Chromium Code Reviews Chromium Code Reviews
Issue 374573006:
Force enterprise enrollment flow upon detection of inconsistent state. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" | 5 #include "chrome/browser/chromeos/policy/device_cloud_policy_initializer.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/bind_helpers.h" | 8 #include "base/bind_helpers.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| 11 #include "base/sequenced_task_runner.h" | 11 #include "base/sequenced_task_runner.h" |
| 12 #include "base/values.h" | 12 #include "base/values.h" |
| 13 #include "chrome/browser/browser_process.h" | 13 #include "chrome/browser/browser_process.h" |
| 14 #include "chrome/browser/chromeos/login/startup_utils.h" | |
| 14 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h" | 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_manager_chromeos.h" |
| 15 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 16 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 16 #include "chrome/browser/chromeos/policy/device_status_collector.h" | 17 #include "chrome/browser/chromeos/policy/device_status_collector.h" |
| 17 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" | 18 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" |
| 18 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" | 19 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" |
| 19 #include "chrome/browser/chromeos/policy/server_backed_device_state.h" | 20 #include "chrome/browser/chromeos/policy/server_backed_device_state.h" |
| 20 #include "chrome/common/chrome_content_client.h" | 21 #include "chrome/common/chrome_content_client.h" |
| 21 #include "chrome/common/pref_names.h" | 22 #include "chrome/common/pref_names.h" |
| 22 #include "chromeos/system/statistics_provider.h" | 23 #include "chromeos/system/statistics_provider.h" |
| 23 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 24 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| (...skipping 97 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 121 restore_mode == kDeviceStateRestoreModeReEnrollmentEnforced) { | 122 restore_mode == kDeviceStateRestoreModeReEnrollmentEnforced) { |
| 122 return true; | 123 return true; |
| 123 } | 124 } |
| 124 | 125 |
| 125 if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentAutoStart)) | 126 if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentAutoStart)) |
| 126 return local_state_->GetBoolean(prefs::kDeviceEnrollmentAutoStart); | 127 return local_state_->GetBoolean(prefs::kDeviceEnrollmentAutoStart); |
| 127 | 128 |
| 128 return GetMachineFlag(chromeos::system::kOemIsEnterpriseManagedKey, false); | 129 return GetMachineFlag(chromeos::system::kOemIsEnterpriseManagedKey, false); |
| 129 } | 130 } |
| 130 | 131 |
| 132 bool DeviceCloudPolicyInitializer::ShouldRecoverEnrollment() const { | |
| 133 if (install_attributes_->IsEnterpriseDevice() | |
| 134 && chromeos::StartupUtils::IsEnrollmentRecoveryRequired()) { | |
|
pastarmovj
2014/07/08 12:36:31
nit: Move the && to the line above.
Thiemo Nagel
2014/07/08 14:02:04
Done.
| |
| 135 LOG(WARNING) << "Enrollment recovery required according to pref."; | |
| 136 std::string machine_id; | |
| 137 bool machine_id_success = | |
| 138 chromeos::system::StatisticsProvider::GetInstance() | |
| 139 ->GetMachineStatistic(chromeos::system::kHardwareClassKey, &machine_id); | |
|
pastarmovj
2014/07/08 12:36:31
nit this line should be further 4 spaces in. I thi
Thiemo Nagel
2014/07/08 14:02:04
I've tried it, to my eyes that looked worse. But
| |
| 140 if (machine_id_success && machine_id != "") | |
| 141 return true; | |
| 142 LOG(WARNING) << "Postponing recovery because machine id is missing."; | |
| 143 } | |
| 144 return false; | |
| 145 } | |
| 146 | |
| 131 bool DeviceCloudPolicyInitializer::CanExitEnrollment() const { | 147 bool DeviceCloudPolicyInitializer::CanExitEnrollment() const { |
| 132 if (GetRestoreMode() == kDeviceStateRestoreModeReEnrollmentEnforced) | 148 if (GetRestoreMode() == kDeviceStateRestoreModeReEnrollmentEnforced) |
| 133 return false; | 149 return false; |
| 134 | 150 |
| 135 if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentCanExit)) | 151 if (local_state_->HasPrefPath(prefs::kDeviceEnrollmentCanExit)) |
| 136 return local_state_->GetBoolean(prefs::kDeviceEnrollmentCanExit); | 152 return local_state_->GetBoolean(prefs::kDeviceEnrollmentCanExit); |
| 137 | 153 |
| 138 return GetMachineFlag(chromeos::system::kOemCanExitEnterpriseEnrollmentKey, | 154 return GetMachineFlag(chromeos::system::kOemCanExitEnterpriseEnrollmentKey, |
| 139 true); | 155 true); |
| 140 } | 156 } |
| (...skipping 46 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 187 kPolicyVerificationKeyHash, | 203 kPolicyVerificationKeyHash, |
| 188 USER_AFFILIATION_NONE, | 204 USER_AFFILIATION_NONE, |
| 189 device_status_provider_.get(), | 205 device_status_provider_.get(), |
| 190 device_management_service, | 206 device_management_service, |
| 191 request_context)); | 207 request_context)); |
| 192 } | 208 } |
| 193 | 209 |
| 194 void DeviceCloudPolicyInitializer::TryToCreateClient() { | 210 void DeviceCloudPolicyInitializer::TryToCreateClient() { |
| 195 if (device_store_->is_initialized() && | 211 if (device_store_->is_initialized() && |
| 196 device_store_->has_policy() && | 212 device_store_->has_policy() && |
| 213 !device_store_->policy()->request_token().empty() && | |
| 197 !state_keys_broker_->pending() && | 214 !state_keys_broker_->pending() && |
| 198 !enrollment_handler_) { | 215 !enrollment_handler_) { |
| 199 DeviceManagementService* service; | 216 DeviceManagementService* service; |
| 200 if (device_store_->policy()->management_mode() == | 217 if (device_store_->policy()->management_mode() == |
| 201 em::PolicyData::CONSUMER_MANAGED) { | 218 em::PolicyData::CONSUMER_MANAGED) { |
| 202 service = consumer_service_; | 219 service = consumer_service_; |
| 203 } else { | 220 } else { |
| 204 service = enterprise_service_; | 221 service = enterprise_service_; |
| 205 } | 222 } |
| 206 StartConnection(CreateClient(service)); | 223 StartConnection(CreateClient(service)); |
| (...skipping 13 matching lines...) Expand all Loading... | |
| 220 | 237 |
| 221 std::string DeviceCloudPolicyInitializer::GetRestoreMode() const { | 238 std::string DeviceCloudPolicyInitializer::GetRestoreMode() const { |
| 222 const base::DictionaryValue* device_state_dict = | 239 const base::DictionaryValue* device_state_dict = |
| 223 local_state_->GetDictionary(prefs::kServerBackedDeviceState); | 240 local_state_->GetDictionary(prefs::kServerBackedDeviceState); |
| 224 std::string restore_mode; | 241 std::string restore_mode; |
| 225 device_state_dict->GetString(kDeviceStateRestoreMode, &restore_mode); | 242 device_state_dict->GetString(kDeviceStateRestoreMode, &restore_mode); |
| 226 return restore_mode; | 243 return restore_mode; |
| 227 } | 244 } |
| 228 | 245 |
| 229 } // namespace policy | 246 } // namespace policy |
| OLD | NEW |
