| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/dbus/session_manager_client.h" | 5 #include "chromeos/dbus/session_manager_client.h" |
| 6 | 6 |
| 7 #include <sys/socket.h> | 7 #include <sys/socket.h> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/callback.h" | 10 #include "base/callback.h" |
| 11 #include "base/files/file_path.h" | 11 #include "base/files/file_path.h" |
| 12 #include "base/files/file_util.h" | 12 #include "base/files/file_util.h" |
| 13 #include "base/location.h" | 13 #include "base/location.h" |
| 14 #include "base/path_service.h" | 14 #include "base/path_service.h" |
| 15 #include "base/strings/string_number_conversions.h" | 15 #include "base/strings/string_number_conversions.h" |
| 16 #include "base/strings/string_util.h" | 16 #include "base/strings/string_util.h" |
| 17 #include "base/task_runner_util.h" | 17 #include "base/task_runner_util.h" |
| 18 #include "base/threading/worker_pool.h" | 18 #include "base/threading/worker_pool.h" |
| 19 #include "chromeos/chromeos_paths.h" | 19 #include "chromeos/chromeos_paths.h" |
| 20 #include "chromeos/dbus/blocking_method_caller.h" | 20 #include "chromeos/dbus/blocking_method_caller.h" |
| 21 #include "chromeos/dbus/cryptohome_client.h" | 21 #include "chromeos/dbus/cryptohome_client.h" |
| 22 #include "components/user_manager/user_id.h" |
| 22 #include "crypto/sha2.h" | 23 #include "crypto/sha2.h" |
| 23 #include "dbus/bus.h" | 24 #include "dbus/bus.h" |
| 24 #include "dbus/message.h" | 25 #include "dbus/message.h" |
| 25 #include "dbus/object_path.h" | 26 #include "dbus/object_path.h" |
| 26 #include "dbus/object_proxy.h" | 27 #include "dbus/object_proxy.h" |
| 27 #include "policy/proto/device_management_backend.pb.h" | 28 #include "policy/proto/device_management_backend.pb.h" |
| 28 #include "third_party/cros_system_api/dbus/service_constants.h" | 29 #include "third_party/cros_system_api/dbus/service_constants.h" |
| 29 | 30 |
| 30 namespace chromeos { | 31 namespace chromeos { |
| 31 | 32 |
| 32 namespace { | 33 namespace { |
| 33 | 34 |
| 34 // Returns a location for |file| that is specific to the given |username|. | 35 // Returns a location for |file| that is specific to the given |username|. |
| 35 // These paths will be relative to DIR_USER_POLICY_KEYS, and can be used only | 36 // These paths will be relative to DIR_USER_POLICY_KEYS, and can be used only |
| 36 // to store stub files. | 37 // to store stub files. |
| 37 base::FilePath GetUserFilePath(const std::string& username, const char* file) { | 38 base::FilePath GetUserFilePath(const user_manager::UserID& user_id, const char*
file) { |
| 38 base::FilePath keys_path; | 39 base::FilePath keys_path; |
| 39 if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &keys_path)) | 40 if (!PathService::Get(chromeos::DIR_USER_POLICY_KEYS, &keys_path)) |
| 40 return base::FilePath(); | 41 return base::FilePath(); |
| 41 const std::string sanitized = | 42 const std::string hash = |
| 42 CryptohomeClient::GetStubSanitizedUsername(username); | 43 CryptohomeClient::GetStubSanitizedUsername(user_id); |
| 43 return keys_path.AppendASCII(sanitized).AppendASCII(file); | 44 return keys_path.AppendASCII(hash).AppendASCII(file); |
| 44 } | 45 } |
| 45 | 46 |
| 46 // Helper to asynchronously retrieve a file's content. | 47 // Helper to asynchronously retrieve a file's content. |
| 47 std::string GetFileContent(const base::FilePath& path) { | 48 std::string GetFileContent(const base::FilePath& path) { |
| 48 std::string result; | 49 std::string result; |
| 49 if (!path.empty()) | 50 if (!path.empty()) |
| 50 base::ReadFileToString(path, &result); | 51 base::ReadFileToString(path, &result); |
| 51 return result; | 52 return result; |
| 52 } | 53 } |
| 53 | 54 |
| (...skipping 89 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 143 &CreateValidCredConduit, local_auth_fd.get(), remote_auth_fd.get()); | 144 &CreateValidCredConduit, local_auth_fd.get(), remote_auth_fd.get()); |
| 144 | 145 |
| 145 base::WorkerPool::PostTaskAndReply( | 146 base::WorkerPool::PostTaskAndReply( |
| 146 FROM_HERE, create_credentials_conduit_closure, | 147 FROM_HERE, create_credentials_conduit_closure, |
| 147 base::Bind(&SessionManagerClientImpl::CallRestartJobWithValidFd, | 148 base::Bind(&SessionManagerClientImpl::CallRestartJobWithValidFd, |
| 148 weak_ptr_factory_.GetWeakPtr(), base::Passed(&local_auth_fd), | 149 weak_ptr_factory_.GetWeakPtr(), base::Passed(&local_auth_fd), |
| 149 base::Passed(&remote_auth_fd), command_line), | 150 base::Passed(&remote_auth_fd), command_line), |
| 150 false); | 151 false); |
| 151 } | 152 } |
| 152 | 153 |
| 153 void StartSession(const std::string& user_email) override { | 154 void StartSession(const user_manager::UserID& user_id) override { |
| 154 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 155 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 155 login_manager::kSessionManagerStartSession); | 156 login_manager::kSessionManagerStartSession); |
| 156 dbus::MessageWriter writer(&method_call); | 157 dbus::MessageWriter writer(&method_call); |
| 157 writer.AppendString(user_email); | 158 writer.AppendString(user_id.GetUserEmail()); |
| 158 writer.AppendString(""); // Unique ID is deprecated | 159 writer.AppendString(""); // Unique ID is deprecated |
| 159 session_manager_proxy_->CallMethod( | 160 session_manager_proxy_->CallMethod( |
| 160 &method_call, | 161 &method_call, |
| 161 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 162 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 162 base::Bind(&SessionManagerClientImpl::OnStartSession, | 163 base::Bind(&SessionManagerClientImpl::OnStartSession, |
| 163 weak_ptr_factory_.GetWeakPtr())); | 164 weak_ptr_factory_.GetWeakPtr())); |
| 164 } | 165 } |
| 165 | 166 |
| 166 void StopSession() override { | 167 void StopSession() override { |
| 167 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 168 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| (...skipping 60 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 228 login_manager::kSessionManagerRetrievePolicy); | 229 login_manager::kSessionManagerRetrievePolicy); |
| 229 session_manager_proxy_->CallMethod( | 230 session_manager_proxy_->CallMethod( |
| 230 &method_call, | 231 &method_call, |
| 231 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 232 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 232 base::Bind(&SessionManagerClientImpl::OnRetrievePolicy, | 233 base::Bind(&SessionManagerClientImpl::OnRetrievePolicy, |
| 233 weak_ptr_factory_.GetWeakPtr(), | 234 weak_ptr_factory_.GetWeakPtr(), |
| 234 login_manager::kSessionManagerRetrievePolicy, | 235 login_manager::kSessionManagerRetrievePolicy, |
| 235 callback)); | 236 callback)); |
| 236 } | 237 } |
| 237 | 238 |
| 238 void RetrievePolicyForUser(const std::string& username, | 239 void RetrievePolicyForUser(const user_manager::UserID& user_id, |
| 239 const RetrievePolicyCallback& callback) override { | 240 const RetrievePolicyCallback& callback) override { |
| 240 CallRetrievePolicyByUsername( | 241 CallRetrievePolicyByUsername( |
| 241 login_manager::kSessionManagerRetrievePolicyForUser, | 242 login_manager::kSessionManagerRetrievePolicyForUser, |
| 242 username, | 243 user_id.GetUserEmail(), |
| 243 callback); | 244 callback); |
| 244 } | 245 } |
| 245 | 246 |
| 246 std::string BlockingRetrievePolicyForUser( | 247 std::string BlockingRetrievePolicyForUser( |
| 247 const std::string& username) override { | 248 const user_manager::UserID& user_id) override { |
| 248 dbus::MethodCall method_call( | 249 dbus::MethodCall method_call( |
| 249 login_manager::kSessionManagerInterface, | 250 login_manager::kSessionManagerInterface, |
| 250 login_manager::kSessionManagerRetrievePolicyForUser); | 251 login_manager::kSessionManagerRetrievePolicyForUser); |
| 251 dbus::MessageWriter writer(&method_call); | 252 dbus::MessageWriter writer(&method_call); |
| 252 writer.AppendString(username); | 253 writer.AppendString(user_id.GetUserEmail()); |
| 253 scoped_ptr<dbus::Response> response = | 254 scoped_ptr<dbus::Response> response = |
| 254 blocking_method_caller_->CallMethodAndBlock(&method_call); | 255 blocking_method_caller_->CallMethodAndBlock(&method_call); |
| 255 std::string policy; | 256 std::string policy; |
| 256 ExtractString(login_manager::kSessionManagerRetrievePolicyForUser, | 257 ExtractString(login_manager::kSessionManagerRetrievePolicyForUser, |
| 257 response.get(), | 258 response.get(), |
| 258 &policy); | 259 &policy); |
| 259 return policy; | 260 return policy; |
| 260 } | 261 } |
| 261 | 262 |
| 262 void RetrieveDeviceLocalAccountPolicy( | 263 void RetrieveDeviceLocalAccountPolicy( |
| (...skipping 15 matching lines...) Expand all Loading... |
| 278 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size()); | 279 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size()); |
| 279 session_manager_proxy_->CallMethod( | 280 session_manager_proxy_->CallMethod( |
| 280 &method_call, | 281 &method_call, |
| 281 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 282 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 282 base::Bind(&SessionManagerClientImpl::OnStorePolicy, | 283 base::Bind(&SessionManagerClientImpl::OnStorePolicy, |
| 283 weak_ptr_factory_.GetWeakPtr(), | 284 weak_ptr_factory_.GetWeakPtr(), |
| 284 login_manager::kSessionManagerStorePolicy, | 285 login_manager::kSessionManagerStorePolicy, |
| 285 callback)); | 286 callback)); |
| 286 } | 287 } |
| 287 | 288 |
| 288 void StorePolicyForUser(const std::string& username, | 289 void StorePolicyForUser(const user_manager::UserID& user_id, |
| 289 const std::string& policy_blob, | 290 const std::string& policy_blob, |
| 290 const StorePolicyCallback& callback) override { | 291 const StorePolicyCallback& callback) override { |
| 291 CallStorePolicyByUsername(login_manager::kSessionManagerStorePolicyForUser, | 292 CallStorePolicyByUsername(login_manager::kSessionManagerStorePolicyForUser, |
| 292 username, | 293 user_id.GetUserEmail(), |
| 293 policy_blob, | 294 policy_blob, |
| 294 callback); | 295 callback); |
| 295 } | 296 } |
| 296 | 297 |
| 297 void StoreDeviceLocalAccountPolicy( | 298 void StoreDeviceLocalAccountPolicy( |
| 298 const std::string& account_name, | 299 const std::string& account_name, |
| 299 const std::string& policy_blob, | 300 const std::string& policy_blob, |
| 300 const StorePolicyCallback& callback) override { | 301 const StorePolicyCallback& callback) override { |
| 301 CallStorePolicyByUsername( | 302 CallStorePolicyByUsername( |
| 302 login_manager::kSessionManagerStoreDeviceLocalAccountPolicy, | 303 login_manager::kSessionManagerStoreDeviceLocalAccountPolicy, |
| 303 account_name, | 304 account_name, |
| 304 policy_blob, | 305 policy_blob, |
| 305 callback); | 306 callback); |
| 306 } | 307 } |
| 307 | 308 |
| 308 void SetFlagsForUser(const std::string& username, | 309 void SetFlagsForUser(const user_manager::UserID& user_id, |
| 309 const std::vector<std::string>& flags) override { | 310 const std::vector<std::string>& flags) override { |
| 310 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 311 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 311 login_manager::kSessionManagerSetFlagsForUser); | 312 login_manager::kSessionManagerSetFlagsForUser); |
| 312 dbus::MessageWriter writer(&method_call); | 313 dbus::MessageWriter writer(&method_call); |
| 313 writer.AppendString(username); | 314 writer.AppendString(user_id.GetUserEmail()); |
| 314 writer.AppendArrayOfStrings(flags); | 315 writer.AppendArrayOfStrings(flags); |
| 315 session_manager_proxy_->CallMethod( | 316 session_manager_proxy_->CallMethod( |
| 316 &method_call, | 317 &method_call, |
| 317 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 318 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 318 dbus::ObjectProxy::EmptyResponseCallback()); | 319 dbus::ObjectProxy::EmptyResponseCallback()); |
| 319 } | 320 } |
| 320 | 321 |
| 321 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { | 322 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { |
| 322 dbus::MethodCall method_call( | 323 dbus::MethodCall method_call( |
| 323 login_manager::kSessionManagerInterface, | 324 login_manager::kSessionManagerInterface, |
| (...skipping 52 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 376 void SimpleMethodCallToSessionManager(const std::string& method_name) { | 377 void SimpleMethodCallToSessionManager(const std::string& method_name) { |
| 377 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 378 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 378 method_name); | 379 method_name); |
| 379 session_manager_proxy_->CallMethod( | 380 session_manager_proxy_->CallMethod( |
| 380 &method_call, | 381 &method_call, |
| 381 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 382 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 382 dbus::ObjectProxy::EmptyResponseCallback()); | 383 dbus::ObjectProxy::EmptyResponseCallback()); |
| 383 } | 384 } |
| 384 | 385 |
| 385 // Helper for RetrieveDeviceLocalAccountPolicy and RetrievePolicyForUser. | 386 // Helper for RetrieveDeviceLocalAccountPolicy and RetrievePolicyForUser. |
| 387 // |username| is either UserEmail or DeviceLocalAccountID. |
| 386 void CallRetrievePolicyByUsername(const std::string& method_name, | 388 void CallRetrievePolicyByUsername(const std::string& method_name, |
| 387 const std::string& username, | 389 const std::string& username, |
| 388 const RetrievePolicyCallback& callback) { | 390 const RetrievePolicyCallback& callback) { |
| 389 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 391 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 390 method_name); | 392 method_name); |
| 391 dbus::MessageWriter writer(&method_call); | 393 dbus::MessageWriter writer(&method_call); |
| 392 writer.AppendString(username); | 394 writer.AppendString(username); |
| 393 session_manager_proxy_->CallMethod( | 395 session_manager_proxy_->CallMethod( |
| 394 &method_call, | 396 &method_call, |
| 395 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 397 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| 396 base::Bind( | 398 base::Bind( |
| 397 &SessionManagerClientImpl::OnRetrievePolicy, | 399 &SessionManagerClientImpl::OnRetrievePolicy, |
| 398 weak_ptr_factory_.GetWeakPtr(), | 400 weak_ptr_factory_.GetWeakPtr(), |
| 399 method_name, | 401 method_name, |
| 400 callback)); | 402 callback)); |
| 401 } | 403 } |
| 402 | 404 |
| 405 // |username| is either UserEmail or DeviceLocalAccountID. |
| 403 void CallStorePolicyByUsername(const std::string& method_name, | 406 void CallStorePolicyByUsername(const std::string& method_name, |
| 404 const std::string& username, | 407 const std::string& username, |
| 405 const std::string& policy_blob, | 408 const std::string& policy_blob, |
| 406 const StorePolicyCallback& callback) { | 409 const StorePolicyCallback& callback) { |
| 407 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, | 410 dbus::MethodCall method_call(login_manager::kSessionManagerInterface, |
| 408 method_name); | 411 method_name); |
| 409 dbus::MessageWriter writer(&method_call); | 412 dbus::MessageWriter writer(&method_call); |
| 410 writer.AppendString(username); | 413 writer.AppendString(username); |
| 411 // static_cast does not work due to signedness. | 414 // static_cast does not work due to signedness. |
| 412 writer.AppendArrayOfBytes( | 415 writer.AppendArrayOfBytes( |
| 413 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size()); | 416 reinterpret_cast<const uint8*>(policy_blob.data()), policy_blob.size()); |
| 414 session_manager_proxy_->CallMethod( | 417 session_manager_proxy_->CallMethod( |
| 415 &method_call, | 418 &method_call, |
| 416 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, | 419 dbus::ObjectProxy::TIMEOUT_USE_DEFAULT, |
| (...skipping 81 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 498 while (array_reader.HasMoreData()) { | 501 while (array_reader.HasMoreData()) { |
| 499 dbus::MessageReader dict_entry_reader(NULL); | 502 dbus::MessageReader dict_entry_reader(NULL); |
| 500 std::string key; | 503 std::string key; |
| 501 std::string value; | 504 std::string value; |
| 502 if (!array_reader.PopDictEntry(&dict_entry_reader) || | 505 if (!array_reader.PopDictEntry(&dict_entry_reader) || |
| 503 !dict_entry_reader.PopString(&key) || | 506 !dict_entry_reader.PopString(&key) || |
| 504 !dict_entry_reader.PopString(&value)) { | 507 !dict_entry_reader.PopString(&value)) { |
| 505 LOG(ERROR) << method_name << " response is incorrect: " | 508 LOG(ERROR) << method_name << " response is incorrect: " |
| 506 << response->ToString(); | 509 << response->ToString(); |
| 507 } else { | 510 } else { |
| 508 sessions[key] = value; | 511 const user_manager::UserID user_id(std::string() /* gaia_id */, key); |
| 512 sessions[user_id] = value; |
| 509 } | 513 } |
| 510 } | 514 } |
| 511 success = true; | 515 success = true; |
| 512 } | 516 } |
| 513 callback.Run(sessions, success); | 517 callback.Run(sessions, success); |
| 514 } | 518 } |
| 515 | 519 |
| 516 void ExtractString(const std::string& method_name, | 520 void ExtractString(const std::string& method_name, |
| 517 dbus::Response* response, | 521 dbus::Response* response, |
| 518 std::string* extracted) { | 522 std::string* extracted) { |
| (...skipping 143 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 662 } | 666 } |
| 663 void RemoveObserver(Observer* observer) override { | 667 void RemoveObserver(Observer* observer) override { |
| 664 observers_.RemoveObserver(observer); | 668 observers_.RemoveObserver(observer); |
| 665 } | 669 } |
| 666 bool HasObserver(const Observer* observer) const override { | 670 bool HasObserver(const Observer* observer) const override { |
| 667 return observers_.HasObserver(observer); | 671 return observers_.HasObserver(observer); |
| 668 } | 672 } |
| 669 bool IsScreenLocked() const override { return screen_is_locked_; } | 673 bool IsScreenLocked() const override { return screen_is_locked_; } |
| 670 void EmitLoginPromptVisible() override {} | 674 void EmitLoginPromptVisible() override {} |
| 671 void RestartJob(int pid, const std::string& command_line) override {} | 675 void RestartJob(int pid, const std::string& command_line) override {} |
| 672 void StartSession(const std::string& user_email) override {} | 676 void StartSession(const user_manager::UserID& user_id) override {} |
| 673 void StopSession() override {} | 677 void StopSession() override {} |
| 674 void NotifySupervisedUserCreationStarted() override {} | 678 void NotifySupervisedUserCreationStarted() override {} |
| 675 void NotifySupervisedUserCreationFinished() override {} | 679 void NotifySupervisedUserCreationFinished() override {} |
| 676 void StartDeviceWipe() override {} | 680 void StartDeviceWipe() override {} |
| 677 void RequestLockScreen() override { | 681 void RequestLockScreen() override { |
| 678 if (delegate_) | 682 if (delegate_) |
| 679 delegate_->LockScreenForStub(); | 683 delegate_->LockScreenForStub(); |
| 680 } | 684 } |
| 681 void NotifyLockScreenShown() override { | 685 void NotifyLockScreenShown() override { |
| 682 screen_is_locked_ = true; | 686 screen_is_locked_ = true; |
| (...skipping 12 matching lines...) Expand all Loading... |
| 695 return; | 699 return; |
| 696 } | 700 } |
| 697 base::FilePath device_policy_path = | 701 base::FilePath device_policy_path = |
| 698 owner_key_path.DirName().AppendASCII("stub_device_policy"); | 702 owner_key_path.DirName().AppendASCII("stub_device_policy"); |
| 699 base::PostTaskAndReplyWithResult( | 703 base::PostTaskAndReplyWithResult( |
| 700 base::WorkerPool::GetTaskRunner(false).get(), | 704 base::WorkerPool::GetTaskRunner(false).get(), |
| 701 FROM_HERE, | 705 FROM_HERE, |
| 702 base::Bind(&GetFileContent, device_policy_path), | 706 base::Bind(&GetFileContent, device_policy_path), |
| 703 callback); | 707 callback); |
| 704 } | 708 } |
| 705 void RetrievePolicyForUser(const std::string& username, | 709 void RetrievePolicyForUser(const user_manager::UserID& user_id, |
| 706 const RetrievePolicyCallback& callback) override { | 710 const RetrievePolicyCallback& callback) override { |
| 707 base::PostTaskAndReplyWithResult( | 711 base::PostTaskAndReplyWithResult( |
| 708 base::WorkerPool::GetTaskRunner(false).get(), | 712 base::WorkerPool::GetTaskRunner(false).get(), |
| 709 FROM_HERE, | 713 FROM_HERE, |
| 710 base::Bind(&GetFileContent, GetUserFilePath(username, "stub_policy")), | 714 base::Bind(&GetFileContent, GetUserFilePath(user_id, "stub_policy")), |
| 711 callback); | 715 callback); |
| 712 } | 716 } |
| 713 std::string BlockingRetrievePolicyForUser( | 717 std::string BlockingRetrievePolicyForUser( |
| 714 const std::string& username) override { | 718 const user_manager::UserID& user_id) override { |
| 715 return GetFileContent(GetUserFilePath(username, "stub_policy")); | 719 return GetFileContent(GetUserFilePath(user_id, "stub_policy")); |
| 716 } | 720 } |
| 717 void RetrieveDeviceLocalAccountPolicy( | 721 void RetrieveDeviceLocalAccountPolicy( |
| 718 const std::string& account_name, | 722 const std::string& account_name, |
| 719 const RetrievePolicyCallback& callback) override { | 723 const RetrievePolicyCallback& callback) override { |
| 720 RetrievePolicyForUser(account_name, callback); | 724 const user_manager::UserID fake_user_id(std::string() /* gaia_id */, account
_name); |
| 725 RetrievePolicyForUser(fake_user_id, callback); |
| 721 } | 726 } |
| 722 void StoreDevicePolicy(const std::string& policy_blob, | 727 void StoreDevicePolicy(const std::string& policy_blob, |
| 723 const StorePolicyCallback& callback) override { | 728 const StorePolicyCallback& callback) override { |
| 724 enterprise_management::PolicyFetchResponse response; | 729 enterprise_management::PolicyFetchResponse response; |
| 725 base::FilePath owner_key_path; | 730 base::FilePath owner_key_path; |
| 726 if (!response.ParseFromString(policy_blob) || | 731 if (!response.ParseFromString(policy_blob) || |
| 727 !PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) { | 732 !PathService::Get(chromeos::FILE_OWNER_KEY, &owner_key_path)) { |
| 728 callback.Run(false); | 733 callback.Run(false); |
| 729 return; | 734 return; |
| 730 } | 735 } |
| (...skipping 11 matching lines...) Expand all Loading... |
| 742 // Note also that the owner key will be written before the device policy, | 747 // Note also that the owner key will be written before the device policy, |
| 743 // if it was present in the blob. | 748 // if it was present in the blob. |
| 744 base::FilePath device_policy_path = | 749 base::FilePath device_policy_path = |
| 745 owner_key_path.DirName().AppendASCII("stub_device_policy"); | 750 owner_key_path.DirName().AppendASCII("stub_device_policy"); |
| 746 base::WorkerPool::PostTaskAndReply( | 751 base::WorkerPool::PostTaskAndReply( |
| 747 FROM_HERE, | 752 FROM_HERE, |
| 748 base::Bind(&StoreFile, device_policy_path, policy_blob), | 753 base::Bind(&StoreFile, device_policy_path, policy_blob), |
| 749 base::Bind(callback, true), | 754 base::Bind(callback, true), |
| 750 false); | 755 false); |
| 751 } | 756 } |
| 752 void StorePolicyForUser(const std::string& username, | 757 void StorePolicyForUser(const user_manager::UserID& user_id, |
| 753 const std::string& policy_blob, | 758 const std::string& policy_blob, |
| 754 const StorePolicyCallback& callback) override { | 759 const StorePolicyCallback& callback) override { |
| 755 // The session manager writes the user policy key to a well-known | 760 // The session manager writes the user policy key to a well-known |
| 756 // location. Do the same with the stub impl, so that user policy works and | 761 // location. Do the same with the stub impl, so that user policy works and |
| 757 // can be tested on desktop builds. | 762 // can be tested on desktop builds. |
| 758 enterprise_management::PolicyFetchResponse response; | 763 enterprise_management::PolicyFetchResponse response; |
| 759 if (!response.ParseFromString(policy_blob)) { | 764 if (!response.ParseFromString(policy_blob)) { |
| 760 callback.Run(false); | 765 callback.Run(false); |
| 761 return; | 766 return; |
| 762 } | 767 } |
| 763 | 768 |
| 764 if (response.has_new_public_key()) { | 769 if (response.has_new_public_key()) { |
| 765 base::FilePath key_path = GetUserFilePath(username, "policy.pub"); | 770 base::FilePath key_path = GetUserFilePath(user_id, "policy.pub"); |
| 766 base::WorkerPool::PostTask( | 771 base::WorkerPool::PostTask( |
| 767 FROM_HERE, | 772 FROM_HERE, |
| 768 base::Bind(&StoreFile, key_path, response.new_public_key()), | 773 base::Bind(&StoreFile, key_path, response.new_public_key()), |
| 769 false); | 774 false); |
| 770 } | 775 } |
| 771 | 776 |
| 772 // This file isn't read directly by Chrome, but is used by this class to | 777 // This file isn't read directly by Chrome, but is used by this class to |
| 773 // reload the user policy across restarts. | 778 // reload the user policy across restarts. |
| 774 base::FilePath stub_policy_path = GetUserFilePath(username, "stub_policy"); | 779 base::FilePath stub_policy_path = GetUserFilePath(user_id, "stub_policy"); |
| 775 base::WorkerPool::PostTaskAndReply( | 780 base::WorkerPool::PostTaskAndReply( |
| 776 FROM_HERE, | 781 FROM_HERE, |
| 777 base::Bind(&StoreFile, stub_policy_path, policy_blob), | 782 base::Bind(&StoreFile, stub_policy_path, policy_blob), |
| 778 base::Bind(callback, true), | 783 base::Bind(callback, true), |
| 779 false); | 784 false); |
| 780 } | 785 } |
| 781 void StoreDeviceLocalAccountPolicy( | 786 void StoreDeviceLocalAccountPolicy( |
| 782 const std::string& account_name, | 787 const std::string& account_name, |
| 783 const std::string& policy_blob, | 788 const std::string& policy_blob, |
| 784 const StorePolicyCallback& callback) override { | 789 const StorePolicyCallback& callback) override { |
| 785 StorePolicyForUser(account_name, policy_blob, callback); | 790 const user_manager::UserID fake_user_id(std::string() /* gaia_id */, account
_name); |
| 791 StorePolicyForUser(fake_user_id, policy_blob, callback); |
| 786 } | 792 } |
| 787 void SetFlagsForUser(const std::string& username, | 793 void SetFlagsForUser(const user_manager::UserID& user_id, |
| 788 const std::vector<std::string>& flags) override {} | 794 const std::vector<std::string>& flags) override {} |
| 789 | 795 |
| 790 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { | 796 void GetServerBackedStateKeys(const StateKeysCallback& callback) override { |
| 791 std::vector<std::string> state_keys; | 797 std::vector<std::string> state_keys; |
| 792 for (int i = 0; i < 5; ++i) | 798 for (int i = 0; i < 5; ++i) |
| 793 state_keys.push_back(crypto::SHA256HashString(base::IntToString(i))); | 799 state_keys.push_back(crypto::SHA256HashString(base::IntToString(i))); |
| 794 | 800 |
| 795 if (!callback.is_null()) | 801 if (!callback.is_null()) |
| 796 callback.Run(state_keys); | 802 callback.Run(state_keys); |
| 797 } | 803 } |
| (...skipping 15 matching lines...) Expand all Loading... |
| 813 | 819 |
| 814 SessionManagerClient* SessionManagerClient::Create( | 820 SessionManagerClient* SessionManagerClient::Create( |
| 815 DBusClientImplementationType type) { | 821 DBusClientImplementationType type) { |
| 816 if (type == REAL_DBUS_CLIENT_IMPLEMENTATION) | 822 if (type == REAL_DBUS_CLIENT_IMPLEMENTATION) |
| 817 return new SessionManagerClientImpl(); | 823 return new SessionManagerClientImpl(); |
| 818 DCHECK_EQ(STUB_DBUS_CLIENT_IMPLEMENTATION, type); | 824 DCHECK_EQ(STUB_DBUS_CLIENT_IMPLEMENTATION, type); |
| 819 return new SessionManagerClientStubImpl(); | 825 return new SessionManagerClientStubImpl(); |
| 820 } | 826 } |
| 821 | 827 |
| 822 } // namespace chromeos | 828 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1165323004:
We should use UserID object to identify users instead of username.
Base URL: https://chromium.googlesource.com/chromium/src.git@master