Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(4038)

Issues Search
    My Issues | Starred     Open | Closed | All

Unified Diff: chrome/browser/chromeos/settings/device_settings_service.cc

Issue 548323003: Non-plafrom-specific part of an OwnerSettingsService is moved to components/ownership/*. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master
Patch Set: Fixes to *.gypi and *.gn files. Created 6 years, 3 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View side-by-side diff with in-line comments
Download patch
« no previous file with comments | « chrome/browser/chromeos/settings/device_settings_service.h ('k') | chrome/browser/chromeos/settings/device_settings_service_unittest.cc » ('j') | no next file with comments »
Expand Comments ('e') | Collapse Comments ('c') | Show Comments Hide Comments ('s')
Index: chrome/browser/chromeos/settings/device_settings_service.cc
diff --git a/chrome/browser/chromeos/settings/device_settings_service.cc b/chrome/browser/chromeos/settings/device_settings_service.cc
index 9ba93243c923ee032a906fe81efc1329754b4f78..36de11dff7393d1c2d910d7d55c302b4d5521cd7 100644
--- a/chrome/browser/chromeos/settings/device_settings_service.cc
+++ b/chrome/browser/chromeos/settings/device_settings_service.cc
@@ -35,6 +35,62 @@ int kLoadRetryDelayMs = 1000 * 5;
// of retry time.
int kMaxLoadRetries = (1000 * 60 * 10) / kLoadRetryDelayMs;
+// Assembles PolicyData based on |settings|, |policy_data| and
+// |user_id|.
+scoped_ptr<em::PolicyData> AssemblePolicy(
+ const std::string& user_id,
+ const em::PolicyData* policy_data,
+ const em::ChromeDeviceSettingsProto* settings) {
+ scoped_ptr<em::PolicyData> policy(new em::PolicyData());
+ if (policy_data) {
+ // Preserve management settings.
+ if (policy_data->has_management_mode())
+ policy->set_management_mode(policy_data->management_mode());
+ if (policy_data->has_request_token())
+ policy->set_request_token(policy_data->request_token());
+ if (policy_data->has_device_id())
+ policy->set_device_id(policy_data->device_id());
+ } else {
+ // If there's no previous policy data, this is the first time the device
+ // setting is set. We set the management mode to NOT_MANAGED initially.
+ policy->set_management_mode(em::PolicyData::NOT_MANAGED);
+ }
+ policy->set_policy_type(policy::dm_protocol::kChromeDevicePolicyType);
+ policy->set_timestamp(
+ (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds());
+ policy->set_username(user_id);
+ if (!settings->SerializeToString(policy->mutable_policy_value()))
+ return scoped_ptr<em::PolicyData>();
+
+ return policy.Pass();
+}
+
+// Returns true if it is okay to transfer from the current mode to the new
+// mode. This function should be called in SetManagementMode().
+bool CheckManagementModeTransition(em::PolicyData::ManagementMode current_mode,
+ em::PolicyData::ManagementMode new_mode) {
+ // Mode is not changed.
+ if (current_mode == new_mode)
+ return true;
+
+ switch (current_mode) {
+ case em::PolicyData::NOT_MANAGED:
+ // For consumer management enrollment.
+ return new_mode == em::PolicyData::CONSUMER_MANAGED;
+
+ case em::PolicyData::ENTERPRISE_MANAGED:
+ // Management mode cannot be set when it is currently ENTERPRISE_MANAGED.
+ return false;
+
+ case em::PolicyData::CONSUMER_MANAGED:
+ // For consumer management unenrollment.
+ return new_mode == em::PolicyData::NOT_MANAGED;
+ }
+
+ NOTREACHED();
+ return false;
+}
+
} // namespace
namespace chromeos {
@@ -116,10 +172,18 @@ void DeviceSettingsService::Load() {
void DeviceSettingsService::SignAndStore(
scoped_ptr<em::ChromeDeviceSettingsProto> new_settings,
const base::Closure& callback) {
- if (!delegate_)
+ if (!owner_settings_service_) {
HandleError(STORE_KEY_UNAVAILABLE, callback);
- else
- delegate_->SignAndStoreAsync(new_settings.Pass(), callback);
+ return;
+ }
+ scoped_ptr<em::PolicyData> policy =
+ AssemblePolicy(GetUsername(), policy_data(), new_settings.get());
+ if (!policy) {
+ HandleError(STORE_POLICY_ERROR, callback);
+ return;
+ }
+
+ owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback);
}
void DeviceSettingsService::SetManagementSettings(
@@ -127,12 +191,34 @@ void DeviceSettingsService::SetManagementSettings(
const std::string& request_token,
const std::string& device_id,
const base::Closure& callback) {
- if (!delegate_) {
+ if (!owner_settings_service_) {
HandleError(STORE_KEY_UNAVAILABLE, callback);
- } else {
- delegate_->SetManagementSettingsAsync(
- management_mode, request_token, device_id, callback);
+ return;
+ }
+
+ em::PolicyData::ManagementMode current_mode = em::PolicyData::NOT_MANAGED;
+ if (policy_data() && policy_data()->has_management_mode())
+ current_mode = policy_data()->management_mode();
+
+ if (!CheckManagementModeTransition(current_mode, management_mode)) {
+ LOG(ERROR) << "Invalid management mode transition: current mode = "
+ << current_mode << ", new mode = " << management_mode;
+ HandleError(DeviceSettingsService::STORE_POLICY_ERROR, callback);
+ return;
+ }
+
+ scoped_ptr<em::PolicyData> policy =
+ AssemblePolicy(GetUsername(), policy_data(), device_settings());
+ if (!policy) {
+ HandleError(DeviceSettingsService::STORE_POLICY_ERROR, callback);
+ return;
}
+
+ policy->set_management_mode(management_mode);
+ policy->set_request_token(request_token);
+ policy->set_device_id(device_id);
+
+ owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback);
}
void DeviceSettingsService::Store(scoped_ptr<em::PolicyFetchResponse> policy,
@@ -169,18 +255,19 @@ void DeviceSettingsService::GetOwnershipStatusAsync(
}
bool DeviceSettingsService::HasPrivateOwnerKey() {
- return delegate_ && delegate_->IsOwner();
+ return owner_settings_service_ && owner_settings_service_->IsOwner();
}
void DeviceSettingsService::InitOwner(
const std::string& username,
- const base::WeakPtr<PrivateKeyDelegate>& delegate) {
+ const base::WeakPtr<ownership::OwnerSettingsService>&
+ owner_settings_service) {
// When InitOwner() is called twice with the same |username| it's
// worth to reload settings since owner key may become available.
if (!username_.empty() && username_ != username)
return;
username_ = username;
- delegate_ = delegate;
+ owner_settings_service_ = owner_settings_service;
EnsureReload(true);
}
@@ -230,14 +317,15 @@ void DeviceSettingsService::EnqueueLoad(bool force_key_load) {
base::Closure()));
operation->set_force_key_load(force_key_load);
operation->set_username(username_);
- operation->set_delegate(delegate_);
+ operation->set_owner_settings_service(owner_settings_service_);
Enqueue(operation);
}
void DeviceSettingsService::EnsureReload(bool force_key_load) {
if (!pending_operations_.empty()) {
pending_operations_.front()->set_username(username_);
- pending_operations_.front()->set_delegate(delegate_);
+ pending_operations_.front()->set_owner_settings_service(
+ owner_settings_service_);
pending_operations_.front()->RestartLoad(force_key_load);
} else {
EnqueueLoad(force_key_load);
« no previous file with comments | « chrome/browser/chromeos/settings/device_settings_service.h ('k') | chrome/browser/chromeos/settings/device_settings_service_unittest.cc » ('j') | no next file with comments »

Powered by Google App Engine
This is Rietveld 408576698