Apply global auto connect ONC policy in GetManagedProperties.

chromeos/network/policy_applicator.cc

 // Copyright 2013 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "chromeos/network/policy_applicator.h"
 
 #include <utility>
 
 #include "base/bind.h"
 #include "base/location.h"
@@ skipping 154 matching lines @@
                              << "configuration.";
 
     if (old_guid == new_guid &&
         remaining_policies_.find(new_guid) == remaining_policies_.end()) {
       VLOG(1) << "Not updating existing managed configuration with guid "
               << new_guid << " because the policy didn't change.";
     } else {
       const base::DictionaryValue* user_settings =
           ui_data ? ui_data->user_settings() : NULL;
       scoped_ptr<base::DictionaryValue> new_shill_properties =
-          policy_util::CreateShillConfiguration(
-              profile_, new_guid, new_policy, user_settings);
+          policy_util::CreateShillConfiguration(profile_,
+                                                new_guid,
+                                                &global_network_config_,
+                                                new_policy,
+                                                user_settings);
       // A new policy has to be applied to this profile entry. In order to keep
       // implicit state of Shill like "connected successfully before", keep the
       // entry if a policy is reapplied (e.g. after reboot) or is updated.
       // However, some Shill properties are used to identify the network and
       // cannot be modified after initial configuration, so we have to delete
       // the profile entry in these cases. Also, keeping Shill's state if the
       // SSID changed might not be a good idea anyways. If the policy GUID
       // changed, or there was no policy before, we delete the entry at first to
       // ensure that no old configuration remains.
       if (old_guid == new_guid &&
@@ skipping 10 matching lines @@
       // In general, old entries should at first be deleted before new
       // configurations are written to prevent inconsistencies. Therefore, we
       // delay the writing of the new config here until ~PolicyApplicator.
       // E.g. one problematic case is if a policy { {GUID=X, SSID=Y} } is
       // applied to the profile entries
       // { ENTRY1 = {GUID=X, SSID=X, USER_SETTINGS=X},
       //   ENTRY2 = {SSID=Y, ... } }.
       // At first ENTRY1 and ENTRY2 should be removed, then the new config be
       // written and the result should be:
       // { {GUID=X, SSID=Y, USER_SETTINGS=X} }
-      WriteNewShillConfiguration(*new_shill_properties, *new_policy, true);
+      WriteNewShillConfiguration(
+          *new_shill_properties, *new_policy, true /* write later */);
       remaining_policies_.erase(new_guid);
     }
   } else if (was_managed) {
     VLOG(1) << "Removing configuration previously managed by policy "
             << old_guid << ", because the policy was removed.";
 
     // Remove the entry, because the network was managed but isn't anymore.
     // Note: An alternative might be to preserve the user settings, but it's
     // unclear which values originating the policy should be removed.
     DeleteEntry(entry);
   } else {
     // The entry wasn't managed and doesn't match any current policy. Global
     // network settings have to be applied.
     base::DictionaryValue shill_properties_to_update;
-    GetPropertiesForUnmanagedEntry(entry_properties,
-                                   &shill_properties_to_update);
+    policy_util::SetShillPropertiesForGlobalPolicy(
+        entry_properties, global_network_config_, &shill_properties_to_update);
     if (shill_properties_to_update.empty()) {
       VLOG(2) << "Ignore unmanaged entry.";
       // Calling a SetProperties of Shill with an empty dictionary is a no op.
     } else {
       VLOG(2) << "Apply global network config to unmanaged entry.";
       handler_->UpdateExistingConfigurationWithPropertiesFromPolicy(
           entry_properties, shill_properties_to_update);
     }
   }
 }
@@ skipping 25 matching lines @@
     if (auth == ::onc::ethernet::kAuthenticationNone)
       return;
   }
 
   if (write_later)
     new_shill_configurations_.push_back(shill_dictionary.DeepCopy());
   else
     handler_->CreateConfigurationFromPolicy(shill_dictionary);
 }
 
-void PolicyApplicator::GetPropertiesForUnmanagedEntry(
-    const base::DictionaryValue& entry_properties,
-    base::DictionaryValue* properties_to_update) const {
-  // kAllowOnlyPolicyNetworksToAutoconnect is currently the only global config.
-
-  std::string type;
-  entry_properties.GetStringWithoutPathExpansion(shill::kTypeProperty, &type);
-  if (NetworkTypePattern::Ethernet().MatchesType(type))
-    return;  // Autoconnect for Ethernet cannot be configured.
-
-  // By default all networks are allowed to autoconnect.
-  bool only_policy_autoconnect = false;
-  global_network_config_.GetBooleanWithoutPathExpansion(
-      ::onc::global_network_config::kAllowOnlyPolicyNetworksToAutoconnect,
-      &only_policy_autoconnect);
-  if (!only_policy_autoconnect)
-    return;
-
-  bool old_autoconnect = false;
-  if (entry_properties.GetBooleanWithoutPathExpansion(
-          shill::kAutoConnectProperty, &old_autoconnect) &&
-      !old_autoconnect) {
-    // Autoconnect is already explictly disabled. No need to set it again.
-    return;
-  }
-  // If autconnect is not explicitly set yet, it might automatically be enabled
-  // by Shill. To prevent that, disable it explicitly.
-  properties_to_update->SetBooleanWithoutPathExpansion(
-      shill::kAutoConnectProperty, false);
-}
-
 PolicyApplicator::~PolicyApplicator() {
   ApplyRemainingPolicies();
   STLDeleteValues(&all_policies_);
   // Notify the handler about all policies being applied, so that the network
   // lists can be updated.
   if (handler_)
     handler_->OnPoliciesApplied();
 }
 
 void PolicyApplicator::ApplyRemainingPolicies() {
@@ skipping 14 matching lines @@
   if (remaining_policies_.empty())
     return;
 
   VLOG(2) << "Create new managed network configurations in profile"
           << profile_.ToDebugString() << ".";
   // All profile entries were compared to policies. |remaining_policies_|
   // contains all modified policies that didn't match any entry. For these
   // remaining policies, new configurations have to be created.
   for (std::set<std::string>::iterator it = remaining_policies_.begin();
        it != remaining_policies_.end(); ++it) {
-    const base::DictionaryValue* policy = GetByGUID(all_policies_, *it);
-    DCHECK(policy);
+    const base::DictionaryValue* network_policy = GetByGUID(all_policies_, *it);
+    DCHECK(network_policy);
 
     VLOG(1) << "Creating new configuration managed by policy " << *it
             << " in profile " << profile_.ToDebugString() << ".";
 
     scoped_ptr<base::DictionaryValue> shill_dictionary =
-        policy_util::CreateShillConfiguration(
-            profile_, *it, policy, NULL /* no user settings */);
-    WriteNewShillConfiguration(*shill_dictionary, *policy, false);
+        policy_util::CreateShillConfiguration(profile_,
+                                              *it,
+                                              &global_network_config_,
+                                              network_policy,
+                                              NULL /* no user settings */);
+    WriteNewShillConfiguration(
+        *shill_dictionary, *network_policy, false /* write now */);
   }
 }
 
 }  // namespace chromeos