| OLD | NEW |
|---|
| 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/policy/profile_policy_connector.h" | 5 #include "chrome/browser/policy/profile_policy_connector.h" |
| 6 | 6 |
| 7 #include <vector> | 7 #include <vector> |
| 8 | 8 |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "chrome/browser/browser_process.h" | 10 #include "chrome/browser/browser_process.h" |
| 11 #include "chrome/browser/policy/browser_policy_connector.h" | 11 #include "chrome/browser/policy/browser_policy_connector.h" |
| 12 #include "chrome/browser/policy/cloud/cloud_policy_manager.h" | 12 #include "chrome/browser/policy/cloud/cloud_policy_manager.h" |
| 13 #include "chrome/browser/policy/configuration_policy_provider.h" | 13 #include "chrome/browser/policy/configuration_policy_provider.h" |
| 14 #include "chrome/browser/policy/policy_service.h" | 14 #include "chrome/browser/policy/policy_service.h" |
| 15 | 15 |
| 16 #if defined(OS_CHROMEOS) | 16 #if defined(OS_CHROMEOS) |
| 17 #include "base/bind.h" | 17 #include "base/bind.h" |
| 18 #include "base/prefs/pref_service.h" | 18 #include "base/prefs/pref_service.h" |
| 19 #include "chrome/browser/chromeos/login/user.h" | 19 #include "chrome/browser/chromeos/login/user.h" |
| 20 #include "chrome/browser/chromeos/login/user_manager.h" | 20 #include "chrome/browser/chromeos/login/user_manager.h" |
| 21 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" | 21 #include "chrome/browser/chromeos/policy/device_local_account_policy_provider.h" |
| 22 #include "chrome/browser/chromeos/policy/login_profile_policy_provider.h" | 22 #include "chrome/browser/chromeos/policy/login_profile_policy_provider.h" |
| 23 #include "chrome/browser/chromeos/policy/user_network_configuration_updater.h" | |
| 24 #include "chrome/browser/policy/policy_service.h" | 23 #include "chrome/browser/policy/policy_service.h" |
| 25 #include "chrome/common/pref_names.h" | 24 #include "chrome/common/pref_names.h" |
| 26 #include "chromeos/network/network_handler.h" | |
| 27 #include "chromeos/network/onc/onc_certificate_importer_impl.h" | |
| 28 #endif | 25 #endif |
| 29 | 26 |
| 30 namespace policy { | 27 namespace policy { |
| 31 | 28 |
| 32 ProfilePolicyConnector::ProfilePolicyConnector(Profile* profile) | 29 ProfilePolicyConnector::ProfilePolicyConnector(Profile* profile) |
| 33 : | 30 : |
| 34 #if defined(OS_CHROMEOS) | 31 #if defined(OS_CHROMEOS) |
| 35 is_primary_user_(false), | 32 is_primary_user_(false), |
| 36 weak_ptr_factory_(this), | 33 weak_ptr_factory_(this), |
| 37 #endif | 34 #endif |
| (...skipping 10 matching lines...) Expand all Loading... |
| 48 BrowserPolicyConnector* connector = | 45 BrowserPolicyConnector* connector = |
| 49 g_browser_process->browser_policy_connector(); | 46 g_browser_process->browser_policy_connector(); |
| 50 // |providers| contains a list of the policy providers available for the | 47 // |providers| contains a list of the policy providers available for the |
| 51 // PolicyService of this connector. | 48 // PolicyService of this connector. |
| 52 std::vector<ConfigurationPolicyProvider*> providers; | 49 std::vector<ConfigurationPolicyProvider*> providers; |
| 53 | 50 |
| 54 if (user_cloud_policy_manager) | 51 if (user_cloud_policy_manager) |
| 55 providers.push_back(user_cloud_policy_manager); | 52 providers.push_back(user_cloud_policy_manager); |
| 56 | 53 |
| 57 #if defined(OS_CHROMEOS) | 54 #if defined(OS_CHROMEOS) |
| 58 bool allow_trusted_certs_from_policy = false; | |
| 59 if (!user) { | 55 if (!user) { |
| 60 // This case occurs for the signin profile. | 56 // This case occurs for the signin profile. |
| 61 special_user_policy_provider_.reset( | 57 special_user_policy_provider_.reset( |
| 62 new LoginProfilePolicyProvider(connector->GetPolicyService())); | 58 new LoginProfilePolicyProvider(connector->GetPolicyService())); |
| 63 special_user_policy_provider_->Init(); | 59 special_user_policy_provider_->Init(); |
| 64 } else { | 60 } else { |
| 65 // |user| should never be NULL except for the signin profile. | 61 // |user| should never be NULL except for the signin profile. |
| 66 is_primary_user_ = user == chromeos::UserManager::Get()->GetPrimaryUser(); | 62 is_primary_user_ = user == chromeos::UserManager::Get()->GetPrimaryUser(); |
| 67 if (user->GetType() == chromeos::User::USER_TYPE_PUBLIC_ACCOUNT) | 63 if (user->GetType() == chromeos::User::USER_TYPE_PUBLIC_ACCOUNT) |
| 68 InitializeDeviceLocalAccountPolicyProvider(user->email()); | 64 InitializeDeviceLocalAccountPolicyProvider(user->email()); |
| 69 // Allow trusted certs from policy only for managed regular accounts. | |
| 70 const bool is_managed = connector->GetUserAffiliation(user->email()) == | |
| 71 USER_AFFILIATION_MANAGED; | |
| 72 if (is_managed && user->GetType() == chromeos::User::USER_TYPE_REGULAR) | |
| 73 allow_trusted_certs_from_policy = true; | |
| 74 } | 65 } |
| 75 if (special_user_policy_provider_) | 66 if (special_user_policy_provider_) |
| 76 providers.push_back(special_user_policy_provider_.get()); | 67 providers.push_back(special_user_policy_provider_.get()); |
| 77 #endif | 68 #endif |
| 78 | 69 |
| 79 policy_service_ = connector->CreatePolicyService(providers); | 70 policy_service_ = connector->CreatePolicyService(providers); |
| 80 | 71 |
| 81 #if defined(OS_CHROMEOS) | 72 #if defined(OS_CHROMEOS) |
| 82 if (is_primary_user_) { | 73 if (is_primary_user_) { |
| 83 if (user_cloud_policy_manager) | 74 if (user_cloud_policy_manager) |
| 84 connector->SetUserPolicyDelegate(user_cloud_policy_manager); | 75 connector->SetUserPolicyDelegate(user_cloud_policy_manager); |
| 85 else if (special_user_policy_provider_) | 76 else if (special_user_policy_provider_) |
| 86 connector->SetUserPolicyDelegate(special_user_policy_provider_.get()); | 77 connector->SetUserPolicyDelegate(special_user_policy_provider_.get()); |
| 87 | |
| 88 network_configuration_updater_ = | |
| 89 UserNetworkConfigurationUpdater::CreateForUserPolicy( | |
| 90 allow_trusted_certs_from_policy, | |
| 91 *user, | |
| 92 scoped_ptr<chromeos::onc::CertificateImporter>( | |
| 93 new chromeos::onc::CertificateImporterImpl), | |
| 94 policy_service(), | |
| 95 chromeos::NetworkHandler::Get() | |
| 96 ->managed_network_configuration_handler()); | |
| 97 } | 78 } |
| 98 #endif | 79 #endif |
| 99 } | 80 } |
| 100 | 81 |
| 101 void ProfilePolicyConnector::InitForTesting(scoped_ptr<PolicyService> service) { | 82 void ProfilePolicyConnector::InitForTesting(scoped_ptr<PolicyService> service) { |
| 102 policy_service_ = service.Pass(); | 83 policy_service_ = service.Pass(); |
| 103 } | 84 } |
| 104 | 85 |
| 105 void ProfilePolicyConnector::Shutdown() { | 86 void ProfilePolicyConnector::Shutdown() { |
| 106 #if defined(OS_CHROMEOS) | 87 #if defined(OS_CHROMEOS) |
| 107 if (is_primary_user_) | 88 if (is_primary_user_) |
| 108 g_browser_process->browser_policy_connector()->SetUserPolicyDelegate(NULL); | 89 g_browser_process->browser_policy_connector()->SetUserPolicyDelegate(NULL); |
| 109 network_configuration_updater_.reset(); | |
| 110 if (special_user_policy_provider_) | 90 if (special_user_policy_provider_) |
| 111 special_user_policy_provider_->Shutdown(); | 91 special_user_policy_provider_->Shutdown(); |
| 112 #endif | 92 #endif |
| 113 } | 93 } |
| 114 | 94 |
| 115 #if defined(OS_CHROMEOS) | 95 #if defined(OS_CHROMEOS) |
| 116 void ProfilePolicyConnector::SetPolicyCertVerifier( | |
| 117 PolicyCertVerifier* cert_verifier) { | |
| 118 if (network_configuration_updater_) | |
| 119 network_configuration_updater_->SetPolicyCertVerifier(cert_verifier); | |
| 120 } | |
| 121 | |
| 122 base::Closure ProfilePolicyConnector::GetPolicyCertTrustedCallback() { | 96 base::Closure ProfilePolicyConnector::GetPolicyCertTrustedCallback() { |
| 123 return base::Bind(&ProfilePolicyConnector::SetUsedPolicyCertificatesOnce, | 97 return base::Bind(&ProfilePolicyConnector::SetUsedPolicyCertificatesOnce, |
| 124 weak_ptr_factory_.GetWeakPtr()); | 98 weak_ptr_factory_.GetWeakPtr()); |
| 125 } | 99 } |
| 126 | |
| 127 void ProfilePolicyConnector::GetWebTrustedCertificates( | |
| 128 net::CertificateList* certs) const { | |
| 129 certs->clear(); | |
| 130 if (network_configuration_updater_) | |
| 131 network_configuration_updater_->GetWebTrustedCertificates(certs); | |
| 132 } | |
| 133 #endif | 100 #endif |
| 134 | 101 |
| 135 bool ProfilePolicyConnector::UsedPolicyCertificates() { | 102 bool ProfilePolicyConnector::UsedPolicyCertificates() { |
| 136 #if defined(OS_CHROMEOS) | 103 #if defined(OS_CHROMEOS) |
| 137 return profile_->GetPrefs()->GetBoolean(prefs::kUsedPolicyCertificatesOnce); | 104 return profile_->GetPrefs()->GetBoolean(prefs::kUsedPolicyCertificatesOnce); |
| 138 #else | 105 #else |
| 139 return false; | 106 return false; |
| 140 #endif | 107 #endif |
| 141 } | 108 } |
| 142 | 109 |
| (...skipping 10 matching lines...) Expand all Loading... |
| 153 connector->GetDeviceLocalAccountPolicyService(); | 120 connector->GetDeviceLocalAccountPolicyService(); |
| 154 if (!device_local_account_policy_service) | 121 if (!device_local_account_policy_service) |
| 155 return; | 122 return; |
| 156 special_user_policy_provider_.reset(new DeviceLocalAccountPolicyProvider( | 123 special_user_policy_provider_.reset(new DeviceLocalAccountPolicyProvider( |
| 157 username, device_local_account_policy_service)); | 124 username, device_local_account_policy_service)); |
| 158 special_user_policy_provider_->Init(); | 125 special_user_policy_provider_->Init(); |
| 159 } | 126 } |
| 160 #endif | 127 #endif |
| 161 | 128 |
| 162 } // namespace policy | 129 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 53923004:
policy: Make UserNetworkConfigurationUpdater a BCKS. (Closed)
Base URL: svn://svn.chromium.org/chrome/trunk/src