); | |
| 350 user_cloud_policy_manager_->Init(); | |
| 351 user_cloud_policy_manager_->Initialize(g_browser_process->local_state(), | |
| 352 device_management_service_.get(), | |
| 353 GetUserAffiliation(user_name)); | |
| 354 global_user_cloud_policy_provider_.SetDelegate( | |
| 355 user_cloud_policy_manager_.get()); | |
| 356 #endif | |
| 357 } else { | |
| 373 CloudPolicyCacheBase* user_policy_cache = NULL; | 358 CloudPolicyCacheBase* user_policy_cache = NULL; |
| 374 | 359 |
| 375 user_data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies()); | 360 user_data_store_.reset(CloudPolicyDataStore::CreateForUserPolicies()); |
| 376 #if defined(OS_CHROMEOS) | 361 #if defined(OS_CHROMEOS) |
| 377 user_policy_cache = | 362 user_policy_cache = |
| 378 new CrosUserPolicyCache( | 363 new CrosUserPolicyCache( |
| 379 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), | 364 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), |
| 380 user_data_store_.get(), | 365 user_data_store_.get(), |
| 381 wait_for_policy_fetch, | 366 wait_for_policy_fetch, |
| 382 token_cache_file, | 367 token_cache_file, |
| (...skipping 175 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 558 #endif | 543 #endif |
| 559 } | 544 } |
| 560 | 545 |
| 561 void BrowserPolicyConnector::CompleteInitialization() { | 546 void BrowserPolicyConnector::CompleteInitialization() { |
| 562 if (g_testing_provider) | 547 if (g_testing_provider) |
| 563 g_testing_provider->Init(); | 548 g_testing_provider->Init(); |
| 564 if (platform_provider_) | 549 if (platform_provider_) |
| 565 platform_provider_->Init(); | 550 platform_provider_->Init(); |
| 566 if (cloud_provider_) | 551 if (cloud_provider_) |
| 567 cloud_provider_->Init(); | 552 cloud_provider_->Init(); |
| 568 user_cloud_policy_provider_.Init(); | |
| 569 | 553 |
| 570 #if defined(OS_CHROMEOS) | 554 #if defined(OS_CHROMEOS) |
| 571 | 555 |
|
Joao da Silva
2012/11/21 17:06:34
global_user_cloud_policy_provider_.Init()
Mattias Nissler (ping if slow)
2012/11/22 20:51:59
Done, good catch.
| |
| 572 // Create the AppPackUpdater to start updating the cache. It requires the | 556 // Create the AppPackUpdater to start updating the cache. It requires the |
| 573 // system request context, which isn't available in Init(); therefore it is | 557 // system request context, which isn't available in Init(); therefore it is |
| 574 // created only once the loops are running. | 558 // created only once the loops are running. |
| 575 GetAppPackUpdater(); | 559 GetAppPackUpdater(); |
| 576 | 560 |
| 577 if (device_cloud_policy_subsystem_.get()) { | 561 if (device_cloud_policy_subsystem_.get()) { |
| 578 // Read serial number and machine model. This must be done before we call | 562 // Read serial number and machine model. This must be done before we call |
| 579 // CompleteInitialization() below such that the serial number is available | 563 // CompleteInitialization() below such that the serial number is available |
| 580 // for re-submission in case we're doing serial number recovery. | 564 // for re-submission in case we're doing serial number recovery. |
| 581 if (device_data_store_->machine_id().empty() || | 565 if (device_data_store_->machine_id().empty() || |
| (...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 647 if (g_testing_provider) | 631 if (g_testing_provider) |
| 648 providers.push_back(g_testing_provider); | 632 providers.push_back(g_testing_provider); |
| 649 if (platform_provider_) | 633 if (platform_provider_) |
| 650 providers.push_back(platform_provider_.get()); | 634 providers.push_back(platform_provider_.get()); |
| 651 if (cloud_provider_) | 635 if (cloud_provider_) |
| 652 providers.push_back(cloud_provider_.get()); | 636 providers.push_back(cloud_provider_.get()); |
| 653 | 637 |
| 654 #if defined(OS_CHROMEOS) | 638 #if defined(OS_CHROMEOS) |
| 655 if (device_cloud_policy_manager_.get()) | 639 if (device_cloud_policy_manager_.get()) |
| 656 providers.push_back(device_cloud_policy_manager_.get()); | 640 providers.push_back(device_cloud_policy_manager_.get()); |
| 641 if (!user_cloud_policy_provider) | |
| 642 user_cloud_policy_provider = &global_user_cloud_policy_provider_; | |
| 657 #endif | 643 #endif |
| 658 | 644 |
| 659 if (user_cloud_policy_provider) | 645 if (user_cloud_policy_provider) |
| 660 providers.push_back(user_cloud_policy_provider); | 646 providers.push_back(user_cloud_policy_provider); |
| 661 if (managed_mode_policy_provider) | 647 if (managed_mode_policy_provider) |
| 662 providers.push_back(managed_mode_policy_provider); | 648 providers.push_back(managed_mode_policy_provider); |
| 663 | 649 |
| 664 return scoped_ptr<PolicyService>(new PolicyServiceImpl(providers)); | 650 return scoped_ptr<PolicyService>(new PolicyServiceImpl(providers)); |
| 665 } | 651 } |
| 666 | 652 |
| (...skipping 16 matching lines...) Expand all Loading... | |
| 683 return new AsyncPolicyProvider(loader.Pass()); | 669 return new AsyncPolicyProvider(loader.Pass()); |
| 684 } else { | 670 } else { |
| 685 return NULL; | 671 return NULL; |
| 686 } | 672 } |
| 687 #else | 673 #else |
| 688 return NULL; | 674 return NULL; |
| 689 #endif | 675 #endif |
| 690 } | 676 } |
| 691 | 677 |
| 692 } // namespace policy | 678 } // namespace policy |
| OLD | NEW |