Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(70)

Side by Side Diff: chrome/browser/chromeos/settings/session_manager_operation.cc

Issue 2714493002: Load DeviceLocalAccount policy and DeviceSettings immediately on restore after Chrome crash. (Closed)
Patch Set: wrap Validator in unique_ptr Created 3 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved.
2 // Use of this source code is governed by a BSD-style license that can be 2 // Use of this source code is governed by a BSD-style license that can be
3 // found in the LICENSE file. 3 // found in the LICENSE file.
4 4
5 #include "chrome/browser/chromeos/settings/session_manager_operation.h" 5 #include "chrome/browser/chromeos/settings/session_manager_operation.h"
6 6
7 #include <utility> 7 #include <utility>
8 8
9 #include "base/bind.h" 9 #include "base/bind.h"
10 #include "base/bind_helpers.h" 10 #include "base/bind_helpers.h"
11 #include "base/files/file_path.h" 11 #include "base/files/file_path.h"
12 #include "base/memory/ptr_util.h"
12 #include "base/message_loop/message_loop.h" 13 #include "base/message_loop/message_loop.h"
13 #include "base/stl_util.h" 14 #include "base/stl_util.h"
14 #include "base/task_runner_util.h" 15 #include "base/task_runner_util.h"
15 #include "base/threading/sequenced_worker_pool.h" 16 #include "base/threading/sequenced_worker_pool.h"
16 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" 17 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
17 #include "chrome/browser/net/nss_context.h" 18 #include "chrome/browser/net/nss_context.h"
18 #include "components/ownership/owner_key_util.h" 19 #include "components/ownership/owner_key_util.h"
19 #include "components/policy/core/common/cloud/cloud_policy_constants.h" 20 #include "components/policy/core/common/cloud/cloud_policy_constants.h"
20 #include "components/policy/proto/device_management_backend.pb.h" 21 #include "components/policy/proto/device_management_backend.pb.h"
21 #include "content/public/browser/browser_thread.h" 22 #include "content/public/browser/browser_thread.h"
(...skipping 41 matching lines...) Expand 10 before | Expand all | Expand 10 after
63 return; 64 return;
64 is_loading_ = true; 65 is_loading_ = true;
65 if (cloud_validations_) { 66 if (cloud_validations_) {
66 EnsurePublicKey(base::Bind(&SessionManagerOperation::RetrieveDeviceSettings, 67 EnsurePublicKey(base::Bind(&SessionManagerOperation::RetrieveDeviceSettings,
67 weak_factory_.GetWeakPtr())); 68 weak_factory_.GetWeakPtr()));
68 } else { 69 } else {
69 RetrieveDeviceSettings(); 70 RetrieveDeviceSettings();
70 } 71 }
71 } 72 }
72 73
74 void SessionManagerOperation::LoadImmediately() {
75 StorePublicKey(
76 base::Bind(&SessionManagerOperation::BlockingRetrieveDeviceSettings,
77 weak_factory_.GetWeakPtr()),
78 LoadPublicKey(owner_key_util_, public_key_));
79 }
80
73 void SessionManagerOperation::ReportResult( 81 void SessionManagerOperation::ReportResult(
74 DeviceSettingsService::Status status) { 82 DeviceSettingsService::Status status) {
75 callback_.Run(this, status); 83 callback_.Run(this, status);
76 } 84 }
77 85
78 void SessionManagerOperation::EnsurePublicKey(const base::Closure& callback) { 86 void SessionManagerOperation::EnsurePublicKey(const base::Closure& callback) {
79 if (force_key_load_ || !public_key_.get() || !public_key_->is_loaded()) { 87 if (force_key_load_ || !public_key_.get() || !public_key_->is_loaded()) {
80 scoped_refptr<base::TaskRunner> task_runner = 88 scoped_refptr<base::TaskRunner> task_runner =
81 content::BrowserThread::GetBlockingPool() 89 content::BrowserThread::GetBlockingPool()
82 ->GetTaskRunnerWithShutdownBehavior( 90 ->GetTaskRunnerWithShutdownBehavior(
(...skipping 42 matching lines...) Expand 10 before | Expand all | Expand 10 after
125 133
126 callback.Run(); 134 callback.Run();
127 } 135 }
128 136
129 void SessionManagerOperation::RetrieveDeviceSettings() { 137 void SessionManagerOperation::RetrieveDeviceSettings() {
130 session_manager_client()->RetrieveDevicePolicy( 138 session_manager_client()->RetrieveDevicePolicy(
131 base::Bind(&SessionManagerOperation::ValidateDeviceSettings, 139 base::Bind(&SessionManagerOperation::ValidateDeviceSettings,
132 weak_factory_.GetWeakPtr())); 140 weak_factory_.GetWeakPtr()));
133 } 141 }
134 142
143 void SessionManagerOperation::BlockingRetrieveDeviceSettings() {
144 ValidateDeviceSettings(
145 session_manager_client()->BlockingRetrieveDevicePolicy());
146 }
147
135 void SessionManagerOperation::ValidateDeviceSettings( 148 void SessionManagerOperation::ValidateDeviceSettings(
136 const std::string& policy_blob) { 149 const std::string& policy_blob) {
137 std::unique_ptr<em::PolicyFetchResponse> policy( 150 std::unique_ptr<em::PolicyFetchResponse> policy(
138 new em::PolicyFetchResponse()); 151 new em::PolicyFetchResponse());
139 if (policy_blob.empty()) { 152 if (policy_blob.empty()) {
140 ReportResult(DeviceSettingsService::STORE_NO_POLICY); 153 ReportResult(DeviceSettingsService::STORE_NO_POLICY);
141 return; 154 return;
142 } 155 }
143 156
144 if (!policy->ParseFromString(policy_blob) || 157 if (!policy->ParseFromString(policy_blob) ||
145 !policy->IsInitialized()) { 158 !policy->IsInitialized()) {
146 ReportResult(DeviceSettingsService::STORE_INVALID_POLICY); 159 ReportResult(DeviceSettingsService::STORE_INVALID_POLICY);
147 return; 160 return;
148 } 161 }
149 162
150 base::SequencedWorkerPool* pool = 163 base::SequencedWorkerPool* pool =
151 content::BrowserThread::GetBlockingPool(); 164 content::BrowserThread::GetBlockingPool();
152 scoped_refptr<base::SequencedTaskRunner> background_task_runner = 165 scoped_refptr<base::SequencedTaskRunner> background_task_runner =
153 pool->GetSequencedTaskRunnerWithShutdownBehavior( 166 pool->GetSequencedTaskRunnerWithShutdownBehavior(
154 pool->GetSequenceToken(), 167 pool->GetSequenceToken(),
155 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); 168 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN);
156 169
157 policy::DeviceCloudPolicyValidator* validator = 170 std::unique_ptr<policy::DeviceCloudPolicyValidator> validator =
158 policy::DeviceCloudPolicyValidator::Create(std::move(policy), 171 base::WrapUnique<policy::DeviceCloudPolicyValidator>(
159 background_task_runner); 172 policy::DeviceCloudPolicyValidator::Create(std::move(policy),
173 background_task_runner));
160 174
161 if (cloud_validations_) { 175 if (cloud_validations_) {
162 // Policy auto-generated by session manager doesn't include a timestamp, so 176 // Policy auto-generated by session manager doesn't include a timestamp, so
163 // the timestamp shouldn't be verified in that case. 177 // the timestamp shouldn't be verified in that case.
164 // 178 //
165 // Additionally, offline devices can get their clock set backwards in time 179 // Additionally, offline devices can get their clock set backwards in time
166 // under some hardware conditions; checking the timestamp now could likely 180 // under some hardware conditions; checking the timestamp now could likely
167 // find a value in the future, and prevent the user from signing-in or 181 // find a value in the future, and prevent the user from signing-in or
168 // starting guest mode. Tlsdate will eventually fix the clock when the 182 // starting guest mode. Tlsdate will eventually fix the clock when the
169 // device is back online, but the network configuration may come from device 183 // device is back online, but the network configuration may come from device
(...skipping 14 matching lines...) Expand all
184 policy::CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED, 198 policy::CloudPolicyValidatorBase::DM_TOKEN_NOT_REQUIRED,
185 policy::CloudPolicyValidatorBase::DEVICE_ID_NOT_REQUIRED); 199 policy::CloudPolicyValidatorBase::DEVICE_ID_NOT_REQUIRED);
186 200
187 // We don't check the DMServer verification key below, because the signing 201 // We don't check the DMServer verification key below, because the signing
188 // key is validated when it is installed. 202 // key is validated when it is installed.
189 validator->ValidateSignature(public_key_->as_string()); 203 validator->ValidateSignature(public_key_->as_string());
190 } 204 }
191 205
192 validator->ValidatePolicyType(policy::dm_protocol::kChromeDevicePolicyType); 206 validator->ValidatePolicyType(policy::dm_protocol::kChromeDevicePolicyType);
193 validator->ValidatePayload(); 207 validator->ValidatePayload();
194 validator->StartValidation( 208 if (force_immediate_load_) {
195 base::Bind(&SessionManagerOperation::ReportValidatorStatus, 209 validator->RunValidation();
196 weak_factory_.GetWeakPtr())); 210 ReportValidatorStatus(validator.get());
211 } else {
212 // The Validator will delete itself once validation is complete.
213 validator.release()->StartValidation(
214 base::Bind(&SessionManagerOperation::ReportValidatorStatus,
215 weak_factory_.GetWeakPtr()));
216 }
197 } 217 }
198 218
199 void SessionManagerOperation::ReportValidatorStatus( 219 void SessionManagerOperation::ReportValidatorStatus(
200 policy::DeviceCloudPolicyValidator* validator) { 220 policy::DeviceCloudPolicyValidator* validator) {
201 DeviceSettingsService::Status status = 221 DeviceSettingsService::Status status =
202 DeviceSettingsService::STORE_VALIDATION_ERROR; 222 DeviceSettingsService::STORE_VALIDATION_ERROR;
203 if (validator->success()) { 223 if (validator->success()) {
204 status = DeviceSettingsService::STORE_SUCCESS; 224 status = DeviceSettingsService::STORE_SUCCESS;
205 policy_data_ = std::move(validator->policy_data()); 225 policy_data_ = std::move(validator->policy_data());
206 device_settings_ = std::move(validator->payload()); 226 device_settings_ = std::move(validator->payload());
207 } else { 227 } else {
208 LOG(ERROR) << "Policy validation failed: " << validator->status(); 228 LOG(ERROR) << "Policy validation failed: " << validator->status();
209 229
210 // Those are mostly caused by RTC loss and are recoverable. 230 // Those are mostly caused by RTC loss and are recoverable.
211 if (validator->status() == 231 if (validator->status() ==
212 policy::DeviceCloudPolicyValidator::VALIDATION_BAD_TIMESTAMP) { 232 policy::DeviceCloudPolicyValidator::VALIDATION_BAD_TIMESTAMP) {
213 status = DeviceSettingsService::STORE_TEMP_VALIDATION_ERROR; 233 status = DeviceSettingsService::STORE_TEMP_VALIDATION_ERROR;
214 } 234 }
215 } 235 }
216 236
217 ReportResult(status); 237 ReportResult(status);
218 } 238 }
219 239
220 LoadSettingsOperation::LoadSettingsOperation(bool force_key_load, 240 LoadSettingsOperation::LoadSettingsOperation(bool force_key_load,
221 bool cloud_validations, 241 bool cloud_validations,
242 bool force_immediate_load,
222 const Callback& callback) 243 const Callback& callback)
223 : SessionManagerOperation(callback) { 244 : SessionManagerOperation(callback) {
224 force_key_load_ = force_key_load; 245 force_key_load_ = force_key_load;
225 cloud_validations_ = cloud_validations; 246 cloud_validations_ = cloud_validations;
247 force_immediate_load_ = force_immediate_load;
226 } 248 }
227 249
228 LoadSettingsOperation::~LoadSettingsOperation() {} 250 LoadSettingsOperation::~LoadSettingsOperation() {}
229 251
230 void LoadSettingsOperation::Run() { 252 void LoadSettingsOperation::Run() {
231 StartLoading(); 253 if (force_immediate_load_)
254 LoadImmediately();
255 else
256 StartLoading();
232 } 257 }
233 258
234 StoreSettingsOperation::StoreSettingsOperation( 259 StoreSettingsOperation::StoreSettingsOperation(
235 const Callback& callback, 260 const Callback& callback,
236 std::unique_ptr<em::PolicyFetchResponse> policy) 261 std::unique_ptr<em::PolicyFetchResponse> policy)
237 : SessionManagerOperation(callback), 262 : SessionManagerOperation(callback),
238 policy_(std::move(policy)), 263 policy_(std::move(policy)),
239 weak_factory_(this) {} 264 weak_factory_(this) {}
240 265
241 StoreSettingsOperation::~StoreSettingsOperation() {} 266 StoreSettingsOperation::~StoreSettingsOperation() {}
242 267
243 void StoreSettingsOperation::Run() { 268 void StoreSettingsOperation::Run() {
244 session_manager_client()->StoreDevicePolicy( 269 session_manager_client()->StoreDevicePolicy(
245 policy_->SerializeAsString(), 270 policy_->SerializeAsString(),
246 base::Bind(&StoreSettingsOperation::HandleStoreResult, 271 base::Bind(&StoreSettingsOperation::HandleStoreResult,
247 weak_factory_.GetWeakPtr())); 272 weak_factory_.GetWeakPtr()));
248 } 273 }
249 274
250 void StoreSettingsOperation::HandleStoreResult(bool success) { 275 void StoreSettingsOperation::HandleStoreResult(bool success) {
251 if (!success) 276 if (!success)
252 ReportResult(DeviceSettingsService::STORE_OPERATION_FAILED); 277 ReportResult(DeviceSettingsService::STORE_OPERATION_FAILED);
253 else 278 else
254 StartLoading(); 279 StartLoading();
255 } 280 }
256 281
257 } // namespace chromeos 282 } // namespace chromeos
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698