extensions/browser/api/networking_private/networking_private_chromeos.cc - Issue 2754903002: Prevent networkingPrivate.forgetNetwork from removing shared configs

Unified Diff: extensions/browser/api/networking_private/networking_private_chromeos.cc

Issue 2754903002: Prevent networkingPrivate.forgetNetwork from removing shared configs (Closed)

Patch Set: . Created 3 years, 9 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View side-by-side diff with in-line comments

« chromeos/dbus/fake_shill_profile_client.cc ('K') | « extensions/browser/api/networking_private/networking_private_chromeos.h ('k') | extensions/browser/api/networking_private/networking_private_chromeos_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

Index: extensions/browser/api/networking_private/networking_private_chromeos.cc

diff --git a/extensions/browser/api/networking_private/networking_private_chromeos.cc b/extensions/browser/api/networking_private/networking_private_chromeos.cc

index 5d84f0ba7eaa643d0b98947249adfbf10a5e104b..485a9092396c14b96edbe95ba15a8a92a7276746 100644

--- a/extensions/browser/api/networking_private/networking_private_chromeos.cc

+++ b/extensions/browser/api/networking_private/networking_private_chromeos.cc

@@ -444,6 +444,7 @@ void NetworkingPrivateChromeOS::CreateNetwork(

void NetworkingPrivateChromeOS::ForgetNetwork(

const std::string& guid,

+ bool allow_forget_shared_config,

const VoidCallback& success_callback,

const FailureCallback& failure_callback) {

std::string service_path, error;

@@ -452,9 +453,50 @@ void NetworkingPrivateChromeOS::ForgetNetwork(

return;

}

- GetManagedConfigurationHandler()->RemoveConfiguration(

- service_path, success_callback,

- base::Bind(&NetworkHandlerFailureCallback, failure_callback));

+ const chromeos::NetworkState* network =

+ GetStateHandler()->GetNetworkStateFromServicePath(

+ service_path, true /* configured only */);

+ if (!network) {

+ failure_callback.Run(networking_private::kErrorNetworkUnavailable);

+ return;

+ }

+ std::string user_id_hash;

+ // Don't allow non-primary user to remove private configs - the private

+ // configs belong to the primary user (non-primary users' network configs

+ // never get loaded by shill).

+ if (!GetPrimaryUserIdHash(browser_context_, &user_id_hash, &error) &&

+ network->IsPrivate()) {

+ failure_callback.Run(error);

+ return;

+ }

+ if (!allow_forget_shared_config && !network->IsPrivate()) {

+ failure_callback.Run(networking_private::kErrorAccessToSharedConfig);

+ return;

+ }

+ onc::ONCSource onc_source = onc::ONC_SOURCE_UNKNOWN;

+ if (GetManagedConfigurationHandler()->FindPolicyByGUID(user_id_hash, guid,

+ &onc_source)) {

+ // Fail if requested configuration removal includes a policy controlled

+ // network configuration.

+ if (allow_forget_shared_config ||

+ onc_source == onc::ONC_SOURCE_USER_POLICY) {

stevenjb 2017/03/30 17:33:13 This logic is confusing to follow. I guess it is s

tbarzic 2017/03/30 18:00:05 yeah, good point. Done.

+ failure_callback.Run(networking_private::kErrorPolicyControlled);

+ return;

+ }

+ if (allow_forget_shared_config) {

+ GetManagedConfigurationHandler()->RemoveConfiguration(

+ service_path, success_callback,

+ base::Bind(&NetworkHandlerFailureCallback, failure_callback));

+ } else {

+ GetManagedConfigurationHandler()->RemoveConfigurationFromCurrentProfile(

+ service_path, success_callback,

+ base::Bind(&NetworkHandlerFailureCallback, failure_callback));

+ }

}

void NetworkingPrivateChromeOS::GetNetworks(