| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 5 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/logging.h" | 8 #include "base/logging.h" |
| 9 #include "base/message_loop/message_loop.h" | 9 #include "base/message_loop/message_loop.h" |
| 10 #include "base/stl_util.h" | 10 #include "base/stl_util.h" |
| (...skipping 17 matching lines...) Expand all Loading... |
| 28 | 28 |
| 29 // Delay between load retries when there was a validation error. | 29 // Delay between load retries when there was a validation error. |
| 30 // NOTE: This code is here to mitigate clock loss on some devices where policy | 30 // NOTE: This code is here to mitigate clock loss on some devices where policy |
| 31 // loads will fail with a validation error caused by RTC clock being reset when | 31 // loads will fail with a validation error caused by RTC clock being reset when |
| 32 // the battery is drained. | 32 // the battery is drained. |
| 33 int kLoadRetryDelayMs = 1000 * 5; | 33 int kLoadRetryDelayMs = 1000 * 5; |
| 34 // Maximal number of retries before we give up. Calculated to allow for 10 min | 34 // Maximal number of retries before we give up. Calculated to allow for 10 min |
| 35 // of retry time. | 35 // of retry time. |
| 36 int kMaxLoadRetries = (1000 * 60 * 10) / kLoadRetryDelayMs; | 36 int kMaxLoadRetries = (1000 * 60 * 10) / kLoadRetryDelayMs; |
| 37 | 37 |
| 38 // Assembles PolicyData based on |settings|, |policy_data| and |
| 39 // |user_id|. |
| 40 scoped_ptr<em::PolicyData> AssemblePolicy( |
| 41 const std::string& user_id, |
| 42 const em::PolicyData* policy_data, |
| 43 const em::ChromeDeviceSettingsProto* settings) { |
| 44 scoped_ptr<em::PolicyData> policy(new em::PolicyData()); |
| 45 if (policy_data) { |
| 46 // Preserve management settings. |
| 47 if (policy_data->has_management_mode()) |
| 48 policy->set_management_mode(policy_data->management_mode()); |
| 49 if (policy_data->has_request_token()) |
| 50 policy->set_request_token(policy_data->request_token()); |
| 51 if (policy_data->has_device_id()) |
| 52 policy->set_device_id(policy_data->device_id()); |
| 53 } else { |
| 54 // If there's no previous policy data, this is the first time the device |
| 55 // setting is set. We set the management mode to NOT_MANAGED initially. |
| 56 policy->set_management_mode(em::PolicyData::NOT_MANAGED); |
| 57 } |
| 58 policy->set_policy_type(policy::dm_protocol::kChromeDevicePolicyType); |
| 59 policy->set_timestamp( |
| 60 (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds()); |
| 61 policy->set_username(user_id); |
| 62 if (!settings->SerializeToString(policy->mutable_policy_value())) |
| 63 return scoped_ptr<em::PolicyData>(); |
| 64 |
| 65 return policy.Pass(); |
| 66 } |
| 67 |
| 68 // Returns true if it is okay to transfer from the current mode to the new |
| 69 // mode. This function should be called in SetManagementMode(). |
| 70 bool CheckManagementModeTransition(em::PolicyData::ManagementMode current_mode, |
| 71 em::PolicyData::ManagementMode new_mode) { |
| 72 // Mode is not changed. |
| 73 if (current_mode == new_mode) |
| 74 return true; |
| 75 |
| 76 switch (current_mode) { |
| 77 case em::PolicyData::NOT_MANAGED: |
| 78 // For consumer management enrollment. |
| 79 return new_mode == em::PolicyData::CONSUMER_MANAGED; |
| 80 |
| 81 case em::PolicyData::ENTERPRISE_MANAGED: |
| 82 // Management mode cannot be set when it is currently ENTERPRISE_MANAGED. |
| 83 return false; |
| 84 |
| 85 case em::PolicyData::CONSUMER_MANAGED: |
| 86 // For consumer management unenrollment. |
| 87 return new_mode == em::PolicyData::NOT_MANAGED; |
| 88 } |
| 89 |
| 90 NOTREACHED(); |
| 91 return false; |
| 92 } |
| 93 |
| 38 } // namespace | 94 } // namespace |
| 39 | 95 |
| 40 namespace chromeos { | 96 namespace chromeos { |
| 41 | 97 |
| 42 DeviceSettingsService::Observer::~Observer() {} | 98 DeviceSettingsService::Observer::~Observer() {} |
| 43 | 99 |
| 44 static DeviceSettingsService* g_device_settings_service = NULL; | 100 static DeviceSettingsService* g_device_settings_service = NULL; |
| 45 | 101 |
| 46 // static | 102 // static |
| 47 void DeviceSettingsService::Initialize() { | 103 void DeviceSettingsService::Initialize() { |
| (...skipping 61 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 109 return public_key_; | 165 return public_key_; |
| 110 } | 166 } |
| 111 | 167 |
| 112 void DeviceSettingsService::Load() { | 168 void DeviceSettingsService::Load() { |
| 113 EnqueueLoad(false); | 169 EnqueueLoad(false); |
| 114 } | 170 } |
| 115 | 171 |
| 116 void DeviceSettingsService::SignAndStore( | 172 void DeviceSettingsService::SignAndStore( |
| 117 scoped_ptr<em::ChromeDeviceSettingsProto> new_settings, | 173 scoped_ptr<em::ChromeDeviceSettingsProto> new_settings, |
| 118 const base::Closure& callback) { | 174 const base::Closure& callback) { |
| 119 if (!delegate_) | 175 if (!owner_settings_service_) { |
| 120 HandleError(STORE_KEY_UNAVAILABLE, callback); | 176 HandleError(STORE_KEY_UNAVAILABLE, callback); |
| 121 else | 177 return; |
| 122 delegate_->SignAndStoreAsync(new_settings.Pass(), callback); | 178 } |
| 179 scoped_ptr<em::PolicyData> policy = |
| 180 AssemblePolicy(GetUsername(), policy_data(), new_settings.get()); |
| 181 if (!policy) { |
| 182 HandleError(STORE_POLICY_ERROR, callback); |
| 183 return; |
| 184 } |
| 185 |
| 186 owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback); |
| 123 } | 187 } |
| 124 | 188 |
| 125 void DeviceSettingsService::SetManagementSettings( | 189 void DeviceSettingsService::SetManagementSettings( |
| 126 em::PolicyData::ManagementMode management_mode, | 190 em::PolicyData::ManagementMode management_mode, |
| 127 const std::string& request_token, | 191 const std::string& request_token, |
| 128 const std::string& device_id, | 192 const std::string& device_id, |
| 129 const base::Closure& callback) { | 193 const base::Closure& callback) { |
| 130 if (!delegate_) { | 194 if (!owner_settings_service_) { |
| 131 HandleError(STORE_KEY_UNAVAILABLE, callback); | 195 HandleError(STORE_KEY_UNAVAILABLE, callback); |
| 132 } else { | 196 return; |
| 133 delegate_->SetManagementSettingsAsync( | |
| 134 management_mode, request_token, device_id, callback); | |
| 135 } | 197 } |
| 198 |
| 199 em::PolicyData::ManagementMode current_mode = em::PolicyData::NOT_MANAGED; |
| 200 if (policy_data() && policy_data()->has_management_mode()) |
| 201 current_mode = policy_data()->management_mode(); |
| 202 |
| 203 if (!CheckManagementModeTransition(current_mode, management_mode)) { |
| 204 LOG(ERROR) << "Invalid management mode transition: current mode = " |
| 205 << current_mode << ", new mode = " << management_mode; |
| 206 HandleError(DeviceSettingsService::STORE_POLICY_ERROR, callback); |
| 207 return; |
| 208 } |
| 209 |
| 210 scoped_ptr<em::PolicyData> policy = |
| 211 AssemblePolicy(GetUsername(), policy_data(), device_settings()); |
| 212 if (!policy) { |
| 213 HandleError(DeviceSettingsService::STORE_POLICY_ERROR, callback); |
| 214 return; |
| 215 } |
| 216 |
| 217 policy->set_management_mode(management_mode); |
| 218 policy->set_request_token(request_token); |
| 219 policy->set_device_id(device_id); |
| 220 |
| 221 owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback); |
| 136 } | 222 } |
| 137 | 223 |
| 138 void DeviceSettingsService::Store(scoped_ptr<em::PolicyFetchResponse> policy, | 224 void DeviceSettingsService::Store(scoped_ptr<em::PolicyFetchResponse> policy, |
| 139 const base::Closure& callback) { | 225 const base::Closure& callback) { |
| 140 Enqueue( | 226 Enqueue( |
| 141 new StoreSettingsOperation( | 227 new StoreSettingsOperation( |
| 142 base::Bind(&DeviceSettingsService::HandleCompletedOperation, | 228 base::Bind(&DeviceSettingsService::HandleCompletedOperation, |
| 143 weak_factory_.GetWeakPtr(), | 229 weak_factory_.GetWeakPtr(), |
| 144 callback), | 230 callback), |
| 145 policy.Pass())); | 231 policy.Pass())); |
| (...skipping 16 matching lines...) Expand all Loading... |
| 162 // If the key hasn't been loaded yet, enqueue the callback to be fired when | 248 // If the key hasn't been loaded yet, enqueue the callback to be fired when |
| 163 // the next SessionManagerOperation completes. If no operation is pending, | 249 // the next SessionManagerOperation completes. If no operation is pending, |
| 164 // start a load operation to fetch the key and report the result. | 250 // start a load operation to fetch the key and report the result. |
| 165 pending_ownership_status_callbacks_.push_back(callback); | 251 pending_ownership_status_callbacks_.push_back(callback); |
| 166 if (pending_operations_.empty()) | 252 if (pending_operations_.empty()) |
| 167 EnqueueLoad(false); | 253 EnqueueLoad(false); |
| 168 } | 254 } |
| 169 } | 255 } |
| 170 | 256 |
| 171 bool DeviceSettingsService::HasPrivateOwnerKey() { | 257 bool DeviceSettingsService::HasPrivateOwnerKey() { |
| 172 return delegate_ && delegate_->IsOwner(); | 258 return owner_settings_service_ && owner_settings_service_->IsOwner(); |
| 173 } | 259 } |
| 174 | 260 |
| 175 void DeviceSettingsService::InitOwner( | 261 void DeviceSettingsService::InitOwner( |
| 176 const std::string& username, | 262 const std::string& username, |
| 177 const base::WeakPtr<PrivateKeyDelegate>& delegate) { | 263 const base::WeakPtr<ownership::OwnerSettingsService>& |
| 264 owner_settings_service) { |
| 178 // When InitOwner() is called twice with the same |username| it's | 265 // When InitOwner() is called twice with the same |username| it's |
| 179 // worth to reload settings since owner key may become available. | 266 // worth to reload settings since owner key may become available. |
| 180 if (!username_.empty() && username_ != username) | 267 if (!username_.empty() && username_ != username) |
| 181 return; | 268 return; |
| 182 username_ = username; | 269 username_ = username; |
| 183 delegate_ = delegate; | 270 owner_settings_service_ = owner_settings_service; |
| 184 | 271 |
| 185 EnsureReload(true); | 272 EnsureReload(true); |
| 186 } | 273 } |
| 187 | 274 |
| 188 const std::string& DeviceSettingsService::GetUsername() const { | 275 const std::string& DeviceSettingsService::GetUsername() const { |
| 189 return username_; | 276 return username_; |
| 190 } | 277 } |
| 191 | 278 |
| 192 void DeviceSettingsService::AddObserver(Observer* observer) { | 279 void DeviceSettingsService::AddObserver(Observer* observer) { |
| 193 observers_.AddObserver(observer); | 280 observers_.AddObserver(observer); |
| (...skipping 29 matching lines...) Expand all Loading... |
| 223 } | 310 } |
| 224 | 311 |
| 225 void DeviceSettingsService::EnqueueLoad(bool force_key_load) { | 312 void DeviceSettingsService::EnqueueLoad(bool force_key_load) { |
| 226 SessionManagerOperation* operation = | 313 SessionManagerOperation* operation = |
| 227 new LoadSettingsOperation( | 314 new LoadSettingsOperation( |
| 228 base::Bind(&DeviceSettingsService::HandleCompletedOperation, | 315 base::Bind(&DeviceSettingsService::HandleCompletedOperation, |
| 229 weak_factory_.GetWeakPtr(), | 316 weak_factory_.GetWeakPtr(), |
| 230 base::Closure())); | 317 base::Closure())); |
| 231 operation->set_force_key_load(force_key_load); | 318 operation->set_force_key_load(force_key_load); |
| 232 operation->set_username(username_); | 319 operation->set_username(username_); |
| 233 operation->set_delegate(delegate_); | 320 operation->set_owner_settings_service(owner_settings_service_); |
| 234 Enqueue(operation); | 321 Enqueue(operation); |
| 235 } | 322 } |
| 236 | 323 |
| 237 void DeviceSettingsService::EnsureReload(bool force_key_load) { | 324 void DeviceSettingsService::EnsureReload(bool force_key_load) { |
| 238 if (!pending_operations_.empty()) { | 325 if (!pending_operations_.empty()) { |
| 239 pending_operations_.front()->set_username(username_); | 326 pending_operations_.front()->set_username(username_); |
| 240 pending_operations_.front()->set_delegate(delegate_); | 327 pending_operations_.front()->set_owner_settings_service( |
| 328 owner_settings_service_); |
| 241 pending_operations_.front()->RestartLoad(force_key_load); | 329 pending_operations_.front()->RestartLoad(force_key_load); |
| 242 } else { | 330 } else { |
| 243 EnqueueLoad(force_key_load); | 331 EnqueueLoad(force_key_load); |
| 244 } | 332 } |
| 245 } | 333 } |
| 246 | 334 |
| 247 void DeviceSettingsService::StartNextOperation() { | 335 void DeviceSettingsService::StartNextOperation() { |
| 248 if (!pending_operations_.empty() && | 336 if (!pending_operations_.empty() && |
| 249 session_manager_client_ && | 337 session_manager_client_ && |
| 250 owner_key_util_.get()) { | 338 owner_key_util_.get()) { |
| (...skipping 101 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 352 DeviceSettingsService::Initialize(); | 440 DeviceSettingsService::Initialize(); |
| 353 } | 441 } |
| 354 | 442 |
| 355 ScopedTestDeviceSettingsService::~ScopedTestDeviceSettingsService() { | 443 ScopedTestDeviceSettingsService::~ScopedTestDeviceSettingsService() { |
| 356 // Clean pending operations. | 444 // Clean pending operations. |
| 357 DeviceSettingsService::Get()->UnsetSessionManager(); | 445 DeviceSettingsService::Get()->UnsetSessionManager(); |
| 358 DeviceSettingsService::Shutdown(); | 446 DeviceSettingsService::Shutdown(); |
| 359 } | 447 } |
| 360 | 448 |
| 361 } // namespace chromeos | 449 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 548323003:
Non-plafrom-specific part of an OwnerSettingsService is moved to components/ownership/*. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master