chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc - Issue 330843002: Make the policy fetch for first time login blocking

Side by Side Diff: chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chromeos.cc

Issue 330843002: Make the policy fetch for first time login blocking (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Adds comment in LoginUtilTest Created 6 years, 5 months ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc ('K') | « chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos_browsertest.cc ('k') | chrome/chrome_tests.gypi » ('j') | chrome/chrome_tests.gypi » ('J')
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.	1 // Copyright (c) 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chrom eos.h"	5 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_factory_chrom eos.h"

6	6

7 #include "base/bind.h"	7 #include "base/bind.h"

8 #include "base/command_line.h"	8 #include "base/command_line.h"

9 #include "base/files/file_path.h"	9 #include "base/files/file_path.h"

10 #include "base/logging.h"	10 #include "base/logging.h"

11 #include "base/memory/ref_counted.h"	11 #include "base/memory/ref_counted.h"

12 #include "base/message_loop/message_loop_proxy.h"	12 #include "base/message_loop/message_loop_proxy.h"

13 #include "base/path_service.h"	13 #include "base/path_service.h"

14 #include "base/sequenced_task_runner.h"	14 #include "base/sequenced_task_runner.h"

15 #include "base/threading/sequenced_worker_pool.h"	15 #include "base/threading/sequenced_worker_pool.h"

16 #include "base/time/time.h"	16 #include "base/time/time.h"

17 #include "chrome/browser/browser_process.h"	17 #include "chrome/browser/browser_process.h"

18 #include "chrome/browser/chromeos/login/login_utils.h"	18 #include "chrome/browser/chromeos/login/login_utils.h"

19 #include "chrome/browser/chromeos/login/users/user.h"	19 #include "chrome/browser/chromeos/login/users/user.h"

	20 #include "chrome/browser/chromeos/login/users/user_manager.h"

20 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"	21 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h"

21 #include "chrome/browser/chromeos/policy/user_cloud_external_data_manager.h"	22 #include "chrome/browser/chromeos/policy/user_cloud_external_data_manager.h"

22 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h"	23 #include "chrome/browser/chromeos/policy/user_cloud_policy_manager_chromeos.h"

23 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h"	24 #include "chrome/browser/chromeos/policy/user_cloud_policy_store_chromeos.h"

24 #include "chrome/browser/chromeos/profiles/profile_helper.h"	25 #include "chrome/browser/chromeos/profiles/profile_helper.h"

25 #include "chrome/browser/policy/schema_registry_service.h"	26 #include "chrome/browser/policy/schema_registry_service.h"

26 #include "chrome/browser/policy/schema_registry_service_factory.h"	27 #include "chrome/browser/policy/schema_registry_service_factory.h"

27 #include "chrome/browser/profiles/profile.h"	28 #include "chrome/browser/profiles/profile.h"

28 #include "chromeos/chromeos_paths.h"	29 #include "chromeos/chromeos_paths.h"

29 #include "chromeos/chromeos_switches.h"	30 #include "chromeos/chromeos_switches.h"

30 #include "chromeos/dbus/dbus_thread_manager.h"	31 #include "chromeos/dbus/dbus_thread_manager.h"

31 #include "components/keyed_service/content/browser_context_dependency_manager.h"	32 #include "components/keyed_service/content/browser_context_dependency_manager.h"

	33 #include "components/policy/core/browser/browser_policy_connector.h"

32 #include "components/policy/core/common/cloud/cloud_external_data_manager.h"	34 #include "components/policy/core/common/cloud/cloud_external_data_manager.h"

33 #include "components/policy/core/common/cloud/device_management_service.h"	35 #include "components/policy/core/common/cloud/device_management_service.h"

34 #include "components/user_manager/user_type.h"	36 #include "components/user_manager/user_type.h"

35 #include "content/public/browser/browser_thread.h"	37 #include "content/public/browser/browser_thread.h"

36 #include "net/url_request/url_request_context_getter.h"	38 #include "net/url_request/url_request_context_getter.h"

37 #include "policy/policy_constants.h"	39 #include "policy/policy_constants.h"

38	40

39 namespace policy {	41 namespace policy {

40	42

41 namespace {	43 namespace {

(...skipping 89 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
131 // USER_TYPE_RETAIL_MODE, USER_TYPE_KIOSK_APP, USER_TYPE_GUEST and	133 // USER_TYPE_RETAIL_MODE, USER_TYPE_KIOSK_APP, USER_TYPE_GUEST and

132 // USER_TYPE_LOCALLY_MANAGED are not signed in and can't authenticate the	134 // USER_TYPE_LOCALLY_MANAGED are not signed in and can't authenticate the

133 // policy registration.	135 // policy registration.

134 // USER_TYPE_PUBLIC_ACCOUNT gets its policy from the	136 // USER_TYPE_PUBLIC_ACCOUNT gets its policy from the

135 // DeviceLocalAccountPolicyService.	137 // DeviceLocalAccountPolicyService.

136 const std::string& username = user->email();	138 const std::string& username = user->email();

137 if (user->GetType() != user_manager::USER_TYPE_REGULAR \|\|	139 if (user->GetType() != user_manager::USER_TYPE_REGULAR \|\|

138 BrowserPolicyConnector::IsNonEnterpriseUser(username)) {	140 BrowserPolicyConnector::IsNonEnterpriseUser(username)) {

139 return scoped_ptr<UserCloudPolicyManagerChromeOS>();	141 return scoped_ptr<UserCloudPolicyManagerChromeOS>();

140 }	142 }

	143 // If the user is known to be a non enterprise user, we don't reach this code.

	144 DCHECK(!BrowserPolicyConnector::IsNonEnterpriseUser(username));
	Joao da Silva 2014/07/09 12:31:16 This is guaranteed by the statement immediately be This is guaranteed by the statement immediately before, so I don't see the value of DCHECKing... kaliamoorthi 2014/07/11 10:05:19 Done. Show quoted text On 2014/07/09 12:31:16, Joao da Silva wrote: > This is guaranteed by the statement immediately before, so I don't see the value > of DCHECKing... Done.
141	145

142 policy::BrowserPolicyConnectorChromeOS* connector =	146 policy::BrowserPolicyConnectorChromeOS* connector =

143 g_browser_process->platform_part()->browser_policy_connector_chromeos();	147 g_browser_process->platform_part()->browser_policy_connector_chromeos();

144 UserAffiliation affiliation = connector->GetUserAffiliation(username);	148 UserAffiliation affiliation = connector->GetUserAffiliation(username);

145 const bool is_managed_user = affiliation == USER_AFFILIATION_MANAGED;	149 const bool is_managed_user = affiliation == USER_AFFILIATION_MANAGED;
	bartfab (slow) 2014/07/08 17:40:33 Nit: Better s/is_managed_user/is_affiliated_user/. Nit: Better s/is_managed_user/is_affiliated_user/. A user whose domain does not match the enrollment domain can still be managed. The user is simply not affiliated. kaliamoorthi 2014/07/11 10:05:20 Done. Show quoted text On 2014/07/08 17:40:33, bartfab wrote: > Nit: Better s/is_managed_user/is_affiliated_user/. A user whose domain does not > match the enrollment domain can still be managed. The user is simply not > affiliated. Done.
146 const bool is_browser_restart =	150 const bool is_browser_restart =

147 command_line->HasSwitch(chromeos::switches::kLoginUser);	151 command_line->HasSwitch(chromeos::switches::kLoginUser);

148 const bool wait_for_initial_policy = is_managed_user && !is_browser_restart;	152 const bool wait_for_initial_policy =

	153 (chromeos::UserManager::Get()->IsCurrentUserNew() ? true
	Andrew T Wilson (Slow) 2014/07/09 13:37:59 Nit: I think: IsCurrentUserNew() \|\| is_managed_us Nit: I think: IsCurrentUserNew() \|\| is_managed_user Is easier to read than IsCurrentUserNew() : true ? is_managed_user kaliamoorthi 2014/07/11 10:05:19 Done. Show quoted text On 2014/07/09 13:37:59, Andrew T Wilson wrote: > Nit: I think: > > IsCurrentUserNew() \|\| is_managed_user > > Is easier to read than > > IsCurrentUserNew() : true ? is_managed_user > Done.
	154 : is_managed_user) &&

	155 !is_browser_restart;

	156

	157 const base::TimeDelta initial_policy_fetch_timeout =

	158 chromeos::UserManager::Get()->IsCurrentUserNew()

	159 ? base::TimeDelta::Max()

	160 : base::TimeDelta::FromSeconds(kInitialPolicyFetchTimeoutSeconds);

149	161

150 DeviceManagementService* device_management_service =	162 DeviceManagementService* device_management_service =

151 connector->device_management_service();	163 connector->device_management_service();

152 if (wait_for_initial_policy)	164 if (wait_for_initial_policy)

153 device_management_service->ScheduleInitialization(0);	165 device_management_service->ScheduleInitialization(0);

154	166

155 base::FilePath profile_dir = profile->GetPath();	167 base::FilePath profile_dir = profile->GetPath();

156 const base::FilePath legacy_dir = profile_dir.Append(kDeviceManagementDir);	168 const base::FilePath legacy_dir = profile_dir.Append(kDeviceManagementDir);

157 const base::FilePath policy_cache_file = legacy_dir.Append(kPolicy);	169 const base::FilePath policy_cache_file = legacy_dir.Append(kPolicy);

158 const base::FilePath token_cache_file = legacy_dir.Append(kToken);	170 const base::FilePath token_cache_file = legacy_dir.Append(kToken);

(...skipping 29 matching lines...) Expand all Loading...
188 scoped_refptr<base::SequencedTaskRunner> file_task_runner =	200 scoped_refptr<base::SequencedTaskRunner> file_task_runner =

189 content::BrowserThread::GetMessageLoopProxyForThread(	201 content::BrowserThread::GetMessageLoopProxyForThread(

190 content::BrowserThread::FILE);	202 content::BrowserThread::FILE);

191	203

192 scoped_ptr<UserCloudPolicyManagerChromeOS> manager(	204 scoped_ptr<UserCloudPolicyManagerChromeOS> manager(

193 new UserCloudPolicyManagerChromeOS(	205 new UserCloudPolicyManagerChromeOS(

194 store.PassAs<CloudPolicyStore>(),	206 store.PassAs<CloudPolicyStore>(),

195 external_data_manager.Pass(),	207 external_data_manager.Pass(),

196 component_policy_cache_dir,	208 component_policy_cache_dir,

197 wait_for_initial_policy,	209 wait_for_initial_policy,

198 base::TimeDelta::FromSeconds(kInitialPolicyFetchTimeoutSeconds),	210 initial_policy_fetch_timeout,

199 base::MessageLoopProxy::current(),	211 base::MessageLoopProxy::current(),

200 file_task_runner,	212 file_task_runner,

201 io_task_runner));	213 io_task_runner));

202	214

203 bool wildcard_match = false;	215 bool wildcard_match = false;

204 if (connector->IsEnterpriseManaged() &&	216 if (connector->IsEnterpriseManaged() &&

205 chromeos::LoginUtils::IsWhitelisted(username, &wildcard_match) &&	217 chromeos::LoginUtils::IsWhitelisted(username, &wildcard_match) &&

206 wildcard_match &&	218 wildcard_match &&

207 !connector->IsNonEnterpriseUser(username)) {	219 !connector->IsNonEnterpriseUser(username)) {

208 manager->EnableWildcardLoginCheck(username);	220 manager->EnableWildcardLoginCheck(username);

(...skipping 33 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
242	254

243 bool UserCloudPolicyManagerFactoryChromeOS::HasTestingFactory(	255 bool UserCloudPolicyManagerFactoryChromeOS::HasTestingFactory(

244 content::BrowserContext* context) {	256 content::BrowserContext* context) {

245 return false;	257 return false;

246 }	258 }

247	259

248 void UserCloudPolicyManagerFactoryChromeOS::CreateServiceNow(	260 void UserCloudPolicyManagerFactoryChromeOS::CreateServiceNow(

249 content::BrowserContext* context) {}	261 content::BrowserContext* context) {}

250	262

251 } // namespace policy	263 } // namespace policy

OLD	NEW