Chromium Code Reviews Chromium Code Reviews
Issue 2486813002:
Add DeviceADPolicyManager to provide AD policy. (Closed)
| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 #include <utility> | 8 #include <utility> |
| 9 | 9 |
| 10 #include "base/bind.h" | 10 #include "base/bind.h" |
| 11 #include "base/command_line.h" | 11 #include "base/command_line.h" |
| 12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
| 13 #include "base/location.h" | 13 #include "base/location.h" |
| 14 #include "base/logging.h" | 14 #include "base/logging.h" |
| 15 #include "base/memory/ptr_util.h" | 15 #include "base/memory/ptr_util.h" |
| 16 #include "base/path_service.h" | 16 #include "base/path_service.h" |
| 17 #include "base/sequenced_task_runner.h" | 17 #include "base/sequenced_task_runner.h" |
| 18 #include "base/single_thread_task_runner.h" | 18 #include "base/single_thread_task_runner.h" |
| 19 #include "base/strings/utf_string_conversions.h" | 19 #include "base/strings/utf_string_conversions.h" |
| 20 #include "base/threading/sequenced_worker_pool.h" | 20 #include "base/threading/sequenced_worker_pool.h" |
| 21 #include "base/threading/thread_task_runner_handle.h" | 21 #include "base/threading/thread_task_runner_handle.h" |
| 22 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" | 22 #include "chrome/browser/chromeos/attestation/attestation_ca_client.h" |
| 23 #include "chrome/browser/chromeos/policy/affiliated_cloud_policy_invalidator.h" | 23 #include "chrome/browser/chromeos/policy/affiliated_cloud_policy_invalidator.h" |
| 24 #include "chrome/browser/chromeos/policy/affiliated_invalidation_service_provide r.h" | 24 #include "chrome/browser/chromeos/policy/affiliated_invalidation_service_provide r.h" |
| 25 #include "chrome/browser/chromeos/policy/affiliated_invalidation_service_provide r_impl.h" | 25 #include "chrome/browser/chromeos/policy/affiliated_invalidation_service_provide r_impl.h" |
| 26 #include "chrome/browser/chromeos/policy/bluetooth_policy_handler.h" | 26 #include "chrome/browser/chromeos/policy/bluetooth_policy_handler.h" |
| 27 #include "chrome/browser/chromeos/policy/device_ad_policy_manager.h" | |
| 27 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" | 28 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" |
| 28 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 29 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 29 #include "chrome/browser/chromeos/policy/device_local_account.h" | 30 #include "chrome/browser/chromeos/policy/device_local_account.h" |
| 30 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" | 31 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" |
| 31 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" | 32 #include "chrome/browser/chromeos/policy/device_network_configuration_updater.h" |
| 32 #include "chrome/browser/chromeos/policy/enrollment_config.h" | 33 #include "chrome/browser/chromeos/policy/enrollment_config.h" |
| 33 #include "chrome/browser/chromeos/policy/remote_commands/affiliated_remote_comma nds_invalidator.h" | 34 #include "chrome/browser/chromeos/policy/remote_commands/affiliated_remote_comma nds_invalidator.h" |
| 34 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" | 35 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" |
| 35 #include "chrome/browser/chromeos/settings/cros_settings.h" | 36 #include "chrome/browser/chromeos/settings/cros_settings.h" |
| 36 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 37 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| (...skipping 36 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 73 scoped_refptr<base::SequencedTaskRunner> GetBackgroundTaskRunner() { | 74 scoped_refptr<base::SequencedTaskRunner> GetBackgroundTaskRunner() { |
| 74 base::SequencedWorkerPool* pool = BrowserThread::GetBlockingPool(); | 75 base::SequencedWorkerPool* pool = BrowserThread::GetBlockingPool(); |
| 75 CHECK(pool); | 76 CHECK(pool); |
| 76 return pool->GetSequencedTaskRunnerWithShutdownBehavior( | 77 return pool->GetSequencedTaskRunnerWithShutdownBehavior( |
| 77 pool->GetSequenceToken(), base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); | 78 pool->GetSequenceToken(), base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); |
| 78 } | 79 } |
| 79 | 80 |
| 80 } // namespace | 81 } // namespace |
| 81 | 82 |
| 82 BrowserPolicyConnectorChromeOS::BrowserPolicyConnectorChromeOS() | 83 BrowserPolicyConnectorChromeOS::BrowserPolicyConnectorChromeOS() |
| 83 : device_cloud_policy_manager_(nullptr), | 84 : weak_ptr_factory_(this) { |
| 84 global_user_cloud_policy_provider_(nullptr), | |
| 85 weak_ptr_factory_(this) { | |
| 86 if (g_testing_install_attributes) { | 85 if (g_testing_install_attributes) { |
| 87 install_attributes_.reset(g_testing_install_attributes); | 86 install_attributes_.reset(g_testing_install_attributes); |
| 88 g_testing_install_attributes = nullptr; | 87 g_testing_install_attributes = nullptr; |
| 89 } | 88 } |
| 90 | 89 |
| 91 // SystemSaltGetter or DBusThreadManager may be uninitialized on unit tests. | 90 // SystemSaltGetter or DBusThreadManager may be uninitialized on unit tests. |
| 92 | 91 |
| 93 // TODO(satorux): Remove SystemSaltGetter::IsInitialized() when it's ready | 92 // TODO(satorux): Remove SystemSaltGetter::IsInitialized() when it's ready |
| 94 // (removing it now breaks tests). crbug.com/141016. | 93 // (removing it now breaks tests). crbug.com/141016. |
| 95 if (chromeos::SystemSaltGetter::IsInitialized() && | 94 if (chromeos::SystemSaltGetter::IsInitialized() && |
| 96 chromeos::DBusThreadManager::IsInitialized()) { | 95 chromeos::DBusThreadManager::IsInitialized()) { |
| 97 state_keys_broker_ = base::MakeUnique<ServerBackedStateKeysBroker>( | |
| 98 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), | |
| 99 base::ThreadTaskRunnerHandle::Get()); | |
| 100 | |
| 101 chromeos::CryptohomeClient* cryptohome_client = | |
| 102 chromeos::DBusThreadManager::Get()->GetCryptohomeClient(); | |
| 103 | |
| 104 // Don't initialize install attributes if g_testing_install_attributes have | 96 // Don't initialize install attributes if g_testing_install_attributes have |
| 105 // been injected. | 97 // been injected. |
| 106 if (!install_attributes_) { | 98 if (!install_attributes_) { |
| 99 chromeos::CryptohomeClient* cryptohome_client = | |
| 100 chromeos::DBusThreadManager::Get()->GetCryptohomeClient(); | |
| 107 install_attributes_ = | 101 install_attributes_ = |
| 108 base::MakeUnique<chromeos::InstallAttributes>(cryptohome_client); | 102 base::MakeUnique<chromeos::InstallAttributes>(cryptohome_client); |
| 109 base::FilePath install_attrs_file; | 103 base::FilePath install_attrs_file; |
| 110 CHECK(PathService::Get(chromeos::FILE_INSTALL_ATTRIBUTES, | 104 CHECK(PathService::Get(chromeos::FILE_INSTALL_ATTRIBUTES, |
| 111 &install_attrs_file)); | 105 &install_attrs_file)); |
| 112 install_attributes_->Init(install_attrs_file); | 106 install_attributes_->Init(install_attrs_file); |
| 113 } | 107 } |
| 114 | 108 |
| 115 std::unique_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store = | 109 std::unique_ptr<DeviceCloudPolicyStoreChromeOS> device_cloud_policy_store = |
| 116 base::MakeUnique<DeviceCloudPolicyStoreChromeOS>( | 110 base::MakeUnique<DeviceCloudPolicyStoreChromeOS>( |
| 117 chromeos::DeviceSettingsService::Get(), install_attributes_.get(), | 111 chromeos::DeviceSettingsService::Get(), install_attributes_.get(), |
| 118 GetBackgroundTaskRunner()); | 112 GetBackgroundTaskRunner()); |
| 119 device_cloud_policy_manager_ = new DeviceCloudPolicyManagerChromeOS( | 113 |
| 120 std::move(device_cloud_policy_store), | 114 if (install_attributes_->IsEnterpriseAD()) { |
| 121 base::ThreadTaskRunnerHandle::Get(), state_keys_broker_.get()); | 115 device_ad_policy_manager_ = |
| 122 AddPolicyProvider(std::unique_ptr<ConfigurationPolicyProvider>( | 116 new DeviceADPolicyManager(std::move(device_cloud_policy_store)); |
| 123 device_cloud_policy_manager_)); | 117 AddPolicyProvider(std::unique_ptr<ConfigurationPolicyProvider>( |
|
emaxx
2016/11/11 15:25:08
nit: Use base::WrapUnique?
Thiemo Nagel
2016/11/16 19:11:01
Done.
| |
| 118 device_ad_policy_manager_)); | |
| 119 } else { | |
| 120 state_keys_broker_ = base::MakeUnique<ServerBackedStateKeysBroker>( | |
| 121 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), | |
| 122 base::ThreadTaskRunnerHandle::Get()); | |
| 123 | |
| 124 device_cloud_policy_manager_ = new DeviceCloudPolicyManagerChromeOS( | |
| 125 std::move(device_cloud_policy_store), | |
| 126 base::ThreadTaskRunnerHandle::Get(), state_keys_broker_.get()); | |
| 127 AddPolicyProvider(std::unique_ptr<ConfigurationPolicyProvider>( | |
| 128 device_cloud_policy_manager_)); | |
| 129 } | |
| 124 } | 130 } |
| 125 | 131 |
| 126 global_user_cloud_policy_provider_ = new ProxyPolicyProvider(); | 132 global_user_cloud_policy_provider_ = new ProxyPolicyProvider(); |
| 127 AddPolicyProvider(std::unique_ptr<ConfigurationPolicyProvider>( | 133 AddPolicyProvider(std::unique_ptr<ConfigurationPolicyProvider>( |
| 128 global_user_cloud_policy_provider_)); | 134 global_user_cloud_policy_provider_)); |
| 129 } | 135 } |
| 130 | 136 |
| 131 BrowserPolicyConnectorChromeOS::~BrowserPolicyConnectorChromeOS() {} | 137 BrowserPolicyConnectorChromeOS::~BrowserPolicyConnectorChromeOS() {} |
| 132 | 138 |
| 133 void BrowserPolicyConnectorChromeOS::Init( | 139 void BrowserPolicyConnectorChromeOS::Init( |
| 134 PrefService* local_state, | 140 PrefService* local_state, |
| 135 scoped_refptr<net::URLRequestContextGetter> request_context) { | 141 scoped_refptr<net::URLRequestContextGetter> request_context) { |
| 136 local_state_ = local_state; | 142 local_state_ = local_state; |
| 137 ChromeBrowserPolicyConnector::Init(local_state, request_context); | 143 ChromeBrowserPolicyConnector::Init(local_state, request_context); |
| 138 | 144 |
| 139 affiliated_invalidation_service_provider_ = | 145 affiliated_invalidation_service_provider_ = |
| 140 base::MakeUnique<AffiliatedInvalidationServiceProviderImpl>(); | 146 base::MakeUnique<AffiliatedInvalidationServiceProviderImpl>(); |
| 141 | 147 |
| 142 if (device_cloud_policy_manager_) { | 148 if (device_cloud_policy_manager_) { |
| 143 // Note: for now the |device_cloud_policy_manager_| is using the global | 149 // Note: for now the |device_cloud_policy_manager_| is using the global |
| 144 // schema registry. Eventually it will have its own registry, once device | 150 // schema registry. Eventually it will have its own registry, once device |
| 145 // cloud policy for extensions is introduced. That means it'd have to be | 151 // cloud policy for extensions is introduced. That means it'd have to be |
| 146 // initialized from here instead of BrowserPolicyConnector::Init(). | 152 // initialized from here instead of BrowserPolicyConnector::Init(). |
| 147 | 153 |
| 148 device_cloud_policy_manager_->Initialize(local_state); | 154 device_cloud_policy_manager_->Initialize(local_state); |
| 149 device_cloud_policy_manager_->AddDeviceCloudPolicyManagerObserver(this); | 155 device_cloud_policy_manager_->AddDeviceCloudPolicyManagerObserver(this); |
| 150 RestartDeviceCloudPolicyInitializer(); | 156 RestartDeviceCloudPolicyInitializer(); |
| 151 } | 157 } |
| 152 | 158 |
| 153 device_local_account_policy_service_ = | 159 DCHECK(install_attributes_); |
| 154 base::MakeUnique<DeviceLocalAccountPolicyService>( | 160 if (!install_attributes_->IsEnterpriseAD()) { |
| 155 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), | 161 device_local_account_policy_service_ = |
| 156 chromeos::DeviceSettingsService::Get(), chromeos::CrosSettings::Get(), | 162 base::MakeUnique<DeviceLocalAccountPolicyService>( |
| 157 affiliated_invalidation_service_provider_.get(), | 163 chromeos::DBusThreadManager::Get()->GetSessionManagerClient(), |
| 158 GetBackgroundTaskRunner(), GetBackgroundTaskRunner(), | 164 chromeos::DeviceSettingsService::Get(), |
| 159 GetBackgroundTaskRunner(), | 165 chromeos::CrosSettings::Get(), |
| 160 content::BrowserThread::GetTaskRunnerForThread( | 166 affiliated_invalidation_service_provider_.get(), |
| 161 content::BrowserThread::IO), | 167 GetBackgroundTaskRunner(), GetBackgroundTaskRunner(), |
| 162 request_context); | 168 GetBackgroundTaskRunner(), |
| 163 device_local_account_policy_service_->Connect(device_management_service()); | 169 content::BrowserThread::GetTaskRunnerForThread( |
| 170 content::BrowserThread::IO), | |
| 171 request_context); | |
| 172 device_local_account_policy_service_->Connect(device_management_service()); | |
| 173 } | |
| 174 | |
| 164 if (device_cloud_policy_manager_) { | 175 if (device_cloud_policy_manager_) { |
| 165 device_cloud_policy_invalidator_ = | 176 device_cloud_policy_invalidator_ = |
| 166 base::MakeUnique<AffiliatedCloudPolicyInvalidator>( | 177 base::MakeUnique<AffiliatedCloudPolicyInvalidator>( |
| 167 enterprise_management::DeviceRegisterRequest::DEVICE, | 178 enterprise_management::DeviceRegisterRequest::DEVICE, |
| 168 device_cloud_policy_manager_->core(), | 179 device_cloud_policy_manager_->core(), |
| 169 affiliated_invalidation_service_provider_.get()); | 180 affiliated_invalidation_service_provider_.get()); |
| 170 device_remote_commands_invalidator_ = | 181 device_remote_commands_invalidator_ = |
| 171 base::MakeUnique<AffiliatedRemoteCommandsInvalidator>( | 182 base::MakeUnique<AffiliatedRemoteCommandsInvalidator>( |
| 172 device_cloud_policy_manager_->core(), | 183 device_cloud_policy_manager_->core(), |
| 173 affiliated_invalidation_service_provider_.get()); | 184 affiliated_invalidation_service_provider_.get()); |
| (...skipping 178 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 352 device_cloud_policy_manager_->device_store()->policy(); | 363 device_cloud_policy_manager_->device_store()->policy(); |
| 353 if (policy_data) { | 364 if (policy_data) { |
| 354 affiliation_ids.insert(policy_data->device_affiliation_ids().begin(), | 365 affiliation_ids.insert(policy_data->device_affiliation_ids().begin(), |
| 355 policy_data->device_affiliation_ids().end()); | 366 policy_data->device_affiliation_ids().end()); |
| 356 } | 367 } |
| 357 } | 368 } |
| 358 return affiliation_ids; | 369 return affiliation_ids; |
| 359 } | 370 } |
| 360 | 371 |
| 361 } // namespace policy | 372 } // namespace policy |
| OLD | NEW |
