| OLD | NEW |
|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/system/device_disabling_manager.h" | 5 #include "chrome/browser/chromeos/system/device_disabling_manager.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/prefs/pref_service.h" | 10 #include "base/prefs/pref_service.h" |
| 11 #include "base/values.h" | 11 #include "base/values.h" |
| 12 #include "chrome/browser/browser_process.h" | 12 #include "chrome/browser/browser_process.h" |
| 13 #include "chrome/browser/browser_process_platform_part.h" |
| 14 #include "chrome/browser/chromeos/login/existing_user_controller.h" |
| 13 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" | 15 #include "chrome/browser/chromeos/policy/browser_policy_connector_chromeos.h" |
| 14 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" | 16 #include "chrome/browser/chromeos/policy/enterprise_install_attributes.h" |
| 15 #include "chrome/browser/chromeos/policy/server_backed_device_state.h" | 17 #include "chrome/browser/chromeos/policy/server_backed_device_state.h" |
| 16 #include "chrome/common/pref_names.h" | 18 #include "chrome/common/pref_names.h" |
| 17 #include "chromeos/chromeos_switches.h" | 19 #include "chromeos/chromeos_switches.h" |
| 20 #include "chromeos/settings/cros_settings_names.h" |
| 21 #include "chromeos/settings/cros_settings_provider.h" |
| 18 #include "components/policy/core/common/cloud/cloud_policy_constants.h" | 22 #include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| 23 #include "components/user_manager/user_manager.h" |
| 19 | 24 |
| 20 namespace chromeos { | 25 namespace chromeos { |
| 21 namespace system { | 26 namespace system { |
| 22 | 27 |
| 28 DeviceDisablingManager::Observer::~Observer() { |
| 29 } |
| 30 |
| 31 DeviceDisablingManager::Delegate::~Delegate() { |
| 32 } |
| 33 |
| 23 DeviceDisablingManager::DeviceDisablingManager( | 34 DeviceDisablingManager::DeviceDisablingManager( |
| 24 policy::BrowserPolicyConnectorChromeOS* browser_policy_connector) | 35 Delegate* delegate, |
| 25 : browser_policy_connector_(browser_policy_connector), | 36 CrosSettings* cros_settings, |
| 37 user_manager::UserManager* user_manager) |
| 38 : delegate_(delegate), |
| 39 browser_policy_connector_(g_browser_process->platform_part()-> |
| 40 browser_policy_connector_chromeos()), |
| 41 cros_settings_(cros_settings), |
| 42 user_manager_(user_manager), |
| 43 device_disabled_(false), |
| 26 weak_factory_(this) { | 44 weak_factory_(this) { |
| 45 CHECK(delegate_); |
| 46 Init(); |
| 27 } | 47 } |
| 28 | 48 |
| 29 DeviceDisablingManager::~DeviceDisablingManager() { | 49 DeviceDisablingManager::~DeviceDisablingManager() { |
| 30 } | 50 } |
| 31 | 51 |
| 52 void DeviceDisablingManager::AddObserver(Observer* observer) { |
| 53 observers_.AddObserver(observer); |
| 54 } |
| 55 |
| 56 void DeviceDisablingManager::RemoveObserver(Observer* observer) { |
| 57 observers_.RemoveObserver(observer); |
| 58 } |
| 59 |
| 60 void DeviceDisablingManager::Init() { |
| 61 if (CommandLine::ForCurrentProcess()->HasSwitch( |
| 62 switches::kDisableDeviceDisabling)) { |
| 63 // If device disabling is turned off by flags, do not start monitoring cros |
| 64 // settings. |
| 65 return; |
| 66 } |
| 67 |
| 68 device_disabled_subscription_ = cros_settings_->AddSettingsObserver( |
| 69 kDeviceDisabled, |
| 70 base::Bind(&DeviceDisablingManager::UpdateFromCrosSettings, |
| 71 weak_factory_.GetWeakPtr())); |
| 72 disabled_message_subscription_ = cros_settings_->AddSettingsObserver( |
| 73 kDeviceDisabledMessage, |
| 74 base::Bind(&DeviceDisablingManager::UpdateFromCrosSettings, |
| 75 weak_factory_.GetWeakPtr())); |
| 76 |
| 77 UpdateFromCrosSettings(); |
| 78 } |
| 79 |
| 80 void DeviceDisablingManager::CacheDisabledMessageAndNotify( |
| 81 const std::string& disabled_message) { |
| 82 if (disabled_message == disabled_message_) |
| 83 return; |
| 84 |
| 85 disabled_message_ = disabled_message; |
| 86 FOR_EACH_OBSERVER(Observer, |
| 87 observers_, |
| 88 OnDisabledMessageChanged(disabled_message_)); |
| 89 } |
| 90 |
| 32 void DeviceDisablingManager::CheckWhetherDeviceDisabledDuringOOBE( | 91 void DeviceDisablingManager::CheckWhetherDeviceDisabledDuringOOBE( |
| 33 const DeviceDisabledCheckCallback& callback) { | 92 const DeviceDisabledCheckCallback& callback) { |
| 34 if (policy::GetRestoreMode() != policy::RESTORE_MODE_DISABLED || | 93 if (policy::GetRestoreMode() != policy::RESTORE_MODE_DISABLED || |
| 35 CommandLine::ForCurrentProcess()->HasSwitch( | 94 CommandLine::ForCurrentProcess()->HasSwitch( |
| 36 switches::kDisableDeviceDisabling)) { | 95 switches::kDisableDeviceDisabling)) { |
| 37 // Indicate that the device is not disabled if it is not marked as such in | 96 // Indicate that the device is not disabled if it is not marked as such in |
| 38 // local state or device disabling has been turned off by flag. | 97 // local state or device disabling has been turned off by flag. |
| 39 callback.Run(false); | 98 callback.Run(false); |
| 40 return; | 99 return; |
| 41 } | 100 } |
| (...skipping 19 matching lines...) Expand all Loading... |
| 61 LOG(ERROR) << "CheckWhetherDeviceDisabledDuringOOBE() called after OOBE."; | 120 LOG(ERROR) << "CheckWhetherDeviceDisabledDuringOOBE() called after OOBE."; |
| 62 callback.Run(false); | 121 callback.Run(false); |
| 63 return; | 122 return; |
| 64 } | 123 } |
| 65 | 124 |
| 66 // The device is marked as disabled in local state (based on the device state | 125 // The device is marked as disabled in local state (based on the device state |
| 67 // retrieved early during OOBE). Since device disabling has not been turned | 126 // retrieved early during OOBE). Since device disabling has not been turned |
| 68 // off by flag and the device is still unowned, we honor the information in | 127 // off by flag and the device is still unowned, we honor the information in |
| 69 // local state and consider the device disabled. | 128 // local state and consider the device disabled. |
| 70 | 129 |
| 71 // Cache the disabled message. | 130 // Update the disabled message. |
| 72 disabled_message_.clear(); | 131 std::string disabled_message; |
| 73 g_browser_process->local_state()->GetDictionary( | 132 g_browser_process->local_state()->GetDictionary( |
| 74 prefs::kServerBackedDeviceState)->GetString( | 133 prefs::kServerBackedDeviceState)->GetString( |
| 75 policy::kDeviceStateDisabledMessage, | 134 policy::kDeviceStateDisabledMessage, |
| 76 &disabled_message_); | 135 &disabled_message); |
| 136 CacheDisabledMessageAndNotify(disabled_message); |
| 77 | 137 |
| 78 // Indicate that the device is disabled. | 138 // Indicate that the device is disabled. |
| 79 callback.Run(true); | 139 callback.Run(true); |
| 80 } | 140 } |
| 81 | 141 |
| 142 // static |
| 143 bool DeviceDisablingManager::HonorDeviceDisablingDuringNormalOperation() { |
| 144 // Device disabling should be honored when the device is enterprise managed |
| 145 // and device disabling has not been turned off by flag. |
| 146 return g_browser_process->platform_part()-> |
| 147 browser_policy_connector_chromeos()->IsEnterpriseManaged() && |
| 148 !CommandLine::ForCurrentProcess()->HasSwitch( |
| 149 switches::kDisableDeviceDisabling); |
| 150 } |
| 151 |
| 152 void DeviceDisablingManager::UpdateFromCrosSettings() { |
| 153 if (cros_settings_->PrepareTrustedValues(base::Bind( |
| 154 &DeviceDisablingManager::UpdateFromCrosSettings, |
| 155 weak_factory_.GetWeakPtr())) != CrosSettingsProvider::TRUSTED) { |
| 156 // If the cros settings are not trusted yet, request to be called back |
| 157 // later. |
| 158 return; |
| 159 } |
| 160 |
| 161 if (!HonorDeviceDisablingDuringNormalOperation()) { |
| 162 // If the device is not enterprise managed or device disabling has been |
| 163 // turned of by flag, device disabling is not available. |
| 164 return; |
| 165 } |
| 166 |
| 167 bool device_disabled = false; |
| 168 if (!cros_settings_->GetBoolean(kDeviceDisabled, &device_disabled) || |
| 169 !device_disabled) { |
| 170 if (!device_disabled_) { |
| 171 // If the device was not disabled and has not been disabled, there is |
| 172 // nothing to do. |
| 173 return; |
| 174 } |
| 175 device_disabled_ = false; |
| 176 |
| 177 // The device was disabled and has been re-enabled. Normal function should |
| 178 // be resumed. Since the device disabled screen abruptly interrupts the |
| 179 // regular login screen flows, Chrome should be restarted to return to a |
| 180 // well-defined state. |
| 181 delegate_->RestartToLoginScreen(); |
| 182 return; |
| 183 } |
| 184 |
| 185 // Update the disabled message. |
| 186 std::string disabled_message; |
| 187 cros_settings_->GetString(kDeviceDisabledMessage, &disabled_message); |
| 188 CacheDisabledMessageAndNotify(disabled_message); |
| 189 |
| 190 if (device_disabled_) { |
| 191 // If the device was disabled already, updating the disabled message is the |
| 192 // only action required. |
| 193 return; |
| 194 } |
| 195 device_disabled_ = true; |
| 196 |
| 197 const ExistingUserController* existing_user_controller = |
| 198 ExistingUserController::current_controller(); |
| 199 if (user_manager_->GetActiveUser() || |
| 200 (existing_user_controller && |
| 201 existing_user_controller->IsSigninInProgress())) { |
| 202 // If a session or a login is in progress, restart Chrome and return to the |
| 203 // login screen. Chrome will show the device disabled screen after the |
| 204 // restart. |
| 205 delegate_->RestartToLoginScreen(); |
| 206 return; |
| 207 } |
| 208 |
| 209 // If no session or login is in progress, show the device disabled screen. |
| 210 delegate_->ShowDeviceDisabledScreen(); |
| 211 } |
| 212 |
| 82 } // namespace system | 213 } // namespace system |
| 83 } // namespace chromeos | 214 } // namespace chromeos |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 711433002:
Enable device disabling during normal operation (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@f_4_425574_add_device_disabling_manager