| OLD | NEW |
|---|
| 1 // Copyright 2013 The Chromium Authors. All rights reserved. | 1 // Copyright 2013 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chromeos/network/policy_util.h" | 5 #include "chromeos/network/policy_util.h" |
| 6 | 6 |
| 7 #include "base/logging.h" | 7 #include "base/logging.h" |
| 8 #include "base/values.h" | 8 #include "base/values.h" |
| 9 #include "chromeos/network/network_profile.h" | 9 #include "chromeos/network/network_profile.h" |
| 10 #include "chromeos/network/network_ui_data.h" | 10 #include "chromeos/network/network_ui_data.h" |
| (...skipping 107 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 118 policy_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID, | 118 policy_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID, |
| 119 &policy_ssid); | 119 &policy_ssid); |
| 120 std::string actual_ssid; | 120 std::string actual_ssid; |
| 121 actual_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID, | 121 actual_wifi->GetStringWithoutPathExpansion(::onc::wifi::kSSID, |
| 122 &actual_ssid); | 122 &actual_ssid); |
| 123 return (policy_ssid == actual_ssid); | 123 return (policy_ssid == actual_ssid); |
| 124 } | 124 } |
| 125 return false; | 125 return false; |
| 126 } | 126 } |
| 127 | 127 |
| 128 // Returns true if AutoConnect is enabled by |policy| (as mandatory or |
| 129 // recommended setting). Otherwise and on error returns false. |
| 130 bool IsAutoConnectEnabledInPolicy(const base::DictionaryValue& policy) { |
| 131 std::string type; |
| 132 policy.GetStringWithoutPathExpansion(::onc::network_config::kType, &type); |
| 133 |
| 134 std::string autoconnect_key; |
| 135 std::string network_dict_key; |
| 136 if (type == ::onc::network_type::kWiFi) { |
| 137 network_dict_key = ::onc::network_config::kWiFi; |
| 138 autoconnect_key = ::onc::wifi::kAutoConnect; |
| 139 } else if (type == ::onc::network_type::kVPN) { |
| 140 network_dict_key = ::onc::network_config::kVPN; |
| 141 autoconnect_key = ::onc::vpn::kAutoConnect; |
| 142 } else { |
| 143 VLOG(2) << "Network type without autoconnect property."; |
| 144 return false; |
| 145 } |
| 146 |
| 147 const base::DictionaryValue* network_dict = NULL; |
| 148 policy.GetDictionaryWithoutPathExpansion(network_dict_key, &network_dict); |
| 149 if (!network_dict) { |
| 150 LOG(ERROR) << "ONC doesn't contain a " << network_dict_key |
| 151 << " dictionary."; |
| 152 return false; |
| 153 } |
| 154 |
| 155 bool autoconnect = false; |
| 156 network_dict->GetBooleanWithoutPathExpansion(autoconnect_key, &autoconnect); |
| 157 return autoconnect; |
| 158 } |
| 159 |
| 128 base::DictionaryValue* GetOrCreateDictionary(const std::string& key, | 160 base::DictionaryValue* GetOrCreateDictionary(const std::string& key, |
| 129 base::DictionaryValue* dict) { | 161 base::DictionaryValue* dict) { |
| 130 base::DictionaryValue* inner_dict = NULL; | 162 base::DictionaryValue* inner_dict = NULL; |
| 131 if (!dict->GetDictionaryWithoutPathExpansion(key, &inner_dict)) { | 163 if (!dict->GetDictionaryWithoutPathExpansion(key, &inner_dict)) { |
| 132 inner_dict = new base::DictionaryValue; | 164 inner_dict = new base::DictionaryValue; |
| 133 dict->SetWithoutPathExpansion(key, inner_dict); | 165 dict->SetWithoutPathExpansion(key, inner_dict); |
| 134 } | 166 } |
| 135 return inner_dict; | 167 return inner_dict; |
| 136 } | 168 } |
| 137 | 169 |
| (...skipping 179 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 317 effective = normalizer.NormalizeObject(&onc::kNetworkConfigurationSignature, | 349 effective = normalizer.NormalizeObject(&onc::kNetworkConfigurationSignature, |
| 318 *effective); | 350 *effective); |
| 319 | 351 |
| 320 scoped_ptr<base::DictionaryValue> shill_dictionary( | 352 scoped_ptr<base::DictionaryValue> shill_dictionary( |
| 321 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature, | 353 onc::TranslateONCObjectToShill(&onc::kNetworkConfigurationSignature, |
| 322 *effective)); | 354 *effective)); |
| 323 | 355 |
| 324 shill_dictionary->SetStringWithoutPathExpansion(shill::kProfileProperty, | 356 shill_dictionary->SetStringWithoutPathExpansion(shill::kProfileProperty, |
| 325 profile.path); | 357 profile.path); |
| 326 | 358 |
| 359 // If AutoConnect is enabled by policy, set the ManagedCredentials property to |
| 360 // indicate to Shill that this network can be used for autoconnect even |
| 361 // without a manual and successful connection attempt. |
| 362 // Note that this is only an indicator for the administrator's true intention, |
| 363 // i.e. when the administrator enables AutoConnect, we assume that the network |
| 364 // is indeed connectable. |
| 365 // Ideally, we would know whether the (policy) provided credentials are |
| 366 // complete and only set ManagedCredentials in that case. |
| 367 if (network_policy && IsAutoConnectEnabledInPolicy(*network_policy)) { |
| 368 VLOG(1) << "Enable ManagedCredentials for managed network with GUID " |
| 369 << guid; |
| 370 shill_dictionary->SetBooleanWithoutPathExpansion( |
| 371 shill::kManagedCredentialsProperty, true); |
| 372 } |
| 373 |
| 327 if (!network_policy && global_policy) { | 374 if (!network_policy && global_policy) { |
| 328 // The network isn't managed. Global network policies have to be applied. | 375 // The network isn't managed. Global network policies have to be applied. |
| 329 SetShillPropertiesForGlobalPolicy( | 376 SetShillPropertiesForGlobalPolicy( |
| 330 *shill_dictionary, *global_policy, shill_dictionary.get()); | 377 *shill_dictionary, *global_policy, shill_dictionary.get()); |
| 331 } | 378 } |
| 332 | 379 |
| 333 scoped_ptr<NetworkUIData> ui_data(NetworkUIData::CreateFromONC(onc_source)); | 380 scoped_ptr<NetworkUIData> ui_data(NetworkUIData::CreateFromONC(onc_source)); |
| 334 | 381 |
| 335 if (user_settings) { | 382 if (user_settings) { |
| 336 // Shill doesn't know that sensitive data is contained in the UIData | 383 // Shill doesn't know that sensitive data is contained in the UIData |
| (...skipping 24 matching lines...) Expand all Loading... |
| 361 it != policies.end(); ++it) { | 408 it != policies.end(); ++it) { |
| 362 if (IsPolicyMatching(*it->second, actual_network)) | 409 if (IsPolicyMatching(*it->second, actual_network)) |
| 363 return it->second; | 410 return it->second; |
| 364 } | 411 } |
| 365 return NULL; | 412 return NULL; |
| 366 } | 413 } |
| 367 | 414 |
| 368 } // namespace policy_util | 415 } // namespace policy_util |
| 369 | 416 |
| 370 } // namespace chromeos | 417 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 647783005:
Set Service property ManagedCredentials for managed networks. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master