| Index: chrome/browser/chromeos/policy/device_local_account_policy_store.cc
|
| diff --git a/chrome/browser/chromeos/policy/device_local_account_policy_store.cc b/chrome/browser/chromeos/policy/device_local_account_policy_store.cc
|
| index 013bc40f290580a8c3a5f2577683fa3cb171f312..31f42df64268d730dab40792c82127a1b18fd5f1 100644
|
| --- a/chrome/browser/chromeos/policy/device_local_account_policy_store.cc
|
| +++ b/chrome/browser/chromeos/policy/device_local_account_policy_store.cc
|
| @@ -40,7 +40,26 @@ void DeviceLocalAccountPolicyStore::Load() {
|
| session_manager_client_->RetrieveDeviceLocalAccountPolicy(
|
| account_id_,
|
| base::Bind(&DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob,
|
| - weak_factory_.GetWeakPtr()));
|
| + weak_factory_.GetWeakPtr(), true /*validate_in_background*/));
|
| +}
|
| +
|
| +void DeviceLocalAccountPolicyStore::LoadImmediately() {
|
| + // This blocking D-Bus call is in the startup path and will block the UI
|
| + // thread. This only happens when the Profile is created synchronously, which
|
| + // on Chrome OS happens whenever the browser is restarted into the same
|
| + // session, that is when the browser crashes, or right after signin if
|
| + // the user has flags configured in about:flags.
|
| + // However, on those paths we must load policy synchronously so that the
|
| + // Profile initialization never sees unmanaged prefs, which would lead to
|
| + // data loss. http://crbug.com/263061
|
| +
|
| + // Cancel all running async loads.
|
| + weak_factory_.InvalidateWeakPtrs();
|
| +
|
| + const std::string policy_blob =
|
| + session_manager_client_->BlockingRetrieveDeviceLocalAccountPolicy(
|
| + account_id_);
|
| + ValidateLoadedPolicyBlob(false /*validate_in_background*/, policy_blob);
|
| }
|
|
|
| void DeviceLocalAccountPolicyStore::Store(
|
| @@ -48,11 +67,13 @@ void DeviceLocalAccountPolicyStore::Store(
|
| weak_factory_.InvalidateWeakPtrs();
|
| CheckKeyAndValidate(
|
| true, base::MakeUnique<em::PolicyFetchResponse>(policy),
|
| + true /*validate_in_background*/,
|
| base::Bind(&DeviceLocalAccountPolicyStore::StoreValidatedPolicy,
|
| weak_factory_.GetWeakPtr()));
|
| }
|
|
|
| void DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob(
|
| + bool validate_in_background,
|
| const std::string& policy_blob) {
|
| if (policy_blob.empty()) {
|
| status_ = CloudPolicyStore::STATUS_LOAD_ERROR;
|
| @@ -62,7 +83,7 @@ void DeviceLocalAccountPolicyStore::ValidateLoadedPolicyBlob(
|
| new em::PolicyFetchResponse());
|
| if (policy->ParseFromString(policy_blob)) {
|
| CheckKeyAndValidate(
|
| - false, std::move(policy),
|
| + false, std::move(policy), validate_in_background,
|
| base::Bind(&DeviceLocalAccountPolicyStore::UpdatePolicy,
|
| weak_factory_.GetWeakPtr()));
|
| } else {
|
| @@ -127,19 +148,26 @@ void DeviceLocalAccountPolicyStore::HandleStoreResult(bool success) {
|
| void DeviceLocalAccountPolicyStore::CheckKeyAndValidate(
|
| bool valid_timestamp_required,
|
| std::unique_ptr<em::PolicyFetchResponse> policy,
|
| + bool validate_in_background,
|
| const ValidateCompletionCallback& callback) {
|
| - device_settings_service_->GetOwnershipStatusAsync(
|
| - base::Bind(&DeviceLocalAccountPolicyStore::Validate,
|
| - weak_factory_.GetWeakPtr(),
|
| - valid_timestamp_required,
|
| - base::Passed(&policy),
|
| - callback));
|
| + if (validate_in_background) {
|
| + device_settings_service_->GetOwnershipStatusAsync(
|
| + base::Bind(&DeviceLocalAccountPolicyStore::Validate,
|
| + weak_factory_.GetWeakPtr(), valid_timestamp_required,
|
| + base::Passed(&policy), callback, validate_in_background));
|
| + } else {
|
| + chromeos::DeviceSettingsService::OwnershipStatus ownership_status =
|
| + device_settings_service_->GetOwnershipStatus();
|
| + Validate(valid_timestamp_required, std::move(policy), callback,
|
| + validate_in_background, ownership_status);
|
| + }
|
| }
|
|
|
| void DeviceLocalAccountPolicyStore::Validate(
|
| bool valid_timestamp_required,
|
| std::unique_ptr<em::PolicyFetchResponse> policy_response,
|
| const ValidateCompletionCallback& callback,
|
| + bool validate_in_background,
|
| chromeos::DeviceSettingsService::OwnershipStatus ownership_status) {
|
| DCHECK_NE(chromeos::DeviceSettingsService::OWNERSHIP_UNKNOWN,
|
| ownership_status);
|
| @@ -182,7 +210,17 @@ void DeviceLocalAccountPolicyStore::Validate(
|
|
|
| validator->ValidatePayload();
|
| validator->ValidateSignature(key->as_string());
|
| - validator.release()->StartValidation(base::Bind(callback, key->as_string()));
|
| +
|
| + if (validate_in_background) {
|
| + // The Validator will delete itself once validation is
|
| + // complete.
|
| + validator.release()->StartValidation(
|
| + base::Bind(callback, key->as_string()));
|
| + } else {
|
| + validator->RunValidation();
|
| +
|
| + UpdatePolicy(key->as_string(), validator.get());
|
| + }
|
| }
|
|
|
| } // namespace policy
|
|
|
Chromium Code Reviews
Issue 2714493002:
Load DeviceLocalAccount policy and DeviceSettings immediately on restore after Chrome crash. (Closed)
