Chromium Code Reviews Chromium Code Reviews
Issue 233423002:
Don't upload extension IDs in the cloud policy protocol. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src| Index: chrome/browser/policy/test/policy_testserver.py |
| diff --git a/chrome/browser/policy/test/policy_testserver.py b/chrome/browser/policy/test/policy_testserver.py |
| index 13b98f97ae27f54106f1726095a26aa721874be8..09a1c986d90f36daf5eb56da143cae54501b0352 100644 |
| --- a/chrome/browser/policy/test/policy_testserver.py |
| +++ b/chrome/browser/policy/test/policy_testserver.py |
| @@ -57,6 +57,7 @@ Example: |
| import base64 |
| import BaseHTTPServer |
| import cgi |
| +import glob |
| import google.protobuf.text_format |
| import hashlib |
| import logging |
| @@ -446,7 +447,7 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): |
| response = dm.DeviceManagementResponse() |
| for request in msg.policy_request.request: |
| fetch_response = response.policy_response.response.add() |
| - if (request.policy_type in |
| + if (request.policy_type not in |
|
Mattias Nissler (ping if slow)
2014/04/25 11:51:46
The logic here is rather convoluted now. Can't we
Joao da Silva
2014/04/28 11:56:12
Done.
|
| ('google/android/user', |
| 'google/chrome/extension', |
| 'google/chromeos/device', |
| @@ -454,14 +455,30 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler): |
| 'google/chromeos/user', |
| 'google/chrome/user', |
| 'google/ios/user')): |
| - if request_type != 'policy': |
| - fetch_response.error_code = 400 |
| - fetch_response.error_message = 'Invalid request type' |
| - else: |
| - self.ProcessCloudPolicy(request, token_info, fetch_response) |
| - else: |
| fetch_response.error_code = 400 |
| fetch_response.error_message = 'Invalid policy_type' |
| + elif request_type != 'policy': |
| + fetch_response.error_code = 400 |
| + fetch_response.error_message = 'Invalid request type' |
| + elif request.policy_type == 'google/chrome/extension': |
| + # Send one PolicyFetchResponse for each extension that has |
| + # configuration data at the server. |
| + del response.policy_response.response[-1] |
| + ids = self.server.ListMatchingComponents('google/chrome/extension') |
| + for settings_entity_id in ids: |
| + fake_request = dm.PolicyFetchRequest() |
| + # Copy the extension policy request, to trigger the same signature |
| + # type in the response. |
|
Mattias Nissler (ping if slow)
2014/04/25 11:51:46
Why not just use |request|?
Joao da Silva
2014/04/28 11:56:12
Done.
|
| + fake_request.CopyFrom(request) |
| + fake_request.settings_entity_id = settings_entity_id |
| + fetch_response = response.policy_response.response.add() |
| + self.ProcessCloudPolicy(fake_request, token_info, fetch_response) |
| + # Don't do key rotations for these messages. |
| + fetch_response.ClearField('new_public_key') |
| + fetch_response.ClearField('new_public_key_signature') |
| + fetch_response.ClearField('new_public_key_verification_signature') |
| + else: |
| + self.ProcessCloudPolicy(request, token_info, fetch_response) |
| return (200, response) |
| @@ -1056,6 +1073,22 @@ class PolicyTestServer(testserver_base.BrokenPipeHandlerMixIn, |
| return os.path.join(self.data_dir or '', |
| 'policy_%s' % sanitized_policy_selector) |
| + def ListMatchingComponents(self, policy_type): |
| + """Returns a list of settings entity IDs that have a configuration file. |
| + |
| + Args: |
| + policy_type: the policy type to look for. Only settings entity IDs for |
| + file selectors that match this policy_type will be returned. |
| + |
| + Returns: |
| + A list of settings entity IDs for the given |policy_type| that have a |
| + configuration file in this server (either as a .bin, .txt or .data file). |
| + """ |
| + base_name = self.GetBaseFilename(policy_type) |
| + files = glob.glob('%s_*.*' % base_name) |
| + len_base_name = len(base_name) + 1 |
| + return [ file[len_base_name:file.rfind('.')] for file in files ] |
| + |
| def ReadPolicyFromDataDir(self, policy_selector, proto_message): |
| """Tries to read policy payload from a file in the data directory. |
