Chromium Code Reviews Chromium Code Reviews
Issue 769703003:
SetManagementSettings() is moved to OwnerSettingsServiceChromeOS. (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc |
| diff --git a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc |
| index f2b266485a86e94be1f639cba479736e2fecb1c3..a58ec20e3fe1462c057eea213723edc44727f35b 100644 |
| --- a/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc |
| +++ b/chrome/browser/chromeos/ownership/owner_settings_service_chromeos.cc |
| @@ -22,7 +22,6 @@ |
| #include "chromeos/dbus/dbus_thread_manager.h" |
| #include "chromeos/tpm_token_loader.h" |
| #include "components/ownership/owner_key_util.h" |
| -#include "components/policy/core/common/cloud/cloud_policy_constants.h" |
| #include "components/user_manager/user.h" |
| #include "content/public/browser/browser_thread.h" |
| #include "content/public/browser/notification_details.h" |
| @@ -148,8 +147,40 @@ void DoesPrivateKeyExistAsync( |
| callback); |
| } |
| +// Returns true if it is okay to transfer from the current mode to the new |
| +// mode. This function should be called in SetManagementMode(). |
| +bool CheckManagementModeTransition(policy::ManagementMode current_mode, |
| + policy::ManagementMode new_mode) { |
| + // Mode is not changed. |
| + if (current_mode == new_mode) |
| + return true; |
| + |
| + switch (current_mode) { |
| + case policy::MANAGEMENT_MODE_LOCAL_OWNER: |
| + // For consumer management enrollment. |
| + return new_mode == policy::MANAGEMENT_MODE_CONSUMER_MANAGED; |
| + |
| + case policy::MANAGEMENT_MODE_ENTERPRISE_MANAGED: |
| + // Management mode cannot be set when it is currently ENTERPRISE_MANAGED. |
| + return false; |
| + |
| + case policy::MANAGEMENT_MODE_CONSUMER_MANAGED: |
| + // For consumer management unenrollment. |
| + return new_mode == policy::MANAGEMENT_MODE_LOCAL_OWNER; |
| + } |
| + |
| + NOTREACHED(); |
| + return false; |
| +} |
| + |
| } // namespace |
| +OwnerSettingsServiceChromeOS::ManagementSettings::ManagementSettings() { |
| +} |
| + |
| +OwnerSettingsServiceChromeOS::ManagementSettings::~ManagementSettings() { |
| +} |
| + |
| OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS( |
| DeviceSettingsService* device_settings_service, |
| Profile* profile, |
| @@ -159,6 +190,7 @@ OwnerSettingsServiceChromeOS::OwnerSettingsServiceChromeOS( |
| profile_(profile), |
| waiting_for_profile_creation_(true), |
| waiting_for_tpm_token_(true), |
| + has_pending_management_settings_(false), |
| weak_factory_(this), |
| store_settings_factory_(this) { |
| if (TPMTokenLoader::IsInitialized()) { |
| @@ -289,6 +321,38 @@ void OwnerSettingsServiceChromeOS::OnDeviceSettingsServiceShutdown() { |
| device_settings_service_ = nullptr; |
| } |
| +void OwnerSettingsServiceChromeOS::SetManagementSettings( |
| + const ManagementSettings& settings, |
| + const OnManagementSettingsSetCallback& callback) { |
| + if ((!IsOwner() && !IsOwnerInTests(user_id_))) { |
| + if (!callback.is_null()) |
| + callback.Run(false /* success */); |
| + return; |
| + } |
| + |
| + policy::ManagementMode current_mode = policy::MANAGEMENT_MODE_LOCAL_OWNER; |
| + if (has_pending_management_settings_) { |
| + current_mode = pending_management_settings_.management_mode; |
| + } else if (device_settings_service_ && |
| + device_settings_service_->policy_data()) { |
| + current_mode = |
| + policy::GetManagementMode(*device_settings_service_->policy_data()); |
| + } |
| + |
| + if (!CheckManagementModeTransition(current_mode, settings.management_mode)) { |
| + LOG(ERROR) << "Invalid management mode transition: current mode = " |
| + << current_mode << ", new mode = " << settings.management_mode; |
| + if (!callback.is_null()) |
| + callback.Run(false /* success */); |
| + return; |
| + } |
| + |
| + pending_management_settings_ = settings; |
| + has_pending_management_settings_ = true; |
| + pending_management_settings_callbacks_.push_back(callback); |
| + StorePendingChanges(); |
| +} |
| + |
| // static |
| void OwnerSettingsServiceChromeOS::IsOwnerForSafeModeAsync( |
| const std::string& user_hash, |
| @@ -617,6 +681,15 @@ void OwnerSettingsServiceChromeOS::StorePendingChanges() { |
| scoped_ptr<em::PolicyData> policy = AssemblePolicy( |
| user_id_, device_settings_service_->policy_data(), &settings); |
| + |
| + if (has_pending_management_settings_) { |
| + policy::SetManagementMode(*policy, |
| + pending_management_settings_.management_mode); |
| + policy->set_request_token(pending_management_settings_.request_token); |
| + policy->set_device_id(pending_management_settings_.device_id); |
| + } |
| + has_pending_management_settings_ = false; |
| + |
| bool rv = AssembleAndSignPolicyAsync( |
| content::BrowserThread::GetBlockingPool(), policy.Pass(), |
| base::Bind(&OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned, |
| @@ -641,7 +714,7 @@ void OwnerSettingsServiceChromeOS::OnPolicyAssembledAndSigned( |
| void OwnerSettingsServiceChromeOS::OnSignedPolicyStored(bool success) { |
| CHECK(device_settings_service_); |
| ReportStatusAndContinueStoring(success && |
| - device_settings_service_->status() != |
| + device_settings_service_->status() == |
| DeviceSettingsService::STORE_SUCCESS); |
| } |
| @@ -650,6 +723,11 @@ void OwnerSettingsServiceChromeOS::ReportStatusAndContinueStoring( |
| store_settings_factory_.InvalidateWeakPtrs(); |
| FOR_EACH_OBSERVER(OwnerSettingsService::Observer, observers_, |
| OnSignedPolicyStored(success)); |
| + for (const auto& callback : pending_management_settings_callbacks_) { |
|
Mattias Nissler (ping if slow)
2014/12/04 13:05:46
Suggestion: Declare a temporary callbacks vector,
ygorshenin1
2014/12/05 09:31:48
Thanks for the suggestion! Done.
|
| + if (!callback.is_null()) |
| + callback.Run(success); |
| + } |
| + pending_management_settings_callbacks_.clear(); |
| StorePendingChanges(); |
| } |
