| OLD | NEW |
|---|
| 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. | 1 // Copyright (c) 2012 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" | 5 #include "chrome/browser/chromeos/policy/enrollment_handler_chromeos.h" |
| 6 | 6 |
| 7 #include "base/bind.h" | 7 #include "base/bind.h" |
| 8 #include "base/command_line.h" | 8 #include "base/command_line.h" |
| 9 #include "base/logging.h" | 9 #include "base/logging.h" |
| 10 #include "base/message_loop/message_loop.h" | 10 #include "base/message_loop/message_loop.h" |
| 11 #include "chrome/browser/browser_process.h" | 11 #include "chrome/browser/browser_process.h" |
| 12 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" | 12 #include "chrome/browser/chromeos/login/enrollment/auto_enrollment_controller.h" |
| 13 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h" |
| 13 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" | 14 #include "chrome/browser/chromeos/policy/device_cloud_policy_store_chromeos.h" |
| 14 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" | 15 #include "chrome/browser/chromeos/policy/proto/chrome_device_policy.pb.h" |
| 15 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" | 16 #include "chrome/browser/chromeos/policy/server_backed_state_keys_broker.h" |
| 17 #include "chrome/browser/chromeos/profiles/profile_helper.h" |
| 16 #include "chrome/browser/chromeos/settings/device_oauth2_token_service.h" | 18 #include "chrome/browser/chromeos/settings/device_oauth2_token_service.h" |
| 17 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h
" | 19 #include "chrome/browser/chromeos/settings/device_oauth2_token_service_factory.h
" |
| 18 #include "chrome/browser/chromeos/settings/device_settings_service.h" | 20 #include "chrome/browser/chromeos/settings/device_settings_service.h" |
| 21 #include "chrome/browser/profiles/profile.h" |
| 19 #include "chromeos/chromeos_switches.h" | 22 #include "chromeos/chromeos_switches.h" |
| 20 #include "google_apis/gaia/gaia_urls.h" | 23 #include "google_apis/gaia/gaia_urls.h" |
| 21 #include "net/http/http_status_code.h" | 24 #include "net/http/http_status_code.h" |
| 22 | 25 |
| 23 namespace em = enterprise_management; | 26 namespace em = enterprise_management; |
| 24 | 27 |
| 25 namespace policy { | 28 namespace policy { |
| 26 | 29 |
| 27 namespace { | 30 namespace { |
| 28 | 31 |
| 29 // Retry for InstallAttrs initialization every 500ms. | 32 // Retry for InstallAttrs initialization every 500ms. |
| 30 const int kLockRetryIntervalMs = 500; | 33 const int kLockRetryIntervalMs = 500; |
| 31 // Maximum time to retry InstallAttrs initialization before we give up. | 34 // Maximum time to retry InstallAttrs initialization before we give up. |
| 32 const int kLockRetryTimeoutMs = 10 * 60 * 1000; // 10 minutes. | 35 const int kLockRetryTimeoutMs = 10 * 60 * 1000; // 10 minutes. |
| 33 | 36 |
| 34 // Testing token used when the enrollment-skip-robot-auth is set to skip talking | 37 // Testing token used when the enrollment-skip-robot-auth is set to skip talking |
| 35 // to GAIA for an actual token. This is needed to be able to run against the | 38 // to GAIA for an actual token. This is needed to be able to run against the |
| 36 // testing DMServer implementations. | 39 // testing DMServer implementations. |
| 37 const char kTestingRobotToken[] = "test-token"; | 40 const char kTestingRobotToken[] = "test-token"; |
| 38 | 41 |
| 39 } // namespace | 42 } // namespace |
| 40 | 43 |
| 41 EnrollmentHandlerChromeOS::EnrollmentHandlerChromeOS( | 44 EnrollmentHandlerChromeOS::EnrollmentHandlerChromeOS( |
| 42 DeviceCloudPolicyStoreChromeOS* store, | 45 DeviceCloudPolicyStoreChromeOS* store, |
| 43 EnterpriseInstallAttributes* install_attributes, | 46 EnterpriseInstallAttributes* install_attributes, |
| 44 ServerBackedStateKeysBroker* state_keys_broker, | 47 ServerBackedStateKeysBroker* state_keys_broker, |
| 45 chromeos::DeviceSettingsService* device_settings_service, | 48 chromeos::DeviceSettingsService* device_settings_service, |
| 49 chromeos::OwnerSettingsServiceChromeOS* owner_settings_service, |
| 46 scoped_ptr<CloudPolicyClient> client, | 50 scoped_ptr<CloudPolicyClient> client, |
| 47 scoped_refptr<base::SequencedTaskRunner> background_task_runner, | 51 scoped_refptr<base::SequencedTaskRunner> background_task_runner, |
| 48 const std::string& auth_token, | 52 const std::string& auth_token, |
| 49 const std::string& client_id, | 53 const std::string& client_id, |
| 50 const std::string& requisition, | 54 const std::string& requisition, |
| 51 const AllowedDeviceModes& allowed_device_modes, | 55 const AllowedDeviceModes& allowed_device_modes, |
| 52 ManagementMode management_mode, | 56 ManagementMode management_mode, |
| 53 const EnrollmentCallback& completion_callback) | 57 const EnrollmentCallback& completion_callback) |
| 54 : store_(store), | 58 : store_(store), |
| 55 install_attributes_(install_attributes), | 59 install_attributes_(install_attributes), |
| 56 state_keys_broker_(state_keys_broker), | 60 state_keys_broker_(state_keys_broker), |
| 57 device_settings_service_(device_settings_service), | 61 device_settings_service_(device_settings_service), |
| 62 owner_settings_service_(owner_settings_service), |
| 58 client_(client.Pass()), | 63 client_(client.Pass()), |
| 59 background_task_runner_(background_task_runner), | 64 background_task_runner_(background_task_runner), |
| 60 auth_token_(auth_token), | 65 auth_token_(auth_token), |
| 61 client_id_(client_id), | 66 client_id_(client_id), |
| 62 requisition_(requisition), | 67 requisition_(requisition), |
| 63 allowed_device_modes_(allowed_device_modes), | 68 allowed_device_modes_(allowed_device_modes), |
| 64 management_mode_(management_mode), | 69 management_mode_(management_mode), |
| 65 completion_callback_(completion_callback), | 70 completion_callback_(completion_callback), |
| 66 device_mode_(DEVICE_MODE_NOT_SET), | 71 device_mode_(DEVICE_MODE_NOT_SET), |
| 67 enrollment_step_(STEP_PENDING), | 72 enrollment_step_(STEP_PENDING), |
| (...skipping 129 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 197 // again after the store finishes loading. | 202 // again after the store finishes loading. |
| 198 StartRegistration(); | 203 StartRegistration(); |
| 199 } else if (enrollment_step_ == STEP_STORE_POLICY) { | 204 } else if (enrollment_step_ == STEP_STORE_POLICY) { |
| 200 ReportResult(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)); | 205 ReportResult(EnrollmentStatus::ForStatus(EnrollmentStatus::STATUS_SUCCESS)); |
| 201 } | 206 } |
| 202 } | 207 } |
| 203 | 208 |
| 204 void EnrollmentHandlerChromeOS::OnStoreError(CloudPolicyStore* store) { | 209 void EnrollmentHandlerChromeOS::OnStoreError(CloudPolicyStore* store) { |
| 205 DCHECK_EQ(store_, store); | 210 DCHECK_EQ(store_, store); |
| 206 if (enrollment_step_ == STEP_STORE_TOKEN_AND_ID) { | 211 if (enrollment_step_ == STEP_STORE_TOKEN_AND_ID) { |
| 207 // Calling DeviceSettingsService::SetManagementSettings() on a non- | 212 // Calling OwnerSettingsServiceChromeOS::SetManagementSettings() |
| 208 // enterprise-managed device will trigger OnStoreError(), as | 213 // on a non- enterprise-managed device will fail as |
| 209 // DeviceCloudPolicyStore listens to all changes on DeviceSettingsService, | 214 // DeviceCloudPolicyStore listens to all changes on device |
| 210 // and it calls OnStoreError() when the device is not enterprise-managed. | 215 // settings, and it calls OnStoreError() when the device is not |
| 216 // enterprise-managed. |
| 211 return; | 217 return; |
| 212 } | 218 } |
| 213 ReportResult(EnrollmentStatus::ForStoreError(store_->status(), | 219 ReportResult(EnrollmentStatus::ForStoreError(store_->status(), |
| 214 store_->validation_status())); | 220 store_->validation_status())); |
| 215 } | 221 } |
| 216 | 222 |
| 217 void EnrollmentHandlerChromeOS::HandleStateKeysResult( | 223 void EnrollmentHandlerChromeOS::HandleStateKeysResult( |
| 218 const std::vector<std::string>& state_keys) { | 224 const std::vector<std::string>& state_keys) { |
| 219 CHECK_EQ(STEP_STATE_KEYS, enrollment_step_); | 225 CHECK_EQ(STEP_STATE_KEYS, enrollment_step_); |
| 220 | 226 |
| (...skipping 112 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 333 ReportResult( | 339 ReportResult( |
| 334 EnrollmentStatus::ForRobotRefreshFetchError(response_code)); | 340 EnrollmentStatus::ForRobotRefreshFetchError(response_code)); |
| 335 } | 341 } |
| 336 | 342 |
| 337 void EnrollmentHandlerChromeOS::StartLockDevice() { | 343 void EnrollmentHandlerChromeOS::StartLockDevice() { |
| 338 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); | 344 CHECK_EQ(STEP_LOCK_DEVICE, enrollment_step_); |
| 339 // Since this method is also called directly. | 345 // Since this method is also called directly. |
| 340 weak_ptr_factory_.InvalidateWeakPtrs(); | 346 weak_ptr_factory_.InvalidateWeakPtrs(); |
| 341 | 347 |
| 342 if (management_mode_ == MANAGEMENT_MODE_CONSUMER_MANAGED) { | 348 if (management_mode_ == MANAGEMENT_MODE_CONSUMER_MANAGED) { |
| 349 CHECK(owner_settings_service_); |
| 350 |
| 343 // Consumer device enrollment doesn't use install attributes. Instead, | 351 // Consumer device enrollment doesn't use install attributes. Instead, |
| 344 // we put the information in the owners settings. | 352 // we put the information in the owners settings. |
| 345 enrollment_step_ = STEP_STORE_TOKEN_AND_ID; | 353 enrollment_step_ = STEP_STORE_TOKEN_AND_ID; |
| 346 device_settings_service_->SetManagementSettings( | 354 chromeos::OwnerSettingsServiceChromeOS::ManagementSettings settings; |
| 347 em::PolicyData::CONSUMER_MANAGED, request_token_, device_id_, | 355 settings.management_mode = management_mode_; |
| 356 settings.request_token = request_token_; |
| 357 settings.device_id = device_id_; |
| 358 owner_settings_service_->SetManagementSettings( |
| 359 settings, |
| 348 base::Bind(&EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone, | 360 base::Bind(&EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone, |
| 349 weak_ptr_factory_.GetWeakPtr())); | 361 weak_ptr_factory_.GetWeakPtr())); |
| 350 } else { | 362 } else { |
| 351 install_attributes_->LockDevice( | 363 install_attributes_->LockDevice( |
| 352 username_, device_mode_, device_id_, | 364 username_, device_mode_, device_id_, |
| 353 base::Bind(&EnrollmentHandlerChromeOS::HandleLockDeviceResult, | 365 base::Bind(&EnrollmentHandlerChromeOS::HandleLockDeviceResult, |
| 354 weak_ptr_factory_.GetWeakPtr())); | 366 weak_ptr_factory_.GetWeakPtr())); |
| 355 } | 367 } |
| 356 } | 368 } |
| 357 | 369 |
| 358 void EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone() { | 370 void EnrollmentHandlerChromeOS::HandleSetManagementSettingsDone(bool success) { |
| 359 CHECK_EQ(STEP_STORE_TOKEN_AND_ID, enrollment_step_); | 371 CHECK_EQ(STEP_STORE_TOKEN_AND_ID, enrollment_step_); |
| 360 if (device_settings_service_->status() != | 372 if (!success) { |
| 361 chromeos::DeviceSettingsService::STORE_SUCCESS) { | |
| 362 ReportResult(EnrollmentStatus::ForStatus( | 373 ReportResult(EnrollmentStatus::ForStatus( |
| 363 EnrollmentStatus::STATUS_STORE_TOKEN_AND_ID_FAILED)); | 374 EnrollmentStatus::STATUS_STORE_TOKEN_AND_ID_FAILED)); |
| 364 return; | 375 return; |
| 365 } | 376 } |
| 366 | 377 |
| 367 StartStoreRobotAuth(); | 378 StartStoreRobotAuth(); |
| 368 } | 379 } |
| 369 | 380 |
| 370 void EnrollmentHandlerChromeOS::HandleLockDeviceResult( | 381 void EnrollmentHandlerChromeOS::HandleLockDeviceResult( |
| 371 EnterpriseInstallAttributes::LockResult lock_result) { | 382 EnterpriseInstallAttributes::LockResult lock_result) { |
| (...skipping 78 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... |
| 450 << ", validation: " << status.validation_status() | 461 << ", validation: " << status.validation_status() |
| 451 << ", store: " << status.store_status() | 462 << ", store: " << status.store_status() |
| 452 << ", lock: " << status.lock_status(); | 463 << ", lock: " << status.lock_status(); |
| 453 } | 464 } |
| 454 | 465 |
| 455 if (!callback.is_null()) | 466 if (!callback.is_null()) |
| 456 callback.Run(status); | 467 callback.Run(status); |
| 457 } | 468 } |
| 458 | 469 |
| 459 } // namespace policy | 470 } // namespace policy |
| OLD | NEW |
|---|
Chromium Code Reviews
Issue 769703003:
SetManagementSettings() is moved to OwnerSettingsServiceChromeOS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master