| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/onc/onc_merger.h" | 5 #include "chromeos/network/onc/onc_merger.h" |
| 6 | 6 |
| 7 #include <set> | 7 #include <set> |
| 8 #include <string> | 8 #include <string> |
| 9 #include <vector> | 9 #include <vector> |
| 10 | 10 |
| (...skipping 343 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 354 user_settings, | 354 user_settings, |
| 355 shared_settings, | 355 shared_settings, |
| 356 active_settings); | 356 active_settings); |
| 357 } | 357 } |
| 358 | 358 |
| 359 protected: | 359 protected: |
| 360 // MergeSettingsAndPolicies override. | 360 // MergeSettingsAndPolicies override. |
| 361 virtual scoped_ptr<base::Value> MergeValues( | 361 virtual scoped_ptr<base::Value> MergeValues( |
| 362 const std::string& key, | 362 const std::string& key, |
| 363 const ValueParams& values) OVERRIDE { | 363 const ValueParams& values) OVERRIDE { |
| 364 const OncFieldSignature* field = NULL; |
| 365 if (signature_) |
| 366 field = GetFieldSignature(*signature_, key); |
| 367 |
| 368 if (!field) { |
| 369 // This field is not part of the provided ONCSignature, thus it cannot be |
| 370 // controlled by policy. Return the plain active value instead of an |
| 371 // augmented dictionary. |
| 372 return make_scoped_ptr(values.active_setting->DeepCopy()); |
| 373 } |
| 374 |
| 375 // This field is part of the provided ONCSignature, thus it can be |
| 376 // controlled by policy. |
| 377 std::string which_effective; |
| 378 scoped_ptr<base::Value> effective_value = |
| 379 MergeToEffective::MergeValues(key, values, &which_effective); |
| 380 |
| 381 if (IsIdentifierField(*signature_, key)) { |
| 382 // Don't augment the GUID but write the plain value. |
| 383 if (!effective_value) { |
| 384 LOG(ERROR) << "GUID field has no effective value"; |
| 385 return make_scoped_ptr<base::Value>(NULL); |
| 386 } |
| 387 |
| 388 // DCHECK that all provided GUIDs are identical. |
| 389 DCHECK(AllPresentValuesEqual(values, *effective_value)); |
| 390 |
| 391 // Return the un-augmented GUID. |
| 392 return effective_value.Pass(); |
| 393 } |
| 394 |
| 364 scoped_ptr<base::DictionaryValue> augmented_value( | 395 scoped_ptr<base::DictionaryValue> augmented_value( |
| 365 new base::DictionaryValue); | 396 new base::DictionaryValue); |
| 397 |
| 366 if (values.active_setting) { | 398 if (values.active_setting) { |
| 367 augmented_value->SetWithoutPathExpansion( | 399 augmented_value->SetWithoutPathExpansion( |
| 368 ::onc::kAugmentationActiveSetting, values.active_setting->DeepCopy()); | 400 ::onc::kAugmentationActiveSetting, values.active_setting->DeepCopy()); |
| 369 } | 401 } |
| 370 | 402 |
| 371 const OncFieldSignature* field = NULL; | 403 if (!which_effective.empty()) { |
| 372 if (signature_) | 404 augmented_value->SetStringWithoutPathExpansion( |
| 373 field = GetFieldSignature(*signature_, key); | 405 ::onc::kAugmentationEffectiveSetting, which_effective); |
| 406 } |
| 374 | 407 |
| 375 if (field) { | 408 // Prevent credentials from being forwarded in cleartext to |
| 376 // This field is part of the provided ONCSignature, thus it can be | 409 // UI. User/shared credentials are not stored separately, so they cannot |
| 377 // controlled by policy. | 410 // leak here. |
| 378 std::string which_effective; | 411 bool is_credential = onc::FieldIsCredential(*signature_, key); |
| 379 scoped_ptr<base::Value> effective_value = | 412 if (!is_credential) { |
| 380 MergeToEffective::MergeValues(key, values, &which_effective); | 413 if (values.user_policy) { |
| 381 | 414 augmented_value->SetWithoutPathExpansion( |
| 382 if (IsIdentifierField(*signature_, key)) { | 415 ::onc::kAugmentationUserPolicy, values.user_policy->DeepCopy()); |
| 383 // Don't augment the GUID but write the plain value. | |
| 384 if (!effective_value) { | |
| 385 LOG(ERROR) << "GUID field has no effective value"; | |
| 386 return make_scoped_ptr<base::Value>(NULL); | |
| 387 } | |
| 388 | |
| 389 // DCHECK that all provided GUIDs are identical. | |
| 390 DCHECK(AllPresentValuesEqual(values, *effective_value)); | |
| 391 | |
| 392 // Return the un-augmented GUID. | |
| 393 return effective_value.Pass(); | |
| 394 } | 416 } |
| 395 | 417 if (values.device_policy) { |
| 396 if (!which_effective.empty()) { | 418 augmented_value->SetWithoutPathExpansion( |
| 397 augmented_value->SetStringWithoutPathExpansion( | 419 ::onc::kAugmentationDevicePolicy, |
| 398 ::onc::kAugmentationEffectiveSetting, which_effective); | 420 values.device_policy->DeepCopy()); |
| 399 } | 421 } |
| 400 bool is_credential = onc::FieldIsCredential(*signature_, key); | 422 } |
| 401 | 423 if (values.user_setting) { |
| 402 // Prevent credentials from being forwarded in cleartext to | 424 augmented_value->SetWithoutPathExpansion( |
| 403 // UI. User/shared credentials are not stored separately, so they cannot | 425 ::onc::kAugmentationUserSetting, values.user_setting->DeepCopy()); |
| 404 // leak here. | 426 } |
| 405 if (!is_credential) { | 427 if (values.shared_setting) { |
| 406 if (values.user_policy) { | 428 augmented_value->SetWithoutPathExpansion( |
| 407 augmented_value->SetWithoutPathExpansion( | 429 ::onc::kAugmentationSharedSetting, |
| 408 ::onc::kAugmentationUserPolicy, values.user_policy->DeepCopy()); | 430 values.shared_setting->DeepCopy()); |
| 409 } | 431 } |
| 410 if (values.device_policy) { | 432 if (HasUserPolicy() && values.user_editable) { |
| 411 augmented_value->SetWithoutPathExpansion( | 433 augmented_value->SetBooleanWithoutPathExpansion( |
| 412 ::onc::kAugmentationDevicePolicy, | 434 ::onc::kAugmentationUserEditable, true); |
| 413 values.device_policy->DeepCopy()); | 435 } |
| 414 } | 436 if (HasDevicePolicy() && values.device_editable) { |
| 415 } | 437 augmented_value->SetBooleanWithoutPathExpansion( |
| 416 if (values.user_setting) { | 438 ::onc::kAugmentationDeviceEditable, true); |
| 417 augmented_value->SetWithoutPathExpansion( | |
| 418 ::onc::kAugmentationUserSetting, values.user_setting->DeepCopy()); | |
| 419 } | |
| 420 if (values.shared_setting) { | |
| 421 augmented_value->SetWithoutPathExpansion( | |
| 422 ::onc::kAugmentationSharedSetting, | |
| 423 values.shared_setting->DeepCopy()); | |
| 424 } | |
| 425 if (HasUserPolicy() && values.user_editable) { | |
| 426 augmented_value->SetBooleanWithoutPathExpansion( | |
| 427 ::onc::kAugmentationUserEditable, true); | |
| 428 } | |
| 429 if (HasDevicePolicy() && values.device_editable) { | |
| 430 augmented_value->SetBooleanWithoutPathExpansion( | |
| 431 ::onc::kAugmentationDeviceEditable, true); | |
| 432 } | |
| 433 } else { | |
| 434 // This field is not part of the provided ONCSignature, thus it cannot be | |
| 435 // controlled by policy. | |
| 436 augmented_value->SetStringWithoutPathExpansion( | |
| 437 ::onc::kAugmentationEffectiveSetting, ::onc::kAugmentationUnmanaged); | |
| 438 } | 439 } |
| 439 if (augmented_value->empty()) | 440 if (augmented_value->empty()) |
| 440 augmented_value.reset(); | 441 augmented_value.reset(); |
| 441 return augmented_value.PassAs<base::Value>(); | 442 return augmented_value.PassAs<base::Value>(); |
| 442 } | 443 } |
| 443 | 444 |
| 444 // MergeListOfDictionaries override. | 445 // MergeListOfDictionaries override. |
| 445 virtual DictionaryPtr MergeNestedDictionaries( | 446 virtual DictionaryPtr MergeNestedDictionaries( |
| 446 const std::string& key, | 447 const std::string& key, |
| 447 const DictPtrs &dicts) OVERRIDE { | 448 const DictPtrs &dicts) OVERRIDE { |
| (...skipping 40 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 488 const base::DictionaryValue* shared_settings, | 489 const base::DictionaryValue* shared_settings, |
| 489 const base::DictionaryValue* active_settings) { | 490 const base::DictionaryValue* active_settings) { |
| 490 MergeToAugmented merger; | 491 MergeToAugmented merger; |
| 491 return merger.MergeDictionaries( | 492 return merger.MergeDictionaries( |
| 492 signature, user_policy, device_policy, user_settings, shared_settings, | 493 signature, user_policy, device_policy, user_settings, shared_settings, |
| 493 active_settings); | 494 active_settings); |
| 494 } | 495 } |
| 495 | 496 |
| 496 } // namespace onc | 497 } // namespace onc |
| 497 } // namespace chromeos | 498 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 551753002:
ONC: Remove augmentation of unmanaged network properties. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@ipconfig