OLD | NEW |
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" | 5 #include "chrome/browser/chromeos/policy/device_local_account_policy_service.h" |
6 | 6 |
7 #include <vector> | 7 #include <vector> |
8 | 8 |
9 #include "base/bind.h" | 9 #include "base/bind.h" |
10 #include "base/file_util.h" | 10 #include "base/file_util.h" |
11 #include "base/files/file_enumerator.h" | 11 #include "base/files/file_enumerator.h" |
12 #include "base/files/file_path.h" | 12 #include "base/files/file_path.h" |
13 #include "base/logging.h" | 13 #include "base/logging.h" |
14 #include "base/message_loop/message_loop.h" | 14 #include "base/message_loop/message_loop.h" |
15 #include "base/message_loop/message_loop_proxy.h" | 15 #include "base/message_loop/message_loop_proxy.h" |
16 #include "base/path_service.h" | 16 #include "base/path_service.h" |
17 #include "base/sequenced_task_runner.h" | 17 #include "base/sequenced_task_runner.h" |
18 #include "base/strings/string_number_conversions.h" | 18 #include "base/strings/string_number_conversions.h" |
19 #include "chrome/browser/chromeos/policy/device_local_account.h" | 19 #include "chrome/browser/chromeos/policy/device_local_account.h" |
| 20 #include "chrome/browser/chromeos/policy/device_local_account_external_data_serv
ice.h" |
20 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" | 21 #include "chrome/browser/chromeos/policy/device_local_account_policy_store.h" |
21 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 22 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
22 #include "chrome/browser/policy/cloud/cloud_policy_client.h" | 23 #include "chrome/browser/policy/cloud/cloud_policy_client.h" |
23 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" | 24 #include "chrome/browser/policy/cloud/cloud_policy_constants.h" |
24 #include "chrome/browser/policy/cloud/cloud_policy_refresh_scheduler.h" | 25 #include "chrome/browser/policy/cloud/cloud_policy_refresh_scheduler.h" |
25 #include "chrome/browser/policy/cloud/device_management_service.h" | 26 #include "chrome/browser/policy/cloud/device_management_service.h" |
26 #include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h" | 27 #include "chrome/browser/policy/proto/cloud/device_management_backend.pb.h" |
27 #include "chromeos/chromeos_paths.h" | 28 #include "chromeos/chromeos_paths.h" |
28 #include "chromeos/dbus/session_manager_client.h" | 29 #include "chromeos/dbus/session_manager_client.h" |
29 #include "chromeos/settings/cros_settings_names.h" | 30 #include "chromeos/settings/cros_settings_names.h" |
30 #include "chromeos/settings/cros_settings_provider.h" | 31 #include "chromeos/settings/cros_settings_provider.h" |
| 32 #include "net/url_request/url_request_context_getter.h" |
31 #include "policy/policy_constants.h" | 33 #include "policy/policy_constants.h" |
32 | 34 |
33 namespace em = enterprise_management; | 35 namespace em = enterprise_management; |
34 | 36 |
35 namespace policy { | 37 namespace policy { |
36 | 38 |
37 namespace { | 39 namespace { |
38 | 40 |
39 // Creates and initializes a cloud policy client. Returns NULL if the device | 41 // Creates and initializes a cloud policy client. Returns NULL if the device |
40 // doesn't have credentials in device settings (i.e. is not | 42 // doesn't have credentials in device settings (i.e. is not |
(...skipping 23 matching lines...) Expand all Loading... |
64 std::string GetCacheSubdirectoryForAccountID(const std::string& account_id) { | 66 std::string GetCacheSubdirectoryForAccountID(const std::string& account_id) { |
65 return base::HexEncode(account_id.c_str(), account_id.size()); | 67 return base::HexEncode(account_id.c_str(), account_id.size()); |
66 } | 68 } |
67 | 69 |
68 // Cleans up the cache directory by removing subdirectories that are not found | 70 // Cleans up the cache directory by removing subdirectories that are not found |
69 // in |subdirectories_to_keep|. Only caches whose cache directory is found in | 71 // in |subdirectories_to_keep|. Only caches whose cache directory is found in |
70 // |subdirectories_to_keep| may be running while the clean-up is in progress. | 72 // |subdirectories_to_keep| may be running while the clean-up is in progress. |
71 void DeleteOrphanedExtensionCaches( | 73 void DeleteOrphanedExtensionCaches( |
72 const std::set<std::string>& subdirectories_to_keep) { | 74 const std::set<std::string>& subdirectories_to_keep) { |
73 base::FilePath cache_root_dir; | 75 base::FilePath cache_root_dir; |
74 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_CACHE, | 76 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_EXTENSIONS, |
75 &cache_root_dir)); | 77 &cache_root_dir)); |
76 base::FileEnumerator enumerator(cache_root_dir, | 78 base::FileEnumerator enumerator(cache_root_dir, |
77 false, | 79 false, |
78 base::FileEnumerator::DIRECTORIES); | 80 base::FileEnumerator::DIRECTORIES); |
79 for (base::FilePath path = enumerator.Next(); !path.empty(); | 81 for (base::FilePath path = enumerator.Next(); !path.empty(); |
80 path = enumerator.Next()) { | 82 path = enumerator.Next()) { |
81 const std::string subdirectory(path.BaseName().MaybeAsASCII()); | 83 const std::string subdirectory(path.BaseName().MaybeAsASCII()); |
82 if (subdirectories_to_keep.find(subdirectory) == | 84 if (subdirectories_to_keep.find(subdirectory) == |
83 subdirectories_to_keep.end()) { | 85 subdirectories_to_keep.end()) { |
84 base::DeleteFile(path, true); | 86 base::DeleteFile(path, true); |
85 } | 87 } |
86 } | 88 } |
87 } | 89 } |
88 | 90 |
89 // Removes the subdirectory belonging to |account_id_to_delete| from the cache | 91 // Removes the subdirectory belonging to |account_id_to_delete| from the cache |
90 // directory. No cache belonging to |account_id_to_delete| may be running while | 92 // directory. No cache belonging to |account_id_to_delete| may be running while |
91 // the removal is in progress. | 93 // the removal is in progress. |
92 void DeleteObsoleteExtensionCache(const std::string& account_id_to_delete) { | 94 void DeleteObsoleteExtensionCache(const std::string& account_id_to_delete) { |
93 base::FilePath cache_root_dir; | 95 base::FilePath cache_root_dir; |
94 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_CACHE, | 96 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_EXTENSIONS, |
95 &cache_root_dir)); | 97 &cache_root_dir)); |
96 const base::FilePath path = cache_root_dir | 98 const base::FilePath path = cache_root_dir |
97 .Append(GetCacheSubdirectoryForAccountID(account_id_to_delete)); | 99 .Append(GetCacheSubdirectoryForAccountID(account_id_to_delete)); |
98 if (base::DirectoryExists(path)) | 100 if (base::DirectoryExists(path)) |
99 base::DeleteFile(path, true); | 101 base::DeleteFile(path, true); |
100 } | 102 } |
101 | 103 |
102 } // namespace | 104 } // namespace |
103 | 105 |
104 DeviceLocalAccountPolicyBroker::DeviceLocalAccountPolicyBroker( | 106 DeviceLocalAccountPolicyBroker::DeviceLocalAccountPolicyBroker( |
105 const DeviceLocalAccount& account, | 107 const DeviceLocalAccount& account, |
106 scoped_ptr<DeviceLocalAccountPolicyStore> store, | 108 scoped_ptr<DeviceLocalAccountPolicyStore> store, |
| 109 scoped_refptr<DeviceLocalAccountExternalDataManager> external_data_manager, |
107 const scoped_refptr<base::SequencedTaskRunner>& task_runner) | 110 const scoped_refptr<base::SequencedTaskRunner>& task_runner) |
108 : account_id_(account.account_id), | 111 : account_id_(account.account_id), |
109 user_id_(account.user_id), | 112 user_id_(account.user_id), |
110 store_(store.Pass()), | 113 store_(store.Pass()), |
| 114 external_data_manager_(external_data_manager), |
111 core_(PolicyNamespaceKey(dm_protocol::kChromePublicAccountPolicyType, | 115 core_(PolicyNamespaceKey(dm_protocol::kChromePublicAccountPolicyType, |
112 store_->account_id()), | 116 store_->account_id()), |
113 store_.get(), | 117 store_.get(), |
114 task_runner) { | 118 task_runner) { |
115 base::FilePath cache_root_dir; | 119 base::FilePath cache_root_dir; |
116 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_CACHE, | 120 CHECK(PathService::Get(chromeos::DIR_DEVICE_LOCAL_ACCOUNT_EXTENSIONS, |
117 &cache_root_dir)); | 121 &cache_root_dir)); |
118 extension_loader_ = new chromeos::DeviceLocalAccountExternalPolicyLoader( | 122 extension_loader_ = new chromeos::DeviceLocalAccountExternalPolicyLoader( |
119 store_.get(), | 123 store_.get(), |
120 cache_root_dir.Append( | 124 cache_root_dir.Append( |
121 GetCacheSubdirectoryForAccountID(account.account_id))); | 125 GetCacheSubdirectoryForAccountID(account.account_id))); |
122 } | 126 } |
123 | 127 |
124 DeviceLocalAccountPolicyBroker::~DeviceLocalAccountPolicyBroker() { | 128 DeviceLocalAccountPolicyBroker::~DeviceLocalAccountPolicyBroker() { |
| 129 external_data_manager_->SetPolicyStore(NULL); |
| 130 external_data_manager_->Disconnect(); |
125 } | 131 } |
126 | 132 |
127 void DeviceLocalAccountPolicyBroker::Initialize() { | 133 void DeviceLocalAccountPolicyBroker::Initialize() { |
128 store_->Load(); | 134 store_->Load(); |
129 } | 135 } |
130 | 136 |
131 void DeviceLocalAccountPolicyBroker::ConnectIfPossible( | 137 void DeviceLocalAccountPolicyBroker::ConnectIfPossible( |
132 chromeos::DeviceSettingsService* device_settings_service, | 138 chromeos::DeviceSettingsService* device_settings_service, |
133 DeviceManagementService* device_management_service) { | 139 DeviceManagementService* device_management_service, |
| 140 scoped_refptr<net::URLRequestContextGetter> request_context) { |
134 if (core_.client()) | 141 if (core_.client()) |
135 return; | 142 return; |
136 | 143 |
137 scoped_ptr<CloudPolicyClient> client(CreateClient(device_settings_service, | 144 scoped_ptr<CloudPolicyClient> client(CreateClient(device_settings_service, |
138 device_management_service)); | 145 device_management_service)); |
139 if (!client) | 146 if (!client) |
140 return; | 147 return; |
141 | 148 |
142 core_.Connect(client.Pass()); | 149 core_.Connect(client.Pass()); |
| 150 external_data_manager_->Connect(request_context); |
143 core_.StartRefreshScheduler(); | 151 core_.StartRefreshScheduler(); |
144 UpdateRefreshDelay(); | 152 UpdateRefreshDelay(); |
145 } | 153 } |
146 | 154 |
147 void DeviceLocalAccountPolicyBroker::Disconnect() { | |
148 core_.Disconnect(); | |
149 } | |
150 | |
151 void DeviceLocalAccountPolicyBroker::UpdateRefreshDelay() { | 155 void DeviceLocalAccountPolicyBroker::UpdateRefreshDelay() { |
152 if (core_.refresh_scheduler()) { | 156 if (core_.refresh_scheduler()) { |
153 const Value* policy_value = | 157 const Value* policy_value = |
154 store_->policy_map().GetValue(key::kPolicyRefreshRate); | 158 store_->policy_map().GetValue(key::kPolicyRefreshRate); |
155 int delay = 0; | 159 int delay = 0; |
156 if (policy_value && policy_value->GetAsInteger(&delay)) | 160 if (policy_value && policy_value->GetAsInteger(&delay)) |
157 core_.refresh_scheduler()->SetRefreshDelay(delay); | 161 core_.refresh_scheduler()->SetRefreshDelay(delay); |
158 } | 162 } |
159 } | 163 } |
160 | 164 |
161 std::string DeviceLocalAccountPolicyBroker::GetDisplayName() const { | 165 std::string DeviceLocalAccountPolicyBroker::GetDisplayName() const { |
162 std::string display_name; | 166 std::string display_name; |
163 const base::Value* display_name_value = | 167 const base::Value* display_name_value = |
164 store_->policy_map().GetValue(policy::key::kUserDisplayName); | 168 store_->policy_map().GetValue(policy::key::kUserDisplayName); |
165 if (display_name_value) | 169 if (display_name_value) |
166 display_name_value->GetAsString(&display_name); | 170 display_name_value->GetAsString(&display_name); |
167 return display_name; | 171 return display_name; |
168 } | 172 } |
169 | 173 |
170 DeviceLocalAccountPolicyService::DeviceLocalAccountPolicyService( | 174 DeviceLocalAccountPolicyService::DeviceLocalAccountPolicyService( |
171 chromeos::SessionManagerClient* session_manager_client, | 175 chromeos::SessionManagerClient* session_manager_client, |
172 chromeos::DeviceSettingsService* device_settings_service, | 176 chromeos::DeviceSettingsService* device_settings_service, |
173 chromeos::CrosSettings* cros_settings, | 177 chromeos::CrosSettings* cros_settings, |
174 scoped_refptr<base::SequencedTaskRunner> store_background_task_runner, | 178 scoped_refptr<base::SequencedTaskRunner> store_background_task_runner, |
175 scoped_refptr<base::SequencedTaskRunner> extension_cache_task_runner) | 179 scoped_refptr<base::SequencedTaskRunner> extension_cache_task_runner, |
| 180 scoped_refptr<base::SequencedTaskRunner> |
| 181 external_data_service_backend_task_runner, |
| 182 scoped_refptr<base::SequencedTaskRunner> io_task_runner, |
| 183 scoped_refptr<net::URLRequestContextGetter> request_context) |
176 : session_manager_client_(session_manager_client), | 184 : session_manager_client_(session_manager_client), |
177 device_settings_service_(device_settings_service), | 185 device_settings_service_(device_settings_service), |
178 cros_settings_(cros_settings), | 186 cros_settings_(cros_settings), |
179 device_management_service_(NULL), | 187 device_management_service_(NULL), |
180 waiting_for_cros_settings_(false), | 188 waiting_for_cros_settings_(false), |
181 orphan_cache_deletion_state_(NOT_STARTED), | 189 orphan_cache_deletion_state_(NOT_STARTED), |
182 store_background_task_runner_(store_background_task_runner), | 190 store_background_task_runner_(store_background_task_runner), |
183 extension_cache_task_runner_(extension_cache_task_runner), | 191 extension_cache_task_runner_(extension_cache_task_runner), |
| 192 request_context_(request_context), |
184 local_accounts_subscription_(cros_settings_->AddSettingsObserver( | 193 local_accounts_subscription_(cros_settings_->AddSettingsObserver( |
185 chromeos::kAccountsPrefDeviceLocalAccounts, | 194 chromeos::kAccountsPrefDeviceLocalAccounts, |
186 base::Bind(&DeviceLocalAccountPolicyService:: | 195 base::Bind(&DeviceLocalAccountPolicyService:: |
187 UpdateAccountListIfNonePending, | 196 UpdateAccountListIfNonePending, |
188 base::Unretained(this)))), | 197 base::Unretained(this)))), |
189 weak_factory_(this) { | 198 weak_factory_(this) { |
| 199 external_data_service_.reset(new DeviceLocalAccountExternalDataService( |
| 200 this, |
| 201 external_data_service_backend_task_runner, |
| 202 io_task_runner)); |
190 UpdateAccountList(); | 203 UpdateAccountList(); |
191 } | 204 } |
192 | 205 |
193 DeviceLocalAccountPolicyService::~DeviceLocalAccountPolicyService() { | 206 DeviceLocalAccountPolicyService::~DeviceLocalAccountPolicyService() { |
| 207 DCHECK(!request_context_); |
| 208 DCHECK(policy_brokers_.empty()); |
| 209 } |
| 210 |
| 211 void DeviceLocalAccountPolicyService::Shutdown() { |
| 212 device_management_service_ = NULL; |
| 213 request_context_ = NULL; |
194 DeleteBrokers(&policy_brokers_); | 214 DeleteBrokers(&policy_brokers_); |
195 } | 215 } |
196 | 216 |
197 void DeviceLocalAccountPolicyService::Connect( | 217 void DeviceLocalAccountPolicyService::Connect( |
198 DeviceManagementService* device_management_service) { | 218 DeviceManagementService* device_management_service) { |
199 DCHECK(!device_management_service_); | 219 DCHECK(!device_management_service_); |
200 device_management_service_ = device_management_service; | 220 device_management_service_ = device_management_service; |
201 | 221 |
202 // Connect the brokers. | 222 // Connect the brokers. |
203 for (PolicyBrokerMap::iterator it(policy_brokers_.begin()); | 223 for (PolicyBrokerMap::iterator it(policy_brokers_.begin()); |
204 it != policy_brokers_.end(); ++it) { | 224 it != policy_brokers_.end(); ++it) { |
205 it->second->ConnectIfPossible(device_settings_service_, | 225 it->second->ConnectIfPossible(device_settings_service_, |
206 device_management_service_); | 226 device_management_service_, |
| 227 request_context_); |
207 } | 228 } |
208 } | 229 } |
209 | 230 |
210 void DeviceLocalAccountPolicyService::Disconnect() { | |
211 DCHECK(device_management_service_); | |
212 device_management_service_ = NULL; | |
213 | |
214 // Disconnect the brokers. | |
215 for (PolicyBrokerMap::iterator it(policy_brokers_.begin()); | |
216 it != policy_brokers_.end(); ++it) { | |
217 it->second->Disconnect(); | |
218 } | |
219 } | |
220 | |
221 DeviceLocalAccountPolicyBroker* | 231 DeviceLocalAccountPolicyBroker* |
222 DeviceLocalAccountPolicyService::GetBrokerForUser( | 232 DeviceLocalAccountPolicyService::GetBrokerForUser( |
223 const std::string& user_id) { | 233 const std::string& user_id) { |
224 PolicyBrokerMap::iterator entry = policy_brokers_.find(user_id); | 234 PolicyBrokerMap::iterator entry = policy_brokers_.find(user_id); |
225 if (entry == policy_brokers_.end()) | 235 if (entry == policy_brokers_.end()) |
226 return NULL; | 236 return NULL; |
227 | 237 |
228 return entry->second; | 238 return entry->second; |
229 } | 239 } |
230 | 240 |
(...skipping 149 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
380 broker.reset(broker_it->second); | 390 broker.reset(broker_it->second); |
381 old_policy_brokers.erase(broker_it); | 391 old_policy_brokers.erase(broker_it); |
382 broker_initialized = true; | 392 broker_initialized = true; |
383 } else { | 393 } else { |
384 scoped_ptr<DeviceLocalAccountPolicyStore> store( | 394 scoped_ptr<DeviceLocalAccountPolicyStore> store( |
385 new DeviceLocalAccountPolicyStore(it->account_id, | 395 new DeviceLocalAccountPolicyStore(it->account_id, |
386 session_manager_client_, | 396 session_manager_client_, |
387 device_settings_service_, | 397 device_settings_service_, |
388 store_background_task_runner_)); | 398 store_background_task_runner_)); |
389 store->AddObserver(this); | 399 store->AddObserver(this); |
| 400 scoped_refptr<DeviceLocalAccountExternalDataManager> |
| 401 external_data_manager = |
| 402 external_data_service_->GetExternalDataManager(it->account_id, |
| 403 store.get()); |
390 broker.reset(new DeviceLocalAccountPolicyBroker( | 404 broker.reset(new DeviceLocalAccountPolicyBroker( |
391 *it, | 405 *it, |
392 store.Pass(), | 406 store.Pass(), |
| 407 external_data_manager, |
393 base::MessageLoopProxy::current())); | 408 base::MessageLoopProxy::current())); |
394 } | 409 } |
395 | 410 |
396 // Fire up the cloud connection for fetching policy for the account from | 411 // Fire up the cloud connection for fetching policy for the account from |
397 // the cloud if this is an enterprise-managed device. | 412 // the cloud if this is an enterprise-managed device. |
398 broker->ConnectIfPossible(device_settings_service_, | 413 broker->ConnectIfPossible(device_settings_service_, |
399 device_management_service_); | 414 device_management_service_, |
| 415 request_context_); |
400 | 416 |
401 policy_brokers_[it->user_id] = broker.release(); | 417 policy_brokers_[it->user_id] = broker.release(); |
402 if (!broker_initialized) { | 418 if (!broker_initialized) { |
403 // The broker must be initialized after it has been added to | 419 // The broker must be initialized after it has been added to |
404 // |policy_brokers_|. | 420 // |policy_brokers_|. |
405 policy_brokers_[it->user_id]->Initialize(); | 421 policy_brokers_[it->user_id]->Initialize(); |
406 } | 422 } |
407 | 423 |
408 if (orphan_cache_deletion_state_ == NOT_STARTED) { | 424 if (orphan_cache_deletion_state_ == NOT_STARTED) { |
409 subdirectories_to_keep.insert( | 425 subdirectories_to_keep.insert( |
(...skipping 65 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
475 CloudPolicyStore* store) { | 491 CloudPolicyStore* store) { |
476 for (PolicyBrokerMap::iterator it(policy_brokers_.begin()); | 492 for (PolicyBrokerMap::iterator it(policy_brokers_.begin()); |
477 it != policy_brokers_.end(); ++it) { | 493 it != policy_brokers_.end(); ++it) { |
478 if (it->second->core()->store() == store) | 494 if (it->second->core()->store() == store) |
479 return it->second; | 495 return it->second; |
480 } | 496 } |
481 return NULL; | 497 return NULL; |
482 } | 498 } |
483 | 499 |
484 } // namespace policy | 500 } // namespace policy |
OLD | NEW |