chromeos/network/policy_util.cc - Issue 647783005: Set Service property ManagedCredentials for managed networks.

Side by Side Diff: chromeos/network/policy_util.cc

Issue 647783005: Set Service property ManagedCredentials for managed networks. (Closed) Base URL: https://chromium.googlesource.com/chromium/src.git@master

Patch Set: Created 6 years, 1 month ago

Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.

Jump to:

View unified diff | Download patch

« no previous file with comments | « chromeos/network/managed_network_configuration_handler_unittest.cc ('k') | chromeos/test/data/network/policy/policy_vpn_autoconnect.onc » ('j') | no next file with comments »
Toggle Intra-line Diffs ('i') | Expand Comments ('e') | Collapse Comments ('c') | Hide Comments ('s')

OLD	NEW
1 // Copyright 2013 The Chromium Authors. All rights reserved.	1 // Copyright 2013 The Chromium Authors. All rights reserved.

2 // Use of this source code is governed by a BSD-style license that can be	2 // Use of this source code is governed by a BSD-style license that can be

3 // found in the LICENSE file.	3 // found in the LICENSE file.

4	4

5 #include "chromeos/network/policy_util.h"	5 #include "chromeos/network/policy_util.h"

6	6

7 #include "base/logging.h"	7 #include "base/logging.h"

8 #include "base/values.h"	8 #include "base/values.h"

9 #include "chromeos/network/network_profile.h"	9 #include "chromeos/network/network_profile.h"

10 #include "chromeos/network/network_ui_data.h"	10 #include "chromeos/network/network_ui_data.h"

(...skipping 107 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
118 policy_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID,	118 policy_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID,

119 &policy_ssid);	119 &policy_ssid);

120 std::string actual_ssid;	120 std::string actual_ssid;

121 actual_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID,	121 actual_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID,

122 &actual_ssid);	122 &actual_ssid);

123 return (policy_ssid == actual_ssid);	123 return (policy_ssid == actual_ssid);

124 }	124 }

125 return false;	125 return false;

126 }	126 }

127	127

	128 // Returns true if AutoConnect is enabled by \|policy\| (as mandatory or

	129 // recommended setting). Otherwise and on error returns false.

	130 bool IsAutoConnectEnabledInPolicy(const base::DictionaryValue& policy) {

	131 std::string type;

	132 policy.GetStringWithoutPathExpansion(::onc::network_config::kType, &type);

	133

	134 std::string autoconnect_key;

	135 std::string network_dict_key;

	136 if (type == ::onc::network_type::kWiFi) {

	137 network_dict_key = ::onc::network_config::kWiFi;

	138 autoconnect_key = ::onc::wifi::kAutoConnect;

	139 } else if (type == ::onc::network_type::kVPN) {

	140 network_dict_key = ::onc::network_config::kVPN;

	141 autoconnect_key = ::onc::vpn::kAutoConnect;

	142 } else {

	143 VLOG(2) << "Network type without autoconnect property.";

	144 return false;

	145 }

	146

	147 const base::DictionaryValue* network_dict = NULL;

	148 policy.GetDictionaryWithoutPathExpansion(network_dict_key, &network_dict);

	149 if (!network_dict) {

	150 LOG(ERROR) << "ONC doesn't contain a " << network_dict_key

	151 << " dictionary.";

	152 return false;

	153 }

	154

	155 bool autoconnect = false;

	156 network_dict->GetBooleanWithoutPathExpansion(autoconnect_key, &autoconnect);

	157 return autoconnect;

	158 }

	159

128 base::DictionaryValue* GetOrCreateDictionary(const std::string& key,	160 base::DictionaryValue* GetOrCreateDictionary(const std::string& key,

129 base::DictionaryValue* dict) {	161 base::DictionaryValue* dict) {

130 base::DictionaryValue* inner_dict = NULL;	162 base::DictionaryValue* inner_dict = NULL;

131 if (!dict->GetDictionaryWithoutPathExpansion(key, &inner_dict)) {	163 if (!dict->GetDictionaryWithoutPathExpansion(key, &inner_dict)) {

132 inner_dict = new base::DictionaryValue;	164 inner_dict = new base::DictionaryValue;

133 dict->SetWithoutPathExpansion(key, inner_dict);	165 dict->SetWithoutPathExpansion(key, inner_dict);

134 }	166 }

135 return inner_dict;	167 return inner_dict;

136 }	168 }

137	169

(...skipping 179 matching lines...) Expand 10 before \| Expand all \| Expand 10 after Loading...
317 effective = normalizer.NormalizeObject(&onc::kNetworkConfigurationSignature,	349 effective = normalizer.NormalizeObject(&onc::kNetworkConfigurationSignature,

318 *effective);	350 *effective);

319	351

320 scoped_ptr<base::DictionaryValue> shill_dictionary(	352 scoped_ptr<base::DictionaryValue> shill_dictionary(

321 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature,	353 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature,

322 *effective));	354 *effective));

323	355

324 shill_dictionary->SetStringWithoutPathExpansion(shill::kProfileProperty,	356 shill_dictionary->SetStringWithoutPathExpansion(shill::kProfileProperty,

325 profile.path);	357 profile.path);

326	358

	359 // If AutoConnect is enabled by policy, set the ManagedCredentials property to

	360 // indicate to Shill that this network can be used for autoconnect even

	361 // without a manual and successful connection attempt.

	362 if (network_policy && IsAutoConnectEnabledInPolicy(*network_policy)) {

	363 VLOG(1) << "Enable ManagedCredentials for managed network with GUID "

	364 << guid;

	365 shill_dictionary->SetBooleanWithoutPathExpansion(

	366 shill::kManagedCredentialsProperty, true);
	Paul Stewart 2014/10/30 15:32:42 It's okay to do this even if auto-connect is unset It's okay to do this even if auto-connect is unset / set false. The two are orthogonal. pneubeck (no reviews) 2014/10/30 15:46:40 The question is however, what behavior we want to Show quoted text On 2014/10/30 15:32:42, Paul Stewart wrote: > It's okay to do this even if auto-connect is unset / set false. The two are > orthogonal. The question is however, what behavior we want to trigger if policy didn't set autoconnect and the user is setting autoconnect=true. The current implementation should be the conservative choice in this case.
	367 }

	368

327 if (!network_policy && global_policy) {	369 if (!network_policy && global_policy) {

328 // The network isn't managed. Global network policies have to be applied.	370 // The network isn't managed. Global network policies have to be applied.

329 SetShillPropertiesForGlobalPolicy(	371 SetShillPropertiesForGlobalPolicy(

330 shill_dictionary, global_policy, shill_dictionary.get());	372 shill_dictionary, global_policy, shill_dictionary.get());

331 }	373 }

332	374

333 scoped_ptr<NetworkUIData> ui_data(NetworkUIData::CreateFromONC(onc_source));	375 scoped_ptr<NetworkUIData> ui_data(NetworkUIData::CreateFromONC(onc_source));

334	376

335 if (user_settings) {	377 if (user_settings) {

336 // Shill doesn't know that sensitive data is contained in the UIData	378 // Shill doesn't know that sensitive data is contained in the UIData

(...skipping 24 matching lines...) Expand all Loading...
361 it != policies.end(); ++it) {	403 it != policies.end(); ++it) {

362 if (IsPolicyMatching(*it->second, actual_network))	404 if (IsPolicyMatching(*it->second, actual_network))

363 return it->second;	405 return it->second;

364 }	406 }

365 return NULL;	407 return NULL;

366 }	408 }

367	409

368 } // namespace policy_util	410 } // namespace policy_util

369	411

370 } // namespace chromeos	412 } // namespace chromeos

OLD	NEW