Reduce unneeded policy fetches by detecting expired invalidations.

chrome/browser/policy/cloud/cloud_policy_invalidator.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chrome/browser/policy/cloud/cloud_policy_invalidator.h"
 
 #include "base/bind.h"
 #include "base/command_line.h"
 #include "base/hash.h"
 #include "base/location.h"
@@ skipping 12 matching lines @@
 #include "policy/policy_constants.h"
 #include "sync/notifier/object_id_invalidation_map.h"
 
 namespace policy {
 
 const int CloudPolicyInvalidator::kMissingPayloadDelay = 5;
 const int CloudPolicyInvalidator::kMaxFetchDelayDefault = 120000;
 const int CloudPolicyInvalidator::kMaxFetchDelayMin = 1000;
 const int CloudPolicyInvalidator::kMaxFetchDelayMax = 300000;
 const int CloudPolicyInvalidator::kInvalidationGracePeriod = 10;
+const int CloudPolicyInvalidator::kUnknownVersionIgnorePeriod = 30;
+const int CloudPolicyInvalidator::kMaxInvalidationTimeDelta = 300;
 
 CloudPolicyInvalidator::CloudPolicyInvalidator(
     CloudPolicyCore* core,
     const scoped_refptr<base::SequencedTaskRunner>& task_runner,
     scoped_ptr<base::Clock> clock)
     : state_(UNINITIALIZED),
       core_(core),
       task_runner_(task_runner),
       clock_(clock.Pass()),
       invalidation_service_(NULL),
@@ skipping 124 matching lines @@
       !invalidation.is_unknown_version() &&
       invalidation.version() <= invalidation_version_) {
     return;
   }
 
   // If there is still a pending invalidation, acknowledge it, since we only
   // care about the latest invalidation.
   if (invalid_)
     AcknowledgeInvalidation();
 
+  // Get the version and payload from the invalidation.
+  // When an invalidation with unknown version is received, use negative
+  // numbers based on the number of such invalidations received. This
+  // ensures that the version numbers do not collide with "real" versions
+  // (which are positive) or previous invalidations with unknown version.
+  int64 version;
+  std::string payload;
+  if (invalidation.is_unknown_version()) {
+    version = -(++unknown_version_invalidation_count_);
+  } else {
+    version = invalidation.version();
+    payload = invalidation.payload();
+  }
+
+  // Ignore the invalidation if it is expired.
+  bool is_expired = IsInvalidationExpired(version);
+  UMA_HISTOGRAM_ENUMERATION(
+      kMetricPolicyInvalidations,
+      GetInvalidationMetric(payload.empty(), is_expired),
+      POLICY_INVALIDATION_TYPE_SIZE);
+  if (is_expired) {
+    invalidation.Acknowledge();
+    return;
+  }
+
   // Update invalidation state.
   invalid_ = true;
   invalidation_.reset(new syncer::Invalidation(invalidation));
-
-  // When an invalidation with unknown version is received, use negative
-  // numbers based on the number of such invalidations received. This
-  // ensures that the version numbers do not collide with "real" versions
-  // (which are positive) or previous invalidations with unknown version.
-  if (invalidation.is_unknown_version()) {
-    invalidation_version_ = -(++unknown_version_invalidation_count_);
-  } else {
-    invalidation_version_ = invalidation.version();
-  }
+  invalidation_version_ = version;
 
   // In order to prevent the cloud policy server from becoming overwhelmed when
   // a policy with many users is modified, delay for a random period of time
   // before fetching the policy. Delay for at least 20ms so that if multiple
   // invalidations are received in quick succession, only one fetch will be
   // performed.
   base::TimeDelta delay = base::TimeDelta::FromMilliseconds(
       base::RandInt(20, max_fetch_delay_));
 
-  std::string payload;
-  if (!invalidation.is_unknown_version())
-    payload = invalidation.payload();
-
   // If there is a payload, the policy can be refreshed at any time, so set
   // the version and payload on the client immediately. Otherwise, the refresh
   // must only run after at least kMissingPayloadDelay minutes.
   if (!payload.empty())
-    core_->client()->SetInvalidationInfo(invalidation_version_, payload);
+    core_->client()->SetInvalidationInfo(version, payload);
   else
     delay += base::TimeDelta::FromMinutes(kMissingPayloadDelay);
 
   // Schedule the policy to be refreshed.
   task_runner_->PostDelayedTask(
       FROM_HERE,
       base::Bind(
           &CloudPolicyInvalidator::RefreshPolicy,
           weak_factory_.GetWeakPtr(),
           payload.empty() /* is_missing_payload */),
       delay);
-
-  // Update the kMetricPolicyInvalidations histogram.
-  UMA_HISTOGRAM_BOOLEAN(kMetricPolicyInvalidations, !payload.empty());
 }
 
 void CloudPolicyInvalidator::UpdateRegistration(
     const enterprise_management::PolicyData* policy) {
   // Create the ObjectId based on the policy data.
   // If the policy does not specify an the ObjectId, then unregister.
   if (!policy ||
       !policy->has_invalidation_source() ||
       !policy->has_invalidation_name()) {
     Unregister();
@@ skipping 109 matching lines @@
   // Determine if the policy changed by comparing its hash value to the
   // previous policy's hash value.
   uint32 new_hash_value = 0;
   if (policy && policy->has_policy_value())
     new_hash_value = base::Hash(policy->policy_value());
   bool changed = new_hash_value != policy_hash_value_;
   policy_hash_value_ = new_hash_value;
   return changed;
 }
 
+bool CloudPolicyInvalidator::IsInvalidationExpired(int64 version) {
+  base::Time last_fetch_time = base::Time::UnixEpoch() +
+      base::TimeDelta::FromMilliseconds(core_->store()->policy()->timestamp());
+
+  // If the version is unknown, consider the invalidation invalid if the
+  // policy was fetched very recently.
+  if (version < 0) {
+    base::TimeDelta elapsed = clock_->Now() - last_fetch_time;
+    return elapsed.InSeconds() < kUnknownVersionIgnorePeriod;
+  }
+
+  // The invalidation version is the timestamp in microseconds. If the
+  // invalidation occurred before the last policy fetch, then the invalidation
+  // is expired. Time is added to the invalidation to err on the side of not
+  // expired.
+  base::Time invalidation_time = base::Time::UnixEpoch() +
+      base::TimeDelta::FromMicroseconds(version) +
+      base::TimeDelta::FromSeconds(kMaxInvalidationTimeDelta);
+  return invalidation_time < last_fetch_time;
+}
+
 int CloudPolicyInvalidator::GetPolicyRefreshMetric(bool policy_changed) {
   if (policy_changed) {
     if (invalid_)
       return METRIC_POLICY_REFRESH_INVALIDATED_CHANGED;
     if (GetInvalidationsEnabled())
       return METRIC_POLICY_REFRESH_CHANGED;
     return METRIC_POLICY_REFRESH_CHANGED_NO_INVALIDATIONS;
   }
   if (invalid_)
     return METRIC_POLICY_REFRESH_INVALIDATED_UNCHANGED;
   return METRIC_POLICY_REFRESH_UNCHANGED;
 }
 
+int CloudPolicyInvalidator::GetInvalidationMetric(bool is_missing_payload,
+                                                  bool is_expired) {
+  if (is_expired) {
+    if (is_missing_payload)
+      return POLICY_INVALIDATION_TYPE_NO_PAYLOAD_EXPIRED;
+    return POLICY_INVALIDATION_TYPE_EXPIRED;
+  }
+  if (is_missing_payload)
+    return POLICY_INVALIDATION_TYPE_NO_PAYLOAD;
+  return POLICY_INVALIDATION_TYPE_NORMAL;
+}
+
 bool CloudPolicyInvalidator::GetInvalidationsEnabled() {
   if (!invalidations_enabled_)
     return false;
   // If invalidations have been enabled for less than the grace period, then
   // consider invalidations to be disabled for metrics reporting.
   base::TimeDelta elapsed = clock_->Now() - invalidations_enabled_time_;
   return elapsed.InSeconds() >= kInvalidationGracePeriod;
 }
 
 }  // namespace policy