chrome/browser/policy/configuration_policy_handler_chromeos.cc - Issue 11415148: Adding error handling to ONC validation.

Side by Side Diff: chrome/browser/policy/configuration_policy_handler_chromeos.cc

Issue 11415148: Adding error handling to ONC validation. (Closed) Base URL: http://git.chromium.org/chromium/src.git@extract_onc_certificate

Patch Set: Initial patch. Created 8 years ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « chrome/browser/chromeos/network_settings/onc_validator_unittest.cc ('k') | chrome/browser/policy/network_configuration_updater.h » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/policy/configuration_policy_handler_chromeos.h"	5 #include "chrome/browser/policy/configuration_policy_handler_chromeos.h"

6	6

7 #include <string>	7 #include <string>

8	8

9 #include "base/json/json_reader.h"	9 #include "base/json/json_reader.h"

10 #include "base/json/json_writer.h"	10 #include "base/json/json_writer.h"

(...skipping 35 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
46 if (!CheckAndGetValue(policies, errors, &value))	46 if (!CheckAndGetValue(policies, errors, &value))

47 return false;	47 return false;

48	48

49 if (value) {	49 if (value) {

50 std::string onc_blob;	50 std::string onc_blob;

51 value->GetAsString(&onc_blob);	51 value->GetAsString(&onc_blob);

52 std::string json_error;	52 std::string json_error;

53 scoped_ptr<base::DictionaryValue> root_dict =	53 scoped_ptr<base::DictionaryValue> root_dict =

54 onc::ReadDictionaryFromJson(onc_blob, &json_error);	54 onc::ReadDictionaryFromJson(onc_blob, &json_error);

55 if (root_dict.get() == NULL) {	55 if (root_dict.get() == NULL) {

56 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_ERROR,	56 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_FAILED,

57 json_error);	57 json_error);

58 return false;	58 return false;

59 }	59 }

60	60

61 // Validate the ONC dictionary. We are liberal and ignore unknown field	61 // Validate the ONC dictionary. We are liberal and ignore unknown field

62 // names and ignore invalid field names in kRecommended arrays.	62 // names and ignore invalid field names in kRecommended arrays.

63 onc::Validator validator(false, // Ignore unknown fields.	63 onc::Validator validator(false, // Ignore unknown fields.

64 false, // Ignore invalid recommended field names.	64 false, // Ignore invalid recommended field names.

65 true, // Fail on missing fields.	65 true, // Fail on missing fields.

66 true); // Validate for managed ONC	66 true); // Validate for managed ONC

67	67

68 // ONC policies are always unencrypted.	68 // ONC policies are always unencrypted.

	69 std::string messages;

69 root_dict = validator.ValidateAndRepairObject(	70 root_dict = validator.ValidateAndRepairObject(

70 &onc::kUnencryptedConfigurationSignature,	71 &onc::kToplevelConfigurationSignature, *root_dict, &messages);

71 *root_dict);	72 if (!messages.empty()) {

	73 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_ERROR,

	74 messages);
	Mattias Nissler (ping if slow) 2012/11/29 12:49:24 It seems weird that instead of adding individual e It seems weird that instead of adding individual errors here, you instead add just one error that holds the concatenation of all the errors you encountered. Have you considered using something like PolicyErrorMap for gathering and returning errors during parsing/validation? pneubeck (no reviews) 2012/11/29 12:58:02 What for? I could imagine, that having a list of e Show quoted text On 2012/11/29 12:49:24, Mattias Nissler wrote: > It seems weird that instead of adding individual errors here, you instead add > just one error that holds the concatenation of all the errors you encountered. > > Have you considered using something like PolicyErrorMap for gathering and > returning errors during parsing/validation? What for? I could imagine, that having a list of errors (sth. like vector<string>) would help layouting of the message. However, the win seems minimal compared to having linebreaks between the errors. Mattias Nissler (ping if slow) 2012/11/29 13:09:18 Right, now what if you want to format this in HTML Show quoted text On 2012/11/29 12:58:02, pneubeck wrote: > On 2012/11/29 12:49:24, Mattias Nissler wrote: > > It seems weird that instead of adding individual errors here, you instead add > > just one error that holds the concatenation of all the errors you encountered. > > > > Have you considered using something like PolicyErrorMap for gathering and > > returning errors during parsing/validation? > > What for? > I could imagine, that having a list of errors (sth. like vector<string>) would > help layouting of the message. However, the win seems minimal compared to having > linebreaks between the errors. Right, now what if you want to format this in HTML? Linebreaks in HTML don't cause linebreaks ;) about:policy just joins errors at the moment (using a blank as the separator, so this is already inconsistent with your joining), but once we're making it more user-consumable, we'd have to make it into an itemized list in HTML anyways, and then we need to have individual items.
	75 }

72	76

73 if (root_dict.get() == NULL) {	77 if (root_dict.get() == NULL) {

74 errors->AddError(policy_name(), IDS_POLICY_NETWORK_CONFIG_PARSE_ERROR);

75 // Don't reject the policy, as some networks or certificates could still	78 // Don't reject the policy, as some networks or certificates could still

76 // be applied.	79 // be applied.

77 return true;	80 return true;

78 }	81 }

79 }	82 }

80	83

81 return true;	84 return true;

82 }	85 }

83	86

84 void NetworkConfigurationPolicyHandler::ApplyPolicySettings(	87 void NetworkConfigurationPolicyHandler::ApplyPolicySettings(

(...skipping 110 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
195 base::DictionaryValue* app_dict = new base::DictionaryValue();	198 base::DictionaryValue* app_dict = new base::DictionaryValue();

196 app_dict->SetString(ash::kPinnedAppsPrefAppIDPath, id);	199 app_dict->SetString(ash::kPinnedAppsPrefAppIDPath, id);

197 pinned_apps_list->Append(app_dict);	200 pinned_apps_list->Append(app_dict);

198 }	201 }

199 }	202 }

200 prefs->SetValue(pref_path(), pinned_apps_list);	203 prefs->SetValue(pref_path(), pinned_apps_list);

201 }	204 }

202 }	205 }

203	206

204 } // namespace policy	207 } // namespace policy

OLD	NEW