| OLD | NEW |
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/policy_applicator.h" | 5 #include "chromeos/network/policy_applicator.h" |
| 6 | 6 |
| 7 #include <utility> | 7 #include <utility> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/location.h" | 10 #include "base/location.h" |
| (...skipping 25 matching lines...) Expand all Loading... |
| 36 const PolicyApplicator::GuidToPolicyMap& policies, | 36 const PolicyApplicator::GuidToPolicyMap& policies, |
| 37 const std::string& guid) { | 37 const std::string& guid) { |
| 38 PolicyApplicator::GuidToPolicyMap::const_iterator it = policies.find(guid); | 38 PolicyApplicator::GuidToPolicyMap::const_iterator it = policies.find(guid); |
| 39 if (it == policies.end()) | 39 if (it == policies.end()) |
| 40 return NULL; | 40 return NULL; |
| 41 return it->second; | 41 return it->second; |
| 42 } | 42 } |
| 43 | 43 |
| 44 } // namespace | 44 } // namespace |
| 45 | 45 |
| 46 PolicyApplicator::PolicyApplicator(base::WeakPtr<ConfigurationHandler> handler, | 46 PolicyApplicator::PolicyApplicator( |
| 47 const NetworkProfile& profile, | 47 base::WeakPtr<ConfigurationHandler> handler, |
| 48 const GuidToPolicyMap& all_policies, | 48 const NetworkProfile& profile, |
| 49 std::set<std::string>* modified_policies) | 49 const GuidToPolicyMap& all_policies, |
| 50 const base::DictionaryValue& global_network_config, |
| 51 std::set<std::string>* modified_policies) |
| 50 : handler_(handler), profile_(profile) { | 52 : handler_(handler), profile_(profile) { |
| 53 global_network_config_.MergeDictionary(&global_network_config); |
| 51 remaining_policies_.swap(*modified_policies); | 54 remaining_policies_.swap(*modified_policies); |
| 52 for (GuidToPolicyMap::const_iterator it = all_policies.begin(); | 55 for (GuidToPolicyMap::const_iterator it = all_policies.begin(); |
| 53 it != all_policies.end(); ++it) { | 56 it != all_policies.end(); ++it) { |
| 54 all_policies_.insert(std::make_pair(it->first, it->second->DeepCopy())); | 57 all_policies_.insert(std::make_pair(it->first, it->second->DeepCopy())); |
| 55 } | 58 } |
| 56 } | 59 } |
| 57 | 60 |
| 58 void PolicyApplicator::Run() { | 61 void PolicyApplicator::Run() { |
| 59 DBusThreadManager::Get()->GetShillProfileClient()->GetProperties( | 62 DBusThreadManager::Get()->GetShillProfileClient()->GetProperties( |
| 60 dbus::ObjectPath(profile_.path), | 63 dbus::ObjectPath(profile_.path), |
| (...skipping 123 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 184 } | 187 } |
| 185 } else if (was_managed) { | 188 } else if (was_managed) { |
| 186 VLOG(1) << "Removing configuration previously managed by policy " | 189 VLOG(1) << "Removing configuration previously managed by policy " |
| 187 << old_guid << ", because the policy was removed."; | 190 << old_guid << ", because the policy was removed."; |
| 188 | 191 |
| 189 // Remove the entry, because the network was managed but isn't anymore. | 192 // Remove the entry, because the network was managed but isn't anymore. |
| 190 // Note: An alternative might be to preserve the user settings, but it's | 193 // Note: An alternative might be to preserve the user settings, but it's |
| 191 // unclear which values originating the policy should be removed. | 194 // unclear which values originating the policy should be removed. |
| 192 DeleteEntry(entry); | 195 DeleteEntry(entry); |
| 193 } else { | 196 } else { |
| 194 VLOG(2) << "Ignore unmanaged entry."; | 197 // The entry wasn't managed and doesn't match any current policy. Global |
| 198 // network settings have to be applied. |
| 195 | 199 |
| 196 // The entry wasn't managed and doesn't match any current policy. Thus | 200 base::DictionaryValue shill_properties_to_update; |
| 197 // leave it as it is. | 201 GetPropertiesForUnmanagedEntry(entry_properties, |
| 202 &shill_properties_to_update); |
| 203 if (shill_properties_to_update.empty()) { |
| 204 VLOG(2) << "Ignore unmanaged entry."; |
| 205 // Calling a SetProperties of Shill with an empty dictionary is a no op. |
| 206 } else { |
| 207 VLOG(2) << "Apply global network config to unmanaged entry."; |
| 208 handler_->UpdateExistingConfigurationWithPropertiesFromPolicy( |
| 209 entry_properties, shill_properties_to_update); |
| 210 } |
| 198 } | 211 } |
| 199 } | 212 } |
| 200 | 213 |
| 201 void PolicyApplicator::DeleteEntry(const std::string& entry) { | 214 void PolicyApplicator::DeleteEntry(const std::string& entry) { |
| 202 DBusThreadManager::Get()->GetShillProfileClient()->DeleteEntry( | 215 DBusThreadManager::Get()->GetShillProfileClient()->DeleteEntry( |
| 203 dbus::ObjectPath(profile_.path), | 216 dbus::ObjectPath(profile_.path), |
| 204 entry, | 217 entry, |
| 205 base::Bind(&base::DoNothing), | 218 base::Bind(&base::DoNothing), |
| 206 base::Bind(&LogErrorMessage, FROM_HERE)); | 219 base::Bind(&LogErrorMessage, FROM_HERE)); |
| 207 } | 220 } |
| (...skipping 17 matching lines...) Expand all Loading... |
| 225 if (auth == ::onc::ethernet::kNone) | 238 if (auth == ::onc::ethernet::kNone) |
| 226 return; | 239 return; |
| 227 } | 240 } |
| 228 | 241 |
| 229 scoped_ptr<base::DictionaryValue> shill_dictionary = | 242 scoped_ptr<base::DictionaryValue> shill_dictionary = |
| 230 policy_util::CreateShillConfiguration( | 243 policy_util::CreateShillConfiguration( |
| 231 profile_, guid, &policy, user_settings); | 244 profile_, guid, &policy, user_settings); |
| 232 handler_->CreateConfigurationFromPolicy(*shill_dictionary); | 245 handler_->CreateConfigurationFromPolicy(*shill_dictionary); |
| 233 } | 246 } |
| 234 | 247 |
| 248 void PolicyApplicator::GetPropertiesForUnmanagedEntry( |
| 249 const base::DictionaryValue& entry_properties, |
| 250 base::DictionaryValue* properties_to_update) const { |
| 251 // kAllowOnlyPolicyNetworksToAutoconnect is currently the only global config. |
| 252 |
| 253 std::string type; |
| 254 entry_properties.GetStringWithoutPathExpansion(shill::kTypeProperty, &type); |
| 255 if (NetworkTypePattern::Ethernet().MatchesType(type)) |
| 256 return; // Autoconnect for Ethernet cannot be configured. |
| 257 |
| 258 // By default all networks are allowed to autoconnect. |
| 259 bool only_policy_autoconnect = false; |
| 260 global_network_config_.GetBooleanWithoutPathExpansion( |
| 261 ::onc::global_network_config::kAllowOnlyPolicyNetworksToAutoconnect, |
| 262 &only_policy_autoconnect); |
| 263 if (!only_policy_autoconnect) |
| 264 return; |
| 265 |
| 266 bool old_autoconnect = false; |
| 267 if (entry_properties.GetBooleanWithoutPathExpansion( |
| 268 shill::kAutoConnectProperty, &old_autoconnect) && |
| 269 !old_autoconnect) { |
| 270 // Autoconnect is already explictly disabled. No need to set it again. |
| 271 return; |
| 272 } |
| 273 // If autconnect is not explicitly set yet, it might automatically be enabled |
| 274 // by Shill. To prevent that, disable it explicitly. |
| 275 properties_to_update->SetBooleanWithoutPathExpansion( |
| 276 shill::kAutoConnectProperty, false); |
| 277 } |
| 278 |
| 235 PolicyApplicator::~PolicyApplicator() { | 279 PolicyApplicator::~PolicyApplicator() { |
| 236 ApplyRemainingPolicies(); | 280 ApplyRemainingPolicies(); |
| 237 STLDeleteValues(&all_policies_); | 281 STLDeleteValues(&all_policies_); |
| 238 } | 282 } |
| 239 | 283 |
| 240 void PolicyApplicator::ApplyRemainingPolicies() { | 284 void PolicyApplicator::ApplyRemainingPolicies() { |
| 241 if (!handler_) { | 285 if (!handler_) { |
| 242 LOG(WARNING) << "Handler destructed during policy application to profile " | 286 LOG(WARNING) << "Handler destructed during policy application to profile " |
| 243 << profile_.ToDebugString(); | 287 << profile_.ToDebugString(); |
| 244 return; | 288 return; |
| (...skipping 14 matching lines...) Expand all Loading... |
| 259 | 303 |
| 260 VLOG(1) << "Creating new configuration managed by policy " << *it | 304 VLOG(1) << "Creating new configuration managed by policy " << *it |
| 261 << " in profile " << profile_.ToDebugString() << "."; | 305 << " in profile " << profile_.ToDebugString() << "."; |
| 262 | 306 |
| 263 CreateAndWriteNewShillConfiguration( | 307 CreateAndWriteNewShillConfiguration( |
| 264 *it, *policy, NULL /* no user settings */); | 308 *it, *policy, NULL /* no user settings */); |
| 265 } | 309 } |
| 266 } | 310 } |
| 267 | 311 |
| 268 } // namespace chromeos | 312 } // namespace chromeos |
| OLD | NEW |