OLD | NEW |
1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
4 | 4 |
5 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_fact
ory.h" | 5 #include "chrome/browser/chromeos/policy/user_network_configuration_updater_fact
ory.h" |
6 | 6 |
7 #include "base/memory/singleton.h" | 7 #include "base/memory/singleton.h" |
8 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | 8 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" |
9 #include "chrome/browser/chromeos/profiles/profile_helper.h" | 9 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
10 #include "chrome/browser/policy/profile_policy_connector.h" | 10 #include "chrome/browser/policy/profile_policy_connector.h" |
(...skipping 43 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
54 return true; | 54 return true; |
55 } | 55 } |
56 | 56 |
57 bool UserNetworkConfigurationUpdaterFactory::ServiceIsNULLWhileTesting() const { | 57 bool UserNetworkConfigurationUpdaterFactory::ServiceIsNULLWhileTesting() const { |
58 return true; | 58 return true; |
59 } | 59 } |
60 | 60 |
61 KeyedService* UserNetworkConfigurationUpdaterFactory::BuildServiceInstanceFor( | 61 KeyedService* UserNetworkConfigurationUpdaterFactory::BuildServiceInstanceFor( |
62 content::BrowserContext* context) const { | 62 content::BrowserContext* context) const { |
63 Profile* profile = Profile::FromBrowserContext(context); | 63 Profile* profile = Profile::FromBrowserContext(context); |
64 if (chromeos::ProfileHelper::IsSigninProfile(profile)) | 64 if (chromeos::ProfileHelper::IsSigninProfile(profile) || |
65 return NULL; // On the login screen only device network policies apply. | 65 chromeos::ProfileHelper::IsLockScreenAppProfile(profile)) { |
| 66 return nullptr; // On the login screen only device network policies apply. |
| 67 } |
66 | 68 |
67 const user_manager::User* user = | 69 const user_manager::User* user = |
68 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); | 70 chromeos::ProfileHelper::Get()->GetUserByProfile(profile); |
69 DCHECK(user); | 71 DCHECK(user); |
70 // Currently, only the network policy of the primary user is supported. See | 72 // Currently, only the network policy of the primary user is supported. See |
71 // also http://crbug.com/310685 . | 73 // also http://crbug.com/310685 . |
72 if (user != user_manager::UserManager::Get()->GetPrimaryUser()) | 74 if (user != user_manager::UserManager::Get()->GetPrimaryUser()) |
73 return NULL; | 75 return nullptr; |
74 | 76 |
75 ProfilePolicyConnector* profile_connector = | 77 ProfilePolicyConnector* profile_connector = |
76 ProfilePolicyConnectorFactory::GetForBrowserContext(context); | 78 ProfilePolicyConnectorFactory::GetForBrowserContext(context); |
77 | 79 |
78 return UserNetworkConfigurationUpdater::CreateForUserPolicy( | 80 return UserNetworkConfigurationUpdater::CreateForUserPolicy( |
79 profile, AllowTrustedCertsFromPolicy(user), *user, | 81 profile, AllowTrustedCertsFromPolicy(user), *user, |
80 profile_connector->policy_service(), | 82 profile_connector->policy_service(), |
81 chromeos::NetworkHandler::Get() | 83 chromeos::NetworkHandler::Get() |
82 ->managed_network_configuration_handler()) | 84 ->managed_network_configuration_handler()) |
83 .release(); | 85 .release(); |
84 } | 86 } |
85 | 87 |
86 // static | 88 // static |
87 bool UserNetworkConfigurationUpdaterFactory::AllowTrustedCertsFromPolicy( | 89 bool UserNetworkConfigurationUpdaterFactory::AllowTrustedCertsFromPolicy( |
88 const user_manager::User* user) { | 90 const user_manager::User* user) { |
89 user_manager::UserType user_type = user->GetType(); | 91 user_manager::UserType user_type = user->GetType(); |
90 | 92 |
91 // Disallow trusted root certs for public sessions. | 93 // Disallow trusted root certs for public sessions. |
92 // Also, guest sessions don't get user policy, but a | 94 // Also, guest sessions don't get user policy, but a |
93 // UserNetworkCofnigurationUpdater can be created for them anyway. | 95 // UserNetworkCofnigurationUpdater can be created for them anyway. |
94 return user_type != user_manager::USER_TYPE_GUEST && | 96 return user_type != user_manager::USER_TYPE_GUEST && |
95 user_type != user_manager::USER_TYPE_PUBLIC_ACCOUNT; | 97 user_type != user_manager::USER_TYPE_PUBLIC_ACCOUNT; |
96 } | 98 } |
97 | 99 |
98 } // namespace policy | 100 } // namespace policy |
OLD | NEW |