| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/managed_network_configuration_handler.h" | 5 #include "chromeos/network/managed_network_configuration_handler.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <vector> | 8 #include <vector> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| (...skipping 781 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 792 | 792 |
| 793 std::set<std::string> remaining_policies_; | 793 std::set<std::string> remaining_policies_; |
| 794 base::WeakPtr<ManagedNetworkConfigurationHandler> handler_; | 794 base::WeakPtr<ManagedNetworkConfigurationHandler> handler_; |
| 795 std::string profile_path_; | 795 std::string profile_path_; |
| 796 | 796 |
| 797 DISALLOW_COPY_AND_ASSIGN(PolicyApplicator); | 797 DISALLOW_COPY_AND_ASSIGN(PolicyApplicator); |
| 798 }; | 798 }; |
| 799 | 799 |
| 800 void ManagedNetworkConfigurationHandler::SetPolicy( | 800 void ManagedNetworkConfigurationHandler::SetPolicy( |
| 801 onc::ONCSource onc_source, | 801 onc::ONCSource onc_source, |
| 802 const base::DictionaryValue& toplevel_onc) { | 802 const base::ListValue& network_configs_onc) { |
| 803 VLOG(1) << "Setting policies for ONC source " | 803 VLOG(1) << "Setting policies for ONC source " |
| 804 << onc::GetSourceAsString(onc_source) << "."; | 804 << onc::GetSourceAsString(onc_source) << "."; |
| 805 | 805 |
| 806 // Validate the ONC dictionary. We are liberal and ignore unknown field | |
| 807 // names and ignore invalid field names in kRecommended arrays. | |
| 808 onc::Validator validator(false, // Ignore unknown fields. | |
| 809 false, // Ignore invalid recommended field names. | |
| 810 true, // Fail on missing fields. | |
| 811 true); // This ONC comes from policy. | |
| 812 validator.SetOncSource(onc_source); | |
| 813 | |
| 814 onc::Validator::Result validation_result; | |
| 815 scoped_ptr<base::DictionaryValue> onc_validated = | |
| 816 validator.ValidateAndRepairObject( | |
| 817 &onc::kToplevelConfigurationSignature, | |
| 818 toplevel_onc, | |
| 819 &validation_result); | |
| 820 | |
| 821 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) { | |
| 822 LOG(WARNING) << "ONC from " << onc::GetSourceAsString(onc_source) | |
| 823 << " produced warnings."; | |
| 824 } else if (validation_result == onc::Validator::INVALID || | |
| 825 onc_validated == NULL) { | |
| 826 LOG(ERROR) << "ONC from " << onc::GetSourceAsString(onc_source) | |
| 827 << " is invalid and couldn't be repaired."; | |
| 828 return; | |
| 829 } | |
| 830 | |
| 831 PolicyMap* policies; | 806 PolicyMap* policies; |
| 832 std::string profile; | 807 std::string profile; |
| 833 if (onc_source == chromeos::onc::ONC_SOURCE_USER_POLICY) { | 808 if (onc_source == chromeos::onc::ONC_SOURCE_USER_POLICY) { |
| 834 policies = &user_policies_by_guid_; | 809 policies = &user_policies_by_guid_; |
| 835 profile = kUserProfilePath; | 810 profile = kUserProfilePath; |
| 836 user_policies_initialized_ = true; | 811 user_policies_initialized_ = true; |
| 837 } else { | 812 } else { |
| 838 policies = &device_policies_by_guid_; | 813 policies = &device_policies_by_guid_; |
| 839 profile = kSharedProfilePath; | 814 profile = kSharedProfilePath; |
| 840 device_policies_initialized_ = true; | 815 device_policies_initialized_ = true; |
| 841 } | 816 } |
| 842 | 817 |
| 843 PolicyMap old_policies; | 818 PolicyMap old_policies; |
| 844 policies->swap(old_policies); | 819 policies->swap(old_policies); |
| 845 | 820 |
| 846 // This stores all GUIDs of policies that have changed or are new. | 821 // This stores all GUIDs of policies that have changed or are new. |
| 847 std::set<std::string> modified_policies; | 822 std::set<std::string> modified_policies; |
| 848 | 823 |
| 849 base::ListValue* network_configurations = NULL; | 824 for (base::ListValue::const_iterator it = network_configs_onc.begin(); |
| 850 onc_validated->GetListWithoutPathExpansion( | 825 it != network_configs_onc.end(); ++it) { |
| 851 onc::toplevel_config::kNetworkConfigurations, | 826 const base::DictionaryValue* network = NULL; |
| 852 &network_configurations); | 827 (*it)->GetAsDictionary(&network); |
| 828 DCHECK(network); |
| 853 | 829 |
| 854 if (network_configurations) { | 830 std::string guid; |
| 855 while (!network_configurations->empty()) { | 831 network->GetStringWithoutPathExpansion(onc::network_config::kGUID, &guid); |
| 856 base::Value* network_value = NULL; | 832 DCHECK(!guid.empty()); |
| 857 // Passes ownership of network_value. | |
| 858 network_configurations->Remove(network_configurations->GetSize() - 1, | |
| 859 &network_value); | |
| 860 const base::DictionaryValue* network = NULL; | |
| 861 network_value->GetAsDictionary(&network); | |
| 862 std::string guid; | |
| 863 network->GetStringWithoutPathExpansion(onc::network_config::kGUID, | |
| 864 &guid); | |
| 865 | 833 |
| 866 const base::DictionaryValue* old_entry = old_policies[guid]; | 834 if (policies->count(guid) > 0) { |
| 867 const base::DictionaryValue*& new_entry = (*policies)[guid]; | 835 LOG(ERROR) << "ONC from " << onc::GetSourceAsString(onc_source) |
| 868 if (new_entry) { | 836 << " contains several entries for the same GUID " |
| 869 LOG(ERROR) << "ONC from " << onc::GetSourceAsString(onc_source) | 837 << guid << "."; |
| 870 << " contains several entries for the same GUID " | 838 delete (*policies)[guid]; |
| 871 << guid << "."; | 839 } |
| 872 delete new_entry; | 840 const base::DictionaryValue* new_entry = network->DeepCopy(); |
| 873 } | 841 (*policies)[guid] = new_entry; |
| 874 new_entry = network; | |
| 875 | 842 |
| 876 if (!old_entry || !old_entry->Equals(new_entry)) { | 843 const base::DictionaryValue* old_entry = old_policies[guid]; |
| 877 modified_policies.insert(guid); | 844 if (!old_entry || !old_entry->Equals(new_entry)) |
| 878 } | 845 modified_policies.insert(guid); |
| 879 } | |
| 880 } | 846 } |
| 881 | 847 |
| 882 STLDeleteValues(&old_policies); | 848 STLDeleteValues(&old_policies); |
| 883 | 849 |
| 884 scoped_refptr<PolicyApplicator> applicator = new PolicyApplicator( | 850 scoped_refptr<PolicyApplicator> applicator = new PolicyApplicator( |
| 885 weak_ptr_factory_.GetWeakPtr(), | 851 weak_ptr_factory_.GetWeakPtr(), |
| 886 profile, | 852 profile, |
| 887 &modified_policies); | 853 &modified_policies); |
| 888 applicator->Run(); | 854 applicator->Run(); |
| 889 } | 855 } |
| (...skipping 15 matching lines...) Expand all Loading... |
| 905 device_policies_initialized_(false), | 871 device_policies_initialized_(false), |
| 906 weak_ptr_factory_(this) { | 872 weak_ptr_factory_(this) { |
| 907 } | 873 } |
| 908 | 874 |
| 909 ManagedNetworkConfigurationHandler::~ManagedNetworkConfigurationHandler() { | 875 ManagedNetworkConfigurationHandler::~ManagedNetworkConfigurationHandler() { |
| 910 STLDeleteValues(&user_policies_by_guid_); | 876 STLDeleteValues(&user_policies_by_guid_); |
| 911 STLDeleteValues(&device_policies_by_guid_); | 877 STLDeleteValues(&device_policies_by_guid_); |
| 912 } | 878 } |
| 913 | 879 |
| 914 } // namespace chromeos | 880 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 14192017:
Extract certificate policy application from NetworkLibrary. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src