Chromium Code Reviews Chromium Code Reviews
Issue 769703003:
SetManagementSettings() is moved to OwnerSettingsServiceChromeOS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| OLD | NEW |
|---|---|
| 1 // Copyright 2014 The Chromium Authors. All rights reserved. | 1 // Copyright 2014 The Chromium Authors. All rights reserved. |
| 2 // Use of this source code is governed by a BSD-style license that can be | 2 // Use of this source code is governed by a BSD-style license that can be |
| 3 // found in the LICENSE file. | 3 // found in the LICENSE file. |
| 4 | 4 |
| 5 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h" | 5 #include "chrome/browser/chromeos/ownership/owner_settings_service_chromeos.h" |
| 6 | 6 |
| 7 #include <string> | 7 #include <string> |
| 8 | 8 |
| 9 #include "base/bind.h" | 9 #include "base/bind.h" |
| 10 #include "base/bind_helpers.h" | 10 #include "base/bind_helpers.h" |
| (...skipping 130 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 141 scoped_refptr<base::TaskRunner> task_runner = | 141 scoped_refptr<base::TaskRunner> task_runner = |
| 142 BrowserThread::GetBlockingPool()->GetTaskRunnerWithShutdownBehavior( | 142 BrowserThread::GetBlockingPool()->GetTaskRunnerWithShutdownBehavior( |
| 143 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); | 143 base::SequencedWorkerPool::SKIP_ON_SHUTDOWN); |
| 144 base::PostTaskAndReplyWithResult( | 144 base::PostTaskAndReplyWithResult( |
| 145 task_runner.get(), | 145 task_runner.get(), |
| 146 FROM_HERE, | 146 FROM_HERE, |
| 147 base::Bind(&DoesPrivateKeyExistAsyncHelper, owner_key_util), | 147 base::Bind(&DoesPrivateKeyExistAsyncHelper, owner_key_util), |
| 148 callback); | 148 callback); |
| 149 } | 149 } |
| 150 | 150 |
| 151 // Returns true if it is okay to transfer from the current mode to the new | |
| 152 // mode. This function should be called in SetManagementMode(). | |
| 153 bool CheckManagementModeTransition(em::PolicyData::ManagementMode current_mode, | |
| 154 em::PolicyData::ManagementMode new_mode) { | |
| 155 // Mode is not changed. | |
| 156 if (current_mode == new_mode) | |
| 157 return true; | |
| 158 | |
| 159 switch (current_mode) { | |
| 160 case em::PolicyData::LOCAL_OWNER: | |
| 161 // For consumer management enrollment. | |
| 162 return new_mode == em::PolicyData::CONSUMER_MANAGED; | |
| 163 | |
| 164 case em::PolicyData::ENTERPRISE_MANAGED: | |
| 165 // Management mode cannot be set when it is currently ENTERPRISE_MANAGED. | |
| 166 return false; | |
| 167 | |
| 168 case em::PolicyData::CONSUMER_MANAGED: | |
| 169 // For consumer management unenrollment. | |
| 170 return new_mode == em::PolicyData::LOCAL_OWNER; | |
| 171 } | |
| 172 | |
| 173 NOTREACHED(); | |
| 174 return false; | |
| 175 } | |
| 176 | |
| 151 } // namespace | 177 } // namespace |
| 152 | 178 |
| 179 OwnerSettingsServiceChromeOS::ManagementSettingsSetRequest:: | |
| 180 ManagementSettingsSetRequest() { | |
| 181 } | |
| 182 | |
| 183 OwnerSettingsServiceChromeOS::ManagementSettingsSetRequest:: | |
| 184 ~ManagementSettingsSetRequest() { | |
| 185 } | |
| 186 | |
| 153 OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS( | 187 OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS( |
| 154 DeviceSettingsService* device_settings_service, | 188 DeviceSettingsService* device_settings_service, |
| 155 Profile* profile, | 189 Profile* profile, |
| 156 const scoped_refptr<OwnerKeyUtil>& owner_key_util) | 190 const scoped_refptr<OwnerKeyUtil>& owner_key_util) |
| 157 : ownership::OwnerSettingsService(owner_key_util), | 191 : ownership::OwnerSettingsService(owner_key_util), |
| 158 device_settings_service_(device_settings_service), | 192 device_settings_service_(device_settings_service), |
| 159 profile_(profile), | 193 profile_(profile), |
| 160 waiting_for_profile_creation_(true), | 194 waiting_for_profile_creation_(true), |
| 161 waiting_for_tpm_token_(true), | 195 waiting_for_tpm_token_(true), |
| 162 weak_factory_(this), | 196 weak_factory_(this), |
| (...skipping 119 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 282 | 316 |
| 283 void OwnerSettingsServiceChromeOS::DeviceSettingsUpdated() { | 317 void OwnerSettingsServiceChromeOS::DeviceSettingsUpdated() { |
| 284 DCHECK(thread_checker_.CalledOnValidThread()); | 318 DCHECK(thread_checker_.CalledOnValidThread()); |
| 285 StorePendingChanges(); | 319 StorePendingChanges(); |
| 286 } | 320 } |
| 287 | 321 |
| 288 void OwnerSettingsServiceChromeOS::OnDeviceSettingsServiceShutdown() { | 322 void OwnerSettingsServiceChromeOS::OnDeviceSettingsServiceShutdown() { |
| 289 device_settings_service_ = nullptr; | 323 device_settings_service_ = nullptr; |
| 290 } | 324 } |
| 291 | 325 |
| 326 void OwnerSettingsServiceChromeOS::SetManagementSettings( | |
| 327 const ManagementSettingsSetRequest& request) { | |
| 328 if (!IsOwner() && !IsOwnerInTests(user_id_)) { | |
| 329 if (!request.callback.is_null()) | |
| 330 request.callback.Run(false /* success */); | |
| 331 return; | |
| 332 } | |
| 333 pending_management_settings_set_requests_.push_back(request); | |
| 334 StorePendingChanges(); | |
| 335 } | |
| 336 | |
| 292 // static | 337 // static |
| 293 void OwnerSettingsServiceChromeOS::IsOwnerForSafeModeAsync( | 338 void OwnerSettingsServiceChromeOS::IsOwnerForSafeModeAsync( |
| 294 const std::string& user_hash, | 339 const std::string& user_hash, |
| 295 const scoped_refptr<OwnerKeyUtil>& owner_key_util, | 340 const scoped_refptr<OwnerKeyUtil>& owner_key_util, |
| 296 const IsOwnerCallback& callback) { | 341 const IsOwnerCallback& callback) { |
| 297 CHECK(chromeos::LoginState::Get()->IsInSafeMode()); | 342 CHECK(chromeos::LoginState::Get()->IsInSafeMode()); |
| 298 | 343 |
| 299 // Make sure NSS is initialized and NSS DB is loaded for the user before | 344 // Make sure NSS is initialized and NSS DB is loaded for the user before |
| 300 // searching for the owner key. | 345 // searching for the owner key. |
| 301 BrowserThread::PostTaskAndReply( | 346 BrowserThread::PostTaskAndReply( |
| (...skipping 308 matching lines...) Expand 10 before | Expand all | Expand 10 after Loading... | |
| 610 } else { | 655 } else { |
| 611 return; | 656 return; |
| 612 } | 657 } |
| 613 | 658 |
| 614 for (const auto& change : pending_changes_) | 659 for (const auto& change : pending_changes_) |
| 615 UpdateDeviceSettings(change.first, *change.second, settings); | 660 UpdateDeviceSettings(change.first, *change.second, settings); |
| 616 pending_changes_.clear(); | 661 pending_changes_.clear(); |
| 617 | 662 |
| 618 scoped_ptr<em::PolicyData> policy = AssemblePolicy( | 663 scoped_ptr<em::PolicyData> policy = AssemblePolicy( |
| 619 user_id_, device_settings_service_->policy_data(), &settings); | 664 user_id_, device_settings_service_->policy_data(), &settings); |
| 665 | |
| 666 pending_callbacks_.clear(); | |
| 667 for (const auto& change : pending_management_settings_set_requests_) { | |
| 668 em::PolicyData::ManagementMode current_mode = em::PolicyData::LOCAL_OWNER; | |
| 669 if (policy->has_management_mode()) | |
| 670 current_mode = policy->management_mode(); | |
|
Mattias Nissler (ping if slow)
2014/12/02 08:52:40
I think the preceding 3 lines should use David's n
ygorshenin1
2014/12/02 19:18:58
Done.
| |
| 671 if (!CheckManagementModeTransition(current_mode, change.management_mode)) { | |
| 672 LOG(ERROR) << "Invalid management mode transition: current mode = " | |
| 673 << current_mode << ", new mode = " << change.management_mode; | |
| 674 if (!change.callback.is_null()) | |
| 675 change.callback.Run(false /* success */); | |
| 676 continue; | |
| 677 } | |
| 678 policy->set_management_mode(change.management_mode); | |
| 679 policy->set_request_token(change.request_token); | |
| 680 policy->set_device_id(change.device_id); | |
| 681 pending_callbacks_.push_back(change.callback); | |
| 682 } | |
| 683 pending_management_settings_set_requests_.clear(); | |
| 684 | |
| 620 bool rv = AssembleAndSignPolicyAsync( | 685 bool rv = AssembleAndSignPolicyAsync( |
| 621 content::BrowserThread::GetBlockingPool(), policy.Pass(), | 686 content::BrowserThread::GetBlockingPool(), policy.Pass(), |
| 622 base::Bind(&OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned, | 687 base::Bind(&OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned, |
| 623 store_settings_factory_.GetWeakPtr())); | 688 store_settings_factory_.GetWeakPtr())); |
| 624 if (!rv) | 689 if (!rv) |
| 625 ReportStatusAndContinueStoring(false /* success */); | 690 ReportStatusAndContinueStoring(false /* success */); |
| 626 } | 691 } |
| 627 | 692 |
| 628 void OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned( | 693 void OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned( |
| 629 scoped_ptr<em::PolicyFetchResponse> policy_response) { | 694 scoped_ptr<em::PolicyFetchResponse> policy_response) { |
| 630 if (!policy_response.get() || !device_settings_service_) { | 695 if (!policy_response.get() || !device_settings_service_) { |
| 631 ReportStatusAndContinueStoring(false /* success */); | 696 ReportStatusAndContinueStoring(false /* success */); |
| 632 return; | 697 return; |
| 633 } | 698 } |
| 634 device_settings_service_->Store( | 699 device_settings_service_->Store( |
| 635 policy_response.Pass(), | 700 policy_response.Pass(), |
| 636 base::Bind(&OwnerSettingsServiceChromeOS::OnSignedPolicyStored, | 701 base::Bind(&OwnerSettingsServiceChromeOS::OnSignedPolicyStored, |
| 637 store_settings_factory_.GetWeakPtr(), | 702 store_settings_factory_.GetWeakPtr(), |
| 638 true /* success */)); | 703 true /* success */)); |
| 639 } | 704 } |
| 640 | 705 |
| 641 void OwnerSettingsServiceChromeOS::OnSignedPolicyStored(bool success) { | 706 void OwnerSettingsServiceChromeOS::OnSignedPolicyStored(bool success) { |
| 642 CHECK(device_settings_service_); | 707 CHECK(device_settings_service_); |
| 643 ReportStatusAndContinueStoring(success && | 708 ReportStatusAndContinueStoring(success && |
| 644 device_settings_service_->status() != | 709 device_settings_service_->status() == |
| 645 DeviceSettingsService::STORE_SUCCESS); | 710 DeviceSettingsService::STORE_SUCCESS); |
| 646 } | 711 } |
| 647 | 712 |
| 648 void OwnerSettingsServiceChromeOS::ReportStatusAndContinueStoring( | 713 void OwnerSettingsServiceChromeOS::ReportStatusAndContinueStoring( |
| 649 bool success) { | 714 bool success) { |
| 650 store_settings_factory_.InvalidateWeakPtrs(); | 715 store_settings_factory_.InvalidateWeakPtrs(); |
| 651 FOR_EACH_OBSERVER(OwnerSettingsService::Observer, observers_, | 716 FOR_EACH_OBSERVER(OwnerSettingsService::Observer, observers_, |
| 652 OnSignedPolicyStored(success)); | 717 OnSignedPolicyStored(success)); |
| 718 for (const auto& callback : pending_callbacks_) { | |
| 719 if (!callback.is_null()) | |
| 720 callback.Run(success); | |
| 721 } | |
| 653 StorePendingChanges(); | 722 StorePendingChanges(); |
| 654 } | 723 } |
| 655 | 724 |
| 656 } // namespace chromeos | 725 } // namespace chromeos |
| OLD | NEW |
