chrome/browser/policy/cloud_policy_client.cc - Issue 12189011: Split up chrome/browser/policy subdirectory

Side by Side Diff: chrome/browser/policy/cloud_policy_client.cc

Issue 12189011: Split up chrome/browser/policy subdirectory (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src

Patch Set: Rebase. Created 7 years, 10 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch | Annotate | Revision Log

« chrome/browser/policy/browser_policy_connector.h ('K') | « chrome/browser/policy/cloud_policy_client.h ('k') | chrome/browser/policy/cloud_policy_client_unittest.cc » ('j') | chrome/chrome_browser.gypi » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
	(Empty)
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.

4

5 #include "chrome/browser/policy/cloud_policy_client.h"

6

7 #include "base/bind.h"

8 #include "base/guid.h"

9 #include "base/logging.h"

10 #include "base/stl_util.h"

11 #include "chrome/browser/policy/device_management_service.h"

12

13 namespace em = enterprise_management;

14

15 namespace policy {

16

17 namespace {

18

19 // Translates the DeviceRegisterResponse::DeviceMode \|mode\| to the enum used

20 // internally to represent different device modes.

21 DeviceMode TranslateProtobufDeviceMode(

22 em::DeviceRegisterResponse::DeviceMode mode) {

23 switch (mode) {

24 case em::DeviceRegisterResponse::ENTERPRISE:

25 return DEVICE_MODE_ENTERPRISE;

26 case em::DeviceRegisterResponse::RETAIL:

27 return DEVICE_MODE_KIOSK;

28 }

29 LOG(ERROR) << "Unknown enrollment mode in registration response: " << mode;

30 return DEVICE_MODE_NOT_SET;

31 }

32

33 bool IsChromePolicy(const std::string& type) {

34 return type == dm_protocol::kChromeDevicePolicyType \|\|

35 type == dm_protocol::kChromeUserPolicyType;

36 }

37

38 } // namespace

39

40 CloudPolicyClient::Observer::~Observer() {}

41

42 CloudPolicyClient::StatusProvider::~StatusProvider() {}

43

44 CloudPolicyClient::CloudPolicyClient(const std::string& machine_id,

45 const std::string& machine_model,

46 UserAffiliation user_affiliation,

47 StatusProvider* status_provider,

48 DeviceManagementService* service)

49 : machine_id_(machine_id),

50 machine_model_(machine_model),

51 user_affiliation_(user_affiliation),

52 device_mode_(DEVICE_MODE_NOT_SET),

53 submit_machine_id_(false),

54 public_key_version_(-1),

55 public_key_version_valid_(false),

56 service_(service), // Can be NULL for unit tests.

57 status_provider_(status_provider), // Can be NULL for unit tests.

58 status_(DM_STATUS_SUCCESS) {

59 }

60

61 CloudPolicyClient::~CloudPolicyClient() {

62 STLDeleteValues(&responses_);

63 }

64

65 void CloudPolicyClient::SetupRegistration(const std::string& dm_token,

66 const std::string& client_id) {

67 DCHECK(!dm_token.empty());

68 DCHECK(!client_id.empty());

69 DCHECK(!is_registered());

70

71 dm_token_ = dm_token;

72 client_id_ = client_id;

73 request_job_.reset();

74 STLDeleteValues(&responses_);

75

76 NotifyRegistrationStateChanged();

77 }

78

79 void CloudPolicyClient::Register(em::DeviceRegisterRequest::Type type,

80 const std::string& auth_token,

81 const std::string& client_id,

82 bool is_auto_enrollement) {

83 DCHECK(service_);

84 DCHECK(!auth_token.empty());

85 DCHECK(!is_registered());

86

87 if (client_id.empty()) {

88 // Generate a new client ID. This is intentionally done on each new

89 // registration request in order to preserve privacy. Reusing IDs would mean

90 // the server could track clients by their registration attempts.

91 client_id_ = base::GenerateGUID();

92 } else {

93 client_id_ = client_id;

94 }

95

96 request_job_.reset(

97 service_->CreateJob(DeviceManagementRequestJob::TYPE_REGISTRATION));

98 request_job_->SetOAuthToken(auth_token);

99 request_job_->SetClientID(client_id_);

100

101 em::DeviceRegisterRequest* request =

102 request_job_->GetRequest()->mutable_register_request();

103 if (!client_id.empty())

104 request->set_reregister(true);

105 request->set_type(type);

106 if (!machine_id_.empty())

107 request->set_machine_id(machine_id_);

108 if (!machine_model_.empty())

109 request->set_machine_model(machine_model_);

110 if (is_auto_enrollement)

111 request->set_auto_enrolled(true);

112

113 request_job_->Start(base::Bind(&CloudPolicyClient::OnRegisterCompleted,

114 base::Unretained(this)));

115 }

116

117 void CloudPolicyClient::FetchPolicy() {

118 CHECK(is_registered());

119

120 request_job_.reset(

121 service_->CreateJob(DeviceManagementRequestJob::TYPE_POLICY_FETCH));

122 request_job_->SetDMToken(dm_token_);

123 request_job_->SetClientID(client_id_);

124 request_job_->SetUserAffiliation(user_affiliation_);

125

126 em::DeviceManagementRequest* request = request_job_->GetRequest();

127

128 // Build policy fetch requests.

129 em::DevicePolicyRequest* policy_request = request->mutable_policy_request();

130 for (NamespaceSet::iterator it = namespaces_to_fetch_.begin();

131 it != namespaces_to_fetch_.end(); ++it) {

132 em::PolicyFetchRequest* fetch_request = policy_request->add_request();

133 fetch_request->set_policy_type(it->first);

134 if (!it->second.empty())

135 fetch_request->set_settings_entity_id(it->second);

136

137 // All policy types ask for a signed policy blob.

138 fetch_request->set_signature_type(em::PolicyFetchRequest::SHA1_RSA);

139 if (public_key_version_valid_)

140 fetch_request->set_public_key_version(public_key_version_);

141

142 // These fields are included only in requests for chrome policy.

143 if (IsChromePolicy(it->first)) {

144 if (submit_machine_id_ && !machine_id_.empty())

145 fetch_request->set_machine_id(machine_id_);

146 if (!last_policy_timestamp_.is_null()) {

147 base::TimeDelta timestamp(

148 last_policy_timestamp_ - base::Time::UnixEpoch());

149 fetch_request->set_timestamp(timestamp.InMilliseconds());

150 }

151 }

152 }

153

154 // Add status data.

155 if (status_provider_) {

156 if (!status_provider_->GetDeviceStatus(

157 request->mutable_device_status_report_request())) {

158 request->clear_device_status_report_request();

159 }

160 if (!status_provider_->GetSessionStatus(

161 request->mutable_session_status_report_request())) {

162 request->clear_session_status_report_request();

163 }

164 }

165

166 // Fire the job.

167 request_job_->Start(base::Bind(&CloudPolicyClient::OnPolicyFetchCompleted,

168 base::Unretained(this)));

169 }

170

171 void CloudPolicyClient::Unregister() {

172 DCHECK(service_);

173 request_job_.reset(

174 service_->CreateJob(DeviceManagementRequestJob::TYPE_UNREGISTRATION));

175 request_job_->SetDMToken(dm_token_);

176 request_job_->SetClientID(client_id_);

177 request_job_->GetRequest()->mutable_unregister_request();

178 request_job_->Start(base::Bind(&CloudPolicyClient::OnUnregisterCompleted,

179 base::Unretained(this)));

180 }

181

182 void CloudPolicyClient::AddObserver(Observer* observer) {

183 observers_.AddObserver(observer);

184 }

185

186 void CloudPolicyClient::RemoveObserver(Observer* observer) {

187 observers_.RemoveObserver(observer);

188 }

189

190 void CloudPolicyClient::AddNamespaceToFetch(const PolicyNamespaceKey& key) {

191 namespaces_to_fetch_.insert(key);

192 }

193

194 void CloudPolicyClient::RemoveNamespaceToFetch(const PolicyNamespaceKey& key) {

195 namespaces_to_fetch_.erase(key);

196 }

197

198 const em::PolicyFetchResponse* CloudPolicyClient::GetPolicyFor(

199 const PolicyNamespaceKey& key) const {

200 ResponseMap::const_iterator it = responses_.find(key);

201 return it == responses_.end() ? NULL : it->second;

202 }

203

204 void CloudPolicyClient::OnRegisterCompleted(

205 DeviceManagementStatus status,

206 const em::DeviceManagementResponse& response) {

207 if (status == DM_STATUS_SUCCESS &&

208 (!response.has_register_response() \|\|

209 !response.register_response().has_device_management_token())) {

210 LOG(WARNING) << "Invalid registration response.";

211 status = DM_STATUS_RESPONSE_DECODING_ERROR;

212 }

213

214 status_ = status;

215 if (status == DM_STATUS_SUCCESS) {

216 dm_token_ = response.register_response().device_management_token();

217

218 // Device mode is only relevant for device policy really, it's the

219 // responsibility of the consumer of the field to check validity.

220 device_mode_ = DEVICE_MODE_NOT_SET;

221 if (response.register_response().has_enrollment_type()) {

222 device_mode_ = TranslateProtobufDeviceMode(

223 response.register_response().enrollment_type());

224 }

225

226 NotifyRegistrationStateChanged();

227 } else {

228 NotifyClientError();

229 }

230 }

231

232 void CloudPolicyClient::OnPolicyFetchCompleted(

233 DeviceManagementStatus status,

234 const em::DeviceManagementResponse& response) {

235 if (status == DM_STATUS_SUCCESS) {

236 if (!response.has_policy_response() \|\|

237 response.policy_response().response_size() == 0) {

238 LOG(WARNING) << "Empty policy response.";

239 status = DM_STATUS_RESPONSE_DECODING_ERROR;

240 }

241 }

242

243 status_ = status;

244 if (status == DM_STATUS_SUCCESS) {

245 const em::DevicePolicyResponse& policy_response =

246 response.policy_response();

247 STLDeleteValues(&responses_);

248 for (int i = 0; i < policy_response.response_size(); ++i) {

249 const em::PolicyFetchResponse& response = policy_response.response(i);

250 em::PolicyData policy_data;

251 if (!policy_data.ParseFromString(response.policy_data()) \|\|

252 !policy_data.IsInitialized() \|\|

253 !policy_data.has_policy_type()) {

254 LOG(WARNING) << "Invalid PolicyData received, ignoring";

255 continue;

256 }

257 const std::string& type = policy_data.policy_type();

258 std::string entity_id;

259 if (policy_data.has_settings_entity_id())

260 entity_id = policy_data.settings_entity_id();

261 PolicyNamespaceKey key(type, entity_id);

262 if (ContainsKey(responses_, key)) {

263 LOG(WARNING) << "Duplicate PolicyFetchResponse for type: "

264 << type << ", entity: " << entity_id << ", ignoring";

265 continue;

266 }

267 responses_[key] = new em::PolicyFetchResponse(response);

268 }

269 if (status_provider_)

270 status_provider_->OnSubmittedSuccessfully();

271 NotifyPolicyFetched();

272 } else {

273 NotifyClientError();

274 }

275 }

276

277 void CloudPolicyClient::OnUnregisterCompleted(

278 DeviceManagementStatus status,

279 const em::DeviceManagementResponse& response) {

280 if (status == DM_STATUS_SUCCESS && !response.has_unregister_response()) {

281 // Assume unregistration has succeeded either way.

282 LOG(WARNING) << "Empty unregistration response.";

283 }

284

285 status_ = status;

286 if (status == DM_STATUS_SUCCESS) {

287 dm_token_.clear();

288 NotifyRegistrationStateChanged();

289 } else {

290 NotifyClientError();

291 }

292 }

293

294 void CloudPolicyClient::NotifyPolicyFetched() {

295 FOR_EACH_OBSERVER(Observer, observers_, OnPolicyFetched(this));

296 }

297

298 void CloudPolicyClient::NotifyRegistrationStateChanged() {

299 FOR_EACH_OBSERVER(Observer, observers_, OnRegistrationStateChanged(this));

300 }

301

302 void CloudPolicyClient::NotifyClientError() {

303 FOR_EACH_OBSERVER(Observer, observers_, OnClientError(this));

304 }

305

306 } // namespace policy

OLD	NEW