OLD | NEW |
---|---|
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chromeos/network/managed_network_configuration_handler_impl.h" | 5 #include "chromeos/network/managed_network_configuration_handler_impl.h" |
6 | 6 |
7 #include <memory> | 7 #include <memory> |
8 #include <utility> | 8 #include <utility> |
9 #include <vector> | 9 #include <vector> |
10 | 10 |
(...skipping 336 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
347 service_path, *shill_dictionary, | 347 service_path, *shill_dictionary, |
348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, | 348 NetworkConfigurationObserver::SOURCE_USER_ACTION, callback, |
349 error_callback); | 349 error_callback); |
350 } | 350 } |
351 | 351 |
352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( | 352 void ManagedNetworkConfigurationHandlerImpl::CreateConfiguration( |
353 const std::string& userhash, | 353 const std::string& userhash, |
354 const base::DictionaryValue& properties, | 354 const base::DictionaryValue& properties, |
355 const network_handler::ServiceResultCallback& callback, | 355 const network_handler::ServiceResultCallback& callback, |
356 const network_handler::ErrorCallback& error_callback) const { | 356 const network_handler::ErrorCallback& error_callback) const { |
357 // Validate the ONC dictionary. We are liberal and ignore unknown field | |
358 // names. User settings are only partial ONC, thus we ignore missing fields. | |
359 onc::Validator validator(false, // Ignore unknown fields. | |
360 false, // Ignore invalid recommended field names. | |
361 false, // Ignore missing fields. | |
362 false); // This ONC does not come from policy. | |
363 | |
364 onc::Validator::Result validation_result; | |
365 std::unique_ptr<base::DictionaryValue> validated_properties = | |
366 validator.ValidateAndRepairObject(&onc::kNetworkConfigurationSignature, | |
367 properties, &validation_result); | |
368 | |
369 if (validation_result == onc::Validator::INVALID) { | |
370 InvokeErrorCallback("", error_callback, kInvalidUserSettings); | |
371 return; | |
372 } | |
373 | |
374 if (validation_result == onc::Validator::VALID_WITH_WARNINGS) | |
375 LOG(WARNING) << "Validation of ONC user settings produced warnings."; | |
376 | |
377 // Fill in HexSSID field from contents of SSID field if not set already - this | |
378 // is required to properly match the configuration against existing policies. | |
379 if (validated_properties) { | |
380 onc::FillInHexSSIDFieldsInOncObject(onc::kNetworkConfigurationSignature, | |
381 validated_properties.get()); | |
382 } | |
383 | |
384 // Make user the network is not configured through a user policy. | |
357 const Policies* policies = GetPoliciesForUser(userhash); | 385 const Policies* policies = GetPoliciesForUser(userhash); |
358 if (!policies) { | 386 if (!policies) { |
359 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | 387 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); |
360 return; | 388 return; |
361 } | 389 } |
362 | 390 |
363 if (policy_util::FindMatchingPolicy(policies->per_network_config, | 391 if (policy_util::FindMatchingPolicy(policies->per_network_config, |
364 properties)) { | 392 *validated_properties)) { |
365 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | 393 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); |
366 return; | 394 return; |
367 } | 395 } |
396 | |
397 // Make user the network is not configured through a device policy. | |
398 policies = GetPoliciesForUser(""); | |
tbarzic
2017/03/24 19:35:17
I'm not 100% sure this is right, but not allowing
| |
399 if (!policies) { | |
400 InvokeErrorCallback("", error_callback, kPoliciesNotInitialized); | |
401 return; | |
402 } | |
403 | |
404 if (policy_util::FindMatchingPolicy(policies->per_network_config, | |
405 *validated_properties)) { | |
406 InvokeErrorCallback("", error_callback, kNetworkAlreadyConfigured); | |
407 return; | |
408 } | |
368 | 409 |
369 const NetworkProfile* profile = | 410 const NetworkProfile* profile = |
370 network_profile_handler_->GetProfileForUserhash(userhash); | 411 network_profile_handler_->GetProfileForUserhash(userhash); |
371 if (!profile) { | 412 if (!profile) { |
372 InvokeErrorCallback("", error_callback, kProfileNotInitialized); | 413 InvokeErrorCallback("", error_callback, kProfileNotInitialized); |
373 return; | 414 return; |
374 } | 415 } |
375 | 416 |
376 // TODO(pneubeck): In case of WiFi, check that no other configuration for the | 417 // TODO(pneubeck): In case of WiFi, check that no other configuration for the |
377 // same {SSID, mode, security} exists. We don't support such multiple | 418 // same {SSID, mode, security} exists. We don't support such multiple |
378 // configurations, yet. | 419 // configurations, yet. |
379 | 420 |
380 // Generate a new GUID for this configuration. Ignore the maybe provided GUID | 421 // Generate a new GUID for this configuration. Ignore the maybe provided GUID |
381 // in |properties| as it is not our own and from an untrusted source. | 422 // in |properties| as it is not our own and from an untrusted source. |
382 std::string guid = base::GenerateGUID(); | 423 std::string guid = base::GenerateGUID(); |
383 std::unique_ptr<base::DictionaryValue> shill_dictionary( | 424 std::unique_ptr<base::DictionaryValue> shill_dictionary( |
384 policy_util::CreateShillConfiguration(*profile, guid, | 425 policy_util::CreateShillConfiguration(*profile, guid, |
385 NULL, // no global policy | 426 NULL, // no global policy |
386 NULL, // no network policy | 427 NULL, // no network policy |
387 &properties)); | 428 validated_properties.get())); |
388 | 429 |
389 network_configuration_handler_->CreateShillConfiguration( | 430 network_configuration_handler_->CreateShillConfiguration( |
390 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, | 431 *shill_dictionary, NetworkConfigurationObserver::SOURCE_USER_ACTION, |
391 callback, error_callback); | 432 callback, error_callback); |
392 } | 433 } |
393 | 434 |
394 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( | 435 void ManagedNetworkConfigurationHandlerImpl::RemoveConfiguration( |
395 const std::string& service_path, | 436 const std::string& service_path, |
396 const base::Closure& callback, | 437 const base::Closure& callback, |
397 const network_handler::ErrorCallback& error_callback) const { | 438 const network_handler::ErrorCallback& error_callback) const { |
(...skipping 454 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
852 std::unique_ptr<base::DictionaryValue> network_properties, | 893 std::unique_ptr<base::DictionaryValue> network_properties, |
853 GetDevicePropertiesCallback send_callback, | 894 GetDevicePropertiesCallback send_callback, |
854 const std::string& error_name, | 895 const std::string& error_name, |
855 std::unique_ptr<base::DictionaryValue> error_data) { | 896 std::unique_ptr<base::DictionaryValue> error_data) { |
856 NET_LOG_ERROR("Error getting device properties", service_path); | 897 NET_LOG_ERROR("Error getting device properties", service_path); |
857 send_callback.Run(service_path, std::move(network_properties)); | 898 send_callback.Run(service_path, std::move(network_properties)); |
858 } | 899 } |
859 | 900 |
860 | 901 |
861 } // namespace chromeos | 902 } // namespace chromeos |
OLD | NEW |