| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" |
| 6 | 6 |
| 7 #include <utility> |
| 8 |
| 7 #include "base/bind.h" | 9 #include "base/bind.h" |
| 8 #include "base/callback.h" | 10 #include "base/callback.h" |
| 9 #include "chrome/browser/browser_process.h" | 11 #include "chrome/browser/browser_process.h" |
| 10 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 12 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 11 #include "chromeos/dbus/session_manager_client.h" | 13 #include "chromeos/dbus/session_manager_client.h" |
| 12 #include "components/ownership/owner_key_util.h" | 14 #include "components/ownership/owner_key_util.h" |
| 13 #include "components/policy/core/common/cloud/device_management_service.h" | 15 #include "components/policy/core/common/cloud/device_management_service.h" |
| 14 #include "components/policy/core/common/external_data_fetcher.h" | 16 #include "components/policy/core/common/external_data_fetcher.h" |
| 15 #include "components/policy/core/common/policy_map.h" | 17 #include "components/policy/core/common/policy_map.h" |
| 16 #include "components/policy/core/common/policy_types.h" | 18 #include "components/policy/core/common/policy_types.h" |
| (...skipping 37 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 54 | 56 |
| 55 void DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob( | 57 void DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob( |
| 56 const std::string& policy_blob) { | 58 const std::string& policy_blob) { |
| 57 if (policy_blob.empty()) { | 59 if (policy_blob.empty()) { |
| 58 status_ = CloudPolicyStore::STATUS_LOAD_ERROR; | 60 status_ = CloudPolicyStore::STATUS_LOAD_ERROR; |
| 59 NotifyStoreError(); | 61 NotifyStoreError(); |
| 60 } else { | 62 } else { |
| 61 scoped_ptr<em::PolicyFetchResponse> policy(new em::PolicyFetchResponse()); | 63 scoped_ptr<em::PolicyFetchResponse> policy(new em::PolicyFetchResponse()); |
| 62 if (policy->ParseFromString(policy_blob)) { | 64 if (policy->ParseFromString(policy_blob)) { |
| 63 CheckKeyAndValidate( | 65 CheckKeyAndValidate( |
| 64 false, | 66 false, std::move(policy), |
| 65 policy.Pass(), | |
| 66 base::Bind(&DeviceLocalAccountPolicyStore::UpdatePolicy, | 67 base::Bind(&DeviceLocalAccountPolicyStore::UpdatePolicy, |
| 67 weak_factory_.GetWeakPtr())); | 68 weak_factory_.GetWeakPtr())); |
| 68 } else { | 69 } else { |
| 69 status_ = CloudPolicyStore::STATUS_PARSE_ERROR; | 70 status_ = CloudPolicyStore::STATUS_PARSE_ERROR; |
| 70 NotifyStoreError(); | 71 NotifyStoreError(); |
| 71 } | 72 } |
| 72 } | 73 } |
| 73 } | 74 } |
| 74 | 75 |
| 75 void DeviceLocalAccountPolicyStore::UpdatePolicy( | 76 void DeviceLocalAccountPolicyStore::UpdatePolicy( |
| 76 UserCloudPolicyValidator* validator) { | 77 UserCloudPolicyValidator* validator) { |
| 77 validation_status_ = validator->status(); | 78 validation_status_ = validator->status(); |
| 78 if (!validator->success()) { | 79 if (!validator->success()) { |
| 79 status_ = STATUS_VALIDATION_ERROR; | 80 status_ = STATUS_VALIDATION_ERROR; |
| 80 NotifyStoreError(); | 81 NotifyStoreError(); |
| 81 return; | 82 return; |
| 82 } | 83 } |
| 83 | 84 |
| 84 InstallPolicy(validator->policy_data().Pass(), validator->payload().Pass()); | 85 InstallPolicy(std::move(validator->policy_data()), |
| 86 std::move(validator->payload())); |
| 85 status_ = STATUS_OK; | 87 status_ = STATUS_OK; |
| 86 NotifyStoreLoaded(); | 88 NotifyStoreLoaded(); |
| 87 } | 89 } |
| 88 | 90 |
| 89 void DeviceLocalAccountPolicyStore::StoreValidatedPolicy( | 91 void DeviceLocalAccountPolicyStore::StoreValidatedPolicy( |
| 90 UserCloudPolicyValidator* validator) { | 92 UserCloudPolicyValidator* validator) { |
| 91 if (!validator->success()) { | 93 if (!validator->success()) { |
| 92 status_ = CloudPolicyStore::STATUS_VALIDATION_ERROR; | 94 status_ = CloudPolicyStore::STATUS_VALIDATION_ERROR; |
| 93 validation_status_ = validator->status(); | 95 validation_status_ = validator->status(); |
| 94 NotifyStoreError(); | 96 NotifyStoreError(); |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 141 device_settings_service_->policy_data(); | 143 device_settings_service_->policy_data(); |
| 142 scoped_refptr<ownership::PublicKey> key = | 144 scoped_refptr<ownership::PublicKey> key = |
| 143 device_settings_service_->GetPublicKey(); | 145 device_settings_service_->GetPublicKey(); |
| 144 if (!key.get() || !key->is_loaded() || !device_policy_data) { | 146 if (!key.get() || !key->is_loaded() || !device_policy_data) { |
| 145 status_ = CloudPolicyStore::STATUS_BAD_STATE; | 147 status_ = CloudPolicyStore::STATUS_BAD_STATE; |
| 146 NotifyStoreLoaded(); | 148 NotifyStoreLoaded(); |
| 147 return; | 149 return; |
| 148 } | 150 } |
| 149 | 151 |
| 150 scoped_ptr<UserCloudPolicyValidator> validator( | 152 scoped_ptr<UserCloudPolicyValidator> validator( |
| 151 UserCloudPolicyValidator::Create(policy_response.Pass(), | 153 UserCloudPolicyValidator::Create(std::move(policy_response), |
| 152 background_task_runner())); | 154 background_task_runner())); |
| 153 validator->ValidateUsername(account_id_, false); | 155 validator->ValidateUsername(account_id_, false); |
| 154 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType); | 156 validator->ValidatePolicyType(dm_protocol::kChromePublicAccountPolicyType); |
| 155 // The timestamp is verified when storing a new policy downloaded from the | 157 // The timestamp is verified when storing a new policy downloaded from the |
| 156 // server but not when loading a cached policy from disk. | 158 // server but not when loading a cached policy from disk. |
| 157 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. | 159 // See SessionManagerOperation::ValidateDeviceSettings for the rationale. |
| 158 validator->ValidateAgainstCurrentPolicy( | 160 validator->ValidateAgainstCurrentPolicy( |
| 159 policy(), | 161 policy(), |
| 160 valid_timestamp_required | 162 valid_timestamp_required |
| 161 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED | 163 ? CloudPolicyValidatorBase::TIMESTAMP_REQUIRED |
| 162 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, | 164 : CloudPolicyValidatorBase::TIMESTAMP_NOT_REQUIRED, |
| 163 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED); | 165 CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED); |
| 164 | 166 |
| 165 // Validate the DMToken to match what device policy has. | 167 // Validate the DMToken to match what device policy has. |
| 166 validator->ValidateDMToken(device_policy_data->request_token(), | 168 validator->ValidateDMToken(device_policy_data->request_token(), |
| 167 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); | 169 CloudPolicyValidatorBase::DM_TOKEN_REQUIRED); |
| 168 | 170 |
| 169 validator->ValidatePayload(); | 171 validator->ValidatePayload(); |
| 170 policy::BrowserPolicyConnectorChromeOS* connector = | 172 policy::BrowserPolicyConnectorChromeOS* connector = |
| 171 g_browser_process->platform_part()->browser_policy_connector_chromeos(); | 173 g_browser_process->platform_part()->browser_policy_connector_chromeos(); |
| 172 validator->ValidateSignature(key->as_string(), | 174 validator->ValidateSignature(key->as_string(), |
| 173 GetPolicyVerificationKey(), | 175 GetPolicyVerificationKey(), |
| 174 connector->GetEnterpriseDomain(), | 176 connector->GetEnterpriseDomain(), |
| 175 false); | 177 false); |
| 176 validator.release()->StartValidation(callback); | 178 validator.release()->StartValidation(callback); |
| 177 } | 179 } |
| 178 | 180 |
| 179 } // namespace policy | 181 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 1557693002:
Convert Pass()→std::move() in //chrome/browser/chromeos/policy (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master