| Index: chrome/browser/chromeos/settings/device_settings_service.cc
|
| diff --git a/chrome/browser/chromeos/settings/device_settings_service.cc b/chrome/browser/chromeos/settings/device_settings_service.cc
|
| index 53b2a561ef37ed801968059f856c29a60fa6d1cf..cc441605ac23b0d65da05f8621355f482f80c2dc 100644
|
| --- a/chrome/browser/chromeos/settings/device_settings_service.cc
|
| +++ b/chrome/browser/chromeos/settings/device_settings_service.cc
|
| @@ -9,9 +9,11 @@
|
| #include "base/message_loop/message_loop.h"
|
| #include "base/stl_util.h"
|
| #include "base/time/time.h"
|
| +#include "base/values.h"
|
| #include "chrome/browser/chrome_notification_types.h"
|
| #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h"
|
| #include "chrome/browser/chromeos/settings/session_manager_operation.h"
|
| +#include "chromeos/settings/cros_settings_names.h"
|
| #include "components/ownership/owner_key_util.h"
|
| #include "components/policy/core/common/cloud/cloud_policy_constants.h"
|
| #include "content/public/browser/browser_thread.h"
|
| @@ -35,36 +37,6 @@ int kLoadRetryDelayMs = 1000 * 5;
|
| // of retry time.
|
| int kMaxLoadRetries = (1000 * 60 * 10) / kLoadRetryDelayMs;
|
|
|
| -// Assembles PolicyData based on |settings|, |policy_data| and
|
| -// |user_id|.
|
| -scoped_ptr<em::PolicyData> AssemblePolicy(
|
| - const std::string& user_id,
|
| - const em::PolicyData* policy_data,
|
| - const em::ChromeDeviceSettingsProto* settings) {
|
| - scoped_ptr<em::PolicyData> policy(new em::PolicyData());
|
| - if (policy_data) {
|
| - // Preserve management settings.
|
| - if (policy_data->has_management_mode())
|
| - policy->set_management_mode(policy_data->management_mode());
|
| - if (policy_data->has_request_token())
|
| - policy->set_request_token(policy_data->request_token());
|
| - if (policy_data->has_device_id())
|
| - policy->set_device_id(policy_data->device_id());
|
| - } else {
|
| - // If there's no previous policy data, this is the first time the device
|
| - // setting is set. We set the management mode to NOT_MANAGED initially.
|
| - policy->set_management_mode(em::PolicyData::NOT_MANAGED);
|
| - }
|
| - policy->set_policy_type(policy::dm_protocol::kChromeDevicePolicyType);
|
| - policy->set_timestamp(
|
| - (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds());
|
| - policy->set_username(user_id);
|
| - if (!settings->SerializeToString(policy->mutable_policy_value()))
|
| - return scoped_ptr<em::PolicyData>();
|
| -
|
| - return policy.Pass();
|
| -}
|
| -
|
| // Returns true if it is okay to transfer from the current mode to the new
|
| // mode. This function should be called in SetManagementMode().
|
| bool CheckManagementModeTransition(em::PolicyData::ManagementMode current_mode,
|
| @@ -123,9 +95,258 @@ DeviceSettingsService* DeviceSettingsService::Get() {
|
| return g_device_settings_service;
|
| }
|
|
|
| +// static
|
| +void DeviceSettingsService::UpdateDeviceSettings(
|
| + const std::string& path,
|
| + const base::Value& value,
|
| + enterprise_management::ChromeDeviceSettingsProto& settings) {
|
| + if (path == kAccountsPrefAllowNewUser) {
|
| + em::AllowNewUsersProto* allow = settings.mutable_allow_new_users();
|
| + bool allow_value;
|
| + if (value.GetAsBoolean(&allow_value)) {
|
| + allow->set_allow_new_users(allow_value);
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else if (path == kAccountsPrefAllowGuest) {
|
| + em::GuestModeEnabledProto* guest = settings.mutable_guest_mode_enabled();
|
| + bool guest_value;
|
| + if (value.GetAsBoolean(&guest_value))
|
| + guest->set_guest_mode_enabled(guest_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefSupervisedUsersEnabled) {
|
| + em::SupervisedUsersSettingsProto* supervised =
|
| + settings.mutable_supervised_users_settings();
|
| + bool supervised_value;
|
| + if (value.GetAsBoolean(&supervised_value))
|
| + supervised->set_supervised_users_enabled(supervised_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefShowUserNamesOnSignIn) {
|
| + em::ShowUserNamesOnSigninProto* show = settings.mutable_show_user_names();
|
| + bool show_value;
|
| + if (value.GetAsBoolean(&show_value))
|
| + show->set_show_user_names(show_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefDeviceLocalAccounts) {
|
| + em::DeviceLocalAccountsProto* device_local_accounts =
|
| + settings.mutable_device_local_accounts();
|
| + device_local_accounts->clear_account();
|
| + const base::ListValue* accounts_list = NULL;
|
| + if (value.GetAsList(&accounts_list)) {
|
| + for (base::ListValue::const_iterator entry(accounts_list->begin());
|
| + entry != accounts_list->end();
|
| + ++entry) {
|
| + const base::DictionaryValue* entry_dict = NULL;
|
| + if ((*entry)->GetAsDictionary(&entry_dict)) {
|
| + em::DeviceLocalAccountInfoProto* account =
|
| + device_local_accounts->add_account();
|
| + std::string account_id;
|
| + if (entry_dict->GetStringWithoutPathExpansion(
|
| + kAccountsPrefDeviceLocalAccountsKeyId, &account_id)) {
|
| + account->set_account_id(account_id);
|
| + }
|
| + int type;
|
| + if (entry_dict->GetIntegerWithoutPathExpansion(
|
| + kAccountsPrefDeviceLocalAccountsKeyType, &type)) {
|
| + account->set_type(
|
| + static_cast<em::DeviceLocalAccountInfoProto::AccountType>(
|
| + type));
|
| + }
|
| + std::string kiosk_app_id;
|
| + if (entry_dict->GetStringWithoutPathExpansion(
|
| + kAccountsPrefDeviceLocalAccountsKeyKioskAppId,
|
| + &kiosk_app_id)) {
|
| + account->mutable_kiosk_app()->set_app_id(kiosk_app_id);
|
| + }
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + }
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else if (path == kAccountsPrefDeviceLocalAccountAutoLoginId) {
|
| + em::DeviceLocalAccountsProto* device_local_accounts =
|
| + settings.mutable_device_local_accounts();
|
| + std::string id;
|
| + if (value.GetAsString(&id))
|
| + device_local_accounts->set_auto_login_id(id);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefDeviceLocalAccountAutoLoginDelay) {
|
| + em::DeviceLocalAccountsProto* device_local_accounts =
|
| + settings.mutable_device_local_accounts();
|
| + int delay;
|
| + if (value.GetAsInteger(&delay))
|
| + device_local_accounts->set_auto_login_delay(delay);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefDeviceLocalAccountAutoLoginBailoutEnabled) {
|
| + em::DeviceLocalAccountsProto* device_local_accounts =
|
| + settings.mutable_device_local_accounts();
|
| + bool enabled;
|
| + if (value.GetAsBoolean(&enabled))
|
| + device_local_accounts->set_enable_auto_login_bailout(enabled);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path ==
|
| + kAccountsPrefDeviceLocalAccountPromptForNetworkWhenOffline) {
|
| + em::DeviceLocalAccountsProto* device_local_accounts =
|
| + settings.mutable_device_local_accounts();
|
| + bool should_prompt;
|
| + if (value.GetAsBoolean(&should_prompt))
|
| + device_local_accounts->set_prompt_for_network_when_offline(should_prompt);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kSignedDataRoamingEnabled) {
|
| + em::DataRoamingEnabledProto* roam = settings.mutable_data_roaming_enabled();
|
| + bool roaming_value = false;
|
| + if (value.GetAsBoolean(&roaming_value))
|
| + roam->set_data_roaming_enabled(roaming_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kReleaseChannel) {
|
| + em::ReleaseChannelProto* release_channel =
|
| + settings.mutable_release_channel();
|
| + std::string channel_value;
|
| + if (value.GetAsString(&channel_value))
|
| + release_channel->set_release_channel(channel_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kStatsReportingPref) {
|
| + em::MetricsEnabledProto* metrics = settings.mutable_metrics_enabled();
|
| + bool metrics_value = false;
|
| + if (value.GetAsBoolean(&metrics_value))
|
| + metrics->set_metrics_enabled(metrics_value);
|
| + else
|
| + NOTREACHED();
|
| + } else if (path == kAccountsPrefUsers) {
|
| + em::UserWhitelistProto* whitelist_proto = settings.mutable_user_whitelist();
|
| + whitelist_proto->clear_user_whitelist();
|
| + const base::ListValue* users;
|
| + if (value.GetAsList(&users)) {
|
| + for (base::ListValue::const_iterator i = users->begin();
|
| + i != users->end();
|
| + ++i) {
|
| + std::string email;
|
| + if ((*i)->GetAsString(&email))
|
| + whitelist_proto->add_user_whitelist(email);
|
| + }
|
| + }
|
| + } else if (path == kAccountsPrefEphemeralUsersEnabled) {
|
| + em::EphemeralUsersEnabledProto* ephemeral_users_enabled =
|
| + settings.mutable_ephemeral_users_enabled();
|
| + bool ephemeral_users_enabled_value = false;
|
| + if (value.GetAsBoolean(&ephemeral_users_enabled_value)) {
|
| + ephemeral_users_enabled->set_ephemeral_users_enabled(
|
| + ephemeral_users_enabled_value);
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else if (path == kAllowRedeemChromeOsRegistrationOffers) {
|
| + em::AllowRedeemChromeOsRegistrationOffersProto* allow_redeem_offers =
|
| + settings.mutable_allow_redeem_offers();
|
| + bool allow_redeem_offers_value;
|
| + if (value.GetAsBoolean(&allow_redeem_offers_value)) {
|
| + allow_redeem_offers->set_allow_redeem_offers(allow_redeem_offers_value);
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else if (path == kStartUpFlags) {
|
| + em::StartUpFlagsProto* flags_proto = settings.mutable_start_up_flags();
|
| + flags_proto->Clear();
|
| + const base::ListValue* flags;
|
| + if (value.GetAsList(&flags)) {
|
| + for (base::ListValue::const_iterator i = flags->begin();
|
| + i != flags->end();
|
| + ++i) {
|
| + std::string flag;
|
| + if ((*i)->GetAsString(&flag))
|
| + flags_proto->add_flags(flag);
|
| + }
|
| + }
|
| + } else if (path == kSystemUse24HourClock) {
|
| + em::SystemUse24HourClockProto* use_24hour_clock_proto =
|
| + settings.mutable_use_24hour_clock();
|
| + use_24hour_clock_proto->Clear();
|
| + bool use_24hour_clock_value;
|
| + if (value.GetAsBoolean(&use_24hour_clock_value)) {
|
| + use_24hour_clock_proto->set_use_24hour_clock(use_24hour_clock_value);
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else if (path == kAttestationForContentProtectionEnabled) {
|
| + em::AttestationSettingsProto* attestation_settings =
|
| + settings.mutable_attestation_settings();
|
| + bool setting_enabled;
|
| + if (value.GetAsBoolean(&setting_enabled)) {
|
| + attestation_settings->set_content_protection_enabled(setting_enabled);
|
| + } else {
|
| + NOTREACHED();
|
| + }
|
| + } else {
|
| + // The remaining settings don't support Set(), since they are not
|
| + // intended to be customizable by the user:
|
| + // kAccountsPrefTransferSAMLCookies
|
| + // kAppPack
|
| + // kDeviceAttestationEnabled
|
| + // kDeviceOwner
|
| + // kIdleLogoutTimeout
|
| + // kIdleLogoutWarningDuration
|
| + // kReleaseChannelDelegated
|
| + // kReportDeviceActivityTimes
|
| + // kReportDeviceBootMode
|
| + // kReportDeviceLocation
|
| + // kReportDeviceVersionInfo
|
| + // kReportDeviceNetworkInterfaces
|
| + // kReportDeviceUsers
|
| + // kScreenSaverExtensionId
|
| + // kScreenSaverTimeout
|
| + // kServiceAccountIdentity
|
| + // kStartUpUrls
|
| + // kSystemTimezonePolicy
|
| + // kVariationsRestrictParameter
|
| +
|
| + LOG(FATAL) << "Device setting " << path << " is read-only.";
|
| + }
|
| +}
|
| +
|
| +// static
|
| +scoped_ptr<em::PolicyData> DeviceSettingsService::AssemblePolicy(
|
| + const std::string& user_id,
|
| + const em::PolicyData* policy_data,
|
| + const em::ChromeDeviceSettingsProto* settings) {
|
| + scoped_ptr<em::PolicyData> policy(new em::PolicyData());
|
| + if (policy_data) {
|
| + // Preserve management settings.
|
| + if (policy_data->has_management_mode())
|
| + policy->set_management_mode(policy_data->management_mode());
|
| + if (policy_data->has_request_token())
|
| + policy->set_request_token(policy_data->request_token());
|
| + if (policy_data->has_device_id())
|
| + policy->set_device_id(policy_data->device_id());
|
| + } else {
|
| + // If there's no previous policy data, this is the first time the device
|
| + // setting is set. We set the management mode to NOT_MANAGED initially.
|
| + policy->set_management_mode(em::PolicyData::NOT_MANAGED);
|
| + }
|
| + policy->set_policy_type(policy::dm_protocol::kChromeDevicePolicyType);
|
| + policy->set_timestamp(
|
| + (base::Time::Now() - base::Time::UnixEpoch()).InMilliseconds());
|
| + policy->set_username(user_id);
|
| + if (!settings->SerializeToString(policy->mutable_policy_value()))
|
| + return scoped_ptr<em::PolicyData>();
|
| +
|
| + return policy.Pass();
|
| +}
|
| +
|
| DeviceSettingsService::DeviceSettingsService()
|
| : session_manager_client_(NULL),
|
| store_status_(STORE_SUCCESS),
|
| + processing_loop_enabled_(true),
|
| load_retries_left_(kMaxLoadRetries),
|
| weak_factory_(this) {
|
| }
|
| @@ -151,8 +372,6 @@ void DeviceSettingsService::SetSessionManager(
|
| }
|
|
|
| void DeviceSettingsService::UnsetSessionManager() {
|
| - STLDeleteContainerPointers(pending_operations_.begin(),
|
| - pending_operations_.end());
|
| pending_operations_.clear();
|
|
|
| if (session_manager_client_)
|
| @@ -172,18 +391,9 @@ void DeviceSettingsService::Load() {
|
| void DeviceSettingsService::SignAndStore(
|
| scoped_ptr<em::ChromeDeviceSettingsProto> new_settings,
|
| const base::Closure& callback) {
|
| - if (!owner_settings_service_) {
|
| - HandleError(STORE_KEY_UNAVAILABLE, callback);
|
| - return;
|
| - }
|
| scoped_ptr<em::PolicyData> policy =
|
| AssemblePolicy(GetUsername(), policy_data(), new_settings.get());
|
| - if (!policy) {
|
| - HandleError(STORE_POLICY_ERROR, callback);
|
| - return;
|
| - }
|
| -
|
| - owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback);
|
| + EnqueueSignAndStore(policy.Pass(), callback);
|
| }
|
|
|
| void DeviceSettingsService::SetManagementSettings(
|
| @@ -218,17 +428,16 @@ void DeviceSettingsService::SetManagementSettings(
|
| policy->set_request_token(request_token);
|
| policy->set_device_id(device_id);
|
|
|
| - owner_settings_service_->SignAndStorePolicyAsync(policy.Pass(), callback);
|
| + EnqueueSignAndStore(policy.Pass(), callback);
|
| }
|
|
|
| void DeviceSettingsService::Store(scoped_ptr<em::PolicyFetchResponse> policy,
|
| const base::Closure& callback) {
|
| - Enqueue(
|
| - new StoreSettingsOperation(
|
| - base::Bind(&DeviceSettingsService::HandleCompletedOperation,
|
| - weak_factory_.GetWeakPtr(),
|
| - callback),
|
| - policy.Pass()));
|
| + Enqueue(linked_ptr<SessionManagerOperation>(new StoreSettingsOperation(
|
| + base::Bind(&DeviceSettingsService::HandleCompletedOperation,
|
| + weak_factory_.GetWeakPtr(),
|
| + callback),
|
| + policy.Pass())));
|
| }
|
|
|
| DeviceSettingsService::OwnershipStatus
|
| @@ -276,6 +485,11 @@ const std::string& DeviceSettingsService::GetUsername() const {
|
| return username_;
|
| }
|
|
|
| +ownership::OwnerSettingsService*
|
| +DeviceSettingsService::GetOwnerSettingsService() const {
|
| + return owner_settings_service_.get();
|
| +}
|
| +
|
| void DeviceSettingsService::AddObserver(Observer* observer) {
|
| observers_.AddObserver(observer);
|
| }
|
| @@ -284,6 +498,20 @@ void DeviceSettingsService::RemoveObserver(Observer* observer) {
|
| observers_.RemoveObserver(observer);
|
| }
|
|
|
| +bool DeviceSettingsService::HasPendingOperations() const {
|
| + return weak_factory_.HasWeakPtrs() || !pending_operations_.empty();
|
| +}
|
| +
|
| +bool DeviceSettingsService::EnableProcessingLoop(bool enabled) {
|
| + if (HasPendingOperations() && !enabled)
|
| + return false;
|
| + bool trigger_processing_loop = !processing_loop_enabled_ && enabled;
|
| + processing_loop_enabled_ = enabled;
|
| + if (trigger_processing_loop)
|
| + StartNextOperation();
|
| + return true;
|
| +}
|
| +
|
| void DeviceSettingsService::OwnerKeySet(bool success) {
|
| if (!success) {
|
| LOG(ERROR) << "Owner key change failed.";
|
| @@ -303,24 +531,37 @@ void DeviceSettingsService::PropertyChangeComplete(bool success) {
|
| EnsureReload(false);
|
| }
|
|
|
| -void DeviceSettingsService::Enqueue(SessionManagerOperation* operation) {
|
| +void DeviceSettingsService::Enqueue(
|
| + const linked_ptr<SessionManagerOperation>& operation) {
|
| pending_operations_.push_back(operation);
|
| - if (pending_operations_.front() == operation)
|
| + if (pending_operations_.front().get() == operation.get())
|
| StartNextOperation();
|
| }
|
|
|
| void DeviceSettingsService::EnqueueLoad(bool force_key_load) {
|
| - SessionManagerOperation* operation =
|
| - new LoadSettingsOperation(
|
| - base::Bind(&DeviceSettingsService::HandleCompletedOperation,
|
| - weak_factory_.GetWeakPtr(),
|
| - base::Closure()));
|
| + linked_ptr<SessionManagerOperation> operation(new LoadSettingsOperation(
|
| + base::Bind(&DeviceSettingsService::HandleCompletedOperation,
|
| + weak_factory_.GetWeakPtr(),
|
| + base::Closure())));
|
| operation->set_force_key_load(force_key_load);
|
| operation->set_username(username_);
|
| operation->set_owner_settings_service(owner_settings_service_);
|
| Enqueue(operation);
|
| }
|
|
|
| +void DeviceSettingsService::EnqueueSignAndStore(
|
| + scoped_ptr<enterprise_management::PolicyData> policy,
|
| + const base::Closure& callback) {
|
| + linked_ptr<SessionManagerOperation> operation(
|
| + new SignAndStoreSettingsOperation(
|
| + base::Bind(&DeviceSettingsService::HandleCompletedOperation,
|
| + weak_factory_.GetWeakPtr(),
|
| + callback),
|
| + policy.Pass()));
|
| + operation->set_owner_settings_service(owner_settings_service_);
|
| + Enqueue(operation);
|
| +}
|
| +
|
| void DeviceSettingsService::EnsureReload(bool force_key_load) {
|
| if (!pending_operations_.empty()) {
|
| pending_operations_.front()->set_username(username_);
|
| @@ -333,9 +574,8 @@ void DeviceSettingsService::EnsureReload(bool force_key_load) {
|
| }
|
|
|
| void DeviceSettingsService::StartNextOperation() {
|
| - if (!pending_operations_.empty() &&
|
| - session_manager_client_ &&
|
| - owner_key_util_.get()) {
|
| + if (!pending_operations_.empty() && session_manager_client_ &&
|
| + owner_key_util_.get() && processing_loop_enabled_) {
|
| pending_operations_.front()->Start(
|
| session_manager_client_, owner_key_util_, public_key_);
|
| }
|
| @@ -345,7 +585,7 @@ void DeviceSettingsService::HandleCompletedOperation(
|
| const base::Closure& callback,
|
| SessionManagerOperation* operation,
|
| Status status) {
|
| - DCHECK_EQ(operation, pending_operations_.front());
|
| + DCHECK_EQ(operation, pending_operations_.front().get());
|
| store_status_ = status;
|
|
|
| OwnershipStatus ownership_status = OWNERSHIP_UNKNOWN;
|
| @@ -412,7 +652,6 @@ void DeviceSettingsService::HandleCompletedOperation(
|
| // Only remove the pending operation here, so new operations triggered by any
|
| // of the callbacks above are queued up properly.
|
| pending_operations_.pop_front();
|
| - delete operation;
|
|
|
| StartNextOperation();
|
| }
|
| @@ -431,11 +670,6 @@ void DeviceSettingsService::HandleError(Status status,
|
| callback.Run();
|
| }
|
|
|
| -void DeviceSettingsService::OnSignAndStoreOperationCompleted(Status status) {
|
| - store_status_ = status;
|
| - FOR_EACH_OBSERVER(Observer, observers_, DeviceSettingsUpdated());
|
| -}
|
| -
|
| ScopedTestDeviceSettingsService::ScopedTestDeviceSettingsService() {
|
| DeviceSettingsService::Initialize();
|
| }
|
|
|
Chromium Code Reviews
Issue 654263003:
Implemented OwnerSettingsService::Set() method. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master