| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_fact
ory.h" | 5 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_fact
ory.h" |
| 6 | 6 |
| 7 #include "base/bind.h" |
| 8 #include "base/location.h" |
| 7 #include "base/memory/singleton.h" | 9 #include "base/memory/singleton.h" |
| 10 #include "base/message_loop/message_loop_proxy.h" |
| 8 #include "chrome/browser/chromeos/login/user.h" | 11 #include "chrome/browser/chromeos/login/user.h" |
| 9 #include "chrome/browser/chromeos/login/user_manager.h" | 12 #include "chrome/browser/chromeos/login/user_manager.h" |
| 10 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | 13 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
| 11 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 14 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 15 #include "chrome/browser/net/nss_context.h" |
| 12 #include "chrome/browser/policy/profile_policy_connector.h" | 16 #include "chrome/browser/policy/profile_policy_connector.h" |
| 13 #include "chrome/browser/policy/profile_policy_connector_factory.h" | 17 #include "chrome/browser/policy/profile_policy_connector_factory.h" |
| 14 #include "chrome/browser/profiles/incognito_helpers.h" | 18 #include "chrome/browser/profiles/incognito_helpers.h" |
| 15 #include "chrome/browser/profiles/profile.h" | 19 #include "chrome/browser/profiles/profile.h" |
| 16 #include "chrome/common/pref_names.h" | 20 #include "chrome/common/pref_names.h" |
| 17 #include "chromeos/network/network_handler.h" | 21 #include "chromeos/network/network_handler.h" |
| 18 #include "chromeos/network/onc/onc_certificate_importer_impl.h" | 22 #include "chromeos/network/onc/onc_certificate_importer_impl.h" |
| 19 #include "components/browser_context_keyed_service/browser_context_dependency_ma
nager.h" | 23 #include "components/browser_context_keyed_service/browser_context_dependency_ma
nager.h" |
| 20 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 24 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 21 | 25 |
| 22 namespace policy { | 26 namespace policy { |
| 23 | 27 |
| 28 namespace { |
| 29 |
| 30 bool skip_certificate_importer_creation_for_test = false; |
| 31 |
| 32 // Callback for getting the users certificate database. |
| 33 // Initializes onc::CertificateImporter for |updater|. |
| 34 void OnDatabaseForImporter( |
| 35 UserNetworkConfigurationUpdater* updater, |
| 36 net::NSSCertDatabase* cert_database) { |
| 37 updater->SetCertificateImporter( |
| 38 scoped_ptr<chromeos::onc::CertificateImporter>( |
| 39 new chromeos::onc::CertificateImporterImpl(cert_database))); |
| 40 } |
| 41 |
| 42 // Fetches the user's NSSCertDatabase so it could be user to creating the |
| 43 // |updater|'s certificate importer. |
| 44 void CreateAndSetCertificateImporterForService( |
| 45 Profile* profile, |
| 46 UserNetworkConfigurationUpdater* updater) { |
| 47 // |GetNSSCertDatabaseForProfile| should not be called before the profile's |
| 48 // ProfileIOData is initialized, which happens in ProfileImpl::DoFinalInit. |
| 49 // Unfortunately, this is not the case here. Services created with the browser |
| 50 // context (one of which is UserNetworkConfigurationUpdater) are created |
| 51 // before profile's final initialization, but during the same message loop |
| 52 // task. Going async here should make callign GetNSSCertDatabaseForProfile |
| 53 // safe. |
| 54 base::MessageLoopProxy::current()->PostTask( |
| 55 FROM_HERE, |
| 56 base::Bind( |
| 57 &GetNSSCertDatabaseForProfile, |
| 58 profile, |
| 59 base::Bind(&OnDatabaseForImporter, updater))); |
| 60 } |
| 61 |
| 62 } // namespace |
| 63 |
| 24 // static | 64 // static |
| 25 UserNetworkConfigurationUpdater* | 65 UserNetworkConfigurationUpdater* |
| 26 UserNetworkConfigurationUpdaterFactory::GetForProfile(Profile* profile) { | 66 UserNetworkConfigurationUpdaterFactory::GetForProfile(Profile* profile) { |
| 27 return static_cast<UserNetworkConfigurationUpdater*>( | 67 return static_cast<UserNetworkConfigurationUpdater*>( |
| 28 GetInstance()->GetServiceForBrowserContext(profile, true)); | 68 GetInstance()->GetServiceForBrowserContext(profile, true)); |
| 29 } | 69 } |
| 30 | 70 |
| 31 // static | 71 // static |
| 32 UserNetworkConfigurationUpdaterFactory* | 72 UserNetworkConfigurationUpdaterFactory* |
| 33 UserNetworkConfigurationUpdaterFactory::GetInstance() { | 73 UserNetworkConfigurationUpdaterFactory::GetInstance() { |
| 34 return Singleton<UserNetworkConfigurationUpdaterFactory>::get(); | 74 return Singleton<UserNetworkConfigurationUpdaterFactory>::get(); |
| 35 } | 75 } |
| 36 | 76 |
| 77 // static |
| 78 void UserNetworkConfigurationUpdaterFactory:: |
| 79 SetSkipCertificateImporterCreationForTest(bool skip) { |
| 80 skip_certificate_importer_creation_for_test = skip; |
| 81 } |
| 82 |
| 37 UserNetworkConfigurationUpdaterFactory::UserNetworkConfigurationUpdaterFactory() | 83 UserNetworkConfigurationUpdaterFactory::UserNetworkConfigurationUpdaterFactory() |
| 38 : BrowserContextKeyedServiceFactory( | 84 : BrowserContextKeyedServiceFactory( |
| 39 "UserNetworkConfigurationUpdater", | 85 "UserNetworkConfigurationUpdater", |
| 40 BrowserContextDependencyManager::GetInstance()) { | 86 BrowserContextDependencyManager::GetInstance()) { |
| 41 DependsOn(ProfilePolicyConnectorFactory::GetInstance()); | 87 DependsOn(ProfilePolicyConnectorFactory::GetInstance()); |
| 42 } | 88 } |
| 43 | 89 |
| 44 UserNetworkConfigurationUpdaterFactory:: | 90 UserNetworkConfigurationUpdaterFactory:: |
| 45 ~UserNetworkConfigurationUpdaterFactory() {} | 91 ~UserNetworkConfigurationUpdaterFactory() {} |
| 46 | 92 |
| (...skipping 27 matching lines...) Expand all Loading... |
| 74 // also http://crbug.com/310685 . | 120 // also http://crbug.com/310685 . |
| 75 if (user != user_manager->GetPrimaryUser()) | 121 if (user != user_manager->GetPrimaryUser()) |
| 76 return NULL; | 122 return NULL; |
| 77 | 123 |
| 78 const bool allow_trusted_certs_from_policy = | 124 const bool allow_trusted_certs_from_policy = |
| 79 user->GetType() == chromeos::User::USER_TYPE_REGULAR; | 125 user->GetType() == chromeos::User::USER_TYPE_REGULAR; |
| 80 | 126 |
| 81 ProfilePolicyConnector* profile_connector = | 127 ProfilePolicyConnector* profile_connector = |
| 82 ProfilePolicyConnectorFactory::GetForProfile(profile); | 128 ProfilePolicyConnectorFactory::GetForProfile(profile); |
| 83 | 129 |
| 84 return UserNetworkConfigurationUpdater::CreateForUserPolicy( | 130 scoped_ptr<UserNetworkConfigurationUpdater> updater( |
| 85 allow_trusted_certs_from_policy, | 131 UserNetworkConfigurationUpdater::CreateForUserPolicy( |
| 86 *user, | 132 allow_trusted_certs_from_policy, |
| 87 scoped_ptr<chromeos::onc::CertificateImporter>( | 133 *user, |
| 88 new chromeos::onc::CertificateImporterImpl), | 134 profile_connector->policy_service(), |
| 89 profile_connector->policy_service(), | 135 chromeos::NetworkHandler::Get()-> |
| 90 chromeos::NetworkHandler::Get()->managed_network_configuration_handler()) | 136 managed_network_configuration_handler())); |
| 91 .release(); | 137 |
| 138 // The certificate importer is created asynchronously and passed to the |
| 139 // updater. |
| 140 if (!skip_certificate_importer_creation_for_test) |
| 141 CreateAndSetCertificateImporterForService(profile, updater.get()); |
| 142 |
| 143 return updater.release(); |
| 92 } | 144 } |
| 93 | 145 |
| 94 } // namespace policy | 146 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 148183013:
Use per-user nssdb in onc certificate importer (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src