Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(271)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/policy/test/policy_testserver.py

Issue 335113008: Wire up component cloud policy to device local accounts. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src
Patch Set: rebase Created 6 years, 6 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/policy/device_local_account_policy_service.cc ('k') | chromeos/chromeos_paths.h » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/policy/test/policy_testserver.py
diff --git a/chrome/browser/policy/test/policy_testserver.py b/chrome/browser/policy/test/policy_testserver.py
index 413745514f45d63b93c3861ce25f2f4f7e5d5b54..81b6bd5357f9920a1736213730b8c8f99520a005 100644
--- a/chrome/browser/policy/test/policy_testserver.py
+++ b/chrome/browser/policy/test/policy_testserver.py
@@ -443,6 +443,14 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
self.server.UpdateStateKeys(token_info['device_token'],
key_update_request.server_backed_state_key)
+ # If this is a publicaccount request then get the username now and use it
+ # in every PolicyFetchResponse produced. This is required to validate
+ # policy for extensions in public accounts.
+ username = self.server.GetPolicies().get('policy_user', None)
+ for request in msg.policy_request.request:
+ if request.policy_type == 'google/chromeos/publicaccount':
+ username = request.settings_entity_id
+
response = dm.DeviceManagementResponse()
for request in msg.policy_request.request:
if (request.policy_type in
@@ -456,7 +464,7 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
self.ProcessCloudPolicy(request, token_info, fetch_response)
elif request.policy_type == 'google/chrome/extension':
self.ProcessCloudPolicyForExtensions(
- request, response.policy_response, token_info)
+ request, response.policy_response, token_info, username)
else:
fetch_response.error_code = 400
fetch_response.error_message = 'Invalid policy_type'
@@ -628,7 +636,8 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
self.SetProtobufMessageField(policy_message, field_descriptor, value)
settings.__getattribute__(field.name).CopyFrom(policy_message)
- def ProcessCloudPolicyForExtensions(self, request, response, token_info):
+ def ProcessCloudPolicyForExtensions(self, request, response, token_info,
+ username):
"""Handles a request for policy for extensions.
A request for policy for extensions is slightly different from the other
@@ -640,6 +649,7 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
response: The DevicePolicyResponse message for the response. Multiple
PolicyFetchResponses will be appended to this message.
token_info: The token extracted from the request.
+ username: The username for the response.
"""
# Send one PolicyFetchResponse for each extension that has
# configuration data at the server.
@@ -649,13 +659,13 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
# type in the response.
request.settings_entity_id = settings_entity_id
fetch_response = response.response.add()
- self.ProcessCloudPolicy(request, token_info, fetch_response)
+ self.ProcessCloudPolicy(request, token_info, fetch_response, username)
# Don't do key rotations for these messages.
fetch_response.ClearField('new_public_key')
fetch_response.ClearField('new_public_key_signature')
fetch_response.ClearField('new_public_key_verification_signature')
- def ProcessCloudPolicy(self, msg, token_info, response):
+ def ProcessCloudPolicy(self, msg, token_info, response, username=None):
"""Handles a cloud policy request. (New protocol for policy requests.)
Encodes the policy into protobuf representation, signs it and constructs
@@ -666,6 +676,7 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
token_info: The token extracted from the request.
response: A PolicyFetchResponse message that should be filled with the
response data.
+ username: The username for the response. May be None.
"""
if msg.machine_id:
@@ -746,7 +757,10 @@ class PolicyRequestHandler(BaseHTTPServer.BaseHTTPRequestHandler):
if signing_key:
policy_data.public_key_version = current_key_index + 1
- if msg.policy_type == 'google/chromeos/publicaccount':
+
+ if username:
+ policy_data.username = username
+ elif msg.policy_type == 'google/chromeos/publicaccount':
policy_data.username = msg.settings_entity_id
else:
# For regular user/device policy, there is no way for the testserver to
@@ -960,7 +974,8 @@ class PolicyTestServer(testserver_base.BrokenPipeHandlerMixIn,
],
dm.DeviceRegisterRequest.DEVICE: [
'google/chromeos/device',
- 'google/chromeos/publicaccount'
+ 'google/chromeos/publicaccount',
+ 'google/chrome/extension'
],
dm.DeviceRegisterRequest.ANDROID_BROWSER: [
'google/android/user'
« no previous file with comments | « chrome/browser/chromeos/policy/device_local_account_policy_service.cc ('k') | chromeos/chromeos_paths.h » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698