OLD | NEW |
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "components/policy/core/common/cloud/component_cloud_policy_store.h" | 5 #include "components/policy/core/common/cloud/component_cloud_policy_store.h" |
6 | 6 |
7 #include <stddef.h> | 7 #include <stddef.h> |
| 8 #include <utility> |
8 | 9 |
9 #include "base/callback.h" | 10 #include "base/callback.h" |
10 #include "base/json/json_reader.h" | 11 #include "base/json/json_reader.h" |
11 #include "base/logging.h" | 12 #include "base/logging.h" |
12 #include "base/macros.h" | 13 #include "base/macros.h" |
13 #include "base/strings/string_util.h" | 14 #include "base/strings/string_util.h" |
14 #include "base/values.h" | 15 #include "base/values.h" |
15 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 16 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
16 #include "components/policy/core/common/cloud/cloud_policy_validator.h" | 17 #include "components/policy/core/common/cloud/cloud_policy_validator.h" |
17 #include "components/policy/core/common/external_data_fetcher.h" | 18 #include "components/policy/core/common/external_data_fetcher.h" |
(...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
130 ContentMap protos; | 131 ContentMap protos; |
131 cache_->LoadAllSubkeys(constants.proto_cache_key, &protos); | 132 cache_->LoadAllSubkeys(constants.proto_cache_key, &protos); |
132 for (ContentMap::iterator it = protos.begin(); it != protos.end(); ++it) { | 133 for (ContentMap::iterator it = protos.begin(); it != protos.end(); ++it) { |
133 const std::string& id(it->first); | 134 const std::string& id(it->first); |
134 PolicyNamespace ns(constants.domain, id); | 135 PolicyNamespace ns(constants.domain, id); |
135 | 136 |
136 // Validate each protobuf. | 137 // Validate each protobuf. |
137 scoped_ptr<em::PolicyFetchResponse> proto(new em::PolicyFetchResponse); | 138 scoped_ptr<em::PolicyFetchResponse> proto(new em::PolicyFetchResponse); |
138 em::ExternalPolicyData payload; | 139 em::ExternalPolicyData payload; |
139 if (!proto->ParseFromString(it->second) || | 140 if (!proto->ParseFromString(it->second) || |
140 !ValidateProto( | 141 !ValidateProto(std::move(proto), constants.policy_type, id, &payload, |
141 proto.Pass(), constants.policy_type, id, &payload, NULL)) { | 142 NULL)) { |
142 Delete(ns); | 143 Delete(ns); |
143 continue; | 144 continue; |
144 } | 145 } |
145 | 146 |
146 // The protobuf looks good; load the policy data. | 147 // The protobuf looks good; load the policy data. |
147 std::string data; | 148 std::string data; |
148 PolicyMap policy; | 149 PolicyMap policy; |
149 if (cache_->Load(constants.data_cache_key, id, &data) && | 150 if (cache_->Load(constants.data_cache_key, id, &data) && |
150 ValidateData(data, payload.secure_hash(), &policy)) { | 151 ValidateData(data, payload.secure_hash(), &policy)) { |
151 // The data is also good; expose the policies. | 152 // The data is also good; expose the policies. |
(...skipping 94 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
246 policy_bundle_.Clear(); | 247 policy_bundle_.Clear(); |
247 delegate_->OnComponentCloudPolicyStoreUpdated(); | 248 delegate_->OnComponentCloudPolicyStoreUpdated(); |
248 } | 249 } |
249 } | 250 } |
250 | 251 |
251 bool ComponentCloudPolicyStore::ValidatePolicy( | 252 bool ComponentCloudPolicyStore::ValidatePolicy( |
252 scoped_ptr<em::PolicyFetchResponse> proto, | 253 scoped_ptr<em::PolicyFetchResponse> proto, |
253 PolicyNamespace* ns, | 254 PolicyNamespace* ns, |
254 em::ExternalPolicyData* payload) { | 255 em::ExternalPolicyData* payload) { |
255 em::PolicyData policy_data; | 256 em::PolicyData policy_data; |
256 if (!ValidateProto( | 257 if (!ValidateProto(std::move(proto), std::string(), std::string(), payload, |
257 proto.Pass(), std::string(), std::string(), payload, &policy_data)) { | 258 &policy_data)) { |
258 return false; | 259 return false; |
259 } | 260 } |
260 | 261 |
261 if (!policy_data.has_policy_type()) | 262 if (!policy_data.has_policy_type()) |
262 return false; | 263 return false; |
263 | 264 |
264 const DomainConstants* constants = | 265 const DomainConstants* constants = |
265 GetDomainConstantsForType(policy_data.policy_type()); | 266 GetDomainConstantsForType(policy_data.policy_type()); |
266 if (!constants || !policy_data.has_settings_entity_id()) | 267 if (!constants || !policy_data.has_settings_entity_id()) |
267 return false; | 268 return false; |
268 | 269 |
269 ns->domain = constants->domain; | 270 ns->domain = constants->domain; |
270 ns->component_id = policy_data.settings_entity_id(); | 271 ns->component_id = policy_data.settings_entity_id(); |
271 return true; | 272 return true; |
272 } | 273 } |
273 | 274 |
274 bool ComponentCloudPolicyStore::ValidateProto( | 275 bool ComponentCloudPolicyStore::ValidateProto( |
275 scoped_ptr<em::PolicyFetchResponse> proto, | 276 scoped_ptr<em::PolicyFetchResponse> proto, |
276 const std::string& policy_type, | 277 const std::string& policy_type, |
277 const std::string& settings_entity_id, | 278 const std::string& settings_entity_id, |
278 em::ExternalPolicyData* payload, | 279 em::ExternalPolicyData* payload, |
279 em::PolicyData* policy_data) { | 280 em::PolicyData* policy_data) { |
280 if (username_.empty() || dm_token_.empty()) | 281 if (username_.empty() || dm_token_.empty()) |
281 return false; | 282 return false; |
282 | 283 |
283 scoped_ptr<ComponentCloudPolicyValidator> validator( | 284 scoped_ptr<ComponentCloudPolicyValidator> validator( |
284 ComponentCloudPolicyValidator::Create( | 285 ComponentCloudPolicyValidator::Create( |
285 proto.Pass(), scoped_refptr<base::SequencedTaskRunner>())); | 286 std::move(proto), scoped_refptr<base::SequencedTaskRunner>())); |
286 validator->ValidateUsername(username_, true); | 287 validator->ValidateUsername(username_, true); |
287 validator->ValidateDMToken(dm_token_, | 288 validator->ValidateDMToken(dm_token_, |
288 ComponentCloudPolicyValidator::DM_TOKEN_REQUIRED); | 289 ComponentCloudPolicyValidator::DM_TOKEN_REQUIRED); |
289 if (!policy_type.empty()) | 290 if (!policy_type.empty()) |
290 validator->ValidatePolicyType(policy_type); | 291 validator->ValidatePolicyType(policy_type); |
291 if (!settings_entity_id.empty()) | 292 if (!settings_entity_id.empty()) |
292 validator->ValidateSettingsEntityId(settings_entity_id); | 293 validator->ValidateSettingsEntityId(settings_entity_id); |
293 validator->ValidatePayload(); | 294 validator->ValidatePayload(); |
294 // TODO(joaodasilva): validate signature. | 295 // TODO(joaodasilva): validate signature. |
295 validator->RunValidation(); | 296 validator->RunValidation(); |
(...skipping 62 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
358 // this must support a configurable scope; assuming POLICY_SCOPE_USER is | 359 // this must support a configurable scope; assuming POLICY_SCOPE_USER is |
359 // fine for now. | 360 // fine for now. |
360 policy->Set(it.key(), level, POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, | 361 policy->Set(it.key(), level, POLICY_SCOPE_USER, POLICY_SOURCE_CLOUD, |
361 value.release(), nullptr); | 362 value.release(), nullptr); |
362 } | 363 } |
363 | 364 |
364 return true; | 365 return true; |
365 } | 366 } |
366 | 367 |
367 } // namespace policy | 368 } // namespace policy |
OLD | NEW |